2 * Routines for RTSP packet disassembly (RFC 2326)
4 * Jason Lango <jal@netapp.com>
5 * Liberally copied from packet-http.c, by Guy Harris <guy@alum.mit.edu>
7 * $Id: packet-rtsp.c,v 1.62 2004/03/05 10:36:51 guy Exp $
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 * RTSP is defined in RFC 2326, http://www.ietf.org/rfc/rfc2326.txt?number=2326
29 * http://www.iana.org/assignments/rsvp-parameters
42 #include <epan/packet.h>
43 #include "req_resp_hdrs.h"
44 #include "packet-rtp.h"
45 #include "packet-rtcp.h"
46 #include <epan/conversation.h>
47 #include <epan/strutil.h>
49 static int proto_rtsp = -1;
51 static gint ett_rtsp = -1;
52 static gint ett_rtspframe = -1;
53 static gint ett_rtsp_method = -1;
55 static int hf_rtsp_method = -1;
56 static int hf_rtsp_url = -1;
57 static int hf_rtsp_status = -1;
58 static int hf_rtsp_session = -1;
59 static int hf_rtsp_X_Vig_Msisdn = -1;
61 static dissector_handle_t sdp_handle;
62 static dissector_handle_t rtp_handle;
63 static dissector_handle_t rtcp_handle;
65 void proto_reg_handoff_rtsp(void);
67 static GMemChunk *rtsp_vals = NULL;
68 #define rtsp_hash_init_count 20
71 * desegmentation of RTSP headers
72 * (when we are over TCP or another protocol providing the desegmentation API)
74 static gboolean rtsp_desegment_headers = FALSE;
77 * desegmentation of RTSP bodies
78 * (when we are over TCP or another protocol providing the desegmentation API)
79 * TODO let the user filter on content-type the bodies he wants desegmented
81 static gboolean rtsp_desegment_body = FALSE;
83 /* http://www.iana.org/assignments/port-numberslists two rtsp ports */
84 #define TCP_PORT_RTSP 554
85 #define TCP_ALTERNATE_PORT_RTSP 8554
86 static guint global_rtsp_tcp_port = TCP_PORT_RTSP;
87 static guint global_rtsp_tcp_alternate_port = TCP_ALTERNATE_PORT_RTSP;
89 * Variables to allow for proper deletion of dissector registration when
90 * the user changes port from the gui.
92 static guint tcp_port = 0;
93 static guint tcp_alternate_port = 0;
96 * Takes an array of bytes, assumed to contain a null-terminated
97 * string, as an argument, and returns the length of the string -
98 * i.e., the size of the array, minus 1 for the null terminator.
100 #define STRLEN_CONST(str) (sizeof (str) - 1)
102 #define RTSP_FRAMEHDR ('$')
105 dissector_handle_t dissector;
106 } rtsp_interleaved_t;
108 #define RTSP_MAX_INTERLEAVED (8)
111 * Careful about dynamically allocating memory in this structure (say
112 * for dynamically increasing the size of the 'interleaved' array) -
113 * the containing structure is garbage collected and contained
114 * pointers will not be freed.
117 rtsp_interleaved_t interleaved[RTSP_MAX_INTERLEAVED];
118 } rtsp_conversation_data_t;
121 dissect_rtspinterleaved(tvbuff_t *tvb, int offset, packet_info *pinfo,
124 guint length_remaining;
126 proto_tree *rtspframe_tree = NULL;
128 guint8 rf_start; /* always RTSP_FRAMEHDR */
129 guint8 rf_chan; /* interleaved channel id */
130 guint16 rf_len; /* packet length */
132 conversation_t *conv;
133 rtsp_conversation_data_t *data;
134 dissector_handle_t dissector;
137 * This will throw an exception if we don't have any data left.
138 * That's what we want. (See "tcp_dissect_pdus()", which is
141 length_remaining = tvb_ensure_length_remaining(tvb, offset);
144 * Can we do reassembly?
146 if (rtsp_desegment_headers && pinfo->can_desegment) {
148 * Yes - would an RTSP multiplexed header starting at
149 * this offset be split across segment boundaries?
151 if (length_remaining < 4) {
153 * Yes. Tell the TCP dissector where the data
154 * for this message starts in the data it handed
155 * us, and how many more bytes we need, and return.
157 pinfo->desegment_offset = offset;
158 pinfo->desegment_len = 4 - length_remaining;
164 * Get the "$", channel, and length from the header.
166 orig_offset = offset;
167 rf_start = tvb_get_guint8(tvb, offset);
168 rf_chan = tvb_get_guint8(tvb, offset+1);
169 rf_len = tvb_get_ntohs(tvb, offset+2);
172 * Can we do reassembly?
174 if (rtsp_desegment_body && pinfo->can_desegment) {
176 * Yes - is the header + encapsulated packet split
177 * across segment boundaries?
179 if (length_remaining < 4U + rf_len) {
181 * Yes. Tell the TCP dissector where the data
182 * for this message starts in the data it handed
183 * us, and how many more bytes we need, and return.
185 pinfo->desegment_offset = offset;
186 pinfo->desegment_len = 4U + rf_len - length_remaining;
191 if (check_col(pinfo->cinfo, COL_INFO))
192 col_add_fstr(pinfo->cinfo, COL_INFO,
193 "Interleaved channel 0x%02x, %u bytes",
197 ti = proto_tree_add_protocol_format(tree, proto_rtsp, tvb,
199 "RTSP Interleaved Frame, Channel: 0x%02x, %u bytes",
201 rtspframe_tree = proto_item_add_subtree(ti, ett_rtspframe);
203 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
210 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
217 proto_tree_add_text(rtspframe_tree, tvb, offset, 2,
224 * We set the actual length of the tvbuff for the interleaved
225 * stuff to the minimum of what's left in the tvbuff and the
226 * length in the header.
228 * XXX - what if there's nothing left in the tvbuff?
229 * We'd want a BoundsError exception to be thrown, so
230 * that a Short Frame would be reported.
232 if (length_remaining > rf_len)
233 length_remaining = rf_len;
234 next_tvb = tvb_new_subset(tvb, offset, length_remaining, rf_len);
236 conv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
237 pinfo->srcport, pinfo->destport, 0);
240 (data = conversation_get_proto_data(conv, proto_rtsp)) &&
241 rf_chan < RTSP_MAX_INTERLEAVED &&
242 (dissector = data->interleaved[rf_chan].dissector)) {
243 call_dissector(dissector, next_tvb, pinfo, tree);
245 proto_tree_add_text(rtspframe_tree, tvb, offset, rf_len,
246 "Data (%u bytes)", rf_len);
251 return offset - orig_offset;
254 static void process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
255 size_t linelen, proto_tree *tree);
257 static void process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
258 size_t linelen, proto_tree *tree);
266 static const char *rtsp_methods[] = {
280 #define RTSP_NMETHODS (sizeof rtsp_methods / sizeof rtsp_methods[0])
283 is_rtsp_request_or_reply(const guchar *line, size_t linelen, rtsp_type_t *type)
287 /* Is this an RTSP reply? */
288 if (linelen >= 5 && strncasecmp("RTSP/", line, 5) == 0) {
297 * Is this an RTSP request?
298 * Check whether the line begins with one of the RTSP request
301 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
302 size_t len = strlen(rtsp_methods[ii]);
303 if (linelen >= len &&
304 strncasecmp(rtsp_methods[ii], line, len) == 0) {
305 *type = RTSP_REQUEST;
313 static const char rtsp_content_type[] = "Content-Type:";
316 is_content_sdp(const guchar *line, size_t linelen)
318 static const char type[] = "application/sdp";
319 size_t typelen = STRLEN_CONST(type);
321 line += STRLEN_CONST(rtsp_content_type);
322 linelen -= STRLEN_CONST(rtsp_content_type);
323 while (linelen > 0 && (*line == ' ' || *line == '\t')) {
328 if (linelen < typelen || strncasecmp(type, line, typelen))
333 if (linelen > 0 && !isspace(*line))
339 static const char rtsp_transport[] = "Transport:";
340 static const char rtsp_sps[] = "server_port=";
341 static const char rtsp_cps[] = "client_port=";
342 static const char rtsp_rtp[] = "rtp/";
343 static const char rtsp_inter[] = "interleaved=";
346 rtsp_create_conversation(packet_info *pinfo, const guchar *line_begin,
349 conversation_t *conv;
352 guint c_data_port, c_mon_port;
353 guint s_data_port, s_mon_port;
356 if (line_len > sizeof(buf) - 1) {
358 * Don't overflow the buffer.
360 line_len = sizeof(buf) - 1;
362 memcpy(buf, line_begin, line_len);
363 buf[line_len] = '\0';
365 tmp = buf + STRLEN_CONST(rtsp_transport);
366 while (*tmp && isspace(*tmp))
368 if (strncasecmp(tmp, rtsp_rtp, strlen(rtsp_rtp)) != 0) {
369 g_warning("Frame %u: rtsp: unknown transport", pinfo->fd->num);
373 c_data_port = c_mon_port = 0;
374 s_data_port = s_mon_port = 0;
375 if ((tmp = strstr(buf, rtsp_sps))) {
376 tmp += strlen(rtsp_sps);
377 if (sscanf(tmp, "%u-%u", &s_data_port, &s_mon_port) < 1) {
378 g_warning("Frame %u: rtsp: bad server_port",
383 if ((tmp = strstr(buf, rtsp_cps))) {
384 tmp += strlen(rtsp_cps);
385 if (sscanf(tmp, "%u-%u", &c_data_port, &c_mon_port) < 1) {
386 g_warning("Frame %u: rtsp: bad client_port",
392 rtsp_conversation_data_t *data;
393 guint s_data_chan, s_mon_chan;
397 * Deal with RTSP TCP-interleaved conversations.
399 if ((tmp = strstr(buf, rtsp_inter)) == NULL) {
401 * No interleaved or server_port - probably a
402 * SETUP request, rather than reply.
406 tmp += strlen(rtsp_inter);
407 i = sscanf(tmp, "%u-%u", &s_data_chan, &s_mon_chan);
409 g_warning("Frame %u: rtsp: bad interleaved",
413 conv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
414 pinfo->srcport, pinfo->destport, 0);
416 conv = conversation_new(&pinfo->src, &pinfo->dst,
417 pinfo->ptype, pinfo->srcport, pinfo->destport,
420 data = conversation_get_proto_data(conv, proto_rtsp);
422 data = g_mem_chunk_alloc(rtsp_vals);
423 conversation_add_proto_data(conv, proto_rtsp, data);
425 if (s_data_chan < RTSP_MAX_INTERLEAVED) {
426 data->interleaved[s_data_chan].dissector =
429 if (i > 1 && s_mon_chan < RTSP_MAX_INTERLEAVED) {
430 data->interleaved[s_mon_chan].dissector =
437 * We only want to match on the destination address, not the
438 * source address, because the server might send back a packet
439 * from an address other than the address to which its client
440 * sent the packet, so we construct a conversation with no
443 SET_ADDRESS(&null_addr, pinfo->src.type, 0, NULL);
445 conv = conversation_new(&pinfo->dst, &null_addr, PT_UDP, c_data_port,
446 s_data_port, NO_ADDR2 | (!s_data_port ? NO_PORT2 : 0));
447 conversation_set_dissector(conv, rtp_handle);
452 conv = conversation_new(&pinfo->dst, &null_addr, PT_UDP, c_mon_port,
453 s_mon_port, NO_ADDR2 | (!s_mon_port ? NO_PORT2 : 0));
454 conversation_set_dissector(conv, rtcp_handle);
457 static const char rtsp_content_length[] = "Content-Length:";
460 rtsp_get_content_length(const guchar *line_begin, size_t line_len)
468 if (line_len > sizeof(buf) - 1) {
470 * Don't overflow the buffer.
472 line_len = sizeof(buf) - 1;
474 memcpy(buf, line_begin, line_len);
475 buf[line_len] = '\0';
477 tmp = buf + STRLEN_CONST(rtsp_content_length);
478 while (*tmp && isspace(*tmp))
480 content_length = strtol(tmp, &p, 10);
482 if (up == tmp || (*up != '\0' && !isspace(*up)))
483 return -1; /* not a valid number */
484 return content_length;
487 static const char rtsp_Session[] = "Session:";
488 static const char rtsp_X_Vig_Msisdn[] = "X-Vig-Msisdn";
491 dissect_rtspmessage(tvbuff_t *tvb, int offset, packet_info *pinfo,
494 proto_tree *rtsp_tree = NULL;
495 proto_tree *sub_tree = NULL;
496 proto_item *ti = NULL;
499 const guchar *linep, *lineend;
501 int first_linelen, linelen;
504 gboolean is_request_or_reply;
505 gboolean body_requires_content_len;
506 gboolean saw_req_resp_or_header;
508 rtsp_type_t rtsp_type;
509 gboolean is_mime_header;
513 int reported_datalen;
518 * Is this a request or response?
520 * Note that "tvb_find_line_end()" will return a value that
521 * is not longer than what's in the buffer, so the
522 * "tvb_get_ptr()" call won't throw an exception.
524 first_linelen = tvb_find_line_end(tvb, offset,
525 tvb_ensure_length_remaining(tvb, offset), &next_offset,
528 * Is the first line a request or response?
530 line = tvb_get_ptr(tvb, offset, first_linelen);
531 is_request_or_reply = is_rtsp_request_or_reply(line, first_linelen,
533 if (is_request_or_reply) {
535 * Yes, it's a request or response.
536 * Do header desegmentation if we've been told to,
537 * and do body desegmentation if we've been told to and
538 * we find a Content-Length header.
540 if (!req_resp_hdrs_do_reassembly(tvb, pinfo,
541 rtsp_desegment_headers, rtsp_desegment_body)) {
543 * More data needed for desegmentation.
550 * RFC 2326 says that a content length must be specified
551 * in requests that have a body, although section 4.4 speaks
552 * of a server closing the connection indicating the end of
555 * We assume that an absent content length in a request means
556 * that we don't have a body, and that an absent content length
557 * in a reply means that the reply body runs to the end of
558 * the connection. If the first line is neither, we assume
559 * that whatever follows a blank line should be treated as a
560 * body; there's not much else we can do, as we're jumping
561 * into the message in the middle.
563 * XXX - if there was no Content-Length entity header, we should
564 * accumulate all data until the end of the connection.
565 * That'd require that the TCP dissector call subdissectors
566 * for all frames with FIN, even if they contain no data,
567 * which would require subdissectors to deal intelligently
568 * with empty segments.
570 if (rtsp_type == RTSP_REQUEST)
571 body_requires_content_len = TRUE;
573 body_requires_content_len = FALSE;
575 if (check_col(pinfo->cinfo, COL_PROTOCOL))
576 col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTSP");
577 if (check_col(pinfo->cinfo, COL_INFO)) {
579 * Put the first line from the buffer into the summary
580 * if it's an RTSP request or reply (but leave out the
582 * Otherwise, just call it a continuation.
584 * Note that "tvb_find_line_end()" will return a value that
585 * is not longer than what's in the buffer, so the
586 * "tvb_get_ptr()" call won't throw an exception.
588 line = tvb_get_ptr(tvb, offset, first_linelen);
589 if (is_request_or_reply)
590 if ( rtsp_type == RTSP_REPLY ) {
591 col_add_str(pinfo->cinfo, COL_INFO, "Reply: ");
592 col_append_str(pinfo->cinfo, COL_INFO,
593 format_text(line, first_linelen));
596 col_add_str(pinfo->cinfo, COL_INFO,
597 format_text(line, first_linelen));
600 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
604 orig_offset = offset;
606 ti = proto_tree_add_item(tree, proto_rtsp, tvb, offset, -1,
608 rtsp_tree = proto_item_add_subtree(ti, ett_rtsp);
612 * We haven't yet seen a Content-Length header.
617 * Process the packet data, a line at a time.
619 saw_req_resp_or_header = FALSE; /* haven't seen anything yet */
620 while (tvb_reported_length_remaining(tvb, offset) != 0) {
622 * We haven't yet concluded that this is a MIME header.
624 is_mime_header = FALSE;
627 * Find the end of the line.
629 linelen = tvb_find_line_end(tvb, offset,
630 tvb_ensure_length_remaining(tvb, offset), &next_offset,
634 line_end_offset = offset + linelen;
636 * colon_offset may be -1
638 colon_offset = tvb_find_guint8(tvb, offset, linelen, ':');
642 * Get a buffer that refers to the line.
644 line = tvb_get_ptr(tvb, offset, linelen);
645 lineend = line + linelen;
648 * OK, does it look like an RTSP request or response?
650 is_request_or_reply = is_rtsp_request_or_reply(line, linelen,
652 if (is_request_or_reply)
656 * No. Does it look like a blank line (as would appear
657 * at the end of an RTSP request)?
660 goto is_rtsp; /* Yes. */
663 * No. Does it look like a header?
666 while (linep < lineend) {
669 break; /* not printable, not a MIME header */
689 * It's a tspecial, so it's not
690 * part of a token, so it's not
691 * a field name for the beginning
698 * This ends the token; we consider
699 * this to be a MIME header.
701 is_mime_header = TRUE;
707 * LWS (RFC-2616, 4.2); continue the previous
715 * We haven't seen the colon, but everything else looks
716 * OK for a header line.
718 * If we've already seen an RTSP request or response
719 * line, or a header line, and we're at the end of
720 * the tvbuff, we assume this is an incomplete header
721 * line. (We quit this loop after seeing a blank line,
722 * so if we've seen a request or response line, or a
723 * header line, this is probably more of the request
724 * or response we're presumably seeing. There is some
725 * risk of false positives, but the same applies for
726 * full request or response lines or header lines,
727 * although that's less likely.)
729 * We throw an exception in that case, by checking for
730 * the existence of the next byte after the last one
731 * in the line. If it exists, "tvb_ensure_bytes_exist()"
732 * throws no exception, and we fall through to the
733 * "not RTSP" case. If it doesn't exist,
734 * "tvb_ensure_bytes_exist()" will throw the appropriate
737 if (saw_req_resp_or_header)
738 tvb_ensure_bytes_exist(tvb, offset, linelen + 1);
742 * We don't consider this part of an RTSP request or
743 * reply, so we don't display it.
753 * This is a blank line, which means that
754 * whatever follows it isn't part of this
757 proto_tree_add_text(rtsp_tree, tvb, offset,
758 next_offset - offset, "%s",
759 tvb_format_text(tvb, offset, next_offset - offset));
760 offset = next_offset;
765 * Not a blank line - either a request, a reply, or a header
768 saw_req_resp_or_header = TRUE;
770 ti = proto_tree_add_text(rtsp_tree, tvb, offset,
771 next_offset - offset, "%s",
772 tvb_format_text(tvb, offset, next_offset - offset));
774 sub_tree = proto_item_add_subtree(ti, ett_rtsp_method);
779 process_rtsp_request(tvb, offset, line, linelen,
784 process_rtsp_reply(tvb, offset, line, linelen,
792 if (is_mime_header) {
794 * Process some MIME headers specially.
796 #define MIME_HDR_MATCHES(header) \
797 (linelen > STRLEN_CONST(header) && \
798 strncasecmp(line, (header), STRLEN_CONST(header)) == 0)
800 if (MIME_HDR_MATCHES(rtsp_transport)) {
802 * Based on the port numbers specified
803 * in the Transport: header, set up
804 * a conversation that will be dissected
805 * with the appropriate dissector.
807 rtsp_create_conversation(pinfo, line, linelen);
808 } else if (MIME_HDR_MATCHES(rtsp_content_type)) {
810 * If the Content-Type: header says this
811 * is SDP, dissect the payload as SDP.
813 * XXX - we should just do the same
814 * sort of header processing
815 * that HTTP does, and use the
816 * "media_type" dissector table on
819 * We should use those for Transport:
820 * and Content-Length: as well (and
821 * should process Content-Length: in
824 if (is_content_sdp(line, linelen))
826 } else if (MIME_HDR_MATCHES(rtsp_content_length)) {
828 * Only the amount specified by the
829 * Content-Length: header should be treated
832 content_length = rtsp_get_content_length(line,
835 } else if (MIME_HDR_MATCHES(rtsp_Session)) {
837 * Extract the session string
841 if ( colon_offset != -1 ){
843 * Skip whitespace after the colon.
844 * (Code from SIP dissector )
846 value_offset = colon_offset + 1;
847 while (value_offset < line_end_offset
848 && ((c = tvb_get_guint8(tvb,
849 value_offset)) == ' '
853 * Put the value into the protocol tree
855 value_len = line_end_offset - value_offset;
856 proto_tree_add_string(sub_tree, hf_rtsp_session,tvb,
857 value_offset, value_len ,
858 tvb_format_text(tvb, value_offset, value_len));
861 } else if (MIME_HDR_MATCHES(rtsp_X_Vig_Msisdn)) {
863 * Extract the X_Vig_Msisdn string
867 if ( colon_offset != -1 ){
869 * Skip whitespace after the colon.
870 * (Code from SIP dissector )
872 value_offset = colon_offset + 1;
873 while (value_offset < line_end_offset
874 && ((c = tvb_get_guint8(tvb,
875 value_offset)) == ' '
879 * Put the value into the protocol tree
881 value_len = line_end_offset - value_offset;
882 proto_tree_add_string(sub_tree, hf_rtsp_X_Vig_Msisdn,tvb,
883 value_offset, value_len ,
884 tvb_format_text(tvb, value_offset, value_len));
889 offset = next_offset;
893 * If a content length was supplied, the amount of data to be
894 * processed as RTSP payload is the minimum of the content
895 * length and the amount of data remaining in the frame.
897 * If no content length was supplied (or if a bad content length
898 * was supplied), the amount of data to be processed is the amount
899 * of data remaining in the frame.
901 datalen = tvb_length_remaining(tvb, offset);
902 reported_datalen = tvb_reported_length_remaining(tvb, offset);
903 if (content_length != -1) {
905 * Content length specified; display only that amount
908 if (datalen > content_length)
909 datalen = content_length;
912 * XXX - limit the reported length in the tvbuff we'll
913 * hand to a subdissector to be no greater than the
916 * We really need both unreassembled and "how long it'd
917 * be if it were reassembled" lengths for tvbuffs, so
918 * that we throw the appropriate exceptions for
919 * "not enough data captured" (running past the length),
920 * "packet needed reassembly" (within the length but
921 * running past the unreassembled length), and
922 * "packet is malformed" (running past the reassembled
925 if (reported_datalen > content_length)
926 reported_datalen = content_length;
929 * No content length specified; if this message doesn't
930 * have a body if no content length is specified, process
931 * nothing as payload.
933 if (body_requires_content_len)
939 * There's stuff left over; process it.
945 * Fix up the top-level item so that it doesn't
946 * include the SDP stuff.
949 proto_item_set_len(ti, offset);
952 * Now create a tvbuff for the SDP stuff and
955 * The amount of data to be processed that's
956 * available in the tvbuff is "datalen", which
957 * is the minimum of the amount of data left in
958 * the tvbuff and any specified content length.
960 * The amount of data to be processed that's in
961 * this frame, regardless of whether it was
962 * captured or not, is "reported_datalen",
963 * which, if no content length was specified,
964 * is -1, i.e. "to the end of the frame.
966 new_tvb = tvb_new_subset(tvb, offset, datalen,
968 call_dissector(sdp_handle, new_tvb, pinfo, tree);
970 if (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR) {
972 * This is interleaved stuff; don't
973 * treat it as raw data - set "datalen"
974 * to 0, so we won't skip the offset
975 * past it, which will cause our
976 * caller to process that stuff itself.
980 proto_tree_add_text(rtsp_tree, tvb, offset,
981 datalen, "Data (%d bytes)",
987 * We've processed "datalen" bytes worth of data
988 * (which may be no data at all); advance the
989 * offset past whatever data we've processed.
993 return offset - orig_offset;
997 process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
998 size_t linelen, proto_tree *tree)
1000 const guchar *lineend = data + linelen;
1003 const guchar *url_start;
1006 /* Request Methods */
1007 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
1008 size_t len = strlen(rtsp_methods[ii]);
1009 if (linelen >= len && !strncasecmp(rtsp_methods[ii], data, len))
1012 if (ii == RTSP_NMETHODS) {
1014 * We got here because "is_rtsp_request_or_reply()" returned
1015 * RTSP_REQUEST, so we know one of the request methods
1016 * matched, so we "can't get here".
1018 g_assert_not_reached();
1022 proto_tree_add_string(tree, hf_rtsp_method, tvb, offset,
1023 strlen(rtsp_methods[ii]), rtsp_methods[ii]);
1028 while (url < lineend && !isspace(*url))
1030 while (url < lineend && isspace(*url))
1033 while (url < lineend && !isspace(*url))
1035 tmp_url = g_malloc(url - url_start + 1);
1036 memcpy(tmp_url, url_start, url - url_start);
1037 tmp_url[url - url_start] = 0;
1038 proto_tree_add_string(tree, hf_rtsp_url, tvb,
1039 offset + (url_start - data), url - url_start, tmp_url);
1044 process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
1045 size_t linelen, proto_tree *tree)
1047 const guchar *lineend = data + linelen;
1048 const guchar *status = data;
1049 const guchar *status_start;
1050 unsigned int status_i;
1053 while (status < lineend && !isspace(*status))
1055 while (status < lineend && isspace(*status))
1057 status_start = status;
1059 while (status < lineend && isdigit(*status))
1060 status_i = status_i * 10 + *status++ - '0';
1061 proto_tree_add_uint(tree, hf_rtsp_status, tvb,
1062 offset + (status_start - data),
1063 status - status_start, status_i);
1067 dissect_rtsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1072 while (tvb_reported_length_remaining(tvb, offset) != 0) {
1073 len = (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR)
1074 ? dissect_rtspinterleaved(tvb, offset, pinfo, tree)
1075 : dissect_rtspmessage(tvb, offset, pinfo, tree);
1081 * OK, we've set the Protocol and Info columns for the
1082 * first RTSP message; make the columns non-writable,
1083 * so that we don't change it for subsequent RTSP messages.
1085 col_set_writable(pinfo->cinfo, FALSE);
1092 /* Routine to initialize rtsp protocol before each capture or filter pass. */
1093 /* Release any memory if needed. Then setup the memory chunks. */
1096 g_mem_chunk_destroy(rtsp_vals);
1098 rtsp_vals = g_mem_chunk_new("rtsp_vals",
1099 sizeof(rtsp_conversation_data_t),
1100 rtsp_hash_init_count * sizeof(rtsp_conversation_data_t),
1105 proto_register_rtsp(void)
1107 static gint *ett[] = {
1112 static hf_register_info hf[] = {
1114 { "Method", "rtsp.method", FT_STRING, BASE_NONE, NULL, 0,
1117 { "URL", "rtsp.url", FT_STRING, BASE_NONE, NULL, 0,
1120 { "Status", "rtsp.status", FT_UINT32, BASE_DEC, NULL, 0,
1123 { "Session", "rtsp.session", FT_STRING, BASE_NONE, NULL, 0,
1125 { &hf_rtsp_X_Vig_Msisdn,
1126 { "X-Vig-Msisdn", "X_Vig_Msisdn", FT_STRING, BASE_NONE, NULL, 0,
1131 module_t *rtsp_module;
1133 proto_rtsp = proto_register_protocol("Real Time Streaming Protocol",
1135 proto_register_field_array(proto_rtsp, hf, array_length(hf));
1136 proto_register_subtree_array(ett, array_length(ett));
1138 /* Register our configuration options, particularly our ports */
1140 rtsp_module = prefs_register_protocol(proto_rtsp, proto_reg_handoff_rtsp);
1141 prefs_register_uint_preference(rtsp_module, "tcp.port",
1143 "Set the TCP port for RTSP messages",
1144 10, &global_rtsp_tcp_port);
1145 prefs_register_uint_preference(rtsp_module, "tcp.alternate_port",
1146 "Alternate RTSP TCP Port",
1147 "Set the alternate TCP port for RTSP messages",
1148 10, &global_rtsp_tcp_alternate_port);
1149 prefs_register_bool_preference(rtsp_module, "desegment_headers",
1150 "Desegment all RTSP headers\nspanning multiple TCP segments",
1151 "Whether the RTSP dissector should desegment all headers "
1152 "of a request spanning multiple TCP segments",
1153 &rtsp_desegment_headers);
1154 prefs_register_bool_preference(rtsp_module, "desegment_body",
1155 "Trust the \"Content-length:\" header and\ndesegment RTSP "
1156 "bodies\nspanning multiple TCP segments",
1157 "Whether the RTSP dissector should use the "
1158 "\"Content-length:\" value to desegment the body "
1159 "of a request spanning multiple TCP segments",
1160 &rtsp_desegment_body);
1162 register_init_routine(rtsp_init); /* register re-init routine */
1166 proto_reg_handoff_rtsp(void)
1168 dissector_handle_t rtsp_handle;
1169 static int rtsp_prefs_initialized = FALSE;
1171 rtsp_handle = create_dissector_handle(dissect_rtsp, proto_rtsp);
1173 if (!rtsp_prefs_initialized) {
1174 rtsp_prefs_initialized = TRUE;
1177 dissector_delete("tcp.port", tcp_port, rtsp_handle);
1178 dissector_delete("tcp.port", tcp_alternate_port, rtsp_handle);
1180 /* Set our port number for future use */
1182 tcp_port = global_rtsp_tcp_port;
1183 tcp_alternate_port = global_rtsp_tcp_alternate_port;
1185 dissector_add("tcp.port", tcp_port, rtsp_handle);
1186 dissector_add("tcp.port", tcp_alternate_port, rtsp_handle);
1188 sdp_handle = find_dissector("sdp");
1189 rtp_handle = find_dissector("rtp");
1190 rtcp_handle = find_dissector("rtcp");