1 /* Do not modify this file. */
2 /* It is created automatically by the ASN.1 to Wireshark dissector compiler */
4 /* ../../tools/asn2wrs.py -b -p snmp -c ./snmp.cnf -s ./packet-snmp-template -D . -O ../../epan/dissectors snmp.asn */
6 /* Input file: packet-snmp-template.c */
8 #line 1 "../../asn1/snmp/packet-snmp-template.c"
10 * Routines for SNMP (simple network management protocol)
11 * Copyright (C) 1998 Didier Jorand
13 * See RFC 1157 for SNMPv1.
15 * See RFCs 1901, 1905, and 1906 for SNMPv2c.
17 * See RFCs 1905, 1906, 1909, and 1910 for SNMPv2u [historic].
19 * See RFCs 2570-2576 for SNMPv3
20 * Updated to use the asn2wrs compiler made by Tomas Kukosa
21 * Copyright (C) 2005 - 2006 Anders Broman [AT] ericsson.com
23 * See RFC 3414 for User-based Security Model for SNMPv3
24 * See RFC 3826 for (AES) Cipher Algorithm in the SNMP USM
25 * See RFC 2578 for Structure of Management Information Version 2 (SMIv2)
26 * Copyright (C) 2007 Luis E. Garcia Ontanon <luis@ontanon.org>
30 * Wireshark - Network traffic analyzer
31 * By Gerald Combs <gerald@wireshark.org>
32 * Copyright 1998 Gerald Combs
36 * GXSNMP -- An snmp mangament application
37 * Copyright (C) 1998 Gregory McLean & Jochen Friedrich
38 * Beholder RMON ethernet network monitor,Copyright (C) 1993 DNPAP group
40 * This program is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU General Public License
42 * as published by the Free Software Foundation; either version 2
43 * of the License, or (at your option) any later version.
45 * This program is distributed in the hope that it will be useful,
46 * but WITHOUT ANY WARRANTY; without even the implied warranty of
47 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
48 * GNU General Public License for more details.
50 * You should have received a copy of the GNU General Public License
51 * along with this program; if not, write to the Free Software
52 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
55 #define D(args) do {printf args; fflush(stdout); } while(0)
64 #include <epan/packet.h>
65 #include <epan/strutil.h>
66 #include <epan/conversation.h>
67 #include <epan/etypes.h>
68 #include <epan/prefs.h>
69 #include <epan/sminmpec.h>
70 #include <epan/emem.h>
71 #include <epan/next_tvb.h>
73 #include <epan/asn1.h>
74 #include "packet-ipx.h"
75 #include "packet-hpext.h"
78 #include "packet-ber.h"
80 #include "packet-snmp.h"
82 #include <epan/crypt/sha1.h>
83 #include <epan/crypt/md5.h>
84 #include <epan/expert.h>
85 #include <epan/report_err.h>
86 #include <epan/oids.h>
93 /* Take a pointer that may be null and return a pointer that's not null
94 by turning null pointers into pointers to the above null string,
95 and, if the argument pointer wasn't null, make sure we handle
96 non-printable characters in the string by escaping them. */
97 #define SAFE_STRING(s, l) (((s) != NULL) ? format_text((s), (l)) : "")
99 #define PNAME "Simple Network Management Protocol"
100 #define PSNAME "SNMP"
101 #define PFNAME "snmp"
103 #define UDP_PORT_SNMP 161
104 #define UDP_PORT_SNMP_TRAP 162
105 #define TCP_PORT_SNMP 161
106 #define TCP_PORT_SNMP_TRAP 162
107 #define TCP_PORT_SMUX 199
108 #define UDP_PORT_SNMP_PATROL 8161
110 /* Initialize the protocol and registered fields */
111 static int proto_snmp = -1;
112 static int proto_smux = -1;
114 static gboolean display_oid = TRUE;
115 static gboolean snmp_var_in_tree = TRUE;
117 static gboolean snmp_usm_auth_md5(snmp_usm_params_t* p, guint8**, guint*, gchar const**);
118 static gboolean snmp_usm_auth_sha1(snmp_usm_params_t* p, guint8**, guint*, gchar const**);
120 static tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t*, tvbuff_t*, gchar const**);
121 static tvbuff_t* snmp_usm_priv_aes(snmp_usm_params_t*, tvbuff_t*, gchar const**);
124 static void snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen, const guint8 *engineID, guint engineLength, guint8 *key);
125 static void snmp_usm_password_to_key_sha1(const guint8 *password, guint passwordlen, const guint8 *engineID, guint engineLength, guint8 *key);
128 static snmp_usm_auth_model_t model_md5 = {snmp_usm_password_to_key_md5, snmp_usm_auth_md5, 16};
129 static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, 20};
131 static const value_string auth_types[] = {
136 static snmp_usm_auth_model_t* auth_models[] = {&model_md5,&model_sha1};
139 static const value_string priv_types[] = {
144 static snmp_usm_decoder_t priv_protos[] = {snmp_usm_priv_des, snmp_usm_priv_aes};
146 static snmp_ue_assoc_t* ueas = NULL;
147 static guint num_ueas = 0;
148 static snmp_ue_assoc_t* localized_ues = NULL;
149 static snmp_ue_assoc_t* unlocalized_ues = NULL;
152 /* Variabled used for handling enterprise spesific trap types */
153 typedef struct _snmp_st_assoc_t {
158 static guint num_specific_traps = 0;
159 static snmp_st_assoc_t *specific_traps = NULL;
160 static const char *enterprise_oid = NULL;
161 static guint generic_trap = 0;
164 static snmp_usm_params_t usm_p = {FALSE,FALSE,0,0,0,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,FALSE};
167 #define TH_CRYPT 0x02
168 #define TH_REPORT 0x04
170 /* desegmentation of SNMP-over-TCP */
171 static gboolean snmp_desegment = TRUE;
173 /* Global variables */
175 guint32 MsgSecurityModel;
176 tvbuff_t *oid_tvb=NULL;
177 tvbuff_t *value_tvb=NULL;
179 static dissector_handle_t snmp_handle;
180 static dissector_handle_t data_handle;
182 static next_tvb_list_t var_list;
184 static int hf_snmp_v3_flags_auth = -1;
185 static int hf_snmp_v3_flags_crypt = -1;
186 static int hf_snmp_v3_flags_report = -1;
188 static int hf_snmp_engineid_conform = -1;
189 static int hf_snmp_engineid_enterprise = -1;
190 static int hf_snmp_engineid_format = -1;
191 static int hf_snmp_engineid_ipv4 = -1;
192 static int hf_snmp_engineid_ipv6 = -1;
193 static int hf_snmp_engineid_cisco_type = -1;
194 static int hf_snmp_engineid_mac = -1;
195 static int hf_snmp_engineid_text = -1;
196 static int hf_snmp_engineid_time = -1;
197 static int hf_snmp_engineid_data = -1;
198 static int hf_snmp_decryptedPDU = -1;
199 static int hf_snmp_msgAuthentication = -1;
201 static int hf_snmp_noSuchObject = -1;
202 static int hf_snmp_noSuchInstance = -1;
203 static int hf_snmp_endOfMibView = -1;
204 static int hf_snmp_unSpecified = -1;
206 static int hf_snmp_integer32_value = -1;
207 static int hf_snmp_octetstring_value = -1;
208 static int hf_snmp_oid_value = -1;
209 static int hf_snmp_null_value = -1;
210 static int hf_snmp_ipv4_value = -1;
211 static int hf_snmp_ipv6_value = -1;
212 static int hf_snmp_anyaddress_value = -1;
213 static int hf_snmp_unsigned32_value = -1;
214 static int hf_snmp_unknown_value = -1;
215 static int hf_snmp_opaque_value = -1;
216 static int hf_snmp_nsap_value = -1;
217 static int hf_snmp_counter_value = -1;
218 static int hf_snmp_timeticks_value = -1;
219 static int hf_snmp_big_counter_value = -1;
220 static int hf_snmp_gauge32_value = -1;
222 static int hf_snmp_objectname = -1;
223 static int hf_snmp_scalar_instance_index = -1;
227 /*--- Included file: packet-snmp-hf.c ---*/
228 #line 1 "../../asn1/snmp/packet-snmp-hf.c"
229 static int hf_snmp_SMUX_PDUs_PDU = -1; /* SMUX_PDUs */
230 static int hf_snmp_version = -1; /* Version */
231 static int hf_snmp_community = -1; /* Community */
232 static int hf_snmp_data = -1; /* PDUs */
233 static int hf_snmp_parameters = -1; /* OCTET_STRING */
234 static int hf_snmp_datav2u = -1; /* T_datav2u */
235 static int hf_snmp_v2u_plaintext = -1; /* PDUs */
236 static int hf_snmp_encrypted = -1; /* OCTET_STRING */
237 static int hf_snmp_msgAuthoritativeEngineID = -1; /* T_msgAuthoritativeEngineID */
238 static int hf_snmp_msgAuthoritativeEngineBoots = -1; /* T_msgAuthoritativeEngineBoots */
239 static int hf_snmp_msgAuthoritativeEngineTime = -1; /* T_msgAuthoritativeEngineTime */
240 static int hf_snmp_msgUserName = -1; /* T_msgUserName */
241 static int hf_snmp_msgAuthenticationParameters = -1; /* T_msgAuthenticationParameters */
242 static int hf_snmp_msgPrivacyParameters = -1; /* T_msgPrivacyParameters */
243 static int hf_snmp_msgVersion = -1; /* Version */
244 static int hf_snmp_msgGlobalData = -1; /* HeaderData */
245 static int hf_snmp_msgSecurityParameters = -1; /* T_msgSecurityParameters */
246 static int hf_snmp_msgData = -1; /* ScopedPduData */
247 static int hf_snmp_msgID = -1; /* INTEGER_0_2147483647 */
248 static int hf_snmp_msgMaxSize = -1; /* INTEGER_484_2147483647 */
249 static int hf_snmp_msgFlags = -1; /* T_msgFlags */
250 static int hf_snmp_msgSecurityModel = -1; /* T_msgSecurityModel */
251 static int hf_snmp_plaintext = -1; /* ScopedPDU */
252 static int hf_snmp_encryptedPDU = -1; /* T_encryptedPDU */
253 static int hf_snmp_contextEngineID = -1; /* SnmpEngineID */
254 static int hf_snmp_contextName = -1; /* OCTET_STRING */
255 static int hf_snmp_get_request = -1; /* GetRequest_PDU */
256 static int hf_snmp_get_next_request = -1; /* GetNextRequest_PDU */
257 static int hf_snmp_get_response = -1; /* GetResponse_PDU */
258 static int hf_snmp_set_request = -1; /* SetRequest_PDU */
259 static int hf_snmp_trap = -1; /* Trap_PDU */
260 static int hf_snmp_getBulkRequest = -1; /* GetBulkRequest_PDU */
261 static int hf_snmp_informRequest = -1; /* InformRequest_PDU */
262 static int hf_snmp_snmpV2_trap = -1; /* SNMPv2_Trap_PDU */
263 static int hf_snmp_report = -1; /* Report_PDU */
264 static int hf_snmp_request_id = -1; /* INTEGER */
265 static int hf_snmp_error_status = -1; /* T_error_status */
266 static int hf_snmp_error_index = -1; /* INTEGER */
267 static int hf_snmp_variable_bindings = -1; /* VarBindList */
268 static int hf_snmp_bulkPDU_request_id = -1; /* Integer32 */
269 static int hf_snmp_non_repeaters = -1; /* INTEGER_0_2147483647 */
270 static int hf_snmp_max_repetitions = -1; /* INTEGER_0_2147483647 */
271 static int hf_snmp_enterprise = -1; /* EnterpriseOID */
272 static int hf_snmp_agent_addr = -1; /* NetworkAddress */
273 static int hf_snmp_generic_trap = -1; /* GenericTrap */
274 static int hf_snmp_specific_trap = -1; /* SpecificTrap */
275 static int hf_snmp_time_stamp = -1; /* TimeTicks */
276 static int hf_snmp_name = -1; /* ObjectName */
277 static int hf_snmp_valueType = -1; /* NULL */
278 static int hf_snmp_VarBindList_item = -1; /* VarBind */
279 static int hf_snmp_open = -1; /* OpenPDU */
280 static int hf_snmp_close = -1; /* ClosePDU */
281 static int hf_snmp_registerRequest = -1; /* RReqPDU */
282 static int hf_snmp_registerResponse = -1; /* RegisterResponse */
283 static int hf_snmp_commitOrRollback = -1; /* SOutPDU */
284 static int hf_snmp_rRspPDU = -1; /* RRspPDU */
285 static int hf_snmp_pDUs = -1; /* PDUs */
286 static int hf_snmp_smux_simple = -1; /* SimpleOpen */
287 static int hf_snmp_smux_version = -1; /* T_smux_version */
288 static int hf_snmp_identity = -1; /* OBJECT_IDENTIFIER */
289 static int hf_snmp_description = -1; /* DisplayString */
290 static int hf_snmp_password = -1; /* OCTET_STRING */
291 static int hf_snmp_subtree = -1; /* ObjectName */
292 static int hf_snmp_priority = -1; /* INTEGER_M1_2147483647 */
293 static int hf_snmp_operation = -1; /* T_operation */
295 /*--- End of included file: packet-snmp-hf.c ---*/
296 #line 219 "../../asn1/snmp/packet-snmp-template.c"
298 static int hf_smux_version = -1;
299 static int hf_smux_pdutype = -1;
301 /* Initialize the subtree pointers */
302 static gint ett_smux = -1;
303 static gint ett_snmp = -1;
304 static gint ett_engineid = -1;
305 static gint ett_msgFlags = -1;
306 static gint ett_encryptedPDU = -1;
307 static gint ett_decrypted = -1;
308 static gint ett_authParameters = -1;
309 static gint ett_internet = -1;
310 static gint ett_varbind = -1;
311 static gint ett_name = -1;
312 static gint ett_value = -1;
313 static gint ett_decoding_error = -1;
316 /*--- Included file: packet-snmp-ett.c ---*/
317 #line 1 "../../asn1/snmp/packet-snmp-ett.c"
318 static gint ett_snmp_Message = -1;
319 static gint ett_snmp_Messagev2u = -1;
320 static gint ett_snmp_T_datav2u = -1;
321 static gint ett_snmp_UsmSecurityParameters = -1;
322 static gint ett_snmp_SNMPv3Message = -1;
323 static gint ett_snmp_HeaderData = -1;
324 static gint ett_snmp_ScopedPduData = -1;
325 static gint ett_snmp_ScopedPDU = -1;
326 static gint ett_snmp_PDUs = -1;
327 static gint ett_snmp_PDU = -1;
328 static gint ett_snmp_BulkPDU = -1;
329 static gint ett_snmp_Trap_PDU_U = -1;
330 static gint ett_snmp_VarBind = -1;
331 static gint ett_snmp_VarBindList = -1;
332 static gint ett_snmp_SMUX_PDUs = -1;
333 static gint ett_snmp_RegisterResponse = -1;
334 static gint ett_snmp_OpenPDU = -1;
335 static gint ett_snmp_SimpleOpen_U = -1;
336 static gint ett_snmp_RReqPDU_U = -1;
338 /*--- End of included file: packet-snmp-ett.c ---*/
339 #line 238 "../../asn1/snmp/packet-snmp-template.c"
341 static const true_false_string auth_flags = {
346 /* Security Models */
348 #define SNMP_SEC_ANY 0
349 #define SNMP_SEC_V1 1
350 #define SNMP_SEC_V2C 2
351 #define SNMP_SEC_USM 3
353 static const value_string sec_models[] = {
354 { SNMP_SEC_ANY, "Any" },
355 { SNMP_SEC_V1, "V1" },
356 { SNMP_SEC_V2C, "V2C" },
357 { SNMP_SEC_USM, "USM" },
362 #define SMUX_MSG_OPEN 0
363 #define SMUX_MSG_CLOSE 1
364 #define SMUX_MSG_RREQ 2
365 #define SMUX_MSG_RRSP 3
366 #define SMUX_MSG_SOUT 4
368 static const value_string smux_types[] = {
369 { SMUX_MSG_OPEN, "Open" },
370 { SMUX_MSG_CLOSE, "Close" },
371 { SMUX_MSG_RREQ, "Registration Request" },
372 { SMUX_MSG_RRSP, "Registration Response" },
373 { SMUX_MSG_SOUT, "Commit Or Rollback" },
378 #define SNMP_IPA 0 /* IP Address */
379 #define SNMP_CNT 1 /* Counter (Counter32) */
380 #define SNMP_GGE 2 /* Gauge (Gauge32) */
381 #define SNMP_TIT 3 /* TimeTicks */
382 #define SNMP_OPQ 4 /* Opaque */
383 #define SNMP_NSP 5 /* NsapAddress */
384 #define SNMP_C64 6 /* Counter64 */
385 #define SNMP_U32 7 /* Uinteger32 */
392 dissector_table_t value_sub_dissectors_table;
396 snmp_lookup_specific_trap (guint specific_trap)
400 for (i = 0; i < num_specific_traps; i++) {
401 snmp_st_assoc_t *u = &(specific_traps[i]);
403 if ((u->trap == specific_trap) &&
404 (strcmp (u->enterprise, enterprise_oid) == 0))
414 * dissect_snmp_VarBind
415 * this routine dissects variable bindings, looking for the oid information in our oid reporsitory
416 * to format and add the value adequatelly.
418 * The choice to handwrite this code instead of using the asn compiler is to avoid having tons
419 * of uses of global variables distributed in very different parts of the code.
420 * Other than that there's a cosmetic thing: the tree from ASN generated code would be so
421 * convoluted due to the nesting of CHOICEs in the definition of VarBind/value.
423 * XXX: the length of this function (~400 lines) is an aberration!
424 * oid_key_t:key_type could become a series of callbacks instead of an enum
425 * the (! oid_info_is_ok) switch could be made into an array (would be slower)
428 NetworkAddress ::= CHOICE { internet IpAddress }
429 IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4))
430 TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295)
431 Integer32 ::= INTEGER (-2147483648..2147483647)
432 ObjectName ::= OBJECT IDENTIFIER
433 Counter32 ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295)
434 Gauge32 ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295)
435 Unsigned32 ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295)
436 Integer-value ::= INTEGER (-2147483648..2147483647)
437 Integer32 ::= INTEGER (-2147483648..2147483647)
438 ObjectID-value ::= OBJECT IDENTIFIER
440 TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295)
441 Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING
442 Counter64 ::= [APPLICATION 6] IMPLICIT INTEGER (0..18446744073709551615)
444 ObjectSyntax ::= CHOICE {
446 application-wide ApplicationSyntax
449 SimpleSyntax ::= CHOICE {
450 integer-value Integer-value,
451 string-value String-value,
452 objectID-value ObjectID-value,
456 ApplicationSyntax ::= CHOICE {
457 ipAddress-value IpAddress,
458 counter-value Counter32,
459 timeticks-value TimeTicks,
460 arbitrary-value Opaque,
461 big-counter-value Counter64,
462 unsigned-integer-value Unsigned32
465 ValueType ::= CHOICE {
468 noSuchObject[0] IMPLICIT NULL,
469 noSuchInstance[1] IMPLICIT NULL,
470 endOfMibView[2] IMPLICIT NULL
473 VarBind ::= SEQUENCE {
481 dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset,
482 asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_)
484 int seq_offset, name_offset, value_offset, value_start;
485 guint32 seq_len, name_len, value_len;
492 oid_info_t* oid_info = NULL;
493 guint oid_matched, oid_left;
494 proto_item *pi_name, *pi_varbind, *pi_value = NULL;
495 proto_tree *pt, *pt_varbind, *pt_name, *pt_value;
496 char label[ITEM_LABEL_LENGTH];
497 const char* repr = NULL;
498 const char* info_oid = NULL;
501 int min_len = 0, max_len = 0;
502 gboolean oid_info_is_ok;
503 const char* oid_string = NULL;
504 enum {BER_NO_ERROR, BER_WRONG_LENGTH, BER_WRONG_TAG} format_error = BER_NO_ERROR;
508 /* first have the VarBind's sequence header */
509 offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
510 offset = get_ber_length(tvb, offset, &seq_len, &ind);
512 seq_len += offset - seq_offset;
514 if (!pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_SEQUENCE) {
515 proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"VarBind must be an universal class sequence");
516 pt = proto_item_add_subtree(pi,ett_decoding_error);
517 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence");
518 return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
522 proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in VarBind");
523 pt = proto_item_add_subtree(pi,ett_decoding_error);
524 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind has indicator set");
525 return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
528 /* then we have the ObjectName's header */
530 offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
531 name_offset = offset = get_ber_length(tvb, offset, &name_len, &ind);
533 if (! ( !pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_OID) ) {
534 proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"ObjectName must be an OID in primitive encoding");
535 pt = proto_item_add_subtree(pi,ett_decoding_error);
536 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName not an OID");
537 return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
541 proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in ObjectName");
542 pt = proto_item_add_subtree(pi,ett_decoding_error);
543 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName has indicator set");
544 return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
548 value_start = offset;
550 /* then we have the value's header */
551 offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
552 value_offset = get_ber_length(tvb, offset, &value_len, &ind);
555 proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"the value must be in primitive encoding");
556 pt = proto_item_add_subtree(pi,ett_decoding_error);
557 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "value not in primitive encoding");
558 return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
561 /* Now, we know where everithing is */
565 /* we add the varbind tree root with a dummy label we'll fill later on */
566 pi_varbind = proto_tree_add_text(tree,tvb,seq_offset,seq_len,"VarBind");
567 pt_varbind = proto_item_add_subtree(pi_varbind,ett_varbind);
570 pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA);
571 pt_name = proto_item_add_subtree(pi_name,ett_name);
573 /* fetch ObjectName and its relative oid_info */
574 oid_bytes = (guint8*)ep_tvb_memdup(tvb, name_offset, name_len);
575 oid_info = oid_get_from_encoded(oid_bytes, name_len, &subids, &oid_matched, &oid_left);
577 add_oid_debug_subtree(oid_info,pt_name);
582 repr = oid_encoded2string(oid_bytes, name_len);
583 pi = proto_tree_add_text(pt_name,tvb, 0, 0, "invalid oid: %s", repr);
584 pt = proto_item_add_subtree(pi, ett_decoding_error);
585 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "invalid oid: %s", repr);
586 return dissect_unknown_ber(actx->pinfo, tvb, name_offset, pt);
589 if (oid_matched+oid_left) {
590 oid_string = oid_subid2string(subids,oid_matched+oid_left);
593 if (ber_class == BER_CLASS_CON) {
594 /* if we have an error value just add it and get out the way ASAP */
598 if (value_len != 0) {
599 min_len = max_len = 0;
600 format_error = BER_WRONG_LENGTH;
605 hfid = hf_snmp_noSuchObject;
606 note = "noSuchObject";
609 hfid = hf_snmp_noSuchInstance;
610 note = "noSuchInstance";
613 hfid = hf_snmp_endOfMibView;
614 note = "endOfMibView";
617 pi = proto_tree_add_text(pt_varbind,tvb,0,0,"Wrong tag for Error Value: expected 0, 1, or 2 but got: %d",tag);
618 pt = proto_item_add_subtree(pi,ett_decoding_error);
619 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value");
620 return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
624 pi = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
625 expert_add_info_format(actx->pinfo, pi, PI_RESPONSE_CODE, PI_NOTE, "%s",note);
626 g_strlcpy (label, note, ITEM_LABEL_LENGTH);
630 /* now we'll try to figure out which are the indexing sub-oids and whether the oid we know about is the one oid we have to use */
631 switch (oid_info->kind) {
632 case OID_KIND_SCALAR:
634 /* OK: we got the instance sub-id */
635 proto_tree_add_uint64(pt_name,hf_snmp_scalar_instance_index,tvb,name_offset,name_len,subids[oid_matched]);
636 oid_info_is_ok = TRUE;
638 } else if (oid_left == 0) {
639 if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) {
640 /* unSpecified does not require an instance sub-id add the new value and get off the way! */
641 pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,ENC_NA);
644 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have one instance sub-id this one has none");
645 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value");
646 oid_info_is_ok = FALSE;
650 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left);
651 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value");
652 oid_info_is_ok = FALSE;
656 case OID_KIND_COLUMN:
657 if ( oid_info->parent->kind == OID_KIND_ROW) {
658 oid_key_t* k = oid_info->parent->key;
659 guint key_start = oid_matched;
660 guint key_len = oid_left;
661 oid_info_is_ok = TRUE;
663 if ( key_len == 0 && ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) {
664 /* unSpecified does not require an instance sub-id add the new value and get off the way! */
665 pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,ENC_NA);
670 for (;k;k = k->next) {
673 if (key_start >= oid_matched+oid_left) {
674 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid shorter than expected");
675 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected");
676 oid_info_is_ok = FALSE;
680 switch(k->key_type) {
681 case OID_KEY_TYPE_WRONG: {
682 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"OID instaces not handled, if you want this implemented please contact the wireshark developers");
683 expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index");
684 oid_info_is_ok = FALSE;
687 case OID_KEY_TYPE_INTEGER: {
688 if (IS_FT_INT(k->ft_type)) {
689 proto_tree_add_int(pt_name,k->hfid,tvb,name_offset,name_len,(guint)subids[key_start]);
690 } else { /* if it's not an unsigned int let proto_tree_add_uint throw a warning */
691 proto_tree_add_uint64(pt_name,k->hfid,tvb,name_offset,name_len,(guint)subids[key_start]);
695 continue; /* k->next */
697 case OID_KEY_TYPE_IMPLIED_OID:
698 suboid_len = key_len;
702 case OID_KEY_TYPE_OID: {
704 guint suboid_buf_len;
707 suboid_len = subids[key_start++];
711 suboid = &(subids[key_start]);
713 if( suboid_len == 0 ) {
714 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"an index sub-oid OID cannot be 0 bytes long!");
715 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid OID with len=0");
716 oid_info_is_ok = FALSE;
720 if( key_len < suboid_len ) {
721 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid should not be longer than remaining oid size");
722 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid longer than remaining oid size");
723 oid_info_is_ok = FALSE;
727 suboid_buf_len = oid_subid2encoded(suboid_len, suboid, &suboid_buf);
729 DISSECTOR_ASSERT(suboid_buf_len);
731 proto_tree_add_oid(pt_name,k->hfid,tvb,name_offset, suboid_buf_len, suboid_buf);
733 key_start += suboid_len;
734 key_len -= suboid_len + 1;
735 continue; /* k->next */
744 switch (k->key_type) {
745 case OID_KEY_TYPE_IPADDR:
746 suboid = &(subids[key_start]);
749 case OID_KEY_TYPE_IMPLIED_STRING:
750 case OID_KEY_TYPE_IMPLIED_BYTES:
751 case OID_KEY_TYPE_ETHER:
752 suboid = &(subids[key_start]);
756 buf_len = k->num_subids;
757 suboid = &(subids[key_start]);
767 if( key_len < buf_len ) {
768 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index string should not be longer than remaining oid size");
769 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index string longer than remaining oid size");
770 oid_info_is_ok = FALSE;
774 buf = (guint8*)ep_alloc(buf_len+1);
775 for (i = 0; i < buf_len; i++)
776 buf[i] = (guint8)suboid[i];
779 switch(k->key_type) {
780 case OID_KEY_TYPE_STRING:
781 case OID_KEY_TYPE_IMPLIED_STRING:
782 proto_tree_add_string(pt_name,k->hfid,tvb,name_offset,buf_len, buf);
784 case OID_KEY_TYPE_BYTES:
785 case OID_KEY_TYPE_NSAP:
786 case OID_KEY_TYPE_IMPLIED_BYTES:
787 proto_tree_add_bytes(pt_name,k->hfid,tvb,name_offset,buf_len, buf);
789 case OID_KEY_TYPE_ETHER:
790 proto_tree_add_ether(pt_name,k->hfid,tvb,name_offset,buf_len, buf);
792 case OID_KEY_TYPE_IPADDR: {
793 guint32* ipv4_p = (void*)buf;
794 proto_tree_add_ipv4(pt_name,k->hfid,tvb,name_offset,buf_len, *ipv4_p);
798 DISSECTOR_ASSERT_NOT_REACHED();
802 key_start += buf_len;
804 continue; /* k->next*/
810 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"We do not know how to handle this OID, if you want this implemented please contact the wireshark developers");
811 expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index");
812 oid_info_is_ok = FALSE;
816 proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"The COLUMS's parent is not a ROW. This is a BUG! please contact the wireshark developers.");
817 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW");
818 oid_info_is_ok = FALSE;
822 /* proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"This kind OID should have no value");
823 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "This kind OID should have no value"); */
824 oid_info_is_ok = FALSE;
830 if (oid_info_is_ok && oid_info->value_type) {
831 if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) {
832 pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,ENC_NA);
834 /* Provide a tree_item to attach errors to, if needed. */
837 if ((oid_info->value_type->ber_class != BER_CLASS_ANY) &&
838 (ber_class != oid_info->value_type->ber_class))
839 format_error = BER_WRONG_TAG;
840 else if ((oid_info->value_type->ber_tag != BER_TAG_ANY) &&
841 (tag != oid_info->value_type->ber_tag))
842 format_error = BER_WRONG_TAG;
844 max_len = oid_info->value_type->max_len == -1 ? 0xffffff : oid_info->value_type->max_len;
845 min_len = oid_info->value_type->min_len;
847 if ((int)value_len < min_len || (int)value_len > max_len)
848 format_error = BER_WRONG_LENGTH;
851 if (format_error == BER_NO_ERROR)
852 pi_value = proto_tree_add_item(pt_varbind,oid_info->value_hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
855 switch(ber_class|(tag<<4)) {
856 case BER_CLASS_UNI|(BER_UNI_TAG_INTEGER<<4):
859 unsigned int int_val_offset = value_offset;
862 max_len = 4; min_len = 1;
863 if (value_len > (guint)max_len || value_len < (guint)min_len) {
864 hfid = hf_snmp_integer32_value;
865 format_error = BER_WRONG_LENGTH;
870 /* extend sign bit */
871 if(tvb_get_guint8(tvb, int_val_offset)&0x80) {
874 for(i=0;i<value_len;i++) {
875 val=(val<<8)|tvb_get_guint8(tvb, int_val_offset);
879 proto_tree_add_int64(pt_varbind, hf_snmp_integer32_value, tvb,value_offset,value_len, val);
883 case BER_CLASS_UNI|(BER_UNI_TAG_OCTETSTRING<<4):
884 hfid = hf_snmp_octetstring_value;
886 case BER_CLASS_UNI|(BER_UNI_TAG_OID<<4):
887 max_len = -1; min_len = 1;
888 if (value_len < (guint)min_len) format_error = BER_WRONG_LENGTH;
889 hfid = hf_snmp_oid_value;
891 case BER_CLASS_UNI|(BER_UNI_TAG_NULL<<4):
892 max_len = 0; min_len = 0;
893 if (value_len != 0) format_error = BER_WRONG_LENGTH;
894 hfid = hf_snmp_null_value;
896 case BER_CLASS_APP: /* | (SNMP_IPA<<4)*/
898 case 4: hfid = hf_snmp_ipv4_value; break;
899 case 16: hfid = hf_snmp_ipv6_value; break;
900 default: hfid = hf_snmp_anyaddress_value; break;
903 case BER_CLASS_APP|(SNMP_U32<<4):
904 hfid = hf_snmp_unsigned32_value;
906 case BER_CLASS_APP|(SNMP_GGE<<4):
907 hfid = hf_snmp_gauge32_value;
909 case BER_CLASS_APP|(SNMP_CNT<<4):
910 hfid = hf_snmp_counter_value;
912 case BER_CLASS_APP|(SNMP_TIT<<4):
913 hfid = hf_snmp_timeticks_value;
915 case BER_CLASS_APP|(SNMP_OPQ<<4):
916 hfid = hf_snmp_opaque_value;
918 case BER_CLASS_APP|(SNMP_NSP<<4):
919 hfid = hf_snmp_nsap_value;
921 case BER_CLASS_APP|(SNMP_C64<<4):
922 hfid = hf_snmp_big_counter_value;
925 hfid = hf_snmp_unknown_value;
930 * Too long for an FT_UINT64 or an FT_INT64.
932 header_field_info *hfinfo = proto_registrar_get_nth(hfid);
933 if (hfinfo->type == FT_UINT64) {
935 * Check if this is an unsigned int64 with
938 if (value_len > 9 || tvb_get_guint8(tvb, value_offset) != 0) {
940 pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value too large");
941 expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1");
944 /* Cheat and skip the leading 0 byte */
947 } else if (hfinfo->type == FT_INT64) {
949 * For now, just reject these.
951 pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value too large or too small");
952 expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63");
955 } else if (value_len == 0) {
957 * X.690 section 8.3.1 "Encoding of an integer value":
958 * "The encoding of an integer value shall be
959 * primitive. The contents octets shall consist of
960 * one or more octets."
962 * Zero is not "one or more".
964 header_field_info *hfinfo = proto_registrar_get_nth(hfid);
965 if (hfinfo->type == FT_UINT64 || hfinfo->type == FT_INT64) {
966 pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value is zero-length");
967 expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Integral value is zero-length");
971 pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
972 if (format_error != BER_NO_ERROR) {
973 expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB");
977 oid_info_is_ok = FALSE;
980 pt_value = proto_item_add_subtree(pi_value,ett_value);
982 if (value_len > 0 && oid_string) {
983 tvbuff_t* sub_tvb = tvb_new_subset(tvb, value_offset, value_len, value_len);
985 next_tvb_add_string(&var_list, sub_tvb, (snmp_var_in_tree) ? pt_value : NULL, value_sub_dissectors_table, oid_string);
990 if (pi_value) proto_item_fill_label(PITEM_FINFO(pi_value), label);
992 if (oid_info && oid_info->name) {
994 repr = ep_strdup_printf("%s.%s (%s)", oid_info->name,
995 oid_subid2string(&(subids[oid_matched]),oid_left),
996 oid_subid2string(subids,oid_matched+oid_left));
997 info_oid = ep_strdup_printf("%s.%s", oid_info->name,
998 oid_subid2string(&(subids[oid_matched]),oid_left));
1000 repr = ep_strdup_printf("%s (%s)", oid_info->name,
1001 oid_subid2string(subids,oid_matched));
1002 info_oid = oid_info->name;
1004 } else if (oid_string) {
1005 repr = ep_strdup(oid_string);
1006 info_oid = oid_string;
1008 repr = ep_strdup("[Bad OID]");
1011 valstr = strstr(label,": ");
1012 valstr = valstr ? valstr+2 : label;
1014 proto_item_set_text(pi_varbind,"%s: %s",repr,valstr);
1016 if (display_oid && info_oid) {
1017 col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid);
1020 switch (format_error) {
1021 case BER_WRONG_LENGTH: {
1022 proto_tree* p_tree = proto_item_add_subtree(pi_value,ett_decoding_error);
1023 proto_item* pi = proto_tree_add_text(p_tree,tvb,0,0,"Wrong value length: %u expecting: %u <= len <= %u",
1024 value_len, min_len, max_len == -1 ? 0xFFFFFF : max_len);
1025 pt = proto_item_add_subtree(pi,ett_decoding_error);
1026 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value");
1027 return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
1029 case BER_WRONG_TAG: {
1030 proto_tree* p_tree = proto_item_add_subtree(pi_value,ett_decoding_error);
1031 proto_item* pi = proto_tree_add_text(p_tree,tvb,0,0,"Wrong class/tag for Value expected: %d,%d got: %d,%d",
1032 oid_info->value_type->ber_class, oid_info->value_type->ber_tag,
1034 pt = proto_item_add_subtree(pi,ett_decoding_error);
1035 expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value");
1036 return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
1042 return seq_offset + seq_len;
1046 #define F_SNMP_ENGINEID_CONFORM 0x80
1047 #define SNMP_ENGINEID_RFC1910 0x00
1048 #define SNMP_ENGINEID_RFC3411 0x01
1050 static const true_false_string tfs_snmp_engineid_conform = {
1052 "RFC1910 (Non-SNMPv3)"
1055 #define SNMP_ENGINEID_FORMAT_IPV4 0x01
1056 #define SNMP_ENGINEID_FORMAT_IPV6 0x02
1057 #define SNMP_ENGINEID_FORMAT_MACADDRESS 0x03
1058 #define SNMP_ENGINEID_FORMAT_TEXT 0x04
1059 #define SNMP_ENGINEID_FORMAT_OCTETS 0x05
1061 static const value_string snmp_engineid_format_vals[] = {
1062 { SNMP_ENGINEID_FORMAT_IPV4, "IPv4 address" },
1063 { SNMP_ENGINEID_FORMAT_IPV6, "IPv6 address" },
1064 { SNMP_ENGINEID_FORMAT_MACADDRESS, "MAC address" },
1065 { SNMP_ENGINEID_FORMAT_TEXT, "Text, administratively assigned" },
1066 { SNMP_ENGINEID_FORMAT_OCTETS, "Octets, administratively assigned" },
1070 #define SNMP_ENGINEID_CISCO_AGENT 0x00
1071 #define SNMP_ENGINEID_CISCO_MANAGER 0x01
1073 static const value_string snmp_engineid_cisco_type_vals[] = {
1074 { SNMP_ENGINEID_CISCO_AGENT, "Agent" },
1075 { SNMP_ENGINEID_CISCO_MANAGER, "Manager" },
1080 * SNMP Engine ID dissection according to RFC 3411 (SnmpEngineID TC)
1081 * or historic RFC 1910 (AgentID)
1084 dissect_snmp_engineid(proto_tree *tree, tvbuff_t *tvb, int offset, int len)
1086 proto_item *item = NULL;
1087 guint8 conformance, format;
1088 guint32 enterpriseid, seconds;
1090 int len_remain = len;
1092 /* first bit: engine id conformance */
1093 if (len_remain<1) return offset;
1094 conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01);
1095 proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN);
1097 /* 4-byte enterprise number/name */
1098 if (len_remain<4) return offset;
1099 enterpriseid = tvb_get_ntohl(tvb, offset);
1101 enterpriseid -= 0x80000000; /* ignore first bit */
1102 proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid);
1106 switch(conformance) {
1108 case SNMP_ENGINEID_RFC1910:
1109 /* 12-byte AgentID w/ 8-byte trailer */
1110 if (len_remain==8) {
1111 proto_tree_add_text(tree, tvb, offset, 8, "AgentID Trailer: 0x%s",
1112 tvb_bytes_to_str(tvb, offset, 8));
1116 proto_tree_add_text(tree, tvb, offset, len_remain, "<Data not conforming to RFC1910>");
1121 case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */
1123 /* 1-byte format specifier */
1124 if (len_remain<1) return offset;
1125 format = tvb_get_guint8(tvb, offset);
1126 item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)",
1127 val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format);
1132 case SNMP_ENGINEID_FORMAT_IPV4:
1133 /* 4-byte IPv4 address */
1134 if (len_remain==4) {
1135 proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
1140 case SNMP_ENGINEID_FORMAT_IPV6:
1141 /* 16-byte IPv6 address */
1142 if (len_remain==16) {
1143 proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA);
1148 case SNMP_ENGINEID_FORMAT_MACADDRESS:
1149 /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */
1150 if ((enterpriseid==9)&&(len_remain==7)) {
1151 proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN);
1155 /* 6-byte MAC address */
1156 if (len_remain==6) {
1157 proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA);
1162 case SNMP_ENGINEID_FORMAT_TEXT:
1163 /* max. 27-byte string, administratively assigned */
1164 if (len_remain<=27) {
1165 proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA);
1171 /* most common enterprise-specific format: (ucd|net)-snmp random */
1172 if ((enterpriseid==2021)||(enterpriseid==8072)) {
1173 proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random");
1174 /* demystify: 4B random, 4B epoch seconds */
1175 if (len_remain==8) {
1176 proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA);
1177 seconds = tvb_get_letohl(tvb, offset+4);
1180 proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4,
1182 abs_time_secs_to_str(seconds, ABSOLUTE_TIME_LOCAL, TRUE));
1189 case SNMP_ENGINEID_FORMAT_OCTETS:
1191 /* max. 27 bytes, administratively assigned or unknown format */
1192 if (len_remain<=27) {
1193 proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA);
1202 proto_tree_add_text(tree, tvb, offset, len_remain, "<Data not conforming to RFC3411>");
1209 static void set_ue_keys(snmp_ue_assoc_t* n ) {
1210 guint key_size = n->user.authModel->key_size;
1212 n->user.authKey.data = (guint8 *)se_alloc(key_size);
1213 n->user.authKey.len = key_size;
1214 n->user.authModel->pass2key(n->user.authPassword.data,
1215 n->user.authPassword.len,
1218 n->user.authKey.data);
1220 n->user.privKey.data = (guint8 *)se_alloc(key_size);
1221 n->user.privKey.len = key_size;
1222 n->user.authModel->pass2key(n->user.privPassword.data,
1223 n->user.privPassword.len,
1226 n->user.privKey.data);
1229 static snmp_ue_assoc_t*
1230 ue_se_dup(snmp_ue_assoc_t* o)
1232 snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)se_memdup(o,sizeof(snmp_ue_assoc_t));
1234 d->user.authModel = o->user.authModel;
1236 d->user.privProtocol = o->user.privProtocol;
1238 d->user.userName.data = (guint8 *)se_memdup(o->user.userName.data,o->user.userName.len);
1239 d->user.userName.len = o->user.userName.len;
1241 d->user.authPassword.data = o->user.authPassword.data ? (guint8 *)se_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL;
1242 d->user.authPassword.len = o->user.authPassword.len;
1244 d->user.privPassword.data = o->user.privPassword.data ? (guint8 *)se_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL;
1245 d->user.privPassword.len = o->user.privPassword.len;
1247 d->engine.len = o->engine.len;
1249 if (d->engine.len) {
1250 d->engine.data = (guint8 *)se_memdup(o->engine.data,o->engine.len);
1259 #define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; }
1262 renew_ue_cache(void)
1264 localized_ues = NULL;
1265 unlocalized_ues = NULL;
1270 for(i = 0; i < num_ueas; i++) {
1271 snmp_ue_assoc_t* a = ue_se_dup(&(ueas[i]));
1273 if (a->engine.len) {
1274 CACHE_INSERT(localized_ues,a);
1277 CACHE_INSERT(unlocalized_ues,a);
1285 static snmp_ue_assoc_t*
1286 localize_ue( snmp_ue_assoc_t* o, const guint8* engine, guint engine_len )
1288 snmp_ue_assoc_t* n = (snmp_ue_assoc_t*)se_memdup(o,sizeof(snmp_ue_assoc_t));
1290 n->engine.data = (guint8*)se_memdup(engine,engine_len);
1291 n->engine.len = engine_len;
1299 #define localized_match(a,u,ul,e,el) \
1300 ( a->user.userName.len == ul \
1301 && a->engine.len == el \
1302 && memcmp( a->user.userName.data, u, ul ) == 0 \
1303 && memcmp( a->engine.data, e, el ) == 0 )
1305 #define unlocalized_match(a,u,l) \
1306 ( a->user.userName.len == l && memcmp( a->user.userName.data, u, l) == 0 )
1308 static snmp_ue_assoc_t*
1309 get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb)
1311 static snmp_ue_assoc_t* a;
1312 guint given_username_len;
1313 guint8* given_username;
1314 guint given_engine_len;
1315 guint8* given_engine;
1317 if ( ! (localized_ues || unlocalized_ues ) ) return NULL;
1319 if (! ( user_tvb && engine_tvb ) ) return NULL;
1321 given_username_len = tvb_length(user_tvb);
1322 given_engine_len = tvb_length(engine_tvb);
1323 if (! ( given_engine_len && given_username_len ) ) return NULL;
1324 given_username = (guint8*)ep_tvb_memdup(user_tvb,0,-1);
1325 given_engine = (guint8*)ep_tvb_memdup(engine_tvb,0,-1);
1327 for (a = localized_ues; a; a = a->next) {
1328 if ( localized_match(a, given_username, given_username_len, given_engine, given_engine_len) ) {
1333 for (a = unlocalized_ues; a; a = a->next) {
1334 if ( unlocalized_match(a, given_username, given_username_len) ) {
1335 snmp_ue_assoc_t* n = localize_ue( a, given_engine, given_engine_len );
1336 CACHE_INSERT(localized_ues,n);
1345 snmp_usm_auth_md5(snmp_usm_params_t* p, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error)
1359 *error = "No Authenticator";
1363 key = p->user_assoc->user.authKey.data;
1364 key_len = p->user_assoc->user.authKey.len;
1367 *error = "User has no authKey";
1372 auth_len = tvb_length_remaining(p->auth_tvb,0);
1374 if (auth_len != 12) {
1375 *error = "Authenticator length wrong";
1379 msg_len = tvb_length_remaining(p->msg_tvb,0);
1381 *error = "Not enough data remaining";
1384 msg = (guint8*)ep_tvb_memdup(p->msg_tvb,0,msg_len);
1387 auth = (guint8*)ep_tvb_memdup(p->auth_tvb,0,auth_len);
1389 start = p->auth_offset - p->start_offset;
1390 end = start + auth_len;
1392 /* fill the authenticator with zeros */
1393 for ( i = start ; i < end ; i++ ) {
1397 calc_auth = (guint8*)ep_alloc(16);
1399 md5_hmac(msg, msg_len, key, key_len, calc_auth);
1401 if (calc_auth_p) *calc_auth_p = calc_auth;
1402 if (calc_auth_len_p) *calc_auth_len_p = 12;
1404 return ( memcmp(auth,calc_auth,12) != 0 ) ? FALSE : TRUE;
1409 snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_)
1423 *error = "No Authenticator";
1427 key = p->user_assoc->user.authKey.data;
1428 key_len = p->user_assoc->user.authKey.len;
1431 *error = "User has no authKey";
1436 auth_len = tvb_length_remaining(p->auth_tvb,0);
1439 if (auth_len != 12) {
1440 *error = "Authenticator length wrong";
1444 msg_len = tvb_length_remaining(p->msg_tvb,0);
1446 *error = "Not enough data remaining";
1449 msg = (guint8*)ep_tvb_memdup(p->msg_tvb,0,msg_len);
1451 auth = (guint8*)ep_tvb_memdup(p->auth_tvb,0,auth_len);
1453 start = p->auth_offset - p->start_offset;
1454 end = start + auth_len;
1456 /* fill the authenticator with zeros */
1457 for ( i = start ; i < end ; i++ ) {
1461 calc_auth = (guint8*)ep_alloc(20);
1463 sha1_hmac(key, key_len, msg, msg_len, calc_auth);
1465 if (calc_auth_p) *calc_auth_p = calc_auth;
1466 if (calc_auth_len_p) *calc_auth_len_p = 12;
1468 return ( memcmp(auth,calc_auth,12) != 0 ) ? FALSE : TRUE;
1472 snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_)
1474 #ifdef HAVE_LIBGCRYPT
1476 gcry_cipher_hd_t hd = NULL;
1479 guint8* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */
1480 guint8* pre_iv = &(p->user_assoc->user.privKey.data[8]); /* last 8 bytes */
1485 tvbuff_t* clear_tvb;
1490 salt_len = tvb_length_remaining(p->priv_tvb,0);
1492 if (salt_len != 8) {
1493 *error = "decryptionError: msgPrivacyParameters length != 8";
1497 salt = (guint8*)ep_tvb_memdup(p->priv_tvb,0,salt_len);
1500 The resulting "salt" is XOR-ed with the pre-IV to obtain the IV.
1502 for (i=0; i<8; i++) {
1503 iv[i] = pre_iv[i] ^ salt[i];
1506 cryptgrm_len = tvb_length_remaining(encryptedData,0);
1508 if ((cryptgrm_len <= 0) || (cryptgrm_len % 8)) {
1509 *error = "decryptionError: the length of the encrypted data is not a mutiple of 8 octets";
1513 cryptgrm = (guint8*)ep_tvb_memdup(encryptedData,0,-1);
1515 cleartext = (guint8*)ep_alloc(cryptgrm_len);
1517 err = gcry_cipher_open(&hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0);
1518 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1520 err = gcry_cipher_setiv(hd, iv, 8);
1521 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1523 err = gcry_cipher_setkey(hd,des_key,8);
1524 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1526 err = gcry_cipher_decrypt(hd, cleartext, cryptgrm_len, cryptgrm, cryptgrm_len);
1527 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1529 gcry_cipher_close(hd);
1531 clear_tvb = tvb_new_child_real_data(encryptedData, cleartext, cryptgrm_len, cryptgrm_len);
1536 *error = (void*)gpg_strerror(err);
1537 if (hd) gcry_cipher_close(hd);
1540 *error = "libgcrypt not present, cannot decrypt";
1546 snmp_usm_priv_aes(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_)
1548 #ifdef HAVE_LIBGCRYPT
1550 gcry_cipher_hd_t hd = NULL;
1553 guint8* aes_key = p->user_assoc->user.privKey.data; /* first 16 bytes */
1558 tvbuff_t* clear_tvb;
1560 priv_len = tvb_length_remaining(p->priv_tvb,0);
1562 if (priv_len != 8) {
1563 *error = "decryptionError: msgPrivacyParameters length != 8";
1567 iv[0] = (p->boots & 0xff000000) >> 24;
1568 iv[1] = (p->boots & 0x00ff0000) >> 16;
1569 iv[2] = (p->boots & 0x0000ff00) >> 8;
1570 iv[3] = (p->boots & 0x000000ff);
1571 iv[4] = (p->time & 0xff000000) >> 24;
1572 iv[5] = (p->time & 0x00ff0000) >> 16;
1573 iv[6] = (p->time & 0x0000ff00) >> 8;
1574 iv[7] = (p->time & 0x000000ff);
1575 tvb_memcpy(p->priv_tvb,&(iv[8]),0,8);
1577 cryptgrm_len = tvb_length_remaining(encryptedData,0);
1578 if (cryptgrm_len <= 0) {
1579 *error = "Not enough data remaining";
1582 cryptgrm = (guint8*)ep_tvb_memdup(encryptedData,0,-1);
1584 cleartext = (guint8*)ep_alloc(cryptgrm_len);
1586 err = gcry_cipher_open(&hd, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CFB, 0);
1587 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1589 err = gcry_cipher_setiv(hd, iv, 16);
1590 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1592 err = gcry_cipher_setkey(hd,aes_key,16);
1593 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1595 err = gcry_cipher_decrypt(hd, cleartext, cryptgrm_len, cryptgrm, cryptgrm_len);
1596 if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
1598 gcry_cipher_close(hd);
1600 clear_tvb = tvb_new_child_real_data(encryptedData, cleartext, cryptgrm_len, cryptgrm_len);
1605 *error = (void*)gpg_strerror(err);
1606 if (hd) gcry_cipher_close(hd);
1609 *error = "libgcrypt not present, cannot decrypt";
1616 check_ScopedPdu(tvbuff_t* tvb)
1622 int hoffset, eoffset;
1625 offset = get_ber_identifier(tvb, 0, &ber_class, &pc, &tag);
1626 offset = get_ber_length(tvb, offset, NULL, NULL);
1628 if ( ! (((ber_class!=BER_CLASS_APP) && (ber_class!=BER_CLASS_PRI) )
1629 && ( (!pc) || (ber_class!=BER_CLASS_UNI) || (tag!=BER_UNI_TAG_ENUMERATED) )
1632 if((tvb_get_guint8(tvb, offset)==0)&&(tvb_get_guint8(tvb, offset+1)==0))
1637 offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
1638 offset = get_ber_length(tvb, offset, &len, NULL);
1639 eoffset = offset + len;
1641 if (eoffset <= hoffset) return FALSE;
1643 if ((ber_class!=BER_CLASS_APP)&&(ber_class!=BER_CLASS_PRI))
1644 if( (ber_class!=BER_CLASS_UNI)
1645 ||((tag<BER_UNI_TAG_NumericString)&&(tag!=BER_UNI_TAG_OCTETSTRING)&&(tag!=BER_UNI_TAG_UTF8String)) )
1653 /*--- Included file: packet-snmp-fn.c ---*/
1654 #line 1 "../../asn1/snmp/packet-snmp-fn.c"
1659 dissect_snmp_EnterpriseOID(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1660 #line 64 "../../asn1/snmp/snmp.cnf"
1663 offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_index, &enterprise_oid);
1666 if (display_oid && enterprise_oid) {
1667 name = oid_resolved_from_string(enterprise_oid);
1669 col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", name);
1681 dissect_snmp_OCTET_STRING_SIZE_4(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1682 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
1691 dissect_snmp_NetworkAddress(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1692 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1693 hf_index, BER_CLASS_APP, 0, TRUE, dissect_snmp_OCTET_STRING_SIZE_4);
1701 dissect_snmp_INTEGER_0_4294967295(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1702 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1711 dissect_snmp_TimeTicks(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1712 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1713 hf_index, BER_CLASS_APP, 3, TRUE, dissect_snmp_INTEGER_0_4294967295);
1721 dissect_snmp_Integer32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1722 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1731 dissect_snmp_ObjectName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1732 offset = dissect_ber_object_identifier(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
1738 static const value_string snmp_Version_vals[] = {
1748 dissect_snmp_Version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1749 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1758 dissect_snmp_Community(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1759 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
1768 dissect_snmp_INTEGER(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1769 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1776 static const value_string snmp_T_error_status_vals[] = {
1779 { 2, "noSuchName" },
1785 { 8, "wrongLength" },
1786 { 9, "wrongEncoding" },
1787 { 10, "wrongValue" },
1788 { 11, "noCreation" },
1789 { 12, "inconsistentValue" },
1790 { 13, "resourceUnavailable" },
1791 { 14, "commitFailed" },
1792 { 15, "undoFailed" },
1793 { 16, "authorizationError" },
1794 { 17, "notWritable" },
1795 { 18, "inconsistentName" },
1801 dissect_snmp_T_error_status(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1802 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1811 dissect_snmp_NULL(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1812 offset = dissect_ber_null(implicit_tag, actx, tree, tvb, offset, hf_index);
1819 static const ber_sequence_t VarBindList_sequence_of[1] = {
1820 { &hf_snmp_VarBindList_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_snmp_VarBind },
1824 dissect_snmp_VarBindList(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1825 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
1826 VarBindList_sequence_of, hf_index, ett_snmp_VarBindList);
1832 static const ber_sequence_t PDU_sequence[] = {
1833 { &hf_snmp_request_id , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER },
1834 { &hf_snmp_error_status , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_T_error_status },
1835 { &hf_snmp_error_index , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER },
1836 { &hf_snmp_variable_bindings, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_snmp_VarBindList },
1837 { NULL, 0, 0, 0, NULL }
1841 dissect_snmp_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1842 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1843 PDU_sequence, hf_index, ett_snmp_PDU);
1851 dissect_snmp_GetRequest_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1852 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1853 hf_index, BER_CLASS_CON, 0, TRUE, dissect_snmp_PDU);
1861 dissect_snmp_GetNextRequest_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1862 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1863 hf_index, BER_CLASS_CON, 1, TRUE, dissect_snmp_PDU);
1871 dissect_snmp_GetResponse_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1872 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1873 hf_index, BER_CLASS_CON, 2, TRUE, dissect_snmp_PDU);
1881 dissect_snmp_SetRequest_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1882 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1883 hf_index, BER_CLASS_CON, 3, TRUE, dissect_snmp_PDU);
1889 static const value_string snmp_GenericTrap_vals[] = {
1894 { 4, "authenticationFailure" },
1895 { 5, "egpNeighborLoss" },
1896 { 6, "enterpriseSpecific" },
1902 dissect_snmp_GenericTrap(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1903 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1912 dissect_snmp_SpecificTrap(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1913 #line 48 "../../asn1/snmp/snmp.cnf"
1914 guint specific_trap;
1916 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1920 if (generic_trap == 6) { /* enterprise specific */
1921 const gchar *specific_str = snmp_lookup_specific_trap (specific_trap);
1923 proto_item_append_text(actx->created_item, " (%s)", specific_str);
1932 static const ber_sequence_t Trap_PDU_U_sequence[] = {
1933 { &hf_snmp_enterprise , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_snmp_EnterpriseOID },
1934 { &hf_snmp_agent_addr , BER_CLASS_APP, 0, BER_FLAGS_NOOWNTAG, dissect_snmp_NetworkAddress },
1935 { &hf_snmp_generic_trap , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_GenericTrap },
1936 { &hf_snmp_specific_trap , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_SpecificTrap },
1937 { &hf_snmp_time_stamp , BER_CLASS_APP, 3, BER_FLAGS_NOOWNTAG, dissect_snmp_TimeTicks },
1938 { &hf_snmp_variable_bindings, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_snmp_VarBindList },
1939 { NULL, 0, 0, 0, NULL }
1943 dissect_snmp_Trap_PDU_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1944 #line 40 "../../asn1/snmp/snmp.cnf"
1946 enterprise_oid = NULL;
1948 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1949 Trap_PDU_U_sequence, hf_index, ett_snmp_Trap_PDU_U);
1960 dissect_snmp_Trap_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1961 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1962 hf_index, BER_CLASS_CON, 4, TRUE, dissect_snmp_Trap_PDU_U);
1970 dissect_snmp_INTEGER_0_2147483647(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1971 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1978 static const ber_sequence_t BulkPDU_sequence[] = {
1979 { &hf_snmp_bulkPDU_request_id, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_Integer32 },
1980 { &hf_snmp_non_repeaters , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER_0_2147483647 },
1981 { &hf_snmp_max_repetitions, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER_0_2147483647 },
1982 { &hf_snmp_variable_bindings, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_snmp_VarBindList },
1983 { NULL, 0, 0, 0, NULL }
1987 dissect_snmp_BulkPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1988 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1989 BulkPDU_sequence, hf_index, ett_snmp_BulkPDU);
1997 dissect_snmp_GetBulkRequest_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1998 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
1999 hf_index, BER_CLASS_CON, 5, TRUE, dissect_snmp_BulkPDU);
2007 dissect_snmp_InformRequest_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2008 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2009 hf_index, BER_CLASS_CON, 6, TRUE, dissect_snmp_PDU);
2017 dissect_snmp_SNMPv2_Trap_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2018 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2019 hf_index, BER_CLASS_CON, 7, TRUE, dissect_snmp_PDU);
2027 dissect_snmp_Report_PDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2028 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2029 hf_index, BER_CLASS_CON, 8, TRUE, dissect_snmp_PDU);
2035 static const value_string snmp_PDUs_vals[] = {
2036 { 0, "get-request" },
2037 { 1, "get-next-request" },
2038 { 2, "get-response" },
2039 { 3, "set-request" },
2041 { 5, "getBulkRequest" },
2042 { 6, "informRequest" },
2043 { 7, "snmpV2-trap" },
2048 static const ber_choice_t PDUs_choice[] = {
2049 { 0, &hf_snmp_get_request , BER_CLASS_CON, 0, BER_FLAGS_NOOWNTAG, dissect_snmp_GetRequest_PDU },
2050 { 1, &hf_snmp_get_next_request, BER_CLASS_CON, 1, BER_FLAGS_NOOWNTAG, dissect_snmp_GetNextRequest_PDU },
2051 { 2, &hf_snmp_get_response , BER_CLASS_CON, 2, BER_FLAGS_NOOWNTAG, dissect_snmp_GetResponse_PDU },
2052 { 3, &hf_snmp_set_request , BER_CLASS_CON, 3, BER_FLAGS_NOOWNTAG, dissect_snmp_SetRequest_PDU },
2053 { 4, &hf_snmp_trap , BER_CLASS_CON, 4, BER_FLAGS_NOOWNTAG, dissect_snmp_Trap_PDU },
2054 { 5, &hf_snmp_getBulkRequest , BER_CLASS_CON, 5, BER_FLAGS_NOOWNTAG, dissect_snmp_GetBulkRequest_PDU },
2055 { 6, &hf_snmp_informRequest , BER_CLASS_CON, 6, BER_FLAGS_NOOWNTAG, dissect_snmp_InformRequest_PDU },
2056 { 7, &hf_snmp_snmpV2_trap , BER_CLASS_CON, 7, BER_FLAGS_NOOWNTAG, dissect_snmp_SNMPv2_Trap_PDU },
2057 { 8, &hf_snmp_report , BER_CLASS_CON, 8, BER_FLAGS_NOOWNTAG, dissect_snmp_Report_PDU },
2058 { 0, NULL, 0, 0, 0, NULL }
2062 dissect_snmp_PDUs(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2063 #line 28 "../../asn1/snmp/snmp.cnf"
2066 col_clear(actx->pinfo->cinfo, COL_INFO);
2068 offset = dissect_ber_choice(actx, tree, tvb, offset,
2069 PDUs_choice, hf_index, ett_snmp_PDUs,
2072 if( (pdu_type!=-1) && snmp_PDUs_vals[pdu_type].strptr ){
2073 col_prepend_fstr(actx->pinfo->cinfo, COL_INFO, "%s", snmp_PDUs_vals[pdu_type].strptr);
2082 static const ber_sequence_t Message_sequence[] = {
2083 { &hf_snmp_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_Version },
2084 { &hf_snmp_community , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_Community },
2085 { &hf_snmp_data , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_snmp_PDUs },
2086 { NULL, 0, 0, 0, NULL }
2090 dissect_snmp_Message(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2091 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2092 Message_sequence, hf_index, ett_snmp_Message);
2100 dissect_snmp_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2101 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2108 static const value_string snmp_T_datav2u_vals[] = {
2114 static const ber_choice_t T_datav2u_choice[] = {
2115 { 0, &hf_snmp_v2u_plaintext , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_snmp_PDUs },
2116 { 1, &hf_snmp_encrypted , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_OCTET_STRING },
2117 { 0, NULL, 0, 0, 0, NULL }
2121 dissect_snmp_T_datav2u(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2122 offset = dissect_ber_choice(actx, tree, tvb, offset,
2123 T_datav2u_choice, hf_index, ett_snmp_T_datav2u,
2130 static const ber_sequence_t Messagev2u_sequence[] = {
2131 { &hf_snmp_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_Version },
2132 { &hf_snmp_parameters , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_OCTET_STRING },
2133 { &hf_snmp_datav2u , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_snmp_T_datav2u },
2134 { NULL, 0, 0, 0, NULL }
2138 dissect_snmp_Messagev2u(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2139 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2140 Messagev2u_sequence, hf_index, ett_snmp_Messagev2u);
2148 dissect_snmp_SnmpEngineID(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2149 #line 99 "../../asn1/snmp/snmp.cnf"
2150 tvbuff_t* param_tvb = NULL;
2152 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2155 proto_tree* engine_tree = proto_item_add_subtree(actx->created_item,ett_engineid);
2156 dissect_snmp_engineid(engine_tree, param_tvb, 0, tvb_length_remaining(param_tvb,0));
2167 dissect_snmp_T_msgAuthoritativeEngineID(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2168 #line 90 "../../asn1/snmp/snmp.cnf"
2170 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2172 if (usm_p.engine_tvb) {
2173 proto_tree* engine_tree = proto_item_add_subtree(actx->created_item,ett_engineid);
2174 dissect_snmp_engineid(engine_tree, usm_p.engine_tvb, 0, tvb_length_remaining(usm_p.engine_tvb,0));
2185 dissect_snmp_T_msgAuthoritativeEngineBoots(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2186 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2195 dissect_snmp_T_msgAuthoritativeEngineTime(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2196 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2205 dissect_snmp_T_msgUserName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2206 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2215 dissect_snmp_T_msgAuthenticationParameters(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2216 #line 112 "../../asn1/snmp/snmp.cnf"
2217 offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &usm_p.auth_tvb);
2218 if (usm_p.auth_tvb) {
2219 usm_p.auth_item = actx->created_item;
2220 usm_p.auth_offset = tvb_offset_from_real_beginning(usm_p.auth_tvb);
2230 dissect_snmp_T_msgPrivacyParameters(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2231 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2238 static const ber_sequence_t UsmSecurityParameters_sequence[] = {
2239 { &hf_snmp_msgAuthoritativeEngineID, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgAuthoritativeEngineID },
2240 { &hf_snmp_msgAuthoritativeEngineBoots, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgAuthoritativeEngineBoots },
2241 { &hf_snmp_msgAuthoritativeEngineTime, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgAuthoritativeEngineTime },
2242 { &hf_snmp_msgUserName , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgUserName },
2243 { &hf_snmp_msgAuthenticationParameters, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgAuthenticationParameters },
2244 { &hf_snmp_msgPrivacyParameters, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgPrivacyParameters },
2245 { NULL, 0, 0, 0, NULL }
2249 dissect_snmp_UsmSecurityParameters(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2250 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2251 UsmSecurityParameters_sequence, hf_index, ett_snmp_UsmSecurityParameters);
2259 dissect_snmp_INTEGER_484_2147483647(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2260 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2269 dissect_snmp_T_msgFlags(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2270 #line 227 "../../asn1/snmp/snmp.cnf"
2271 tvbuff_t *parameter_tvb = NULL;
2273 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2277 guint8 v3_flags = tvb_get_guint8(parameter_tvb, 0);
2278 proto_tree* flags_tree = proto_item_add_subtree(actx->created_item,ett_msgFlags);
2280 proto_tree_add_item(flags_tree, hf_snmp_v3_flags_report, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
2281 proto_tree_add_item(flags_tree, hf_snmp_v3_flags_crypt, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
2282 proto_tree_add_item(flags_tree, hf_snmp_v3_flags_auth, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
2284 usm_p.encrypted = v3_flags & TH_CRYPT ? TRUE : FALSE;
2285 usm_p.authenticated = v3_flags & TH_AUTH ? TRUE : FALSE;
2297 dissect_snmp_T_msgSecurityModel(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2298 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2305 static const ber_sequence_t HeaderData_sequence[] = {
2306 { &hf_snmp_msgID , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER_0_2147483647 },
2307 { &hf_snmp_msgMaxSize , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER_484_2147483647 },
2308 { &hf_snmp_msgFlags , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgFlags },
2309 { &hf_snmp_msgSecurityModel, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgSecurityModel },
2310 { NULL, 0, 0, 0, NULL }
2314 dissect_snmp_HeaderData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2315 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2316 HeaderData_sequence, hf_index, ett_snmp_HeaderData);
2324 dissect_snmp_T_msgSecurityParameters(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2325 #line 170 "../../asn1/snmp/snmp.cnf"
2327 switch(MsgSecurityModel){
2328 case SNMP_SEC_USM: /* 3 */
2329 offset = dissect_snmp_UsmSecurityParameters(FALSE, tvb, offset+2, actx, tree, -1);
2330 usm_p.user_assoc = get_user_assoc(usm_p.engine_tvb, usm_p.user_tvb);
2332 case SNMP_SEC_ANY: /* 0 */
2333 case SNMP_SEC_V1: /* 1 */
2334 case SNMP_SEC_V2C: /* 2 */
2336 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2348 static const ber_sequence_t ScopedPDU_sequence[] = {
2349 { &hf_snmp_contextEngineID, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_SnmpEngineID },
2350 { &hf_snmp_contextName , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_OCTET_STRING },
2351 { &hf_snmp_data , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_snmp_PDUs },
2352 { NULL, 0, 0, 0, NULL }
2356 dissect_snmp_ScopedPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2357 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2358 ScopedPDU_sequence, hf_index, ett_snmp_ScopedPDU);
2366 dissect_snmp_T_encryptedPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2367 #line 121 "../../asn1/snmp/snmp.cnf"
2368 tvbuff_t* crypt_tvb;
2369 offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_snmp_encryptedPDU, &crypt_tvb);
2371 if( usm_p.encrypted && crypt_tvb
2373 && usm_p.user_assoc->user.privProtocol ) {
2375 const gchar* error = NULL;
2376 proto_tree* encryptedpdu_tree = proto_item_add_subtree(actx->created_item,ett_encryptedPDU);
2377 tvbuff_t* cleartext_tvb = usm_p.user_assoc->user.privProtocol(&usm_p, crypt_tvb, &error );
2379 if (! cleartext_tvb) {
2380 proto_item* cause = proto_tree_add_text(encryptedpdu_tree, crypt_tvb, 0, -1,
2381 "Failed to decrypt encryptedPDU: %s", error);
2383 expert_add_info_format(actx->pinfo, cause, PI_MALFORMED, PI_WARN,
2384 "Failed to decrypt encryptedPDU: %s", error);
2386 col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: Failed to decrypt");
2390 proto_item* decrypted_item;
2391 proto_tree* decrypted_tree;
2393 if (! check_ScopedPdu(cleartext_tvb)) {
2394 proto_item* cause = proto_tree_add_text(encryptedpdu_tree, cleartext_tvb, 0, -1,
2395 "Decrypted data not formatted as expected, wrong key?");
2397 expert_add_info_format(actx->pinfo, cause, PI_MALFORMED, PI_WARN,
2398 "Decrypted data not formatted as expected");
2400 col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: Decrypted data not formatted as expected");
2406 add_new_data_source(actx->pinfo, cleartext_tvb, "Decrypted ScopedPDU");
2408 decrypted_item = proto_tree_add_item(encryptedpdu_tree, hf_snmp_decryptedPDU,cleartext_tvb,0,-1,ENC_NA);
2409 decrypted_tree = proto_item_add_subtree(decrypted_item,ett_decrypted);
2410 dissect_snmp_ScopedPDU(FALSE, cleartext_tvb, 0, actx, decrypted_tree, -1);
2413 col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: privKey Unknown");
2422 static const value_string snmp_ScopedPduData_vals[] = {
2424 { 1, "encryptedPDU" },
2428 static const ber_choice_t ScopedPduData_choice[] = {
2429 { 0, &hf_snmp_plaintext , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_snmp_ScopedPDU },
2430 { 1, &hf_snmp_encryptedPDU , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_encryptedPDU },
2431 { 0, NULL, 0, 0, 0, NULL }
2435 dissect_snmp_ScopedPduData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2436 offset = dissect_ber_choice(actx, tree, tvb, offset,
2437 ScopedPduData_choice, hf_index, ett_snmp_ScopedPduData,
2444 static const ber_sequence_t SNMPv3Message_sequence[] = {
2445 { &hf_snmp_msgVersion , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_Version },
2446 { &hf_snmp_msgGlobalData , BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_snmp_HeaderData },
2447 { &hf_snmp_msgSecurityParameters, BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_T_msgSecurityParameters },
2448 { &hf_snmp_msgData , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_snmp_ScopedPduData },
2449 { NULL, 0, 0, 0, NULL }
2453 dissect_snmp_SNMPv3Message(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2454 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2455 SNMPv3Message_sequence, hf_index, ett_snmp_SNMPv3Message);
2457 #line 185 "../../asn1/snmp/snmp.cnf"
2459 if( usm_p.authenticated
2461 && usm_p.user_assoc->user.authModel ) {
2462 const gchar* error = NULL;
2463 proto_item* authen_item;
2464 proto_tree* authen_tree = proto_item_add_subtree(usm_p.auth_item,ett_authParameters);
2466 guint calc_auth_len;
2468 usm_p.authOK = usm_p.user_assoc->user.authModel->authenticate( &usm_p, &calc_auth, &calc_auth_len, &error );
2471 authen_item = proto_tree_add_text(authen_tree,tvb,0,0,"Error while verifying Message authenticity: %s", error);
2472 PROTO_ITEM_SET_GENERATED(authen_item);
2473 expert_add_info_format( actx->pinfo, authen_item, PI_MALFORMED, PI_ERROR, "Error while verifying Message authenticity: %s", error );
2478 authen_item = proto_tree_add_boolean(authen_tree, hf_snmp_msgAuthentication, tvb, 0, 0, usm_p.authOK);
2479 PROTO_ITEM_SET_GENERATED(authen_item);
2482 msg = "SNMP Authentication OK";
2485 const gchar* calc_auth_str = bytestring_to_str(calc_auth,calc_auth_len,' ');
2486 proto_item_append_text(authen_item, " calculated = %s", calc_auth_str);
2487 msg = "SNMP Authentication Error";
2491 expert_add_info_format( actx->pinfo, authen_item, PI_CHECKSUM, severity, "%s", msg );
2500 static const value_string snmp_T_smux_version_vals[] = {
2507 dissect_snmp_T_smux_version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2508 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2517 dissect_snmp_OBJECT_IDENTIFIER(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2518 offset = dissect_ber_object_identifier(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
2526 dissect_snmp_DisplayString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2527 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2534 static const ber_sequence_t SimpleOpen_U_sequence[] = {
2535 { &hf_snmp_smux_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_T_smux_version },
2536 { &hf_snmp_identity , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_snmp_OBJECT_IDENTIFIER },
2537 { &hf_snmp_description , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_DisplayString },
2538 { &hf_snmp_password , BER_CLASS_UNI, BER_UNI_TAG_OCTETSTRING, BER_FLAGS_NOOWNTAG, dissect_snmp_OCTET_STRING },
2539 { NULL, 0, 0, 0, NULL }
2543 dissect_snmp_SimpleOpen_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2544 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2545 SimpleOpen_U_sequence, hf_index, ett_snmp_SimpleOpen_U);
2553 dissect_snmp_SimpleOpen(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2554 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2555 hf_index, BER_CLASS_APP, 0, TRUE, dissect_snmp_SimpleOpen_U);
2561 static const value_string snmp_OpenPDU_vals[] = {
2562 { 0, "smux-simple" },
2566 static const ber_choice_t OpenPDU_choice[] = {
2567 { 0, &hf_snmp_smux_simple , BER_CLASS_APP, 0, BER_FLAGS_NOOWNTAG, dissect_snmp_SimpleOpen },
2568 { 0, NULL, 0, 0, 0, NULL }
2572 dissect_snmp_OpenPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2573 offset = dissect_ber_choice(actx, tree, tvb, offset,
2574 OpenPDU_choice, hf_index, ett_snmp_OpenPDU,
2581 static const value_string snmp_ClosePDU_U_vals[] = {
2583 { 1, "unsupportedVersion" },
2584 { 2, "packetFormat" },
2585 { 3, "protocolError" },
2586 { 4, "internalError" },
2587 { 5, "authenticationFailure" },
2593 dissect_snmp_ClosePDU_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2594 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2603 dissect_snmp_ClosePDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2604 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2605 hf_index, BER_CLASS_APP, 1, TRUE, dissect_snmp_ClosePDU_U);
2613 dissect_snmp_INTEGER_M1_2147483647(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2614 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2621 static const value_string snmp_T_operation_vals[] = {
2630 dissect_snmp_T_operation(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2631 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2638 static const ber_sequence_t RReqPDU_U_sequence[] = {
2639 { &hf_snmp_subtree , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_snmp_ObjectName },
2640 { &hf_snmp_priority , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_INTEGER_M1_2147483647 },
2641 { &hf_snmp_operation , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_snmp_T_operation },
2642 { NULL, 0, 0, 0, NULL }
2646 dissect_snmp_RReqPDU_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2647 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2648 RReqPDU_U_sequence, hf_index, ett_snmp_RReqPDU_U);
2656 dissect_snmp_RReqPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2657 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2658 hf_index, BER_CLASS_APP, 2, TRUE, dissect_snmp_RReqPDU_U);
2664 static const value_string snmp_RRspPDU_U_vals[] = {
2671 dissect_snmp_RRspPDU_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2672 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2681 dissect_snmp_RRspPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2682 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2683 hf_index, BER_CLASS_APP, 3, TRUE, dissect_snmp_RRspPDU_U);
2689 static const value_string snmp_RegisterResponse_vals[] = {
2695 static const ber_choice_t RegisterResponse_choice[] = {
2696 { 0, &hf_snmp_rRspPDU , BER_CLASS_APP, 3, BER_FLAGS_NOOWNTAG, dissect_snmp_RRspPDU },
2697 { 1, &hf_snmp_pDUs , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_snmp_PDUs },
2698 { 0, NULL, 0, 0, 0, NULL }
2702 dissect_snmp_RegisterResponse(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2703 offset = dissect_ber_choice(actx, tree, tvb, offset,
2704 RegisterResponse_choice, hf_index, ett_snmp_RegisterResponse,
2711 static const value_string snmp_SOutPDU_U_vals[] = {
2719 dissect_snmp_SOutPDU_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2720 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2729 dissect_snmp_SOutPDU(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2730 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2731 hf_index, BER_CLASS_APP, 4, TRUE, dissect_snmp_SOutPDU_U);
2737 static const value_string snmp_SMUX_PDUs_vals[] = {
2740 { 2, "registerRequest" },
2741 { 3, "registerResponse" },
2742 { 4, "commitOrRollback" },
2746 static const ber_choice_t SMUX_PDUs_choice[] = {
2747 { 0, &hf_snmp_open , BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_snmp_OpenPDU },
2748 { 1, &hf_snmp_close , BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_snmp_ClosePDU },
2749 { 2, &hf_snmp_registerRequest, BER_CLASS_APP, 2, BER_FLAGS_NOOWNTAG, dissect_snmp_RReqPDU },
2750 { 3, &hf_snmp_registerResponse, BER_CLASS_ANY/*choice*/, -1/*choice*/, BER_FLAGS_NOOWNTAG, dissect_snmp_RegisterResponse },
2751 { 4, &hf_snmp_commitOrRollback, BER_CLASS_APP, 4, BER_FLAGS_NOOWNTAG, dissect_snmp_SOutPDU },
2752 { 0, NULL, 0, 0, 0, NULL }
2756 dissect_snmp_SMUX_PDUs(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2757 offset = dissect_ber_choice(actx, tree, tvb, offset,
2758 SMUX_PDUs_choice, hf_index, ett_snmp_SMUX_PDUs,
2766 static void dissect_SMUX_PDUs_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) {
2767 asn1_ctx_t asn1_ctx;
2768 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
2769 dissect_snmp_SMUX_PDUs(FALSE, tvb, 0, &asn1_ctx, tree, hf_snmp_SMUX_PDUs_PDU);
2773 /*--- End of included file: packet-snmp-fn.c ---*/
2774 #line 1551 "../../asn1/snmp/packet-snmp-template.c"
2778 dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo,
2779 proto_tree *tree, int proto, gint ett, gboolean is_tcp)
2782 guint length_remaining;
2784 gboolean pc, ind = 0;
2787 guint message_length;
2788 int start_offset = offset;
2789 guint32 version = 0;
2792 proto_tree *snmp_tree = NULL;
2793 proto_item *item = NULL;
2794 asn1_ctx_t asn1_ctx;
2795 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
2798 usm_p.msg_tvb = tvb;
2799 usm_p.start_offset = tvb_offset_from_real_beginning(tvb);
2800 usm_p.engine_tvb = NULL;
2801 usm_p.user_tvb = NULL;
2802 usm_p.auth_item = NULL;
2803 usm_p.auth_tvb = NULL;
2804 usm_p.auth_offset = 0;
2805 usm_p.priv_tvb = NULL;
2806 usm_p.user_assoc = NULL;
2807 usm_p.authenticated = FALSE;
2808 usm_p.encrypted = FALSE;
2811 usm_p.authOK = FALSE;
2814 * This will throw an exception if we don't have any data left.
2815 * That's what we want. (See "tcp_dissect_pdus()", which is
2816 * similar, but doesn't have to deal with ASN.1.
2817 * XXX - can we make "tcp_dissect_pdus()" provide enough
2818 * information to the "get_pdu_len" routine so that we could
2819 * have that routine deal with ASN.1, and just use
2820 * "tcp_dissect_pdus()"?)
2822 length_remaining = tvb_ensure_length_remaining(tvb, offset);
2824 /* NOTE: we have to parse the message piece by piece, since the
2825 * capture length may be less than the message length: a 'global'
2826 * parsing is likely to fail.
2830 * If this is SNMP-over-TCP, we might have to do reassembly
2831 * in order to read the "Sequence Of" header.
2833 if (is_tcp && snmp_desegment && pinfo->can_desegment) {
2835 * This is TCP, and we should, and can, do reassembly.
2837 * Is the "Sequence Of" header split across segment
2838 * boundaries? We require at least 6 bytes for the
2839 * header, which allows for a 4-byte length (ASN.1
2842 if (length_remaining < 6) {
2844 * Yes. Tell the TCP dissector where the data
2845 * for this message starts in the data it handed
2846 * us and that we need "some more data." Don't tell
2847 * it exactly how many bytes we need because if/when
2848 * we ask for even more (after the header) that will
2851 pinfo->desegment_offset = offset;
2852 pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT;
2855 * Return 0, which means "I didn't dissect anything
2856 * because I don't have enough data - we need
2864 * OK, try to read the "Sequence Of" header; this gets the total
2865 * length of the SNMP message.
2867 /* Set tree to 0 to not display internal BER fields if option used.*/
2868 offset = dissect_ber_identifier(pinfo, 0, tvb, offset, &ber_class, &pc, &tag);
2869 /*Get the total octet length of the SNMP data*/
2870 offset = dissect_ber_length(pinfo, 0, tvb, offset, &len, &ind);
2871 message_length = len + 2;
2873 /*Get the SNMP version data*/
2874 offset = dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version);
2878 * If this is SNMP-over-TCP, we might have to do reassembly
2879 * to get all of this message.
2881 if (is_tcp && snmp_desegment && pinfo->can_desegment) {
2883 * Yes - is the message split across segment boundaries?
2885 if (length_remaining < message_length) {
2887 * Yes. Tell the TCP dissector where the data
2888 * for this message starts in the data it handed
2889 * us, and how many more bytes we need, and
2892 pinfo->desegment_offset = start_offset;
2893 pinfo->desegment_len =
2894 message_length - length_remaining;
2897 * Return 0, which means "I didn't dissect anything
2898 * because I don't have enough data - we need
2905 next_tvb_init(&var_list);
2907 col_set_str(pinfo->cinfo, COL_PROTOCOL,
2908 proto_get_protocol_short_name(find_protocol_by_id(proto)));
2911 item = proto_tree_add_item(tree, proto, tvb, start_offset,
2912 message_length, ENC_BIG_ENDIAN);
2913 snmp_tree = proto_item_add_subtree(item, ett);
2919 offset = dissect_snmp_Message(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1);
2922 offset = dissect_snmp_Messagev2u(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1);
2926 offset = dissect_snmp_SNMPv3Message(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1);
2930 * Return the length remaining in the tvbuff, so
2931 * if this is SNMP-over-TCP, our caller thinks there's
2932 * nothing left to dissect.
2934 proto_tree_add_text(snmp_tree, tvb, offset, -1,"Unknown version");
2935 return length_remaining;
2939 /* There may be appended data after the SNMP data, so treat as raw
2940 * data which needs to be dissected in case of UDP as UDP is PDU oriented.
2942 if((!is_tcp) && (length_remaining > (guint)offset)) {
2943 next_tvb = tvb_new_subset_remaining(tvb, offset);
2944 call_dissector(data_handle, next_tvb, pinfo, tree);
2946 next_tvb_call(&var_list, pinfo, tree, NULL, data_handle);
2953 dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
2955 conversation_t *conversation;
2964 * See if this looks like SNMP or not. if not, return 0 so
2965 * wireshark can try som other dissector instead.
2967 /* All SNMP packets are BER encoded and consist of a SEQUENCE
2968 * that spans the entire PDU. The first item is an INTEGER that
2969 * has the values 0-2 (version 1-3).
2970 * if not it is not snmp.
2972 /* SNMP starts with a SEQUENCE */
2973 offset = get_ber_identifier(tvb, 0, &tmp_class, &tmp_pc, &tmp_tag);
2974 if((tmp_class!=BER_CLASS_UNI)||(tmp_tag!=BER_UNI_TAG_SEQUENCE)) {
2977 /* then comes a length which spans the rest of the tvb */
2978 offset = get_ber_length(tvb, offset, &tmp_length, &tmp_ind);
2979 /* if(tmp_length!=(guint32)tvb_reported_length_remaining(tvb, offset)) {
2980 * Losen the heuristic a bit to handle the case where data has intentionally
2981 * been added after the snmp PDU ( UDP case)
2983 if ( pinfo->ptype == PT_UDP ) {
2984 if(tmp_length>(guint32)tvb_reported_length_remaining(tvb, offset)) {
2988 if(tmp_length!=(guint32)tvb_reported_length_remaining(tvb, offset)) {
2992 /* then comes an INTEGER (version)*/
2993 get_ber_identifier(tvb, offset, &tmp_class, &tmp_pc, &tmp_tag);
2994 if((tmp_class!=BER_CLASS_UNI)||(tmp_tag!=BER_UNI_TAG_INTEGER)) {
2997 /* do we need to test that version is 0 - 2 (version1-3) ? */
3001 * The first SNMP packet goes to the SNMP port; the second one
3002 * may come from some *other* port, but goes back to the same
3003 * IP address and port as the ones from which the first packet
3004 * came; all subsequent packets presumably go between those two
3005 * IP addresses and ports.
3007 * If this packet went to the SNMP port, we check to see if
3008 * there's already a conversation with one address/port pair
3009 * matching the source IP address and port of this packet,
3010 * the other address matching the destination IP address of this
3011 * packet, and any destination port.
3013 * If not, we create one, with its address 1/port 1 pair being
3014 * the source address/port of this packet, its address 2 being
3015 * the destination address of this packet, and its port 2 being
3016 * wildcarded, and give it the SNMP dissector as a dissector.
3018 if (pinfo->destport == UDP_PORT_SNMP) {
3019 conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
3020 pinfo->srcport, 0, NO_PORT_B);
3021 if( (conversation == NULL) || (conversation->dissector_handle!=snmp_handle) ) {
3022 conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
3023 pinfo->srcport, 0, NO_PORT2);
3024 conversation_set_dissector(conversation, snmp_handle);
3028 return dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, FALSE);
3032 dissect_snmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
3037 while (tvb_reported_length_remaining(tvb, offset) > 0) {
3038 message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree,
3039 proto_snmp, ett_snmp, TRUE);
3040 if (message_len == 0) {
3042 * We don't have all the data for that message,
3043 * so we need to do desegmentation;
3044 * "dissect_snmp_pdu()" has set that up.
3048 offset += message_len;
3053 dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
3055 proto_tree *smux_tree = NULL;
3056 proto_item *item = NULL;
3058 next_tvb_init(&var_list);
3060 col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMUX");
3063 item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA);
3064 smux_tree = proto_item_add_subtree(item, ett_smux);
3067 dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree);
3072 MD5 Password to Key Algorithm
3076 snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen,
3077 const guint8 *engineID, guint engineLength,
3081 guint8 *cp, password_buf[64];
3082 guint32 password_index = 0;
3083 guint32 count = 0, i;
3085 md5_init(&MD); /* initialize MD5 */
3087 /**********************************************/
3088 /* Use while loop until we've done 1 Megabyte */
3089 /**********************************************/
3090 while (count < 1048576) {
3092 for (i = 0; i < 64; i++) {
3093 /*************************************************/
3094 /* Take the next octet of the password, wrapping */
3095 /* to the beginning of the password as necessary.*/
3096 /*************************************************/
3097 *cp++ = password[password_index++ % passwordlen];
3099 md5_append(&MD, password_buf, 64);
3102 md5_finish(&MD, key1); /* tell MD5 we're done */
3104 /*****************************************************/
3105 /* Now localize the key with the engineID and pass */
3106 /* through MD5 to produce final key */
3107 /* We ignore invalid engineLengths here. More strict */
3108 /* checking is done in snmp_users_update_cb. */
3109 /*****************************************************/
3112 md5_append(&MD, key1, 16);
3113 md5_append(&MD, engineID, engineLength);
3114 md5_append(&MD, key1, 16);
3115 md5_finish(&MD, key);
3124 SHA1 Password to Key Algorithm COPIED from RFC 3414 A.2.2
3128 snmp_usm_password_to_key_sha1(const guint8 *password, guint passwordlen,
3129 const guint8 *engineID, guint engineLength,
3133 guint8 *cp, password_buf[64];
3134 guint32 password_index = 0;
3135 guint32 count = 0, i;
3137 sha1_starts(&SH); /* initialize SHA */
3139 /**********************************************/
3140 /* Use while loop until we've done 1 Megabyte */
3141 /**********************************************/
3142 while (count < 1048576) {
3144 for (i = 0; i < 64; i++) {
3145 /*************************************************/
3146 /* Take the next octet of the password, wrapping */
3147 /* to the beginning of the password as necessary.*/
3148 /*************************************************/
3149 *cp++ = password[password_index++ % passwordlen];
3151 sha1_update (&SH, password_buf, 64);
3154 sha1_finish(&SH, key);
3156 /*****************************************************/
3157 /* Now localize the key with the engineID and pass */
3158 /* through SHA to produce final key */
3159 /* We ignore invalid engineLengths here. More strict */
3160 /* checking is done in snmp_users_update_cb. */
3161 /*****************************************************/
3164 sha1_update(&SH, key, 20);
3165 sha1_update(&SH, engineID, engineLength);
3166 sha1_update(&SH, key, 20);
3167 sha1_finish(&SH, key);
3178 snmp_users_copy_cb(void* dest, const void* orig, size_t len _U_)
3180 const snmp_ue_assoc_t* o = (const snmp_ue_assoc_t*)orig;
3181 snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)dest;
3183 d->auth_model = o->auth_model;
3184 d->user.authModel = auth_models[o->auth_model];
3186 d->priv_proto = o->priv_proto;
3187 d->user.privProtocol = priv_protos[o->priv_proto];
3189 d->user.userName.data = (guint8*)g_memdup(o->user.userName.data,o->user.userName.len);
3190 d->user.userName.len = o->user.userName.len;
3192 d->user.authPassword.data = o->user.authPassword.data ? (guint8*)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL;
3193 d->user.authPassword.len = o->user.authPassword.len;
3195 d->user.privPassword.data = o->user.privPassword.data ? (guint8*)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL;
3196 d->user.privPassword.len = o->user.privPassword.len;
3198 d->engine.len = o->engine.len;
3199 if (o->engine.data) {
3200 d->engine.data = (guint8*)g_memdup(o->engine.data,o->engine.len);
3203 d->user.authKey.data = o->user.authKey.data ? (guint8*)g_memdup(o->user.authKey.data,o->user.authKey.len) : NULL;
3204 d->user.authKey.len = o->user.authKey.len;
3206 d->user.privKey.data = o->user.privKey.data ? (guint8*)g_memdup(o->user.privKey.data,o->user.privKey.len) : NULL;
3207 d->user.privKey.len = o->user.privKey.len;
3213 snmp_users_free_cb(void* p)
3215 snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
3216 g_free(ue->user.userName.data);
3217 g_free(ue->user.authPassword.data);
3218 g_free(ue->user.privPassword.data);
3219 g_free(ue->user.authKey.data);
3220 g_free(ue->user.privKey.data);
3221 g_free(ue->engine.data);
3225 snmp_users_update_cb(void* p _U_, const char** err)
3227 snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
3228 emem_strbuf_t* es = ep_strbuf_new("");
3234 /* Nothing to update */
3237 if (! ue->user.userName.len)
3238 ep_strbuf_append_printf(es,"no userName\n");
3240 for (i=0; i<num_ueas-1; i++) {
3241 snmp_ue_assoc_t* u = &(ueas[i]);
3243 /* RFC 3411 section 5 */
3244 if ((u->engine.len > 0) && (u->engine.len < 5 || u->engine.len > 32)) {
3245 ep_strbuf_append_printf(es, "Invalid engineId length (%u). Must be between 5 and 32 (10 and 64 hex digits)\n", u->engine.len);
3249 if ( u->user.userName.len == ue->user.userName.len
3250 && u->engine.len == ue->engine.len ) {
3252 if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) {
3253 if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
3254 /* XXX: make a string for the engineId */
3255 ep_strbuf_append_printf(es,"Duplicate key (userName='%s')\n",ue->user.userName.data);
3259 if (u->engine.len == 0) {
3260 if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
3261 ep_strbuf_append_printf(es,"Duplicate key (userName='%s' engineId=NONE)\n",ue->user.userName.data);
3268 es = ep_strbuf_truncate(es,es->len-1);
3269 *err = ep_strdup(es->str);
3276 UAT_LSTRING_CB_DEF(snmp_users,userName,snmp_ue_assoc_t,user.userName.data,user.userName.len)
3277 UAT_LSTRING_CB_DEF(snmp_users,authPassword,snmp_ue_assoc_t,user.authPassword.data,user.authPassword.len)
3278 UAT_LSTRING_CB_DEF(snmp_users,privPassword,snmp_ue_assoc_t,user.privPassword.data,user.privPassword.len)
3279 UAT_BUFFER_CB_DEF(snmp_users,engine_id,snmp_ue_assoc_t,engine.data,engine.len)
3280 UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,0,"MD5")
3281 UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,0,"DES")
3284 snmp_specific_trap_copy_cb(void *dest, const void *orig, size_t len _U_)
3286 snmp_st_assoc_t *u = (snmp_st_assoc_t *)dest;
3287 const snmp_st_assoc_t *o = (const snmp_st_assoc_t *)orig;
3289 u->enterprise = g_strdup(o->enterprise);
3291 u->desc = g_strdup(o->desc);
3297 snmp_specific_trap_free_cb(void *r)
3299 snmp_st_assoc_t *u = (snmp_st_assoc_t *)r;
3301 g_free(u->enterprise);
3305 UAT_CSTRING_CB_DEF(specific_traps, enterprise, snmp_st_assoc_t)
3306 UAT_DEC_CB_DEF(specific_traps, trap, snmp_st_assoc_t)
3307 UAT_CSTRING_CB_DEF(specific_traps, desc, snmp_st_assoc_t)
3309 /*--- proto_register_snmp -------------------------------------------*/
3310 void proto_register_snmp(void) {
3311 /* List of fields */
3312 static hf_register_info hf[] = {
3313 { &hf_snmp_v3_flags_auth,
3314 { "Authenticated", "snmp.v3.flags.auth", FT_BOOLEAN, 8,
3315 TFS(&tfs_set_notset), TH_AUTH, NULL, HFILL }},
3316 { &hf_snmp_v3_flags_crypt,
3317 { "Encrypted", "snmp.v3.flags.crypt", FT_BOOLEAN, 8,
3318 TFS(&tfs_set_notset), TH_CRYPT, NULL, HFILL }},
3319 { &hf_snmp_v3_flags_report,
3320 { "Reportable", "snmp.v3.flags.report", FT_BOOLEAN, 8,
3321 TFS(&tfs_set_notset), TH_REPORT, NULL, HFILL }},
3322 { &hf_snmp_engineid_conform, {
3323 "Engine ID Conformance", "snmp.engineid.conform", FT_BOOLEAN, 8,
3324 TFS(&tfs_snmp_engineid_conform), F_SNMP_ENGINEID_CONFORM, "Engine ID RFC3411 Conformance", HFILL }},
3325 { &hf_snmp_engineid_enterprise, {
3326 "Engine Enterprise ID", "snmp.engineid.enterprise", FT_UINT32, BASE_DEC|BASE_EXT_STRING,
3327 &sminmpec_values_ext, 0, NULL, HFILL }},
3328 { &hf_snmp_engineid_format, {
3329 "Engine ID Format", "snmp.engineid.format", FT_UINT8, BASE_DEC,
3330 VALS(snmp_engineid_format_vals), 0, NULL, HFILL }},
3331 { &hf_snmp_engineid_ipv4, {
3332 "Engine ID Data: IPv4 address", "snmp.engineid.ipv4", FT_IPv4, BASE_NONE,
3333 NULL, 0, NULL, HFILL }},
3334 { &hf_snmp_engineid_ipv6, {
3335 "Engine ID Data: IPv6 address", "snmp.engineid.ipv6", FT_IPv6, BASE_NONE,
3336 NULL, 0, NULL, HFILL }},
3337 { &hf_snmp_engineid_cisco_type, {
3338 "Engine ID Data: Cisco type", "snmp.engineid.cisco.type", FT_UINT8, BASE_HEX,
3339 VALS(snmp_engineid_cisco_type_vals), 0, NULL, HFILL }},
3340 { &hf_snmp_engineid_mac, {
3341 "Engine ID Data: MAC address", "snmp.engineid.mac", FT_ETHER, BASE_NONE,
3342 NULL, 0, NULL, HFILL }},
3343 { &hf_snmp_engineid_text, {
3344 "Engine ID Data: Text", "snmp.engineid.text", FT_STRING, BASE_NONE,
3345 NULL, 0, NULL, HFILL }},
3346 { &hf_snmp_engineid_time, {
3347 "Engine ID Data: Creation Time", "snmp.engineid.time", FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL,
3348 NULL, 0, NULL, HFILL }},
3349 { &hf_snmp_engineid_data, {
3350 "Engine ID Data", "snmp.engineid.data", FT_BYTES, BASE_NONE,
3351 NULL, 0, NULL, HFILL }},
3352 { &hf_snmp_msgAuthentication, {
3353 "Authentication", "snmp.v3.auth", FT_BOOLEAN, BASE_NONE,
3354 TFS(&auth_flags), 0, NULL, HFILL }},
3355 { &hf_snmp_decryptedPDU, {
3356 "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE,
3357 NULL, 0, "Decrypted PDU", HFILL }},
3358 { &hf_snmp_noSuchObject, {
3359 "noSuchObject", "snmp.noSuchObject", FT_NONE, BASE_NONE,
3360 NULL, 0, NULL, HFILL }},
3361 { &hf_snmp_noSuchInstance, {
3362 "noSuchInstance", "snmp.noSuchInstance", FT_NONE, BASE_NONE,
3363 NULL, 0, NULL, HFILL }},
3364 { &hf_snmp_endOfMibView, {
3365 "endOfMibView", "snmp.endOfMibView", FT_NONE, BASE_NONE,
3366 NULL, 0, NULL, HFILL }},
3367 { &hf_snmp_unSpecified, {
3368 "unSpecified", "snmp.unSpecified", FT_NONE, BASE_NONE,
3369 NULL, 0, NULL, HFILL }},
3371 { &hf_snmp_integer32_value, {
3372 "Value (Integer32)", "snmp.value.int", FT_INT64, BASE_DEC,
3373 NULL, 0, NULL, HFILL }},
3374 { &hf_snmp_octetstring_value, {
3375 "Value (OctetString)", "snmp.value.octets", FT_BYTES, BASE_NONE,
3376 NULL, 0, NULL, HFILL }},
3377 { &hf_snmp_oid_value, {
3378 "Value (OID)", "snmp.value.oid", FT_OID, BASE_NONE,
3379 NULL, 0, NULL, HFILL }},
3380 { &hf_snmp_null_value, {
3381 "Value (Null)", "snmp.value.null", FT_NONE, BASE_NONE,
3382 NULL, 0, NULL, HFILL }},
3383 { &hf_snmp_ipv4_value, {
3384 "Value (IpAddress)", "snmp.value.ipv4", FT_IPv4, BASE_NONE,
3385 NULL, 0, NULL, HFILL }},
3386 { &hf_snmp_ipv6_value, {
3387 "Value (IpAddress)", "snmp.value.ipv6", FT_IPv6, BASE_NONE,
3388 NULL, 0, NULL, HFILL }},
3389 { &hf_snmp_anyaddress_value, {
3390 "Value (IpAddress)", "snmp.value.addr", FT_BYTES, BASE_NONE,
3391 NULL, 0, NULL, HFILL }},
3392 { &hf_snmp_unsigned32_value, {
3393 "Value (Unsigned32)", "snmp.value.u32", FT_INT64, BASE_DEC,
3394 NULL, 0, NULL, HFILL }},
3395 { &hf_snmp_gauge32_value, {
3396 "Value (Gauge32)", "snmp.value.g32", FT_INT64, BASE_DEC,
3397 NULL, 0, NULL, HFILL }},
3398 { &hf_snmp_unknown_value, {
3399 "Value (Unknown)", "snmp.value.unk", FT_BYTES, BASE_NONE,
3400 NULL, 0, NULL, HFILL }},
3401 { &hf_snmp_counter_value, {
3402 "Value (Counter32)", "snmp.value.counter", FT_UINT64, BASE_DEC,
3403 NULL, 0, NULL, HFILL }},
3404 { &hf_snmp_big_counter_value, {
3405 "Value (Counter64)", "snmp.value.counter", FT_UINT64, BASE_DEC,
3406 NULL, 0, NULL, HFILL }},
3407 { &hf_snmp_nsap_value, {
3408 "Value (NSAP)", "snmp.value.nsap", FT_UINT64, BASE_DEC,
3409 NULL, 0, NULL, HFILL }},
3410 { &hf_snmp_timeticks_value, {
3411 "Value (Timeticks)", "snmp.value.timeticks", FT_UINT64, BASE_DEC,
3412 NULL, 0, NULL, HFILL }},
3413 { &hf_snmp_opaque_value, {
3414 "Value (Opaque)", "snmp.value.opaque", FT_BYTES, BASE_NONE,
3415 NULL, 0, NULL, HFILL }},
3416 { &hf_snmp_objectname, {
3417 "Object Name", "snmp.name", FT_OID, BASE_NONE,
3418 NULL, 0, NULL, HFILL }},
3419 { &hf_snmp_scalar_instance_index, {
3420 "Scalar Instance Index", "snmp.name.index", FT_UINT64, BASE_DEC,
3421 NULL, 0, NULL, HFILL }},
3425 /*--- Included file: packet-snmp-hfarr.c ---*/
3426 #line 1 "../../asn1/snmp/packet-snmp-hfarr.c"
3427 { &hf_snmp_SMUX_PDUs_PDU,
3428 { "SMUX-PDUs", "snmp.SMUX_PDUs",
3429 FT_UINT32, BASE_DEC, VALS(snmp_SMUX_PDUs_vals), 0,
3432 { "version", "snmp.version",
3433 FT_INT32, BASE_DEC, VALS(snmp_Version_vals), 0,
3435 { &hf_snmp_community,
3436 { "community", "snmp.community",
3437 FT_STRING, BASE_NONE, NULL, 0,
3440 { "data", "snmp.data",
3441 FT_UINT32, BASE_DEC, VALS(snmp_PDUs_vals), 0,
3443 { &hf_snmp_parameters,
3444 { "parameters", "snmp.parameters",
3445 FT_BYTES, BASE_NONE, NULL, 0,
3446 "OCTET_STRING", HFILL }},
3448 { "datav2u", "snmp.datav2u",
3449 FT_UINT32, BASE_DEC, VALS(snmp_T_datav2u_vals), 0,
3451 { &hf_snmp_v2u_plaintext,
3452 { "plaintext", "snmp.plaintext",
3453 FT_UINT32, BASE_DEC, VALS(snmp_PDUs_vals), 0,
3455 { &hf_snmp_encrypted,
3456 { "encrypted", "snmp.encrypted",
3457 FT_BYTES, BASE_NONE, NULL, 0,
3458 "OCTET_STRING", HFILL }},
3459 { &hf_snmp_msgAuthoritativeEngineID,
3460 { "msgAuthoritativeEngineID", "snmp.msgAuthoritativeEngineID",
3461 FT_BYTES, BASE_NONE, NULL, 0,
3463 { &hf_snmp_msgAuthoritativeEngineBoots,
3464 { "msgAuthoritativeEngineBoots", "snmp.msgAuthoritativeEngineBoots",
3465 FT_UINT32, BASE_DEC, NULL, 0,
3467 { &hf_snmp_msgAuthoritativeEngineTime,
3468 { "msgAuthoritativeEngineTime", "snmp.msgAuthoritativeEngineTime",
3469 FT_UINT32, BASE_DEC, NULL, 0,
3471 { &hf_snmp_msgUserName,
3472 { "msgUserName", "snmp.msgUserName",
3473 FT_STRING, BASE_NONE, NULL, 0,
3475 { &hf_snmp_msgAuthenticationParameters,
3476 { "msgAuthenticationParameters", "snmp.msgAuthenticationParameters",
3477 FT_BYTES, BASE_NONE, NULL, 0,
3479 { &hf_snmp_msgPrivacyParameters,
3480 { "msgPrivacyParameters", "snmp.msgPrivacyParameters",
3481 FT_BYTES, BASE_NONE, NULL, 0,
3483 { &hf_snmp_msgVersion,
3484 { "msgVersion", "snmp.msgVersion",
3485 FT_INT32, BASE_DEC, VALS(snmp_Version_vals), 0,
3486 "Version", HFILL }},
3487 { &hf_snmp_msgGlobalData,
3488 { "msgGlobalData", "snmp.msgGlobalData",
3489 FT_NONE, BASE_NONE, NULL, 0,
3490 "HeaderData", HFILL }},
3491 { &hf_snmp_msgSecurityParameters,
3492 { "msgSecurityParameters", "snmp.msgSecurityParameters",
3493 FT_BYTES, BASE_NONE, NULL, 0,
3496 { "msgData", "snmp.msgData",
3497 FT_UINT32, BASE_DEC, VALS(snmp_ScopedPduData_vals), 0,
3498 "ScopedPduData", HFILL }},
3500 { "msgID", "snmp.msgID",
3501 FT_UINT32, BASE_DEC, NULL, 0,
3502 "INTEGER_0_2147483647", HFILL }},
3503 { &hf_snmp_msgMaxSize,
3504 { "msgMaxSize", "snmp.msgMaxSize",
3505 FT_UINT32, BASE_DEC, NULL, 0,
3506 "INTEGER_484_2147483647", HFILL }},
3507 { &hf_snmp_msgFlags,
3508 { "msgFlags", "snmp.msgFlags",
3509 FT_BYTES, BASE_NONE, NULL, 0,
3511 { &hf_snmp_msgSecurityModel,
3512 { "msgSecurityModel", "snmp.msgSecurityModel",
3513 FT_UINT32, BASE_DEC, VALS(sec_models), 0,
3515 { &hf_snmp_plaintext,
3516 { "plaintext", "snmp.plaintext",
3517 FT_NONE, BASE_NONE, NULL, 0,
3518 "ScopedPDU", HFILL }},
3519 { &hf_snmp_encryptedPDU,
3520 { "encryptedPDU", "snmp.encryptedPDU",
3521 FT_BYTES, BASE_NONE, NULL, 0,
3523 { &hf_snmp_contextEngineID,
3524 { "contextEngineID", "snmp.contextEngineID",
3525 FT_BYTES, BASE_NONE, NULL, 0,
3526 "SnmpEngineID", HFILL }},
3527 { &hf_snmp_contextName,
3528 { "contextName", "snmp.contextName",
3529 FT_STRING, BASE_NONE, NULL, 0,
3530 "OCTET_STRING", HFILL }},
3531 { &hf_snmp_get_request,
3532 { "get-request", "snmp.get_request",
3533 FT_NONE, BASE_NONE, NULL, 0,
3534 "GetRequest_PDU", HFILL }},
3535 { &hf_snmp_get_next_request,
3536 { "get-next-request", "snmp.get_next_request",
3537 FT_NONE, BASE_NONE, NULL, 0,
3538 "GetNextRequest_PDU", HFILL }},
3539 { &hf_snmp_get_response,
3540 { "get-response", "snmp.get_response",
3541 FT_NONE, BASE_NONE, NULL, 0,
3542 "GetResponse_PDU", HFILL }},
3543 { &hf_snmp_set_request,
3544 { "set-request", "snmp.set_request",
3545 FT_NONE, BASE_NONE, NULL, 0,
3546 "SetRequest_PDU", HFILL }},
3548 { "trap", "snmp.trap",
3549 FT_NONE, BASE_NONE, NULL, 0,
3550 "Trap_PDU", HFILL }},
3551 { &hf_snmp_getBulkRequest,
3552 { "getBulkRequest", "snmp.getBulkRequest",
3553 FT_NONE, BASE_NONE, NULL, 0,
3554 "GetBulkRequest_PDU", HFILL }},
3555 { &hf_snmp_informRequest,
3556 { "informRequest", "snmp.informRequest",
3557 FT_NONE, BASE_NONE, NULL, 0,
3558 "InformRequest_PDU", HFILL }},
3559 { &hf_snmp_snmpV2_trap,
3560 { "snmpV2-trap", "snmp.snmpV2_trap",
3561 FT_NONE, BASE_NONE, NULL, 0,
3562 "SNMPv2_Trap_PDU", HFILL }},
3564 { "report", "snmp.report",
3565 FT_NONE, BASE_NONE, NULL, 0,
3566 "Report_PDU", HFILL }},
3567 { &hf_snmp_request_id,
3568 { "request-id", "snmp.request_id",
3569 FT_INT32, BASE_DEC, NULL, 0,
3570 "INTEGER", HFILL }},
3571 { &hf_snmp_error_status,
3572 { "error-status", "snmp.error_status",
3573 FT_INT32, BASE_DEC, VALS(snmp_T_error_status_vals), 0,
3575 { &hf_snmp_error_index,
3576 { "error-index", "snmp.error_index",
3577 FT_INT32, BASE_DEC, NULL, 0,
3578 "INTEGER", HFILL }},
3579 { &hf_snmp_variable_bindings,
3580 { "variable-bindings", "snmp.variable_bindings",
3581 FT_UINT32, BASE_DEC, NULL, 0,
3582 "VarBindList", HFILL }},
3583 { &hf_snmp_bulkPDU_request_id,
3584 { "request-id", "snmp.request_id",
3585 FT_INT32, BASE_DEC, NULL, 0,
3586 "Integer32", HFILL }},
3587 { &hf_snmp_non_repeaters,
3588 { "non-repeaters", "snmp.non_repeaters",
3589 FT_UINT32, BASE_DEC, NULL, 0,
3590 "INTEGER_0_2147483647", HFILL }},
3591 { &hf_snmp_max_repetitions,
3592 { "max-repetitions", "snmp.max_repetitions",
3593 FT_UINT32, BASE_DEC, NULL, 0,
3594 "INTEGER_0_2147483647", HFILL }},
3595 { &hf_snmp_enterprise,
3596 { "enterprise", "snmp.enterprise",
3597 FT_OID, BASE_NONE, NULL, 0,
3598 "EnterpriseOID", HFILL }},
3599 { &hf_snmp_agent_addr,
3600 { "agent-addr", "snmp.agent_addr",
3601 FT_IPv4, BASE_NONE, NULL, 0,
3602 "NetworkAddress", HFILL }},
3603 { &hf_snmp_generic_trap,
3604 { "generic-trap", "snmp.generic_trap",
3605 FT_INT32, BASE_DEC, VALS(snmp_GenericTrap_vals), 0,
3606 "GenericTrap", HFILL }},
3607 { &hf_snmp_specific_trap,
3608 { "specific-trap", "snmp.specific_trap",
3609 FT_INT32, BASE_DEC, NULL, 0,
3610 "SpecificTrap", HFILL }},
3611 { &hf_snmp_time_stamp,
3612 { "time-stamp", "snmp.time_stamp",
3613 FT_UINT32, BASE_DEC, NULL, 0,
3614 "TimeTicks", HFILL }},
3616 { "name", "snmp.name",
3617 FT_OID, BASE_NONE, NULL, 0,
3618 "ObjectName", HFILL }},
3619 { &hf_snmp_valueType,
3620 { "valueType", "snmp.valueType",
3621 FT_NONE, BASE_NONE, NULL, 0,
3623 { &hf_snmp_VarBindList_item,
3624 { "VarBind", "snmp.VarBind",
3625 FT_NONE, BASE_NONE, NULL, 0,
3628 { "open", "snmp.open",
3629 FT_UINT32, BASE_DEC, VALS(snmp_OpenPDU_vals), 0,
3630 "OpenPDU", HFILL }},
3632 { "close", "snmp.close",
3633 FT_INT32, BASE_DEC, VALS(snmp_ClosePDU_U_vals), 0,
3634 "ClosePDU", HFILL }},
3635 { &hf_snmp_registerRequest,
3636 { "registerRequest", "snmp.registerRequest",
3637 FT_NONE, BASE_NONE, NULL, 0,
3638 "RReqPDU", HFILL }},
3639 { &hf_snmp_registerResponse,
3640 { "registerResponse", "snmp.registerResponse",
3641 FT_UINT32, BASE_DEC, VALS(snmp_RegisterResponse_vals), 0,
3643 { &hf_snmp_commitOrRollback,
3644 { "commitOrRollback", "snmp.commitOrRollback",
3645 FT_INT32, BASE_DEC, VALS(snmp_SOutPDU_U_vals), 0,
3646 "SOutPDU", HFILL }},
3648 { "rRspPDU", "snmp.rRspPDU",
3649 FT_INT32, BASE_DEC, VALS(snmp_RRspPDU_U_vals), 0,
3652 { "pDUs", "snmp.pDUs",
3653 FT_UINT32, BASE_DEC, VALS(snmp_PDUs_vals), 0,
3655 { &hf_snmp_smux_simple,
3656 { "smux-simple", "snmp.smux_simple",
3657 FT_NONE, BASE_NONE, NULL, 0,
3658 "SimpleOpen", HFILL }},
3659 { &hf_snmp_smux_version,
3660 { "smux-version", "snmp.smux_version",
3661 FT_INT32, BASE_DEC, VALS(snmp_T_smux_version_vals), 0,
3663 { &hf_snmp_identity,
3664 { "identity", "snmp.identity",
3665 FT_OID, BASE_NONE, NULL, 0,
3666 "OBJECT_IDENTIFIER", HFILL }},
3667 { &hf_snmp_description,
3668 { "description", "snmp.description",
3669 FT_BYTES, BASE_NONE, NULL, 0,
3670 "DisplayString", HFILL }},
3671 { &hf_snmp_password,
3672 { "password", "snmp.password",
3673 FT_BYTES, BASE_NONE, NULL, 0,
3674 "OCTET_STRING", HFILL }},
3676 { "subtree", "snmp.subtree",
3677 FT_OID, BASE_NONE, NULL, 0,
3678 "ObjectName", HFILL }},
3679 { &hf_snmp_priority,
3680 { "priority", "snmp.priority",
3681 FT_INT32, BASE_DEC, NULL, 0,
3682 "INTEGER_M1_2147483647", HFILL }},
3683 { &hf_snmp_operation,
3684 { "operation", "snmp.operation",
3685 FT_INT32, BASE_DEC, VALS(snmp_T_operation_vals), 0,
3688 /*--- End of included file: packet-snmp-hfarr.c ---*/
3689 #line 2201 "../../asn1/snmp/packet-snmp-template.c"
3692 /* List of subtrees */
3693 static gint *ett[] = {
3699 &ett_authParameters,
3704 &ett_decoding_error,
3706 /*--- Included file: packet-snmp-ettarr.c ---*/
3707 #line 1 "../../asn1/snmp/packet-snmp-ettarr.c"
3709 &ett_snmp_Messagev2u,
3710 &ett_snmp_T_datav2u,
3711 &ett_snmp_UsmSecurityParameters,
3712 &ett_snmp_SNMPv3Message,
3713 &ett_snmp_HeaderData,
3714 &ett_snmp_ScopedPduData,
3715 &ett_snmp_ScopedPDU,
3719 &ett_snmp_Trap_PDU_U,
3721 &ett_snmp_VarBindList,
3722 &ett_snmp_SMUX_PDUs,
3723 &ett_snmp_RegisterResponse,
3725 &ett_snmp_SimpleOpen_U,
3726 &ett_snmp_RReqPDU_U,
3728 /*--- End of included file: packet-snmp-ettarr.c ---*/
3729 #line 2217 "../../asn1/snmp/packet-snmp-template.c"
3731 module_t *snmp_module;
3733 static uat_field_t users_fields[] = {
3734 UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"),
3735 UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"),
3736 UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."),
3737 UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"),
3738 UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."),
3739 UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"),
3743 uat_t *assocs_uat = uat_new("SNMP Users",
3744 sizeof(snmp_ue_assoc_t),
3749 UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
3750 "ChSNMPUsersSection",
3752 snmp_users_update_cb,
3757 static uat_field_t specific_traps_flds[] = {
3758 UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"),
3759 UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"),
3760 UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"),
3764 uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types",
3765 sizeof(snmp_st_assoc_t),
3766 "snmp_specific_traps",
3768 (void*) &specific_traps,
3769 &num_specific_traps,
3770 UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
3771 "ChSNMPEnterpriseSpecificTrapTypes",
3772 snmp_specific_trap_copy_cb,
3774 snmp_specific_trap_free_cb,
3776 specific_traps_flds);
3778 /* Register protocol */
3779 proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME);
3780 new_register_dissector("snmp", dissect_snmp, proto_snmp);
3782 /* Register fields and subtrees */
3783 proto_register_field_array(proto_snmp, hf, array_length(hf));
3784 proto_register_subtree_array(ett, array_length(ett));
3787 /* Register configuration preferences */
3788 snmp_module = prefs_register_protocol(proto_snmp, process_prefs);
3789 prefs_register_bool_preference(snmp_module, "display_oid",
3790 "Show SNMP OID in info column",
3791 "Whether the SNMP OID should be shown in the info column",
3794 prefs_register_obsolete_preference(snmp_module, "mib_modules");
3795 prefs_register_obsolete_preference(snmp_module, "users_file");
3797 prefs_register_bool_preference(snmp_module, "desegment",
3798 "Reassemble SNMP-over-TCP messages\nspanning multiple TCP segments",
3799 "Whether the SNMP dissector should reassemble messages spanning multiple TCP segments."
3800 " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
3803 prefs_register_bool_preference(snmp_module, "var_in_tree",
3804 "Display dissected variables inside SNMP tree",
3805 "ON - display dissected variables inside SNMP tree, OFF - display dissected variables in root tree after SNMP",
3808 prefs_register_uat_preference(snmp_module, "users_table",
3810 "Table of engine-user associations used for authentication and decryption",
3813 prefs_register_uat_preference(snmp_module, "specific_traps_table",
3814 "Enterprise Specific Trap Types",
3815 "Table of enterprise specific-trap type descriptions",
3816 specific_traps_uat);
3819 prefs_register_static_text_preference(snmp_module, "info_mibs",
3820 "MIB settings can be changed in the Name Resolution preferences",
3821 "MIB settings can be changed in the Name Resolution preferences");
3824 value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE);
3826 register_init_routine(renew_ue_cache);
3828 register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp);
3832 /*--- proto_reg_handoff_snmp ---------------------------------------*/
3833 void proto_reg_handoff_snmp(void) {
3834 dissector_handle_t snmp_tcp_handle;
3836 snmp_handle = find_dissector("snmp");
3838 dissector_add_uint("udp.port", UDP_PORT_SNMP, snmp_handle);
3839 dissector_add_uint("udp.port", UDP_PORT_SNMP_TRAP, snmp_handle);
3840 dissector_add_uint("udp.port", UDP_PORT_SNMP_PATROL, snmp_handle);
3841 dissector_add_uint("ethertype", ETHERTYPE_SNMP, snmp_handle);
3842 dissector_add_uint("ipx.socket", IPX_SOCKET_SNMP_AGENT, snmp_handle);
3843 dissector_add_uint("ipx.socket", IPX_SOCKET_SNMP_SINK, snmp_handle);
3844 dissector_add_uint("hpext.dxsap", HPEXT_SNMP, snmp_handle);
3846 snmp_tcp_handle = create_dissector_handle(dissect_snmp_tcp, proto_snmp);
3847 dissector_add_uint("tcp.port", TCP_PORT_SNMP, snmp_tcp_handle);
3848 dissector_add_uint("tcp.port", TCP_PORT_SNMP_TRAP, snmp_tcp_handle);
3850 data_handle = find_dissector("data");
3853 * Process preference settings.
3855 * We can't do this in the register routine, as preferences aren't
3856 * read until all dissector register routines have been called (so
3857 * that all dissector preferences have been registered).
3864 proto_register_smux(void)
3866 static hf_register_info hf[] = {
3868 { "Version", "smux.version", FT_UINT8, BASE_DEC, NULL,
3869 0x0, NULL, HFILL }},
3871 { "PDU type", "smux.pdutype", FT_UINT8, BASE_DEC, VALS(smux_types),
3872 0x0, NULL, HFILL }},
3874 static gint *ett[] = {
3878 proto_smux = proto_register_protocol("SNMP Multiplex Protocol",
3880 proto_register_field_array(proto_smux, hf, array_length(hf));
3881 proto_register_subtree_array(ett, array_length(ett));
3886 proto_reg_handoff_smux(void)
3888 dissector_handle_t smux_handle;
3890 smux_handle = create_dissector_handle(dissect_smux, proto_smux);
3891 dissector_add_uint("tcp.port", TCP_PORT_SMUX, smux_handle);