2 * Routines for ISO/OSI network and transport protocol packet disassembly
3 * Main entrance point and common functions
5 * $Id: packet-osi.c,v 1.63 2003/09/20 03:31:25 guy Exp $
6 * Laurent Deniel <laurent.deniel@free.fr>
7 * Ralf Schneider <Ralf.Schneider@t-online.de>
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
36 #include <epan/packet.h>
41 #include "chdlctypes.h"
42 #include "packet-osi.h"
43 #include "packet-isis.h"
44 #include "packet-esis.h"
48 calc_checksum( tvbuff_t *tvb, int offset, guint len, guint checksum) {
59 available_len = tvb_length_remaining( tvb, offset );
60 if ( available_len < len )
61 return( DATA_MISSING );
63 buffer = tvb_get_ptr( tvb, offset, len );
66 * The maximum values of c0 and c1 will occur if all bytes have the
67 * value 255; if so, then c0 will be len*255 and c1 will be
68 * (len*255 + (len-1)*255 + ... + 255), which is
69 * (len + (len - 1) + ... + 1)*255, or 255*(len*(len + 1))/2.
70 * This means it can overflow if "len" is 5804 or greater.
72 * (A+B) mod 255 = ((A mod 255) + (B mod 255) mod 255, so
73 * we can solve this by taking c0 and c1 mod 255 every
83 for (i = 0; i < seglen; i++) {
93 if (c0 != 0 || c1 != 0)
94 return( CKSUM_NOT_OK ); /* XXX - what should the checksum field be? */
101 check_and_get_checksum( tvbuff_t *tvb, int offset, guint len, guint checksum, int offset_check, guint16* result) {
106 guint32 c0, c1, factor;
107 guint seglen, initlen = len;
114 available_len = tvb_length_remaining( tvb, offset );
115 offset_check -= offset;
116 if ( ( available_len < len ) || ( offset_check < 0 ) || ( (guint)(offset_check+2) > len ) )
117 return( DATA_MISSING );
119 buffer = tvb_get_ptr( tvb, offset, len );
120 block = offset_check / 5803;
123 * The maximum values of c0 and c1 will occur if all bytes have the
124 * value 255; if so, then c0 will be len*255 and c1 will be
125 * (len*255 + (len-1)*255 + ... + 255), which is
126 * (len + (len - 1) + ... + 1)*255, or 255*(len*(len + 1))/2.
127 * This means it can overflow if "len" is 5804 or greater.
129 * (A+B) mod 255 = ((A mod 255) + (B mod 255) mod 255, so
130 * we can solve this by taking c0 and c1 mod 255 every
139 if ( block-- == 0 ) {
140 seglen = offset_check % 5803;
142 } else if ( seglen > 5803 )
144 for (i = 0; i < seglen; i++) {
150 * This works even if (offset_check % 5803) == 5802
164 factor = ( initlen - offset_check ) * c0;
165 x = factor - c0 - c1;
169 * This algorithm uses the 8 bits one's complement arithmetic.
170 * Therefore, we must correct an effect produced
171 * by the "standard" arithmetic (two's complement)
180 if (x == 0) x = 0xFF;
181 if (y == 0) y = 0x01;
183 *result = ( x << 8 ) | ( y & 0xFF );
185 if (*result != checksum)
186 return( CKSUM_NOT_OK ); /* XXX - what should the checksum field be? */
193 /* main entry point */
196 * These assume the NLPID is a secondary protocol identifier, not an
197 * initial protocol identifier.
199 * This is an issue only if, in any packet where an NLPID appears, it's
200 * an initial protocol identifier *AND* it can have the value 1, which
201 * means T.70 for an IPI and X.29 for an SPI.
203 const value_string nlpid_vals[] = {
204 { NLPID_NULL, "NULL" },
205 { NLPID_SPI_X_29, "X.29" },
206 { NLPID_X_633, "X.633" },
207 { NLPID_Q_931, "Q.931" },
208 { NLPID_Q_2931, "Q.2931" },
209 { NLPID_Q_2119, "Q.2119" },
210 { NLPID_SNAP, "SNAP" },
211 { NLPID_ISO8473_CLNP, "CLNP" },
212 { NLPID_ISO9542_ESIS, "ESIS" },
213 { NLPID_ISO10589_ISIS, "ISIS" },
214 { NLPID_ISO10747_IDRP, "IDRP" },
215 { NLPID_ISO9542X25_ESIS, "ESIS (X.25)" },
216 { NLPID_ISO10030, "ISO 10030" },
217 { NLPID_ISO11577, "ISO 11577" },
218 { NLPID_COMPRESSED, "Data compression protocol" },
220 { NLPID_SNDCF, "SubNetwork Dependent Convergence Function"},
221 { NLPID_IP6, "IPv6" },
222 { NLPID_PPP, "PPP" },
226 static dissector_table_t osinl_subdissector_table;
227 static dissector_handle_t data_handle, ppp_handle;
229 static void dissect_osi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
234 pinfo->current_proto = "OSI";
236 nlpid = tvb_get_guint8(tvb, 0);
238 /* do lookup with the subdissector table */
239 if (dissector_try_port(osinl_subdissector_table, nlpid, tvb, pinfo, tree))
244 /* ESIS (X.25) is not currently decoded */
246 case NLPID_ISO9542X25_ESIS:
247 if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
248 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ESIS (X.25)");
250 call_dissector(data_handle,tvb, pinfo, tree);
252 case NLPID_ISO10747_IDRP:
253 if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
254 col_set_str(pinfo->cinfo, COL_PROTOCOL, "IDRP");
256 call_dissector(data_handle,tvb, pinfo, tree);
259 /* XXX - we should put the NLPID into the protocol tree.
260 We should also probably have a subdissector table for
261 those protocols whose PDUs *aren't* defined to begin
263 new_tvb = tvb_new_subset(tvb, 1, -1, -1);
264 call_dissector(ppp_handle, new_tvb, pinfo, tree);
267 if (check_col(pinfo->cinfo, COL_PROTOCOL)) {
268 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ISO");
270 if (check_col(pinfo->cinfo, COL_INFO)) {
271 col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown ISO protocol (%02x)", nlpid);
273 call_dissector(data_handle,tvb, pinfo, tree);
279 proto_register_osi(void)
281 /* There's no "OSI" protocol *per se*, but we do register a
282 dissector table so various protocols running at the
283 network layer can register themselves. */
284 osinl_subdissector_table = register_dissector_table("osinl",
285 "OSI NLPID", FT_UINT8, BASE_HEX);
289 proto_reg_handoff_osi(void)
291 dissector_handle_t osi_handle;
293 osi_handle = create_dissector_handle(dissect_osi, -1);
294 dissector_add("llc.dsap", SAP_OSINL1, osi_handle);
295 dissector_add("llc.dsap", SAP_OSINL2, osi_handle);
296 dissector_add("llc.dsap", SAP_OSINL3, osi_handle);
297 dissector_add("llc.dsap", SAP_OSINL4, osi_handle);
298 dissector_add("llc.dsap", SAP_OSINL5, osi_handle);
299 dissector_add("ppp.protocol", PPP_OSI, osi_handle);
300 dissector_add("chdlctype", CHDLCTYPE_OSI, osi_handle);
301 dissector_add("null.type", BSD_AF_ISO, osi_handle);
302 dissector_add("gre.proto", SAP_OSINL5, osi_handle);
303 data_handle = find_dissector("data");
304 ppp_handle = find_dissector("ppp");