/* packet-ipsec.c
- * Routines for IPsec/IPComp packet disassembly
+ * Routines for IPsec/IPComp packet disassembly
*
- * $Id: packet-ipsec.c,v 1.31 2001/08/29 08:12:32 guy Exp $
+ * $Id: packet-ipsec.c,v 1.44 2003/08/16 00:11:07 gerald Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
* Copyright 1998 Gerald Combs
- *
+ *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-
#include <string.h>
#include <glib.h>
-#include "packet.h"
+#include <epan/packet.h>
#include "packet-ipsec.h"
-#include "packet-ip.h"
-#include "resolv.h"
+#include <epan/resolv.h>
#include "ipproto.h"
#include "prefs.h"
/* Place AH payload in sub tree */
-gboolean g_ah_payload_in_subtree = FALSE;
+static gboolean g_ah_payload_in_subtree = FALSE;
static int proto_ah = -1;
static int hf_ah_spi = -1;
static gint ett_esp = -1;
static gint ett_ipcomp = -1;
+static dissector_handle_t data_handle;
+
+static dissector_table_t ip_dissector_table;
+
struct newah {
guint8 ah_nxt; /* Next Header */
guint8 ah_len; /* Length of data + 1, in 32bit */
next_tvb = tvb_new_subset(tvb, advance, -1, -1);
if (g_ah_payload_in_subtree) {
- col_set_writable(pinfo->fd, FALSE);
+ col_set_writable(pinfo->cinfo, FALSE);
}
/* do lookup with the subdissector table */
if (!dissector_try_port(ip_dissector_table, nxt, next_tvb, pinfo, next_tree)) {
- dissect_data(next_tvb, 0, pinfo, next_tree);
+ call_dissector(data_handle,next_tvb, pinfo, next_tree);
}
}
struct newah ah;
int advance;
- if (check_col(pinfo->fd, COL_PROTOCOL))
- col_set_str(pinfo->fd, COL_PROTOCOL, "AH");
- if (check_col(pinfo->fd, COL_INFO))
- col_clear(pinfo->fd, COL_INFO);
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "AH");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
- tvb_memcpy(tvb, (guint8 *)&ah, 0, sizeof(ah));
+ tvb_memcpy(tvb, (guint8 *)&ah, 0, sizeof(ah));
advance = sizeof(ah) + ((ah.ah_len - 1) << 2);
- if (check_col(pinfo->fd, COL_INFO)) {
- col_add_fstr(pinfo->fd, COL_INFO, "AH (SPI=0x%08x)",
- (guint32)ntohl(ah.ah_spi));
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "AH (SPI=0x%08x)",
+ (guint32)g_ntohl(ah.ah_spi));
}
if (tree) {
ipprotostr(ah.ah_nxt), ah.ah_nxt);
proto_tree_add_text(ah_tree, tvb,
offsetof(struct newah, ah_len), 1,
- "Length: %u", ah.ah_len << 2);
+ "Length: %u", (ah.ah_len + 2) << 2);
proto_tree_add_uint(ah_tree, hf_ah_spi, tvb,
offsetof(struct newah, ah_spi), 4,
- (guint32)ntohl(ah.ah_spi));
+ (guint32)g_ntohl(ah.ah_spi));
proto_tree_add_uint(ah_tree, hf_ah_sequence, tvb,
offsetof(struct newah, ah_seq), 4,
- (guint32)ntohl(ah.ah_seq));
+ (guint32)g_ntohl(ah.ah_seq));
proto_tree_add_text(ah_tree, tvb,
sizeof(ah), (ah.ah_len - 1) << 2,
"ICV");
* load the top pane info. This should be overwritten by
* the next protocol in the stack
*/
- if (check_col(pinfo->fd, COL_PROTOCOL))
- col_set_str(pinfo->fd, COL_PROTOCOL, "ESP");
- if (check_col(pinfo->fd, COL_INFO))
- col_clear(pinfo->fd, COL_INFO);
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "ESP");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
- tvb_memcpy(tvb, (guint8 *)&esp, 0, sizeof(esp));
+ tvb_memcpy(tvb, (guint8 *)&esp, 0, sizeof(esp));
- if (check_col(pinfo->fd, COL_INFO)) {
- col_add_fstr(pinfo->fd, COL_INFO, "ESP (SPI=0x%08x)",
- (guint32)ntohl(esp.esp_spi));
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "ESP (SPI=0x%08x)",
+ (guint32)g_ntohl(esp.esp_spi));
}
/*
* (ie none)
*/
if(tree) {
- ti = proto_tree_add_item(tree, proto_esp, tvb, 0,
- tvb_length(tvb), FALSE);
+ ti = proto_tree_add_item(tree, proto_esp, tvb, 0, -1, FALSE);
esp_tree = proto_item_add_subtree(ti, ett_esp);
- proto_tree_add_uint(esp_tree, hf_esp_spi, tvb,
+ proto_tree_add_uint(esp_tree, hf_esp_spi, tvb,
offsetof(struct newesp, esp_spi), 4,
- (guint32)ntohl(esp.esp_spi));
+ (guint32)g_ntohl(esp.esp_spi));
proto_tree_add_uint(esp_tree, hf_esp_sequence, tvb,
offsetof(struct newesp, esp_seq), 4,
- (guint32)ntohl(esp.esp_seq));
- dissect_data(tvb, sizeof(struct newesp), pinfo, esp_tree);
+ (guint32)g_ntohl(esp.esp_seq));
+ call_dissector(data_handle,
+ tvb_new_subset(tvb, sizeof(struct newesp), -1, -1),
+ pinfo, esp_tree);
}
}
* load the top pane info. This should be overwritten by
* the next protocol in the stack
*/
- if (check_col(pinfo->fd, COL_PROTOCOL))
- col_set_str(pinfo->fd, COL_PROTOCOL, "IPComp");
- if (check_col(pinfo->fd, COL_INFO))
- col_clear(pinfo->fd, COL_INFO);
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "IPComp");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
- tvb_memcpy(tvb, (guint8 *)&ipcomp, 0, sizeof(ipcomp));
+ tvb_memcpy(tvb, (guint8 *)&ipcomp, 0, sizeof(ipcomp));
- if (check_col(pinfo->fd, COL_INFO)) {
- p = match_strval(ntohs(ipcomp.comp_cpi), cpi2val);
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ p = match_strval(g_ntohs(ipcomp.comp_cpi), cpi2val);
if (p == NULL) {
- col_add_fstr(pinfo->fd, COL_INFO, "IPComp (CPI=0x%04x)",
- ntohs(ipcomp.comp_cpi));
+ col_add_fstr(pinfo->cinfo, COL_INFO, "IPComp (CPI=0x%04x)",
+ g_ntohs(ipcomp.comp_cpi));
} else
- col_add_fstr(pinfo->fd, COL_INFO, "IPComp (CPI=%s)", p);
+ col_add_fstr(pinfo->cinfo, COL_INFO, "IPComp (CPI=%s)", p);
}
/*
* (ie none)
*/
if (tree) {
- ti = proto_tree_add_item(tree, proto_ipcomp, tvb, 0,
- tvb_length(tvb), FALSE);
+ ti = proto_tree_add_item(tree, proto_ipcomp, tvb, 0, -1, FALSE);
ipcomp_tree = proto_item_add_subtree(ti, ett_ipcomp);
proto_tree_add_text(ipcomp_tree, tvb,
proto_tree_add_uint(ipcomp_tree, hf_ipcomp_flags, tvb,
offsetof(struct ipcomp, comp_flags), 1,
ipcomp.comp_flags);
- proto_tree_add_uint(ipcomp_tree, hf_ipcomp_cpi, tvb,
+ proto_tree_add_uint(ipcomp_tree, hf_ipcomp_cpi, tvb,
offsetof(struct ipcomp, comp_cpi), 2,
- ntohs(ipcomp.comp_cpi));
- dissect_data(tvb, sizeof(struct ipcomp), pinfo, ipcomp_tree);
+ g_ntohs(ipcomp.comp_cpi));
+ call_dissector(data_handle,
+ tvb_new_subset(tvb, sizeof(struct ipcomp), -1, -1), pinfo,
+ ipcomp_tree);
}
}
{ "SPI", "ah.spi", FT_UINT32, BASE_HEX, NULL, 0x0,
"", HFILL }},
{ &hf_ah_sequence,
- { "Sequence", "ah.sequence", FT_UINT32, BASE_HEX, NULL, 0x0,
+ { "Sequence", "ah.sequence", FT_UINT32, BASE_DEC, NULL, 0x0,
"", HFILL }}
};
{ "SPI", "esp.spi", FT_UINT32, BASE_HEX, NULL, 0x0,
"", HFILL }},
{ &hf_esp_sequence,
- { "Sequence", "esp.sequence", FT_UINT32, BASE_HEX, NULL, 0x0,
+ { "Sequence", "esp.sequence", FT_UINT32, BASE_DEC, NULL, 0x0,
"", HFILL }}
};
{ "Flags", "ipcomp.flags", FT_UINT8, BASE_HEX, NULL, 0x0,
"", HFILL }},
{ &hf_ipcomp_cpi,
- { "CPI", "ipcomp.cpi", FT_UINT16, BASE_HEX,
+ { "CPI", "ipcomp.cpi", FT_UINT16, BASE_HEX,
VALS(cpi2val), 0x0, "", HFILL }},
};
static gint *ett[] = {
&g_ah_payload_in_subtree);
register_dissector("esp", dissect_esp, proto_esp);
+ register_dissector("ah", dissect_ah, proto_ah);
}
void
proto_reg_handoff_ipsec(void)
{
- dissector_add("ip.proto", IP_PROTO_AH, dissect_ah, proto_ah);
- dissector_add("ip.proto", IP_PROTO_ESP, dissect_esp, proto_esp);
- dissector_add("ip.proto", IP_PROTO_IPCOMP, dissect_ipcomp, proto_ipcomp);
+ dissector_handle_t esp_handle, ah_handle, ipcomp_handle;
+
+ data_handle = find_dissector("data");
+ ah_handle = find_dissector("ah");
+ dissector_add("ip.proto", IP_PROTO_AH, ah_handle);
+ esp_handle = find_dissector("esp");
+ dissector_add("ip.proto", IP_PROTO_ESP, esp_handle);
+ ipcomp_handle = create_dissector_handle(dissect_ipcomp, proto_ipcomp);
+ dissector_add("ip.proto", IP_PROTO_IPCOMP, ipcomp_handle);
+
+ ip_dissector_table = find_dissector_table("ip.proto");
}