2 * Routines for RTSP packet disassembly (RFC 2326)
4 * Jason Lango <jal@netapp.com>
5 * Liberally copied from packet-http.c, by Guy Harris <guy@alum.mit.edu>
9 * Wireshark - Network traffic analyzer
10 * By Gerald Combs <gerald@wireshark.org>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 * RTSP is defined in RFC 2326, http://www.ietf.org/rfc/rfc2326.txt?number=2326
29 * http://www.iana.org/assignments/rsvp-parameters
38 #include <epan/prefs.h>
42 #include <wsutil/str_util.h>
44 #include <epan/packet.h>
45 #include <epan/req_resp_hdrs.h>
46 #include "packet-rtp.h"
47 #include "packet-rtcp.h"
48 #include "packet-rdt.h"
49 #include <epan/conversation.h>
50 #include <epan/strutil.h>
51 #include "packet-e164.h"
52 #include <epan/emem.h>
54 static int proto_rtsp = -1;
56 static gint ett_rtsp = -1;
57 static gint ett_rtspframe = -1;
58 static gint ett_rtsp_method = -1;
60 static int hf_rtsp_request = -1;
61 static int hf_rtsp_response = -1;
62 static int hf_rtsp_content_type = -1;
63 static int hf_rtsp_content_length = -1;
64 static int hf_rtsp_method = -1;
65 static int hf_rtsp_url = -1;
66 static int hf_rtsp_status = -1;
67 static int hf_rtsp_session = -1;
68 static int hf_rtsp_transport = -1;
69 static int hf_rtsp_rdtfeaturelevel = -1;
70 static int hf_rtsp_X_Vig_Msisdn = -1;
72 static dissector_handle_t rtp_handle;
73 static dissector_handle_t rtcp_handle;
74 static dissector_handle_t rdt_handle;
75 static dissector_table_t media_type_dissector_table;
77 void proto_reg_handoff_rtsp(void);
80 * desegmentation of RTSP headers
81 * (when we are over TCP or another protocol providing the desegmentation API)
83 static gboolean rtsp_desegment_headers = TRUE;
86 * desegmentation of RTSP bodies
87 * (when we are over TCP or another protocol providing the desegmentation API)
88 * TODO let the user filter on content-type the bodies he wants desegmented
90 static gboolean rtsp_desegment_body = TRUE;
92 /* http://www.iana.org/assignments/port-numberslists two rtsp ports */
93 #define TCP_PORT_RTSP 554
94 #define TCP_ALTERNATE_PORT_RTSP 8554
95 static guint global_rtsp_tcp_port = TCP_PORT_RTSP;
96 static guint global_rtsp_tcp_alternate_port = TCP_ALTERNATE_PORT_RTSP;
98 * Takes an array of bytes, assumed to contain a null-terminated
99 * string, as an argument, and returns the length of the string -
100 * i.e., the size of the array, minus 1 for the null terminator.
102 #define STRLEN_CONST(str) (sizeof (str) - 1)
104 #define RTSP_FRAMEHDR ('$')
107 dissector_handle_t dissector;
108 } rtsp_interleaved_t;
110 #define RTSP_MAX_INTERLEAVED (256)
113 * Careful about dynamically allocating memory in this structure (say
114 * for dynamically increasing the size of the 'interleaved' array) -
115 * the containing structure is garbage collected and contained
116 * pointers will not be freed.
119 rtsp_interleaved_t interleaved[RTSP_MAX_INTERLEAVED];
120 } rtsp_conversation_data_t;
123 dissect_rtspinterleaved(tvbuff_t *tvb, int offset, packet_info *pinfo,
126 guint length_remaining;
128 proto_tree *rtspframe_tree = NULL;
130 guint8 rf_start; /* always RTSP_FRAMEHDR */
131 guint8 rf_chan; /* interleaved channel id */
132 guint16 rf_len; /* packet length */
134 conversation_t *conv;
135 rtsp_conversation_data_t *data;
136 dissector_handle_t dissector;
139 * This will throw an exception if we don't have any data left.
140 * That's what we want. (See "tcp_dissect_pdus()", which is
143 length_remaining = tvb_ensure_length_remaining(tvb, offset);
146 * Can we do reassembly?
148 if (rtsp_desegment_headers && pinfo->can_desegment) {
150 * Yes - would an RTSP multiplexed header starting at
151 * this offset be split across segment boundaries?
153 if (length_remaining < 4) {
155 * Yes. Tell the TCP dissector where the data
156 * for this message starts in the data it handed
157 * us, and how many more bytes we need, and return.
159 pinfo->desegment_offset = offset;
160 pinfo->desegment_len = 4 - length_remaining;
166 * Get the "$", channel, and length from the header.
168 orig_offset = offset;
169 rf_start = tvb_get_guint8(tvb, offset);
170 rf_chan = tvb_get_guint8(tvb, offset+1);
171 rf_len = tvb_get_ntohs(tvb, offset+2);
174 * Can we do reassembly?
176 if (rtsp_desegment_body && pinfo->can_desegment) {
178 * Yes - is the header + encapsulated packet split
179 * across segment boundaries?
181 if (length_remaining < 4U + rf_len) {
183 * Yes. Tell the TCP dissector where the data
184 * for this message starts in the data it handed
185 * us, and how many more bytes we need, and return.
187 pinfo->desegment_offset = offset;
188 pinfo->desegment_len = 4U + rf_len - length_remaining;
193 if (check_col(pinfo->cinfo, COL_INFO))
194 col_add_fstr(pinfo->cinfo, COL_INFO,
195 "Interleaved channel 0x%02x, %u bytes",
199 ti = proto_tree_add_protocol_format(tree, proto_rtsp, tvb,
201 "RTSP Interleaved Frame, Channel: 0x%02x, %u bytes",
203 rtspframe_tree = proto_item_add_subtree(ti, ett_rtspframe);
205 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
212 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
219 proto_tree_add_text(rtspframe_tree, tvb, offset, 2,
226 * We set the actual length of the tvbuff for the interleaved
227 * stuff to the minimum of what's left in the tvbuff and the
228 * length in the header.
230 * XXX - what if there's nothing left in the tvbuff?
231 * We'd want a BoundsError exception to be thrown, so
232 * that a Short Frame would be reported.
234 if (length_remaining > rf_len)
235 length_remaining = rf_len;
236 next_tvb = tvb_new_subset(tvb, offset, length_remaining, rf_len);
238 conv = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype,
239 pinfo->srcport, pinfo->destport, 0);
242 (data = conversation_get_proto_data(conv, proto_rtsp)) &&
243 /* Add the following condition if it is not always true.
244 rf_chan < RTSP_MAX_INTERLEAVED &&
246 (dissector = data->interleaved[rf_chan].dissector)) {
247 call_dissector(dissector, next_tvb, pinfo, tree);
249 proto_tree_add_text(rtspframe_tree, tvb, offset, rf_len,
250 "Data (%u bytes)", rf_len);
255 return offset - orig_offset;
258 static void process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
259 size_t linelen, size_t next_line_offset,
262 static void process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
263 size_t linelen, size_t next_line_offset,
272 static const char *rtsp_methods[] = {
286 #define RTSP_NMETHODS (sizeof rtsp_methods / sizeof rtsp_methods[0])
289 is_rtsp_request_or_reply(const guchar *line, size_t linelen, rtsp_type_t *type)
293 /* Is this an RTSP reply? */
294 if (linelen >= 5 && g_ascii_strncasecmp("RTSP/", line, 5) == 0) {
303 * Is this an RTSP request?
304 * Check whether the line begins with one of the RTSP request
307 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
308 size_t len = strlen(rtsp_methods[ii]);
309 if (linelen >= len &&
310 g_ascii_strncasecmp(rtsp_methods[ii], line, len) == 0 &&
311 (len == linelen || isspace(line[len])))
313 *type = RTSP_REQUEST;
318 /* Wasn't a request or a response */
319 *type = RTSP_NOT_FIRST_LINE;
323 static const char rtsp_content_type[] = "Content-Type:";
324 static const char rtsp_transport[] = "Transport:";
325 static const char rtsp_sps[] = "server_port=";
326 static const char rtsp_cps[] = "client_port=";
327 static const char rtsp_rtp[] = "rtp/";
328 static const char rtsp_rdt_feature_level[] = "RDTFeatureLevel";
329 static const char rtsp_real_rdt[] = "x-real-rdt/";
330 static const char rtsp_real_tng[] = "x-pn-tng/"; /* synonym for x-real-rdt */
331 static const char rtsp_inter[] = "interleaved=";
334 rtsp_create_conversation(packet_info *pinfo, const guchar *line_begin,
335 size_t line_len, gint rdt_feature_level)
337 conversation_t *conv;
340 gboolean rtp_transport = FALSE;
341 gboolean rdt_transport = FALSE;
342 guint c_data_port, c_mon_port;
343 guint s_data_port, s_mon_port;
344 gboolean is_video = FALSE; /* FIX ME - need to indicate video or not */
346 /* Copy line into buf */
347 if (line_len > sizeof(buf) - 1)
349 /* Don't overflow the buffer. */
350 line_len = sizeof(buf) - 1;
352 memcpy(buf, line_begin, line_len);
353 buf[line_len] = '\0';
355 /* Get past "Transport:" and spaces */
356 tmp = buf + STRLEN_CONST(rtsp_transport);
357 while (*tmp && isspace(*tmp))
360 /* Work out which transport type is here */
361 if (g_ascii_strncasecmp(tmp, rtsp_rtp, strlen(rtsp_rtp)) == 0)
362 rtp_transport = TRUE;
364 if (g_ascii_strncasecmp(tmp, rtsp_real_rdt, strlen(rtsp_real_rdt)) == 0 ||
365 g_ascii_strncasecmp(tmp, rtsp_real_tng, strlen(rtsp_real_tng)) == 0)
366 rdt_transport = TRUE;
369 /* Give up on unknown transport types */
373 c_data_port = c_mon_port = 0;
374 s_data_port = s_mon_port = 0;
376 /* Look for server port */
377 if ((tmp = strstr(buf, rtsp_sps))) {
378 tmp += strlen(rtsp_sps);
379 if (sscanf(tmp, "%u-%u", &s_data_port, &s_mon_port) < 1) {
380 g_warning("Frame %u: rtsp: bad server_port",
385 /* Look for client port */
386 if ((tmp = strstr(buf, rtsp_cps))) {
387 tmp += strlen(rtsp_cps);
388 if (sscanf(tmp, "%u-%u", &c_data_port, &c_mon_port) < 1) {
389 g_warning("Frame %u: rtsp: bad client_port",
396 /* Deal with RTSP TCP-interleaved conversations. */
398 rtsp_conversation_data_t *data;
399 guint s_data_chan, s_mon_chan;
402 /* Search tranport line for interleaved string */
403 if ((tmp = strstr(buf, rtsp_inter)) == NULL) {
405 * No interleaved or server_port - probably a
406 * SETUP request, rather than reply.
411 /* Move tmp to beyone interleaved string */
412 tmp += strlen(rtsp_inter);
413 /* Look for channel number(s) */
414 i = sscanf(tmp, "%u-%u", &s_data_chan, &s_mon_chan);
417 g_warning("Frame %u: rtsp: bad interleaved", pinfo->fd->num);
421 /* At least data channel present, look for conversation (presumably TCP) */
422 conv = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype,
423 pinfo->srcport, pinfo->destport, 0);
425 /* Create new conversation if necessary */
428 conv = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst,
429 pinfo->ptype, pinfo->srcport, pinfo->destport,
433 /* Look for previous data */
434 data = conversation_get_proto_data(conv, proto_rtsp);
436 /* Create new data if necessary */
439 data = se_alloc(sizeof(rtsp_conversation_data_t));
440 conversation_add_proto_data(conv, proto_rtsp, data);
443 /* Now set the dissector handle of the interleaved channel
444 according to the transport protocol used */
447 if (s_data_chan < RTSP_MAX_INTERLEAVED) {
448 data->interleaved[s_data_chan].dissector =
451 if (i > 1 && s_mon_chan < RTSP_MAX_INTERLEAVED) {
452 data->interleaved[s_mon_chan].dissector =
456 else if (rdt_transport)
458 if (s_data_chan < RTSP_MAX_INTERLEAVED) {
459 data->interleaved[s_data_chan].dissector =
467 * We only want to match on the destination address, not the
468 * source address, because the server might send back a packet
469 * from an address other than the address to which its client
470 * sent the packet, so we construct a conversation with no
475 /* There is always data for RTP */
476 rtp_add_address(pinfo, &pinfo->dst, c_data_port, s_data_port,
477 "RTSP", pinfo->fd->num, is_video, NULL);
479 /* RTCP only if indicated */
482 rtcp_add_address(pinfo, &pinfo->dst, c_mon_port, s_mon_port,
483 "RTSP", pinfo->fd->num);
489 /* Real Data Transport */
490 rdt_add_address(pinfo, &pinfo->dst, c_data_port, s_data_port,
491 "RTSP", rdt_feature_level);
495 static const char rtsp_content_length[] = "Content-Length:";
498 rtsp_get_content_length(const guchar *line_begin, size_t line_len)
506 if (line_len > sizeof(buf) - 1) {
508 * Don't overflow the buffer.
510 line_len = sizeof(buf) - 1;
512 memcpy(buf, line_begin, line_len);
513 buf[line_len] = '\0';
515 tmp = buf + STRLEN_CONST(rtsp_content_length);
516 while (*tmp && isspace(*tmp))
518 content_length = strtol(tmp, &p, 10);
520 if (up == tmp || (*up != '\0' && !isspace(*up)))
521 return -1; /* not a valid number */
522 return content_length;
525 static const char rtsp_Session[] = "Session:";
526 static const char rtsp_X_Vig_Msisdn[] = "X-Vig-Msisdn";
529 dissect_rtspmessage(tvbuff_t *tvb, int offset, packet_info *pinfo,
532 proto_tree *rtsp_tree = NULL;
533 proto_tree *sub_tree = NULL;
534 proto_item *ti = NULL;
537 const guchar *linep, *lineend;
539 int first_linelen, linelen;
542 gboolean is_request_or_reply;
543 gboolean body_requires_content_len;
544 gboolean saw_req_resp_or_header;
546 rtsp_type_t rtsp_type;
550 int reported_datalen;
553 e164_info_t e164_info;
554 gint rdt_feature_level = 0;
555 gchar *media_type_str_lower_case = NULL;
556 int semi_colon_offset;
560 * Is this a request or response?
562 * Note that "tvb_find_line_end()" will return a value that
563 * is not longer than what's in the buffer, so the
564 * "tvb_get_ptr()" call won't throw an exception.
566 first_linelen = tvb_find_line_end(tvb, offset,
567 tvb_ensure_length_remaining(tvb, offset), &next_offset,
571 * Is the first line a request or response?
573 line = tvb_get_ptr(tvb, offset, first_linelen);
574 is_request_or_reply = is_rtsp_request_or_reply(line, first_linelen,
576 if (is_request_or_reply) {
578 * Yes, it's a request or response.
579 * Do header desegmentation if we've been told to,
580 * and do body desegmentation if we've been told to and
581 * we find a Content-Length header.
583 if (!req_resp_hdrs_do_reassembly(tvb, offset, pinfo,
584 rtsp_desegment_headers, rtsp_desegment_body)) {
586 * More data needed for desegmentation.
593 * RFC 2326 says that a content length must be specified
594 * in requests that have a body, although section 4.4 speaks
595 * of a server closing the connection indicating the end of
598 * We assume that an absent content length in a request means
599 * that we don't have a body, and that an absent content length
600 * in a reply means that the reply body runs to the end of
601 * the connection. If the first line is neither, we assume
602 * that whatever follows a blank line should be treated as a
603 * body; there's not much else we can do, as we're jumping
604 * into the message in the middle.
606 * XXX - if there was no Content-Length entity header, we should
607 * accumulate all data until the end of the connection.
608 * That'd require that the TCP dissector call subdissectors
609 * for all frames with FIN, even if they contain no data,
610 * which would require subdissectors to deal intelligently
611 * with empty segments.
613 if (rtsp_type == RTSP_REQUEST)
614 body_requires_content_len = TRUE;
616 body_requires_content_len = FALSE;
618 col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTSP");
619 if (check_col(pinfo->cinfo, COL_INFO)) {
621 * Put the first line from the buffer into the summary
622 * if it's an RTSP request or reply (but leave out the
624 * Otherwise, just call it a continuation.
626 * Note that "tvb_find_line_end()" will return a value that
627 * is not longer than what's in the buffer, so the
628 * "tvb_get_ptr()" call won't throw an exception.
630 line = tvb_get_ptr(tvb, offset, first_linelen);
631 if (is_request_or_reply)
632 if ( rtsp_type == RTSP_REPLY ) {
633 col_set_str(pinfo->cinfo, COL_INFO, "Reply: ");
634 col_append_str(pinfo->cinfo, COL_INFO,
635 format_text(line, first_linelen));
638 col_add_str(pinfo->cinfo, COL_INFO,
639 format_text(line, first_linelen));
642 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
646 orig_offset = offset;
648 ti = proto_tree_add_item(tree, proto_rtsp, tvb, offset, -1,
650 rtsp_tree = proto_item_add_subtree(ti, ett_rtsp);
654 * We haven't yet seen a Content-Length header.
659 * Process the packet data, a line at a time.
661 saw_req_resp_or_header = FALSE; /* haven't seen anything yet */
662 while (tvb_reported_length_remaining(tvb, offset) != 0) {
664 * We haven't yet concluded that this is a header.
669 * Find the end of the line.
671 linelen = tvb_find_line_end(tvb, offset,
672 tvb_ensure_length_remaining(tvb, offset), &next_offset,
676 line_end_offset = offset + linelen;
678 * colon_offset may be -1
680 colon_offset = tvb_find_guint8(tvb, offset, linelen, ':');
684 * Get a buffer that refers to the line.
686 line = tvb_get_ptr(tvb, offset, linelen);
687 lineend = line + linelen;
690 * OK, does it look like an RTSP request or response?
692 is_request_or_reply = is_rtsp_request_or_reply(line, linelen, &rtsp_type);
693 if (is_request_or_reply)
697 * No. Does it look like a blank line (as would appear
698 * at the end of an RTSP request)?
701 goto is_rtsp; /* Yes. */
704 * No. Does it look like a header?
707 while (linep < lineend) {
711 * This must be a CHAR to be part of a token; that
712 * means it must be ASCII.
715 break; /* not ASCII, thus not a CHAR */
718 * This mustn't be a CTL to be part of a token.
720 * XXX - what about leading LWS on continuation
724 break; /* CTL, not part of a header */
745 * It's a tspecial, so it's not
746 * part of a token, so it's not
747 * a field name for the beginning
754 * This ends the token; we consider
755 * this to be a header.
763 * LWS (RFC-2616, 4.2); continue the previous
771 * We haven't seen the colon, but everything else looks
772 * OK for a header line.
774 * If we've already seen an RTSP request or response
775 * line, or a header line, and we're at the end of
776 * the tvbuff, we assume this is an incomplete header
777 * line. (We quit this loop after seeing a blank line,
778 * so if we've seen a request or response line, or a
779 * header line, this is probably more of the request
780 * or response we're presumably seeing. There is some
781 * risk of false positives, but the same applies for
782 * full request or response lines or header lines,
783 * although that's less likely.)
785 * We throw an exception in that case, by checking for
786 * the existence of the next byte after the last one
787 * in the line. If it exists, "tvb_ensure_bytes_exist()"
788 * throws no exception, and we fall through to the
789 * "not RTSP" case. If it doesn't exist,
790 * "tvb_ensure_bytes_exist()" will throw the appropriate
793 if (saw_req_resp_or_header)
794 tvb_ensure_bytes_exist(tvb, offset, linelen + 1);
798 * We don't consider this part of an RTSP request or
799 * reply, so we don't display it.
809 * This is a blank line, which means that
810 * whatever follows it isn't part of this
813 proto_tree_add_text(rtsp_tree, tvb, offset,
814 next_offset - offset, "%s",
815 tvb_format_text(tvb, offset, next_offset - offset));
816 offset = next_offset;
821 * Not a blank line - either a request, a reply, or a header
824 saw_req_resp_or_header = TRUE;
830 process_rtsp_request(tvb, offset, line, linelen, next_offset, rtsp_tree);
834 process_rtsp_reply(tvb, offset, line, linelen, next_offset, rtsp_tree);
837 case RTSP_NOT_FIRST_LINE:
838 /* Drop through, it may well be a header line */
845 /* We know that colon_offset must be set */
847 /* Skip whitespace after the colon. */
848 value_offset = colon_offset + 1;
849 while ((value_offset < line_end_offset) &&
850 ((c = tvb_get_guint8(tvb, value_offset)) == ' ' || c == '\t'))
854 value_len = line_end_offset - value_offset;
857 * Process some headers specially.
859 #define HDR_MATCHES(header) \
860 ( (size_t)linelen > STRLEN_CONST(header) && \
861 g_ascii_strncasecmp(line, (header), STRLEN_CONST(header)) == 0)
863 if (HDR_MATCHES(rtsp_transport))
865 proto_tree_add_string(rtsp_tree, hf_rtsp_transport, tvb,
867 tvb_format_text(tvb, value_offset,
871 * Based on the port numbers specified
872 * in the Transport: header, set up
873 * a conversation that will be dissected
874 * with the appropriate dissector.
876 rtsp_create_conversation(pinfo, line, linelen, rdt_feature_level);
877 } else if (HDR_MATCHES(rtsp_content_type))
879 proto_tree_add_string(rtsp_tree, hf_rtsp_content_type,
880 tvb, offset, linelen,
881 tvb_format_text(tvb, value_offset,
884 offset = offset + STRLEN_CONST(rtsp_content_type);
886 offset = tvb_skip_wsp(tvb, offset, value_len);
887 semi_colon_offset = tvb_find_guint8(tvb, value_offset, value_len, ';');
888 if ( semi_colon_offset != -1) {
889 /* m-parameter present */
890 par_end_offset = tvb_skip_wsp_return(tvb, semi_colon_offset-1);
891 value_len = par_end_offset - offset;
894 media_type_str_lower_case = ascii_strdown_inplace(
895 (gchar *)tvb_get_ephemeral_string(tvb, offset, value_len));
897 } else if (HDR_MATCHES(rtsp_content_length))
899 proto_tree_add_uint(rtsp_tree, hf_rtsp_content_length,
900 tvb, offset, linelen,
901 atoi(tvb_format_text(tvb, value_offset,
905 * Only the amount specified by the
906 * Content-Length: header should be treated
909 content_length = rtsp_get_content_length(line, linelen);
911 } else if (HDR_MATCHES(rtsp_Session))
913 /* Put the value into the protocol tree */
914 proto_tree_add_string(rtsp_tree, hf_rtsp_session, tvb,
916 tvb_format_text(tvb, value_offset, value_len));
918 } else if (HDR_MATCHES(rtsp_X_Vig_Msisdn)) {
920 * Extract the X_Vig_Msisdn string
922 if (colon_offset != -1)
924 /* Put the value into the protocol tree */
925 ti = proto_tree_add_string(rtsp_tree, hf_rtsp_X_Vig_Msisdn,tvb,
927 tvb_format_text(tvb, value_offset, value_len));
928 sub_tree = proto_item_add_subtree(ti, ett_rtsp_method);
930 e164_info.e164_number_type = CALLING_PARTY_NUMBER;
931 e164_info.nature_of_address = 0;
933 e164_info.E164_number_str = tvb_get_ephemeral_string(tvb, value_offset,
935 e164_info.E164_number_length = value_len;
936 dissect_e164_number(tvb, sub_tree, value_offset,
937 value_len, e164_info);
939 } else if (HDR_MATCHES(rtsp_rdt_feature_level))
941 rdt_feature_level = atoi(tvb_format_text(tvb, value_offset,
943 proto_tree_add_uint(rtsp_tree, hf_rtsp_rdtfeaturelevel,
944 tvb, offset, linelen,
945 atoi(tvb_format_text(tvb, value_offset,
950 /* Default case for headers. Show line as text */
951 proto_tree_add_text(rtsp_tree, tvb, offset,
952 next_offset - offset, "%s",
953 tvb_format_text(tvb, offset, next_offset - offset));
956 else if (rtsp_type == RTSP_NOT_FIRST_LINE)
958 /* Catch-all for all other lines... Show line as text.
959 TODO: should these be shown as errors? */
960 proto_tree_add_text(rtsp_tree, tvb, offset,
961 next_offset - offset, "%s",
962 tvb_format_text(tvb, offset, next_offset - offset));
965 offset = next_offset;
969 * Have now read all of the lines of this message.
971 * If a content length was supplied, the amount of data to be
972 * processed as RTSP payload is the minimum of the content
973 * length and the amount of data remaining in the frame.
975 * If no content length was supplied (or if a bad content length
976 * was supplied), the amount of data to be processed is the amount
977 * of data remaining in the frame.
979 datalen = tvb_length_remaining(tvb, offset);
980 reported_datalen = tvb_reported_length_remaining(tvb, offset);
981 if (content_length != -1) {
983 * Content length specified; display only that amount
986 if (datalen > content_length)
987 datalen = content_length;
990 * XXX - limit the reported length in the tvbuff we'll
991 * hand to a subdissector to be no greater than the
994 * We really need both unreassembled and "how long it'd
995 * be if it were reassembled" lengths for tvbuffs, so
996 * that we throw the appropriate exceptions for
997 * "not enough data captured" (running past the length),
998 * "packet needed reassembly" (within the length but
999 * running past the unreassembled length), and
1000 * "packet is malformed" (running past the reassembled
1003 if (reported_datalen > content_length)
1004 reported_datalen = content_length;
1007 * No content length specified; if this message doesn't
1008 * have a body if no content length is specified, process
1009 * nothing as payload.
1011 if (body_requires_content_len)
1017 * There's stuff left over; process it.
1022 * Now create a tvbuff for the Content-type stuff and
1025 * The amount of data to be processed that's
1026 * available in the tvbuff is "datalen", which
1027 * is the minimum of the amount of data left in
1028 * the tvbuff and any specified content length.
1030 * The amount of data to be processed that's in
1031 * this frame, regardless of whether it was
1032 * captured or not, is "reported_datalen",
1033 * which, if no content length was specified,
1034 * is -1, i.e. "to the end of the frame.
1036 new_tvb = tvb_new_subset(tvb, offset, datalen,
1039 if (media_type_str_lower_case &&
1040 dissector_try_string(media_type_dissector_table,
1041 media_type_str_lower_case,
1042 new_tvb, pinfo, rtsp_tree)){
1046 * Fix up the top-level item so that it doesn't
1047 * include the SDP stuff.
1050 proto_item_set_len(ti, offset);
1052 if (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR) {
1054 * This is interleaved stuff; don't
1055 * treat it as raw data - set "datalen"
1056 * to 0, so we won't skip the offset
1057 * past it, which will cause our
1058 * caller to process that stuff itself.
1062 proto_tree_add_text(rtsp_tree, tvb, offset,
1063 datalen, "Data (%d bytes)",
1069 * We've processed "datalen" bytes worth of data
1070 * (which may be no data at all); advance the
1071 * offset past whatever data we've processed.
1075 return offset - orig_offset;
1079 process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
1080 size_t linelen, size_t next_line_offset, proto_tree *tree)
1082 proto_tree *sub_tree = NULL;
1083 proto_item *ti = NULL;
1084 const guchar *lineend = data + linelen;
1087 const guchar *url_start;
1090 /* Request Methods */
1091 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
1092 size_t len = strlen(rtsp_methods[ii]);
1093 if (linelen >= len &&
1094 g_ascii_strncasecmp(rtsp_methods[ii], data, len) == 0 &&
1095 (len == linelen || isspace(data[len])))
1098 if (ii == RTSP_NMETHODS) {
1100 * We got here because "is_rtsp_request_or_reply()" returned
1101 * RTSP_REQUEST, so we know one of the request methods
1102 * matched, so we "can't get here".
1104 DISSECTOR_ASSERT_NOT_REACHED();
1107 /* Add a tree for this request */
1108 ti = proto_tree_add_string(tree, hf_rtsp_request, tvb, offset,
1109 (gint) (next_line_offset - offset),
1110 tvb_format_text(tvb, offset, (gint) (next_line_offset - offset)));
1111 sub_tree = proto_item_add_subtree(ti, ett_rtsp_method);
1114 /* Add method name to tree */
1115 proto_tree_add_string(sub_tree, hf_rtsp_method, tvb, offset,
1116 (gint) strlen(rtsp_methods[ii]), rtsp_methods[ii]);
1120 /* Skip method name again */
1121 while (url < lineend && !isspace(*url))
1124 while (url < lineend && isspace(*url))
1126 /* URL starts here */
1128 /* Scan to end of URL */
1129 while (url < lineend && !isspace(*url))
1131 /* Create a URL-sized buffer and copy contents */
1132 tmp_url = ep_alloc(url - url_start + 1);
1133 memcpy(tmp_url, url_start, url - url_start);
1134 tmp_url[url - url_start] = '\0';
1136 /* Add URL to tree */
1137 proto_tree_add_string(sub_tree, hf_rtsp_url, tvb,
1138 offset + (gint) (url_start - data), (gint) (url - url_start), tmp_url);
1141 /* Read first line of a reply message */
1143 process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
1144 size_t linelen, size_t next_line_offset, proto_tree *tree)
1146 proto_tree *sub_tree = NULL;
1147 proto_item *ti = NULL;
1148 const guchar *lineend = data + linelen;
1149 const guchar *status = data;
1150 const guchar *status_start;
1151 unsigned int status_i;
1153 /* Add a tree for this request */
1154 ti = proto_tree_add_string(tree, hf_rtsp_response, tvb, offset,
1155 (gint) (next_line_offset - offset),
1156 tvb_format_text(tvb, offset, (gint) (next_line_offset - offset)));
1157 sub_tree = proto_item_add_subtree(ti, ett_rtsp_method);
1162 /* Skip protocol/version */
1163 while (status < lineend && !isspace(*status))
1166 while (status < lineend && isspace(*status))
1169 /* Actual code number now */
1170 status_start = status;
1172 while (status < lineend && isdigit(*status))
1173 status_i = status_i * 10 + *status++ - '0';
1175 /* Add field to tree */
1176 proto_tree_add_uint(sub_tree, hf_rtsp_status, tvb,
1177 offset + (gint) (status_start - data),
1178 (gint) (status - status_start), status_i);
1182 dissect_rtsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1187 while (tvb_reported_length_remaining(tvb, offset) != 0) {
1188 len = (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR)
1189 ? dissect_rtspinterleaved(tvb, offset, pinfo, tree)
1190 : dissect_rtspmessage(tvb, offset, pinfo, tree);
1196 * OK, we've set the Protocol and Info columns for the
1197 * first RTSP message; make the columns non-writable,
1198 * so that we don't change it for subsequent RTSP messages.
1200 col_set_writable(pinfo->cinfo, FALSE);
1205 proto_register_rtsp(void)
1207 static gint *ett[] = {
1212 static hf_register_info hf[] = {
1214 { "Request", "rtsp.request", FT_STRING, BASE_NONE, NULL, 0,
1216 { &hf_rtsp_response,
1217 { "Response", "rtsp.response", FT_STRING, BASE_NONE, NULL, 0,
1220 { "Method", "rtsp.method", FT_STRING, BASE_NONE, NULL, 0,
1222 { &hf_rtsp_content_type,
1223 { "Content-type", "rtsp.content-type", FT_STRING, BASE_NONE, NULL, 0,
1225 { &hf_rtsp_content_length,
1226 { "Content-length", "rtsp.content-length", FT_UINT32, BASE_DEC, NULL, 0,
1229 { "URL", "rtsp.url", FT_STRING, BASE_NONE, NULL, 0,
1232 { "Status", "rtsp.status", FT_UINT32, BASE_DEC, NULL, 0,
1235 { "Session", "rtsp.session", FT_STRING, BASE_NONE, NULL, 0,
1237 { &hf_rtsp_transport,
1238 { "Transport", "rtsp.transport", FT_STRING, BASE_NONE, NULL, 0,
1240 { &hf_rtsp_rdtfeaturelevel,
1241 { "RDTFeatureLevel", "rtsp.rdt-feature-level", FT_UINT32, BASE_DEC, NULL, 0,
1243 { &hf_rtsp_X_Vig_Msisdn,
1244 { "X-Vig-Msisdn", "X_Vig_Msisdn", FT_STRING, BASE_NONE, NULL, 0,
1249 module_t *rtsp_module;
1251 proto_rtsp = proto_register_protocol("Real Time Streaming Protocol",
1254 proto_register_field_array(proto_rtsp, hf, array_length(hf));
1255 proto_register_subtree_array(ett, array_length(ett));
1257 /* Make this dissector findable by name */
1258 register_dissector("rtsp", dissect_rtsp, proto_rtsp);
1260 /* Register our configuration options, particularly our ports */
1262 rtsp_module = prefs_register_protocol(proto_rtsp, proto_reg_handoff_rtsp);
1263 prefs_register_uint_preference(rtsp_module, "tcp.port",
1265 "Set the TCP port for RTSP messages",
1266 10, &global_rtsp_tcp_port);
1267 prefs_register_uint_preference(rtsp_module, "tcp.alternate_port",
1268 "Alternate RTSP TCP Port",
1269 "Set the alternate TCP port for RTSP messages",
1270 10, &global_rtsp_tcp_alternate_port);
1271 prefs_register_bool_preference(rtsp_module, "desegment_headers",
1272 "Reassemble RTSP headers spanning multiple TCP segments",
1273 "Whether the RTSP dissector should reassemble headers "
1274 "of a request spanning multiple TCP segments. "
1275 " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
1276 &rtsp_desegment_headers);
1277 prefs_register_bool_preference(rtsp_module, "desegment_body",
1278 "Trust the \"Content-length:\" header and\ndesegment RTSP "
1279 "bodies\nspanning multiple TCP segments",
1280 "Whether the RTSP dissector should use the "
1281 "\"Content-length:\" value to desegment the body "
1282 "of a request spanning multiple TCP segments",
1283 &rtsp_desegment_body);
1288 proto_reg_handoff_rtsp(void)
1290 static dissector_handle_t rtsp_handle;
1291 static gboolean rtsp_prefs_initialized = FALSE;
1293 * Variables to allow for proper deletion of dissector registration when
1294 * the user changes port from the gui.
1296 static guint saved_rtsp_tcp_port;
1297 static guint saved_rtsp_tcp_alternate_port;
1299 if (!rtsp_prefs_initialized) {
1300 rtsp_handle = find_dissector("rtsp");
1301 rtp_handle = find_dissector("rtp");
1302 rtcp_handle = find_dissector("rtcp");
1303 rdt_handle = find_dissector("rdt");
1304 media_type_dissector_table = find_dissector_table("media_type");
1305 rtsp_prefs_initialized = TRUE;
1308 dissector_delete("tcp.port", saved_rtsp_tcp_port, rtsp_handle);
1309 dissector_delete("tcp.port", saved_rtsp_tcp_alternate_port, rtsp_handle);
1311 /* Set our port number for future use */
1312 dissector_add("tcp.port", global_rtsp_tcp_port, rtsp_handle);
1313 dissector_add("tcp.port", global_rtsp_tcp_alternate_port, rtsp_handle);
1315 saved_rtsp_tcp_port = global_rtsp_tcp_port;
1316 saved_rtsp_tcp_alternate_port = global_rtsp_tcp_alternate_port;