epan/dissectors/packet-ayiya.c

   1 /* packet-ayiya.c
   2  * Anything in Anything protocol
   3  * Copyright 2008, Jelmer Vernooij <jelmer@samba.org>
   4  *
   5  * Wireshark - Network traffic analyzer
   6  * By Gerald Combs <gerald@wireshark.org>
   7  * Copyright 1998 Gerald Combs
   8  *
   9  * SPDX-License-Identifier: GPL-2.0-or-later
  10  *
  11  * ref: http://unfix.org/~jeroen/archive/drafts/draft-massar-v6ops-ayiya-02.html#anchor4
  12  */
  13
  14 #include "config.h"
  15
  16 #include <epan/packet.h>
  17 #include <epan/ipproto.h>
  18
  19 void proto_register_ayiya(void);
  20 void proto_reg_handoff_ayiya(void);
  21
  22 static dissector_table_t ip_dissector_table;
  23
  24 static int proto_ayiya = -1;
  25 static int hf_id_len = -1;
  26 static int hf_id_type = -1;
  27 static int hf_sig_len = -1;
  28 static int hf_hash_method = -1;
  29 static int hf_auth_method = -1;
  30 static int hf_opcode = -1;
  31 static int hf_next_header = -1;
  32 static int hf_epoch = -1;
  33 static int hf_identity = -1;
  34 static int hf_signature = -1;
  35
  36 static gint ett_ayiya = -1;
  37
  38 static dissector_handle_t ayiya_handle = NULL;
  39
  40 static const value_string identity_types[] = {
  41     { 0x0, "None" },
  42     { 0x1, "Integer" },
  43     { 0x2, "ASCII string" },
  44     { 0, NULL }
  45 };
  46
  47 static const value_string hash_methods[] = {
  48     { 0x0, "No hash" },
  49     { 0x1, "MD5" },
  50     { 0x2, "SHA1" },
  51     { 0, NULL }
  52 };
  53
  54 static const value_string auth_methods[] = {
  55     { 0x0, "No authentication" },
  56     { 0x1, "Hash using a Shared Secret" },
  57     { 0x2, "Hash using a public/private key method" },
  58     { 0, NULL }
  59 };
  60
  61 #define OPCODE_FORWARD 1
  62
  63 static const value_string opcodes[] = {
  64     { 0x0, "No Operation / Heartbeat" },
  65     { 0x1, "Forward" },
  66     { 0x2, "Echo Request" },
  67     { 0x3, "Echo Request and Forward" },
  68     { 0x4, "Echo Response" },
  69     { 0x5, "MOTD" },
  70     { 0x6, "Query Request" },
  71     { 0x7, "Query Response" },
  72     { 0, NULL }
  73 };
  74
  75 #define UDP_PORT_AYIYA          5072
  76
  77 static int
  78 dissect_ayiya(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
  79 {
  80     proto_tree *ayiya_tree;
  81     int offset = 0;
  82     int idlen, siglen, ayiya_len;
  83     guint8 next_header, opcode;
  84     tvbuff_t *payload;
  85
  86     idlen = 1 << tvb_get_bits8(tvb, 0, 4);
  87     siglen = tvb_get_bits8(tvb, 8, 4) * 4;
  88     opcode = tvb_get_bits8(tvb, 20, 4);
  89     next_header = tvb_get_guint8(tvb, 3);
  90
  91     ayiya_len = 8+idlen+siglen;
  92
  93     col_set_str(pinfo->cinfo, COL_PROTOCOL, "AYIYA");
  94
  95     if (tree) {
  96         proto_item *ti;
  97         ti = proto_tree_add_protocol_format( tree, proto_ayiya, tvb,
  98                                              offset, ayiya_len, "AYIYA" );
  99         ayiya_tree = proto_item_add_subtree(ti, ett_ayiya);
 100
 101         proto_tree_add_bits_item(ayiya_tree, hf_id_len, tvb, 0, 4, ENC_BIG_ENDIAN);
 102         proto_tree_add_bits_item(ayiya_tree, hf_id_type, tvb, 4, 4, ENC_BIG_ENDIAN);
 103         proto_tree_add_bits_item(ayiya_tree, hf_sig_len, tvb, 8, 4, ENC_BIG_ENDIAN);
 104         proto_tree_add_bits_item(ayiya_tree, hf_hash_method, tvb, 12, 4, ENC_BIG_ENDIAN);
 105         proto_tree_add_bits_item(ayiya_tree, hf_auth_method, tvb, 16, 4, ENC_BIG_ENDIAN);
 106         proto_tree_add_bits_item(ayiya_tree, hf_opcode, tvb, 20, 4, ENC_BIG_ENDIAN);
 107         proto_tree_add_uint_format_value(ayiya_tree, hf_next_header, tvb,
 108                                    3, 1, next_header,
 109                                    "%s (0x%02x)",
 110                                    ipprotostr(next_header), next_header);
 111         proto_tree_add_item(ayiya_tree, hf_epoch, tvb, 4, 4, ENC_TIME_SECS|ENC_BIG_ENDIAN);
 112         proto_tree_add_item(ayiya_tree, hf_identity, tvb, 8, idlen, ENC_NA);
 113         proto_tree_add_item(ayiya_tree, hf_signature, tvb, 8+idlen, siglen, ENC_NA);
 114     }
 115     offset = ayiya_len;
 116     switch (opcode) {
 117     case OPCODE_FORWARD:
 118         payload = tvb_new_subset_remaining(tvb, offset);
 119         dissector_try_uint(ip_dissector_table, next_header, payload, pinfo, tree);
 120         break;
 121     }
 122
 123     return tvb_captured_length(tvb);
 124 }
 125
 126 void
 127 proto_register_ayiya(void)
 128 {
 129     static hf_register_info hf[] = {
 130         { &hf_id_len,
 131           { "Identity field length", "ayiya.idlen", FT_UINT8,
 132             BASE_HEX, NULL, 0x0, NULL, HFILL
 133           }
 134         },
 135         { &hf_id_type,
 136           { "Identity field type", "ayiya.idtype", FT_UINT8,
 137             BASE_HEX, VALS(identity_types), 0x0, NULL, HFILL
 138           }
 139         },
 140         { &hf_sig_len,
 141           { "Signature Length", "ayiya.siglen", FT_UINT8,
 142             BASE_HEX, NULL, 0x0, NULL, HFILL
 143           }
 144         },
 145         { &hf_hash_method,
 146           { "Hash method", "ayiya.hashmethod", FT_UINT8,
 147             BASE_HEX, VALS(hash_methods), 0x0, NULL, HFILL
 148           }
 149         },
 150         { &hf_auth_method,
 151           { "Authentication method", "ayiya.authmethod", FT_UINT8,
 152             BASE_HEX, VALS(auth_methods), 0x0, NULL, HFILL
 153           }
 154         },
 155         { &hf_opcode,
 156           { "Operation Code", "ayiya.opcode", FT_UINT8,
 157             BASE_HEX, VALS(opcodes), 0x0, NULL, HFILL
 158           }
 159         },
 160         { &hf_next_header,
 161           { "Next Header", "ayiya.nextheader", FT_UINT8,
 162             BASE_HEX, NULL, 0x0, NULL, HFILL
 163           }
 164         },
 165         { &hf_epoch,
 166           { "Epoch", "ayiya.epoch", FT_ABSOLUTE_TIME,
 167             ABSOLUTE_TIME_LOCAL, NULL, 0x0, NULL, HFILL
 168           }
 169         },
 170         { &hf_identity,
 171           { "Identity", "ayiya.identity", FT_BYTES,
 172             BASE_NONE, NULL, 0x0, NULL, HFILL
 173           }
 174         },
 175         { &hf_signature,
 176           { "Signature", "ayiya.signature", FT_BYTES,
 177             BASE_NONE, NULL, 0x0, NULL, HFILL
 178           }
 179         },
 180     };
 181     static gint *ett[] = {
 182         &ett_ayiya,
 183     };
 184
 185     proto_ayiya = proto_register_protocol("Anything in Anything Protocol",
 186                           "AYIYA", "ayiya");
 187     ayiya_handle = register_dissector("ayiya", dissect_ayiya, proto_ayiya);
 188     proto_register_field_array(proto_ayiya, hf, array_length(hf));
 189     proto_register_subtree_array(ett, array_length(ett));
 190 }
 191
 192 void
 193 proto_reg_handoff_ayiya(void)
 194 {
 195     dissector_add_uint_with_preference("udp.port", UDP_PORT_AYIYA, ayiya_handle);
 196
 197     ip_dissector_table = find_dissector_table("ip.proto");
 198 }
 199
 200 /*
 201  * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
 202  *
 203  * Local variables:
 204  * c-basic-offset: 4
 205  * tab-width: 8
 206  * indent-tabs-mode: nil
 207  * End:
 208  *
 209  * vi: set shiftwidth=4 tabstop=8 expandtab:
 210  * :indentSize=4:tabSize=8:noTabs=true:
 211  */