X-Git-Url: http://git.samba.org/?p=metze%2Fwireshark%2Fwip.git;a=blobdiff_plain;f=asn1%2Fsnmp%2Fpacket-snmp-template.c;h=a94dffdf3521c642075111d5a2d5fc99f2206a8a;hp=65cc607d40379cf1046543e1219c8f708148e5c6;hb=1c5b3c378321267e86aa4154c3d907a1088f6949;hpb=46dbc918967bedc45afc809aef9093d152a2e496 diff --git a/asn1/snmp/packet-snmp-template.c b/asn1/snmp/packet-snmp-template.c index 65cc607d40..a94dffdf35 100644 --- a/asn1/snmp/packet-snmp-template.c +++ b/asn1/snmp/packet-snmp-template.c @@ -17,8 +17,6 @@ * See RFC 2578 for Structure of Management Information Version 2 (SMIv2) * Copyright (C) 2007 Luis E. Garcia Ontanon * - * $Id$ - * * Wireshark - Network traffic analyzer * By Gerald Combs * Copyright 1998 Gerald Combs @@ -44,43 +42,32 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ +#if 0 +#include #define D(args) do {printf args; fflush(stdout); } while(0) +#endif #include "config.h" -#include -#include - -#include - #include #include #include #include #include #include -#include #include #include #include +#include +#include +#include +#include #include "packet-ipx.h" #include "packet-hpext.h" - - #include "packet-ber.h" - #include "packet-snmp.h" -#include -#include -#include -#include -#include - - -#ifdef HAVE_LIBGCRYPT -#include -#endif +#include /* Take a pointer that may be null and return a pointer that's not null by turning null pointers into pointers to the above null string, @@ -105,15 +92,19 @@ static int proto_smux = -1; static gboolean display_oid = TRUE; static gboolean snmp_var_in_tree = TRUE; -#ifdef HAVE_LIBGCRYPT -static gint snmp_decryption_algo = 0; -#endif + +void proto_register_snmp(void); +void proto_reg_handoff_snmp(void); +void proto_register_smux(void); +void proto_reg_handoff_smux(void); static gboolean snmp_usm_auth_md5(snmp_usm_params_t* p, guint8**, guint*, gchar const**); static gboolean snmp_usm_auth_sha1(snmp_usm_params_t* p, guint8**, guint*, gchar const**); static tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t*, tvbuff_t*, gchar const**); -static tvbuff_t* snmp_usm_priv_aes(snmp_usm_params_t*, tvbuff_t*, gchar const**); +static tvbuff_t* snmp_usm_priv_aes128(snmp_usm_params_t*, tvbuff_t*, gchar const**); +static tvbuff_t* snmp_usm_priv_aes192(snmp_usm_params_t*, tvbuff_t*, gchar const**); +static tvbuff_t* snmp_usm_priv_aes256(snmp_usm_params_t*, tvbuff_t*, gchar const**); static void snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen, const guint8 *engineID, guint engineLength, guint8 *key); @@ -121,7 +112,7 @@ static void snmp_usm_password_to_key_sha1(const guint8 *password, guint password static snmp_usm_auth_model_t model_md5 = {snmp_usm_password_to_key_md5, snmp_usm_auth_md5, 16}; -static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, 20}; +static snmp_usm_auth_model_t model_sha1 = {snmp_usm_password_to_key_sha1, snmp_usm_auth_sha1, SHA1_DIGEST_LEN}; static const value_string auth_types[] = { {0,"MD5"}, @@ -130,21 +121,24 @@ static const value_string auth_types[] = { }; static snmp_usm_auth_model_t* auth_models[] = {&model_md5,&model_sha1}; +#define PRIV_DES 0 +#define PRIV_AES128 1 +#define PRIV_AES192 2 +#define PRIV_AES256 3 static const value_string priv_types[] = { - {0,"DES"}, - {1,"AES"}, - {0,NULL} + { PRIV_DES, "DES" }, + { PRIV_AES128, "AES" }, + { PRIV_AES192, "AES192" }, + { PRIV_AES256, "AES256" }, + { 0, NULL} }; -static snmp_usm_decoder_t priv_protos[] = {snmp_usm_priv_des, snmp_usm_priv_aes}; - -#ifdef HAVE_LIBGCRYPT -static const enum_val_t snmp_decryption_algo_type[] = { - { "aes" , "AES", 0 }, - { "aes256", "AES256", 1 }, - { NULL, NULL, 0 } +static snmp_usm_decoder_t priv_protos[] = { + snmp_usm_priv_des, + snmp_usm_priv_aes128, + snmp_usm_priv_aes192, + snmp_usm_priv_aes256 }; -#endif static snmp_ue_assoc_t* ueas = NULL; static guint num_ueas = 0; @@ -162,7 +156,7 @@ static guint num_specific_traps = 0; static snmp_st_assoc_t *specific_traps = NULL; static const char *enterprise_oid = NULL; static guint generic_trap = 0; - +static guint32 snmp_version = 0; static snmp_usm_params_t usm_p = {FALSE,FALSE,0,0,0,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,FALSE}; @@ -225,12 +219,11 @@ static int hf_snmp_gauge32_value = -1; static int hf_snmp_objectname = -1; static int hf_snmp_scalar_instance_index = -1; +static int hf_snmp_var_bind_str = -1; +static int hf_snmp_agentid_trailer = -1; #include "packet-snmp-hf.c" -static int hf_smux_version = -1; -static int hf_smux_pdutype = -1; - /* Initialize the subtree pointers */ static gint ett_smux = -1; static gint ett_snmp = -1; @@ -247,6 +240,38 @@ static gint ett_decoding_error = -1; #include "packet-snmp-ett.c" +static expert_field ei_snmp_failed_decrypted_data_pdu = EI_INIT; +static expert_field ei_snmp_decrypted_data_bad_formatted = EI_INIT; +static expert_field ei_snmp_verify_authentication_error = EI_INIT; +static expert_field ei_snmp_authentication_ok = EI_INIT; +static expert_field ei_snmp_authentication_error = EI_INIT; +static expert_field ei_snmp_varbind_not_uni_class_seq = EI_INIT; +static expert_field ei_snmp_varbind_has_indicator = EI_INIT; +static expert_field ei_snmp_objectname_not_oid = EI_INIT; +static expert_field ei_snmp_objectname_has_indicator = EI_INIT; +static expert_field ei_snmp_value_not_primitive_encoding = EI_INIT; +static expert_field ei_snmp_invalid_oid = EI_INIT; +static expert_field ei_snmp_varbind_wrong_tag = EI_INIT; +static expert_field ei_snmp_varbind_response = EI_INIT; +static expert_field ei_snmp_no_instance_subid = EI_INIT; +static expert_field ei_snmp_wrong_num_of_subids = EI_INIT; +static expert_field ei_snmp_index_suboid_too_short = EI_INIT; +static expert_field ei_snmp_unimplemented_instance_index = EI_INIT; +static expert_field ei_snmp_index_suboid_len0 = EI_INIT; +static expert_field ei_snmp_index_suboid_too_long = EI_INIT; +static expert_field ei_snmp_index_string_too_long = EI_INIT; +static expert_field ei_snmp_column_parent_not_row = EI_INIT; +static expert_field ei_snmp_uint_too_large = EI_INIT; +static expert_field ei_snmp_int_too_large = EI_INIT; +static expert_field ei_snmp_integral_value0 = EI_INIT; +static expert_field ei_snmp_missing_mib = EI_INIT; +static expert_field ei_snmp_varbind_wrong_length_value = EI_INIT; +static expert_field ei_snmp_varbind_wrong_class_tag = EI_INIT; +static expert_field ei_snmp_rfc1910_non_conformant = EI_INIT; +static expert_field ei_snmp_rfc3411_non_conformant = EI_INIT; +static expert_field ei_snmp_version_unknown = EI_INIT; +static expert_field ei_snmp_trap_pdu_obsolete = EI_INIT; + static const true_false_string auth_flags = { "OK", "Failed" @@ -255,7 +280,7 @@ static const true_false_string auth_flags = { /* Security Models */ #define SNMP_SEC_ANY 0 -#define SNMP_SEC_V1 1 +#define SNMP_SEC_V1 1 #define SNMP_SEC_V2C 2 #define SNMP_SEC_USM 3 @@ -267,6 +292,7 @@ static const value_string sec_models[] = { { 0, NULL } }; +#if 0 /* SMUX PDU types */ #define SMUX_MSG_OPEN 0 #define SMUX_MSG_CLOSE 1 @@ -282,6 +308,7 @@ static const value_string smux_types[] = { { SMUX_MSG_SOUT, "Commit Or Rollback" }, { 0, NULL } }; +#endif #define SNMP_IPA 0 /* IP Address */ @@ -319,6 +346,102 @@ snmp_lookup_specific_trap (guint specific_trap) return NULL; } +static int +dissect_snmp_variable_string(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void *data _U_) +{ + + proto_tree_add_item(tree, hf_snmp_var_bind_str, tvb, 0, -1, ENC_ASCII|ENC_NA); + + return tvb_captured_length(tvb); +} + +/* +DateAndTime ::= TEXTUAL-CONVENTION + DISPLAY-HINT "2d-1d-1d,1d:1d:1d.1d,1a1d:1d" + STATUS current + DESCRIPTION + "A date-time specification. + + field octets contents range + ----- ------ -------- ----- + 1 1-2 year* 0..65536 + 2 3 month 1..12 + 3 4 day 1..31 + 4 5 hour 0..23 + 5 6 minutes 0..59 + 6 7 seconds 0..60 + (use 60 for leap-second) + 7 8 deci-seconds 0..9 + 8 9 direction from UTC '+' / '-' + 9 10 hours from UTC* 0..13 + 10 11 minutes from UTC 0..59 + + * Notes: + - the value of year is in network-byte order + - daylight saving time in New Zealand is +13 + + For example, Tuesday May 26, 1992 at 1:30:15 PM EDT would be + displayed as: + + 1992-5-26,13:30:15.0,-4:0 + + Note that if only local time is known, then timezone + information (fields 8-10) is not present." + SYNTAX OCTET STRING (SIZE (8 | 11)) +*/ +static proto_item * +dissect_snmp_variable_date_and_time(proto_tree *tree,int hfid, tvbuff_t *tvb, int offset, int length) +{ + guint16 year; + guint8 month; + guint8 day; + guint8 hour; + guint8 minutes; + guint8 seconds; + guint8 deci_seconds; + guint8 hour_from_utc; + guint8 min_from_utc; + gchar *str; + + year = tvb_get_ntohs(tvb,offset); + month = tvb_get_guint8(tvb,offset+2); + day = tvb_get_guint8(tvb,offset+3); + hour = tvb_get_guint8(tvb,offset+4); + minutes = tvb_get_guint8(tvb,offset+5); + seconds = tvb_get_guint8(tvb,offset+6); + deci_seconds = tvb_get_guint8(tvb,offset+7); + if(length > 8){ + hour_from_utc = tvb_get_guint8(tvb,offset+9); + min_from_utc = tvb_get_guint8(tvb,offset+10); + + str = wmem_strdup_printf(wmem_packet_scope(), + "%u-%u-%u, %u:%u:%u.%u UTC %s%u:%u", + year, + month, + day, + hour, + minutes, + seconds, + deci_seconds, + tvb_get_string_enc(wmem_packet_scope(),tvb,offset+8,1,ENC_ASCII|ENC_NA), + hour_from_utc, + min_from_utc); + }else{ + str = wmem_strdup_printf(wmem_packet_scope(), + "%u-%u-%u, %u:%u:%u.%u", + year, + month, + day, + hour, + minutes, + seconds, + deci_seconds); + } + + return proto_tree_add_string(tree, hfid, tvb, offset, length, str); + +} + /* * dissect_snmp_VarBind * this routine dissects variable bindings, looking for the oid information in our oid reporsitory @@ -386,7 +509,7 @@ snmp_lookup_specific_trap (guint specific_trap) */ -extern int +static int dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) { @@ -415,88 +538,88 @@ dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, seq_offset = offset; /* first have the VarBind's sequence header */ - offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); - offset = get_ber_length(tvb, offset, &seq_len, &ind); - - seq_len += offset - seq_offset; + offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag); + offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &seq_len, &ind); if (!pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_SEQUENCE) { - proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"VarBind must be an universal class sequence"); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence"); + proto_item* pi; + pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len + (offset - seq_offset), + ett_decoding_error, &pi, "VarBind must be an universal class sequence"); + expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_not_uni_class_seq); return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); } if (ind) { - proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in VarBind"); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "VarBind has indicator set"); + proto_item* pi; + pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len + (offset - seq_offset), + ett_decoding_error, &pi, "Indicator must be clear in VarBind"); + expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_has_indicator); return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); } + /* we add the varbind tree root with a dummy label we'll fill later on */ + pt_varbind = proto_tree_add_subtree(tree,tvb,offset,seq_len,ett_varbind,&pi_varbind,"VarBind"); + *label = '\0'; + + seq_len += offset - seq_offset; + /* then we have the ObjectName's header */ - offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); - name_offset = offset = get_ber_length(tvb, offset, &name_len, &ind); + offset = dissect_ber_identifier(actx->pinfo, pt_varbind, tvb, offset, &ber_class, &pc, &tag); + name_offset = offset = dissect_ber_length(actx->pinfo, pt_varbind, tvb, offset, &name_len, &ind); if (! ( !pc && ber_class==BER_CLASS_UNI && tag==BER_UNI_TAG_OID) ) { - proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"ObjectName must be an OID in primitive encoding"); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName not an OID"); + proto_item* pi; + pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len, + ett_decoding_error, &pi, "ObjectName must be an OID in primitive encoding"); + expert_add_info(actx->pinfo, pi, &ei_snmp_objectname_not_oid); return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); } if (ind) { - proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"Indicator must be clear in ObjectName"); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "ObjectName has indicator set"); + proto_item* pi; + pt = proto_tree_add_subtree(tree, tvb, seq_offset, seq_len, + ett_decoding_error, &pi, "Indicator must be clear in ObjectName"); + expert_add_info(actx->pinfo, pi, &ei_snmp_objectname_has_indicator); return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); } + pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA); + pt_name = proto_item_add_subtree(pi_name,ett_name); + offset += name_len; value_start = offset; - - /* then we have the value's header */ - offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); - value_offset = get_ber_length(tvb, offset, &value_len, &ind); + /* then we have the value's header */ + offset = dissect_ber_identifier(actx->pinfo, pt_varbind, tvb, offset, &ber_class, &pc, &tag); + value_offset = dissect_ber_length(actx->pinfo, pt_varbind, tvb, offset, &value_len, &ind); if (! (!pc) ) { - proto_item* pi = proto_tree_add_text(tree, tvb, seq_offset, seq_len,"the value must be in primitive encoding"); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "value not in primitive encoding"); - return dissect_unknown_ber(actx->pinfo, tvb, seq_offset, pt); + proto_item* pi; + pt = proto_tree_add_subtree(pt_varbind, tvb, value_start, value_len, + ett_decoding_error, &pi, "the value must be in primitive encoding"); + expert_add_info(actx->pinfo, pi, &ei_snmp_value_not_primitive_encoding); + return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); } /* Now, we know where everithing is */ - - - /* we add the varbind tree root with a dummy label we'll fill later on */ - pi_varbind = proto_tree_add_text(tree,tvb,seq_offset,seq_len,"VarBind"); - pt_varbind = proto_item_add_subtree(pi_varbind,ett_varbind); - *label = '\0'; - - pi_name = proto_tree_add_item(pt_varbind,hf_snmp_objectname,tvb,name_offset,name_len,ENC_NA); - pt_name = proto_item_add_subtree(pi_name,ett_name); - /* fetch ObjectName and its relative oid_info */ - oid_bytes = (guint8*)ep_tvb_memdup(tvb, name_offset, name_len); - oid_info = oid_get_from_encoded(oid_bytes, name_len, &subids, &oid_matched, &oid_left); + oid_bytes = (guint8*)tvb_memdup(wmem_packet_scope(), tvb, name_offset, name_len); + oid_info = oid_get_from_encoded(wmem_packet_scope(), oid_bytes, name_len, &subids, &oid_matched, &oid_left); add_oid_debug_subtree(oid_info,pt_name); if (!subids) { proto_item* pi; - repr = oid_encoded2string(oid_bytes, name_len); - pi = proto_tree_add_text(pt_name,tvb, 0, 0, "invalid oid: %s", repr); - pt = proto_item_add_subtree(pi, ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "invalid oid: %s", repr); + repr = oid_encoded2string(wmem_packet_scope(), oid_bytes, name_len); + pt = proto_tree_add_subtree_format(pt_name,tvb, 0, 0, ett_decoding_error, &pi, "invalid oid: %s", repr); + expert_add_info_format(actx->pinfo, pi, &ei_snmp_invalid_oid, "invalid oid: %s", repr); return dissect_unknown_ber(actx->pinfo, tvb, name_offset, pt); } if (oid_matched+oid_left) { - oid_string = oid_subid2string(subids,oid_matched+oid_left); + oid_string = oid_subid2string(wmem_packet_scope(), subids,oid_matched+oid_left); } if (ber_class == BER_CLASS_CON) { @@ -523,15 +646,15 @@ dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, note = "endOfMibView"; break; default: { - pi = proto_tree_add_text(pt_varbind,tvb,0,0,"Wrong tag for Error Value: expected 0, 1, or 2 but got: %d",tag); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value"); + pt = proto_tree_add_subtree_format(pt_varbind,tvb,0,0,ett_decoding_error,&pi, + "Wrong tag for Error Value: expected 0, 1, or 2 but got: %d",tag); + expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_wrong_tag); return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); } } pi = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN); - expert_add_info_format(actx->pinfo, pi, PI_RESPONSE_CODE, PI_NOTE, "%s",note); + expert_add_info_format(actx->pinfo, pi, &ei_snmp_varbind_response, "%s",note); g_strlcpy (label, note, ITEM_LABEL_LENGTH); goto set_label; } @@ -539,25 +662,23 @@ dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, /* now we'll try to figure out which are the indexing sub-oids and whether the oid we know about is the one oid we have to use */ switch (oid_info->kind) { case OID_KIND_SCALAR: - if (oid_left == 1) { + if (oid_left == 1) { /* OK: we got the instance sub-id */ proto_tree_add_uint64(pt_name,hf_snmp_scalar_instance_index,tvb,name_offset,name_len,subids[oid_matched]); oid_info_is_ok = TRUE; goto indexing_done; - } else if (oid_left == 0) { + } else if (oid_left == 0) { if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) { /* unSpecified does not require an instance sub-id add the new value and get off the way! */ pi_value = proto_tree_add_item(pt_varbind,hf_snmp_unSpecified,tvb,value_offset,value_len,ENC_NA); goto set_label; } else { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have one instance sub-id this one has none"); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_no_instance_subid,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } } else { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value"); + proto_tree_add_expert_format(pt_name,actx->pinfo,&ei_snmp_wrong_num_of_subids,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left); oid_info_is_ok = FALSE; goto indexing_done; } @@ -580,16 +701,14 @@ dissect_snmp_VarBind(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, guint suboid_len; if (key_start >= oid_matched+oid_left) { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid shorter than expected"); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_too_short,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } switch(k->key_type) { case OID_KEY_TYPE_WRONG: { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"OID instaces not handled, if you want this implemented please contact the wireshark developers"); - expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_unimplemented_instance_index,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } @@ -620,20 +739,18 @@ show_oid_index: suboid = &(subids[key_start]); if( suboid_len == 0 ) { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"an index sub-oid OID cannot be 0 bytes long!"); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid OID with len=0"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_len0,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } if( key_len < suboid_len ) { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index sub-oid should not be longer than remaining oid size"); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index sub-oid longer than remaining oid size"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_too_long,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } - suboid_buf_len = oid_subid2encoded(suboid_len, suboid, &suboid_buf); + suboid_buf_len = oid_subid2encoded(wmem_packet_scope(), suboid_len, suboid, &suboid_buf); DISSECTOR_ASSERT(suboid_buf_len); @@ -674,13 +791,12 @@ show_oid_index: } if( key_len < buf_len ) { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"index string should not be longer than remaining oid size"); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "index string longer than remaining oid size"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_string_too_long,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } - buf = (guint8*)ep_alloc(buf_len+1); + buf = (guint8*)wmem_alloc(wmem_packet_scope(), buf_len+1); for (i = 0; i < buf_len; i++) buf[i] = (guint8)suboid[i]; buf[i] = '\0'; @@ -699,7 +815,7 @@ show_oid_index: proto_tree_add_ether(pt_name,k->hfid,tvb,name_offset,buf_len, buf); break; case OID_KEY_TYPE_IPADDR: { - guint32* ipv4_p = (void*)buf; + guint32* ipv4_p = (guint32*)buf; proto_tree_add_ipv4(pt_name,k->hfid,tvb,name_offset,buf_len, *ipv4_p); } break; @@ -716,20 +832,17 @@ show_oid_index: } goto indexing_done; } else { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"We do not know how to handle this OID, if you want this implemented please contact the wireshark developers"); - expert_add_info_format(actx->pinfo, pi, PI_UNDECODED, PI_WARN, "Unimplemented instance index"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_unimplemented_instance_index,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } } else { - proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"The COLUMS's parent is not a ROW. This is a BUG! please contact the wireshark developers."); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW"); + proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_column_parent_not_row,tvb,0,0); oid_info_is_ok = FALSE; goto indexing_done; } default: { -/* proto_item* pi = proto_tree_add_text(pt_name,tvb,0,0,"This kind OID should have no value"); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "This kind OID should have no value"); */ +/* proto_tree_add_expert (pt_name,actx->pinfo,PI_MALFORMED, PI_WARN,tvb,0,0,"This kind OID should have no value"); */ oid_info_is_ok = FALSE; goto indexing_done; } @@ -751,7 +864,7 @@ indexing_done: format_error = BER_WRONG_TAG; else { max_len = oid_info->value_type->max_len == -1 ? 0xffffff : oid_info->value_type->max_len; - min_len = oid_info->value_type->min_len; + min_len = oid_info->value_type->min_len; if ((int)value_len < min_len || (int)value_len > max_len) format_error = BER_WRONG_LENGTH; @@ -790,7 +903,11 @@ indexing_done: goto already_added; } case BER_CLASS_UNI|(BER_UNI_TAG_OCTETSTRING<<4): - hfid = hf_snmp_octetstring_value; + if(oid_info->value_hfid> -1){ + hfid = oid_info->value_hfid; + }else{ + hfid = hf_snmp_octetstring_value; + } break; case BER_CLASS_UNI|(BER_UNI_TAG_OID<<4): max_len = -1; min_len = 1; @@ -846,8 +963,7 @@ indexing_done: */ if (value_len > 9 || tvb_get_guint8(tvb, value_offset) != 0) { /* It is. Fail. */ - pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value too large"); - expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1"); + proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_uint_too_large,tvb,value_offset,value_len,"Integral value too large"); goto already_added; } /* Cheat and skip the leading 0 byte */ @@ -857,8 +973,7 @@ indexing_done: /* * For now, just reject these. */ - pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value too large or too small"); - expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63"); + proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_int_too_large,tvb,value_offset,value_len,"Integral value too large or too small"); goto already_added; } } else if (value_len == 0) { @@ -872,24 +987,26 @@ indexing_done: */ header_field_info *hfinfo = proto_registrar_get_nth(hfid); if (hfinfo->type == FT_UINT64 || hfinfo->type == FT_INT64) { - pi_value = proto_tree_add_text(pt_varbind,tvb,value_offset,value_len,"Integral value is zero-length"); - expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Integral value is zero-length"); + proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_integral_value0,tvb,value_offset,value_len,"Integral value is zero-length"); goto already_added; } } - pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN); + /* Special case DATE AND TIME */ + if((oid_info->value_type)&&(oid_info->value_type->keytype == OID_KEY_TYPE_DATE_AND_TIME)&&(value_len > 7)){ + pi_value = dissect_snmp_variable_date_and_time(pt_varbind, hfid, tvb, value_offset, value_len); + }else{ + pi_value = proto_tree_add_item(pt_varbind,hfid,tvb,value_offset,value_len,ENC_BIG_ENDIAN); + } if (format_error != BER_NO_ERROR) { - expert_add_info_format(actx->pinfo, pi_value, PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB"); + expert_add_info(actx->pinfo, pi_value, &ei_snmp_missing_mib); } -already_added: - oid_info_is_ok = FALSE; } - +already_added: pt_value = proto_item_add_subtree(pi_value,ett_value); if (value_len > 0 && oid_string) { - tvbuff_t* sub_tvb = tvb_new_subset(tvb, value_offset, value_len, value_len); + tvbuff_t* sub_tvb = tvb_new_subset_length(tvb, value_offset, value_len); next_tvb_add_string(&var_list, sub_tvb, (snmp_var_in_tree) ? pt_value : NULL, value_sub_dissectors_table, oid_string); } @@ -900,21 +1017,21 @@ set_label: if (oid_info && oid_info->name) { if (oid_left >= 1) { - repr = ep_strdup_printf("%s.%s (%s)", oid_info->name, - oid_subid2string(&(subids[oid_matched]),oid_left), - oid_subid2string(subids,oid_matched+oid_left)); - info_oid = ep_strdup_printf("%s.%s", oid_info->name, - oid_subid2string(&(subids[oid_matched]),oid_left)); + repr = wmem_strdup_printf(wmem_packet_scope(), "%s.%s (%s)", oid_info->name, + oid_subid2string(wmem_packet_scope(), &(subids[oid_matched]),oid_left), + oid_subid2string(wmem_packet_scope(), subids,oid_matched+oid_left)); + info_oid = wmem_strdup_printf(wmem_packet_scope(), "%s.%s", oid_info->name, + oid_subid2string(wmem_packet_scope(), &(subids[oid_matched]),oid_left)); } else { - repr = ep_strdup_printf("%s (%s)", oid_info->name, - oid_subid2string(subids,oid_matched)); + repr = wmem_strdup_printf(wmem_packet_scope(), "%s (%s)", oid_info->name, + oid_subid2string(wmem_packet_scope(), subids,oid_matched)); info_oid = oid_info->name; } } else if (oid_string) { - repr = ep_strdup(oid_string); + repr = wmem_strdup(wmem_packet_scope(), oid_string); info_oid = oid_string; } else { - repr = ep_strdup("[Bad OID]"); + repr = wmem_strdup(wmem_packet_scope(), "[Bad OID]"); } valstr = strstr(label,": "); @@ -923,25 +1040,27 @@ set_label: proto_item_set_text(pi_varbind,"%s: %s",repr,valstr); if (display_oid && info_oid) { - col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid); + col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %s", info_oid); } switch (format_error) { case BER_WRONG_LENGTH: { + proto_item* pi; proto_tree* p_tree = proto_item_add_subtree(pi_value,ett_decoding_error); - proto_item* pi = proto_tree_add_text(p_tree,tvb,0,0,"Wrong value length: %u expecting: %u <= len <= %u", + pt = proto_tree_add_subtree_format(p_tree,tvb,0,0,ett_decoding_error,&pi, + "Wrong value length: %u expecting: %u <= len <= %u", value_len, min_len, max_len == -1 ? 0xFFFFFF : max_len); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value"); + expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_wrong_length_value); return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); } case BER_WRONG_TAG: { + proto_item* pi; proto_tree* p_tree = proto_item_add_subtree(pi_value,ett_decoding_error); - proto_item* pi = proto_tree_add_text(p_tree,tvb,0,0,"Wrong class/tag for Value expected: %d,%d got: %d,%d", + pt = proto_tree_add_subtree_format(p_tree,tvb,0,0,ett_decoding_error,&pi, + "Wrong class/tag for Value expected: %d,%d got: %d,%d", oid_info->value_type->ber_class, oid_info->value_type->ber_tag, ber_class, tag); - pt = proto_item_add_subtree(pi,ett_decoding_error); - expert_add_info_format(actx->pinfo, pi, PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value"); + expert_add_info(actx->pinfo, pi, &ei_snmp_varbind_wrong_class_tag); return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); } default: @@ -957,8 +1076,8 @@ set_label: #define SNMP_ENGINEID_RFC3411 0x01 static const true_false_string tfs_snmp_engineid_conform = { - "RFC3411 (SNMPv3)", - "RFC1910 (Non-SNMPv3)" + "RFC3411 (SNMPv3)", + "RFC1910 (Non-SNMPv3)" }; #define SNMP_ENGINEID_FORMAT_IPV4 0x01 @@ -973,7 +1092,7 @@ static const value_string snmp_engineid_format_vals[] = { { SNMP_ENGINEID_FORMAT_MACADDRESS, "MAC address" }, { SNMP_ENGINEID_FORMAT_TEXT, "Text, administratively assigned" }, { SNMP_ENGINEID_FORMAT_OCTETS, "Octets, administratively assigned" }, - { 0, NULL } + { 0, NULL } }; #define SNMP_ENGINEID_CISCO_AGENT 0x00 @@ -990,135 +1109,134 @@ static const value_string snmp_engineid_cisco_type_vals[] = { * or historic RFC 1910 (AgentID) */ int -dissect_snmp_engineid(proto_tree *tree, tvbuff_t *tvb, int offset, int len) +dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int offset, int len) { - proto_item *item = NULL; - guint8 conformance, format; - guint32 enterpriseid, seconds; - nstime_t ts; - int len_remain = len; - - /* first bit: engine id conformance */ - if (len_remain<1) return offset; - conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01); - proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN); - - /* 4-byte enterprise number/name */ - if (len_remain<4) return offset; - enterpriseid = tvb_get_ntohl(tvb, offset); - if (conformance) - enterpriseid -= 0x80000000; /* ignore first bit */ - proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid); - offset+=4; - len_remain-=4; - - switch(conformance) { - - case SNMP_ENGINEID_RFC1910: - /* 12-byte AgentID w/ 8-byte trailer */ - if (len_remain==8) { - proto_tree_add_text(tree, tvb, offset, 8, "AgentID Trailer: 0x%s", - tvb_bytes_to_str(tvb, offset, 8)); - offset+=8; - len_remain-=8; - } else { - proto_tree_add_text(tree, tvb, offset, len_remain, ""); - return offset; - } - break; - - case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */ - - /* 1-byte format specifier */ - if (len_remain<1) return offset; - format = tvb_get_guint8(tvb, offset); - item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)", - val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format); - offset+=1; - len_remain-=1; - - switch(format) { - case SNMP_ENGINEID_FORMAT_IPV4: - /* 4-byte IPv4 address */ - if (len_remain==4) { - proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN); - offset+=4; - len_remain=0; - } - break; - case SNMP_ENGINEID_FORMAT_IPV6: - /* 16-byte IPv6 address */ - if (len_remain==16) { - proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA); - offset+=16; - len_remain=0; - } - break; - case SNMP_ENGINEID_FORMAT_MACADDRESS: - /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */ - if ((enterpriseid==9)&&(len_remain==7)) { - proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN); - offset++; - len_remain--; - } - /* 6-byte MAC address */ - if (len_remain==6) { - proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA); - offset+=6; - len_remain=0; - } - break; - case SNMP_ENGINEID_FORMAT_TEXT: - /* max. 27-byte string, administratively assigned */ - if (len_remain<=27) { - proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA); - offset+=len_remain; - len_remain=0; - } - break; - case 128: - /* most common enterprise-specific format: (ucd|net)-snmp random */ - if ((enterpriseid==2021)||(enterpriseid==8072)) { - proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random"); - /* demystify: 4B random, 4B epoch seconds */ - if (len_remain==8) { - proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA); - seconds = tvb_get_letohl(tvb, offset+4); - ts.secs = seconds; - ts.nsecs = 0; - proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4, - &ts, "%s", - abs_time_secs_to_str(seconds, ABSOLUTE_TIME_LOCAL, TRUE)); - offset+=8; - len_remain=0; - } - break; + proto_item *item = NULL; + guint8 conformance, format; + guint32 enterpriseid, seconds; + nstime_t ts; + int len_remain = len; + + /* first bit: engine id conformance */ + if (len_remain<1) return offset; + conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01); + proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN); + + /* 4-byte enterprise number/name */ + if (len_remain<4) return offset; + enterpriseid = tvb_get_ntohl(tvb, offset); + if (conformance) + enterpriseid -= 0x80000000; /* ignore first bit */ + proto_tree_add_uint(tree, hf_snmp_engineid_enterprise, tvb, offset, 4, enterpriseid); + offset+=4; + len_remain-=4; + + switch(conformance) { + + case SNMP_ENGINEID_RFC1910: + /* 12-byte AgentID w/ 8-byte trailer */ + if (len_remain==8) { + proto_tree_add_item(tree, hf_snmp_agentid_trailer, tvb, offset, 8, ENC_NA); + offset+=8; + len_remain-=8; + } else { + proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc1910_non_conformant, tvb, offset, len_remain); + return offset; + } + break; + + case SNMP_ENGINEID_RFC3411: /* variable length: 5..32 */ + + /* 1-byte format specifier */ + if (len_remain<1) return offset; + format = tvb_get_guint8(tvb, offset); + item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)", + val_to_str(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format); + offset+=1; + len_remain-=1; + + switch(format) { + case SNMP_ENGINEID_FORMAT_IPV4: + /* 4-byte IPv4 address */ + if (len_remain==4) { + proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN); + offset+=4; + len_remain=0; + } + break; + case SNMP_ENGINEID_FORMAT_IPV6: + /* 16-byte IPv6 address */ + if (len_remain==16) { + proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA); + offset+=16; + len_remain=0; + } + break; + case SNMP_ENGINEID_FORMAT_MACADDRESS: + /* See: https://supportforums.cisco.com/message/3010617#3010617 for details. */ + if ((enterpriseid==9)&&(len_remain==7)) { + proto_tree_add_item(tree, hf_snmp_engineid_cisco_type, tvb, offset, 1, ENC_BIG_ENDIAN); + offset++; + len_remain--; + } + /* 6-byte MAC address */ + if (len_remain==6) { + proto_tree_add_item(tree, hf_snmp_engineid_mac, tvb, offset, 6, ENC_NA); + offset+=6; + len_remain=0; + } + break; + case SNMP_ENGINEID_FORMAT_TEXT: + /* max. 27-byte string, administratively assigned */ + if (len_remain<=27) { + proto_tree_add_item(tree, hf_snmp_engineid_text, tvb, offset, len_remain, ENC_ASCII|ENC_NA); + offset+=len_remain; + len_remain=0; + } + break; + case 128: + /* most common enterprise-specific format: (ucd|net)-snmp random */ + if ((enterpriseid==2021)||(enterpriseid==8072)) { + proto_item_append_text(item, (enterpriseid==2021) ? ": UCD-SNMP Random" : ": Net-SNMP Random"); + /* demystify: 4B random, 4B epoch seconds */ + if (len_remain==8) { + proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, 4, ENC_NA); + seconds = tvb_get_letohl(tvb, offset+4); + ts.secs = seconds; + ts.nsecs = 0; + proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset+4, 4, + &ts, "%s", + abs_time_secs_to_str(wmem_packet_scope(), seconds, ABSOLUTE_TIME_LOCAL, TRUE)); + offset+=8; + len_remain=0; + } + break; + } + /* fall through */ + case SNMP_ENGINEID_FORMAT_OCTETS: + default: + /* max. 27 bytes, administratively assigned or unknown format */ + if (len_remain<=27) { + proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA); + offset+=len_remain; + len_remain=0; + } + break; + } } - /* fall through */ - case SNMP_ENGINEID_FORMAT_OCTETS: - default: - /* max. 27 bytes, administratively assigned or unknown format */ - if (len_remain<=27) { - proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA); - offset+=len_remain; - len_remain=0; + + if (len_remain>0) { + proto_tree_add_expert(tree, pinfo, &ei_snmp_rfc3411_non_conformant, tvb, offset, len_remain); + offset+=len_remain; } - break; - } - } - - if (len_remain>0) { - proto_tree_add_text(tree, tvb, offset, len_remain, ""); - offset+=len_remain; - } - return offset; + return offset; } static void set_ue_keys(snmp_ue_assoc_t* n ) { guint key_size = n->user.authModel->key_size; - n->user.authKey.data = (guint8 *)se_alloc(key_size); + n->user.authKey.data = (guint8 *)g_malloc(key_size); n->user.authKey.len = key_size; n->user.authModel->pass2key(n->user.authPassword.data, n->user.authPassword.len, @@ -1126,37 +1244,74 @@ static void set_ue_keys(snmp_ue_assoc_t* n ) { n->engine.len, n->user.authKey.data); - n->user.privKey.data = (guint8 *)se_alloc(key_size); - n->user.privKey.len = key_size; - n->user.authModel->pass2key(n->user.privPassword.data, - n->user.privPassword.len, - n->engine.data, - n->engine.len, - n->user.privKey.data); + if (n->priv_proto == PRIV_AES128 || n->priv_proto == PRIV_AES192 || n->priv_proto == PRIV_AES256) { + guint need_key_len = + (n->priv_proto == PRIV_AES128) ? 16 : + (n->priv_proto == PRIV_AES192) ? 24 : + (n->priv_proto == PRIV_AES256) ? 32 : + 0; + + guint key_len = key_size; + + while (key_len < need_key_len) + key_len += key_size; + + n->user.privKey.data = (guint8 *)g_malloc(key_len); + n->user.privKey.len = need_key_len; + + n->user.authModel->pass2key(n->user.privPassword.data, + n->user.privPassword.len, + n->engine.data, + n->engine.len, + n->user.privKey.data); + + key_len = key_size; + + /* extend key if needed */ + while (key_len < need_key_len) { + n->user.authModel->pass2key( + n->user.privKey.data, + key_len, + n->engine.data, + n->engine.len, + n->user.privKey.data + key_len); + + key_len += key_size; + } + + } else { + n->user.privKey.data = (guint8 *)g_malloc(key_size); + n->user.privKey.len = key_size; + n->user.authModel->pass2key(n->user.privPassword.data, + n->user.privPassword.len, + n->engine.data, + n->engine.len, + n->user.privKey.data); + } } static snmp_ue_assoc_t* -ue_se_dup(snmp_ue_assoc_t* o) +ue_dup(snmp_ue_assoc_t* o) { - snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)se_memdup(o,sizeof(snmp_ue_assoc_t)); + snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)g_memdup(o,sizeof(snmp_ue_assoc_t)); d->user.authModel = o->user.authModel; d->user.privProtocol = o->user.privProtocol; - d->user.userName.data = (guint8 *)se_memdup(o->user.userName.data,o->user.userName.len); + d->user.userName.data = (guint8 *)g_memdup(o->user.userName.data,o->user.userName.len); d->user.userName.len = o->user.userName.len; - d->user.authPassword.data = o->user.authPassword.data ? (guint8 *)se_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL; + d->user.authPassword.data = o->user.authPassword.data ? (guint8 *)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL; d->user.authPassword.len = o->user.authPassword.len; - d->user.privPassword.data = o->user.privPassword.data ? (guint8 *)se_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL; + d->user.privPassword.data = o->user.privPassword.data ? (guint8 *)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL; d->user.privPassword.len = o->user.privPassword.len; d->engine.len = o->engine.len; if (d->engine.len) { - d->engine.data = (guint8 *)se_memdup(o->engine.data,o->engine.len); + d->engine.data = (guint8 *)g_memdup(o->engine.data,o->engine.len); set_ue_keys(d); } @@ -1164,39 +1319,161 @@ ue_se_dup(snmp_ue_assoc_t* o) } +static void* +snmp_users_copy_cb(void* dest, const void* orig, size_t len _U_) +{ + const snmp_ue_assoc_t* o = (const snmp_ue_assoc_t*)orig; + snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)dest; + + d->auth_model = o->auth_model; + d->user.authModel = auth_models[o->auth_model]; -#define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; } + d->priv_proto = o->priv_proto; + d->user.privProtocol = priv_protos[o->priv_proto]; + + d->user.userName.data = (guint8*)g_memdup(o->user.userName.data,o->user.userName.len); + d->user.userName.len = o->user.userName.len; + + d->user.authPassword.data = o->user.authPassword.data ? (guint8*)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL; + d->user.authPassword.len = o->user.authPassword.len; + + d->user.privPassword.data = o->user.privPassword.data ? (guint8*)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL; + d->user.privPassword.len = o->user.privPassword.len; + + d->engine.len = o->engine.len; + if (o->engine.data) { + d->engine.data = (guint8*)g_memdup(o->engine.data,o->engine.len); + } + + d->user.authKey.data = o->user.authKey.data ? (guint8*)g_memdup(o->user.authKey.data,o->user.authKey.len) : NULL; + d->user.authKey.len = o->user.authKey.len; + + d->user.privKey.data = o->user.privKey.data ? (guint8*)g_memdup(o->user.privKey.data,o->user.privKey.len) : NULL; + d->user.privKey.len = o->user.privKey.len; + + return d; +} static void -renew_ue_cache(void) +snmp_users_free_cb(void* p) { - localized_ues = NULL; - unlocalized_ues = NULL; + snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p; + g_free(ue->user.userName.data); + g_free(ue->user.authPassword.data); + g_free(ue->user.privPassword.data); + g_free(ue->user.authKey.data); + g_free(ue->user.privKey.data); + g_free(ue->engine.data); +} - if (num_ueas) { - guint i; +static gboolean +snmp_users_update_cb(void* p _U_, char** err) +{ + snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p; + GString* es = g_string_new(""); + unsigned int i; - for(i = 0; i < num_ueas; i++) { - snmp_ue_assoc_t* a = ue_se_dup(&(ueas[i])); + *err = NULL; - if (a->engine.len) { - CACHE_INSERT(localized_ues,a); + if (num_ueas == 0) + /* Nothing to update */ + return FALSE; - } else { - CACHE_INSERT(unlocalized_ues,a); + if (! ue->user.userName.len) + g_string_append_printf(es,"no userName\n"); + + for (i=0; iengine.len > 0) && (u->engine.len < 5 || u->engine.len > 32)) { + g_string_append_printf(es, "Invalid engineId length (%u). Must be between 5 and 32 (10 and 64 hex digits)\n", u->engine.len); + } + + + if ( u->user.userName.len == ue->user.userName.len + && u->engine.len == ue->engine.len && (u != ue)) { + + if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) { + if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) { + /* XXX: make a string for the engineId */ + g_string_append_printf(es,"Duplicate key (userName='%s')\n",ue->user.userName.data); + } } + if (u->engine.len == 0) { + if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) { + g_string_append_printf(es,"Duplicate key (userName='%s' engineId=NONE)\n",ue->user.userName.data); + } + } } } + + if (es->len) { + es = g_string_truncate(es,es->len-1); + *err = g_string_free(es, FALSE); + return FALSE; + } + + return TRUE; +} + +static void +free_ue_cache(snmp_ue_assoc_t **cache) +{ + static snmp_ue_assoc_t *a, *nxt; + + for (a = *cache; a; a = nxt) { + nxt = a->next; + snmp_users_free_cb(a); + g_free(a); + } + + *cache = NULL; +} + +#define CACHE_INSERT(c,a) if (c) { snmp_ue_assoc_t* t = c; c = a; c->next = t; } else { c = a; a->next = NULL; } + +static void +init_ue_cache(void) +{ + guint i; + + for (i = 0; i < num_ueas; i++) { + snmp_ue_assoc_t* a = ue_dup(&(ueas[i])); + + if (a->engine.len) { + CACHE_INSERT(localized_ues,a); + + } else { + CACHE_INSERT(unlocalized_ues,a); + } + + } +} + +static void +cleanup_ue_cache(void) +{ + free_ue_cache(&localized_ues); + free_ue_cache(&unlocalized_ues); +} + +/* Called when the user applies changes to UAT preferences. */ +static void +renew_ue_cache(void) +{ + cleanup_ue_cache(); + init_ue_cache(); } static snmp_ue_assoc_t* localize_ue( snmp_ue_assoc_t* o, const guint8* engine, guint engine_len ) { - snmp_ue_assoc_t* n = (snmp_ue_assoc_t*)se_memdup(o,sizeof(snmp_ue_assoc_t)); + snmp_ue_assoc_t* n = (snmp_ue_assoc_t*)g_memdup(o,sizeof(snmp_ue_assoc_t)); - n->engine.data = (guint8*)se_memdup(engine,engine_len); + n->engine.data = (guint8*)g_memdup(engine,engine_len); n->engine.len = engine_len; set_ue_keys(n); @@ -1227,11 +1504,11 @@ get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb) if (! ( user_tvb && engine_tvb ) ) return NULL; - given_username_len = tvb_length(user_tvb); - given_engine_len = tvb_length(engine_tvb); + given_username_len = tvb_captured_length(user_tvb); + given_engine_len = tvb_captured_length(engine_tvb); if (! ( given_engine_len && given_username_len ) ) return NULL; - given_username = (guint8*)ep_tvb_memdup(user_tvb,0,-1); - given_engine = (guint8*)ep_tvb_memdup(engine_tvb,0,-1); + given_username = (guint8*)tvb_memdup(wmem_packet_scope(),user_tvb,0,-1); + given_engine = (guint8*)tvb_memdup(wmem_packet_scope(),engine_tvb,0,-1); for (a = localized_ues; a; a = a->next) { if ( localized_match(a, given_username, given_username_len, given_engine, given_engine_len) ) { @@ -1278,22 +1555,22 @@ snmp_usm_auth_md5(snmp_usm_params_t* p, guint8** calc_auth_p, guint* calc_auth_l } - auth_len = tvb_length_remaining(p->auth_tvb,0); + auth_len = tvb_captured_length(p->auth_tvb); if (auth_len != 12) { *error = "Authenticator length wrong"; return FALSE; } - msg_len = tvb_length_remaining(p->msg_tvb,0); + msg_len = tvb_captured_length(p->msg_tvb); if (msg_len <= 0) { *error = "Not enough data remaining"; return FALSE; } - msg = (guint8*)ep_tvb_memdup(p->msg_tvb,0,msg_len); + msg = (guint8*)tvb_memdup(wmem_packet_scope(),p->msg_tvb,0,msg_len); - auth = (guint8*)ep_tvb_memdup(p->auth_tvb,0,auth_len); + auth = (guint8*)tvb_memdup(wmem_packet_scope(),p->auth_tvb,0,auth_len); start = p->auth_offset - p->start_offset; end = start + auth_len; @@ -1303,7 +1580,7 @@ snmp_usm_auth_md5(snmp_usm_params_t* p, guint8** calc_auth_p, guint* calc_auth_l msg[i] = '\0'; } - calc_auth = (guint8*)ep_alloc(16); + calc_auth = (guint8*)wmem_alloc(wmem_packet_scope(), 16); md5_hmac(msg, msg_len, key, key_len, calc_auth); @@ -1315,7 +1592,7 @@ snmp_usm_auth_md5(snmp_usm_params_t* p, guint8** calc_auth_p, guint* calc_auth_l static gboolean -snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_) +snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_auth_len_p, gchar const** error _U_) { gint msg_len; guint8* msg; @@ -1342,7 +1619,7 @@ snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_a } - auth_len = tvb_length_remaining(p->auth_tvb,0); + auth_len = tvb_captured_length(p->auth_tvb); if (auth_len != 12) { @@ -1350,14 +1627,14 @@ snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_a return FALSE; } - msg_len = tvb_length_remaining(p->msg_tvb,0); + msg_len = tvb_captured_length(p->msg_tvb); if (msg_len <= 0) { *error = "Not enough data remaining"; return FALSE; } - msg = (guint8*)ep_tvb_memdup(p->msg_tvb,0,msg_len); + msg = (guint8*)tvb_memdup(wmem_packet_scope(),p->msg_tvb,0,msg_len); - auth = (guint8*)ep_tvb_memdup(p->auth_tvb,0,auth_len); + auth = (guint8*)tvb_memdup(wmem_packet_scope(),p->auth_tvb,0,auth_len); start = p->auth_offset - p->start_offset; end = start + auth_len; @@ -1367,7 +1644,7 @@ snmp_usm_auth_sha1(snmp_usm_params_t* p _U_, guint8** calc_auth_p, guint* calc_a msg[i] = '\0'; } - calc_auth = (guint8*)ep_alloc(20); + calc_auth = (guint8*)wmem_alloc(wmem_packet_scope(), SHA1_DIGEST_LEN); sha1_hmac(key, key_len, msg, msg_len, calc_auth); @@ -1381,8 +1658,8 @@ static tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_) { #ifdef HAVE_LIBGCRYPT - gcry_error_t err; - gcry_cipher_hd_t hd = NULL; + gcry_error_t err; + gcry_cipher_hd_t hd = NULL; guint8* cleartext; guint8* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */ @@ -1396,14 +1673,14 @@ snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar c guint i; - salt_len = tvb_length_remaining(p->priv_tvb,0); + salt_len = tvb_captured_length(p->priv_tvb); - if (salt_len != 8) { + if (salt_len != 8) { *error = "decryptionError: msgPrivacyParameters length != 8"; return NULL; } - salt = (guint8*)ep_tvb_memdup(p->priv_tvb,0,salt_len); + salt = (guint8*)tvb_memdup(wmem_packet_scope(),p->priv_tvb,0,salt_len); /* The resulting "salt" is XOR-ed with the pre-IV to obtain the IV. @@ -1412,16 +1689,16 @@ snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar c iv[i] = pre_iv[i] ^ salt[i]; } - cryptgrm_len = tvb_length_remaining(encryptedData,0); + cryptgrm_len = tvb_captured_length(encryptedData); if ((cryptgrm_len <= 0) || (cryptgrm_len % 8)) { *error = "decryptionError: the length of the encrypted data is not a mutiple of 8 octets"; return NULL; } - cryptgrm = (guint8*)ep_tvb_memdup(encryptedData,0,-1); + cryptgrm = (guint8*)tvb_memdup(wmem_packet_scope(),encryptedData,0,-1); - cleartext = (guint8*)ep_alloc(cryptgrm_len); + cleartext = (guint8*)g_malloc(cryptgrm_len); err = gcry_cipher_open(&hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0); if (err != GPG_ERR_NO_ERROR) goto on_gcry_error; @@ -1438,11 +1715,13 @@ snmp_usm_priv_des(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar c gcry_cipher_close(hd); clear_tvb = tvb_new_child_real_data(encryptedData, cleartext, cryptgrm_len, cryptgrm_len); + tvb_set_free_cb(clear_tvb, g_free); return clear_tvb; on_gcry_error: - *error = (void*)gpg_strerror(err); + g_free(cleartext); + *error = (const gchar *)gpg_strerror(err); if (hd) gcry_cipher_close(hd); return NULL; #else @@ -1451,25 +1730,25 @@ on_gcry_error: #endif } +#ifdef HAVE_LIBGCRYPT static tvbuff_t* -snmp_usm_priv_aes(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error _U_) +snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, gchar const** error, int algo) { -#ifdef HAVE_LIBGCRYPT gcry_error_t err; gcry_cipher_hd_t hd = NULL; - int gcry_algo = GCRY_CIPHER_AES; guint8* cleartext; - guint8* aes_key = p->user_assoc->user.privKey.data; /* first 16 bytes */ + guint8* aes_key = p->user_assoc->user.privKey.data; + int aes_key_len = p->user_assoc->user.privKey.len; guint8 iv[16]; gint priv_len; gint cryptgrm_len; guint8* cryptgrm; tvbuff_t* clear_tvb; - priv_len = tvb_length_remaining(p->priv_tvb,0); + priv_len = tvb_captured_length(p->priv_tvb); - if (priv_len != 8) { + if (priv_len != 8) { *error = "decryptionError: msgPrivacyParameters length != 8"; return NULL; } @@ -1478,38 +1757,28 @@ snmp_usm_priv_aes(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar c iv[1] = (p->boots & 0x00ff0000) >> 16; iv[2] = (p->boots & 0x0000ff00) >> 8; iv[3] = (p->boots & 0x000000ff); - iv[4] = (p->time & 0xff000000) >> 24; - iv[5] = (p->time & 0x00ff0000) >> 16; - iv[6] = (p->time & 0x0000ff00) >> 8; - iv[7] = (p->time & 0x000000ff); + iv[4] = (p->snmp_time & 0xff000000) >> 24; + iv[5] = (p->snmp_time & 0x00ff0000) >> 16; + iv[6] = (p->snmp_time & 0x0000ff00) >> 8; + iv[7] = (p->snmp_time & 0x000000ff); tvb_memcpy(p->priv_tvb,&(iv[8]),0,8); - cryptgrm_len = tvb_length_remaining(encryptedData,0); + cryptgrm_len = tvb_captured_length(encryptedData); if (cryptgrm_len <= 0) { *error = "Not enough data remaining"; return NULL; } - cryptgrm = (guint8*)ep_tvb_memdup(encryptedData,0,-1); - - cleartext = (guint8*)ep_alloc(cryptgrm_len); + cryptgrm = (guint8*)tvb_memdup(wmem_packet_scope(),encryptedData,0,-1); - switch(snmp_decryption_algo) - { - case 0: - gcry_algo = GCRY_CIPHER_AES; - break; - case 1: - gcry_algo = GCRY_CIPHER_AES256; - break; - } + cleartext = (guint8*)g_malloc(cryptgrm_len); - err = gcry_cipher_open(&hd, gcry_algo, GCRY_CIPHER_MODE_CFB, 0); + err = gcry_cipher_open(&hd, algo, GCRY_CIPHER_MODE_CFB, 0); if (err != GPG_ERR_NO_ERROR) goto on_gcry_error; err = gcry_cipher_setiv(hd, iv, 16); if (err != GPG_ERR_NO_ERROR) goto on_gcry_error; - err = gcry_cipher_setkey(hd,aes_key,16); + err = gcry_cipher_setkey(hd,aes_key,aes_key_len); if (err != GPG_ERR_NO_ERROR) goto on_gcry_error; err = gcry_cipher_decrypt(hd, cleartext, cryptgrm_len, cryptgrm, cryptgrm_len); @@ -1518,21 +1787,52 @@ snmp_usm_priv_aes(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar c gcry_cipher_close(hd); clear_tvb = tvb_new_child_real_data(encryptedData, cleartext, cryptgrm_len, cryptgrm_len); + tvb_set_free_cb(clear_tvb, g_free); return clear_tvb; on_gcry_error: - *error = (void*)gpg_strerror(err); + g_free(cleartext); + *error = (const gchar *)gpg_strerror(err); if (hd) gcry_cipher_close(hd); return NULL; +} +#endif + +static tvbuff_t* +snmp_usm_priv_aes128(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error) +{ +#ifdef HAVE_LIBGCRYPT + return snmp_usm_priv_aes_common(p, encryptedData, error, GCRY_CIPHER_AES); #else *error = "libgcrypt not present, cannot decrypt"; return NULL; #endif } +static tvbuff_t* +snmp_usm_priv_aes192(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error) +{ +#ifdef HAVE_LIBGCRYPT + return snmp_usm_priv_aes_common(p, encryptedData, error, GCRY_CIPHER_AES192); +#else + *error = "libgcrypt not present, cannot decrypt"; + return NULL; +#endif +} + +static tvbuff_t* +snmp_usm_priv_aes256(snmp_usm_params_t* p _U_, tvbuff_t* encryptedData _U_, gchar const** error) +{ +#ifdef HAVE_LIBGCRYPT + return snmp_usm_priv_aes_common(p, encryptedData, error, GCRY_CIPHER_AES256); +#else + *error = "libgcrypt not present, cannot decrypt"; + return NULL; +#endif +} -gboolean +static gboolean check_ScopedPdu(tvbuff_t* tvb) { int offset; @@ -1605,7 +1905,7 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, usm_p.authenticated = FALSE; usm_p.encrypted = FALSE; usm_p.boots = 0; - usm_p.time = 0; + usm_p.snmp_time = 0; usm_p.authOK = FALSE; /* @@ -1617,7 +1917,7 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, * have that routine deal with ASN.1, and just use * "tcp_dissect_pdus()"?) */ - length_remaining = tvb_ensure_length_remaining(tvb, offset); + length_remaining = tvb_ensure_captured_length_remaining(tvb, offset); /* NOTE: we have to parse the message piece by piece, since the * capture length may be less than the message length: a 'global' @@ -1662,14 +1962,13 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, * OK, try to read the "Sequence Of" header; this gets the total * length of the SNMP message. */ - /* Set tree to 0 to not display internal BER fields if option used.*/ - offset = dissect_ber_identifier(pinfo, 0, tvb, offset, &ber_class, &pc, &tag); + offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); /*Get the total octet length of the SNMP data*/ - offset = dissect_ber_length(pinfo, 0, tvb, offset, &len, &ind); + offset = get_ber_length(tvb, offset, &len, &ind); message_length = len + offset; /*Get the SNMP version data*/ - offset = dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version); + /*offset =*/ dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version); /* @@ -1702,14 +2001,10 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, next_tvb_init(&var_list); - col_set_str(pinfo->cinfo, COL_PROTOCOL, - proto_get_protocol_short_name(find_protocol_by_id(proto))); + col_set_str(pinfo->cinfo, COL_PROTOCOL, proto_get_protocol_short_name(find_protocol_by_id(proto))); - if (tree) { - item = proto_tree_add_item(tree, proto, tvb, start_offset, - message_length, ENC_BIG_ENDIAN); - snmp_tree = proto_item_add_subtree(item, ett); - } + item = proto_tree_add_item(tree, proto, tvb, start_offset, message_length, ENC_BIG_ENDIAN); + snmp_tree = proto_item_add_subtree(item, ett); switch (version) { case 0: /* v1 */ @@ -1729,7 +2024,7 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, * if this is SNMP-over-TCP, our caller thinks there's * nothing left to dissect. */ - proto_tree_add_text(snmp_tree, tvb, offset, -1,"Unknown version"); + expert_add_info(pinfo, item, &ei_snmp_version_unknown); return length_remaining; break; } @@ -1750,7 +2045,7 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, static gint dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) { - conversation_t *conversation; + conversation_t *conversation; int offset; gint8 tmp_class; gboolean tmp_pc; @@ -1814,13 +2109,13 @@ dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_ * wildcarded, and give it the SNMP dissector as a dissector. */ if (pinfo->destport == UDP_PORT_SNMP) { - conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP, + conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP, pinfo->srcport, 0, NO_PORT_B); - if( (conversation == NULL) || (conversation->dissector_handle!=snmp_handle) ) { - conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP, + if( (conversation == NULL) || (conversation_get_dissector(conversation, pinfo->fd->num)!=snmp_handle) ) { + conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP, pinfo->srcport, 0, NO_PORT2); - conversation_set_dissector(conversation, snmp_handle); - } + conversation_set_dissector(conversation, snmp_handle); + } } return dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, FALSE); @@ -1833,8 +2128,7 @@ dissect_snmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) guint message_len; while (tvb_reported_length_remaining(tvb, offset) > 0) { - message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree, - proto_snmp, ett_snmp, TRUE); + message_len = dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, TRUE); if (message_len == 0) { /* * We don't have all the data for that message, @@ -1847,8 +2141,8 @@ dissect_snmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) } } -static void -dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +static int +dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) { proto_tree *smux_tree = NULL; proto_item *item = NULL; @@ -1857,12 +2151,10 @@ dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMUX"); - if (tree) { - item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA); - smux_tree = proto_item_add_subtree(item, ett_smux); - } + item = proto_tree_add_item(tree, proto_smux, tvb, 0, -1, ENC_NA); + smux_tree = proto_item_add_subtree(item, ett_smux); - dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree); + return dissect_SMUX_PDUs_PDU(tvb, pinfo, smux_tree, data); } @@ -1872,13 +2164,13 @@ dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) */ static void snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen, - const guint8 *engineID, guint engineLength, + const guint8 *engineID, guint engineLength, guint8 *key) { - md5_state_t MD; - guint8 *cp, password_buf[64]; - guint32 password_index = 0; - guint32 count = 0, i; + md5_state_t MD; + guint8 *cp, password_buf[64]; + guint32 password_index = 0; + guint32 count = 0, i; guint8 key1[16]; md5_init(&MD); /* initialize MD5 */ @@ -1887,17 +2179,21 @@ snmp_usm_password_to_key_md5(const guint8 *password, guint passwordlen, /**********************************************/ while (count < 1048576) { cp = password_buf; - for (i = 0; i < 64; i++) { - /*************************************************/ - /* Take the next octet of the password, wrapping */ - /* to the beginning of the password as necessary.*/ - /*************************************************/ - *cp++ = password[password_index++ % passwordlen]; + if (passwordlen != 0) { + for (i = 0; i < 64; i++) { + /*************************************************/ + /* Take the next octet of the password, wrapping */ + /* to the beginning of the password as necessary.*/ + /*************************************************/ + *cp++ = password[password_index++ % passwordlen]; + } + } else { + *cp = 0; } md5_append(&MD, password_buf, 64); count += 64; } - md5_finish(&MD, key1); /* tell MD5 we're done */ + md5_finish(&MD, key1); /* tell MD5 we're done */ /*****************************************************/ /* Now localize the key with the engineID and pass */ @@ -1927,24 +2223,28 @@ snmp_usm_password_to_key_sha1(const guint8 *password, guint passwordlen, const guint8 *engineID, guint engineLength, guint8 *key) { - sha1_context SH; - guint8 *cp, password_buf[64]; - guint32 password_index = 0; - guint32 count = 0, i; + sha1_context SH; + guint8 *cp, password_buf[64]; + guint32 password_index = 0; + guint32 count = 0, i; - sha1_starts(&SH); /* initialize SHA */ + sha1_starts(&SH); /* initialize SHA */ /**********************************************/ /* Use while loop until we've done 1 Megabyte */ /**********************************************/ while (count < 1048576) { cp = password_buf; - for (i = 0; i < 64; i++) { - /*************************************************/ - /* Take the next octet of the password, wrapping */ - /* to the beginning of the password as necessary.*/ - /*************************************************/ - *cp++ = password[password_index++ % passwordlen]; + if (passwordlen != 0) { + for (i = 0; i < 64; i++) { + /*************************************************/ + /* Take the next octet of the password, wrapping */ + /* to the beginning of the password as necessary.*/ + /*************************************************/ + *cp++ = password[password_index++ % passwordlen]; + } + } else { + *cp = 0; } sha1_update (&SH, password_buf, 64); count += 64; @@ -1959,9 +2259,9 @@ snmp_usm_password_to_key_sha1(const guint8 *password, guint passwordlen, /*****************************************************/ sha1_starts(&SH); - sha1_update(&SH, key, 20); + sha1_update(&SH, key, SHA1_DIGEST_LEN); sha1_update(&SH, engineID, engineLength); - sha1_update(&SH, key, 20); + sha1_update(&SH, key, SHA1_DIGEST_LEN); sha1_finish(&SH, key); return; } @@ -1972,111 +2272,12 @@ process_prefs(void) { } -static void* -snmp_users_copy_cb(void* dest, const void* orig, size_t len _U_) -{ - const snmp_ue_assoc_t* o = (const snmp_ue_assoc_t*)orig; - snmp_ue_assoc_t* d = (snmp_ue_assoc_t*)dest; - - d->auth_model = o->auth_model; - d->user.authModel = auth_models[o->auth_model]; - - d->priv_proto = o->priv_proto; - d->user.privProtocol = priv_protos[o->priv_proto]; - - d->user.userName.data = (guint8*)g_memdup(o->user.userName.data,o->user.userName.len); - d->user.userName.len = o->user.userName.len; - - d->user.authPassword.data = o->user.authPassword.data ? (guint8*)g_memdup(o->user.authPassword.data,o->user.authPassword.len) : NULL; - d->user.authPassword.len = o->user.authPassword.len; - - d->user.privPassword.data = o->user.privPassword.data ? (guint8*)g_memdup(o->user.privPassword.data,o->user.privPassword.len) : NULL; - d->user.privPassword.len = o->user.privPassword.len; - - d->engine.len = o->engine.len; - if (o->engine.data) { - d->engine.data = (guint8*)g_memdup(o->engine.data,o->engine.len); - } - - d->user.authKey.data = o->user.authKey.data ? (guint8*)g_memdup(o->user.authKey.data,o->user.authKey.len) : NULL; - d->user.authKey.len = o->user.authKey.len; - - d->user.privKey.data = o->user.privKey.data ? (guint8*)g_memdup(o->user.privKey.data,o->user.privKey.len) : NULL; - d->user.privKey.len = o->user.privKey.len; - - return d; -} - -static void -snmp_users_free_cb(void* p) -{ - snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p; - g_free(ue->user.userName.data); - g_free(ue->user.authPassword.data); - g_free(ue->user.privPassword.data); - g_free(ue->user.authKey.data); - g_free(ue->user.privKey.data); - g_free(ue->engine.data); -} - -static void -snmp_users_update_cb(void* p _U_, const char** err) -{ - snmp_ue_assoc_t* ue = (snmp_ue_assoc_t*)p; - emem_strbuf_t* es = ep_strbuf_new(""); - unsigned int i; - - *err = NULL; - - if (num_ueas == 0) - /* Nothing to update */ - return; - - if (! ue->user.userName.len) - ep_strbuf_append_printf(es,"no userName\n"); - - for (i=0; iengine.len > 0) && (u->engine.len < 5 || u->engine.len > 32)) { - ep_strbuf_append_printf(es, "Invalid engineId length (%u). Must be between 5 and 32 (10 and 64 hex digits)\n", u->engine.len); - } - - - if ( u->user.userName.len == ue->user.userName.len - && u->engine.len == ue->engine.len && (u != ue)) { - - if (u->engine.len > 0 && memcmp( u->engine.data, ue->engine.data, u->engine.len ) == 0) { - if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) { - /* XXX: make a string for the engineId */ - ep_strbuf_append_printf(es,"Duplicate key (userName='%s')\n",ue->user.userName.data); - } - } - - if (u->engine.len == 0) { - if ( memcmp( u->user.userName.data, ue->user.userName.data, ue->user.userName.len ) == 0 ) { - ep_strbuf_append_printf(es,"Duplicate key (userName='%s' engineId=NONE)\n",ue->user.userName.data); - } - } - } - } - - if (es->len) { - es = ep_strbuf_truncate(es,es->len-1); - *err = ep_strdup(es->str); - } - - return; -} - - UAT_LSTRING_CB_DEF(snmp_users,userName,snmp_ue_assoc_t,user.userName.data,user.userName.len) UAT_LSTRING_CB_DEF(snmp_users,authPassword,snmp_ue_assoc_t,user.authPassword.data,user.authPassword.len) UAT_LSTRING_CB_DEF(snmp_users,privPassword,snmp_ue_assoc_t,user.privPassword.data,user.privPassword.len) UAT_BUFFER_CB_DEF(snmp_users,engine_id,snmp_ue_assoc_t,engine.data,engine.len) -UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,0,"MD5") -UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,0,"DES") +UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,guint,0,"MD5") +UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,guint,0,"DES") static void * snmp_specific_trap_copy_cb(void *dest, const void *orig, size_t len _U_) @@ -2106,8 +2307,8 @@ UAT_CSTRING_CB_DEF(specific_traps, desc, snmp_st_assoc_t) /*--- proto_register_snmp -------------------------------------------*/ void proto_register_snmp(void) { - /* List of fields */ - static hf_register_info hf[] = { + /* List of fields */ + static hf_register_info hf[] = { { &hf_snmp_v3_flags_auth, { "Authenticated", "snmp.v3.flags.auth", FT_BOOLEAN, 8, TFS(&tfs_set_notset), TH_AUTH, NULL, HFILL }}, @@ -2151,7 +2352,7 @@ void proto_register_snmp(void) { "Authentication", "snmp.v3.auth", FT_BOOLEAN, BASE_NONE, TFS(&auth_flags), 0, NULL, HFILL }}, { &hf_snmp_decryptedPDU, { - "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE, + "Decrypted ScopedPDU", "snmp.decrypted_pdu", FT_BYTES, BASE_NONE, NULL, 0, "Decrypted PDU", HFILL }}, { &hf_snmp_noSuchObject, { "noSuchObject", "snmp.noSuchObject", FT_NONE, BASE_NONE, @@ -2217,133 +2418,169 @@ void proto_register_snmp(void) { { &hf_snmp_scalar_instance_index, { "Scalar Instance Index", "snmp.name.index", FT_UINT64, BASE_DEC, NULL, 0, NULL, HFILL }}, + { &hf_snmp_var_bind_str, { + "Variable-binding-string", "snmp.var-bind_str", FT_STRING, BASE_NONE, + NULL, 0, NULL, HFILL }}, + { &hf_snmp_agentid_trailer, { + "AgentID Trailer", "snmp.agentid_trailer", FT_BYTES, BASE_NONE, + NULL, 0, NULL, HFILL }}, #include "packet-snmp-hfarr.c" - }; - - /* List of subtrees */ - static gint *ett[] = { - &ett_snmp, - &ett_engineid, - &ett_msgFlags, - &ett_encryptedPDU, - &ett_decrypted, - &ett_authParameters, - &ett_internet, - &ett_varbind, - &ett_name, - &ett_value, - &ett_decoding_error, + }; + + /* List of subtrees */ + static gint *ett[] = { + &ett_snmp, + &ett_engineid, + &ett_msgFlags, + &ett_encryptedPDU, + &ett_decrypted, + &ett_authParameters, + &ett_internet, + &ett_varbind, + &ett_name, + &ett_value, + &ett_decoding_error, #include "packet-snmp-ettarr.c" - }; - module_t *snmp_module; - - static uat_field_t users_fields[] = { - UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"), - UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"), - UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."), - UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"), - UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."), - UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"), - UAT_END_FIELDS - }; - - uat_t *assocs_uat = uat_new("SNMP Users", - sizeof(snmp_ue_assoc_t), - "snmp_users", - TRUE, - (void*)&ueas, - &num_ueas, - UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ - "ChSNMPUsersSection", - snmp_users_copy_cb, - snmp_users_update_cb, - snmp_users_free_cb, - renew_ue_cache, - users_fields); - - static uat_field_t specific_traps_flds[] = { - UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"), - UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"), - UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"), - UAT_END_FIELDS - }; - - uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types", - sizeof(snmp_st_assoc_t), - "snmp_specific_traps", - TRUE, - (void*) &specific_traps, - &num_specific_traps, - UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ - "ChSNMPEnterpriseSpecificTrapTypes", - snmp_specific_trap_copy_cb, - NULL, - snmp_specific_trap_free_cb, - NULL, - specific_traps_flds); - - /* Register protocol */ - proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME); - new_register_dissector("snmp", dissect_snmp, proto_snmp); - - /* Register fields and subtrees */ - proto_register_field_array(proto_snmp, hf, array_length(hf)); - proto_register_subtree_array(ett, array_length(ett)); - - - /* Register configuration preferences */ - snmp_module = prefs_register_protocol(proto_snmp, process_prefs); - prefs_register_bool_preference(snmp_module, "display_oid", + }; + static ei_register_info ei[] = { + { &ei_snmp_failed_decrypted_data_pdu, { "snmp.failed_decrypted_data_pdu", PI_MALFORMED, PI_WARN, "Failed to decrypt encryptedPDU", EXPFILL }}, + { &ei_snmp_decrypted_data_bad_formatted, { "snmp.decrypted_data_bad_formatted", PI_MALFORMED, PI_WARN, "Decrypted data not formatted as expected, wrong key?", EXPFILL }}, + { &ei_snmp_verify_authentication_error, { "snmp.verify_authentication_error", PI_MALFORMED, PI_ERROR, "Error while verifying Message authenticity", EXPFILL }}, + { &ei_snmp_authentication_ok, { "snmp.authentication_ok", PI_CHECKSUM, PI_CHAT, "SNMP Authentication OK", EXPFILL }}, + { &ei_snmp_authentication_error, { "snmp.authentication_error", PI_CHECKSUM, PI_WARN, "SNMP Authentication Error", EXPFILL }}, + { &ei_snmp_varbind_not_uni_class_seq, { "snmp.varbind.not_uni_class_seq", PI_MALFORMED, PI_WARN, "VarBind is not an universal class sequence", EXPFILL }}, + { &ei_snmp_varbind_has_indicator, { "snmp.varbind.has_indicator", PI_MALFORMED, PI_WARN, "VarBind has indicator set", EXPFILL }}, + { &ei_snmp_objectname_not_oid, { "snmp.objectname_not_oid", PI_MALFORMED, PI_WARN, "ObjectName not an OID", EXPFILL }}, + { &ei_snmp_objectname_has_indicator, { "snmp.objectname_has_indicator", PI_MALFORMED, PI_WARN, "ObjectName has indicator set", EXPFILL }}, + { &ei_snmp_value_not_primitive_encoding, { "snmp.value_not_primitive_encoding", PI_MALFORMED, PI_WARN, "value not in primitive encoding", EXPFILL }}, + { &ei_snmp_invalid_oid, { "snmp.invalid_oid", PI_MALFORMED, PI_WARN, "invalid oid", EXPFILL }}, + { &ei_snmp_varbind_wrong_tag, { "snmp.varbind.wrong_tag", PI_MALFORMED, PI_WARN, "Wrong tag for SNMP VarBind error value", EXPFILL }}, + { &ei_snmp_varbind_response, { "snmp.varbind.response", PI_RESPONSE_CODE, PI_NOTE, "Response", EXPFILL }}, + { &ei_snmp_no_instance_subid, { "snmp.no_instance_subid", PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value", EXPFILL }}, + { &ei_snmp_wrong_num_of_subids, { "snmp.wrong_num_of_subids", PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value", EXPFILL }}, + { &ei_snmp_index_suboid_too_short, { "snmp.index_suboid_too_short", PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected", EXPFILL }}, + { &ei_snmp_unimplemented_instance_index, { "snmp.unimplemented_instance_index", PI_UNDECODED, PI_WARN, "OID instaces not handled, if you want this implemented please contact the wireshark developers", EXPFILL }}, + { &ei_snmp_index_suboid_len0, { "snmp.ndex_suboid_len0", PI_MALFORMED, PI_WARN, "an index sub-oid OID cannot be 0 bytes long!", EXPFILL }}, + { &ei_snmp_index_suboid_too_long, { "snmp.index_suboid_too_long", PI_MALFORMED, PI_WARN, "index sub-oid should not be longer than remaining oid size", EXPFILL }}, + { &ei_snmp_index_string_too_long, { "snmp.index_string_too_long", PI_MALFORMED, PI_WARN, "index string should not be longer than remaining oid size", EXPFILL }}, + { &ei_snmp_column_parent_not_row, { "snmp.column_parent_not_row", PI_MALFORMED, PI_ERROR, "COLUMS's parent is not a ROW", EXPFILL }}, + { &ei_snmp_uint_too_large, { "snmp.uint_too_large", PI_UNDECODED, PI_NOTE, "Unsigned integer value > 2^64 - 1", EXPFILL }}, + { &ei_snmp_int_too_large, { "snmp.int_too_large", PI_UNDECODED, PI_NOTE, "Signed integer value > 2^63 - 1 or <= -2^63", EXPFILL }}, + { &ei_snmp_integral_value0, { "snmp.integral_value0", PI_UNDECODED, PI_NOTE, "Integral value is zero-length", EXPFILL }}, + { &ei_snmp_missing_mib, { "snmp.missing_mib", PI_UNDECODED, PI_NOTE, "Unresolved value, Missing MIB", EXPFILL }}, + { &ei_snmp_varbind_wrong_length_value, { "snmp.varbind.wrong_length_value", PI_MALFORMED, PI_WARN, "Wrong length for SNMP VarBind/value", EXPFILL }}, + { &ei_snmp_varbind_wrong_class_tag, { "snmp.varbind.wrong_class_tag", PI_MALFORMED, PI_WARN, "Wrong class/tag for SNMP VarBind/value", EXPFILL }}, + { &ei_snmp_rfc1910_non_conformant, { "snmp.rfc1910_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC1910", EXPFILL }}, + { &ei_snmp_rfc3411_non_conformant, { "snmp.rfc3411_non_conformant", PI_PROTOCOL, PI_WARN, "Data not conforming to RFC3411", EXPFILL }}, + { &ei_snmp_version_unknown, { "snmp.version.unknown", PI_PROTOCOL, PI_WARN, "Unknown version", EXPFILL }}, + { &ei_snmp_trap_pdu_obsolete, { "snmp.trap_pdu_obsolete", PI_PROTOCOL, PI_WARN, "Trap-PDU is obsolete in this SNMP version", EXPFILL }}, + + }; + + expert_module_t* expert_snmp; + module_t *snmp_module; + + static uat_field_t users_fields[] = { + UAT_FLD_BUFFER(snmp_users,engine_id,"Engine ID","Engine-id for this entry (empty = any)"), + UAT_FLD_LSTRING(snmp_users,userName,"Username","The username"), + UAT_FLD_VS(snmp_users,auth_model,"Authentication model",auth_types,"Algorithm to be used for authentication."), + UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"), + UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."), + UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"), + UAT_END_FIELDS + }; + + uat_t *assocs_uat = uat_new("SNMP Users", + sizeof(snmp_ue_assoc_t), + "snmp_users", + TRUE, + &ueas, + &num_ueas, + UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ + "ChSNMPUsersSection", + snmp_users_copy_cb, + snmp_users_update_cb, + snmp_users_free_cb, + renew_ue_cache, + users_fields); + + static uat_field_t specific_traps_flds[] = { + UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"), + UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"), + UAT_FLD_CSTRING(specific_traps,desc,"Description","Trap type description"), + UAT_END_FIELDS + }; + + uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types", + sizeof(snmp_st_assoc_t), + "snmp_specific_traps", + TRUE, + &specific_traps, + &num_specific_traps, + UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ + "ChSNMPEnterpriseSpecificTrapTypes", + snmp_specific_trap_copy_cb, + NULL, + snmp_specific_trap_free_cb, + NULL, + specific_traps_flds); + + /* Register protocol */ + proto_snmp = proto_register_protocol(PNAME, PSNAME, PFNAME); + new_register_dissector("snmp", dissect_snmp, proto_snmp); + + /* Register fields and subtrees */ + proto_register_field_array(proto_snmp, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + expert_snmp = expert_register_protocol(proto_snmp); + expert_register_field_array(expert_snmp, ei, array_length(ei)); + + + /* Register configuration preferences */ + snmp_module = prefs_register_protocol(proto_snmp, process_prefs); + prefs_register_bool_preference(snmp_module, "display_oid", "Show SNMP OID in info column", "Whether the SNMP OID should be shown in the info column", &display_oid); - prefs_register_obsolete_preference(snmp_module, "mib_modules"); - prefs_register_obsolete_preference(snmp_module, "users_file"); + prefs_register_obsolete_preference(snmp_module, "mib_modules"); + prefs_register_obsolete_preference(snmp_module, "users_file"); - prefs_register_bool_preference(snmp_module, "desegment", + prefs_register_bool_preference(snmp_module, "desegment", "Reassemble SNMP-over-TCP messages\nspanning multiple TCP segments", "Whether the SNMP dissector should reassemble messages spanning multiple TCP segments." " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", &snmp_desegment); - prefs_register_bool_preference(snmp_module, "var_in_tree", + prefs_register_bool_preference(snmp_module, "var_in_tree", "Display dissected variables inside SNMP tree", "ON - display dissected variables inside SNMP tree, OFF - display dissected variables in root tree after SNMP", &snmp_var_in_tree); - prefs_register_uat_preference(snmp_module, "users_table", + prefs_register_uat_preference(snmp_module, "users_table", "Users Table", "Table of engine-user associations used for authentication and decryption", assocs_uat); - prefs_register_uat_preference(snmp_module, "specific_traps_table", + prefs_register_uat_preference(snmp_module, "specific_traps_table", "Enterprise Specific Trap Types", "Table of enterprise specific-trap type descriptions", specific_traps_uat); -#ifdef HAVE_LIBGCRYPT - prefs_register_enum_preference(snmp_module, "decrypt", - "Decyption algorithm", - "Decyption algorithm", - &snmp_decryption_algo, - snmp_decryption_algo_type, - FALSE); -#endif - #ifdef HAVE_LIBSMI - prefs_register_static_text_preference(snmp_module, "info_mibs", - "MIB settings can be changed in the Name Resolution preferences", - "MIB settings can be changed in the Name Resolution preferences"); + prefs_register_static_text_preference(snmp_module, "info_mibs", + "MIB settings can be changed in the Name Resolution preferences", + "MIB settings can be changed in the Name Resolution preferences"); #endif - value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE); + value_sub_dissectors_table = register_dissector_table("snmp.variable_oid","SNMP Variable OID", FT_STRING, BASE_NONE); - register_init_routine(renew_ue_cache); + register_init_routine(init_ue_cache); + register_cleanup_routine(cleanup_ue_cache); - register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp); + register_ber_syntax_dissector("SNMP", proto_snmp, dissect_snmp_tcp); } @@ -2367,6 +2604,13 @@ void proto_reg_handoff_snmp(void) { data_handle = find_dissector("data"); + /* SNMPv2-MIB sysDescr "1.3.6.1.2.1.1.1.0" */ + dissector_add_string("snmp.variable_oid", "1.3.6.1.2.1.1.1.0", + new_create_dissector_handle(dissect_snmp_variable_string, proto_snmp)); + /* SNMPv2-MIB::sysName.0 (1.3.6.1.2.1.1.5.0) */ + dissector_add_string("snmp.variable_oid", "1.3.6.1.2.1.1.5.0", + new_create_dissector_handle(dissect_snmp_variable_string, proto_snmp)); + /* * Process preference settings. * @@ -2381,21 +2625,13 @@ void proto_reg_handoff_snmp(void) { void proto_register_smux(void) { - static hf_register_info hf[] = { - { &hf_smux_version, - { "Version", "smux.version", FT_UINT8, BASE_DEC, NULL, - 0x0, NULL, HFILL }}, - { &hf_smux_pdutype, - { "PDU type", "smux.pdutype", FT_UINT8, BASE_DEC, VALS(smux_types), - 0x0, NULL, HFILL }}, - }; static gint *ett[] = { &ett_smux, }; proto_smux = proto_register_protocol("SNMP Multiplex Protocol", "SMUX", "smux"); - proto_register_field_array(proto_smux, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); } @@ -2405,6 +2641,19 @@ proto_reg_handoff_smux(void) { dissector_handle_t smux_handle; - smux_handle = create_dissector_handle(dissect_smux, proto_smux); + smux_handle = new_create_dissector_handle(dissect_smux, proto_smux); dissector_add_uint("tcp.port", TCP_PORT_SMUX, smux_handle); } + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 8 + * tab-width: 8 + * indent-tabs-mode: t + * End: + * + * vi: set shiftwidth=8 tabstop=8 noexpandtab: + * :indentSize=8:tabSize=8:noTabs=false: + */