2 * Routines for "The ICE Protocol" dissection
4 * Francesco Fondelli <fondelli dot francesco, tiscali dot it>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 1) Dissect encoded data (do sth like idl2wrs for CORBA).
31 3) Register a dissector as one that can be selected by a UDP/TCP port number.
32 4) Put in Preferences/Protocols/ICEP Option menu:
33 - ICEP_MAX_ICE_STRING_LEN
34 - ICEP_MAX_BATCH_REQUESTS
35 - ICEP_MAX_ICE_CONTEXT_PAIRS
40 1) p. 586 Chapter 23.2 of "The ICE Protocol"
41 "Data is always encoded using little-endian byte order for numeric types."
42 2) Informations about Ice can be found here: http://www.zeroc.com
55 #include <epan/packet.h>
56 #include <epan/emem.h>
57 #include "packet-tcp.h"
60 #define DBG(str, args...) do {\
67 fprintf(stdout, str, ## args); \
71 #define DBG1(format, arg1)
72 #define DBG2(format, arg1, arg2)
75 /* fixed values taken from the standard */
76 static const guint8 icep_magic[] = { 'I', 'c', 'e', 'P' };
77 #define ICEP_HEADER_SIZE 14
78 #define ICEP_MIN_REPLY_SIZE 5
79 #define ICEP_MIN_PARAMS_SIZE 6
80 #define ICEP_MIN_COMMON_REQ_HEADER_SIZE 13
82 /* values derived from common sense */
83 #define ICEP_MAX_BATCH_REQUESTS 64
84 #define ICEP_MAX_ICE_STRING_LEN 512
85 #define ICEP_MAX_ICE_CONTEXT_PAIRS 64
88 /* Initialize the protocol and registered fields */
89 static int proto_icep = -1;
92 static int hf_icep_protocol_major = -1;
93 static int hf_icep_protocol_minor = -1;
94 static int hf_icep_encoding_major = -1;
95 static int hf_icep_encoding_minor = -1;
96 static int hf_icep_message_type = -1;
97 static int hf_icep_compression_status = -1;
98 static int hf_icep_message_size = -1;
100 /* [Batch] Request Message Body */
101 static int hf_icep_request_id = -1;
102 static int hf_icep_id_name = -1;
103 static int hf_icep_id_category = -1;
104 static int hf_icep_facet = -1;
105 static int hf_icep_operation = -1;
106 static int hf_icep_mode = -1;
107 static int hf_icep_context = -1;
108 static int hf_icep_params_size = -1;
109 static int hf_icep_params_major = -1;
110 static int hf_icep_params_minor = -1;
112 /* Reply Message Body */
113 static int hf_icep_reply_status = -1;
115 /* Initialize the subtree pointers */
116 static gint ett_icep = -1;
117 static gint ett_icep_msg = -1;
119 static const value_string icep_msgtype_vals[] = {
121 {0x1, "Batch request"},
123 {0x3, "Validate connection"},
124 {0x4, "Close connection"},
128 static const value_string icep_zipstatus_vals[] = {
129 {0x0, "Uncompressed, sender cannot accept a compressed reply"},
130 {0x1, "Uncompressed, sender can accept a compressed reply"},
131 {0x2, "Compressed, sender can accept a compressed reply"},
135 static const value_string icep_replystatus_vals[] = {
137 {0x1, "User exception"},
138 {0x2, "Object does not exist"},
139 {0x3, "Facet does not exist"},
140 {0x4, "Operation does not exist"},
141 {0x5, "Unknown Ice local exception"},
142 {0x6, "Unknown Ice user exception"},
143 {0x7, "Unknown exception"},
147 static const value_string icep_mode_vals[] = {
149 {0x1, "nonmutating"},
154 static packet_info *mypinfo;
159 * This function dissects an "Ice string", adds hf to "tree" and returns consumed
160 * bytes in "*consumed", if errors "*consumed" is -1.
162 * "*dest" is a null terminated version of the dissected Ice string.
164 static void dissect_ice_string(proto_tree *tree, int hf_icep,
165 tvbuff_t *tvb, guint32 offset, gint32 *consumed,
166 char **dest, gboolean add_hf)
168 /* p. 586 chapter 23.2.1 and p. 588 chapter 23.2.5
169 * string == Size + content
170 * string = 1byte (0..254) + string not null terminated
172 * string = 1byte (255) + 1int (255..2^32-1) + string not null terminated
180 /* check for first byte */
181 if ( !tvb_bytes_exist(tvb, offset, 1) ) {
184 proto_tree_add_text(tree, tvb, offset, -1,
185 "1st byte of Size missing");
187 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
188 col_append_str(mypinfo->cinfo, COL_INFO,
189 " (1st byte of Size missing)");
197 Size = tvb_get_guint8(tvb, offset);
203 /* check for next 4 bytes */
204 if ( !tvb_bytes_exist(tvb, offset, 4) ) {
207 proto_tree_add_text(tree, tvb, offset, -1,
208 "second field of Size missing");
210 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
211 col_append_str(mypinfo->cinfo, COL_INFO,
212 " (second field of Size missing)");
219 /* get second field of Size */
220 Size = tvb_get_letohl(tvb, offset);
225 DBG1("string.Size --> %d\n", Size);
227 /* check if the string exists */
228 if ( !tvb_bytes_exist(tvb, offset, Size) ) {
231 proto_tree_add_text(tree, tvb, offset, -1,
232 "missing or truncated string");
234 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
235 col_append_str(mypinfo->cinfo, COL_INFO,
236 " (missing or truncated string)");
243 if ( Size > ICEP_MAX_ICE_STRING_LEN ) {
246 proto_tree_add_text(tree, tvb, offset, -1, "string too long");
248 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
249 col_append_str(mypinfo->cinfo, COL_INFO,
250 " (string too long)");
260 s = tvb_get_ephemeral_string(tvb, offset, Size);
262 proto_tree_add_string(tree, hf_icep, tvb, offset, Size, s);
264 s = g_strdup("(empty)");
265 /* display the 0x00 Size byte when click on a empty ice_string */
267 proto_tree_add_string(tree, hf_icep, tvb, offset - 1, 1, s);
279 * This function dissects an "Ice facet", adds hf(s) to "tree" and returns consumed
280 * bytes in "*consumed", if errors "*consumed" is -1.
282 static void dissect_ice_facet(proto_tree *tree, int hf_icep,
283 tvbuff_t *tvb, guint32 offset, gint32 *consumed)
285 /* p. 588, chapter 23.2.6:
286 * "facet" is a StringSeq, a StringSeq is a:
290 * sequence == Size + SizeElements
291 * sequence = 1byte (0..254) + SizeElements
293 * sequence = 1byte (255) + 1int (255..2^32-1) + SizeElements
296 * p.613. chapter 23.3.2
297 * "facet has either zero elements (empty) or one element"
302 guint32 Size = 0; /* number of elements in the sequence */
307 /* check first byte */
308 if ( !tvb_bytes_exist(tvb, offset, 1) ) {
311 proto_tree_add_text(tree, tvb, offset, -1, "facet field missing");
313 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
314 col_append_str(mypinfo->cinfo, COL_INFO,
315 " (facet field missing)");
322 /* get first byte of Size */
323 Size = tvb_get_guint8(tvb, offset);
330 s = ep_strdup( "(empty)" );
331 /* display the 0x00 Size byte when click on a empty ice_string */
332 proto_tree_add_string(tree, hf_icep, tvb, offset - 1, 1, s);
339 gint32 consumed_facet = 0;
341 dissect_ice_string(tree, hf_icep, tvb, offset, &consumed_facet, NULL, TRUE);
343 if ( consumed_facet == -1 ) {
348 offset += consumed_facet;
349 (*consumed) += consumed_facet;
353 /* if here => Size > 1 => not possible */
356 /* display the XX Size byte when click here */
357 proto_tree_add_text(tree, tvb, offset - 1, 1,
358 "facet can be max one element");
360 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
361 col_append_str(mypinfo->cinfo, COL_INFO,
362 " (facet can be max one element)");
370 * This function dissects an "Ice context", adds hf(s) to "tree" and returns consumed
371 * bytes in "*consumed", if errors "*consumed" is -1.
373 static void dissect_ice_context(proto_tree *tree, tvbuff_t *tvb, guint32 offset,
376 /* p. 588, chapter 23.2.7 and p. 613, 23.3.2:
377 * "context" is a dictionary<string, string>
379 * dictionary<string, string> == Size + SizeKeyValuePairs
380 * dictionary<string, string> = 1byte (0..254) + SizeKeyValuePairs
382 * dictionary<string, string>= 1byte (255) + 1int (255..2^32-1)+SizeKeyValuePairs
386 guint32 Size = 0; /* number of key-value in the dictionary */
392 /* check first byte */
393 if ( !tvb_bytes_exist(tvb, offset, 1) ) {
396 proto_tree_add_text(tree, tvb, offset, -1, "context missing");
398 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
399 col_append_str(mypinfo->cinfo, COL_INFO,
400 " (context missing)");
407 /* get first byte of Size */
408 Size = tvb_get_guint8(tvb, offset);
414 /* check for next 4 bytes */
415 if ( !tvb_bytes_exist(tvb, offset, 4) ) {
418 proto_tree_add_text(tree, tvb, offset, -1,
419 "second field of Size missing");
421 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
422 col_append_str(mypinfo->cinfo, COL_INFO,
423 " (second field of Size missing)");
430 /* get second field of Size */
431 Size = tvb_get_letohl(tvb, offset);
436 DBG1("context.Size --> %d\n", Size);
438 if ( Size > ICEP_MAX_ICE_CONTEXT_PAIRS ) {
441 /* display the XX Size byte when click here */
442 proto_tree_add_text(tree, tvb, offset - 1, 1, "too long context");
444 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
445 col_append_str(mypinfo->cinfo, COL_INFO,
446 " (too long context)");
455 /* display the 0x00 Size byte when click on a empty context */
457 proto_tree_add_string(tree, hf_icep_context, tvb, offset - 1, 1, s);
461 /* looping through the dictionary */
462 for ( i = 0; i < Size; i++ ) {
464 gint32 consumed_key = 0;
465 char *str_key = NULL;
467 gint32 consumed_value = 0;
468 char *str_value = NULL;
471 DBG1("looping through context dictionary, loop #%d\n", i);
473 dissect_ice_string(tree, -1, tvb, offset, &consumed_key,
476 if ( consumed_key == -1 ) {
481 offset += consumed_key;
482 (*consumed) += consumed_key;
484 dissect_ice_string(tree, -1, tvb, offset, &consumed_value,
487 if ( consumed_value == -1 ) {
492 offset += consumed_value;
493 (*consumed) += consumed_value;
495 if (tree && str_value && str_key) {
497 proto_tree_add_text(tree, tvb,
498 offset - (consumed_key + consumed_value) - 1,
499 (consumed_key + consumed_value) + 1,
500 "Invocation Context: %s/%s",
508 * This function dissects an "Ice params", adds hf(s) to "tree" and returns consumed
509 * bytes in "*consumed", if errors "*consumed" is -1.
511 static void dissect_ice_params(proto_tree *tree, tvbuff_t *tvb,
512 guint32 offset, gint32 *consumed)
514 /* p. 612, chapter 23.3.2 and p. 587, 23.2.2:
515 * "params" is an Encapsulation
517 * struct Encapsulation {
521 * //(size - 6) bytes of data
527 gint tvb_data_remained = 0;
531 /* check first 6 bytes */
532 if ( !tvb_bytes_exist(tvb, offset, ICEP_MIN_PARAMS_SIZE) ) {
535 proto_tree_add_text(tree, tvb, offset, -1, "params missing");
537 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
538 col_append_str(mypinfo->cinfo, COL_INFO,
539 " (params missing)");
547 size = tvb_get_letohl(tvb, offset);
549 DBG1("params.size --> %d\n", size);
551 if ( size < ICEP_MIN_PARAMS_SIZE ) {
554 proto_tree_add_text(tree, tvb, offset, 4,
555 "params size too small");
557 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
558 col_append_str(mypinfo->cinfo, COL_INFO,
559 " (params size too small)");
568 proto_tree_add_item(tree, hf_icep_params_size, tvb, offset, 4, TRUE);
572 proto_tree_add_item(tree, hf_icep_params_major, tvb, offset, 1, TRUE);
576 proto_tree_add_item(tree, hf_icep_params_minor, tvb, offset, 1, TRUE);
581 /* skipp size, major, minor */
586 if( size == ICEP_MIN_PARAMS_SIZE ) /* no encapsulatd data present, it's normal */
589 /* check if I got all encapsulated data */
590 tvb_data_remained = tvb_reported_length_remaining(tvb, offset);
592 if ( tvb_data_remained < ( size - ICEP_MIN_PARAMS_SIZE ) ) {
595 proto_tree_add_text(tree, tvb, offset, -1,
596 "missing encapsulated data (%d bytes)",
598 - ICEP_MIN_PARAMS_SIZE
599 - tvb_data_remained);
601 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
602 col_append_fstr(mypinfo->cinfo, COL_INFO,
603 " (missing encapsulated data (%d bytes))",
605 - ICEP_MIN_PARAMS_SIZE
606 - tvb_data_remained);
613 /* encapsulated params */
616 proto_tree_add_text(tree, tvb, offset, (size - ICEP_MIN_PARAMS_SIZE),
617 "Encapsulated parameters (%d bytes)",
618 (size - ICEP_MIN_PARAMS_SIZE));
621 (*consumed) += (size - ICEP_MIN_PARAMS_SIZE);
624 static void dissect_icep_request_common(tvbuff_t *tvb, guint32 offset,
625 proto_tree *icep_sub_tree, gint32 *total_consumed)
627 /* p. 613, chapter 23.3.3 and p. 612 chapter 23.3.2:
628 * Request and BatchRequest differ only in the first 4 bytes (requestID)
629 * so them share this part
632 * Ice::StringSeq facet;
635 * Ice::Context context;
636 * Encapsulation params;
641 char *namestr = NULL;
644 (*total_consumed) = 0;
646 /* check common header (i.e. the batch request one)*/
647 if ( !tvb_bytes_exist(tvb, offset, ICEP_MIN_COMMON_REQ_HEADER_SIZE) ) {
650 proto_tree_add_text(icep_sub_tree, tvb, offset, -1,
653 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
654 col_append_str(mypinfo->cinfo, COL_INFO,
655 " (too short header)");
661 /* got at least 15 bytes */
670 dissect_ice_string(icep_sub_tree, hf_icep_id_name, tvb, offset,
671 &consumed, &namestr, TRUE);
673 if ( consumed == -1 )
676 offset += consumed; DBG1("consumed --> %d\n", consumed);
677 (*total_consumed) += consumed;
680 dissect_ice_string(icep_sub_tree, hf_icep_id_category, tvb, offset,
681 &consumed, NULL, TRUE);
683 if ( consumed == -1 )
686 offset += consumed; DBG1("consumed --> %d\n", consumed);
687 (*total_consumed) += consumed;
691 * sequence<string> StringSeq
695 dissect_ice_facet(icep_sub_tree, hf_icep_facet, tvb, offset, &consumed);
697 if ( consumed == -1 )
700 offset += consumed; DBG1("consumed --> %d\n", consumed);
701 (*total_consumed) += consumed;
703 /* "operation" is an ice_string
707 dissect_ice_string(icep_sub_tree, hf_icep_operation, tvb, offset,
708 &consumed, &opstr, TRUE);
710 if ( consumed == -1 )
713 offset += consumed; DBG1("consumed --> %d\n", consumed);
714 (*total_consumed) += consumed;
716 if ( opstr && namestr ) {
717 DBG2("operation --> %s.%s()\n", namestr, opstr);
718 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
719 col_append_fstr(mypinfo->cinfo, COL_INFO, " %s.%s()",
727 /* check and get mode byte */
728 if ( !tvb_bytes_exist(tvb, offset, 1) ) {
731 proto_tree_add_text(icep_sub_tree, tvb, offset, -1,
732 "mode field missing");
734 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
735 col_append_str(mypinfo->cinfo, COL_INFO,
736 " (mode field missing)");
743 proto_tree_add_item(icep_sub_tree, hf_icep_mode, tvb, offset, 1, TRUE);
745 offset++; DBG0("consumed --> 1\n");
749 /* "context" is a dictionary<string, string>
753 dissect_ice_context(icep_sub_tree, tvb, offset, &consumed);
755 if ( consumed == -1 )
758 offset += consumed; DBG1("consumed --> %d\n", consumed);
759 (*total_consumed) += consumed;
761 /* "params" is a Encapsulation
765 dissect_ice_params(icep_sub_tree, tvb, offset, &consumed);
767 if ( consumed == -1 )
770 offset += consumed; DBG1("consumed --> %d\n", consumed);
771 (*total_consumed) += consumed;
776 (*total_consumed) = -1;
780 static void dissect_icep_request(tvbuff_t *tvb, guint32 offset, proto_tree *icep_tree)
782 /* p. 612, chapter 23.3.2:
784 * struct RequestData {
787 * Ice::StringSeq facet;
790 * Ice::Context context;
791 * Encapsulation params;
795 proto_item *ti = NULL;
796 proto_tree *icep_sub_tree = NULL;
800 DBG0("dissect request\n");
802 /* check for req id */
803 if ( !tvb_bytes_exist(tvb, offset, 4) ) {
806 proto_tree_add_text(icep_tree, tvb, offset, -1,
809 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
810 col_append_str(mypinfo->cinfo, COL_INFO,
811 " (too short header)");
817 /* got at least 4 bytes */
819 /* create display subtree for this message type */
821 reqid = tvb_get_letohl(tvb, offset);
825 ti = proto_tree_add_text(icep_tree, tvb, offset, -1,
826 "Request Message Body");
828 icep_sub_tree = proto_item_add_subtree(ti, ett_icep_msg);
830 proto_tree_add_item(icep_sub_tree, hf_icep_request_id, tvb, offset, 4,
836 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
837 col_append_fstr(mypinfo->cinfo, COL_INFO, "(%d):",
838 tvb_get_letohl(tvb, offset));
841 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
842 col_append_str(mypinfo->cinfo, COL_INFO, "(oneway):");
847 DBG0("consumed --> 4\n");
849 dissect_icep_request_common(tvb, offset, icep_sub_tree, &consumed);
851 if ( consumed == -1 )
855 DBG1("consumed --> %d\n", consumed);
860 static void dissect_icep_batch_request(tvbuff_t *tvb, guint32 offset,
861 proto_tree *icep_tree)
863 /* p. 613, chapter 23.3.3
864 * A batch request msg is a "sequence" of batch request
865 * Sequence is Size + elements
867 * struct BatchRequestData {
869 * Ice::StringSeq facet;
872 * Ice::Context context;
873 * Encapsulation params;
877 * The only real implementation of the Ice protocol puts a 32bit count in front
878 * of a Batch Request, *not* an Ice::Sequence (as the standard says). Basically the
879 * same people wrote both code and standard so I'll follow the code.
882 proto_item *ti = NULL;
883 proto_tree *icep_sub_tree = NULL;
884 guint32 num_reqs = 0;
888 DBG0("dissect batch request\n");
890 /* check for first 4 byte */
891 if ( !tvb_bytes_exist(tvb, offset, 4) ) {
894 proto_tree_add_text(icep_tree, tvb, offset, -1,
895 "counter of batch requests missing");
897 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
898 col_append_str(mypinfo->cinfo, COL_INFO,
899 " (counter of batch requests missing)");
905 num_reqs = tvb_get_letohl(tvb, offset);
908 DBG1("batch_requests.count --> %d\n", num_reqs);
910 if ( num_reqs > ICEP_MAX_BATCH_REQUESTS ) {
913 proto_tree_add_text(icep_tree, tvb, offset, -1,
914 "too many batch requests (%d)", num_reqs);
916 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
917 col_append_fstr(mypinfo->cinfo, COL_INFO,
918 " (too many batch requests, %d)",
925 if ( num_reqs == 0 ) {
928 proto_tree_add_text(icep_tree, tvb, offset, -1,
929 "empty batch requests sequence");
930 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
931 col_append_fstr(mypinfo->cinfo, COL_INFO,
932 " (empty batch requests sequence)");
939 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
940 col_append_fstr(mypinfo->cinfo, COL_INFO,
948 for ( i = 0; i < num_reqs; i++ ) {
950 DBG1("looping through sequence of batch requests, loop #%d\n", i);
952 /* create display subtree for this message type */
956 ti = proto_tree_add_text(icep_tree, tvb, offset, -1,
957 "Batch Request Message Body: #%d", i);
959 icep_sub_tree = proto_item_add_subtree(ti, ett_icep_msg);
963 if ( check_col(mypinfo->cinfo, COL_INFO) && (i != 0) ) {
964 col_append_fstr(mypinfo->cinfo, COL_INFO,
968 dissect_icep_request_common(tvb, offset, icep_sub_tree, &consumed);
970 if ( consumed == -1 )
973 if ( icep_tree && ti )
974 proto_item_set_len(ti, consumed);
977 DBG1("consumed --> %d\n", consumed);
981 static void dissect_icep_reply(tvbuff_t *tvb, guint32 offset, proto_tree *icep_tree)
983 /* p. 614, chapter 23.3.4:
988 * [... messageSize - 19 bytes ... ]
992 gint32 messageSize = 0;
993 guint32 tvb_data_remained = 0;
994 guint32 reported_reply_data = 0;
995 proto_item *ti = NULL;
996 proto_tree *icep_sub_tree = NULL;
998 DBG0("dissect reply\n");
1000 /* get at least a full reply message header */
1002 if ( !tvb_bytes_exist(tvb, offset, ICEP_MIN_REPLY_SIZE) ) {
1005 proto_tree_add_text(icep_tree, tvb, offset, -1,
1006 "too short header");
1008 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
1009 col_append_str(mypinfo->cinfo, COL_INFO,
1010 " (too short header)");
1016 /* got 5 bytes, then data */
1018 /* create display subtree for this message type */
1022 ti = proto_tree_add_text(icep_tree, tvb, offset, -1,
1023 "Reply Message Body");
1025 icep_sub_tree = proto_item_add_subtree(ti, ett_icep_msg);
1027 proto_tree_add_item(icep_sub_tree, hf_icep_request_id, tvb, offset, 4,
1031 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
1032 col_append_fstr(mypinfo->cinfo, COL_INFO, "(%d):",
1033 tvb_get_letohl(tvb, offset));
1039 proto_tree_add_item(icep_sub_tree, hf_icep_reply_status, tvb, offset, 1,
1042 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
1043 col_append_fstr(mypinfo->cinfo, COL_INFO, " %s",
1044 val_to_str(tvb_get_guint8(tvb, offset),
1045 icep_replystatus_vals,
1046 "unknown reply status"));
1051 DBG1("consumed --> %d\n", 5);
1053 /* check if I got all reply data */
1054 tvb_data_remained = tvb_length_remaining(tvb, offset);
1055 messageSize = tvb_get_letohl(tvb, 10);
1056 reported_reply_data = messageSize - (ICEP_HEADER_SIZE + ICEP_MIN_REPLY_SIZE);
1059 if ( tvb_data_remained < reported_reply_data ) {
1062 proto_tree_add_text(icep_sub_tree, tvb, offset, -1,
1063 "Reply Data (missing %d bytes out of %d)",
1064 reported_reply_data - tvb_data_remained,
1065 reported_reply_data);
1067 if ( check_col(mypinfo->cinfo, COL_INFO) ) {
1068 col_append_fstr(mypinfo->cinfo, COL_INFO,
1069 " (missing reply data, %d bytes)",
1070 reported_reply_data - tvb_data_remained);
1073 offset += tvb_data_remained;
1074 DBG1("consumed --> %d\n", tvb_data_remained);
1078 /* yes (reported_reply_data can be 0) */
1080 if (icep_sub_tree) {
1082 if ( reported_reply_data !=0 )
1083 proto_tree_add_text(icep_sub_tree, tvb, offset,
1084 reported_reply_data,
1085 "Reply data (%d bytes)",
1086 reported_reply_data);
1088 proto_tree_add_text(icep_sub_tree, tvb, offset,
1089 reported_reply_data,
1090 "Reply data (empty)");
1093 offset += reported_reply_data;
1094 DBG1("consumed --> %d\n", reported_reply_data);
1097 static guint get_icep_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset)
1099 return tvb_get_letohl(tvb, offset + 10);
1102 static void dissect_icep_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1104 /* p. 611, chapter 23.3.1:
1106 * struct HeaderData {
1108 * byte protocolMajor;
1109 * byte protocolMinor;
1110 * byte encodingMajor;
1111 * byte encodingMinor;
1113 * byte compressionStatus;
1118 proto_item *ti = NULL;
1119 proto_tree *icep_tree = NULL;
1122 /* Make entries in Protocol column and Info column on summary display */
1124 if ( check_col(pinfo->cinfo, COL_PROTOCOL) )
1125 col_set_str(pinfo->cinfo, COL_PROTOCOL, "ICEP");
1127 if ( check_col(pinfo->cinfo, COL_INFO) ) {
1128 col_add_fstr(pinfo->cinfo, COL_INFO, "%s",
1129 val_to_str(tvb_get_guint8(tvb, 8),
1131 "Unknown Message Type: 0x%02x"));
1138 DBG0("got an icep msg, start analisys\n");
1140 /* create display subtree for the protocol */
1142 ti = proto_tree_add_item(tree, proto_icep, tvb, 0, -1, FALSE);
1144 icep_tree = proto_item_add_subtree(ti, ett_icep);
1146 /* add items to the subtree */
1148 /* message header */
1150 proto_tree_add_text(icep_tree, tvb, offset, 4,
1151 "Magic Number: 'I','c','e','P'");
1154 proto_tree_add_item(icep_tree, hf_icep_protocol_major,
1155 tvb, offset, 1, TRUE);
1158 proto_tree_add_item(icep_tree, hf_icep_protocol_minor,
1159 tvb, offset, 1, TRUE);
1162 proto_tree_add_item(icep_tree, hf_icep_encoding_major,
1163 tvb, offset, 1, TRUE);
1166 proto_tree_add_item(icep_tree, hf_icep_encoding_minor,
1167 tvb, offset, 1, TRUE);
1170 proto_tree_add_item(icep_tree, hf_icep_message_type,
1171 tvb, offset, 1, TRUE);
1174 proto_tree_add_item(icep_tree, hf_icep_compression_status,
1175 tvb, offset, 1, TRUE);
1178 proto_tree_add_item(icep_tree, hf_icep_message_size,
1179 tvb, offset, 4, TRUE);
1182 offset += ICEP_HEADER_SIZE;
1185 switch(tvb_get_guint8(tvb, 8)) {
1187 DBG1("request message body: parsing %d bytes\n",
1188 tvb_length_remaining(tvb, offset));
1189 dissect_icep_request(tvb, offset, icep_tree);
1192 DBG1("batch request message body: parsing %d bytes\n",
1193 tvb_length_remaining(tvb, offset));
1194 dissect_icep_batch_request(tvb, offset, icep_tree);
1197 DBG1("reply message body: parsing %d bytes\n",
1198 tvb_length_remaining(tvb, offset));
1199 dissect_icep_reply(tvb, offset, icep_tree);
1203 /* messages already dissected */
1207 proto_tree_add_text(tree, tvb, 8, 1, /* display msg type byte */
1208 "Unknown Message Type: 0x%02x",
1209 tvb_get_guint8(tvb, 8));
1215 static gboolean dissect_icep(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1217 DBG0("triggered\n");
1219 /* get at least a full message header (taken from packet-yhoo.c) */
1221 /* check for magic string (taken from packet-giop.c) */
1223 if ( tvb_memeql(tvb, 0, icep_magic, 4) == -1 ) {
1224 /* Not a ICEP packet. */
1228 /* start dissecting */
1230 tcp_dissect_pdus(tvb, pinfo, tree, TRUE, ICEP_HEADER_SIZE,
1231 get_icep_pdu_len, dissect_icep_pdu);
1237 /* Register the protocol with Wireshark */
1239 void proto_register_icep(void)
1242 /* Setup list of header fields */
1244 static hf_register_info hf[] = {
1246 { &hf_icep_protocol_major,
1248 "Protocol Major", "icep.protocol_major",
1249 FT_INT8, BASE_DEC, NULL, 0x0,
1250 "The protocol major version number", HFILL
1254 { &hf_icep_protocol_minor,
1256 "Protocol Minor", "icep.protocol_minor",
1257 FT_INT8, BASE_DEC, NULL, 0x0,
1258 "The protocol minor version number", HFILL
1262 { &hf_icep_encoding_major,
1264 "Encoding Major", "icep.encoding_major",
1265 FT_INT8, BASE_DEC, NULL, 0x0,
1266 "The encoding major version number", HFILL
1270 { &hf_icep_encoding_minor,
1272 "Encoding Minor", "icep.encoding_minor",
1273 FT_INT8, BASE_DEC, NULL, 0x0,
1274 "The encoding minor version number", HFILL
1278 { &hf_icep_message_type,
1280 "Message Type", "icep.message_type",
1281 FT_INT8, BASE_DEC, VALS(icep_msgtype_vals), 0x0,
1282 "The message type", HFILL
1286 { &hf_icep_compression_status,
1288 "Compression Status", "icep.compression_status",
1289 FT_INT8, BASE_DEC, VALS(icep_zipstatus_vals), 0x0,
1290 "The compression status of the message", HFILL
1294 { &hf_icep_message_size,
1296 "Message Size", "icep.message_status",
1297 FT_INT32, BASE_DEC, NULL, 0x0,
1298 "The size of the message in bytes, including the header",
1303 { &hf_icep_request_id,
1305 "Request Identifier", "icep.request_id",
1306 FT_INT32, BASE_DEC, NULL, 0x0,
1307 "The request identifier",
1312 { &hf_icep_reply_status,
1314 "Reply Status", "icep.protocol_major",
1315 FT_INT8, BASE_DEC, VALS(icep_replystatus_vals), 0x0,
1316 "The reply status", HFILL
1322 "Object Identity Name", "icep.id.name",
1323 FT_STRINGZ, BASE_NONE, NULL, 0x0,
1324 "The object identity name", HFILL
1328 { &hf_icep_id_category,
1330 "Object Identity Content", "icep.id.content",
1331 FT_STRINGZ, BASE_NONE, NULL, 0x0,
1332 "The object identity content", HFILL
1338 "Facet Name", "icep.facet",
1339 FT_STRINGZ, BASE_NONE, NULL, 0x0,
1340 "The facet name", HFILL
1344 { &hf_icep_operation,
1346 "Operation Name", "icep.operation",
1347 FT_STRINGZ, BASE_NONE, NULL, 0x0,
1348 "The operation name", HFILL
1354 "Ice::OperationMode", "icep.operation_mode",
1355 FT_INT8, BASE_DEC, VALS(icep_mode_vals), 0x0,
1356 "A byte representing Ice::OperationMode", HFILL
1362 "Invocation Context", "icep.context",
1363 FT_STRINGZ, BASE_NONE, NULL, 0x0,
1364 "The invocation context", HFILL
1368 { &hf_icep_params_size,
1370 "Input Parameters Size", "icep.params.size",
1371 FT_INT32, BASE_DEC, NULL, 0x0,
1372 "The encapsulated input parameters size",
1377 { &hf_icep_params_major,
1379 "Input Parameters Encoding Major",
1380 "icep.params.major",
1381 FT_INT8, BASE_DEC, NULL, 0x0,
1382 "The major encoding version of encapsulated parameters",
1387 { &hf_icep_params_minor,
1389 "Input Parameters Encoding Minor",
1390 "icep.params.minor",
1391 FT_INT8, BASE_DEC, NULL, 0x0,
1392 "The minor encoding version of encapsulated parameters",
1399 /* Setup protocol subtree array */
1401 static gint *ett[] = {
1406 /* Register the protocol name and description */
1409 proto_register_protocol("Internet Communications Engine Protocol",
1412 /* Required function calls to register the header fields and subtrees used */
1414 proto_register_field_array(proto_icep, hf, array_length(hf));
1415 proto_register_subtree_array(ett, array_length(ett));
1419 void proto_reg_handoff_icep(void)
1421 /* Register as a heuristic TCP/UDP dissector */
1423 heur_dissector_add("tcp", dissect_icep, proto_icep);
1424 heur_dissector_add("udp", dissect_icep, proto_icep);
git.samba.org / obnox / wireshark / wip.git / blob