3 * Routines to dissect WTP component of WAP traffic.
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
11 * WAP dissector based on original work by Ben Fowler
12 * Updated by Neil Hunter <neil.hunter@energis-squared.com>
13 * WTLS support by Alexandre P. Ferreira (Splice IP)
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version 2
18 * of the License, or (at your option) any later version.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
39 #include <epan/packet.h>
40 #include <epan/reassemble.h>
41 #include <epan/emem.h>
42 #include "packet-wap.h"
43 #include "packet-wtp.h"
44 #include "packet-wsp.h"
46 static const true_false_string continue_truth = {
51 static const true_false_string RID_truth = {
56 static const true_false_string TIDNew_truth = {
61 static const true_false_string tid_response_truth = {
66 static const true_false_string UP_truth = {
67 "User Acknowledgement required" ,
68 "User Acknowledgement optional"
71 static const true_false_string TVETOK_truth = {
76 static const value_string vals_wtp_pdu_type[] = {
82 { 5, "Segmented Invoke" },
83 { 6, "Segmented Result" },
84 { 7, "Negative Ack" },
88 static const value_string vals_transaction_trailer[] = {
89 { 0, "Not last packet" },
90 { 1, "Last packet of message" },
91 { 2, "Last packet of group" },
92 { 3, "Re-assembly not supported" },
96 static const value_string vals_version[] = {
104 static const value_string vals_abort_type[] = {
110 static const value_string vals_abort_reason_provider[] = {
112 { 0x01, "Protocol Error" },
113 { 0x02, "Invalid TID" },
114 { 0x03, "Not Implemented Class 2" },
115 { 0x04, "Not Implemented SAR" },
116 { 0x05, "Not Implemented User Acknowledgement" },
117 { 0x06, "WTP Version Zero" },
118 { 0x07, "Capacity Temporarily Exceeded" },
119 { 0x08, "No Response" },
120 { 0x09, "Message Too Large" },
124 static const value_string vals_transaction_classes[] = {
125 { 0x00, "Unreliable Invoke without Result" },
126 { 0x01, "Reliable Invoke without Result" },
127 { 0x02, "Reliable Invoke with Reliable Result" },
131 static const value_string vals_tpi_type[] = {
135 { 0x03, "Packet sequence number" },
136 { 0x04, "SDU boundary" },
137 { 0x05, "Frame boundary" },
141 static const value_string vals_tpi_opt[] = {
142 { 0x01, "Maximum receive unit" },
143 { 0x02, "Total message size" },
144 { 0x03, "Delay transmission timer" },
145 { 0x04, "Maximum group" },
146 { 0x05, "Current TID" },
147 { 0x06, "No cached TID" },
151 /* File scoped variables for the protocol and registered fields */
152 static int proto_wtp = HF_EMPTY;
154 /* These fields used by fixed part of header */
155 static int hf_wtp_header_sub_pdu_size = HF_EMPTY;
156 static int hf_wtp_header_flag_continue = HF_EMPTY;
157 static int hf_wtp_header_pdu_type = HF_EMPTY;
158 static int hf_wtp_header_flag_Trailer = HF_EMPTY;
159 static int hf_wtp_header_flag_RID = HF_EMPTY;
160 static int hf_wtp_header_flag_TID = HF_EMPTY;
161 static int hf_wtp_header_flag_TID_response = HF_EMPTY;
163 /* These fields used by Invoke packets */
164 static int hf_wtp_header_Inv_version = HF_EMPTY;
165 static int hf_wtp_header_Inv_flag_TIDNew = HF_EMPTY;
166 static int hf_wtp_header_Inv_flag_UP = HF_EMPTY;
167 static int hf_wtp_header_Inv_Reserved = HF_EMPTY;
168 static int hf_wtp_header_Inv_TransactionClass = HF_EMPTY;
171 static int hf_wtp_header_variable_part = HF_EMPTY;
172 static int hf_wtp_data = HF_EMPTY;
174 static int hf_wtp_tpi_type = HF_EMPTY;
175 static int hf_wtp_tpi_psn = HF_EMPTY;
176 static int hf_wtp_tpi_opt = HF_EMPTY;
177 static int hf_wtp_tpi_optval = HF_EMPTY;
178 static int hf_wtp_tpi_info = HF_EMPTY;
180 static int hf_wtp_header_Ack_flag_TVETOK = HF_EMPTY;
181 static int hf_wtp_header_Abort_type = HF_EMPTY;
182 static int hf_wtp_header_Abort_reason_provider = HF_EMPTY;
183 static int hf_wtp_header_Abort_reason_user = HF_EMPTY;
184 static int hf_wtp_header_sequence_number = HF_EMPTY;
185 static int hf_wtp_header_missing_packets = HF_EMPTY;
187 /* These fields used when reassembling WTP fragments */
188 static int hf_wtp_fragments = HF_EMPTY;
189 static int hf_wtp_fragment = HF_EMPTY;
190 static int hf_wtp_fragment_overlap = HF_EMPTY;
191 static int hf_wtp_fragment_overlap_conflict = HF_EMPTY;
192 static int hf_wtp_fragment_multiple_tails = HF_EMPTY;
193 static int hf_wtp_fragment_too_long_fragment = HF_EMPTY;
194 static int hf_wtp_fragment_error = HF_EMPTY;
195 static int hf_wtp_reassembled_in = HF_EMPTY;
197 /* Initialize the subtree pointers */
198 static gint ett_wtp = ETT_EMPTY;
199 static gint ett_wtp_sub_pdu_tree = ETT_EMPTY;
200 static gint ett_header = ETT_EMPTY;
201 static gint ett_tpilist = ETT_EMPTY;
202 static gint ett_wsp_fragments = ETT_EMPTY;
203 static gint ett_wtp_fragment = ETT_EMPTY;
205 static const fragment_items wtp_frag_items = {
210 &hf_wtp_fragment_overlap,
211 &hf_wtp_fragment_overlap_conflict,
212 &hf_wtp_fragment_multiple_tails,
213 &hf_wtp_fragment_too_long_fragment,
214 &hf_wtp_fragment_error,
215 &hf_wtp_reassembled_in,
219 /* Handle for WSP dissector */
220 static dissector_handle_t wsp_handle;
225 static GHashTable *wtp_fragment_table = NULL;
228 wtp_defragment_init(void)
230 fragment_table_init(&wtp_fragment_table);
234 * Extract some bitfields
236 #define pdu_type(octet) (((octet) >> 3) & 0x0F) /* Note pdu type must not be 0x00 */
237 #define transaction_class(octet) ((octet) & 0x03) /* ......XX */
238 #define transmission_trailer(octet) (((octet) >> 1) & 0x01) /* ......X. */
240 static char retransmission_indicator(unsigned char octet)
242 switch (pdu_type(octet)) {
246 case SEGMENTED_INVOKE:
247 case SEGMENTED_RESULT:
249 return octet & 0x01; /* .......X */
259 wtp_handle_tpi(proto_tree *tree, tvbuff_t *tvb)
265 proto_item *subTree = NULL;
267 tByte = tvb_get_guint8(tvb, offset++);
268 tType = (tByte & 0x78) >> 3;
269 if (tByte & 0x04) /* Long TPI */
270 tLen = tvb_get_guint8(tvb, offset++);
273 subTree = proto_tree_add_uint(tree, hf_wtp_tpi_type,
274 tvb, 0, tvb_length(tvb), tType);
275 proto_item_add_subtree(subTree, ett_tpilist);
277 case 0x00: /* Error*/
280 case 0x01: /* Info */
281 /* Beware, untested case here */
282 proto_tree_add_item(subTree, hf_wtp_tpi_info,
283 tvb, offset, tLen, bo_little_endian);
285 case 0x02: /* Option */
286 proto_tree_add_item(subTree, hf_wtp_tpi_opt,
287 tvb, offset++, 1, bo_little_endian);
288 proto_tree_add_item(subTree, hf_wtp_tpi_optval,
289 tvb, offset, tLen - 1, bo_little_endian);
292 proto_tree_add_item(subTree, hf_wtp_tpi_psn,
293 tvb, offset, 1, bo_little_endian);
295 case 0x04: /* SDU boundary */
298 case 0x05: /* Frame boundary */
306 /* Code to actually dissect the packets */
308 dissect_wtp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
311 int offCur = 0; /* current offset from start of WTP data */
312 size_t returned_length, str_index = 0;
316 /* continuation flag */
317 unsigned char fCon; /* Continue flag */
318 unsigned char fRID; /* Re-transmission indicator*/
319 unsigned char fTTR = '\0'; /* Transmission trailer */
320 guint cbHeader = 0; /* Fixed header length */
321 guint vHeader = 0; /* Variable header length*/
324 /* Set up structures we'll need to add the protocol subtree and manage it */
325 proto_item *ti = NULL;
326 proto_tree *wtp_tree = NULL;
329 char clsTransaction = 3;
330 int numMissing = 0; /* Number of missing packets in a negative ack */
332 tvbuff_t *wsp_tvb = NULL;
333 guint8 psn = 0; /* Packet sequence number*/
334 guint16 TID = 0; /* Transaction-Id */
338 #define SZINFO_SIZE 256
339 szInfo=ep_alloc(SZINFO_SIZE);
341 b0 = tvb_get_guint8 (tvb, offCur + 0);
342 /* Discover Concatenated PDUs */
344 guint c_fieldlen = 0; /* Length of length-field */
345 guint c_pdulen = 0; /* Length of conc. PDU */
348 ti = proto_tree_add_item(tree, proto_wtp,
349 tvb, offCur, 1, bo_little_endian);
350 wtp_tree = proto_item_add_subtree(ti, ett_wtp_sub_pdu_tree);
351 proto_item_append_text(ti, ", PDU concatenation");
355 while (offCur < (int) tvb_reported_length(tvb)) {
357 /* The length of an embedded WTP PDU is coded as either:
358 * - a 7-bit value contained in one octet with highest bit == 0.
359 * - a 15-bit value contained in two octets (little endian)
360 * if the 1st octet has its highest bit == 1.
361 * This means that this is NOT encoded as an uintvar-integer!!!
363 b0 = tvb_get_guint8(tvb, offCur + 0);
366 c_pdulen = ((b0 & 0x7f) << 8) | tvb_get_guint8(tvb, offCur + 1);
372 proto_tree_add_uint(wtp_tree, hf_wtp_header_sub_pdu_size,
373 tvb, offCur, c_fieldlen, c_pdulen);
375 if (i > 1 && check_col(pinfo->cinfo, COL_INFO)) {
376 col_append_str(pinfo->cinfo, COL_INFO, ", ");
378 /* Skip the length field for the WTP sub-tvb */
379 wtp_tvb = tvb_new_subset(tvb, offCur + c_fieldlen, c_pdulen, c_pdulen);
380 dissect_wtp_common(wtp_tvb, pinfo, wtp_tree);
381 offCur += c_fieldlen + c_pdulen;
385 proto_item_append_text(ti, ", PDU count: %u", i);
389 /* No concatenation */
391 fRID = retransmission_indicator(b0);
395 printf("WTP packet %u: tree = %p, pdu = %s (%u) length: %u\n",
396 pinfo->fd->num, tree,
397 val_to_str(pdut, vals_wtp_pdu_type, "Unknown PDU type 0x%x"),
398 pdut, tvb_length(tvb));
401 /* Develop the string to put in the Info column */
402 returned_length = g_snprintf(szInfo, SZINFO_SIZE, "WTP %s",
403 val_to_str(pdut, vals_wtp_pdu_type, "Unknown PDU type 0x%x"));
404 str_index += MIN(returned_length, SZINFO_SIZE-str_index);
408 fTTR = transmission_trailer(b0);
409 TID = tvb_get_ntohs(tvb, offCur + 1);
411 clsTransaction = transaction_class(tvb_get_guint8(tvb, offCur + 3));
412 returned_length = g_snprintf(&szInfo[str_index], SZINFO_SIZE-str_index,
413 " Class %d", clsTransaction);
414 str_index += MIN(returned_length, SZINFO_SIZE-str_index);
418 case SEGMENTED_INVOKE:
419 case SEGMENTED_RESULT:
420 fTTR = transmission_trailer(b0);
421 TID = tvb_get_ntohs(tvb, offCur + 1);
422 psn = tvb_get_guint8(tvb, offCur + 3);
424 returned_length = g_snprintf(&szInfo[str_index], SZINFO_SIZE-str_index,
426 str_index += MIN(returned_length, SZINFO_SIZE-str_index);
436 fTTR = transmission_trailer(b0);
437 TID = tvb_get_ntohs(tvb, offCur + 1);
447 /* Variable number of missing packets */
448 numMissing = tvb_get_guint8(tvb, offCur + 3);
449 cbHeader = numMissing + 4;
456 returned_length = g_snprintf(&szInfo[str_index], SZINFO_SIZE-str_index, " R" );
457 str_index += MIN(returned_length, SZINFO_SIZE-str_index);
459 /* In the interest of speed, if "tree" is NULL, don't do any work not
460 necessary to generate protocol tree items. */
463 fprintf(stderr, "dissect_wtp: cbHeader = %d\n", cbHeader);
465 /* NOTE - Length will be set when we process the TPI */
466 ti = proto_tree_add_item(tree, proto_wtp, tvb, offCur, 0, bo_little_endian);
468 fprintf(stderr, "dissect_wtp: (7) Returned from proto_tree_add_item\n");
470 wtp_tree = proto_item_add_subtree(ti, ett_wtp);
472 /* Code to process the packet goes here */
474 fprintf(stderr, "dissect_wtp: cbHeader = %d\n", cbHeader);
475 fprintf(stderr, "dissect_wtp: offCur = %d\n", offCur);
477 /* Add common items: only CON and PDU Type */
480 hf_wtp_header_flag_continue, /* id */
482 offCur, /* start of highlight */
483 1, /* length of highlight*/
486 proto_tree_add_item(wtp_tree, hf_wtp_header_pdu_type, tvb, offCur, 1, bo_little_endian);
490 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, bo_little_endian);
491 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, bo_little_endian);
492 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
493 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
495 proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_version , tvb, offCur + 3, 1, bo_little_endian);
496 proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_flag_TIDNew, tvb, offCur + 3, 1, bo_little_endian);
497 proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_flag_UP, tvb, offCur + 3, 1, bo_little_endian);
498 proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_Reserved, tvb, offCur + 3, 1, bo_little_endian);
499 proto_tree_add_item(wtp_tree, hf_wtp_header_Inv_TransactionClass, tvb, offCur + 3, 1, bo_little_endian);
500 proto_item_append_text(ti,
502 ", Transaction Class: %s (%u)",
504 val_to_str(clsTransaction, vals_transaction_classes, "Undefined"),
509 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, bo_little_endian);
510 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, bo_little_endian);
511 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
512 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
513 proto_item_append_text(ti, ", PDU: Result (%u)", RESULT);
517 proto_tree_add_item(wtp_tree, hf_wtp_header_Ack_flag_TVETOK, tvb, offCur, 1, bo_big_endian);
519 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, bo_little_endian);
520 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
521 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
522 proto_item_append_text(ti, ", PDU: ACK (%u)", ACK);
526 abortType = tvb_get_guint8 (tvb, offCur) & 0x07;
527 proto_tree_add_item(wtp_tree, hf_wtp_header_Abort_type , tvb, offCur , 1, bo_little_endian);
528 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
529 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
531 if (abortType == PROVIDER)
533 guint8 reason = tvb_get_guint8(tvb, offCur + 3);
534 proto_tree_add_item( wtp_tree, hf_wtp_header_Abort_reason_provider , tvb, offCur + 3 , 1, bo_little_endian);
535 proto_item_append_text(ti,
537 ", Type: Provider (%u)"
541 val_to_str(reason, vals_abort_reason_provider, "Undefined"),
544 else if (abortType == USER)
546 guint8 reason = tvb_get_guint8(tvb, offCur + 3);
547 proto_tree_add_item(wtp_tree, hf_wtp_header_Abort_reason_user , tvb, offCur + 3 , 1, bo_little_endian);
548 proto_item_append_text(ti,
554 val_to_str(reason, vals_wsp_reason_codes, "Undefined"),
559 case SEGMENTED_INVOKE:
560 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, bo_little_endian);
561 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, bo_little_endian);
562 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
563 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
565 proto_tree_add_item(wtp_tree, hf_wtp_header_sequence_number , tvb, offCur + 3, 1, bo_little_endian);
566 proto_item_append_text(ti,
567 ", PDU: Segmented Invoke (%u)"
568 ", Packet Sequence Number: %u",
569 SEGMENTED_INVOKE, psn);
572 case SEGMENTED_RESULT:
573 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_Trailer, tvb, offCur, 1, bo_little_endian);
574 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, bo_little_endian);
575 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
576 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
578 proto_tree_add_item(wtp_tree, hf_wtp_header_sequence_number , tvb, offCur + 3, 1, bo_little_endian);
579 proto_item_append_text(ti,
580 ", PDU: Segmented Result (%u)"
581 ", Packet Sequence Number: %u",
582 SEGMENTED_RESULT, psn);
586 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_RID, tvb, offCur, 1, bo_little_endian);
587 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID_response, tvb, offCur + 1, 2, bo_big_endian);
588 proto_tree_add_item(wtp_tree, hf_wtp_header_flag_TID, tvb, offCur + 1, 2, bo_big_endian);
590 proto_tree_add_item(wtp_tree, hf_wtp_header_missing_packets , tvb, offCur + 3, 1, bo_little_endian);
591 /* Iterate through missing packets */
592 for (i = 0; i < numMissing; i++)
594 proto_tree_add_item(wtp_tree, hf_wtp_header_sequence_number, tvb, offCur + 4 + i, 1, bo_little_endian);
596 proto_item_append_text(ti,
597 ", PDU: Negative Ack (%u)"
598 ", Missing Packets: %u",
599 NEGATIVE_ACK, numMissing);
606 proto_item_append_text(ti, ", Retransmission");
608 } else { /* tree is NULL */
610 fprintf(stderr, "dissect_wtp: (4) tree was %p\n", tree);
613 /* Process the variable part */
614 if (fCon) { /* Now, analyze variable part */
617 unsigned char tpiLen;
620 vHeader = 0; /* Start scan all over */
623 tByte = tvb_get_guint8(tvb, offCur + cbHeader + vHeader);
625 if (tByte & 0x04) /* Long TPI */
626 tpiLen = 2 + tvb_get_guint8(tvb,
627 offCur + cbHeader + vHeader + 1);
629 tpiLen = 1 + (tByte & 0x03);
632 tmp_tvb = tvb_new_subset(tvb, offCur + cbHeader + vHeader,
634 wtp_handle_tpi(wtp_tree, tmp_tvb);
639 /* There is no variable part */
640 } /* End of variable part of header */
642 /* Set the length of the WTP protocol part now we know the length of the
643 * fixed and variable WTP headers */
645 proto_item_set_len(ti, cbHeader + vHeader);
648 fprintf( stderr, "dissect_wtp: cbHeader = %d\n", cbHeader );
652 * Any remaining data ought to be WSP data (if not WTP ACK, NACK
653 * or ABORT pdu), so, if we have any remaining data, and it's
654 * not an ACK, NACK, or ABORT PDU, hand it off (defragmented) to the
656 * Note that the last packet of a fragmented WTP message needn't
657 * contain any data, so we allow payloadless packets to be
658 * reassembled. (XXX - does the reassembly code handle this
659 * for packets other than the last packet?)
661 * Try calling a subdissector only if:
662 * - The WTP payload is ressembled in this very packet,
663 * - The WTP payload is not fragmented across packets.
665 dataOffset = offCur + cbHeader + vHeader;
666 dataLen = tvb_reported_length_remaining(tvb, dataOffset);
667 if ((dataLen >= 0) &&
668 ! ((pdut==ACK) || (pdut==NEGATIVE_ACK) || (pdut==ABORT)))
670 /* Try to reassemble if needed, and hand over to WSP
671 * A fragmented WTP packet is either:
672 * - An INVOKE with fTTR (transmission trailer) not set,
673 * - a SEGMENTED_INVOKE,
674 * - A RESULT with fTTR (transmission trailer) not set,
675 * - a SEGMENTED_RESULT.
677 if ( ( (pdut == SEGMENTED_INVOKE) || (pdut == SEGMENTED_RESULT)
678 || ( ((pdut == INVOKE) || (pdut == RESULT)) && (!fTTR) )
679 ) && tvb_bytes_exist(tvb, dataOffset, dataLen) )
681 /* Try reassembling fragments */
682 fragment_data *fd_wtp = NULL;
683 guint32 reassembled_in = 0;
684 gboolean save_fragmented = pinfo->fragmented;
686 pinfo->fragmented = TRUE;
687 fd_wtp = fragment_add_seq(tvb, dataOffset, pinfo, TID,
688 wtp_fragment_table, psn, dataLen, !fTTR);
689 /* XXX - fragment_add_seq() yields NULL unless Wireshark knows
690 * that the packet is part of a reassembled whole. This means
691 * that fd_wtp will be NULL as long as Wireshark did not encounter
692 * (and process) the packet containing the last fragment.
693 * This implies that Wireshark needs two passes over the data for
694 * correct reassembly. At the first pass, a capture containing
695 * three fragments plus a retransmssion of the last fragment
696 * will progressively show:
698 * Packet 1: (Unreassembled fragment 1)
699 * Packet 2: (Unreassembled fragment 2)
700 * Packet 3: (Reassembled WTP)
701 * Packet 4: (WTP payload reassembled in packet 3)
703 * However at subsequent evaluation (e.g., by applying a display
704 * filter) the packet summary will show:
706 * Packet 1: (WTP payload reassembled in packet 3)
707 * Packet 2: (WTP payload reassembled in packet 3)
708 * Packet 3: (Reassembled WTP)
709 * Packet 4: (WTP payload reassembled in packet 3)
711 * This is important to know, and also affects read filters!
713 wsp_tvb = process_reassembled_data(tvb, dataOffset, pinfo,
714 "Reassembled WTP", fd_wtp, &wtp_frag_items,
717 printf("WTP: Packet %u %s -> %d: wsp_tvb = %p, fd_wtp = %p, frame = %u\n",
719 fd_wtp ? "Reassembled" : "Not reassembled",
720 fd_wtp ? fd_wtp->reassembled_in : -1,
727 reassembled_in = fd_wtp->reassembled_in;
728 if (pinfo->fd->num == reassembled_in) {
729 /* Reassembled in this very packet:
730 * We can safely hand the tvb to the WSP dissector */
731 call_dissector(wsp_handle, wsp_tvb, pinfo, tree);
733 /* Not reassembled in this packet */
734 if (check_col(pinfo->cinfo, COL_INFO)) {
735 col_append_fstr(pinfo->cinfo, COL_INFO,
736 "%s (WTP payload reassembled in packet %u)",
737 szInfo, fd_wtp->reassembled_in);
740 proto_tree_add_text(wtp_tree, tvb, dataOffset, -1,
745 /* Not reassembled yet, or not reassembled at all */
746 if (check_col(pinfo->cinfo, COL_INFO)) {
747 col_append_fstr(pinfo->cinfo, COL_INFO,
748 "%s (Unreassembled fragment %u)",
752 proto_tree_add_text(wtp_tree, tvb, dataOffset, -1,
756 /* Now reset fragmentation information in pinfo */
757 pinfo->fragmented = save_fragmented;
759 else if ( ((pdut == INVOKE) || (pdut == RESULT)) && (fTTR) )
761 /* Non-fragmented payload */
762 wsp_tvb = tvb_new_subset(tvb, dataOffset, -1, -1);
763 /* We can safely hand the tvb to the WSP dissector */
764 call_dissector(wsp_handle, wsp_tvb, pinfo, tree);
768 /* Nothing to hand to subdissector */
769 if (check_col(pinfo->cinfo, COL_INFO))
770 col_append_str(pinfo->cinfo, COL_INFO, szInfo);
775 /* Nothing to hand to subdissector */
776 if (check_col(pinfo->cinfo, COL_INFO))
777 col_append_str(pinfo->cinfo, COL_INFO, szInfo);
782 * Called directly from UDP.
783 * Put "WTP+WSP" into the "Protocol" column.
786 dissect_wtp_fromudp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
788 if (check_col(pinfo->cinfo, COL_PROTOCOL))
789 col_set_str(pinfo->cinfo, COL_PROTOCOL, "WTP+WSP" );
790 if (check_col(pinfo->cinfo, COL_INFO))
791 col_clear(pinfo->cinfo, COL_INFO);
793 dissect_wtp_common(tvb, pinfo, tree);
797 * Called from a higher-level WAP dissector, presumably WTLS.
798 * Put "WTLS+WSP+WTP" to the "Protocol" column.
800 * XXX - is this supposed to be called from WTLS? If so, we're not
803 * XXX - can this be called from any other dissector?
806 dissect_wtp_fromwtls(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
808 if (check_col(pinfo->cinfo, COL_PROTOCOL))
809 col_set_str(pinfo->cinfo, COL_PROTOCOL, "WTLS+WTP+WSP" );
810 if (check_col(pinfo->cinfo, COL_INFO))
811 col_clear(pinfo->cinfo, COL_INFO);
813 dissect_wtp_common(tvb, pinfo, tree);
816 /* Register the protocol with Wireshark */
818 proto_register_wtp(void)
821 /* Setup list of header fields */
822 static hf_register_info hf[] = {
823 { &hf_wtp_header_sub_pdu_size,
826 FT_UINT16, BASE_DEC, NULL, 0x0,
827 "Size of Sub-PDU (bytes)", HFILL
830 { &hf_wtp_header_flag_continue,
833 FT_BOOLEAN, 8, TFS( &continue_truth ), 0x80,
834 "Continue Flag", HFILL
837 { &hf_wtp_header_pdu_type,
840 FT_UINT8, BASE_HEX, VALS( vals_wtp_pdu_type ), 0x78,
844 { &hf_wtp_header_flag_Trailer,
847 FT_UINT8, BASE_HEX, VALS( vals_transaction_trailer ), 0x06,
848 "Trailer Flags", HFILL
851 { &hf_wtp_header_flag_RID,
852 { "Re-transmission Indicator",
854 FT_BOOLEAN, 8, TFS( &RID_truth ), 0x01,
855 "Re-transmission Indicator", HFILL
858 { &hf_wtp_header_flag_TID_response,
861 FT_BOOLEAN, 16, TFS( &tid_response_truth ), 0x8000,
862 "TID Response", HFILL
865 { &hf_wtp_header_flag_TID,
868 FT_UINT16, BASE_HEX, NULL, 0x7FFF,
869 "Transaction ID", HFILL
872 { &hf_wtp_header_Inv_version,
874 "wtp.header.version",
875 FT_UINT8, BASE_HEX, VALS( vals_version ), 0xC0,
879 { &hf_wtp_header_Inv_flag_TIDNew,
882 FT_BOOLEAN, 8, TFS( &TIDNew_truth ), 0x20,
886 { &hf_wtp_header_Inv_flag_UP,
889 FT_BOOLEAN, 8, TFS( &UP_truth ), 0x10,
893 { &hf_wtp_header_Inv_Reserved,
896 FT_UINT8, BASE_HEX, NULL, 0x0C,
900 { &hf_wtp_header_Inv_TransactionClass,
901 { "Transaction Class",
902 "wtp.inv.transaction_class",
903 FT_UINT8, BASE_HEX, VALS( vals_transaction_classes ), 0x03,
904 "Transaction Class", HFILL
907 { &hf_wtp_header_Ack_flag_TVETOK,
910 FT_BOOLEAN, 8, TFS( &TVETOK_truth ), 0x04,
911 "Tve/Tok flag", HFILL
914 { &hf_wtp_header_Abort_type,
917 FT_UINT8, BASE_HEX, VALS ( vals_abort_type ), 0x07,
921 { &hf_wtp_header_Abort_reason_provider,
923 "wtp.abort.reason.provider",
924 FT_UINT8, BASE_HEX, VALS ( vals_abort_reason_provider ), 0x00,
925 "Abort Reason", HFILL
928 /* Assume WSP is the user and use its reason codes */
929 { &hf_wtp_header_Abort_reason_user,
931 "wtp.abort.reason.user",
932 FT_UINT8, BASE_HEX, VALS ( vals_wsp_reason_codes ), 0x00,
933 "Abort Reason", HFILL
936 { &hf_wtp_header_sequence_number,
937 { "Packet Sequence Number",
938 "wtp.header.sequence",
939 FT_UINT8, BASE_DEC, NULL, 0x00,
940 "Packet Sequence Number", HFILL
943 { &hf_wtp_header_missing_packets,
945 "wtp.header.missing_packets",
946 FT_UINT8, BASE_DEC, NULL, 0x00,
947 "Missing Packets", HFILL
950 { &hf_wtp_header_variable_part,
951 { "Header: Variable part",
952 "wtp.header_variable_part",
953 FT_BYTES, BASE_HEX, NULL, 0x0,
954 "Variable part of the header", HFILL
960 FT_BYTES, BASE_HEX, NULL, 0x0,
967 FT_UINT8, BASE_HEX, VALS(vals_tpi_type), 0x00,
968 "Identification of the Transport Information Item", HFILL
972 { "Packet sequence number",
974 FT_UINT8, BASE_DEC, NULL, 0x00,
975 "Sequence number of this packet", HFILL
981 FT_UINT8, BASE_HEX, VALS(vals_tpi_opt), 0x00,
982 "The given option for this TPI", HFILL
985 { &hf_wtp_tpi_optval,
988 FT_NONE, BASE_NONE, NULL, 0x00,
989 "The value that is supplied with this option", HFILL
995 FT_NONE, BASE_NONE, NULL, 0x00,
996 "The information being send by this TPI", HFILL
1000 /* Fragment fields */
1001 { &hf_wtp_fragment_overlap,
1002 { "Fragment overlap",
1003 "wtp.fragment.overlap",
1004 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
1005 "Fragment overlaps with other fragments", HFILL
1008 { &hf_wtp_fragment_overlap_conflict,
1009 { "Conflicting data in fragment overlap",
1010 "wtp.fragment.overlap.conflict",
1011 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
1012 "Overlapping fragments contained conflicting data", HFILL
1015 { &hf_wtp_fragment_multiple_tails,
1016 { "Multiple tail fragments found",
1017 "wtp.fragment.multipletails",
1018 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
1019 "Several tails were found when defragmenting the packet", HFILL
1022 { &hf_wtp_fragment_too_long_fragment,
1023 { "Fragment too long",
1024 "wtp.fragment.toolongfragment",
1025 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
1026 "Fragment contained data past end of packet", HFILL
1029 { &hf_wtp_fragment_error,
1030 { "Defragmentation error",
1031 "wtp.fragment.error",
1032 FT_FRAMENUM, BASE_NONE, NULL, 0x0,
1033 "Defragmentation error due to illegal fragments", HFILL
1036 { &hf_wtp_reassembled_in,
1038 "wtp.reassembled.in",
1039 FT_FRAMENUM, BASE_NONE, NULL, 0x0,
1040 "WTP fragments are reassembled in the given packet", HFILL
1046 FT_FRAMENUM, BASE_NONE, NULL, 0x0,
1047 "WTP Fragment", HFILL
1050 { &hf_wtp_fragments,
1053 FT_NONE, BASE_NONE, NULL, 0x0,
1054 "WTP Fragments", HFILL
1059 /* Setup protocol subtree array */
1060 static gint *ett[] = {
1062 &ett_wtp_sub_pdu_tree,
1069 /* Register the protocol name and description */
1070 proto_wtp = proto_register_protocol(
1071 "Wireless Transaction Protocol", /* protocol name for use by wireshark */
1072 "WTP", /* short version of name */
1073 "wtp" /* Abbreviated protocol name, should Match IANA
1074 < URL:http://www.iana.org/assignments/port-numbers/ >
1078 /* Required calls to register the header fields and subtrees used */
1079 proto_register_field_array(proto_wtp, hf, array_length(hf));
1080 proto_register_subtree_array(ett, array_length(ett));
1082 register_dissector("wtp-wtls", dissect_wtp_fromwtls, proto_wtp);
1083 register_dissector("wtp-udp", dissect_wtp_fromudp, proto_wtp);
1084 register_init_routine(wtp_defragment_init);
1088 proto_reg_handoff_wtp(void)
1090 dissector_handle_t wtp_fromudp_handle;
1093 * Get a handle for the connection-oriented WSP dissector - if WTP
1094 * PDUs have data, it is WSP.
1096 wsp_handle = find_dissector("wsp-co");
1098 wtp_fromudp_handle = find_dissector("wtp-udp");
1099 dissector_add("udp.port", UDP_PORT_WTP_WSP, wtp_fromudp_handle);
1100 dissector_add("gsm-sms-ud.udh.port", UDP_PORT_WTP_WSP, wtp_fromudp_handle);
git.samba.org / obnox / wireshark / wip.git / blob