2 * Routines for OPSI protocol dissection
3 * Copyright 2004, Laurent Rabret (France Telecom R&D) <laurent.rabret@i.hate.spams.org>
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 2
12 * of the License, or (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 #include <epan/packet.h>
29 #include <epan/prefs.h>
30 #include <epan/expert.h>
32 #include "packet-tcp.h"
34 void proto_register_opsi(void);
35 void proto_reg_handoff_opsi(void);
37 /* TCP destination port dedicated to the OPSI protocol */
38 #define TCP_PORT_OPSI 4002
40 /* Information position in OPSI header */
41 #define MAJOR_VERSION_OFFSET 0
42 #define MINOR_VERSION_OFFSET 1
44 #define HOOK_ID_OFFSET 3
45 #define PACKET_LENGTH_OFFSET 4
46 #define SESSION_OFFSET 6
48 #define HEADER_LENGTH 8
51 /* Valid OPSI code values */
52 #define DISCOVER_REQUEST 1
53 #define DISCOVER_RESPONSE 2
54 #define SERVICE_REQUEST 3
55 #define SERVICE_ACCEPT 4
56 #define SERVICE_REJECT 5
57 #define TERMINATE_REQUEST 6
59 /* Internal structure to dissect attributes */
61 guint16 attribute_type; /* attribute code */
62 const char *tree_text; /* text for fold out */
63 gint *tree_id; /* id for add_item */
64 int* hf_type_attribute; /* id for seach option */
65 void (*dissect)(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item,
66 int* hfValue, int offset, int length);
67 } opsi_attribute_handle_t;
70 /* Attributes codes */
71 #define USER_NAME_ATTRIBUTE 1
72 #define USER_PASSWD_ATTRIBUTE 2
73 #define CHAP_PASSWD_ATTRIBUTE 3
74 #define NAS_IP_ADDRESS_ATTRIBUTE 4
75 #define NAS_PORT_ATTRIBUTE 5
76 #define SERVICE_TYPE_ATTRIBUTE 6
77 #define FRAMED_PROTOCOL_ATTRIBUTE 7
78 #define FRAMED_ADDRESS_ATTRIBUTE 8
79 #define FRAMED_NETMASK_ATTRIBUTE 9
80 #define FRAMED_ROUTING_ATTRIBUTE 10
81 #define FRAMED_FILTER_ATTRIBUTE 11
82 #define FRAMED_MTU_ATTRIBUTE 12
83 #define FRAMED_COMPRESSION_ATTRIBUTE 13
84 #define CALLED_STATION_ID_ATTRIBUTE 30
85 #define CALLING_STATION_ID_ATTRIBUTE 31
86 #define NAS_IDENTIFIER 32
87 #define ACCOUNTING_40_ATTRIBUTE 40
88 #define ACCOUNTING_41_ATTRIBUTE 41
89 #define ACCOUNTING_42_ATTRIBUTE 42
90 #define ACCOUNTING_43_ATTRIBUTE 43
91 #define ACCOUNTING_SESSION_ID_ATTRIBUTE 44
92 #define ACCOUNTING_45_ATTRIBUTE 45
93 #define ACCOUNTING_46_ATTRIBUTE 46
94 #define ACCOUNTING_47_ATTRIBUTE 47
95 #define ACCOUNTING_48_ATTRIBUTE 48
96 #define ACCOUNTING_49_ATTRIBUTE 49
97 #define ACCOUNTING_50_ATTRIBUTE 50
98 #define ACCOUNTING_51_ATTRIBUTE 51
99 #define ACCOUNTING_52_ATTRIBUTE 52
100 #define ACCOUNTING_53_ATTRIBUTE 53
101 #define ACCOUNTING_54_ATTRIBUTE 54
102 #define ACCOUNTING_55_ATTRIBUTE 55
103 #define ACCOUNTING_56_ATTRIBUTE 56
104 #define ACCOUNTING_57_ATTRIBUTE 57
105 #define ACCOUNTING_58_ATTRIBUTE 58
106 #define ACCOUNTING_59_ATTRIBUTE 59
107 #define CHAP_CHALLENGE_ATTRIBUTE 60
108 #define NAS_PORT_TYPE_ATTRIBUTE 61
109 #define DESIGNATION_NUMBER_ATTRIBUTE 77
110 #define NAS_PORT_ID_ATTRIBUTE 87
112 #define SMC_AAAID_ATTRIBUTE 651
113 #define SMC_VPNID_ATTRIBUTE 652
114 #define SMC_VPNNAME_ATTRIBUTE 653
115 #define SMC_RANID_ATTRIBUTE 654
116 #define SMC_RANIP_ATTRIBUTE 655
117 #define SMC_RANNAME_ATTRIBUTE 656
118 #define SMC_POPID_ATTRIBUTE 657
119 #define SMC_POPNAME_ATTRIBUTE 658
120 #define SMC_SMCID_ATTRIBUTE 659
121 #define SMC_RECEIVE_TIME_ATTRIBUTE 660
122 #define SMC_STAT_TIME_ATTRIBUTE 661
124 #define OPSI_FLAGS_ATTRIBUTE 674
125 #define OPSI_APPLICATION_NAME_ATTRIBUTE 675
128 * Published API functions. NOTE, "local" API functions
129 * only valid from the packet-opsi file.
131 static void decode_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
132 static void decode_ipv4_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
133 static void decode_longint_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
134 static void decode_value_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
135 static void decode_time_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
138 /* Initialize the protocol and registered fields */
139 static int proto_opsi = -1;
140 static int hf_opsi_major_version = -1;
141 static int hf_opsi_minor_version = -1;
142 static int hf_opsi_opcode = -1;
143 static int hf_opsi_hook_id = -1;
144 static int hf_opsi_length = -1;
145 static int hf_opsi_session_id = -1;
146 static int hf_user_name_att = -1;
147 static int hf_password_att = -1;
148 static int hf_chap_password_att = -1;
149 static int hf_nas_ip_add_att = -1;
150 static int hf_nas_port_att = -1;
151 static int hf_service_type_att = -1;
152 static int hf_framed_protocol_att = -1;
153 static int hf_framed_address_att = -1;
154 static int hf_framed_netmask_att = -1;
155 static int hf_framed_routing_att = -1;
156 static int hf_framed_filter_att = -1;
157 static int hf_framed_mtu_att = -1;
158 static int hf_framed_compression_att = -1;
159 static int hf_called_station_att = -1;
160 static int hf_calling_station_att = -1;
161 static int hf_nas_identifier_att = -1;
162 static int hf_accounting_att = -1;
163 static int hf_acct_session_id_att = -1;
164 static int hf_chap_challenge_att = -1;
165 static int hf_nas_port_type_att = -1;
166 static int hf_designation_num_att = -1;
167 static int hf_nas_port_id_att = -1;
168 static int hf_smc_aaa_id_att = -1;
169 static int hf_smc_vpn_id_att = -1;
170 static int hf_smc_vpn_name_att = -1;
171 static int hf_smc_ran_id_att = -1;
172 static int hf_smc_ran_ip_att = -1;
173 static int hf_smc_ran_name_att = -1;
174 static int hf_smc_pop_id_att = -1;
175 static int hf_smc_pop_name_att = -1;
176 static int hf_smc_id_att = -1;
177 static int hf_smc_receive_time_att = -1;
178 static int hf_smc_stat_time_att = -1;
179 static int hf_opsi_flags_att = -1;
180 static int hf_opsi_application_name_att = -1;
181 static int hf_opsi_attribute_length = -1;
183 /* Initialize the subtree pointers */
184 static gint ett_opsi = -1;
185 static gint ett_opsi_user_name = -1;
186 static gint ett_opsi_user_password = -1;
187 static gint ett_opsi_chap_password = -1;
188 static gint ett_opsi_nas_ip_address = -1;
189 static gint ett_opsi_nas_port = -1;
190 static gint ett_opsi_service_type = -1;
191 static gint ett_opsi_framed_protocol = -1;
192 static gint ett_opsi_framed_address = -1;
193 static gint ett_opsi_framed_netmask = -1;
194 static gint ett_opsi_framed_routing = -1;
195 static gint ett_opsi_framed_filter = -1;
196 static gint ett_opsi_framed_mtu = -1;
197 static gint ett_opsi_framed_compression = -1;
198 static gint ett_opsi_called_station_id = -1;
199 static gint ett_opsi_calling_station_id = -1;
200 static gint ett_opsi_nas_identifier = -1;
201 static gint ett_opsi_accounting = -1;
202 static gint ett_opsi_acct_session_id = -1;
203 static gint ett_opsi_chap_challenge = -1;
204 static gint ett_opsi_nas_port_type = -1;
205 static gint ett_opsi_designation_number = -1;
206 static gint ett_opsi_nas_port_id = -1;
207 static gint ett_opsi_smc_aaa_id = -1;
208 static gint ett_opsi_smc_vpn_id = -1;
209 static gint ett_opsi_smc_vpn_name = -1;
210 static gint ett_opsi_smc_ran_id = -1;
211 static gint ett_opsi_smc_ran_ip = -1;
212 static gint ett_opsi_smc_ran_name = -1;
213 static gint ett_opsi_smc_pop_id = -1;
214 static gint ett_opsi_smc_pop_name = -1;
215 static gint ett_opsi_smc_id = -1;
216 static gint ett_opsi_smc_receive_time = -1;
217 static gint ett_opsi_smc_stat_time = -1;
218 static gint ett_opsi_flags = -1;
219 static gint ett_opsi_application_name = -1;
221 static expert_field ei_opsi_unknown_attribute = EI_INIT;
222 static expert_field ei_opsi_short_attribute = EI_INIT;
223 static expert_field ei_opsi_short_frame = EI_INIT;
226 static const value_string opsi_opcode[] = {
227 { DISCOVER_REQUEST, "Discover Request" },
228 { DISCOVER_RESPONSE, "Discover Response" },
229 { SERVICE_REQUEST, "Service Request" },
230 { SERVICE_ACCEPT, "Service Accept" },
231 { SERVICE_REJECT, "Service Reject" },
232 { TERMINATE_REQUEST, "Terminate Request" },
236 static const value_string opsi_service_type_code[] = {
239 { 3, "Callback Login" },
240 { 4, "Callback Framed" },
242 { 6, "Administrative" },
244 { 8, "Authenticate Only" },
245 { 9, "Callback NAS Prompt" },
249 static const value_string opsi_framed_protocol_code[] = {
252 { 3, "AppleTalk Remote Access Protocol (ARAP)" },
253 { 4, "Gandalf proprietary SingleLink/MultiLink protocol" },
254 { 5, "Xylogics proprietary IPX/SLIP" },
255 { 255, "Ascend ARA" },
267 static const value_string opsi_framed_routing_code[] = {
271 { 3, "Broadcast-Listen" },
272 { 4, "Broadcast V2" },
274 { 6, "Broadcast-Listen V2" },
278 static const value_string opsi_framed_compression_code[] = {
280 { 1, "Van Jacobsen TCP/IP" },
281 { 2, "IPX header compression" },
285 static const value_string opsi_nas_port_type_code[] = {
289 { 3, "ISDN Async V.120" },
290 { 4, "ISDN Async V.110" },
293 { 7, "HDLC Clear Channel" },
297 { 11, "SDSL - Symmetric DSL" },
298 { 12, "ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase Modulation" },
299 { 13, "ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone" },
300 { 14, "IDSL - ISDN Digital Subscriber Line" },
302 { 16, "xDSL - Digital Subscriber Line of unknown type" },
304 { 18, "Wireless - Other" },
305 { 19, "Wireless - IEEE 802.11" },
306 { 201,"Voice over IP" },
311 /* Structure used to decode OPSI frame attributes */
312 /* CAUTION : it is compulsory to sort this array */
313 /* (first argument of the opsi_attribute_handle_t) */
314 /* in ascending order */
316 static opsi_attribute_handle_t opsi_attributes[] = {
317 { USER_NAME_ATTRIBUTE, /* 1 */
318 "User name attribute", &ett_opsi_user_name, &hf_user_name_att, decode_string_attribute },
319 { USER_PASSWD_ATTRIBUTE, /* 2 */
320 "User password attribute" , &ett_opsi_user_password, &hf_password_att, decode_string_attribute },
321 { CHAP_PASSWD_ATTRIBUTE, /* 3 */
322 "CHAP password attribute", &ett_opsi_chap_password, &hf_chap_password_att, decode_string_attribute },
323 { NAS_IP_ADDRESS_ATTRIBUTE, /* 4 */
324 "NAS IP address attribute", &ett_opsi_nas_ip_address, &hf_nas_ip_add_att, decode_ipv4_attribute },
325 {NAS_PORT_ATTRIBUTE, /* 5 */
326 "NAS port attribute", &ett_opsi_nas_port, &hf_nas_port_att, decode_longint_attribute },
327 {SERVICE_TYPE_ATTRIBUTE, /* 6 */
328 "Service type attribute", &ett_opsi_service_type, &hf_service_type_att, decode_value_string_attribute },
329 {FRAMED_PROTOCOL_ATTRIBUTE, /* 7 */
330 "Framed protocol attribute", &ett_opsi_framed_protocol, &hf_framed_protocol_att, decode_value_string_attribute },
331 {FRAMED_ADDRESS_ATTRIBUTE, /* 8 */
332 "Framed address attribute", &ett_opsi_framed_address, &hf_framed_address_att, decode_ipv4_attribute },
333 {FRAMED_NETMASK_ATTRIBUTE, /* 9 */
334 "Framed netmask attribute", &ett_opsi_framed_netmask, &hf_framed_netmask_att, decode_ipv4_attribute },
335 {FRAMED_ROUTING_ATTRIBUTE, /* 10 */
336 "Framed routing attribute", &ett_opsi_framed_routing, &hf_framed_routing_att, decode_value_string_attribute },
337 {FRAMED_FILTER_ATTRIBUTE, /* 11 */
338 "Framed filter attribute", &ett_opsi_framed_filter, &hf_framed_filter_att, decode_string_attribute },
339 {FRAMED_MTU_ATTRIBUTE, /* 12 */
340 "Framed MTU attribute", &ett_opsi_framed_mtu, &hf_framed_mtu_att, decode_longint_attribute },
341 {FRAMED_COMPRESSION_ATTRIBUTE, /* 13 */
342 "Framed compression attribute", &ett_opsi_framed_compression, &hf_framed_compression_att, decode_value_string_attribute },
343 {CALLED_STATION_ID_ATTRIBUTE, /* 30 */
344 "Called station ID attribute", &ett_opsi_called_station_id, &hf_called_station_att, decode_string_attribute },
345 {CALLING_STATION_ID_ATTRIBUTE, /* 31 */
346 "Calling station ID attribute", &ett_opsi_calling_station_id, &hf_calling_station_att, decode_string_attribute },
347 {NAS_IDENTIFIER, /* 32 */
348 "NAS Identifier attribute", &ett_opsi_nas_identifier, &hf_nas_identifier_att, decode_string_attribute },
349 {ACCOUNTING_40_ATTRIBUTE, /* 40 */
350 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
351 {ACCOUNTING_41_ATTRIBUTE, /* 41 */
352 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
353 {ACCOUNTING_42_ATTRIBUTE, /* 42 */
354 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
355 {ACCOUNTING_43_ATTRIBUTE, /* 43 */
356 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
357 {ACCOUNTING_SESSION_ID_ATTRIBUTE, /* 44 */
358 "Accounting session ID attribute", &ett_opsi_acct_session_id, &hf_acct_session_id_att, decode_string_attribute },
359 {ACCOUNTING_45_ATTRIBUTE, /* 45 */
360 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
361 {ACCOUNTING_46_ATTRIBUTE, /* 46 */
362 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
363 {ACCOUNTING_47_ATTRIBUTE, /* 47 */
364 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
365 {ACCOUNTING_48_ATTRIBUTE, /* 48 */
366 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
367 {ACCOUNTING_49_ATTRIBUTE, /* 49 */
368 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
369 {ACCOUNTING_50_ATTRIBUTE, /* 50 */
370 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
371 {ACCOUNTING_51_ATTRIBUTE, /* 51 */
372 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
373 {ACCOUNTING_52_ATTRIBUTE, /* 52 */
374 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
375 {ACCOUNTING_53_ATTRIBUTE, /* 53 */
376 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
377 {ACCOUNTING_54_ATTRIBUTE, /* 54 */
378 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
379 {ACCOUNTING_55_ATTRIBUTE, /* 55 */
380 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
381 {ACCOUNTING_56_ATTRIBUTE, /* 56 */
382 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
383 {ACCOUNTING_57_ATTRIBUTE, /* 57 */
384 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
385 {ACCOUNTING_58_ATTRIBUTE, /* 58 */
386 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
387 {ACCOUNTING_59_ATTRIBUTE, /* 59 */
388 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
389 {CHAP_CHALLENGE_ATTRIBUTE, /* 60 */
390 "CHAP challenge", &ett_opsi_chap_challenge, &hf_chap_challenge_att, decode_string_attribute },
391 {NAS_PORT_TYPE_ATTRIBUTE, /* 61 */
392 "NAS port type attribute", &ett_opsi_nas_port_type, &hf_nas_port_type_att, decode_value_string_attribute },
393 {DESIGNATION_NUMBER_ATTRIBUTE, /* 77 */
394 "Designation number attribute", &ett_opsi_designation_number, &hf_designation_num_att, decode_string_attribute },
395 {NAS_PORT_ID_ATTRIBUTE, /* 87 */
396 "NAS port ID attribute", &ett_opsi_nas_port_id, &hf_nas_port_id_att, decode_string_attribute },
397 {SMC_AAAID_ATTRIBUTE, /* 651 */
398 "SMC AAA ID attribute", &ett_opsi_smc_aaa_id, &hf_smc_aaa_id_att, decode_longint_attribute },
399 {SMC_VPNID_ATTRIBUTE, /* 652 */
400 "SMC VPN ID attribute", &ett_opsi_smc_vpn_id, &hf_smc_vpn_id_att, decode_longint_attribute },
401 {SMC_VPNNAME_ATTRIBUTE, /* 653 */
402 "SMC VPN name attribute", &ett_opsi_smc_vpn_name, &hf_smc_vpn_name_att, decode_string_attribute },
403 {SMC_RANID_ATTRIBUTE, /* 654 */
404 "SMC RAN ID attribute", &ett_opsi_smc_ran_id, &hf_smc_ran_id_att, decode_longint_attribute },
405 {SMC_RANIP_ATTRIBUTE, /* 655 */
406 "SMC RAN IP attribute", &ett_opsi_smc_ran_ip, &hf_smc_ran_ip_att, decode_ipv4_attribute },
407 {SMC_RANNAME_ATTRIBUTE, /* 656 */
408 "SMC RAN name attribute", &ett_opsi_smc_ran_name, &hf_smc_ran_name_att, decode_string_attribute },
409 {SMC_POPID_ATTRIBUTE, /* 657 */
410 "SMC POP ID attribute", &ett_opsi_smc_pop_id, &hf_smc_pop_id_att, decode_longint_attribute },
411 {SMC_POPNAME_ATTRIBUTE, /* 658 */
412 "SMC POP name attribute", &ett_opsi_smc_pop_name, &hf_smc_pop_name_att, decode_string_attribute },
413 {SMC_SMCID_ATTRIBUTE, /* 659 */
414 "SMC ID attribute", &ett_opsi_smc_id, &hf_smc_id_att, decode_longint_attribute },
415 {SMC_RECEIVE_TIME_ATTRIBUTE, /* 660 */
416 "SMC receive time attribute", &ett_opsi_smc_receive_time, &hf_smc_receive_time_att, decode_time_attribute },
417 {SMC_STAT_TIME_ATTRIBUTE, /* 661 */
418 "SMC stat time attribute", &ett_opsi_smc_stat_time, &hf_smc_stat_time_att, decode_longint_attribute },
419 {OPSI_FLAGS_ATTRIBUTE, /* 674 */
420 "OPSI flags attribute", &ett_opsi_flags, &hf_opsi_flags_att, decode_longint_attribute },
421 {OPSI_APPLICATION_NAME_ATTRIBUTE,/* 675 */
422 "OPSI application name attribute", &ett_opsi_application_name, &hf_opsi_application_name_att, decode_string_attribute },
425 #define OPSI_ATTRIBUTES_COUNT (sizeof(opsi_attributes)/sizeof(opsi_attribute_handle_t))
427 /* Desegmentation of OPSI (over TCP) */
428 static gboolean opsi_desegment = TRUE;
431 decode_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
435 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
439 pbuffer=tvb_get_string_enc(wmem_packet_scope(), tvb, offset+4, length-4, ENC_ASCII);
440 proto_tree_add_string(tree, *hfValue, tvb, offset+4, length-4, pbuffer);
445 decode_ipv4_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
449 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
452 ip_address = tvb_get_ipv4(tvb, offset+4);
453 proto_tree_add_ipv4(tree, *hfValue, tvb, offset+4, 4, ip_address);
457 decode_longint_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
460 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
463 proto_tree_add_uint(tree, *hfValue, tvb, offset+4, 4, tvb_get_ntohl(tvb, offset+4));
467 decode_value_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
470 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
473 proto_tree_add_item(tree, *hfValue, tvb, offset+4, 4, ENC_BIG_ENDIAN);
477 decode_time_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
482 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
485 ns.secs = tvb_get_ntohl(tvb, offset+4);
487 proto_tree_add_time(tree, *hfValue, tvb, offset+4, 4, &ns);
490 /****************************************************************************/
491 /********** End of attribute decoding ***************************************/
492 /****************************************************************************/
494 /* To find the correct size of the PDU. Needed by the desegmentation feature*/
496 get_opsi_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset)
499 * Get the length of the OPSI packet.
500 * We are guaranteed there're enough chars in tvb in order to
501 * extract the length value. No exception thrown !!
503 return tvb_get_ntohs(tvb, offset + 4);
507 get_opsi_attribute_index(int min, int max, int attribute_type)
511 middle = (min+max)/2;
512 at = opsi_attributes[middle].attribute_type;
513 if (at == attribute_type) return middle;
514 if (attribute_type > at) {
515 return (middle == max) ? -1 : get_opsi_attribute_index(middle+1, max, attribute_type);
517 return (middle == min) ? -1 : get_opsi_attribute_index(min, middle-1, attribute_type);
522 dissect_attributes(tvbuff_t *tvb, packet_info *pinfo, proto_tree *opsi_tree, int offset, int length)
526 int attribute_length;
528 proto_tree *ntree = NULL;
530 while (length >= 4) {
531 attribute_type = tvb_get_ntohs(tvb, offset);
532 attribute_length = tvb_get_ntohs(tvb, offset+2);
533 if (attribute_length > length) break;
534 /* We perform a standard log(n) lookup */
535 i = get_opsi_attribute_index(0, OPSI_ATTRIBUTES_COUNT-1, attribute_type);
537 proto_tree_add_expert_format(opsi_tree, pinfo, &ei_opsi_unknown_attribute, tvb, offset, attribute_length,
538 "Unknown attribute (%d)", attribute_type);
541 ti = proto_tree_add_text(opsi_tree, tvb, offset, attribute_length, "%s (%d)", opsi_attributes[i].tree_text, attribute_type);
542 ntree = proto_item_add_subtree(ti, *opsi_attributes[i].tree_id);
543 proto_tree_add_item(ntree, hf_opsi_attribute_length, tvb, offset+2, 2, ENC_BIG_ENDIAN);
544 opsi_attributes[i].dissect(tvb, pinfo, ntree, ti, opsi_attributes[i].hf_type_attribute, offset, attribute_length);
546 if (attribute_length < 4) {
547 /* Length must be at least 4, for the type and length. */
550 offset += attribute_length;
551 length -= attribute_length;
554 proto_tree_add_expert(opsi_tree, pinfo, &ei_opsi_short_frame, tvb, offset, -1);
559 dissect_opsi_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
562 proto_tree *opsi_tree;
564 col_set_str(pinfo->cinfo, COL_PROTOCOL, "OPSI");
565 col_clear(pinfo->cinfo, COL_INFO);
567 col_append_sep_fstr(pinfo->cinfo, COL_INFO, ", ", "%s",
568 val_to_str(tvb_get_guint8(tvb, CODE_OFFSET), opsi_opcode,
569 "<Unknown opcode %d>"));
570 col_set_fence(pinfo->cinfo, COL_INFO);
572 ti = proto_tree_add_item(tree, proto_opsi, tvb, 0, -1, ENC_NA);
573 opsi_tree = proto_item_add_subtree(ti, ett_opsi);
576 proto_tree_add_item(opsi_tree, hf_opsi_major_version, tvb, MAJOR_VERSION_OFFSET, 1, ENC_BIG_ENDIAN);
577 proto_tree_add_item(opsi_tree, hf_opsi_minor_version, tvb, MINOR_VERSION_OFFSET, 1, ENC_BIG_ENDIAN);
578 proto_tree_add_item(opsi_tree, hf_opsi_opcode, tvb, CODE_OFFSET, 1, ENC_BIG_ENDIAN);
579 proto_tree_add_item(opsi_tree, hf_opsi_hook_id, tvb, HOOK_ID_OFFSET, 1, ENC_BIG_ENDIAN);
580 proto_tree_add_item(opsi_tree, hf_opsi_length, tvb, PACKET_LENGTH_OFFSET, 2, ENC_BIG_ENDIAN);
581 proto_tree_add_item(opsi_tree, hf_opsi_session_id, tvb, SESSION_OFFSET, 2, ENC_BIG_ENDIAN);
584 dissect_attributes(tvb, pinfo, opsi_tree, HEADER_LENGTH, MIN(((int)tvb_reported_length(tvb)-HEADER_LENGTH), (tvb_get_ntohs(tvb, PACKET_LENGTH_OFFSET)-HEADER_LENGTH)));
585 return tvb_length(tvb);
590 dissect_opsi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
592 /* We should mimimally grab the header */
593 tcp_dissect_pdus(tvb, pinfo, tree, opsi_desegment, HEADER_LENGTH, get_opsi_pdu_len,
594 dissect_opsi_pdu, data);
595 return tvb_length(tvb);
600 proto_register_opsi(void)
603 /* Setup list of header fields See Section 1.6.1 for details*/
604 static hf_register_info hf[] = {
605 { &hf_opsi_major_version,
606 { "Major version", "opsi.major",
607 FT_UINT8, BASE_DEC, NULL, 0x0,
610 { &hf_opsi_minor_version,
611 { "Minor version", "opsi.minor",
612 FT_UINT8, BASE_DEC, NULL, 0x0,
616 { "Operation code", "opsi.opcode",
617 FT_UINT8, BASE_DEC, VALS(opsi_opcode), 0x0,
621 { "Hook ID", "opsi.hook",
622 FT_UINT8, BASE_DEC, NULL, 0x0,
626 { "Message length", "opsi.length",
627 FT_UINT16, BASE_DEC, NULL, 0x0,
630 { &hf_opsi_session_id,
631 { "Session ID", "opsi.session_id",
632 FT_UINT16, BASE_DEC, NULL, 0x0,
636 { "User name", "opsi.attr.user_name",
637 FT_STRING, BASE_NONE, NULL, 0x00,
641 { "User password", "opsi.attr.password",
642 FT_STRING, BASE_NONE, NULL, 0x00,
645 { &hf_chap_password_att,
646 { "CHAP password attribute", "opsi.attr.chap_password",
647 FT_STRING, BASE_NONE, NULL, 0x00,
650 { &hf_nas_ip_add_att,
651 { "NAS IP address", "opsi.attr.nas_ip_addr",
652 FT_IPv4, BASE_NONE, NULL, 0x00,
656 { "NAS port", "opsi.attr.nas_port",
657 FT_UINT32, BASE_HEX, NULL, 0x00,
660 { &hf_service_type_att,
661 { "Service type", "opsi.attr.service_type",
662 FT_UINT32, BASE_DEC, VALS(opsi_service_type_code), 0x0,
665 { &hf_framed_protocol_att,
666 { "Framed protocol", "opsi.attr.framed_protocol",
667 FT_UINT32, BASE_DEC, VALS(opsi_framed_protocol_code), 0x0,
670 { &hf_framed_address_att,
671 { "Framed address", "opsi.attr.framed_address",
672 FT_IPv4, BASE_NONE, NULL, 0x00,
675 { &hf_framed_netmask_att,
676 { "Framed netmask", "opsi.attr.framed_netmask",
677 FT_IPv4, BASE_NONE, NULL, 0x00,
680 { &hf_framed_routing_att,
681 { "Framed routing", "opsi.attr.framed_routing",
682 FT_UINT32, BASE_DEC, VALS(opsi_framed_routing_code), 0x0,
685 { &hf_framed_filter_att,
686 { "Framed filter", "opsi.attr.framed_filter",
687 FT_STRING, BASE_NONE, NULL, 0x00,
690 { &hf_framed_mtu_att,
691 { "Framed MTU", "opsi.attr.framed_mtu",
692 FT_UINT32, BASE_DEC, NULL, 0x00,
695 { &hf_framed_compression_att,
696 { "Framed compression", "opsi.attr.framed_compression",
697 FT_UINT32, BASE_DEC, VALS(opsi_framed_compression_code), 0x0,
700 { &hf_called_station_att,
701 { "Called station ID", "opsi.attr.called_station_id",
702 FT_STRING, BASE_NONE, NULL, 0x00,
705 { &hf_calling_station_att,
706 { "Calling station ID", "opsi.attr.calling_station_id",
707 FT_STRING, BASE_NONE, NULL, 0x00,
710 { &hf_nas_identifier_att,
711 { "NAS ID", "opsi.attr.nas_id",
712 FT_STRING, BASE_NONE, NULL, 0x00,
715 { &hf_accounting_att,
716 { "Accounting", "opsi.attr.accounting",
717 FT_STRING, BASE_NONE, NULL, 0x00,
720 { &hf_acct_session_id_att,
721 { "Accounting session ID", "opsi.attr.acct.session_id",
722 FT_STRING, BASE_NONE, NULL, 0x00,
725 { &hf_chap_challenge_att,
726 { "CHAP challenge", "opsi.attr.chap_challenge",
727 FT_STRING, BASE_NONE, NULL, 0x00,
730 { &hf_nas_port_type_att,
731 { "NAS port type", "opsi.attr.nas_port_type",
732 FT_UINT32, BASE_DEC, VALS(opsi_nas_port_type_code), 0x0,
735 { &hf_designation_num_att,
736 { "Designation number", "opsi.attr.designation_number",
737 FT_STRING, BASE_NONE, NULL, 0x00,
740 { &hf_nas_port_id_att,
741 { "NAS port ID", "opsi.attr.nas_port_id",
742 FT_STRING, BASE_NONE, NULL, 0x00,
745 { &hf_smc_aaa_id_att,
746 { "SMC AAA ID", "opsi.attr.smc_aaa_id",
747 FT_UINT32, BASE_DEC, NULL, 0x00,
750 { &hf_smc_vpn_id_att,
751 { "SMC VPN ID", "opsi.attr.smc_vpn_id",
752 FT_UINT32, BASE_DEC, NULL, 0x00,
755 { &hf_smc_vpn_name_att,
756 { "SMC VPN name", "opsi.attr.smc_vpn_name",
757 FT_STRING, BASE_NONE, NULL, 0x00,
760 { &hf_smc_ran_id_att,
761 { "SMC RAN ID", "opsi.attr.smc_ran_id",
762 FT_UINT32, BASE_DEC, NULL, 0x00,
765 { &hf_smc_ran_ip_att,
766 { "SMC RAN IP address", "opsi.attr.smc_ran_ip",
767 FT_IPv4, BASE_NONE, NULL, 0x00,
770 { &hf_smc_ran_name_att,
771 { "SMC RAN name", "opsi.attr.smc_ran_name",
772 FT_STRING, BASE_NONE, NULL, 0x00,
775 { &hf_smc_pop_id_att,
776 { "SMC POP id", "opsi.attr.smc_pop_id",
777 FT_UINT32, BASE_DEC, NULL, 0x00,
780 { &hf_smc_pop_name_att,
781 { "SMC POP name", "opsi.attr.smc_pop_name",
782 FT_STRING, BASE_NONE, NULL, 0x00,
786 { "SMC ID", "opsi.attr.smc_id",
787 FT_UINT32, BASE_DEC, NULL, 0x00,
790 { &hf_smc_receive_time_att,
791 { "SMC receive time", "opsi.attr.smc_receive_time",
792 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x00,
795 { &hf_smc_stat_time_att,
796 { "SMC stat time", "opsi.attr.smc_stat_time",
797 FT_UINT32, BASE_DEC, NULL, 0x00,
800 { &hf_opsi_flags_att,
801 { "OPSI flags", "opsi.attr.flags",
802 FT_UINT32, BASE_DEC, NULL, 0x00,
805 { &hf_opsi_application_name_att,
806 { "OPSI application name", "opsi.attr.application_name",
807 FT_STRING, BASE_NONE, NULL, 0x00,
810 { &hf_opsi_attribute_length,
811 { "Length", "opsi.attr_length",
812 FT_UINT16, BASE_DEC, NULL, 0x00,
817 /* Setup protocol subtree array */
818 static gint *ett[] = {
821 &ett_opsi_user_password,
822 &ett_opsi_chap_password,
823 &ett_opsi_nas_ip_address,
825 &ett_opsi_service_type,
826 &ett_opsi_framed_protocol,
827 &ett_opsi_framed_address,
828 &ett_opsi_framed_netmask,
829 &ett_opsi_framed_routing,
830 &ett_opsi_framed_filter,
831 &ett_opsi_framed_mtu,
832 &ett_opsi_framed_compression,
833 &ett_opsi_called_station_id,
834 &ett_opsi_calling_station_id,
835 &ett_opsi_nas_identifier,
836 &ett_opsi_accounting,
837 &ett_opsi_acct_session_id,
838 &ett_opsi_chap_challenge,
839 &ett_opsi_nas_port_type,
840 &ett_opsi_designation_number,
841 &ett_opsi_nas_port_id,
842 &ett_opsi_smc_aaa_id,
843 &ett_opsi_smc_vpn_id,
844 &ett_opsi_smc_vpn_name,
845 &ett_opsi_smc_ran_id,
846 &ett_opsi_smc_ran_ip,
847 &ett_opsi_smc_ran_name,
848 &ett_opsi_smc_pop_id,
849 &ett_opsi_smc_pop_name,
851 &ett_opsi_smc_receive_time,
852 &ett_opsi_smc_stat_time,
854 &ett_opsi_application_name,
857 static ei_register_info ei[] = {
858 { &ei_opsi_unknown_attribute, { "opsi.attr_unknown", PI_PROTOCOL, PI_WARN, "Unknown attribute", EXPFILL }},
859 { &ei_opsi_short_attribute, { "opsi.attr_too_short", PI_MALFORMED, PI_WARN, "Too short attribute!", EXPFILL }},
860 { &ei_opsi_short_frame, { "opsi.short_frame", PI_MALFORMED, PI_WARN, "Short frame", EXPFILL }},
863 /* For desegmentation / reassembly */
864 module_t *opsi_module;
865 expert_module_t* expert_opsi;
867 /* Register the protocol name and description */
868 proto_opsi = proto_register_protocol("Open Policy Service Interface",
871 /* Required function calls to register the header fields and subtrees used */
872 proto_register_field_array(proto_opsi, hf, array_length(hf));
873 proto_register_subtree_array(ett, array_length(ett));
874 expert_opsi = expert_register_protocol(proto_opsi);
875 expert_register_field_array(expert_opsi, ei, array_length(ei));
877 /* We activate the desegmentation / reassembly feature */
878 opsi_module = prefs_register_protocol(proto_opsi, NULL);
879 prefs_register_bool_preference(opsi_module, "desegment_opsi_messages",
880 "Reassemble OPSI messages spanning multiple TCP segments",
881 "Whether the OPSI dissector should desegment all messages spanning multiple TCP segments",
887 proto_reg_handoff_opsi(void)
889 dissector_handle_t opsi_handle;
890 opsi_handle = new_create_dissector_handle(dissect_opsi, proto_opsi);
891 dissector_add_uint("tcp.port", TCP_PORT_OPSI, opsi_handle);