* See RFC 2578 for Structure of Management Information Version 2 (SMIv2)
* Copyright (C) 2007 Luis E. Garcia Ontanon <luis@ontanon.org>
*
- * $Id$
- *
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if 0
+#include <stdio.h>
#define D(args) do {printf args; fflush(stdout); } while(0)
+#endif
#include "config.h"
-#include <string.h>
-#include <ctype.h>
-
-#include <glib.h>
-
#include <epan/packet.h>
#include <epan/strutil.h>
#include <epan/conversation.h>
#include <epan/etypes.h>
#include <epan/prefs.h>
#include <epan/sminmpec.h>
-#include <epan/emem.h>
#include <epan/next_tvb.h>
#include <epan/uat.h>
#include <epan/asn1.h>
+#include <epan/expert.h>
+#include <epan/oids.h>
+#include <wsutil/sha1.h>
+#include <wsutil/md5.h>
#include "packet-ipx.h"
#include "packet-hpext.h"
-
-
#include "packet-ber.h"
-
#include "packet-snmp.h"
-#include <epan/crypt/sha1.h>
-#include <epan/crypt/md5.h>
-#include <epan/expert.h>
-#include <epan/report_err.h>
-#include <epan/oids.h>
-
-
-#ifdef HAVE_LIBGCRYPT
-#include <gcrypt.h>
-#endif
+#include <wsutil/wsgcrypt.h>
/* Take a pointer that may be null and return a pointer that's not null
by turning null pointers into pointers to the above null string,
static gboolean display_oid = TRUE;
static gboolean snmp_var_in_tree = TRUE;
-#ifdef HAVE_LIBGCRYPT
-static gint snmp_decryption_algo = 0;
-#endif
+
+void proto_register_snmp(void);
+void proto_reg_handoff_snmp(void);
+void proto_register_smux(void);
+void proto_reg_handoff_smux(void);
static gboolean snmp_usm_auth_md5(snmp_usm_params_t* p, guint8**, guint*, gchar const**);
static gboolean snmp_usm_auth_sha1(snmp_usm_params_t* p, guint8**, guint*, gchar const**);
static tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t*, tvbuff_t*, gchar const**);
-static tvbuff_t* snmp_usm_priv_aes(snmp_usm_params_t*, tvbuff_t*, gchar const**);
+static tvbuff_t* snmp_usm_priv_aes128(snmp_usm_params_t*, tvbuff_t*, gchar const**);
+static tvbuff_t* snmp_usm_priv_aes192(snmp_usm_params_t*, tvbuff_t*, gchar const**);
+static tvbuff_t* snmp_usm_priv_aes256(snmp_usm_params_t*, tvbuff_t*, gchar const**);
static void snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen, const guint8 *engineID, guint engineLength, guint8 *key);
static snmp_usm_auth_model_t model_md5 = {snmp_usm_password_to_key_md5, snmp_usm_auth_md5, 16};
-static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, 20};
+static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, SHA1_DIGEST_LEN};
static const value_string auth_types[] = {
{0,"MD5"},
};
static snmp_usm_auth_model_t* auth_models[] = {&model_md5,&model_sha1};
+#define PRIV_DES 0
+#define PRIV_AES128 1
+#define PRIV_AES192 2
+#define PRIV_AES256 3
static const value_string priv_types[] = {
- {0,"DES"},
- {1,"AES"},
- {0,NULL}
+ { PRIV_DES, "DES" },
+ { PRIV_AES128, "AES" },
+ { PRIV_AES192, "AES192" },
+ { PRIV_AES256, "AES256" },
+ { 0, NULL}
};
-static snmp_usm_decoder_t priv_protos[] = {snmp_usm_priv_des, snmp_usm_priv_aes};
-
-#ifdef HAVE_LIBGCRYPT
-static const enum_val_t snmp_decryption_algo_type[] = {
- { "aes" , "AES", 0 },
- { "aes256", "AES256", 1 },
- { NULL, NULL, 0 }
+static snmp_usm_decoder_t priv_protos[] = {
+ snmp_usm_priv_des,
+ snmp_usm_priv_aes128,
+ snmp_usm_priv_aes192,
+ snmp_usm_priv_aes256
};
-#endif
static snmp_ue_assoc_t* ueas = NULL;
static guint num_ueas = 0;
static snmp_st_assoc_t *specific_traps = NULL;
static const char *enterprise_oid = NULL;
static guint generic_trap = 0;
-
+static guint32 snmp_version = 0;
static snmp_usm_params_t usm_p = {FALSE,FALSE,0,0,0,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,FALSE};
static int hf_snmp_objectname = -1;
static int hf_snmp_scalar_instance_index = -1;
+static int hf_snmp_var_bind_str = -1;
+static int hf_snmp_agentid_trailer = -1;
#include "packet-snmp-hf.c"
-static int hf_smux_version = -1;
-static int hf_smux_pdutype = -1;
-
/* Initialize the subtree pointers */
static gint ett_smux = -1;
static gint ett_snmp = -1;
#include "packet-snmp-ett.c"
+static expert_field ei_snmp_failed_decrypted_data_pdu = EI_INIT;
+static expert_field ei_snmp_decrypted_data_bad_formatted = EI_INIT;
+static expert_field ei_snmp_verify_authentication_error = EI_INIT;
+static expert_field ei_snmp_authentication_ok = EI_INIT;
+static expert_field ei_snmp_authentication_error = EI_INIT;
+static expert_field ei_snmp_varbind_not_uni_class_seq = EI_INIT;
+static expert_field ei_snmp_varbind_has_indicator = EI_INIT;
+static expert_field ei_snmp_objectname_not_oid = EI_INIT;
+static expert_field ei_snmp_objectname_has_indicator = EI_INIT;
+static expert_field ei_snmp_value_not_primitive_encoding = EI_INIT;
+static expert_field ei_snmp_invalid_oid = EI_INIT;
+static expert_field ei_snmp_varbind_wrong_tag = EI_INIT;
+static expert_field ei_snmp_varbind_response = EI_INIT;
+static expert_field ei_snmp_no_instance_subid = EI_INIT;
+static expert_field ei_snmp_wrong_num_of_subids = EI_INIT;
+static expert_field ei_snmp_index_suboid_too_short = EI_INIT;
+static expert_field ei_snmp_unimplemented_instance_index = EI_INIT;
+static expert_field ei_snmp_index_suboid_len0 = EI_INIT;
+static expert_field ei_snmp_index_suboid_too_long = EI_INIT;
+static expert_field ei_snmp_index_string_too_long = EI_INIT;
+static expert_field ei_snmp_column_parent_not_row = EI_INIT;
+static expert_field ei_snmp_uint_too_large = EI_INIT;
+static expert_field ei_snmp_int_too_large = EI_INIT;
+static expert_field ei_snmp_integral_value0 = EI_INIT;
+static expert_field ei_snmp_missing_mib = EI_INIT;
+static expert_field ei_snmp_varbind_wrong_length_value = EI_INIT;
+static expert_field ei_snmp_varbind_wrong_class_tag = EI_INIT;
+static expert_field ei_snmp_rfc1910_non_conformant = EI_INIT;
+static expert_field ei_snmp_rfc3411_non_conformant = EI_INIT;
+static expert_field ei_snmp_version_unknown = EI_INIT;
+static expert_field ei_snmp_trap_pdu_obsolete = EI_INIT;
+
static const true_false_string auth_flags = {
"OK",
"Failed"
/* Security Models */
#define SNMP_SEC_ANY 0
-#define SNMP_SEC_V1 1
+#define SNMP_SEC_V1 1
#define SNMP_SEC_V2C 2
#define SNMP_SEC_USM 3
{ 0, NULL }
};
+#if 0
/* SMUX PDU types */
#define SMUX_MSG_OPEN 0
#define SMUX_MSG_CLOSE 1
{ SMUX_MSG_SOUT, "Commit Or Rollback" },
{ 0, NULL }
};
+#endif
#define SNMP_IPA 0 /* IP Address */
return NULL;
}
+static int
+dissect_snmp_variable_string(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void *data _U_)
+{
+
+ proto_tree_add_item(tree, hf_snmp_var_bind_str, tvb, 0, -1, ENC_ASCII|ENC_NA);
+
+ return tvb_captured_length(tvb);
+}
+
+/*
+DateAndTime ::= TEXTUAL-CONVENTION
+ DISPLAY-HINT "2d-1d-1d,1d:1d:1d.1d,1a1d:1d"
+ STATUS current
+ DESCRIPTION
+ "A date-time specification.
+
+ field octets contents range
+ ----- ------ -------- -----
+ 1 1-2 year* 0..65536
+ 2 3 month 1..12
+ 3 4 day 1..31
+ 4 5 hour 0..23
+ 5 6 minutes 0..59
+ 6 7 seconds 0..60
+ (use 60 for leap-second)
+ 7 8 deci-seconds 0..9
+ 8 9 direction from UTC '+' / '-'
+ 9 10 hours from UTC* 0..13
+ 10 11 minutes from UTC 0..59
+
+ * Notes:
+ - the value of year is in network-byte order
+ - daylight saving time in New Zealand is +13
+
+ For example, Tuesday May 26, 1992 at 1:30:15 PM EDT would be
+ displayed as:
+
+ 1992-5-26,13:30:15.0,-4:0
+
+ Note that if only local time is known, then timezone
+ information (fields 8-10) is not present."
+ SYNTAX OCTET STRING (SIZE (8 | 11))
+*/
+static proto_item *
+dissect_snmp_variable_date_and_time(proto_tree *tree,int hfid, tvbuff_t *tvb, int offset, int length)
+{
+ guint16 year;
+ guint8 month;
+ guint8 day;
+ guint8 hour;
+ guint8 minutes;
+ guint8 seconds;
+ guint8 deci_seconds;
+ guint8 hour_from_utc;
+ guint8 min_from_utc;
+ gchar *str;
+
+ year = tvb_get_ntohs(tvb,offset);
+ month = tvb_get_guint8(tvb,offset+2);
+ day = tvb_get_guint8(tvb,offset+3);
+ hour = tvb_get_guint8(tvb,offset+4);
+ minutes = tvb_get_guint8(tvb,offset+5);
+ seconds = tvb_get_guint8(tvb,offset+6);
+ deci_seconds = tvb_get_guint8(tvb,offset+7);
+ if(length > 8){
+ hour_from_utc = tvb_get_guint8(tvb,offset+9);
+ min_from_utc = tvb_get_guint8(tvb,offset+10);
+
+ str = wmem_strdup_printf(wmem_packet_scope(),
+ "%u-%u-%u, %u:%u:%u.%u UTC %s%u:%u",
+ year,
+ month,
+ day,
+ hour,
+ minutes,
+ seconds,
+ deci_seconds,
+ tvb_get_string_enc(wmem_packet_scope(),tvb,offset+8,1,ENC_ASCII|ENC_NA),
+ hour_from_utc,
+ min_from_utc);
+ }else{
+ str = wmem_strdup_printf(wmem_packet_scope(),
+ "%u-%u-%u, %u:%u:%u.%u",
+ year,
+ month,
+ day,
+ hour,
+ minutes,
+ seconds,
+ deci_seconds);
+ }
+
+ return proto_tree_add_string(tree, hfid, tvb, offset, length, str);
+
+}
+
/*
* dissect_snmp_VarBind
* this routine dissects variable bindings, looking for the oid information in our oid reporsitory
*/
-extern int
+static int
dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset,
asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_)
{
seq_offset = offset;
/* first have the VarBind's sequence header */
- offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
- offset = get_ber_length(tvb, offset, &seq_len, &ind);
-
- seq_len += offset - seq_offset;
+ offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag);
+ offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &seq_len, &ind);
if (!pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_SEQUENCE) {
- proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"VarBind must be an universal class sequence");
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence");
+ proto_item* pi;
+ pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len + (offset - seq_offset),
+ ett_decoding_error, &pi, "VarBind must be an universal class sequence");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_not_uni_class_seq);
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
}
if (ind) {
- proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in VarBind");
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind has indicator set");
+ proto_item* pi;
+ pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len + (offset - seq_offset),
+ ett_decoding_error, &pi, "Indicator must be clear in VarBind");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_has_indicator);
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
}
+ /* we add the varbind tree root with a dummy label we'll fill later on */
+ pt_varbind = proto_tree_add_subtree(tree,tvb,offset,seq_len,ett_varbind,&pi_varbind,"VarBind");
+ *label = '\0';
+
+ seq_len += offset - seq_offset;
+
/* then we have the ObjectName's header */
- offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
- name_offset = offset = get_ber_length(tvb, offset, &name_len, &ind);
+ offset = dissect_ber_identifier(actx->pinfo, pt_varbind, tvb, offset, &ber_class, &pc, &tag);
+ name_offset = offset = dissect_ber_length(actx->pinfo, pt_varbind, tvb, offset, &name_len, &ind);
if (! ( !pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_OID) ) {
- proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"ObjectName must be an OID in primitive encoding");
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName not an OID");
+ proto_item* pi;
+ pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len,
+ ett_decoding_error, &pi, "ObjectName must be an OID in primitive encoding");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_objectname_not_oid);
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
}
if (ind) {
- proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in ObjectName");
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName has indicator set");
+ proto_item* pi;
+ pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len,
+ ett_decoding_error, &pi, "Indicator must be clear in ObjectName");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_objectname_has_indicator);
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
}
+ pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA);
+ pt_name = proto_item_add_subtree(pi_name,ett_name);
+
offset += name_len;
value_start = offset;
-
- /* then we have the value's header */
- offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
- value_offset = get_ber_length(tvb, offset, &value_len, &ind);
+ /* then we have the value's header */
+ offset = dissect_ber_identifier(actx->pinfo, pt_varbind, tvb, offset, &ber_class, &pc, &tag);
+ value_offset = dissect_ber_length(actx->pinfo, pt_varbind, tvb, offset, &value_len, &ind);
if (! (!pc) ) {
- proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"the value must be in primitive encoding");
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "value not in primitive encoding");
- return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
+ proto_item* pi;
+ pt = proto_tree_add_subtree(pt_varbind, tvb, value_start, value_len,
+ ett_decoding_error, &pi, "the value must be in primitive encoding");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_value_not_primitive_encoding);
+ return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
}
/* Now, we know where everithing is */
-
-
- /* we add the varbind tree root with a dummy label we'll fill later on */
- pi_varbind = proto_tree_add_text(tree,tvb,seq_offset,seq_len,"VarBind");
- pt_varbind = proto_item_add_subtree(pi_varbind,ett_varbind);
- *label = '\0';
-
- pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA);
- pt_name = proto_item_add_subtree(pi_name,ett_name);
-
/* fetch ObjectName and its relative oid_info */
- oid_bytes = (guint8*)ep_tvb_memdup(tvb, name_offset, name_len);
- oid_info = oid_get_from_encoded(oid_bytes, name_len, &subids, &oid_matched, &oid_left);
+ oid_bytes = (guint8*)tvb_memdup(wmem_packet_scope(), tvb, name_offset, name_len);
+ oid_info = oid_get_from_encoded(wmem_packet_scope(), oid_bytes, name_len, &subids, &oid_matched, &oid_left);
add_oid_debug_subtree(oid_info,pt_name);
if (!subids) {
proto_item* pi;
- repr = oid_encoded2string(oid_bytes, name_len);
- pi = proto_tree_add_text(pt_name,tvb, 0, 0, "invalid oid: %s", repr);
- pt = proto_item_add_subtree(pi, ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "invalid oid: %s", repr);
+ repr = oid_encoded2string(wmem_packet_scope(), oid_bytes, name_len);
+ pt = proto_tree_add_subtree_format(pt_name,tvb, 0, 0, ett_decoding_error, &pi, "invalid oid: %s", repr);
+ expert_add_info_format(actx->pinfo, pi, &ei_snmp_invalid_oid, "invalid oid: %s", repr);
return dissect_unknown_ber(actx->pinfo, tvb, name_offset, pt);
}
if (oid_matched+oid_left) {
- oid_string = oid_subid2string(subids,oid_matched+oid_left);
+ oid_string = oid_subid2string(wmem_packet_scope(), subids,oid_matched+oid_left);
}
if (ber_class == BER_CLASS_CON) {
note = "endOfMibView";
break;
default: {
- pi = proto_tree_add_text(pt_varbind,tvb,0,0,"Wrong tag for Error Value: expected 0, 1, or 2 but got: %d",tag);
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value");
+ pt = proto_tree_add_subtree_format(pt_varbind,tvb,0,0,ett_decoding_error,&pi,
+ "Wrong tag for Error Value: expected 0, 1, or 2 but got: %d",tag);
+ expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_wrong_tag);
return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
}
}
pi = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
- expert_add_info_format(actx->pinfo, pi, PI_RESPONSE_CODE, PI_NOTE, "%s",note);
+ expert_add_info_format(actx->pinfo, pi, &ei_snmp_varbind_response, "%s",note);
g_strlcpy (label, note, ITEM_LABEL_LENGTH);
goto set_label;
}
/* now we'll try to figure out which are the indexing sub-oids and whether the oid we know about is the one oid we have to use */
switch (oid_info->kind) {
case OID_KIND_SCALAR:
- if (oid_left == 1) {
+ if (oid_left == 1) {
/* OK: we got the instance sub-id */
proto_tree_add_uint64(pt_name,hf_snmp_scalar_instance_index,tvb,name_offset,name_len,subids[oid_matched]);
oid_info_is_ok = TRUE;
goto indexing_done;
- } else if (oid_left == 0) {
+ } else if (oid_left == 0) {
if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) {
/* unSpecified does not require an instance sub-id add the new value and get off the way! */
pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,ENC_NA);
goto set_label;
} else {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have one instance sub-id this one has none");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_no_instance_subid,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
} else {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value");
+ proto_tree_add_expert_format(pt_name,actx->pinfo,&ei_snmp_wrong_num_of_subids,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left);
oid_info_is_ok = FALSE;
goto indexing_done;
}
guint suboid_len;
if (key_start >= oid_matched+oid_left) {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid shorter than expected");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_too_short,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
switch(k->key_type) {
case OID_KEY_TYPE_WRONG: {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"OID instaces not handled, if you want this implemented please contact the wireshark developers");
- expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_unimplemented_instance_index,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
suboid = &(subids[key_start]);
if( suboid_len == 0 ) {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"an index sub-oid OID cannot be 0 bytes long!");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid OID with len=0");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_len0,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
if( key_len < suboid_len ) {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid should not be longer than remaining oid size");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid longer than remaining oid size");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_too_long,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
- suboid_buf_len = oid_subid2encoded(suboid_len, suboid, &suboid_buf);
+ suboid_buf_len = oid_subid2encoded(wmem_packet_scope(), suboid_len, suboid, &suboid_buf);
DISSECTOR_ASSERT(suboid_buf_len);
}
if( key_len < buf_len ) {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index string should not be longer than remaining oid size");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index string longer than remaining oid size");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_string_too_long,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
- buf = (guint8*)ep_alloc(buf_len+1);
+ buf = (guint8*)wmem_alloc(wmem_packet_scope(), buf_len+1);
for (i = 0; i < buf_len; i++)
buf[i] = (guint8)suboid[i];
buf[i] = '\0';
proto_tree_add_ether(pt_name,k->hfid,tvb,name_offset,buf_len, buf);
break;
case OID_KEY_TYPE_IPADDR: {
- guint32* ipv4_p = (void*)buf;
+ guint32* ipv4_p = (guint32*)buf;
proto_tree_add_ipv4(pt_name,k->hfid,tvb,name_offset,buf_len, *ipv4_p);
}
break;
}
goto indexing_done;
} else {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"We do not know how to handle this OID, if you want this implemented please contact the wireshark developers");
- expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_unimplemented_instance_index,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
} else {
- proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"The COLUMS's parent is not a ROW. This is a BUG! please contact the wireshark developers.");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW");
+ proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_column_parent_not_row,tvb,0,0);
oid_info_is_ok = FALSE;
goto indexing_done;
}
default: {
-/* proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"This kind OID should have no value");
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "This kind OID should have no value"); */
+/* proto_tree_add_expert (pt_name,actx->pinfo,PI_MALFORMED, PI_WARN,tvb,0,0,"This kind OID should have no value"); */
oid_info_is_ok = FALSE;
goto indexing_done;
}
format_error = BER_WRONG_TAG;
else {
max_len = oid_info->value_type->max_len == -1 ? 0xffffff : oid_info->value_type->max_len;
- min_len = oid_info->value_type->min_len;
+ min_len = oid_info->value_type->min_len;
if ((int)value_len < min_len || (int)value_len > max_len)
format_error = BER_WRONG_LENGTH;
goto already_added;
}
case BER_CLASS_UNI|(BER_UNI_TAG_OCTETSTRING<<4):
- hfid = hf_snmp_octetstring_value;
+ if(oid_info->value_hfid> -1){
+ hfid = oid_info->value_hfid;
+ }else{
+ hfid = hf_snmp_octetstring_value;
+ }
break;
case BER_CLASS_UNI|(BER_UNI_TAG_OID<<4):
max_len = -1; min_len = 1;
*/
if (value_len > 9 || tvb_get_guint8(tvb, value_offset) != 0) {
/* It is. Fail. */
- pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value too large");
- expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1");
+ proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_uint_too_large,tvb,value_offset,value_len,"Integral value too large");
goto already_added;
}
/* Cheat and skip the leading 0 byte */
/*
* For now, just reject these.
*/
- pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value too large or too small");
- expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63");
+ proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_int_too_large,tvb,value_offset,value_len,"Integral value too large or too small");
goto already_added;
}
} else if (value_len == 0) {
*/
header_field_info *hfinfo = proto_registrar_get_nth(hfid);
if (hfinfo->type == FT_UINT64 || hfinfo->type == FT_INT64) {
- pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value is zero-length");
- expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Integral value is zero-length");
+ proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_integral_value0,tvb,value_offset,value_len,"Integral value is zero-length");
goto already_added;
}
}
- pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
+ /* Special case DATE AND TIME */
+ if((oid_info->value_type)&&(oid_info->value_type->keytype == OID_KEY_TYPE_DATE_AND_TIME)&&(value_len > 7)){
+ pi_value = dissect_snmp_variable_date_and_time(pt_varbind, hfid, tvb, value_offset, value_len);
+ }else{
+ pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
+ }
if (format_error != BER_NO_ERROR) {
- expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB");
+ expert_add_info(actx->pinfo, pi_value, &ei_snmp_missing_mib);
}
-already_added:
- oid_info_is_ok = FALSE;
}
-
+already_added:
pt_value = proto_item_add_subtree(pi_value,ett_value);
if (value_len > 0 && oid_string) {
- tvbuff_t* sub_tvb = tvb_new_subset(tvb, value_offset, value_len, value_len);
+ tvbuff_t* sub_tvb = tvb_new_subset_length(tvb, value_offset, value_len);
next_tvb_add_string(&var_list, sub_tvb, (snmp_var_in_tree) ? pt_value : NULL, value_sub_dissectors_table, oid_string);
}
if (oid_info && oid_info->name) {
if (oid_left >= 1) {
- repr = ep_strdup_printf("%s.%s (%s)", oid_info->name,
- oid_subid2string(&(subids[oid_matched]),oid_left),
- oid_subid2string(subids,oid_matched+oid_left));
- info_oid = ep_strdup_printf("%s.%s", oid_info->name,
- oid_subid2string(&(subids[oid_matched]),oid_left));
+ repr = wmem_strdup_printf(wmem_packet_scope(), "%s.%s (%s)", oid_info->name,
+ oid_subid2string(wmem_packet_scope(), &(subids[oid_matched]),oid_left),
+ oid_subid2string(wmem_packet_scope(), subids,oid_matched+oid_left));
+ info_oid = wmem_strdup_printf(wmem_packet_scope(), "%s.%s", oid_info->name,
+ oid_subid2string(wmem_packet_scope(), &(subids[oid_matched]),oid_left));
} else {
- repr = ep_strdup_printf("%s (%s)", oid_info->name,
- oid_subid2string(subids,oid_matched));
+ repr = wmem_strdup_printf(wmem_packet_scope(), "%s (%s)", oid_info->name,
+ oid_subid2string(wmem_packet_scope(), subids,oid_matched));
info_oid = oid_info->name;
}
} else if (oid_string) {
- repr = ep_strdup(oid_string);
+ repr = wmem_strdup(wmem_packet_scope(), oid_string);
info_oid = oid_string;
} else {
- repr = ep_strdup("[Bad OID]");
+ repr = wmem_strdup(wmem_packet_scope(), "[Bad OID]");
}
valstr = strstr(label,": ");
proto_item_set_text(pi_varbind,"%s: %s",repr,valstr);
if (display_oid && info_oid) {
- col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid);
+ col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid);
}
switch (format_error) {
case BER_WRONG_LENGTH: {
+ proto_item* pi;
proto_tree* p_tree = proto_item_add_subtree(pi_value,ett_decoding_error);
- proto_item* pi = proto_tree_add_text(p_tree,tvb,0,0,"Wrong value length: %u expecting: %u <= len <= %u",
+ pt = proto_tree_add_subtree_format(p_tree,tvb,0,0,ett_decoding_error,&pi,
+ "Wrong value length: %u expecting: %u <= len <= %u",
value_len, min_len, max_len == -1 ? 0xFFFFFF : max_len);
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_wrong_length_value);
return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
}
case BER_WRONG_TAG: {
+ proto_item* pi;
proto_tree* p_tree = proto_item_add_subtree(pi_value,ett_decoding_error);
- proto_item* pi = proto_tree_add_text(p_tree,tvb,0,0,"Wrong class/tag for Value expected: %d,%d got: %d,%d",
+ pt = proto_tree_add_subtree_format(p_tree,tvb,0,0,ett_decoding_error,&pi,
+ "Wrong class/tag for Value expected: %d,%d got: %d,%d",
oid_info->value_type->ber_class, oid_info->value_type->ber_tag,
ber_class, tag);
- pt = proto_item_add_subtree(pi,ett_decoding_error);
- expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value");
+ expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_wrong_class_tag);
return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
}
default:
#define SNMP_ENGINEID_RFC3411 0x01
static const true_false_string tfs_snmp_engineid_conform = {
- "RFC3411 (SNMPv3)",
- "RFC1910 (Non-SNMPv3)"
+ "RFC3411 (SNMPv3)",
+ "RFC1910 (Non-SNMPv3)"
};
#define SNMP_ENGINEID_FORMAT_IPV4 0x01
{ SNMP_ENGINEID_FORMAT_MACADDRESS, "MAC address" },
{ SNMP_ENGINEID_FORMAT_TEXT, "Text, administratively assigned" },
{ SNMP_ENGINEID_FORMAT_OCTETS, "Octets, administratively assigned" },
- { 0, NULL }
+ { 0, NULL }
};
#define SNMP_ENGINEID_CISCO_AGENT 0x00
* or historic RFC 1910 (AgentID)
*/
int
-dissect_snmp_engineid(proto_tree *tree, tvbuff_t *tvb, int offset, int len)
+dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int offset, int len)
{
- proto_item *item = NULL;
- guint8 conformance, format;
- guint32 enterpriseid, seconds;
- nstime_t ts;
- int len_remain = len;
-
- /* first bit: engine id conformance */
- if (len_remain<1) return offset;
- conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01);
- proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN);
-
- /* 4-byte enterprise number/name */
- if (len_remain<4) return offset;
- enterpriseid = tvb_get_ntohl(tvb, offset);
- if (conformance)
- enterpriseid -= 0x80000000; /* ignore first bit */
- proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid);
- offset+=4;
- len_remain-=4;
-
- switch(conformance) {
-
- case SNMP_ENGINEID_RFC1910:
- /* 12-byte AgentID w/ 8-byte trailer */
- if (len_remain==8) {
- proto_tree_add_text(tree, tvb, offset, 8, "AgentID Trailer: 0x%s",
- tvb_bytes_to_str(tvb, offset, 8));
- offset+=8;
- len_remain-=8;
- } else {
- proto_tree_add_text(tree, tvb, offset, len_remain, "<Data not conforming to RFC1910>");
- return offset;
- }
- break;
-
- case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */
-
- /* 1-byte format specifier */
- if (len_remain<1) return offset;
- format = tvb_get_guint8(tvb, offset);
- item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)",
- val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format);
- offset+=1;
- len_remain-=1;
-
- switch(format) {
- case SNMP_ENGINEID_FORMAT_IPV4:
- /* 4-byte IPv4 address */
- if (len_remain==4) {
- proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
- offset+=4;
- len_remain=0;
- }
- break;
- case SNMP_ENGINEID_FORMAT_IPV6:
- /* 16-byte IPv6 address */
- if (len_remain==16) {
- proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA);
- offset+=16;
- len_remain=0;
- }
- break;
- case SNMP_ENGINEID_FORMAT_MACADDRESS:
- /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */
- if ((enterpriseid==9)&&(len_remain==7)) {
- proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset++;
- len_remain--;
- }
- /* 6-byte MAC address */
- if (len_remain==6) {
- proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA);
- offset+=6;
- len_remain=0;
- }
- break;
- case SNMP_ENGINEID_FORMAT_TEXT:
- /* max. 27-byte string, administratively assigned */
- if (len_remain<=27) {
- proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA);
- offset+=len_remain;
- len_remain=0;
- }
- break;
- case 128:
- /* most common enterprise-specific format: (ucd|net)-snmp random */
- if ((enterpriseid==2021)||(enterpriseid==8072)) {
- proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random");
- /* demystify: 4B random, 4B epoch seconds */
- if (len_remain==8) {
- proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA);
- seconds = tvb_get_letohl(tvb, offset+4);
- ts.secs = seconds;
- ts.nsecs = 0;
- proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4,
- &ts, "%s",
- abs_time_secs_to_str(seconds, ABSOLUTE_TIME_LOCAL, TRUE));
- offset+=8;
- len_remain=0;
- }
- break;
+ proto_item *item = NULL;
+ guint8 conformance, format;
+ guint32 enterpriseid, seconds;
+ nstime_t ts;
+ int len_remain = len;
+
+ /* first bit: engine id conformance */
+ if (len_remain<1) return offset;
+ conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01);
+ proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN);
+
+ /* 4-byte enterprise number/name */
+ if (len_remain<4) return offset;
+ enterpriseid = tvb_get_ntohl(tvb, offset);
+ if (conformance)
+ enterpriseid -= 0x80000000; /* ignore first bit */
+ proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid);
+ offset+=4;
+ len_remain-=4;
+
+ switch(conformance) {
+
+ case SNMP_ENGINEID_RFC1910:
+ /* 12-byte AgentID w/ 8-byte trailer */
+ if (len_remain==8) {
+ proto_tree_add_item(tree, hf_snmp_agentid_trailer, tvb, offset, 8, ENC_NA);
+ offset+=8;
+ len_remain-=8;
+ } else {
+ proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc1910_non_conformant, tvb, offset, len_remain);
+ return offset;
+ }
+ break;
+
+ case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */
+
+ /* 1-byte format specifier */
+ if (len_remain<1) return offset;
+ format = tvb_get_guint8(tvb, offset);
+ item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)",
+ val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format);
+ offset+=1;
+ len_remain-=1;
+
+ switch(format) {
+ case SNMP_ENGINEID_FORMAT_IPV4:
+ /* 4-byte IPv4 address */
+ if (len_remain==4) {
+ proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
+ offset+=4;
+ len_remain=0;
+ }
+ break;
+ case SNMP_ENGINEID_FORMAT_IPV6:
+ /* 16-byte IPv6 address */
+ if (len_remain==16) {
+ proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA);
+ offset+=16;
+ len_remain=0;
+ }
+ break;
+ case SNMP_ENGINEID_FORMAT_MACADDRESS:
+ /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */
+ if ((enterpriseid==9)&&(len_remain==7)) {
+ proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset++;
+ len_remain--;
+ }
+ /* 6-byte MAC address */
+ if (len_remain==6) {
+ proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA);
+ offset+=6;
+ len_remain=0;
+ }
+ break;
+ case SNMP_ENGINEID_FORMAT_TEXT:
+ /* max. 27-byte string, administratively assigned */
+ if (len_remain<=27) {
+ proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA);
+ offset+=len_remain;
+ len_remain=0;
+ }
+ break;
+ case 128:
+ /* most common enterprise-specific format: (ucd|net)-snmp random */
+ if ((enterpriseid==2021)||(enterpriseid==8072)) {
+ proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random");
+ /* demystify: 4B random, 4B epoch seconds */
+ if (len_remain==8) {
+ proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA);
+ seconds = tvb_get_letohl(tvb, offset+4);
+ ts.secs = seconds;
+ ts.nsecs = 0;
+ proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4,
+ &ts, "%s",
+ abs_time_secs_to_str(wmem_packet_scope(), seconds, ABSOLUTE_TIME_LOCAL, TRUE));
+ offset+=8;
+ len_remain=0;
+ }
+ break;
+ }
+ /* fall through */
+ case SNMP_ENGINEID_FORMAT_OCTETS:
+ default:
+ /* max. 27 bytes, administratively assigned or unknown format */
+ if (len_remain<=27) {
+ proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA);
+ offset+=len_remain;
+ len_remain=0;
+ }
+ break;
+ }
}
- /* fall through */
- case SNMP_ENGINEID_FORMAT_OCTETS:
- default:
- /* max. 27 bytes, administratively assigned or unknown format */
- if (len_remain<=27) {
- proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA);
- offset+=len_remain;
- len_remain=0;
+
+ if (len_remain>0) {
+ proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc3411_non_conformant, tvb, offset, len_remain);
+ offset+=len_remain;
}
- break;
- }
- }
-
- if (len_remain>0) {
- proto_tree_add_text(tree, tvb, offset, len_remain, "<Data not conforming to RFC3411>");
- offset+=len_remain;
- }
- return offset;
+ return offset;
}
static void set_ue_keys(snmp_ue_assoc_t* n ) {
guint key_size = n->user.authModel->key_size;
- n->user.authKey.data = (guint8 *)se_alloc(key_size);
+ n->user.authKey.data = (guint8 *)g_malloc(key_size);
n->user.authKey.len = key_size;
n->user.authModel->pass2key(n->user.authPassword.data,
n->user.authPassword.len,
n->engine.len,
n->user.authKey.data);
- n->user.privKey.data = (guint8 *)se_alloc(key_size);
- n->user.privKey.len = key_size;
- n->user.authModel->pass2key(n->user.privPassword.data,
- n->user.privPassword.len,
- n->engine.data,
- n->engine.len,
- n->user.privKey.data);
+ if (n->priv_proto == PRIV_AES128 || n->priv_proto == PRIV_AES192 || n->priv_proto == PRIV_AES256) {
+ guint need_key_len =
+ (n->priv_proto == PRIV_AES128) ? 16 :
+ (n->priv_proto == PRIV_AES192) ? 24 :
+ (n->priv_proto == PRIV_AES256) ? 32 :
+ 0;
+
+ guint key_len = key_size;
+
+ while (key_len < need_key_len)
+ key_len += key_size;
+
+ n->user.privKey.data = (guint8 *)g_malloc(key_len);
+ n->user.privKey.len = need_key_len;
+
+ n->user.authModel->pass2key(n->user.privPassword.data,
+ n->user.privPassword.len,
+ n->engine.data,
+ n->engine.len,
+ n->user.privKey.data);
+
+ key_len = key_size;
+
+ /* extend key if needed */
+ while (key_len < need_key_len) {
+ n->user.authModel->pass2key(
+ n->user.privKey.data,
+ key_len,
+ n->engine.data,
+ n->engine.len,
+ n->user.privKey.data + key_len);
+
+ key_len += key_size;
+ }
+
+ } else {
+ n->user.privKey.data = (guint8 *)g_malloc(key_size);
+ n->user.privKey.len = key_size;
+ n->user.authModel->pass2key(n->user.privPassword.data,
+ n->user.privPassword.len,
+ n->engine.data,
+ n->engine.len,
+ n->user.privKey.data);
+ }
}
static snmp_ue_assoc_t*
-ue_se_dup(snmp_ue_assoc_t* o)
+ue_dup(snmp_ue_assoc_t* o)
{
- snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)se_memdup(o,sizeof(snmp_ue_assoc_t));
+ snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)g_memdup(o,sizeof(snmp_ue_assoc_t));
d->user.authModel = o->user.authModel;
d->user.privProtocol = o->user.privProtocol;
- d->user.userName.data = (guint8 *)se_memdup(o->user.userName.data,o->user.userName.len);
+ d->user.userName.data = (guint8 *)g_memdup(o->user.userName.data,o->user.userName.len);
d->user.userName.len = o->user.userName.len;
- d->user.authPassword.data = o->user.authPassword.data ? (guint8 *)se_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL;
+ d->user.authPassword.data = o->user.authPassword.data ? (guint8 *)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL;
d->user.authPassword.len = o->user.authPassword.len;
- d->user.privPassword.data = o->user.privPassword.data ? (guint8 *)se_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL;
+ d->user.privPassword.data = o->user.privPassword.data ? (guint8 *)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL;
d->user.privPassword.len = o->user.privPassword.len;
d->engine.len = o->engine.len;
if (d->engine.len) {
- d->engine.data = (guint8 *)se_memdup(o->engine.data,o->engine.len);
+ d->engine.data = (guint8 *)g_memdup(o->engine.data,o->engine.len);
set_ue_keys(d);
}
}
+static void*
+snmp_users_copy_cb(void* dest, const void* orig, size_t len _U_)
+{
+ const snmp_ue_assoc_t* o = (const snmp_ue_assoc_t*)orig;
+ snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)dest;
+
+ d->auth_model = o->auth_model;
+ d->user.authModel = auth_models[o->auth_model];
-#define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; }
+ d->priv_proto = o->priv_proto;
+ d->user.privProtocol = priv_protos[o->priv_proto];
+
+ d->user.userName.data = (guint8*)g_memdup(o->user.userName.data,o->user.userName.len);
+ d->user.userName.len = o->user.userName.len;
+
+ d->user.authPassword.data = o->user.authPassword.data ? (guint8*)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL;
+ d->user.authPassword.len = o->user.authPassword.len;
+
+ d->user.privPassword.data = o->user.privPassword.data ? (guint8*)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL;
+ d->user.privPassword.len = o->user.privPassword.len;
+
+ d->engine.len = o->engine.len;
+ if (o->engine.data) {
+ d->engine.data = (guint8*)g_memdup(o->engine.data,o->engine.len);
+ }
+
+ d->user.authKey.data = o->user.authKey.data ? (guint8*)g_memdup(o->user.authKey.data,o->user.authKey.len) : NULL;
+ d->user.authKey.len = o->user.authKey.len;
+
+ d->user.privKey.data = o->user.privKey.data ? (guint8*)g_memdup(o->user.privKey.data,o->user.privKey.len) : NULL;
+ d->user.privKey.len = o->user.privKey.len;
+
+ return d;
+}
static void
-renew_ue_cache(void)
+snmp_users_free_cb(void* p)
{
- localized_ues = NULL;
- unlocalized_ues = NULL;
+ snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
+ g_free(ue->user.userName.data);
+ g_free(ue->user.authPassword.data);
+ g_free(ue->user.privPassword.data);
+ g_free(ue->user.authKey.data);
+ g_free(ue->user.privKey.data);
+ g_free(ue->engine.data);
+}
- if (num_ueas) {
- guint i;
+static gboolean
+snmp_users_update_cb(void* p _U_, char** err)
+{
+ snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
+ GString* es = g_string_new("");
+ unsigned int i;
- for(i = 0; i < num_ueas; i++) {
- snmp_ue_assoc_t* a = ue_se_dup(&(ueas[i]));
+ *err = NULL;
- if (a->engine.len) {
- CACHE_INSERT(localized_ues,a);
+ if (num_ueas == 0)
+ /* Nothing to update */
+ return FALSE;
- } else {
- CACHE_INSERT(unlocalized_ues,a);
+ if (! ue->user.userName.len)
+ g_string_append_printf(es,"no userName\n");
+
+ for (i=0; i<num_ueas-1; i++) {
+ snmp_ue_assoc_t* u = &(ueas[i]);
+
+ /* RFC 3411 section 5 */
+ if ((u->engine.len > 0) && (u->engine.len < 5 || u->engine.len > 32)) {
+ g_string_append_printf(es, "Invalid engineId length (%u). Must be between 5 and 32 (10 and 64 hex digits)\n", u->engine.len);
+ }
+
+
+ if ( u->user.userName.len == ue->user.userName.len
+ && u->engine.len == ue->engine.len && (u != ue)) {
+
+ if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) {
+ if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
+ /* XXX: make a string for the engineId */
+ g_string_append_printf(es,"Duplicate key (userName='%s')\n",ue->user.userName.data);
+ }
}
+ if (u->engine.len == 0) {
+ if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
+ g_string_append_printf(es,"Duplicate key (userName='%s' engineId=NONE)\n",ue->user.userName.data);
+ }
+ }
}
}
+
+ if (es->len) {
+ es = g_string_truncate(es,es->len-1);
+ *err = g_string_free(es, FALSE);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+static void
+free_ue_cache(snmp_ue_assoc_t **cache)
+{
+ static snmp_ue_assoc_t *a, *nxt;
+
+ for (a = *cache; a; a = nxt) {
+ nxt = a->next;
+ snmp_users_free_cb(a);
+ g_free(a);
+ }
+
+ *cache = NULL;
+}
+
+#define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; }
+
+static void
+init_ue_cache(void)
+{
+ guint i;
+
+ for (i = 0; i < num_ueas; i++) {
+ snmp_ue_assoc_t* a = ue_dup(&(ueas[i]));
+
+ if (a->engine.len) {
+ CACHE_INSERT(localized_ues,a);
+
+ } else {
+ CACHE_INSERT(unlocalized_ues,a);
+ }
+
+ }
+}
+
+static void
+cleanup_ue_cache(void)
+{
+ free_ue_cache(&localized_ues);
+ free_ue_cache(&unlocalized_ues);
+}
+
+/* Called when the user applies changes to UAT preferences. */
+static void
+renew_ue_cache(void)
+{
+ cleanup_ue_cache();
+ init_ue_cache();
}
static snmp_ue_assoc_t*
localize_ue( snmp_ue_assoc_t* o, const guint8* engine, guint engine_len )
{
- snmp_ue_assoc_t* n = (snmp_ue_assoc_t*)se_memdup(o,sizeof(snmp_ue_assoc_t));
+ snmp_ue_assoc_t* n = (snmp_ue_assoc_t*)g_memdup(o,sizeof(snmp_ue_assoc_t));
- n->engine.data = (guint8*)se_memdup(engine,engine_len);
+ n->engine.data = (guint8*)g_memdup(engine,engine_len);
n->engine.len = engine_len;
set_ue_keys(n);
if (! ( user_tvb && engine_tvb ) ) return NULL;
- given_username_len = tvb_length(user_tvb);
- given_engine_len = tvb_length(engine_tvb);
+ given_username_len = tvb_captured_length(user_tvb);
+ given_engine_len = tvb_captured_length(engine_tvb);
if (! ( given_engine_len && given_username_len ) ) return NULL;
- given_username = (guint8*)ep_tvb_memdup(user_tvb,0,-1);
- given_engine = (guint8*)ep_tvb_memdup(engine_tvb,0,-1);
+ given_username = (guint8*)tvb_memdup(wmem_packet_scope(),user_tvb,0,-1);
+ given_engine = (guint8*)tvb_memdup(wmem_packet_scope(),engine_tvb,0,-1);
for (a = localized_ues; a; a = a->next) {
if ( localized_match(a, given_username, given_username_len, given_engine, given_engine_len) ) {
}
- auth_len = tvb_length_remaining(p->auth_tvb,0);
+ auth_len = tvb_captured_length(p->auth_tvb);
if (auth_len != 12) {
*error = "Authenticator length wrong";
return FALSE;
}
- msg_len = tvb_length_remaining(p->msg_tvb,0);
+ msg_len = tvb_captured_length(p->msg_tvb);
if (msg_len <= 0) {
*error = "Not enough data remaining";
return FALSE;
}
- msg = (guint8*)ep_tvb_memdup(p->msg_tvb,0,msg_len);
+ msg = (guint8*)tvb_memdup(wmem_packet_scope(),p->msg_tvb,0,msg_len);
- auth = (guint8*)ep_tvb_memdup(p->auth_tvb,0,auth_len);
+ auth = (guint8*)tvb_memdup(wmem_packet_scope(),p->auth_tvb,0,auth_len);
start = p->auth_offset - p->start_offset;
end = start + auth_len;
msg[i] = '\0';
}
- calc_auth = (guint8*)ep_alloc(16);
+ calc_auth = (guint8*)wmem_alloc(wmem_packet_scope(), 16);
md5_hmac(msg, msg_len, key, key_len, calc_auth);
static gboolean
-snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_)
+snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_)
{
gint msg_len;
guint8* msg;
}
- auth_len = tvb_length_remaining(p->auth_tvb,0);
+ auth_len = tvb_captured_length(p->auth_tvb);
if (auth_len != 12) {
return FALSE;
}
- msg_len = tvb_length_remaining(p->msg_tvb,0);
+ msg_len = tvb_captured_length(p->msg_tvb);
if (msg_len <= 0) {
*error = "Not enough data remaining";
return FALSE;
}
- msg = (guint8*)ep_tvb_memdup(p->msg_tvb,0,msg_len);
+ msg = (guint8*)tvb_memdup(wmem_packet_scope(),p->msg_tvb,0,msg_len);
- auth = (guint8*)ep_tvb_memdup(p->auth_tvb,0,auth_len);
+ auth = (guint8*)tvb_memdup(wmem_packet_scope(),p->auth_tvb,0,auth_len);
start = p->auth_offset - p->start_offset;
end = start + auth_len;
msg[i] = '\0';
}
- calc_auth = (guint8*)ep_alloc(20);
+ calc_auth = (guint8*)wmem_alloc(wmem_packet_scope(), SHA1_DIGEST_LEN);
sha1_hmac(key, key_len, msg, msg_len, calc_auth);
snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_)
{
#ifdef HAVE_LIBGCRYPT
- gcry_error_t err;
- gcry_cipher_hd_t hd = NULL;
+ gcry_error_t err;
+ gcry_cipher_hd_t hd = NULL;
guint8* cleartext;
guint8* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */
guint i;
- salt_len = tvb_length_remaining(p->priv_tvb,0);
+ salt_len = tvb_captured_length(p->priv_tvb);
- if (salt_len != 8) {
+ if (salt_len != 8) {
*error = "decryptionError: msgPrivacyParameters length != 8";
return NULL;
}
- salt = (guint8*)ep_tvb_memdup(p->priv_tvb,0,salt_len);
+ salt = (guint8*)tvb_memdup(wmem_packet_scope(),p->priv_tvb,0,salt_len);
/*
The resulting "salt" is XOR-ed with the pre-IV to obtain the IV.
iv[i] = pre_iv[i] ^ salt[i];
}
- cryptgrm_len = tvb_length_remaining(encryptedData,0);
+ cryptgrm_len = tvb_captured_length(encryptedData);
if ((cryptgrm_len <= 0) || (cryptgrm_len % 8)) {
*error = "decryptionError: the length of the encrypted data is not a mutiple of 8 octets";
return NULL;
}
- cryptgrm = (guint8*)ep_tvb_memdup(encryptedData,0,-1);
+ cryptgrm = (guint8*)tvb_memdup(wmem_packet_scope(),encryptedData,0,-1);
- cleartext = (guint8*)ep_alloc(cryptgrm_len);
+ cleartext = (guint8*)g_malloc(cryptgrm_len);
err = gcry_cipher_open(&hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0);
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
gcry_cipher_close(hd);
clear_tvb = tvb_new_child_real_data(encryptedData, cleartext, cryptgrm_len, cryptgrm_len);
+ tvb_set_free_cb(clear_tvb, g_free);
return clear_tvb;
on_gcry_error:
- *error = (void*)gpg_strerror(err);
+ g_free(cleartext);
+ *error = (const gchar *)gpg_strerror(err);
if (hd) gcry_cipher_close(hd);
return NULL;
#else
#endif
}
+#ifdef HAVE_LIBGCRYPT
static tvbuff_t*
-snmp_usm_priv_aes(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_)
+snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, gchar const** error, int algo)
{
-#ifdef HAVE_LIBGCRYPT
gcry_error_t err;
gcry_cipher_hd_t hd = NULL;
- int gcry_algo = GCRY_CIPHER_AES;
guint8* cleartext;
- guint8* aes_key = p->user_assoc->user.privKey.data; /* first 16 bytes */
+ guint8* aes_key = p->user_assoc->user.privKey.data;
+ int aes_key_len = p->user_assoc->user.privKey.len;
guint8 iv[16];
gint priv_len;
gint cryptgrm_len;
guint8* cryptgrm;
tvbuff_t* clear_tvb;
- priv_len = tvb_length_remaining(p->priv_tvb,0);
+ priv_len = tvb_captured_length(p->priv_tvb);
- if (priv_len != 8) {
+ if (priv_len != 8) {
*error = "decryptionError: msgPrivacyParameters length != 8";
return NULL;
}
iv[1] = (p->boots & 0x00ff0000) >> 16;
iv[2] = (p->boots & 0x0000ff00) >> 8;
iv[3] = (p->boots & 0x000000ff);
- iv[4] = (p->time & 0xff000000) >> 24;
- iv[5] = (p->time & 0x00ff0000) >> 16;
- iv[6] = (p->time & 0x0000ff00) >> 8;
- iv[7] = (p->time & 0x000000ff);
+ iv[4] = (p->snmp_time & 0xff000000) >> 24;
+ iv[5] = (p->snmp_time & 0x00ff0000) >> 16;
+ iv[6] = (p->snmp_time & 0x0000ff00) >> 8;
+ iv[7] = (p->snmp_time & 0x000000ff);
tvb_memcpy(p->priv_tvb,&(iv[8]),0,8);
- cryptgrm_len = tvb_length_remaining(encryptedData,0);
+ cryptgrm_len = tvb_captured_length(encryptedData);
if (cryptgrm_len <= 0) {
*error = "Not enough data remaining";
return NULL;
}
- cryptgrm = (guint8*)ep_tvb_memdup(encryptedData,0,-1);
-
- cleartext = (guint8*)ep_alloc(cryptgrm_len);
+ cryptgrm = (guint8*)tvb_memdup(wmem_packet_scope(),encryptedData,0,-1);
- switch(snmp_decryption_algo)
- {
- case 0:
- gcry_algo = GCRY_CIPHER_AES;
- break;
- case 1:
- gcry_algo = GCRY_CIPHER_AES256;
- break;
- }
+ cleartext = (guint8*)g_malloc(cryptgrm_len);
- err = gcry_cipher_open(&hd, gcry_algo, GCRY_CIPHER_MODE_CFB, 0);
+ err = gcry_cipher_open(&hd, algo, GCRY_CIPHER_MODE_CFB, 0);
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
err = gcry_cipher_setiv(hd, iv, 16);
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
- err = gcry_cipher_setkey(hd,aes_key,16);
+ err = gcry_cipher_setkey(hd,aes_key,aes_key_len);
if (err != GPG_ERR_NO_ERROR) goto on_gcry_error;
err = gcry_cipher_decrypt(hd, cleartext, cryptgrm_len, cryptgrm, cryptgrm_len);
gcry_cipher_close(hd);
clear_tvb = tvb_new_child_real_data(encryptedData, cleartext, cryptgrm_len, cryptgrm_len);
+ tvb_set_free_cb(clear_tvb, g_free);
return clear_tvb;
on_gcry_error:
- *error = (void*)gpg_strerror(err);
+ g_free(cleartext);
+ *error = (const gchar *)gpg_strerror(err);
if (hd) gcry_cipher_close(hd);
return NULL;
+}
+#endif
+
+static tvbuff_t*
+snmp_usm_priv_aes128(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error)
+{
+#ifdef HAVE_LIBGCRYPT
+ return snmp_usm_priv_aes_common(p, encryptedData, error, GCRY_CIPHER_AES);
#else
*error = "libgcrypt not present, cannot decrypt";
return NULL;
#endif
}
+static tvbuff_t*
+snmp_usm_priv_aes192(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error)
+{
+#ifdef HAVE_LIBGCRYPT
+ return snmp_usm_priv_aes_common(p, encryptedData, error, GCRY_CIPHER_AES192);
+#else
+ *error = "libgcrypt not present, cannot decrypt";
+ return NULL;
+#endif
+}
+
+static tvbuff_t*
+snmp_usm_priv_aes256(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error)
+{
+#ifdef HAVE_LIBGCRYPT
+ return snmp_usm_priv_aes_common(p, encryptedData, error, GCRY_CIPHER_AES256);
+#else
+ *error = "libgcrypt not present, cannot decrypt";
+ return NULL;
+#endif
+}
-gboolean
+static gboolean
check_ScopedPdu(tvbuff_t* tvb)
{
int offset;
usm_p.authenticated = FALSE;
usm_p.encrypted = FALSE;
usm_p.boots = 0;
- usm_p.time = 0;
+ usm_p.snmp_time = 0;
usm_p.authOK = FALSE;
/*
* have that routine deal with ASN.1, and just use
* "tcp_dissect_pdus()"?)
*/
- length_remaining = tvb_ensure_length_remaining(tvb, offset);
+ length_remaining = tvb_ensure_captured_length_remaining(tvb, offset);
/* NOTE: we have to parse the message piece by piece, since the
* capture length may be less than the message length: a 'global'
* OK, try to read the "Sequence Of" header; this gets the total
* length of the SNMP message.
*/
- /* Set tree to 0 to not display internal BER fields if option used.*/
- offset = dissect_ber_identifier(pinfo, 0, tvb, offset, &ber_class, &pc, &tag);
+ offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
/*Get the total octet length of the SNMP data*/
- offset = dissect_ber_length(pinfo, 0, tvb, offset, &len, &ind);
+ offset = get_ber_length(tvb, offset, &len, &ind);
message_length = len + offset;
/*Get the SNMP version data*/
- offset = dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version);
+ /*offset =*/ dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version);
/*
next_tvb_init(&var_list);
- col_set_str(pinfo->cinfo, COL_PROTOCOL,
- proto_get_protocol_short_name(find_protocol_by_id(proto)));
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, proto_get_protocol_short_name(find_protocol_by_id(proto)));
- if (tree) {
- item = proto_tree_add_item(tree, proto, tvb, start_offset,
- message_length, ENC_BIG_ENDIAN);
- snmp_tree = proto_item_add_subtree(item, ett);
- }
+ item = proto_tree_add_item(tree, proto, tvb, start_offset, message_length, ENC_BIG_ENDIAN);
+ snmp_tree = proto_item_add_subtree(item, ett);
switch (version) {
case 0: /* v1 */
* if this is SNMP-over-TCP, our caller thinks there's
* nothing left to dissect.
*/
- proto_tree_add_text(snmp_tree, tvb, offset, -1,"Unknown version");
+ expert_add_info(pinfo, item, &ei_snmp_version_unknown);
return length_remaining;
break;
}
static gint
dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
{
- conversation_t *conversation;
+ conversation_t *conversation;
int offset;
gint8 tmp_class;
gboolean tmp_pc;
* wildcarded, and give it the SNMP dissector as a dissector.
*/
if (pinfo->destport == UDP_PORT_SNMP) {
- conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
+ conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
pinfo->srcport, 0, NO_PORT_B);
- if( (conversation == NULL) || (conversation->dissector_handle!=snmp_handle) ) {
- conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
+ if( (conversation == NULL) || (conversation_get_dissector(conversation, pinfo->fd->num)!=snmp_handle) ) {
+ conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
pinfo->srcport, 0, NO_PORT2);
- conversation_set_dissector(conversation, snmp_handle);
- }
+ conversation_set_dissector(conversation, snmp_handle);
+ }
}
return dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, FALSE);
guint message_len;
while (tvb_reported_length_remaining(tvb, offset) > 0) {
- message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree,
- proto_snmp, ett_snmp, TRUE);
+ message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, TRUE);
if (message_len == 0) {
/*
* We don't have all the data for that message,
}
}
-static void
-dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+static int
+dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
proto_tree *smux_tree = NULL;
proto_item *item = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMUX");
- if (tree) {
- item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA);
- smux_tree = proto_item_add_subtree(item, ett_smux);
- }
+ item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA);
+ smux_tree = proto_item_add_subtree(item, ett_smux);
- dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree);
+ return dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree, data);
}
*/
static void
snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen,
- const guint8 *engineID, guint engineLength,
+ const guint8 *engineID, guint engineLength,
guint8 *key)
{
- md5_state_t MD;
- guint8 *cp, password_buf[64];
- guint32 password_index = 0;
- guint32 count = 0, i;
+ md5_state_t MD;
+ guint8 *cp, password_buf[64];
+ guint32 password_index = 0;
+ guint32 count = 0, i;
guint8 key1[16];
md5_init(&MD); /* initialize MD5 */
/**********************************************/
while (count < 1048576) {
cp = password_buf;
- for (i = 0; i < 64; i++) {
- /*************************************************/
- /* Take the next octet of the password, wrapping */
- /* to the beginning of the password as necessary.*/
- /*************************************************/
- *cp++ = password[password_index++ % passwordlen];
+ if (passwordlen != 0) {
+ for (i = 0; i < 64; i++) {
+ /*************************************************/
+ /* Take the next octet of the password, wrapping */
+ /* to the beginning of the password as necessary.*/
+ /*************************************************/
+ *cp++ = password[password_index++ % passwordlen];
+ }
+ } else {
+ *cp = 0;
}
md5_append(&MD, password_buf, 64);
count += 64;
}
- md5_finish(&MD, key1); /* tell MD5 we're done */
+ md5_finish(&MD, key1); /* tell MD5 we're done */
/*****************************************************/
/* Now localize the key with the engineID and pass */
const guint8 *engineID, guint engineLength,
guint8 *key)
{
- sha1_context SH;
- guint8 *cp, password_buf[64];
- guint32 password_index = 0;
- guint32 count = 0, i;
+ sha1_context SH;
+ guint8 *cp, password_buf[64];
+ guint32 password_index = 0;
+ guint32 count = 0, i;
- sha1_starts(&SH); /* initialize SHA */
+ sha1_starts(&SH); /* initialize SHA */
/**********************************************/
/* Use while loop until we've done 1 Megabyte */
/**********************************************/
while (count < 1048576) {
cp = password_buf;
- for (i = 0; i < 64; i++) {
- /*************************************************/
- /* Take the next octet of the password, wrapping */
- /* to the beginning of the password as necessary.*/
- /*************************************************/
- *cp++ = password[password_index++ % passwordlen];
+ if (passwordlen != 0) {
+ for (i = 0; i < 64; i++) {
+ /*************************************************/
+ /* Take the next octet of the password, wrapping */
+ /* to the beginning of the password as necessary.*/
+ /*************************************************/
+ *cp++ = password[password_index++ % passwordlen];
+ }
+ } else {
+ *cp = 0;
}
sha1_update (&SH, password_buf, 64);
count += 64;
/*****************************************************/
sha1_starts(&SH);
- sha1_update(&SH, key, 20);
+ sha1_update(&SH, key, SHA1_DIGEST_LEN);
sha1_update(&SH, engineID, engineLength);
- sha1_update(&SH, key, 20);
+ sha1_update(&SH, key, SHA1_DIGEST_LEN);
sha1_finish(&SH, key);
return;
}
{
}
-static void*
-snmp_users_copy_cb(void* dest, const void* orig, size_t len _U_)
-{
- const snmp_ue_assoc_t* o = (const snmp_ue_assoc_t*)orig;
- snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)dest;
-
- d->auth_model = o->auth_model;
- d->user.authModel = auth_models[o->auth_model];
-
- d->priv_proto = o->priv_proto;
- d->user.privProtocol = priv_protos[o->priv_proto];
-
- d->user.userName.data = (guint8*)g_memdup(o->user.userName.data,o->user.userName.len);
- d->user.userName.len = o->user.userName.len;
-
- d->user.authPassword.data = o->user.authPassword.data ? (guint8*)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL;
- d->user.authPassword.len = o->user.authPassword.len;
-
- d->user.privPassword.data = o->user.privPassword.data ? (guint8*)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL;
- d->user.privPassword.len = o->user.privPassword.len;
-
- d->engine.len = o->engine.len;
- if (o->engine.data) {
- d->engine.data = (guint8*)g_memdup(o->engine.data,o->engine.len);
- }
-
- d->user.authKey.data = o->user.authKey.data ? (guint8*)g_memdup(o->user.authKey.data,o->user.authKey.len) : NULL;
- d->user.authKey.len = o->user.authKey.len;
-
- d->user.privKey.data = o->user.privKey.data ? (guint8*)g_memdup(o->user.privKey.data,o->user.privKey.len) : NULL;
- d->user.privKey.len = o->user.privKey.len;
-
- return d;
-}
-
-static void
-snmp_users_free_cb(void* p)
-{
- snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
- g_free(ue->user.userName.data);
- g_free(ue->user.authPassword.data);
- g_free(ue->user.privPassword.data);
- g_free(ue->user.authKey.data);
- g_free(ue->user.privKey.data);
- g_free(ue->engine.data);
-}
-
-static void
-snmp_users_update_cb(void* p _U_, const char** err)
-{
- snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
- emem_strbuf_t* es = ep_strbuf_new("");
- unsigned int i;
-
- *err = NULL;
-
- if (num_ueas == 0)
- /* Nothing to update */
- return;
-
- if (! ue->user.userName.len)
- ep_strbuf_append_printf(es,"no userName\n");
-
- for (i=0; i<num_ueas-1; i++) {
- snmp_ue_assoc_t* u = &(ueas[i]);
-
- /* RFC 3411 section 5 */
- if ((u->engine.len > 0) && (u->engine.len < 5 || u->engine.len > 32)) {
- ep_strbuf_append_printf(es, "Invalid engineId length (%u). Must be between 5 and 32 (10 and 64 hex digits)\n", u->engine.len);
- }
-
-
- if ( u->user.userName.len == ue->user.userName.len
- && u->engine.len == ue->engine.len && (u != ue)) {
-
- if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) {
- if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
- /* XXX: make a string for the engineId */
- ep_strbuf_append_printf(es,"Duplicate key (userName='%s')\n",ue->user.userName.data);
- }
- }
-
- if (u->engine.len == 0) {
- if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
- ep_strbuf_append_printf(es,"Duplicate key (userName='%s' engineId=NONE)\n",ue->user.userName.data);
- }
- }
- }
- }
-
- if (es->len) {
- es = ep_strbuf_truncate(es,es->len-1);
- *err = ep_strdup(es->str);
- }
-
- return;
-}
-
-
UAT_LSTRING_CB_DEF(snmp_users,userName,snmp_ue_assoc_t,user.userName.data,user.userName.len)
UAT_LSTRING_CB_DEF(snmp_users,authPassword,snmp_ue_assoc_t,user.authPassword.data,user.authPassword.len)
UAT_LSTRING_CB_DEF(snmp_users,privPassword,snmp_ue_assoc_t,user.privPassword.data,user.privPassword.len)
UAT_BUFFER_CB_DEF(snmp_users,engine_id,snmp_ue_assoc_t,engine.data,engine.len)
-UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,0,"MD5")
-UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,0,"DES")
+UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,guint,0,"MD5")
+UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,guint,0,"DES")
static void *
snmp_specific_trap_copy_cb(void *dest, const void *orig, size_t len _U_)
/*--- proto_register_snmp -------------------------------------------*/
void proto_register_snmp(void) {
- /* List of fields */
- static hf_register_info hf[] = {
+ /* List of fields */
+ static hf_register_info hf[] = {
{ &hf_snmp_v3_flags_auth,
{ "Authenticated", "snmp.v3.flags.auth", FT_BOOLEAN, 8,
TFS(&tfs_set_notset), TH_AUTH, NULL, HFILL }},
"Authentication", "snmp.v3.auth", FT_BOOLEAN, BASE_NONE,
TFS(&auth_flags), 0, NULL, HFILL }},
{ &hf_snmp_decryptedPDU, {
- "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE,
+ "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE,
NULL, 0, "Decrypted PDU", HFILL }},
{ &hf_snmp_noSuchObject, {
"noSuchObject", "snmp.noSuchObject", FT_NONE, BASE_NONE,
{ &hf_snmp_scalar_instance_index, {
"Scalar Instance Index", "snmp.name.index", FT_UINT64, BASE_DEC,
NULL, 0, NULL, HFILL }},
+ { &hf_snmp_var_bind_str, {
+ "Variable-binding-string", "snmp.var-bind_str", FT_STRING, BASE_NONE,
+ NULL, 0, NULL, HFILL }},
+ { &hf_snmp_agentid_trailer, {
+ "AgentID Trailer", "snmp.agentid_trailer", FT_BYTES, BASE_NONE,
+ NULL, 0, NULL, HFILL }},
#include "packet-snmp-hfarr.c"
- };
-
- /* List of subtrees */
- static gint *ett[] = {
- &ett_snmp,
- &ett_engineid,
- &ett_msgFlags,
- &ett_encryptedPDU,
- &ett_decrypted,
- &ett_authParameters,
- &ett_internet,
- &ett_varbind,
- &ett_name,
- &ett_value,
- &ett_decoding_error,
+ };
+
+ /* List of subtrees */
+ static gint *ett[] = {
+ &ett_snmp,
+ &ett_engineid,
+ &ett_msgFlags,
+ &ett_encryptedPDU,
+ &ett_decrypted,
+ &ett_authParameters,
+ &ett_internet,
+ &ett_varbind,
+ &ett_name,
+ &ett_value,
+ &ett_decoding_error,
#include "packet-snmp-ettarr.c"
- };
- module_t *snmp_module;
-
- static uat_field_t users_fields[] = {
- UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"),
- UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"),
- UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."),
- UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"),
- UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."),
- UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"),
- UAT_END_FIELDS
- };
-
- uat_t *assocs_uat = uat_new("SNMP Users",
- sizeof(snmp_ue_assoc_t),
- "snmp_users",
- TRUE,
- (void*)&ueas,
- &num_ueas,
- UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
- "ChSNMPUsersSection",
- snmp_users_copy_cb,
- snmp_users_update_cb,
- snmp_users_free_cb,
- renew_ue_cache,
- users_fields);
-
- static uat_field_t specific_traps_flds[] = {
- UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"),
- UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"),
- UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"),
- UAT_END_FIELDS
- };
-
- uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types",
- sizeof(snmp_st_assoc_t),
- "snmp_specific_traps",
- TRUE,
- (void*) &specific_traps,
- &num_specific_traps,
- UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
- "ChSNMPEnterpriseSpecificTrapTypes",
- snmp_specific_trap_copy_cb,
- NULL,
- snmp_specific_trap_free_cb,
- NULL,
- specific_traps_flds);
-
- /* Register protocol */
- proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME);
- new_register_dissector("snmp", dissect_snmp, proto_snmp);
-
- /* Register fields and subtrees */
- proto_register_field_array(proto_snmp, hf, array_length(hf));
- proto_register_subtree_array(ett, array_length(ett));
-
-
- /* Register configuration preferences */
- snmp_module = prefs_register_protocol(proto_snmp, process_prefs);
- prefs_register_bool_preference(snmp_module, "display_oid",
+ };
+ static ei_register_info ei[] = {
+ { &ei_snmp_failed_decrypted_data_pdu, { "snmp.failed_decrypted_data_pdu", PI_MALFORMED, PI_WARN, "Failed to decrypt encryptedPDU", EXPFILL }},
+ { &ei_snmp_decrypted_data_bad_formatted, { "snmp.decrypted_data_bad_formatted", PI_MALFORMED, PI_WARN, "Decrypted data not formatted as expected, wrong key?", EXPFILL }},
+ { &ei_snmp_verify_authentication_error, { "snmp.verify_authentication_error", PI_MALFORMED, PI_ERROR, "Error while verifying Message authenticity", EXPFILL }},
+ { &ei_snmp_authentication_ok, { "snmp.authentication_ok", PI_CHECKSUM, PI_CHAT, "SNMP Authentication OK", EXPFILL }},
+ { &ei_snmp_authentication_error, { "snmp.authentication_error", PI_CHECKSUM, PI_WARN, "SNMP Authentication Error", EXPFILL }},
+ { &ei_snmp_varbind_not_uni_class_seq, { "snmp.varbind.not_uni_class_seq", PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence", EXPFILL }},
+ { &ei_snmp_varbind_has_indicator, { "snmp.varbind.has_indicator", PI_MALFORMED, PI_WARN, "VarBind has indicator set", EXPFILL }},
+ { &ei_snmp_objectname_not_oid, { "snmp.objectname_not_oid", PI_MALFORMED, PI_WARN, "ObjectName not an OID", EXPFILL }},
+ { &ei_snmp_objectname_has_indicator, { "snmp.objectname_has_indicator", PI_MALFORMED, PI_WARN, "ObjectName has indicator set", EXPFILL }},
+ { &ei_snmp_value_not_primitive_encoding, { "snmp.value_not_primitive_encoding", PI_MALFORMED, PI_WARN, "value not in primitive encoding", EXPFILL }},
+ { &ei_snmp_invalid_oid, { "snmp.invalid_oid", PI_MALFORMED, PI_WARN, "invalid oid", EXPFILL }},
+ { &ei_snmp_varbind_wrong_tag, { "snmp.varbind.wrong_tag", PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value", EXPFILL }},
+ { &ei_snmp_varbind_response, { "snmp.varbind.response", PI_RESPONSE_CODE, PI_NOTE, "Response", EXPFILL }},
+ { &ei_snmp_no_instance_subid, { "snmp.no_instance_subid", PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value", EXPFILL }},
+ { &ei_snmp_wrong_num_of_subids, { "snmp.wrong_num_of_subids", PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value", EXPFILL }},
+ { &ei_snmp_index_suboid_too_short, { "snmp.index_suboid_too_short", PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected", EXPFILL }},
+ { &ei_snmp_unimplemented_instance_index, { "snmp.unimplemented_instance_index", PI_UNDECODED, PI_WARN, "OID instaces not handled, if you want this implemented please contact the wireshark developers", EXPFILL }},
+ { &ei_snmp_index_suboid_len0, { "snmp.ndex_suboid_len0", PI_MALFORMED, PI_WARN, "an index sub-oid OID cannot be 0 bytes long!", EXPFILL }},
+ { &ei_snmp_index_suboid_too_long, { "snmp.index_suboid_too_long", PI_MALFORMED, PI_WARN, "index sub-oid should not be longer than remaining oid size", EXPFILL }},
+ { &ei_snmp_index_string_too_long, { "snmp.index_string_too_long", PI_MALFORMED, PI_WARN, "index string should not be longer than remaining oid size", EXPFILL }},
+ { &ei_snmp_column_parent_not_row, { "snmp.column_parent_not_row", PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW", EXPFILL }},
+ { &ei_snmp_uint_too_large, { "snmp.uint_too_large", PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1", EXPFILL }},
+ { &ei_snmp_int_too_large, { "snmp.int_too_large", PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63", EXPFILL }},
+ { &ei_snmp_integral_value0, { "snmp.integral_value0", PI_UNDECODED, PI_NOTE, "Integral value is zero-length", EXPFILL }},
+ { &ei_snmp_missing_mib, { "snmp.missing_mib", PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB", EXPFILL }},
+ { &ei_snmp_varbind_wrong_length_value, { "snmp.varbind.wrong_length_value", PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value", EXPFILL }},
+ { &ei_snmp_varbind_wrong_class_tag, { "snmp.varbind.wrong_class_tag", PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value", EXPFILL }},
+ { &ei_snmp_rfc1910_non_conformant, { "snmp.rfc1910_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC1910", EXPFILL }},
+ { &ei_snmp_rfc3411_non_conformant, { "snmp.rfc3411_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC3411", EXPFILL }},
+ { &ei_snmp_version_unknown, { "snmp.version.unknown", PI_PROTOCOL, PI_WARN, "Unknown version", EXPFILL }},
+ { &ei_snmp_trap_pdu_obsolete, { "snmp.trap_pdu_obsolete", PI_PROTOCOL, PI_WARN, "Trap-PDU is obsolete in this SNMP version", EXPFILL }},
+
+ };
+
+ expert_module_t* expert_snmp;
+ module_t *snmp_module;
+
+ static uat_field_t users_fields[] = {
+ UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"),
+ UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"),
+ UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."),
+ UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"),
+ UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."),
+ UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"),
+ UAT_END_FIELDS
+ };
+
+ uat_t *assocs_uat = uat_new("SNMP Users",
+ sizeof(snmp_ue_assoc_t),
+ "snmp_users",
+ TRUE,
+ &ueas,
+ &num_ueas,
+ UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
+ "ChSNMPUsersSection",
+ snmp_users_copy_cb,
+ snmp_users_update_cb,
+ snmp_users_free_cb,
+ renew_ue_cache,
+ users_fields);
+
+ static uat_field_t specific_traps_flds[] = {
+ UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"),
+ UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"),
+ UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"),
+ UAT_END_FIELDS
+ };
+
+ uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types",
+ sizeof(snmp_st_assoc_t),
+ "snmp_specific_traps",
+ TRUE,
+ &specific_traps,
+ &num_specific_traps,
+ UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
+ "ChSNMPEnterpriseSpecificTrapTypes",
+ snmp_specific_trap_copy_cb,
+ NULL,
+ snmp_specific_trap_free_cb,
+ NULL,
+ specific_traps_flds);
+
+ /* Register protocol */
+ proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME);
+ new_register_dissector("snmp", dissect_snmp, proto_snmp);
+
+ /* Register fields and subtrees */
+ proto_register_field_array(proto_snmp, hf, array_length(hf));
+ proto_register_subtree_array(ett, array_length(ett));
+ expert_snmp = expert_register_protocol(proto_snmp);
+ expert_register_field_array(expert_snmp, ei, array_length(ei));
+
+
+ /* Register configuration preferences */
+ snmp_module = prefs_register_protocol(proto_snmp, process_prefs);
+ prefs_register_bool_preference(snmp_module, "display_oid",
"Show SNMP OID in info column",
"Whether the SNMP OID should be shown in the info column",
&display_oid);
- prefs_register_obsolete_preference(snmp_module, "mib_modules");
- prefs_register_obsolete_preference(snmp_module, "users_file");
+ prefs_register_obsolete_preference(snmp_module, "mib_modules");
+ prefs_register_obsolete_preference(snmp_module, "users_file");
- prefs_register_bool_preference(snmp_module, "desegment",
+ prefs_register_bool_preference(snmp_module, "desegment",
"Reassemble SNMP-over-TCP messages\nspanning multiple TCP segments",
"Whether the SNMP dissector should reassemble messages spanning multiple TCP segments."
" To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
&snmp_desegment);
- prefs_register_bool_preference(snmp_module, "var_in_tree",
+ prefs_register_bool_preference(snmp_module, "var_in_tree",
"Display dissected variables inside SNMP tree",
"ON - display dissected variables inside SNMP tree, OFF - display dissected variables in root tree after SNMP",
&snmp_var_in_tree);
- prefs_register_uat_preference(snmp_module, "users_table",
+ prefs_register_uat_preference(snmp_module, "users_table",
"Users Table",
"Table of engine-user associations used for authentication and decryption",
assocs_uat);
- prefs_register_uat_preference(snmp_module, "specific_traps_table",
+ prefs_register_uat_preference(snmp_module, "specific_traps_table",
"Enterprise Specific Trap Types",
"Table of enterprise specific-trap type descriptions",
specific_traps_uat);
-#ifdef HAVE_LIBGCRYPT
- prefs_register_enum_preference(snmp_module, "decrypt",
- "Decyption algorithm",
- "Decyption algorithm",
- &snmp_decryption_algo,
- snmp_decryption_algo_type,
- FALSE);
-#endif
-
#ifdef HAVE_LIBSMI
- prefs_register_static_text_preference(snmp_module, "info_mibs",
- "MIB settings can be changed in the Name Resolution preferences",
- "MIB settings can be changed in the Name Resolution preferences");
+ prefs_register_static_text_preference(snmp_module, "info_mibs",
+ "MIB settings can be changed in the Name Resolution preferences",
+ "MIB settings can be changed in the Name Resolution preferences");
#endif
- value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE);
+ value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE);
- register_init_routine(renew_ue_cache);
+ register_init_routine(init_ue_cache);
+ register_cleanup_routine(cleanup_ue_cache);
- register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp);
+ register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp);
}
data_handle = find_dissector("data");
+ /* SNMPv2-MIB sysDescr "1.3.6.1.2.1.1.1.0" */
+ dissector_add_string("snmp.variable_oid", "1.3.6.1.2.1.1.1.0",
+ new_create_dissector_handle(dissect_snmp_variable_string, proto_snmp));
+ /* SNMPv2-MIB::sysName.0 (1.3.6.1.2.1.1.5.0) */
+ dissector_add_string("snmp.variable_oid", "1.3.6.1.2.1.1.5.0",
+ new_create_dissector_handle(dissect_snmp_variable_string, proto_snmp));
+
/*
* Process preference settings.
*
void
proto_register_smux(void)
{
- static hf_register_info hf[] = {
- { &hf_smux_version,
- { "Version", "smux.version", FT_UINT8, BASE_DEC, NULL,
- 0x0, NULL, HFILL }},
- { &hf_smux_pdutype,
- { "PDU type", "smux.pdutype", FT_UINT8, BASE_DEC, VALS(smux_types),
- 0x0, NULL, HFILL }},
- };
static gint *ett[] = {
&ett_smux,
};
proto_smux = proto_register_protocol("SNMP Multiplex Protocol",
"SMUX", "smux");
- proto_register_field_array(proto_smux, hf, array_length(hf));
+
proto_register_subtree_array(ett, array_length(ett));
}
{
dissector_handle_t smux_handle;
- smux_handle = create_dissector_handle(dissect_smux, proto_smux);
+ smux_handle = new_create_dissector_handle(dissect_smux, proto_smux);
dissector_add_uint("tcp.port", TCP_PORT_SMUX, smux_handle);
}
+
+/*
+ * Editor modelines - http://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 8
+ * tab-width: 8
+ * indent-tabs-mode: t
+ * End:
+ *
+ * vi: set shiftwidth=8 tabstop=8 noexpandtab:
+ * :indentSize=8:tabSize=8:noTabs=false:
+ */