/* packet-ipsec.c
- * Routines for IPsec/IPComp packet disassembly
+ * Routines for IPsec/IPComp packet disassembly
*
- * $Id: packet-ipsec.c,v 1.26 2001/02/03 20:08:04 gerald Exp $
+ * $Id: packet-ipsec.c,v 1.42 2002/08/28 21:00:17 jmayer Exp $
*
* Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@zing.org>
+ * By Gerald Combs <gerald@ethereal.com>
* Copyright 1998 Gerald Combs
*
- *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-
#include <string.h>
#include <glib.h>
-#include "packet.h"
+#include <epan/packet.h>
#include "packet-ipsec.h"
#include "packet-ip.h"
-#include "resolv.h"
+#include <epan/resolv.h>
+#include "ipproto.h"
#include "prefs.h"
/* Place AH payload in sub tree */
-gboolean g_ah_payload_in_subtree = FALSE;
+static gboolean g_ah_payload_in_subtree = FALSE;
static int proto_ah = -1;
static int hf_ah_spi = -1;
static gint ett_esp = -1;
static gint ett_ipcomp = -1;
+static dissector_handle_t data_handle;
+
struct newah {
guint8 ah_nxt; /* Next Header */
guint8 ah_len; /* Length of data + 1, in 32bit */
#define offsetof(type, member) ((size_t)(&((type *)0)->member))
#endif
-int
-dissect_ah_old(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
+static void
+dissect_ah(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
- proto_tree *ah_tree;
- proto_item *ti;
- struct newah ah;
+ proto_tree *next_tree;
+ guint8 nxt;
+ tvbuff_t *next_tvb;
int advance;
- memcpy(&ah, (void *) &pd[offset], sizeof(ah));
- advance = sizeof(ah) + ((ah.ah_len - 1) << 2);
+ advance = dissect_ah_header(tvb, pinfo, tree, &nxt, &next_tree);
+ next_tvb = tvb_new_subset(tvb, advance, -1, -1);
- if (check_col(fd, COL_PROTOCOL))
- col_set_str(fd, COL_PROTOCOL, "AH");
- if (check_col(fd, COL_INFO)) {
- col_add_fstr(fd, COL_INFO, "AH (SPI=0x%08x)",
- (guint32)ntohl(ah.ah_spi));
+ if (g_ah_payload_in_subtree) {
+ col_set_writable(pinfo->cinfo, FALSE);
}
- if (tree) {
- /* !!! specify length */
- ti = proto_tree_add_item(tree, proto_ah, NullTVB, offset, advance, FALSE);
- ah_tree = proto_item_add_subtree(ti, ett_ah);
-
- proto_tree_add_text(ah_tree, NullTVB, offset + offsetof(struct newah, ah_nxt), 1,
- "Next Header: %s (0x%02x)", ipprotostr(ah.ah_nxt), ah.ah_nxt);
- proto_tree_add_text(ah_tree, NullTVB, offset + offsetof(struct newah, ah_len), 1,
- "Length: %d", ah.ah_len << 2);
- proto_tree_add_uint(ah_tree, hf_ah_spi, NullTVB,
- offset + offsetof(struct newah, ah_spi), 4,
- (guint32)ntohl(ah.ah_spi));
- proto_tree_add_uint(ah_tree, hf_ah_sequence, NullTVB,
- offset + offsetof(struct newah, ah_seq), 4,
- (guint32)ntohl(ah.ah_seq));
- proto_tree_add_text(ah_tree, NullTVB, offset + sizeof(ah), (ah.ah_len - 1) << 2,
- "ICV");
+ /* do lookup with the subdissector table */
+ if (!dissector_try_port(ip_dissector_table, nxt, next_tvb, pinfo, next_tree)) {
+ call_dissector(data_handle,next_tvb, pinfo, next_tree);
}
-
- /* start of the new header (could be a extension header) */
- return advance;
}
-void
-dissect_ah(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
+int
+dissect_ah_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
+ guint8 *nxt_p, proto_tree **next_tree_p)
{
- proto_tree *ah_tree, *next_tree = NULL;
+ proto_tree *ah_tree;
proto_item *ti;
struct newah ah;
int advance;
- OLD_CHECK_DISPLAY_AS_DATA(proto_ah, pd, offset, fd, tree);
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "AH");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
- memcpy(&ah, (void *) &pd[offset], sizeof(ah));
+ tvb_memcpy(tvb, (guint8 *)&ah, 0, sizeof(ah));
advance = sizeof(ah) + ((ah.ah_len - 1) << 2);
- if (check_col(fd, COL_PROTOCOL))
- col_set_str(fd, COL_PROTOCOL, "AH");
- if (check_col(fd, COL_INFO)) {
- col_add_fstr(fd, COL_INFO, "AH (SPI=0x%08x)",
- (guint32)ntohl(ah.ah_spi));
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "AH (SPI=0x%08x)",
+ (guint32)g_ntohl(ah.ah_spi));
}
if (tree) {
/* !!! specify length */
- ti = proto_tree_add_item(tree, proto_ah, NullTVB, offset, advance, FALSE);
+ ti = proto_tree_add_item(tree, proto_ah, tvb, 0, advance, FALSE);
ah_tree = proto_item_add_subtree(ti, ett_ah);
- proto_tree_add_text(ah_tree, NullTVB, offset + offsetof(struct newah, ah_nxt), 1,
- "Next Header: %s (0x%02x)", ipprotostr(ah.ah_nxt), ah.ah_nxt);
- proto_tree_add_text(ah_tree, NullTVB, offset + offsetof(struct newah, ah_len), 1,
- "Length: %d", ah.ah_len << 2);
- proto_tree_add_uint(ah_tree, hf_ah_spi, NullTVB,
- offset + offsetof(struct newah, ah_spi), 4,
- (guint32)ntohl(ah.ah_spi));
- proto_tree_add_uint(ah_tree, hf_ah_sequence, NullTVB,
- offset + offsetof(struct newah, ah_seq), 4,
- (guint32)ntohl(ah.ah_seq));
- proto_tree_add_text(ah_tree, NullTVB, offset + sizeof(ah), (ah.ah_len - 1) << 2,
+ proto_tree_add_text(ah_tree, tvb,
+ offsetof(struct newah, ah_nxt), 1,
+ "Next Header: %s (0x%02x)",
+ ipprotostr(ah.ah_nxt), ah.ah_nxt);
+ proto_tree_add_text(ah_tree, tvb,
+ offsetof(struct newah, ah_len), 1,
+ "Length: %u", (ah.ah_len + 2) << 2);
+ proto_tree_add_uint(ah_tree, hf_ah_spi, tvb,
+ offsetof(struct newah, ah_spi), 4,
+ (guint32)g_ntohl(ah.ah_spi));
+ proto_tree_add_uint(ah_tree, hf_ah_sequence, tvb,
+ offsetof(struct newah, ah_seq), 4,
+ (guint32)g_ntohl(ah.ah_seq));
+ proto_tree_add_text(ah_tree, tvb,
+ sizeof(ah), (ah.ah_len - 1) << 2,
"ICV");
- /* Decide where to place next protocol decode */
- if (g_ah_payload_in_subtree) {
- next_tree = ah_tree;
- }
- else {
- next_tree = tree;
+ if (next_tree_p != NULL) {
+ /* Decide where to place next protocol decode */
+ if (g_ah_payload_in_subtree) {
+ *next_tree_p = ah_tree;
+ }
+ else {
+ *next_tree_p = tree;
+ }
}
+ } else {
+ if (next_tree_p != NULL)
+ *next_tree_p = NULL;
}
- /* start of the new header (could be a extension header) */
- offset += advance;
+ if (nxt_p != NULL)
+ *nxt_p = ah.ah_nxt;
- if (g_ah_payload_in_subtree) {
- col_set_writable(fd, FALSE);
- }
-
- /* do lookup with the subdissector table */
- if (!old_dissector_try_port(ip_dissector_table, ah.ah_nxt, pd, offset, fd, next_tree)) {
- old_dissect_data(pd, offset, fd, next_tree);
- }
+ /* start of the new header (could be a extension header) */
+ return advance;
}
static void
-dissect_esp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
+dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *esp_tree;
proto_item *ti;
struct newesp esp;
- OLD_CHECK_DISPLAY_AS_DATA(proto_esp, pd, offset, fd, tree);
-
- memcpy(&esp, (void *) &pd[offset], sizeof(esp));
-
/*
* load the top pane info. This should be overwritten by
* the next protocol in the stack
*/
- if (check_col(fd, COL_PROTOCOL))
- col_set_str(fd, COL_PROTOCOL, "ESP");
- if (check_col(fd, COL_INFO)) {
- col_add_fstr(fd, COL_INFO, "ESP (SPI=0x%08x)",
- (guint32)ntohl(esp.esp_spi));
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "ESP");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
+
+ tvb_memcpy(tvb, (guint8 *)&esp, 0, sizeof(esp));
+
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "ESP (SPI=0x%08x)",
+ (guint32)g_ntohl(esp.esp_spi));
}
/*
* (ie none)
*/
if(tree) {
- ti = proto_tree_add_item(tree, proto_esp, NullTVB, offset, END_OF_FRAME, FALSE);
+ ti = proto_tree_add_item(tree, proto_esp, tvb, 0, -1, FALSE);
esp_tree = proto_item_add_subtree(ti, ett_esp);
- proto_tree_add_uint(esp_tree, hf_esp_spi, NullTVB,
- offset + offsetof(struct newesp, esp_spi), 4,
- (guint32)ntohl(esp.esp_spi));
- proto_tree_add_uint(esp_tree, hf_esp_sequence, NullTVB,
- offset + offsetof(struct newesp, esp_seq), 4,
- (guint32)ntohl(esp.esp_seq));
- old_dissect_data(pd, offset + sizeof(struct newesp), fd, esp_tree);
+ proto_tree_add_uint(esp_tree, hf_esp_spi, tvb,
+ offsetof(struct newesp, esp_spi), 4,
+ (guint32)g_ntohl(esp.esp_spi));
+ proto_tree_add_uint(esp_tree, hf_esp_sequence, tvb,
+ offsetof(struct newesp, esp_seq), 4,
+ (guint32)g_ntohl(esp.esp_seq));
+ call_dissector(data_handle,
+ tvb_new_subset(tvb, sizeof(struct newesp), -1, -1),
+ pinfo, esp_tree);
}
}
static void
-dissect_ipcomp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
+dissect_ipcomp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_tree *ipcomp_tree;
proto_item *ti;
struct ipcomp ipcomp;
char *p;
- OLD_CHECK_DISPLAY_AS_DATA(proto_ipcomp, pd, offset, fd, tree);
-
- memcpy(&ipcomp, (void *) &pd[offset], sizeof(ipcomp));
-
/*
* load the top pane info. This should be overwritten by
* the next protocol in the stack
*/
- if (check_col(fd, COL_PROTOCOL))
- col_set_str(fd, COL_PROTOCOL, "IPComp");
- if (check_col(fd, COL_INFO)) {
- p = val_to_str(ntohs(ipcomp.comp_cpi), cpi2val, "");
- if (p[0] == '\0') {
- col_add_fstr(fd, COL_INFO, "IPComp (CPI=0x%04x)",
- ntohs(ipcomp.comp_cpi));
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "IPComp");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
+
+ tvb_memcpy(tvb, (guint8 *)&ipcomp, 0, sizeof(ipcomp));
+
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ p = match_strval(g_ntohs(ipcomp.comp_cpi), cpi2val);
+ if (p == NULL) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "IPComp (CPI=0x%04x)",
+ g_ntohs(ipcomp.comp_cpi));
} else
- col_add_fstr(fd, COL_INFO, "IPComp (CPI=%s)", p);
+ col_add_fstr(pinfo->cinfo, COL_INFO, "IPComp (CPI=%s)", p);
}
/*
* (ie none)
*/
if (tree) {
- ti = proto_tree_add_item(tree, proto_ipcomp, NullTVB, offset, END_OF_FRAME,
- FALSE);
+ ti = proto_tree_add_item(tree, proto_ipcomp, tvb, 0, -1, FALSE);
ipcomp_tree = proto_item_add_subtree(ti, ett_ipcomp);
- proto_tree_add_text(ipcomp_tree, NullTVB,
- offset + offsetof(struct ipcomp, comp_nxt), 1,
+ proto_tree_add_text(ipcomp_tree, tvb,
+ offsetof(struct ipcomp, comp_nxt), 1,
"Next Header: %s (0x%02x)",
ipprotostr(ipcomp.comp_nxt), ipcomp.comp_nxt);
- proto_tree_add_uint(ipcomp_tree, hf_ipcomp_flags, NullTVB,
- offset + offsetof(struct ipcomp, comp_flags), 1,
+ proto_tree_add_uint(ipcomp_tree, hf_ipcomp_flags, tvb,
+ offsetof(struct ipcomp, comp_flags), 1,
ipcomp.comp_flags);
- p = val_to_str(ntohs(ipcomp.comp_cpi), cpi2val, "");
- if (p[0] == '\0') {
- proto_tree_add_uint(ipcomp_tree, hf_ipcomp_cpi, NullTVB,
- offset + offsetof(struct ipcomp, comp_cpi), 2,
- ntohs(ipcomp.comp_cpi));
- } else {
- proto_tree_add_uint_format(ipcomp_tree, hf_ipcomp_cpi, NullTVB,
- offset + offsetof(struct ipcomp, comp_cpi), 2,
- ntohs(ipcomp.comp_cpi),
- "CPI: %s (0x%04x)",
- p, ntohs(ipcomp.comp_cpi));
- }
- old_dissect_data(pd, offset + sizeof(struct ipcomp), fd, ipcomp_tree);
+ proto_tree_add_uint(ipcomp_tree, hf_ipcomp_cpi, tvb,
+ offsetof(struct ipcomp, comp_cpi), 2,
+ g_ntohs(ipcomp.comp_cpi));
+ call_dissector(data_handle,
+ tvb_new_subset(tvb, sizeof(struct ipcomp), -1, -1), pinfo,
+ ipcomp_tree);
}
}
static hf_register_info hf_ah[] = {
{ &hf_ah_spi,
{ "SPI", "ah.spi", FT_UINT32, BASE_HEX, NULL, 0x0,
- "" }},
+ "", HFILL }},
{ &hf_ah_sequence,
{ "Sequence", "ah.sequence", FT_UINT32, BASE_HEX, NULL, 0x0,
- "" }}
+ "", HFILL }}
};
static hf_register_info hf_esp[] = {
{ &hf_esp_spi,
{ "SPI", "esp.spi", FT_UINT32, BASE_HEX, NULL, 0x0,
- "" }},
+ "", HFILL }},
{ &hf_esp_sequence,
{ "Sequence", "esp.sequence", FT_UINT32, BASE_HEX, NULL, 0x0,
- "" }}
+ "", HFILL }}
};
static hf_register_info hf_ipcomp[] = {
{ &hf_ipcomp_flags,
{ "Flags", "ipcomp.flags", FT_UINT8, BASE_HEX, NULL, 0x0,
- "" }},
+ "", HFILL }},
{ &hf_ipcomp_cpi,
- { "CPI", "ipcomp.cpi", FT_UINT16, BASE_HEX, NULL, 0x0,
- "" }},
+ { "CPI", "ipcomp.cpi", FT_UINT16, BASE_HEX,
+ VALS(cpi2val), 0x0, "", HFILL }},
};
static gint *ett[] = {
&ett_ah,
"Place AH payload in subtree",
"Whether the AH payload decode should be placed in a subtree",
&g_ah_payload_in_subtree);
+
+ register_dissector("esp", dissect_esp, proto_esp);
+ register_dissector("ah", dissect_ah, proto_ah);
}
void
proto_reg_handoff_ipsec(void)
{
- old_dissector_add("ip.proto", IP_PROTO_AH, dissect_ah, proto_ah);
- old_dissector_add("ip.proto", IP_PROTO_ESP, dissect_esp, proto_esp);
- old_dissector_add("ip.proto", IP_PROTO_IPCOMP, dissect_ipcomp,
- proto_ipcomp);
+ dissector_handle_t esp_handle, ah_handle, ipcomp_handle;
+
+ data_handle = find_dissector("data");
+ ah_handle = find_dissector("ah");
+ dissector_add("ip.proto", IP_PROTO_AH, ah_handle);
+ esp_handle = find_dissector("esp");
+ dissector_add("ip.proto", IP_PROTO_ESP, esp_handle);
+ ipcomp_handle = create_dissector_handle(dissect_ipcomp, proto_ipcomp);
+ dissector_add("ip.proto", IP_PROTO_IPCOMP, ipcomp_handle);
}
git.samba.org / metze / wireshark / wip.git / blobdiff