2 * Routines for RIPv1 and RIPv2 packet disassembly
4 * (c) Copyright Hannes R. Boehm <hannes@boehm.org>
6 * RFC2082 ( Keyed Message Digest Algorithm )
7 * Emanuele Caratti <wiz@iol.it>
11 * Wireshark - Network traffic analyzer
12 * By Gerald Combs <gerald@wireshark.org>
13 * Copyright 1998 Gerald Combs
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version 2
18 * of the License, or (at your option) any later version.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 #include <epan/packet.h>
35 #include <epan/emem.h>
37 #define UDP_PORT_RIP 520
42 static const value_string version_vals[] = {
48 static const value_string command_vals[] = {
53 { 5, "Vendor specific (Sun)" },
57 #define AFVAL_UNSPEC 0
60 static const value_string family_vals[] = {
61 { AFVAL_UNSPEC, "Unspecified" },
66 #define AUTH_IP_ROUTE 1
67 #define AUTH_PASSWORD 2
68 #define AUTH_KEYED_MSG_DIGEST 3
70 static const value_string rip_auth_type[] = {
71 { AUTH_IP_ROUTE, "IP Route" },
72 { AUTH_PASSWORD, "Simple Password" },
73 { AUTH_KEYED_MSG_DIGEST, "Keyed Message Digest" },
77 #define RIP_HEADER_LENGTH 4
78 #define RIP_ENTRY_LENGTH 20
79 #define MD5_AUTH_DATA_LEN 16
81 static int proto_rip = -1;
82 static int hf_rip_command = -1;
83 static int hf_rip_version = -1;
84 static int hf_rip_routing_domain = -1;
85 static int hf_rip_ip = -1;
86 static int hf_rip_netmask = -1;
87 static int hf_rip_next_hop = -1;
88 static int hf_rip_metric = -1;
89 static int hf_rip_auth = -1;
90 static int hf_rip_auth_passwd = -1;
91 static int hf_rip_family = -1;
92 static int hf_rip_route_tag = -1;
94 static gint ett_rip = -1;
95 static gint ett_rip_vec = -1;
96 static gint ett_auth_vec = -1;
98 static void dissect_unspec_rip_vektor(tvbuff_t *tvb, int offset, guint8 version,
100 static void dissect_ip_rip_vektor(tvbuff_t *tvb, int offset, guint8 version,
102 static gint dissect_rip_authentication(tvbuff_t *tvb, int offset,
106 dissect_rip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
109 proto_tree *rip_tree = NULL;
114 gint trailer_len = 0;
115 gboolean is_md5_auth = FALSE;
117 if (check_col(pinfo->cinfo, COL_PROTOCOL))
118 col_set_str(pinfo->cinfo, COL_PROTOCOL, "RIP");
119 if (check_col(pinfo->cinfo, COL_INFO))
120 col_clear(pinfo->cinfo, COL_INFO);
122 command = tvb_get_guint8(tvb, 0);
123 version = tvb_get_guint8(tvb, 1);
125 if (check_col(pinfo->cinfo, COL_PROTOCOL))
126 col_add_str(pinfo->cinfo, COL_PROTOCOL,
127 val_to_str(version, version_vals, "RIP"));
128 if (check_col(pinfo->cinfo, COL_INFO))
129 col_add_str(pinfo->cinfo, COL_INFO,
130 val_to_str(command, command_vals, "Unknown command (%u)"));
133 ti = proto_tree_add_item(tree, proto_rip, tvb, 0, -1, FALSE);
134 rip_tree = proto_item_add_subtree(ti, ett_rip);
136 proto_tree_add_uint(rip_tree, hf_rip_command, tvb, 0, 1, command);
137 proto_tree_add_uint(rip_tree, hf_rip_version, tvb, 1, 1, version);
138 if (version == RIPv2)
139 proto_tree_add_uint(rip_tree, hf_rip_routing_domain, tvb, 2, 2,
140 tvb_get_ntohs(tvb, 2));
143 offset = RIP_HEADER_LENGTH;
145 /* zero or more entries */
146 while (tvb_reported_length_remaining(tvb, offset) > trailer_len ) {
147 family = tvb_get_ntohs(tvb, offset);
149 case AFVAL_UNSPEC: /* Unspecified */
151 * There should be one entry in the request, and a metric
152 * of infinity, meaning "show the entire routing table".
154 dissect_unspec_rip_vektor(tvb, offset, version, rip_tree);
156 case AFVAL_IP: /* IP */
157 dissect_ip_rip_vektor(tvb, offset, version, rip_tree);
160 if( offset == RIP_HEADER_LENGTH ) {
161 trailer_len=dissect_rip_authentication(tvb, offset, rip_tree);
165 if(is_md5_auth && tvb_reported_length_remaining(tvb, offset) == 20)
167 /* Intentional fall through: auth Entry MUST be the first! */
169 proto_tree_add_text(rip_tree, tvb, offset,
170 RIP_ENTRY_LENGTH, "Unknown address family %u",
175 offset += RIP_ENTRY_LENGTH;
181 dissect_unspec_rip_vektor(tvbuff_t *tvb, int offset, guint8 version,
185 proto_tree *rip_vektor_tree;
188 metric = tvb_get_ntohl(tvb, offset+16);
189 ti = proto_tree_add_text(tree, tvb, offset,
190 RIP_ENTRY_LENGTH, "Address not specified, Metric: %u",
192 rip_vektor_tree = proto_item_add_subtree(ti, ett_rip_vec);
194 proto_tree_add_item(rip_vektor_tree, hf_rip_family, tvb, offset, 2, FALSE);
195 if (version == RIPv2) {
196 proto_tree_add_item(rip_vektor_tree, hf_rip_route_tag, tvb, offset+2, 2,
198 proto_tree_add_item(rip_vektor_tree, hf_rip_netmask, tvb, offset+8, 4,
200 proto_tree_add_item(rip_vektor_tree, hf_rip_next_hop, tvb, offset+12, 4,
203 proto_tree_add_uint(rip_vektor_tree, hf_rip_metric, tvb,
204 offset+16, 4, metric);
208 dissect_ip_rip_vektor(tvbuff_t *tvb, int offset, guint8 version,
212 proto_tree *rip_vektor_tree;
215 metric = tvb_get_ntohl(tvb, offset+16);
216 ti = proto_tree_add_text(tree, tvb, offset,
217 RIP_ENTRY_LENGTH, "IP Address: %s, Metric: %u",
218 ip_to_str(tvb_get_ptr(tvb, offset+4, 4)), metric);
219 rip_vektor_tree = proto_item_add_subtree(ti, ett_rip_vec);
221 proto_tree_add_item(rip_vektor_tree, hf_rip_family, tvb, offset, 2, FALSE);
222 if (version == RIPv2) {
223 proto_tree_add_item(rip_vektor_tree, hf_rip_route_tag, tvb, offset+2, 2,
227 proto_tree_add_item(rip_vektor_tree, hf_rip_ip, tvb, offset+4, 4, FALSE);
229 if (version == RIPv2) {
230 proto_tree_add_item(rip_vektor_tree, hf_rip_netmask, tvb, offset+8, 4,
232 proto_tree_add_item(rip_vektor_tree, hf_rip_next_hop, tvb, offset+12, 4,
235 proto_tree_add_uint(rip_vektor_tree, hf_rip_metric, tvb,
236 offset+16, 4, metric);
240 rip_bytestring_to_str(const guint8 *ad, guint32 len, char punct) {
246 /* At least one version of Apple's C compiler/linker is buggy, causing
247 a complaint from the linker about the "literal C string section"
248 not ending with '\0' if we initialize a 16-element "char" array with
249 a 16-character string, the fact that initializing such an array with
250 such a string is perfectly legitimate ANSI C nonwithstanding, the 17th
251 '\0' byte in the string nonwithstanding. */
252 static const gchar hex_digits[16] =
253 { '0', '1', '2', '3', '4', '5', '6', '7',
254 '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
256 str_len=sizeof(gchar)*len*(punct?3:2);
257 str=ep_alloc(str_len);
265 *--p = hex_digits[octet&0xF];
267 *--p = hex_digits[octet&0xF];
278 dissect_rip_authentication(tvbuff_t *tvb, int offset, proto_tree *tree)
281 proto_tree *rip_authentication_tree;
283 guint32 val, digest_off, auth_data_len;
286 authtype = tvb_get_ntohs(tvb, offset + 2);
288 ti = proto_tree_add_text(tree, tvb, offset, RIP_ENTRY_LENGTH,
289 "Authentication: %s", val_to_str( authtype, rip_auth_type, "Unknown (%u)" ) );
290 rip_authentication_tree = proto_item_add_subtree(ti, ett_rip_vec);
292 proto_tree_add_uint(rip_authentication_tree, hf_rip_auth, tvb, offset+2, 2,
295 switch ( authtype ) {
297 case AUTH_PASSWORD: /* Plain text password */
298 proto_tree_add_item(rip_authentication_tree, hf_rip_auth_passwd,
299 tvb, offset+4, 16, FALSE);
302 case AUTH_KEYED_MSG_DIGEST: /* Keyed MD5 rfc 2082 */
303 digest_off = tvb_get_ntohs( tvb, offset+4 );
304 proto_tree_add_text( rip_authentication_tree, tvb, offset+4, 2,
305 "Digest Offset: %u" , digest_off );
306 val = tvb_get_guint8( tvb, offset+6 );
307 proto_tree_add_text( rip_authentication_tree, tvb, offset+6, 1,
308 "Key ID: %u" , val );
309 auth_data_len = tvb_get_guint8( tvb, offset+7 );
310 proto_tree_add_text( rip_authentication_tree, tvb, offset+7, 1,
311 "Auth Data Len: %u" , auth_data_len );
312 val = tvb_get_ntohl( tvb, offset+8 );
313 proto_tree_add_text( rip_authentication_tree, tvb, offset+8, 4,
314 "Seq num: %u" , val );
315 proto_tree_add_text( rip_authentication_tree, tvb, offset+12, 8,
317 ti = proto_tree_add_text( rip_authentication_tree, tvb, offset-4+digest_off,
318 MD5_AUTH_DATA_LEN+4, "Authentication Data Trailer" );
319 rip_authentication_tree = proto_item_add_subtree(ti, ett_auth_vec );
320 proto_tree_add_text( rip_authentication_tree, tvb, offset-4+digest_off+4,
321 MD5_AUTH_DATA_LEN, "Authentication Data: %s",
322 rip_bytestring_to_str(
323 tvb_get_ptr( tvb, offset-4+digest_off+4,MD5_AUTH_DATA_LEN),
324 MD5_AUTH_DATA_LEN, ' '));
327 return auth_data_len;
331 proto_register_rip(void)
333 static hf_register_info hf[] = {
335 { "Command", "rip.command", FT_UINT8, BASE_DEC,
336 VALS(command_vals), 0, "What type of RIP Command is this", HFILL }},
339 { "Version", "rip.version", FT_UINT8, BASE_DEC,
340 VALS(version_vals), 0, "Version of the RIP protocol", HFILL }},
343 { "Address Family", "rip.family", FT_UINT16, BASE_DEC,
344 VALS(family_vals), 0, "Address family", HFILL }},
346 { &hf_rip_routing_domain,
347 { "Routing Domain", "rip.routing_domain", FT_UINT16, BASE_DEC,
348 NULL, 0, "RIPv2 Routing Domain", HFILL }},
351 { "IP Address", "rip.ip", FT_IPv4, BASE_NONE,
352 NULL, 0, "IP Address", HFILL}},
355 { "Netmask", "rip.netmask", FT_IPv4, BASE_NONE,
356 NULL, 0, "Netmask", HFILL}},
359 { "Next Hop", "rip.next_hop", FT_IPv4, BASE_NONE,
360 NULL, 0, "Next Hop router for this route", HFILL}},
363 { "Metric", "rip.metric", FT_UINT16, BASE_DEC,
364 NULL, 0, "Metric for this route", HFILL }},
367 { "Authentication type", "rip.auth.type", FT_UINT16, BASE_DEC,
368 VALS(rip_auth_type), 0, "Type of authentication", HFILL }},
370 { &hf_rip_auth_passwd,
371 { "Password", "rip.auth.passwd", FT_STRING, BASE_DEC,
372 NULL, 0, "Authentication password", HFILL }},
375 { "Route Tag", "rip.route_tag", FT_UINT16, BASE_DEC,
376 NULL, 0, "Route Tag", HFILL }},
379 static gint *ett[] = {
385 proto_rip = proto_register_protocol("Routing Information Protocol",
387 proto_register_field_array(proto_rip, hf, array_length(hf));
388 proto_register_subtree_array(ett, array_length(ett));
392 proto_reg_handoff_rip(void)
394 dissector_handle_t rip_handle;
396 rip_handle = create_dissector_handle(dissect_rip, proto_rip);
397 dissector_add("udp.port", UDP_PORT_RIP, rip_handle);