2 * Routines for RTSP packet disassembly (RFC 2326)
4 * Jason Lango <jal@netapp.com>
5 * Liberally copied from packet-http.c, by Guy Harris <guy@alum.mit.edu>
7 * $Id: packet-rtsp.c,v 1.64 2004/05/11 10:55:42 guy Exp $
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 * RTSP is defined in RFC 2326, http://www.ietf.org/rfc/rfc2326.txt?number=2326
29 * http://www.iana.org/assignments/rsvp-parameters
42 #include <epan/packet.h>
43 #include "req_resp_hdrs.h"
44 #include "packet-rtp.h"
45 #include "packet-rtcp.h"
46 #include <epan/conversation.h>
47 #include <epan/strutil.h>
48 #include "packet-e164.h"
50 static int proto_rtsp = -1;
52 static gint ett_rtsp = -1;
53 static gint ett_rtspframe = -1;
54 static gint ett_rtsp_method = -1;
56 static int hf_rtsp_method = -1;
57 static int hf_rtsp_url = -1;
58 static int hf_rtsp_status = -1;
59 static int hf_rtsp_session = -1;
60 static int hf_rtsp_X_Vig_Msisdn = -1;
62 static dissector_handle_t sdp_handle;
63 static dissector_handle_t rtp_handle;
64 static dissector_handle_t rtcp_handle;
66 void proto_reg_handoff_rtsp(void);
68 static GMemChunk *rtsp_vals = NULL;
69 #define rtsp_hash_init_count 20
72 * desegmentation of RTSP headers
73 * (when we are over TCP or another protocol providing the desegmentation API)
75 static gboolean rtsp_desegment_headers = FALSE;
78 * desegmentation of RTSP bodies
79 * (when we are over TCP or another protocol providing the desegmentation API)
80 * TODO let the user filter on content-type the bodies he wants desegmented
82 static gboolean rtsp_desegment_body = FALSE;
84 /* http://www.iana.org/assignments/port-numberslists two rtsp ports */
85 #define TCP_PORT_RTSP 554
86 #define TCP_ALTERNATE_PORT_RTSP 8554
87 static guint global_rtsp_tcp_port = TCP_PORT_RTSP;
88 static guint global_rtsp_tcp_alternate_port = TCP_ALTERNATE_PORT_RTSP;
90 * Variables to allow for proper deletion of dissector registration when
91 * the user changes port from the gui.
93 static guint tcp_port = 0;
94 static guint tcp_alternate_port = 0;
97 * Takes an array of bytes, assumed to contain a null-terminated
98 * string, as an argument, and returns the length of the string -
99 * i.e., the size of the array, minus 1 for the null terminator.
101 #define STRLEN_CONST(str) (sizeof (str) - 1)
103 #define RTSP_FRAMEHDR ('$')
106 dissector_handle_t dissector;
107 } rtsp_interleaved_t;
109 #define RTSP_MAX_INTERLEAVED (8)
112 * Careful about dynamically allocating memory in this structure (say
113 * for dynamically increasing the size of the 'interleaved' array) -
114 * the containing structure is garbage collected and contained
115 * pointers will not be freed.
118 rtsp_interleaved_t interleaved[RTSP_MAX_INTERLEAVED];
119 } rtsp_conversation_data_t;
122 dissect_rtspinterleaved(tvbuff_t *tvb, int offset, packet_info *pinfo,
125 guint length_remaining;
127 proto_tree *rtspframe_tree = NULL;
129 guint8 rf_start; /* always RTSP_FRAMEHDR */
130 guint8 rf_chan; /* interleaved channel id */
131 guint16 rf_len; /* packet length */
133 conversation_t *conv;
134 rtsp_conversation_data_t *data;
135 dissector_handle_t dissector;
138 * This will throw an exception if we don't have any data left.
139 * That's what we want. (See "tcp_dissect_pdus()", which is
142 length_remaining = tvb_ensure_length_remaining(tvb, offset);
145 * Can we do reassembly?
147 if (rtsp_desegment_headers && pinfo->can_desegment) {
149 * Yes - would an RTSP multiplexed header starting at
150 * this offset be split across segment boundaries?
152 if (length_remaining < 4) {
154 * Yes. Tell the TCP dissector where the data
155 * for this message starts in the data it handed
156 * us, and how many more bytes we need, and return.
158 pinfo->desegment_offset = offset;
159 pinfo->desegment_len = 4 - length_remaining;
165 * Get the "$", channel, and length from the header.
167 orig_offset = offset;
168 rf_start = tvb_get_guint8(tvb, offset);
169 rf_chan = tvb_get_guint8(tvb, offset+1);
170 rf_len = tvb_get_ntohs(tvb, offset+2);
173 * Can we do reassembly?
175 if (rtsp_desegment_body && pinfo->can_desegment) {
177 * Yes - is the header + encapsulated packet split
178 * across segment boundaries?
180 if (length_remaining < 4U + rf_len) {
182 * Yes. Tell the TCP dissector where the data
183 * for this message starts in the data it handed
184 * us, and how many more bytes we need, and return.
186 pinfo->desegment_offset = offset;
187 pinfo->desegment_len = 4U + rf_len - length_remaining;
192 if (check_col(pinfo->cinfo, COL_INFO))
193 col_add_fstr(pinfo->cinfo, COL_INFO,
194 "Interleaved channel 0x%02x, %u bytes",
198 ti = proto_tree_add_protocol_format(tree, proto_rtsp, tvb,
200 "RTSP Interleaved Frame, Channel: 0x%02x, %u bytes",
202 rtspframe_tree = proto_item_add_subtree(ti, ett_rtspframe);
204 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
211 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
218 proto_tree_add_text(rtspframe_tree, tvb, offset, 2,
225 * We set the actual length of the tvbuff for the interleaved
226 * stuff to the minimum of what's left in the tvbuff and the
227 * length in the header.
229 * XXX - what if there's nothing left in the tvbuff?
230 * We'd want a BoundsError exception to be thrown, so
231 * that a Short Frame would be reported.
233 if (length_remaining > rf_len)
234 length_remaining = rf_len;
235 next_tvb = tvb_new_subset(tvb, offset, length_remaining, rf_len);
237 conv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
238 pinfo->srcport, pinfo->destport, 0);
241 (data = conversation_get_proto_data(conv, proto_rtsp)) &&
242 rf_chan < RTSP_MAX_INTERLEAVED &&
243 (dissector = data->interleaved[rf_chan].dissector)) {
244 call_dissector(dissector, next_tvb, pinfo, tree);
246 proto_tree_add_text(rtspframe_tree, tvb, offset, rf_len,
247 "Data (%u bytes)", rf_len);
252 return offset - orig_offset;
255 static void process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
256 size_t linelen, proto_tree *tree);
258 static void process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
259 size_t linelen, proto_tree *tree);
267 static const char *rtsp_methods[] = {
281 #define RTSP_NMETHODS (sizeof rtsp_methods / sizeof rtsp_methods[0])
284 is_rtsp_request_or_reply(const guchar *line, size_t linelen, rtsp_type_t *type)
288 /* Is this an RTSP reply? */
289 if (linelen >= 5 && strncasecmp("RTSP/", line, 5) == 0) {
298 * Is this an RTSP request?
299 * Check whether the line begins with one of the RTSP request
302 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
303 size_t len = strlen(rtsp_methods[ii]);
304 if (linelen >= len &&
305 strncasecmp(rtsp_methods[ii], line, len) == 0 &&
306 (len == linelen || isspace(line[len]))) {
307 *type = RTSP_REQUEST;
315 static const char rtsp_content_type[] = "Content-Type:";
318 is_content_sdp(const guchar *line, size_t linelen)
320 static const char type[] = "application/sdp";
321 size_t typelen = STRLEN_CONST(type);
323 line += STRLEN_CONST(rtsp_content_type);
324 linelen -= STRLEN_CONST(rtsp_content_type);
325 while (linelen > 0 && (*line == ' ' || *line == '\t')) {
330 if (linelen < typelen || strncasecmp(type, line, typelen))
335 if (linelen > 0 && !isspace(*line))
341 static const char rtsp_transport[] = "Transport:";
342 static const char rtsp_sps[] = "server_port=";
343 static const char rtsp_cps[] = "client_port=";
344 static const char rtsp_rtp[] = "rtp/";
345 static const char rtsp_inter[] = "interleaved=";
348 rtsp_create_conversation(packet_info *pinfo, const guchar *line_begin,
351 conversation_t *conv;
354 guint c_data_port, c_mon_port;
355 guint s_data_port, s_mon_port;
358 if (line_len > sizeof(buf) - 1) {
360 * Don't overflow the buffer.
362 line_len = sizeof(buf) - 1;
364 memcpy(buf, line_begin, line_len);
365 buf[line_len] = '\0';
367 tmp = buf + STRLEN_CONST(rtsp_transport);
368 while (*tmp && isspace(*tmp))
370 if (strncasecmp(tmp, rtsp_rtp, strlen(rtsp_rtp)) != 0) {
371 g_warning("Frame %u: rtsp: unknown transport", pinfo->fd->num);
375 c_data_port = c_mon_port = 0;
376 s_data_port = s_mon_port = 0;
377 if ((tmp = strstr(buf, rtsp_sps))) {
378 tmp += strlen(rtsp_sps);
379 if (sscanf(tmp, "%u-%u", &s_data_port, &s_mon_port) < 1) {
380 g_warning("Frame %u: rtsp: bad server_port",
385 if ((tmp = strstr(buf, rtsp_cps))) {
386 tmp += strlen(rtsp_cps);
387 if (sscanf(tmp, "%u-%u", &c_data_port, &c_mon_port) < 1) {
388 g_warning("Frame %u: rtsp: bad client_port",
394 rtsp_conversation_data_t *data;
395 guint s_data_chan, s_mon_chan;
399 * Deal with RTSP TCP-interleaved conversations.
401 if ((tmp = strstr(buf, rtsp_inter)) == NULL) {
403 * No interleaved or server_port - probably a
404 * SETUP request, rather than reply.
408 tmp += strlen(rtsp_inter);
409 i = sscanf(tmp, "%u-%u", &s_data_chan, &s_mon_chan);
411 g_warning("Frame %u: rtsp: bad interleaved",
415 conv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
416 pinfo->srcport, pinfo->destport, 0);
418 conv = conversation_new(&pinfo->src, &pinfo->dst,
419 pinfo->ptype, pinfo->srcport, pinfo->destport,
422 data = conversation_get_proto_data(conv, proto_rtsp);
424 data = g_mem_chunk_alloc(rtsp_vals);
425 conversation_add_proto_data(conv, proto_rtsp, data);
427 if (s_data_chan < RTSP_MAX_INTERLEAVED) {
428 data->interleaved[s_data_chan].dissector =
431 if (i > 1 && s_mon_chan < RTSP_MAX_INTERLEAVED) {
432 data->interleaved[s_mon_chan].dissector =
439 * We only want to match on the destination address, not the
440 * source address, because the server might send back a packet
441 * from an address other than the address to which its client
442 * sent the packet, so we construct a conversation with no
445 SET_ADDRESS(&null_addr, pinfo->src.type, 0, NULL);
447 conv = conversation_new(&pinfo->dst, &null_addr, PT_UDP, c_data_port,
448 s_data_port, NO_ADDR2 | (!s_data_port ? NO_PORT2 : 0));
449 conversation_set_dissector(conv, rtp_handle);
454 conv = conversation_new(&pinfo->dst, &null_addr, PT_UDP, c_mon_port,
455 s_mon_port, NO_ADDR2 | (!s_mon_port ? NO_PORT2 : 0));
456 conversation_set_dissector(conv, rtcp_handle);
459 static const char rtsp_content_length[] = "Content-Length:";
462 rtsp_get_content_length(const guchar *line_begin, size_t line_len)
470 if (line_len > sizeof(buf) - 1) {
472 * Don't overflow the buffer.
474 line_len = sizeof(buf) - 1;
476 memcpy(buf, line_begin, line_len);
477 buf[line_len] = '\0';
479 tmp = buf + STRLEN_CONST(rtsp_content_length);
480 while (*tmp && isspace(*tmp))
482 content_length = strtol(tmp, &p, 10);
484 if (up == tmp || (*up != '\0' && !isspace(*up)))
485 return -1; /* not a valid number */
486 return content_length;
489 static const char rtsp_Session[] = "Session:";
490 static const char rtsp_X_Vig_Msisdn[] = "X-Vig-Msisdn";
493 dissect_rtspmessage(tvbuff_t *tvb, int offset, packet_info *pinfo,
496 proto_tree *rtsp_tree = NULL;
497 proto_tree *sub_tree = NULL;
498 proto_item *ti = NULL;
501 const guchar *linep, *lineend;
503 int first_linelen, linelen;
506 gboolean is_request_or_reply;
507 gboolean body_requires_content_len;
508 gboolean saw_req_resp_or_header;
510 rtsp_type_t rtsp_type;
511 gboolean is_mime_header;
515 int reported_datalen;
518 e164_info_t e164_info;
520 * Is this a request or response?
522 * Note that "tvb_find_line_end()" will return a value that
523 * is not longer than what's in the buffer, so the
524 * "tvb_get_ptr()" call won't throw an exception.
526 first_linelen = tvb_find_line_end(tvb, offset,
527 tvb_ensure_length_remaining(tvb, offset), &next_offset,
530 * Is the first line a request or response?
532 line = tvb_get_ptr(tvb, offset, first_linelen);
533 is_request_or_reply = is_rtsp_request_or_reply(line, first_linelen,
535 if (is_request_or_reply) {
537 * Yes, it's a request or response.
538 * Do header desegmentation if we've been told to,
539 * and do body desegmentation if we've been told to and
540 * we find a Content-Length header.
542 if (!req_resp_hdrs_do_reassembly(tvb, pinfo,
543 rtsp_desegment_headers, rtsp_desegment_body)) {
545 * More data needed for desegmentation.
552 * RFC 2326 says that a content length must be specified
553 * in requests that have a body, although section 4.4 speaks
554 * of a server closing the connection indicating the end of
557 * We assume that an absent content length in a request means
558 * that we don't have a body, and that an absent content length
559 * in a reply means that the reply body runs to the end of
560 * the connection. If the first line is neither, we assume
561 * that whatever follows a blank line should be treated as a
562 * body; there's not much else we can do, as we're jumping
563 * into the message in the middle.
565 * XXX - if there was no Content-Length entity header, we should
566 * accumulate all data until the end of the connection.
567 * That'd require that the TCP dissector call subdissectors
568 * for all frames with FIN, even if they contain no data,
569 * which would require subdissectors to deal intelligently
570 * with empty segments.
572 if (rtsp_type == RTSP_REQUEST)
573 body_requires_content_len = TRUE;
575 body_requires_content_len = FALSE;
577 if (check_col(pinfo->cinfo, COL_PROTOCOL))
578 col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTSP");
579 if (check_col(pinfo->cinfo, COL_INFO)) {
581 * Put the first line from the buffer into the summary
582 * if it's an RTSP request or reply (but leave out the
584 * Otherwise, just call it a continuation.
586 * Note that "tvb_find_line_end()" will return a value that
587 * is not longer than what's in the buffer, so the
588 * "tvb_get_ptr()" call won't throw an exception.
590 line = tvb_get_ptr(tvb, offset, first_linelen);
591 if (is_request_or_reply)
592 if ( rtsp_type == RTSP_REPLY ) {
593 col_add_str(pinfo->cinfo, COL_INFO, "Reply: ");
594 col_append_str(pinfo->cinfo, COL_INFO,
595 format_text(line, first_linelen));
598 col_add_str(pinfo->cinfo, COL_INFO,
599 format_text(line, first_linelen));
602 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
606 orig_offset = offset;
608 ti = proto_tree_add_item(tree, proto_rtsp, tvb, offset, -1,
610 rtsp_tree = proto_item_add_subtree(ti, ett_rtsp);
614 * We haven't yet seen a Content-Length header.
619 * Process the packet data, a line at a time.
621 saw_req_resp_or_header = FALSE; /* haven't seen anything yet */
622 while (tvb_reported_length_remaining(tvb, offset) != 0) {
624 * We haven't yet concluded that this is a MIME header.
626 is_mime_header = FALSE;
629 * Find the end of the line.
631 linelen = tvb_find_line_end(tvb, offset,
632 tvb_ensure_length_remaining(tvb, offset), &next_offset,
636 line_end_offset = offset + linelen;
638 * colon_offset may be -1
640 colon_offset = tvb_find_guint8(tvb, offset, linelen, ':');
644 * Get a buffer that refers to the line.
646 line = tvb_get_ptr(tvb, offset, linelen);
647 lineend = line + linelen;
650 * OK, does it look like an RTSP request or response?
652 is_request_or_reply = is_rtsp_request_or_reply(line, linelen,
654 if (is_request_or_reply)
658 * No. Does it look like a blank line (as would appear
659 * at the end of an RTSP request)?
662 goto is_rtsp; /* Yes. */
665 * No. Does it look like a header?
668 while (linep < lineend) {
671 break; /* not printable, not a MIME header */
691 * It's a tspecial, so it's not
692 * part of a token, so it's not
693 * a field name for the beginning
700 * This ends the token; we consider
701 * this to be a MIME header.
703 is_mime_header = TRUE;
709 * LWS (RFC-2616, 4.2); continue the previous
717 * We haven't seen the colon, but everything else looks
718 * OK for a header line.
720 * If we've already seen an RTSP request or response
721 * line, or a header line, and we're at the end of
722 * the tvbuff, we assume this is an incomplete header
723 * line. (We quit this loop after seeing a blank line,
724 * so if we've seen a request or response line, or a
725 * header line, this is probably more of the request
726 * or response we're presumably seeing. There is some
727 * risk of false positives, but the same applies for
728 * full request or response lines or header lines,
729 * although that's less likely.)
731 * We throw an exception in that case, by checking for
732 * the existence of the next byte after the last one
733 * in the line. If it exists, "tvb_ensure_bytes_exist()"
734 * throws no exception, and we fall through to the
735 * "not RTSP" case. If it doesn't exist,
736 * "tvb_ensure_bytes_exist()" will throw the appropriate
739 if (saw_req_resp_or_header)
740 tvb_ensure_bytes_exist(tvb, offset, linelen + 1);
744 * We don't consider this part of an RTSP request or
745 * reply, so we don't display it.
755 * This is a blank line, which means that
756 * whatever follows it isn't part of this
759 proto_tree_add_text(rtsp_tree, tvb, offset,
760 next_offset - offset, "%s",
761 tvb_format_text(tvb, offset, next_offset - offset));
762 offset = next_offset;
767 * Not a blank line - either a request, a reply, or a header
770 saw_req_resp_or_header = TRUE;
772 ti = proto_tree_add_text(rtsp_tree, tvb, offset,
773 next_offset - offset, "%s",
774 tvb_format_text(tvb, offset, next_offset - offset));
776 sub_tree = proto_item_add_subtree(ti, ett_rtsp_method);
781 process_rtsp_request(tvb, offset, line, linelen,
786 process_rtsp_reply(tvb, offset, line, linelen,
794 if (is_mime_header) {
796 * Process some MIME headers specially.
798 #define MIME_HDR_MATCHES(header) \
799 (linelen > STRLEN_CONST(header) && \
800 strncasecmp(line, (header), STRLEN_CONST(header)) == 0)
802 if (MIME_HDR_MATCHES(rtsp_transport)) {
804 * Based on the port numbers specified
805 * in the Transport: header, set up
806 * a conversation that will be dissected
807 * with the appropriate dissector.
809 rtsp_create_conversation(pinfo, line, linelen);
810 } else if (MIME_HDR_MATCHES(rtsp_content_type)) {
812 * If the Content-Type: header says this
813 * is SDP, dissect the payload as SDP.
815 * XXX - we should just do the same
816 * sort of header processing
817 * that HTTP does, and use the
818 * "media_type" dissector table on
821 * We should use those for Transport:
822 * and Content-Length: as well (and
823 * should process Content-Length: in
826 if (is_content_sdp(line, linelen))
828 } else if (MIME_HDR_MATCHES(rtsp_content_length)) {
830 * Only the amount specified by the
831 * Content-Length: header should be treated
834 content_length = rtsp_get_content_length(line,
837 } else if (MIME_HDR_MATCHES(rtsp_Session)) {
839 * Extract the session string
843 if ( colon_offset != -1 ){
845 * Skip whitespace after the colon.
846 * (Code from SIP dissector )
848 value_offset = colon_offset + 1;
849 while (value_offset < line_end_offset
850 && ((c = tvb_get_guint8(tvb,
851 value_offset)) == ' '
855 * Put the value into the protocol tree
857 value_len = line_end_offset - value_offset;
858 proto_tree_add_string(sub_tree, hf_rtsp_session,tvb,
859 value_offset, value_len ,
860 tvb_format_text(tvb, value_offset, value_len));
863 } else if (MIME_HDR_MATCHES(rtsp_X_Vig_Msisdn)) {
865 * Extract the X_Vig_Msisdn string
867 if ( colon_offset != -1 ){
869 * Skip whitespace after the colon.
870 * (Code from SIP dissector )
872 value_offset = colon_offset + 1;
873 while (value_offset < line_end_offset
874 && ((c = tvb_get_guint8(tvb,
875 value_offset)) == ' '
879 * Put the value into the protocol tree
881 value_len = line_end_offset - value_offset;
882 proto_tree_add_string(sub_tree, hf_rtsp_X_Vig_Msisdn,tvb,
883 value_offset, value_len ,
884 tvb_format_text(tvb, value_offset, value_len));
886 e164_info.e164_number_type = CALLING_PARTY_NUMBER;
887 e164_info.nature_of_address = 0;
889 e164_info.E164_number_str = tvb_get_string(tvb, value_offset,
891 e164_info.E164_number_length = value_len;
892 dissect_e164_number(tvb, sub_tree, value_offset,
893 value_len, e164_info);
894 g_free(e164_info.E164_number_str);
901 offset = next_offset;
905 * If a content length was supplied, the amount of data to be
906 * processed as RTSP payload is the minimum of the content
907 * length and the amount of data remaining in the frame.
909 * If no content length was supplied (or if a bad content length
910 * was supplied), the amount of data to be processed is the amount
911 * of data remaining in the frame.
913 datalen = tvb_length_remaining(tvb, offset);
914 reported_datalen = tvb_reported_length_remaining(tvb, offset);
915 if (content_length != -1) {
917 * Content length specified; display only that amount
920 if (datalen > content_length)
921 datalen = content_length;
924 * XXX - limit the reported length in the tvbuff we'll
925 * hand to a subdissector to be no greater than the
928 * We really need both unreassembled and "how long it'd
929 * be if it were reassembled" lengths for tvbuffs, so
930 * that we throw the appropriate exceptions for
931 * "not enough data captured" (running past the length),
932 * "packet needed reassembly" (within the length but
933 * running past the unreassembled length), and
934 * "packet is malformed" (running past the reassembled
937 if (reported_datalen > content_length)
938 reported_datalen = content_length;
941 * No content length specified; if this message doesn't
942 * have a body if no content length is specified, process
943 * nothing as payload.
945 if (body_requires_content_len)
951 * There's stuff left over; process it.
957 * Fix up the top-level item so that it doesn't
958 * include the SDP stuff.
961 proto_item_set_len(ti, offset);
964 * Now create a tvbuff for the SDP stuff and
967 * The amount of data to be processed that's
968 * available in the tvbuff is "datalen", which
969 * is the minimum of the amount of data left in
970 * the tvbuff and any specified content length.
972 * The amount of data to be processed that's in
973 * this frame, regardless of whether it was
974 * captured or not, is "reported_datalen",
975 * which, if no content length was specified,
976 * is -1, i.e. "to the end of the frame.
978 new_tvb = tvb_new_subset(tvb, offset, datalen,
980 call_dissector(sdp_handle, new_tvb, pinfo, tree);
982 if (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR) {
984 * This is interleaved stuff; don't
985 * treat it as raw data - set "datalen"
986 * to 0, so we won't skip the offset
987 * past it, which will cause our
988 * caller to process that stuff itself.
992 proto_tree_add_text(rtsp_tree, tvb, offset,
993 datalen, "Data (%d bytes)",
999 * We've processed "datalen" bytes worth of data
1000 * (which may be no data at all); advance the
1001 * offset past whatever data we've processed.
1005 return offset - orig_offset;
1009 process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
1010 size_t linelen, proto_tree *tree)
1012 const guchar *lineend = data + linelen;
1015 const guchar *url_start;
1018 /* Request Methods */
1019 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
1020 size_t len = strlen(rtsp_methods[ii]);
1021 if (linelen >= len &&
1022 strncasecmp(rtsp_methods[ii], data, len) == 0 &&
1023 (len == linelen || isspace(data[len])))
1026 if (ii == RTSP_NMETHODS) {
1028 * We got here because "is_rtsp_request_or_reply()" returned
1029 * RTSP_REQUEST, so we know one of the request methods
1030 * matched, so we "can't get here".
1032 g_assert_not_reached();
1036 proto_tree_add_string(tree, hf_rtsp_method, tvb, offset,
1037 strlen(rtsp_methods[ii]), rtsp_methods[ii]);
1042 while (url < lineend && !isspace(*url))
1044 while (url < lineend && isspace(*url))
1047 while (url < lineend && !isspace(*url))
1049 tmp_url = g_malloc(url - url_start + 1);
1050 memcpy(tmp_url, url_start, url - url_start);
1051 tmp_url[url - url_start] = 0;
1052 proto_tree_add_string(tree, hf_rtsp_url, tvb,
1053 offset + (url_start - data), url - url_start, tmp_url);
1058 process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
1059 size_t linelen, proto_tree *tree)
1061 const guchar *lineend = data + linelen;
1062 const guchar *status = data;
1063 const guchar *status_start;
1064 unsigned int status_i;
1067 while (status < lineend && !isspace(*status))
1069 while (status < lineend && isspace(*status))
1071 status_start = status;
1073 while (status < lineend && isdigit(*status))
1074 status_i = status_i * 10 + *status++ - '0';
1075 proto_tree_add_uint(tree, hf_rtsp_status, tvb,
1076 offset + (status_start - data),
1077 status - status_start, status_i);
1081 dissect_rtsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1086 while (tvb_reported_length_remaining(tvb, offset) != 0) {
1087 len = (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR)
1088 ? dissect_rtspinterleaved(tvb, offset, pinfo, tree)
1089 : dissect_rtspmessage(tvb, offset, pinfo, tree);
1095 * OK, we've set the Protocol and Info columns for the
1096 * first RTSP message; make the columns non-writable,
1097 * so that we don't change it for subsequent RTSP messages.
1099 col_set_writable(pinfo->cinfo, FALSE);
1106 /* Routine to initialize rtsp protocol before each capture or filter pass. */
1107 /* Release any memory if needed. Then setup the memory chunks. */
1110 g_mem_chunk_destroy(rtsp_vals);
1112 rtsp_vals = g_mem_chunk_new("rtsp_vals",
1113 sizeof(rtsp_conversation_data_t),
1114 rtsp_hash_init_count * sizeof(rtsp_conversation_data_t),
1119 proto_register_rtsp(void)
1121 static gint *ett[] = {
1126 static hf_register_info hf[] = {
1128 { "Method", "rtsp.method", FT_STRING, BASE_NONE, NULL, 0,
1131 { "URL", "rtsp.url", FT_STRING, BASE_NONE, NULL, 0,
1134 { "Status", "rtsp.status", FT_UINT32, BASE_DEC, NULL, 0,
1137 { "Session", "rtsp.session", FT_STRING, BASE_NONE, NULL, 0,
1139 { &hf_rtsp_X_Vig_Msisdn,
1140 { "X-Vig-Msisdn", "X_Vig_Msisdn", FT_STRING, BASE_NONE, NULL, 0,
1145 module_t *rtsp_module;
1147 proto_rtsp = proto_register_protocol("Real Time Streaming Protocol",
1149 proto_register_field_array(proto_rtsp, hf, array_length(hf));
1150 proto_register_subtree_array(ett, array_length(ett));
1152 /* Register our configuration options, particularly our ports */
1154 rtsp_module = prefs_register_protocol(proto_rtsp, proto_reg_handoff_rtsp);
1155 prefs_register_uint_preference(rtsp_module, "tcp.port",
1157 "Set the TCP port for RTSP messages",
1158 10, &global_rtsp_tcp_port);
1159 prefs_register_uint_preference(rtsp_module, "tcp.alternate_port",
1160 "Alternate RTSP TCP Port",
1161 "Set the alternate TCP port for RTSP messages",
1162 10, &global_rtsp_tcp_alternate_port);
1163 prefs_register_bool_preference(rtsp_module, "desegment_headers",
1164 "Desegment all RTSP headers\nspanning multiple TCP segments",
1165 "Whether the RTSP dissector should desegment all headers "
1166 "of a request spanning multiple TCP segments",
1167 &rtsp_desegment_headers);
1168 prefs_register_bool_preference(rtsp_module, "desegment_body",
1169 "Trust the \"Content-length:\" header and\ndesegment RTSP "
1170 "bodies\nspanning multiple TCP segments",
1171 "Whether the RTSP dissector should use the "
1172 "\"Content-length:\" value to desegment the body "
1173 "of a request spanning multiple TCP segments",
1174 &rtsp_desegment_body);
1176 register_init_routine(rtsp_init); /* register re-init routine */
1180 proto_reg_handoff_rtsp(void)
1182 dissector_handle_t rtsp_handle;
1183 static int rtsp_prefs_initialized = FALSE;
1185 rtsp_handle = create_dissector_handle(dissect_rtsp, proto_rtsp);
1187 if (!rtsp_prefs_initialized) {
1188 rtsp_prefs_initialized = TRUE;
1191 dissector_delete("tcp.port", tcp_port, rtsp_handle);
1192 dissector_delete("tcp.port", tcp_alternate_port, rtsp_handle);
1194 /* Set our port number for future use */
1196 tcp_port = global_rtsp_tcp_port;
1197 tcp_alternate_port = global_rtsp_tcp_alternate_port;
1199 dissector_add("tcp.port", tcp_port, rtsp_handle);
1200 dissector_add("tcp.port", tcp_alternate_port, rtsp_handle);
1202 sdp_handle = find_dissector("sdp");
1203 rtp_handle = find_dissector("rtp");
1204 rtcp_handle = find_dissector("rtcp");