* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#if 0
+#include <stdio.h>
#define D(args) do {printf args; fflush(stdout); } while(0)
+#endif
#include "config.h"
-#include <string.h>
-#include <ctype.h>
-
-#include <glib.h>
-
-#include <wsutil/sha1.h>
-#include <wsutil/md5.h>
-
#include <epan/packet.h>
#include <epan/strutil.h>
#include <epan/conversation.h>
#include <epan/etypes.h>
#include <epan/prefs.h>
#include <epan/sminmpec.h>
-#include <epan/emem.h>
-#include <epan/wmem/wmem.h>
#include <epan/next_tvb.h>
#include <epan/uat.h>
#include <epan/asn1.h>
-#include "packet-ipx.h"
-#include "packet-hpext.h"
#include <epan/expert.h>
#include <epan/oids.h>
-
+#include <wsutil/sha1.h>
+#include <wsutil/md5.h>
+#include "packet-ipx.h"
+#include "packet-hpext.h"
#include "packet-ber.h"
-
#include "packet-snmp.h"
-#ifdef HAVE_LIBGCRYPT
#include <wsutil/wsgcrypt.h>
-#endif
/* Take a pointer that may be null and return a pointer that's not null
by turning null pointers into pointers to the above null string,
static snmp_usm_auth_model_t model_md5 = {snmp_usm_password_to_key_md5, snmp_usm_auth_md5, 16};
-static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, 20};
+static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, SHA1_DIGEST_LEN};
static const value_string auth_types[] = {
{0,"MD5"},
};
static snmp_usm_auth_model_t* auth_models[] = {&model_md5,&model_sha1};
-#define PRIV_DES 0
-#define PRIV_AES128 1
-#define PRIV_AES192 2
-#define PRIV_AES256 3
+#define PRIV_DES 0
+#define PRIV_AES128 1
+#define PRIV_AES192 2
+#define PRIV_AES256 3
static const value_string priv_types[] = {
{ PRIV_DES, "DES" },
static snmp_st_assoc_t *specific_traps = NULL;
static const char *enterprise_oid = NULL;
static guint generic_trap = 0;
-
+static guint32 snmp_version = 0;
static snmp_usm_params_t usm_p = {FALSE,FALSE,0,0,0,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,FALSE};
#include "packet-snmp-hf.c"
-static int hf_smux_version = -1;
-static int hf_smux_pdutype = -1;
-
/* Initialize the subtree pointers */
static gint ett_smux = -1;
static gint ett_snmp = -1;
static expert_field ei_snmp_rfc1910_non_conformant = EI_INIT;
static expert_field ei_snmp_rfc3411_non_conformant = EI_INIT;
static expert_field ei_snmp_version_unknown = EI_INIT;
+static expert_field ei_snmp_trap_pdu_obsolete = EI_INIT;
static const true_false_string auth_flags = {
"OK",
/* Security Models */
#define SNMP_SEC_ANY 0
-#define SNMP_SEC_V1 1
+#define SNMP_SEC_V1 1
#define SNMP_SEC_V2C 2
#define SNMP_SEC_USM 3
{ 0, NULL }
};
+#if 0
/* SMUX PDU types */
#define SMUX_MSG_OPEN 0
#define SMUX_MSG_CLOSE 1
{ SMUX_MSG_SOUT, "Commit Or Rollback" },
{ 0, NULL }
};
+#endif
#define SNMP_IPA 0 /* IP Address */
Note that if only local time is known, then timezone
information (fields 8-10) is not present."
SYNTAX OCTET STRING (SIZE (8 | 11))
- */
+*/
static proto_item *
dissect_snmp_variable_date_and_time(proto_tree *tree,int hfid, tvbuff_t *tvb, int offset, int length)
{
- guint16 year;
- guint8 month;
- guint8 day;
- guint8 hour;
- guint8 minutes;
- guint8 seconds;
- guint8 deci_seconds;
- guint8 hour_from_utc;
- guint8 min_from_utc;
- gchar *str;
-
- year = tvb_get_ntohs(tvb,offset);
- month = tvb_get_guint8(tvb,offset+2);
- day = tvb_get_guint8(tvb,offset+3);
- hour = tvb_get_guint8(tvb,offset+4);
- minutes = tvb_get_guint8(tvb,offset+5);
- seconds = tvb_get_guint8(tvb,offset+6);
- deci_seconds = tvb_get_guint8(tvb,offset+7);
- if(length > 8){
- hour_from_utc = tvb_get_guint8(tvb,offset+9);
- min_from_utc = tvb_get_guint8(tvb,offset+10);
+ guint16 year;
+ guint8 month;
+ guint8 day;
+ guint8 hour;
+ guint8 minutes;
+ guint8 seconds;
+ guint8 deci_seconds;
+ guint8 hour_from_utc;
+ guint8 min_from_utc;
+ gchar *str;
+
+ year = tvb_get_ntohs(tvb,offset);
+ month = tvb_get_guint8(tvb,offset+2);
+ day = tvb_get_guint8(tvb,offset+3);
+ hour = tvb_get_guint8(tvb,offset+4);
+ minutes = tvb_get_guint8(tvb,offset+5);
+ seconds = tvb_get_guint8(tvb,offset+6);
+ deci_seconds = tvb_get_guint8(tvb,offset+7);
+ if(length > 8){
+ hour_from_utc = tvb_get_guint8(tvb,offset+9);
+ min_from_utc = tvb_get_guint8(tvb,offset+10);
str = wmem_strdup_printf(wmem_packet_scope(),
- "%u-%u-%u, %u:%u:%u.%u UTC %s%u:%u",
- year,
- month,
- day,
- hour,
- minutes,
- seconds,
- deci_seconds,
- tvb_get_string_enc(wmem_packet_scope(),tvb,offset+8,1,ENC_ASCII|ENC_NA),
- hour_from_utc,
- min_from_utc);
- }else{
- str = wmem_strdup_printf(wmem_packet_scope(),
- "%u-%u-%u, %u:%u:%u.%u",
- year,
- month,
- day,
- hour,
- minutes,
- seconds,
- deci_seconds);
- }
-
- return proto_tree_add_string(tree, hfid, tvb, offset, length, str);
+ "%u-%u-%u, %u:%u:%u.%u UTC %s%u:%u",
+ year,
+ month,
+ day,
+ hour,
+ minutes,
+ seconds,
+ deci_seconds,
+ tvb_get_string_enc(wmem_packet_scope(),tvb,offset+8,1,ENC_ASCII|ENC_NA),
+ hour_from_utc,
+ min_from_utc);
+ }else{
+ str = wmem_strdup_printf(wmem_packet_scope(),
+ "%u-%u-%u, %u:%u:%u.%u",
+ year,
+ month,
+ day,
+ hour,
+ minutes,
+ seconds,
+ deci_seconds);
+ }
+
+ return proto_tree_add_string(tree, hfid, tvb, offset, length, str);
}
seq_offset = offset;
/* first have the VarBind's sequence header */
- offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
- offset = get_ber_length(tvb, offset, &seq_len, &ind);
-
- seq_len += offset - seq_offset;
+ offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag);
+ offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &seq_len, &ind);
if (!pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_SEQUENCE) {
proto_item* pi;
- pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len,
+ pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len + (offset - seq_offset),
ett_decoding_error, &pi, "VarBind must be an universal class sequence");
expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_not_uni_class_seq);
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
if (ind) {
proto_item* pi;
- pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len,
+ pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len + (offset - seq_offset),
ett_decoding_error, &pi, "Indicator must be clear in VarBind");
expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_has_indicator);
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
}
+ /* we add the varbind tree root with a dummy label we'll fill later on */
+ pt_varbind = proto_tree_add_subtree(tree,tvb,offset,seq_len,ett_varbind,&pi_varbind,"VarBind");
+ *label = '\0';
+
+ seq_len += offset - seq_offset;
+
/* then we have the ObjectName's header */
- offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
- name_offset = offset = get_ber_length(tvb, offset, &name_len, &ind);
+ offset = dissect_ber_identifier(actx->pinfo, pt_varbind, tvb, offset, &ber_class, &pc, &tag);
+ name_offset = offset = dissect_ber_length(actx->pinfo, pt_varbind, tvb, offset, &name_len, &ind);
if (! ( !pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_OID) ) {
proto_item* pi;
return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
}
+ pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA);
+ pt_name = proto_item_add_subtree(pi_name,ett_name);
+
offset += name_len;
value_start = offset;
-
- /* then we have the value's header */
- offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
- value_offset = get_ber_length(tvb, offset, &value_len, &ind);
+ /* then we have the value's header */
+ offset = dissect_ber_identifier(actx->pinfo, pt_varbind, tvb, offset, &ber_class, &pc, &tag);
+ value_offset = dissect_ber_length(actx->pinfo, pt_varbind, tvb, offset, &value_len, &ind);
if (! (!pc) ) {
proto_item* pi;
- pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len,
+ pt = proto_tree_add_subtree(pt_varbind, tvb, value_start, value_len,
ett_decoding_error, &pi, "the value must be in primitive encoding");
expert_add_info(actx->pinfo, pi, &ei_snmp_value_not_primitive_encoding);
- return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt);
+ return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt);
}
/* Now, we know where everithing is */
-
-
- /* we add the varbind tree root with a dummy label we'll fill later on */
- pt_varbind = proto_tree_add_subtree(tree,tvb,seq_offset,seq_len,ett_varbind,&pi_varbind,"VarBind");
- *label = '\0';
-
- pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA);
- pt_name = proto_item_add_subtree(pi_name,ett_name);
-
/* fetch ObjectName and its relative oid_info */
oid_bytes = (guint8*)tvb_memdup(wmem_packet_scope(), tvb, name_offset, name_len);
- oid_info = oid_get_from_encoded(oid_bytes, name_len, &subids, &oid_matched, &oid_left);
+ oid_info = oid_get_from_encoded(wmem_packet_scope(), oid_bytes, name_len, &subids, &oid_matched, &oid_left);
add_oid_debug_subtree(oid_info,pt_name);
if (!subids) {
proto_item* pi;
- repr = oid_encoded2string(oid_bytes, name_len);
+ repr = oid_encoded2string(wmem_packet_scope(), oid_bytes, name_len);
pt = proto_tree_add_subtree_format(pt_name,tvb, 0, 0, ett_decoding_error, &pi, "invalid oid: %s", repr);
expert_add_info_format(actx->pinfo, pi, &ei_snmp_invalid_oid, "invalid oid: %s", repr);
return dissect_unknown_ber(actx->pinfo, tvb, name_offset, pt);
}
if (oid_matched+oid_left) {
- oid_string = oid_subid2string(subids,oid_matched+oid_left);
+ oid_string = oid_subid2string(wmem_packet_scope(), subids,oid_matched+oid_left);
}
if (ber_class == BER_CLASS_CON) {
/* now we'll try to figure out which are the indexing sub-oids and whether the oid we know about is the one oid we have to use */
switch (oid_info->kind) {
case OID_KIND_SCALAR:
- if (oid_left == 1) {
+ if (oid_left == 1) {
/* OK: we got the instance sub-id */
proto_tree_add_uint64(pt_name,hf_snmp_scalar_instance_index,tvb,name_offset,name_len,subids[oid_matched]);
oid_info_is_ok = TRUE;
goto indexing_done;
- } else if (oid_left == 0) {
+ } else if (oid_left == 0) {
if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) {
/* unSpecified does not require an instance sub-id add the new value and get off the way! */
pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,ENC_NA);
goto indexing_done;
}
- suboid_buf_len = oid_subid2encoded(suboid_len, suboid, &suboid_buf);
+ suboid_buf_len = oid_subid2encoded(wmem_packet_scope(), suboid_len, suboid, &suboid_buf);
DISSECTOR_ASSERT(suboid_buf_len);
format_error = BER_WRONG_TAG;
else {
max_len = oid_info->value_type->max_len == -1 ? 0xffffff : oid_info->value_type->max_len;
- min_len = oid_info->value_type->min_len;
+ min_len = oid_info->value_type->min_len;
if ((int)value_len < min_len || (int)value_len > max_len)
format_error = BER_WRONG_LENGTH;
if((oid_info->value_type)&&(oid_info->value_type->keytype == OID_KEY_TYPE_DATE_AND_TIME)&&(value_len > 7)){
pi_value = dissect_snmp_variable_date_and_time(pt_varbind, hfid, tvb, value_offset, value_len);
}else{
- pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
+ pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN);
}
if (format_error != BER_NO_ERROR) {
expert_add_info(actx->pinfo, pi_value, &ei_snmp_missing_mib);
}
-already_added:
- oid_info_is_ok = FALSE;
}
-
+already_added:
pt_value = proto_item_add_subtree(pi_value,ett_value);
if (value_len > 0 && oid_string) {
if (oid_info && oid_info->name) {
if (oid_left >= 1) {
- repr = wmem_strdup_printf(wmem_packet_scope(), "%s.%s (%s)", oid_info->name,
- oid_subid2string(&(subids[oid_matched]),oid_left),
- oid_subid2string(subids,oid_matched+oid_left));
+ repr = wmem_strdup_printf(wmem_packet_scope(), "%s.%s (%s)", oid_info->name,
+ oid_subid2string(wmem_packet_scope(), &(subids[oid_matched]),oid_left),
+ oid_subid2string(wmem_packet_scope(), subids,oid_matched+oid_left));
info_oid = wmem_strdup_printf(wmem_packet_scope(), "%s.%s", oid_info->name,
- oid_subid2string(&(subids[oid_matched]),oid_left));
+ oid_subid2string(wmem_packet_scope(), &(subids[oid_matched]),oid_left));
} else {
- repr = wmem_strdup_printf(wmem_packet_scope(), "%s (%s)", oid_info->name,
- oid_subid2string(subids,oid_matched));
+ repr = wmem_strdup_printf(wmem_packet_scope(), "%s (%s)", oid_info->name,
+ oid_subid2string(wmem_packet_scope(), subids,oid_matched));
info_oid = oid_info->name;
}
} else if (oid_string) {
- repr = wmem_strdup(wmem_packet_scope(), oid_string);
+ repr = wmem_strdup(wmem_packet_scope(), oid_string);
info_oid = oid_string;
} else {
- repr = wmem_strdup(wmem_packet_scope(), "[Bad OID]");
+ repr = wmem_strdup(wmem_packet_scope(), "[Bad OID]");
}
valstr = strstr(label,": ");
proto_item_set_text(pi_varbind,"%s: %s",repr,valstr);
if (display_oid && info_oid) {
- col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid);
+ col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid);
}
switch (format_error) {
#define SNMP_ENGINEID_RFC3411 0x01
static const true_false_string tfs_snmp_engineid_conform = {
- "RFC3411 (SNMPv3)",
- "RFC1910 (Non-SNMPv3)"
+ "RFC3411 (SNMPv3)",
+ "RFC1910 (Non-SNMPv3)"
};
#define SNMP_ENGINEID_FORMAT_IPV4 0x01
{ SNMP_ENGINEID_FORMAT_MACADDRESS, "MAC address" },
{ SNMP_ENGINEID_FORMAT_TEXT, "Text, administratively assigned" },
{ SNMP_ENGINEID_FORMAT_OCTETS, "Octets, administratively assigned" },
- { 0, NULL }
+ { 0, NULL }
};
#define SNMP_ENGINEID_CISCO_AGENT 0x00
int
dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int offset, int len)
{
- proto_item *item = NULL;
- guint8 conformance, format;
- guint32 enterpriseid, seconds;
- nstime_t ts;
- int len_remain = len;
-
- /* first bit: engine id conformance */
- if (len_remain<1) return offset;
- conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01);
- proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN);
-
- /* 4-byte enterprise number/name */
- if (len_remain<4) return offset;
- enterpriseid = tvb_get_ntohl(tvb, offset);
- if (conformance)
- enterpriseid -= 0x80000000; /* ignore first bit */
- proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid);
- offset+=4;
- len_remain-=4;
-
- switch(conformance) {
-
- case SNMP_ENGINEID_RFC1910:
- /* 12-byte AgentID w/ 8-byte trailer */
- if (len_remain==8) {
- proto_tree_add_item(tree, hf_snmp_agentid_trailer, tvb, offset, 8, ENC_NA);
- offset+=8;
- len_remain-=8;
- } else {
- proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc1910_non_conformant, tvb, offset, len_remain);
- return offset;
- }
- break;
-
- case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */
-
- /* 1-byte format specifier */
- if (len_remain<1) return offset;
- format = tvb_get_guint8(tvb, offset);
- item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)",
- val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format);
- offset+=1;
- len_remain-=1;
-
- switch(format) {
- case SNMP_ENGINEID_FORMAT_IPV4:
- /* 4-byte IPv4 address */
- if (len_remain==4) {
- proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
- offset+=4;
- len_remain=0;
- }
- break;
- case SNMP_ENGINEID_FORMAT_IPV6:
- /* 16-byte IPv6 address */
- if (len_remain==16) {
- proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA);
- offset+=16;
- len_remain=0;
- }
- break;
- case SNMP_ENGINEID_FORMAT_MACADDRESS:
- /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */
- if ((enterpriseid==9)&&(len_remain==7)) {
- proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN);
- offset++;
- len_remain--;
- }
- /* 6-byte MAC address */
- if (len_remain==6) {
- proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA);
- offset+=6;
- len_remain=0;
- }
- break;
- case SNMP_ENGINEID_FORMAT_TEXT:
- /* max. 27-byte string, administratively assigned */
- if (len_remain<=27) {
- proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA);
- offset+=len_remain;
- len_remain=0;
- }
- break;
- case 128:
- /* most common enterprise-specific format: (ucd|net)-snmp random */
- if ((enterpriseid==2021)||(enterpriseid==8072)) {
- proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random");
- /* demystify: 4B random, 4B epoch seconds */
- if (len_remain==8) {
- proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA);
- seconds = tvb_get_letohl(tvb, offset+4);
- ts.secs = seconds;
- ts.nsecs = 0;
- proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4,
- &ts, "%s",
- abs_time_secs_to_str(wmem_packet_scope(), seconds, ABSOLUTE_TIME_LOCAL, TRUE));
- offset+=8;
- len_remain=0;
- }
- break;
+ proto_item *item = NULL;
+ guint8 conformance, format;
+ guint32 enterpriseid, seconds;
+ nstime_t ts;
+ int len_remain = len;
+
+ /* first bit: engine id conformance */
+ if (len_remain<1) return offset;
+ conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01);
+ proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN);
+
+ /* 4-byte enterprise number/name */
+ if (len_remain<4) return offset;
+ enterpriseid = tvb_get_ntohl(tvb, offset);
+ if (conformance)
+ enterpriseid -= 0x80000000; /* ignore first bit */
+ proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid);
+ offset+=4;
+ len_remain-=4;
+
+ switch(conformance) {
+
+ case SNMP_ENGINEID_RFC1910:
+ /* 12-byte AgentID w/ 8-byte trailer */
+ if (len_remain==8) {
+ proto_tree_add_item(tree, hf_snmp_agentid_trailer, tvb, offset, 8, ENC_NA);
+ offset+=8;
+ len_remain-=8;
+ } else {
+ proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc1910_non_conformant, tvb, offset, len_remain);
+ return offset;
+ }
+ break;
+
+ case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */
+
+ /* 1-byte format specifier */
+ if (len_remain<1) return offset;
+ format = tvb_get_guint8(tvb, offset);
+ item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)",
+ val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format);
+ offset+=1;
+ len_remain-=1;
+
+ switch(format) {
+ case SNMP_ENGINEID_FORMAT_IPV4:
+ /* 4-byte IPv4 address */
+ if (len_remain==4) {
+ proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
+ offset+=4;
+ len_remain=0;
+ }
+ break;
+ case SNMP_ENGINEID_FORMAT_IPV6:
+ /* 16-byte IPv6 address */
+ if (len_remain==16) {
+ proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA);
+ offset+=16;
+ len_remain=0;
+ }
+ break;
+ case SNMP_ENGINEID_FORMAT_MACADDRESS:
+ /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */
+ if ((enterpriseid==9)&&(len_remain==7)) {
+ proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN);
+ offset++;
+ len_remain--;
+ }
+ /* 6-byte MAC address */
+ if (len_remain==6) {
+ proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA);
+ offset+=6;
+ len_remain=0;
+ }
+ break;
+ case SNMP_ENGINEID_FORMAT_TEXT:
+ /* max. 27-byte string, administratively assigned */
+ if (len_remain<=27) {
+ proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA);
+ offset+=len_remain;
+ len_remain=0;
+ }
+ break;
+ case 128:
+ /* most common enterprise-specific format: (ucd|net)-snmp random */
+ if ((enterpriseid==2021)||(enterpriseid==8072)) {
+ proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random");
+ /* demystify: 4B random, 4B epoch seconds */
+ if (len_remain==8) {
+ proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA);
+ seconds = tvb_get_letohl(tvb, offset+4);
+ ts.secs = seconds;
+ ts.nsecs = 0;
+ proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4,
+ &ts, "%s",
+ abs_time_secs_to_str(wmem_packet_scope(), seconds, ABSOLUTE_TIME_LOCAL, TRUE));
+ offset+=8;
+ len_remain=0;
+ }
+ break;
+ }
+ /* fall through */
+ case SNMP_ENGINEID_FORMAT_OCTETS:
+ default:
+ /* max. 27 bytes, administratively assigned or unknown format */
+ if (len_remain<=27) {
+ proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA);
+ offset+=len_remain;
+ len_remain=0;
+ }
+ break;
+ }
}
- /* fall through */
- case SNMP_ENGINEID_FORMAT_OCTETS:
- default:
- /* max. 27 bytes, administratively assigned or unknown format */
- if (len_remain<=27) {
- proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA);
- offset+=len_remain;
- len_remain=0;
+
+ if (len_remain>0) {
+ proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc3411_non_conformant, tvb, offset, len_remain);
+ offset+=len_remain;
}
- break;
- }
- }
-
- if (len_remain>0) {
- proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc3411_non_conformant, tvb, offset, len_remain);
- offset+=len_remain;
- }
- return offset;
+ return offset;
}
g_free(ue->engine.data);
}
-static void
-snmp_users_update_cb(void* p _U_, const char** err)
+static gboolean
+snmp_users_update_cb(void* p _U_, char** err)
{
snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p;
GString* es = g_string_new("");
if (num_ueas == 0)
/* Nothing to update */
- return;
+ return FALSE;
if (! ue->user.userName.len)
g_string_append_printf(es,"no userName\n");
if ( u->user.userName.len == ue->user.userName.len
&& u->engine.len == ue->engine.len && (u != ue)) {
- if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) {
+ if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) {
if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) {
/* XXX: make a string for the engineId */
g_string_append_printf(es,"Duplicate key (userName='%s')\n",ue->user.userName.data);
if (es->len) {
es = g_string_truncate(es,es->len-1);
*err = g_string_free(es, FALSE);
+ return FALSE;
}
- return;
+ return TRUE;
}
static void
#define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; }
static void
-renew_ue_cache(void)
+init_ue_cache(void)
{
- free_ue_cache(&localized_ues);
- free_ue_cache(&unlocalized_ues);
-
- if (num_ueas) {
- guint i;
-
- for(i = 0; i < num_ueas; i++) {
- snmp_ue_assoc_t* a = ue_dup(&(ueas[i]));
+ guint i;
- if (a->engine.len) {
- CACHE_INSERT(localized_ues,a);
+ for (i = 0; i < num_ueas; i++) {
+ snmp_ue_assoc_t* a = ue_dup(&(ueas[i]));
- } else {
- CACHE_INSERT(unlocalized_ues,a);
- }
+ if (a->engine.len) {
+ CACHE_INSERT(localized_ues,a);
+ } else {
+ CACHE_INSERT(unlocalized_ues,a);
}
+
}
}
+static void
+cleanup_ue_cache(void)
+{
+ free_ue_cache(&localized_ues);
+ free_ue_cache(&unlocalized_ues);
+}
+
+/* Called when the user applies changes to UAT preferences. */
+static void
+renew_ue_cache(void)
+{
+ cleanup_ue_cache();
+ init_ue_cache();
+}
+
static snmp_ue_assoc_t*
localize_ue( snmp_ue_assoc_t* o, const guint8* engine, guint engine_len )
static gboolean
-snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_)
+snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_)
{
gint msg_len;
guint8* msg;
msg[i] = '\0';
}
- calc_auth = (guint8*)wmem_alloc(wmem_packet_scope(), 20);
+ calc_auth = (guint8*)wmem_alloc(wmem_packet_scope(), SHA1_DIGEST_LEN);
sha1_hmac(key, key_len, msg, msg_len, calc_auth);
snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_)
{
#ifdef HAVE_LIBGCRYPT
- gcry_error_t err;
- gcry_cipher_hd_t hd = NULL;
+ gcry_error_t err;
+ gcry_cipher_hd_t hd = NULL;
guint8* cleartext;
guint8* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */
salt_len = tvb_captured_length(p->priv_tvb);
- if (salt_len != 8) {
+ if (salt_len != 8) {
*error = "decryptionError: msgPrivacyParameters length != 8";
return NULL;
}
priv_len = tvb_captured_length(p->priv_tvb);
- if (priv_len != 8) {
+ if (priv_len != 8) {
*error = "decryptionError: msgPrivacyParameters length != 8";
return NULL;
}
iv[1] = (p->boots & 0x00ff0000) >> 16;
iv[2] = (p->boots & 0x0000ff00) >> 8;
iv[3] = (p->boots & 0x000000ff);
- iv[4] = (p->time & 0xff000000) >> 24;
- iv[5] = (p->time & 0x00ff0000) >> 16;
- iv[6] = (p->time & 0x0000ff00) >> 8;
- iv[7] = (p->time & 0x000000ff);
+ iv[4] = (p->snmp_time & 0xff000000) >> 24;
+ iv[5] = (p->snmp_time & 0x00ff0000) >> 16;
+ iv[6] = (p->snmp_time & 0x0000ff00) >> 8;
+ iv[7] = (p->snmp_time & 0x000000ff);
tvb_memcpy(p->priv_tvb,&(iv[8]),0,8);
cryptgrm_len = tvb_captured_length(encryptedData);
usm_p.authenticated = FALSE;
usm_p.encrypted = FALSE;
usm_p.boots = 0;
- usm_p.time = 0;
+ usm_p.snmp_time = 0;
usm_p.authOK = FALSE;
/*
* have that routine deal with ASN.1, and just use
* "tcp_dissect_pdus()"?)
*/
- length_remaining = tvb_ensure_length_remaining(tvb, offset);
+ length_remaining = tvb_ensure_captured_length_remaining(tvb, offset);
/* NOTE: we have to parse the message piece by piece, since the
* capture length may be less than the message length: a 'global'
* OK, try to read the "Sequence Of" header; this gets the total
* length of the SNMP message.
*/
- /* Set tree to 0 to not display internal BER fields if option used.*/
- offset = dissect_ber_identifier(pinfo, 0, tvb, offset, &ber_class, &pc, &tag);
+ offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
/*Get the total octet length of the SNMP data*/
- offset = dissect_ber_length(pinfo, 0, tvb, offset, &len, &ind);
+ offset = get_ber_length(tvb, offset, &len, &ind);
message_length = len + offset;
/*Get the SNMP version data*/
- offset = dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version);
+ /*offset =*/ dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version);
/*
next_tvb_init(&var_list);
- col_set_str(pinfo->cinfo, COL_PROTOCOL,
- proto_get_protocol_short_name(find_protocol_by_id(proto)));
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, proto_get_protocol_short_name(find_protocol_by_id(proto)));
- item = proto_tree_add_item(tree, proto, tvb, start_offset,
- message_length, ENC_BIG_ENDIAN);
+ item = proto_tree_add_item(tree, proto, tvb, start_offset, message_length, ENC_BIG_ENDIAN);
snmp_tree = proto_item_add_subtree(item, ett);
switch (version) {
static gint
dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
{
- conversation_t *conversation;
+ conversation_t *conversation;
int offset;
gint8 tmp_class;
gboolean tmp_pc;
* wildcarded, and give it the SNMP dissector as a dissector.
*/
if (pinfo->destport == UDP_PORT_SNMP) {
- conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
+ conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
pinfo->srcport, 0, NO_PORT_B);
- if( (conversation == NULL) || (conversation->dissector_handle!=snmp_handle) ) {
- conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
+ if( (conversation == NULL) || (conversation_get_dissector(conversation, pinfo->fd->num)!=snmp_handle) ) {
+ conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
pinfo->srcport, 0, NO_PORT2);
- conversation_set_dissector(conversation, snmp_handle);
- }
+ conversation_set_dissector(conversation, snmp_handle);
+ }
}
return dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, FALSE);
guint message_len;
while (tvb_reported_length_remaining(tvb, offset) > 0) {
- message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree,
- proto_snmp, ett_snmp, TRUE);
+ message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, TRUE);
if (message_len == 0) {
/*
* We don't have all the data for that message,
}
}
-static void
-dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+static int
+dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
proto_tree *smux_tree = NULL;
proto_item *item = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMUX");
- if (tree) {
- item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA);
- smux_tree = proto_item_add_subtree(item, ett_smux);
- }
+ item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA);
+ smux_tree = proto_item_add_subtree(item, ett_smux);
- dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree);
+ return dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree, data);
}
*/
static void
snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen,
- const guint8 *engineID, guint engineLength,
+ const guint8 *engineID, guint engineLength,
guint8 *key)
{
- md5_state_t MD;
- guint8 *cp, password_buf[64];
- guint32 password_index = 0;
- guint32 count = 0, i;
+ md5_state_t MD;
+ guint8 *cp, password_buf[64];
+ guint32 password_index = 0;
+ guint32 count = 0, i;
guint8 key1[16];
md5_init(&MD); /* initialize MD5 */
md5_append(&MD, password_buf, 64);
count += 64;
}
- md5_finish(&MD, key1); /* tell MD5 we're done */
+ md5_finish(&MD, key1); /* tell MD5 we're done */
/*****************************************************/
/* Now localize the key with the engineID and pass */
const guint8 *engineID, guint engineLength,
guint8 *key)
{
- sha1_context SH;
- guint8 *cp, password_buf[64];
- guint32 password_index = 0;
- guint32 count = 0, i;
+ sha1_context SH;
+ guint8 *cp, password_buf[64];
+ guint32 password_index = 0;
+ guint32 count = 0, i;
- sha1_starts(&SH); /* initialize SHA */
+ sha1_starts(&SH); /* initialize SHA */
/**********************************************/
/* Use while loop until we've done 1 Megabyte */
/*****************************************************/
sha1_starts(&SH);
- sha1_update(&SH, key, 20);
+ sha1_update(&SH, key, SHA1_DIGEST_LEN);
sha1_update(&SH, engineID, engineLength);
- sha1_update(&SH, key, 20);
+ sha1_update(&SH, key, SHA1_DIGEST_LEN);
sha1_finish(&SH, key);
return;
}
/*--- proto_register_snmp -------------------------------------------*/
void proto_register_snmp(void) {
- /* List of fields */
- static hf_register_info hf[] = {
+ /* List of fields */
+ static hf_register_info hf[] = {
{ &hf_snmp_v3_flags_auth,
{ "Authenticated", "snmp.v3.flags.auth", FT_BOOLEAN, 8,
TFS(&tfs_set_notset), TH_AUTH, NULL, HFILL }},
"Authentication", "snmp.v3.auth", FT_BOOLEAN, BASE_NONE,
TFS(&auth_flags), 0, NULL, HFILL }},
{ &hf_snmp_decryptedPDU, {
- "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE,
+ "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE,
NULL, 0, "Decrypted PDU", HFILL }},
{ &hf_snmp_noSuchObject, {
"noSuchObject", "snmp.noSuchObject", FT_NONE, BASE_NONE,
#include "packet-snmp-hfarr.c"
- };
-
- /* List of subtrees */
- static gint *ett[] = {
- &ett_snmp,
- &ett_engineid,
- &ett_msgFlags,
- &ett_encryptedPDU,
- &ett_decrypted,
- &ett_authParameters,
- &ett_internet,
- &ett_varbind,
- &ett_name,
- &ett_value,
- &ett_decoding_error,
+ };
+
+ /* List of subtrees */
+ static gint *ett[] = {
+ &ett_snmp,
+ &ett_engineid,
+ &ett_msgFlags,
+ &ett_encryptedPDU,
+ &ett_decrypted,
+ &ett_authParameters,
+ &ett_internet,
+ &ett_varbind,
+ &ett_name,
+ &ett_value,
+ &ett_decoding_error,
#include "packet-snmp-ettarr.c"
- };
- static ei_register_info ei[] = {
- { &ei_snmp_failed_decrypted_data_pdu, { "snmp.failed_decrypted_data_pdu", PI_MALFORMED, PI_WARN, "Failed to decrypt encryptedPDU", EXPFILL }},
- { &ei_snmp_decrypted_data_bad_formatted, { "snmp.decrypted_data_bad_formatted", PI_MALFORMED, PI_WARN, "Decrypted data not formatted as expected, wrong key?", EXPFILL }},
- { &ei_snmp_verify_authentication_error, { "snmp.verify_authentication_error", PI_MALFORMED, PI_ERROR, "Error while verifying Message authenticity", EXPFILL }},
- { &ei_snmp_authentication_ok, { "snmp.authentication_ok", PI_CHECKSUM, PI_CHAT, "SNMP Authentication OK", EXPFILL }},
- { &ei_snmp_authentication_error, { "snmp.authentication_error", PI_CHECKSUM, PI_WARN, "SNMP Authentication Error", EXPFILL }},
- { &ei_snmp_varbind_not_uni_class_seq, { "snmp.varbind.not_uni_class_seq", PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence", EXPFILL }},
- { &ei_snmp_varbind_has_indicator, { "snmp.varbind.has_indicator", PI_MALFORMED, PI_WARN, "VarBind has indicator set", EXPFILL }},
- { &ei_snmp_objectname_not_oid, { "snmp.objectname_not_oid", PI_MALFORMED, PI_WARN, "ObjectName not an OID", EXPFILL }},
- { &ei_snmp_objectname_has_indicator, { "snmp.objectname_has_indicator", PI_MALFORMED, PI_WARN, "ObjectName has indicator set", EXPFILL }},
- { &ei_snmp_value_not_primitive_encoding, { "snmp.value_not_primitive_encoding", PI_MALFORMED, PI_WARN, "value not in primitive encoding", EXPFILL }},
- { &ei_snmp_invalid_oid, { "snmp.invalid_oid", PI_MALFORMED, PI_WARN, "invalid oid", EXPFILL }},
- { &ei_snmp_varbind_wrong_tag, { "snmp.varbind.wrong_tag", PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value", EXPFILL }},
- { &ei_snmp_varbind_response, { "snmp.varbind.response", PI_RESPONSE_CODE, PI_NOTE, "Response", EXPFILL }},
- { &ei_snmp_no_instance_subid, { "snmp.no_instance_subid", PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value", EXPFILL }},
- { &ei_snmp_wrong_num_of_subids, { "snmp.wrong_num_of_subids", PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value", EXPFILL }},
- { &ei_snmp_index_suboid_too_short, { "snmp.index_suboid_too_short", PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected", EXPFILL }},
- { &ei_snmp_unimplemented_instance_index, { "snmp.unimplemented_instance_index", PI_UNDECODED, PI_WARN, "OID instaces not handled, if you want this implemented please contact the wireshark developers", EXPFILL }},
- { &ei_snmp_index_suboid_len0, { "snmp.ndex_suboid_len0", PI_MALFORMED, PI_WARN, "an index sub-oid OID cannot be 0 bytes long!", EXPFILL }},
- { &ei_snmp_index_suboid_too_long, { "snmp.index_suboid_too_long", PI_MALFORMED, PI_WARN, "index sub-oid should not be longer than remaining oid size", EXPFILL }},
- { &ei_snmp_index_string_too_long, { "snmp.index_string_too_long", PI_MALFORMED, PI_WARN, "index string should not be longer than remaining oid size", EXPFILL }},
- { &ei_snmp_column_parent_not_row, { "snmp.column_parent_not_row", PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW", EXPFILL }},
- { &ei_snmp_uint_too_large, { "snmp.uint_too_large", PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1", EXPFILL }},
- { &ei_snmp_int_too_large, { "snmp.int_too_large", PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63", EXPFILL }},
- { &ei_snmp_integral_value0, { "snmp.integral_value0", PI_UNDECODED, PI_NOTE, "Integral value is zero-length", EXPFILL }},
- { &ei_snmp_missing_mib, { "snmp.missing_mib", PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB", EXPFILL }},
- { &ei_snmp_varbind_wrong_length_value, { "snmp.varbind.wrong_length_value", PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value", EXPFILL }},
- { &ei_snmp_varbind_wrong_class_tag, { "snmp.varbind.wrong_class_tag", PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value", EXPFILL }},
- { &ei_snmp_rfc1910_non_conformant, { "snmp.rfc1910_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC1910", EXPFILL }},
- { &ei_snmp_rfc3411_non_conformant, { "snmp.rfc3411_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC3411", EXPFILL }},
- { &ei_snmp_version_unknown, { "snmp.version.unknown", PI_PROTOCOL, PI_WARN, "Unknown version", EXPFILL }},
-
- };
-
- expert_module_t* expert_snmp;
- module_t *snmp_module;
-
- static uat_field_t users_fields[] = {
- UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"),
- UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"),
- UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."),
- UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"),
- UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."),
- UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"),
- UAT_END_FIELDS
- };
-
- uat_t *assocs_uat = uat_new("SNMP Users",
- sizeof(snmp_ue_assoc_t),
- "snmp_users",
- TRUE,
- &ueas,
- &num_ueas,
- UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
- "ChSNMPUsersSection",
- snmp_users_copy_cb,
- snmp_users_update_cb,
- snmp_users_free_cb,
- renew_ue_cache,
- users_fields);
-
- static uat_field_t specific_traps_flds[] = {
- UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"),
- UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"),
- UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"),
- UAT_END_FIELDS
- };
-
- uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types",
- sizeof(snmp_st_assoc_t),
- "snmp_specific_traps",
- TRUE,
- &specific_traps,
- &num_specific_traps,
- UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
- "ChSNMPEnterpriseSpecificTrapTypes",
- snmp_specific_trap_copy_cb,
- NULL,
- snmp_specific_trap_free_cb,
- NULL,
- specific_traps_flds);
-
- /* Register protocol */
- proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME);
- new_register_dissector("snmp", dissect_snmp, proto_snmp);
-
- /* Register fields and subtrees */
- proto_register_field_array(proto_snmp, hf, array_length(hf));
- proto_register_subtree_array(ett, array_length(ett));
- expert_snmp = expert_register_protocol(proto_snmp);
- expert_register_field_array(expert_snmp, ei, array_length(ei));
-
-
- /* Register configuration preferences */
- snmp_module = prefs_register_protocol(proto_snmp, process_prefs);
- prefs_register_bool_preference(snmp_module, "display_oid",
+ };
+ static ei_register_info ei[] = {
+ { &ei_snmp_failed_decrypted_data_pdu, { "snmp.failed_decrypted_data_pdu", PI_MALFORMED, PI_WARN, "Failed to decrypt encryptedPDU", EXPFILL }},
+ { &ei_snmp_decrypted_data_bad_formatted, { "snmp.decrypted_data_bad_formatted", PI_MALFORMED, PI_WARN, "Decrypted data not formatted as expected, wrong key?", EXPFILL }},
+ { &ei_snmp_verify_authentication_error, { "snmp.verify_authentication_error", PI_MALFORMED, PI_ERROR, "Error while verifying Message authenticity", EXPFILL }},
+ { &ei_snmp_authentication_ok, { "snmp.authentication_ok", PI_CHECKSUM, PI_CHAT, "SNMP Authentication OK", EXPFILL }},
+ { &ei_snmp_authentication_error, { "snmp.authentication_error", PI_CHECKSUM, PI_WARN, "SNMP Authentication Error", EXPFILL }},
+ { &ei_snmp_varbind_not_uni_class_seq, { "snmp.varbind.not_uni_class_seq", PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence", EXPFILL }},
+ { &ei_snmp_varbind_has_indicator, { "snmp.varbind.has_indicator", PI_MALFORMED, PI_WARN, "VarBind has indicator set", EXPFILL }},
+ { &ei_snmp_objectname_not_oid, { "snmp.objectname_not_oid", PI_MALFORMED, PI_WARN, "ObjectName not an OID", EXPFILL }},
+ { &ei_snmp_objectname_has_indicator, { "snmp.objectname_has_indicator", PI_MALFORMED, PI_WARN, "ObjectName has indicator set", EXPFILL }},
+ { &ei_snmp_value_not_primitive_encoding, { "snmp.value_not_primitive_encoding", PI_MALFORMED, PI_WARN, "value not in primitive encoding", EXPFILL }},
+ { &ei_snmp_invalid_oid, { "snmp.invalid_oid", PI_MALFORMED, PI_WARN, "invalid oid", EXPFILL }},
+ { &ei_snmp_varbind_wrong_tag, { "snmp.varbind.wrong_tag", PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value", EXPFILL }},
+ { &ei_snmp_varbind_response, { "snmp.varbind.response", PI_RESPONSE_CODE, PI_NOTE, "Response", EXPFILL }},
+ { &ei_snmp_no_instance_subid, { "snmp.no_instance_subid", PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value", EXPFILL }},
+ { &ei_snmp_wrong_num_of_subids, { "snmp.wrong_num_of_subids", PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value", EXPFILL }},
+ { &ei_snmp_index_suboid_too_short, { "snmp.index_suboid_too_short", PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected", EXPFILL }},
+ { &ei_snmp_unimplemented_instance_index, { "snmp.unimplemented_instance_index", PI_UNDECODED, PI_WARN, "OID instaces not handled, if you want this implemented please contact the wireshark developers", EXPFILL }},
+ { &ei_snmp_index_suboid_len0, { "snmp.ndex_suboid_len0", PI_MALFORMED, PI_WARN, "an index sub-oid OID cannot be 0 bytes long!", EXPFILL }},
+ { &ei_snmp_index_suboid_too_long, { "snmp.index_suboid_too_long", PI_MALFORMED, PI_WARN, "index sub-oid should not be longer than remaining oid size", EXPFILL }},
+ { &ei_snmp_index_string_too_long, { "snmp.index_string_too_long", PI_MALFORMED, PI_WARN, "index string should not be longer than remaining oid size", EXPFILL }},
+ { &ei_snmp_column_parent_not_row, { "snmp.column_parent_not_row", PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW", EXPFILL }},
+ { &ei_snmp_uint_too_large, { "snmp.uint_too_large", PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1", EXPFILL }},
+ { &ei_snmp_int_too_large, { "snmp.int_too_large", PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63", EXPFILL }},
+ { &ei_snmp_integral_value0, { "snmp.integral_value0", PI_UNDECODED, PI_NOTE, "Integral value is zero-length", EXPFILL }},
+ { &ei_snmp_missing_mib, { "snmp.missing_mib", PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB", EXPFILL }},
+ { &ei_snmp_varbind_wrong_length_value, { "snmp.varbind.wrong_length_value", PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value", EXPFILL }},
+ { &ei_snmp_varbind_wrong_class_tag, { "snmp.varbind.wrong_class_tag", PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value", EXPFILL }},
+ { &ei_snmp_rfc1910_non_conformant, { "snmp.rfc1910_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC1910", EXPFILL }},
+ { &ei_snmp_rfc3411_non_conformant, { "snmp.rfc3411_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC3411", EXPFILL }},
+ { &ei_snmp_version_unknown, { "snmp.version.unknown", PI_PROTOCOL, PI_WARN, "Unknown version", EXPFILL }},
+ { &ei_snmp_trap_pdu_obsolete, { "snmp.trap_pdu_obsolete", PI_PROTOCOL, PI_WARN, "Trap-PDU is obsolete in this SNMP version", EXPFILL }},
+
+ };
+
+ expert_module_t* expert_snmp;
+ module_t *snmp_module;
+
+ static uat_field_t users_fields[] = {
+ UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"),
+ UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"),
+ UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."),
+ UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"),
+ UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."),
+ UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"),
+ UAT_END_FIELDS
+ };
+
+ uat_t *assocs_uat = uat_new("SNMP Users",
+ sizeof(snmp_ue_assoc_t),
+ "snmp_users",
+ TRUE,
+ &ueas,
+ &num_ueas,
+ UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
+ "ChSNMPUsersSection",
+ snmp_users_copy_cb,
+ snmp_users_update_cb,
+ snmp_users_free_cb,
+ renew_ue_cache,
+ users_fields);
+
+ static uat_field_t specific_traps_flds[] = {
+ UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"),
+ UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"),
+ UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"),
+ UAT_END_FIELDS
+ };
+
+ uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types",
+ sizeof(snmp_st_assoc_t),
+ "snmp_specific_traps",
+ TRUE,
+ &specific_traps,
+ &num_specific_traps,
+ UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
+ "ChSNMPEnterpriseSpecificTrapTypes",
+ snmp_specific_trap_copy_cb,
+ NULL,
+ snmp_specific_trap_free_cb,
+ NULL,
+ specific_traps_flds);
+
+ /* Register protocol */
+ proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME);
+ new_register_dissector("snmp", dissect_snmp, proto_snmp);
+
+ /* Register fields and subtrees */
+ proto_register_field_array(proto_snmp, hf, array_length(hf));
+ proto_register_subtree_array(ett, array_length(ett));
+ expert_snmp = expert_register_protocol(proto_snmp);
+ expert_register_field_array(expert_snmp, ei, array_length(ei));
+
+
+ /* Register configuration preferences */
+ snmp_module = prefs_register_protocol(proto_snmp, process_prefs);
+ prefs_register_bool_preference(snmp_module, "display_oid",
"Show SNMP OID in info column",
"Whether the SNMP OID should be shown in the info column",
&display_oid);
- prefs_register_obsolete_preference(snmp_module, "mib_modules");
- prefs_register_obsolete_preference(snmp_module, "users_file");
+ prefs_register_obsolete_preference(snmp_module, "mib_modules");
+ prefs_register_obsolete_preference(snmp_module, "users_file");
- prefs_register_bool_preference(snmp_module, "desegment",
+ prefs_register_bool_preference(snmp_module, "desegment",
"Reassemble SNMP-over-TCP messages\nspanning multiple TCP segments",
"Whether the SNMP dissector should reassemble messages spanning multiple TCP segments."
" To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
&snmp_desegment);
- prefs_register_bool_preference(snmp_module, "var_in_tree",
+ prefs_register_bool_preference(snmp_module, "var_in_tree",
"Display dissected variables inside SNMP tree",
"ON - display dissected variables inside SNMP tree, OFF - display dissected variables in root tree after SNMP",
&snmp_var_in_tree);
- prefs_register_uat_preference(snmp_module, "users_table",
+ prefs_register_uat_preference(snmp_module, "users_table",
"Users Table",
"Table of engine-user associations used for authentication and decryption",
assocs_uat);
- prefs_register_uat_preference(snmp_module, "specific_traps_table",
+ prefs_register_uat_preference(snmp_module, "specific_traps_table",
"Enterprise Specific Trap Types",
"Table of enterprise specific-trap type descriptions",
specific_traps_uat);
#ifdef HAVE_LIBSMI
- prefs_register_static_text_preference(snmp_module, "info_mibs",
- "MIB settings can be changed in the Name Resolution preferences",
- "MIB settings can be changed in the Name Resolution preferences");
+ prefs_register_static_text_preference(snmp_module, "info_mibs",
+ "MIB settings can be changed in the Name Resolution preferences",
+ "MIB settings can be changed in the Name Resolution preferences");
#endif
- value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE);
+ value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE);
- register_init_routine(renew_ue_cache);
+ register_init_routine(init_ue_cache);
+ register_cleanup_routine(cleanup_ue_cache);
- register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp);
+ register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp);
}
void
proto_register_smux(void)
{
- static hf_register_info hf[] = {
- { &hf_smux_version,
- { "Version", "smux.version", FT_UINT8, BASE_DEC, NULL,
- 0x0, NULL, HFILL }},
- { &hf_smux_pdutype,
- { "PDU type", "smux.pdutype", FT_UINT8, BASE_DEC, VALS(smux_types),
- 0x0, NULL, HFILL }},
- };
static gint *ett[] = {
&ett_smux,
};
proto_smux = proto_register_protocol("SNMP Multiplex Protocol",
"SMUX", "smux");
- proto_register_field_array(proto_smux, hf, array_length(hf));
+
proto_register_subtree_array(ett, array_length(ett));
}
{
dissector_handle_t smux_handle;
- smux_handle = create_dissector_handle(dissect_smux, proto_smux);
+ smux_handle = new_create_dissector_handle(dissect_smux, proto_smux);
dissector_add_uint("tcp.port", TCP_PORT_SMUX, smux_handle);
}