2 * Routines for ldap packet dissection
4 * $Id: packet-ldap.c,v 1.18 2000/12/24 09:10:12 guy Exp $
6 * Ethereal - Network traffic analyzer
7 * By Gerald Combs <gerald@zing.org>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 * This is not a complete implementation. It doesn't handle the full version 3, more specifically,
27 * it handles only the commands of version 2, but any additional characteristics of the ver3 command are supported.
28 * It's also missing extensible search filters.
30 * There should probably be alot more error checking, I simply assume that if we have a full packet, it will be a complete
33 * AFAIK, it will handle all messages used by the OpenLDAP 1.2.9 server and libraries which was my goal. I do plan to add
34 * the remaining commands as time permits but this is not a priority to me. Send me an email if you need it and I'll see what
38 * nazard@dragoninc.on.ca
47 #ifdef HAVE_SYS_TYPES_H
48 # include <sys/types.h>
51 #ifdef HAVE_NETINET_IN_H
52 # include <netinet/in.h>
58 #ifdef NEED_SNPRINTF_H
59 # include "snprintf.h"
64 #include "packet-ldap.h"
67 static int proto_ldap = -1;
68 static int hf_ldap_length = -1;
69 static int hf_ldap_message_id = -1;
70 static int hf_ldap_message_type = -1;
71 static int hf_ldap_message_length = -1;
73 static int hf_ldap_message_result = -1;
74 static int hf_ldap_message_result_matcheddn = -1;
75 static int hf_ldap_message_result_errormsg = -1;
76 static int hf_ldap_message_result_referral = -1;
78 static int hf_ldap_message_bind_version = -1;
79 static int hf_ldap_message_bind_dn = -1;
80 static int hf_ldap_message_bind_auth = -1;
81 static int hf_ldap_message_bind_auth_password = -1;
83 static int hf_ldap_message_search_base = -1;
84 static int hf_ldap_message_search_scope = -1;
85 static int hf_ldap_message_search_deref = -1;
86 static int hf_ldap_message_search_sizeLimit = -1;
87 static int hf_ldap_message_search_timeLimit = -1;
88 static int hf_ldap_message_search_typesOnly = -1;
89 static int hf_ldap_message_search_filter = -1;
91 static int hf_ldap_message_dn = -1;
92 static int hf_ldap_message_attribute = -1;
93 static int hf_ldap_message_value = -1;
95 static int hf_ldap_message_modrdn_name = -1;
96 static int hf_ldap_message_modrdn_delete = -1;
97 static int hf_ldap_message_modrdn_superior = -1;
99 static int hf_ldap_message_compare = -1;
101 static int hf_ldap_message_modify_add = -1;
102 static int hf_ldap_message_modify_replace = -1;
103 static int hf_ldap_message_modify_delete = -1;
105 static int hf_ldap_message_abandon_msgid = -1;
107 static gint ett_ldap = -1;
108 static gint ett_ldap_message = -1;
109 static gint ett_ldap_referrals = -1;
110 static gint ett_ldap_attribute = -1;
112 #define TCP_PORT_LDAP 389
114 static value_string msgTypes [] = {
115 {LDAP_REQ_BIND, "Bind Request"},
116 {LDAP_REQ_UNBIND, "Unbind Request"},
117 {LDAP_REQ_SEARCH, "Search Request"},
118 {LDAP_REQ_MODIFY, "Modify Request"},
119 {LDAP_REQ_ADD, "Add Request"},
120 {LDAP_REQ_DELETE, "Delete Request"},
121 {LDAP_REQ_MODRDN, "Modify RDN Request"},
122 {LDAP_REQ_COMPARE, "Compare Request"},
123 {LDAP_REQ_ABANDON, "Abandon Request"},
124 {LDAP_REQ_EXTENDED, "Extended Request"},
126 {LDAP_RES_BIND, "Bind Result"},
127 {LDAP_RES_SEARCH_ENTRY, "Search Entry"},
128 {LDAP_RES_SEARCH_RESULT, "Search Result"},
129 {LDAP_RES_SEARCH_REF, "Search Result Reference"},
130 {LDAP_RES_MODIFY, "Modify Result"},
131 {LDAP_RES_ADD, "Add Result"},
132 {LDAP_RES_DELETE, "Delete Result"},
133 {LDAP_RES_MODRDN, "Modify RDN Result"},
134 {LDAP_RES_COMPARE, "Compare Result"},
135 {LDAP_REQ_EXTENDED, "Extended Response"},
138 static int read_length(ASN1_SCK *a, proto_tree *tree, int hf_id, guint *len)
141 gboolean def = FALSE;
142 const guchar *start = a->pointer;
144 asn1_length_decode(a, &def, &length);
150 proto_tree_add_uint(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, length);
155 static int read_sequence(ASN1_SCK *a, guint *len)
161 if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
163 if (cls != ASN1_UNI || con != ASN1_CON || tag != ASN1_SEQ)
172 static int read_set(ASN1_SCK *a, guint *len)
178 if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
180 if (cls != ASN1_UNI || con != ASN1_CON || tag != ASN1_SET)
189 static int read_integer_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
190 proto_tree **new_tree, guint *i, const guchar *start, guint length)
194 asn1_uint32_value_decode(a, length, &integer);
201 proto_tree *temp_tree = 0;
202 temp_tree = proto_tree_add_uint(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, integer);
204 *new_tree = temp_tree;
210 static int read_integer(ASN1_SCK *a, proto_tree *tree, int hf_id,
211 proto_tree **new_tree, guint *i, guint expected_tag)
216 const guchar *start = a->pointer;
218 if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
220 if (cls != ASN1_UNI || con != ASN1_PRI || tag != expected_tag)
223 return read_integer_value(a, tree, hf_id, new_tree, i, start, length);
226 static int read_boolean_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
227 proto_tree **new_tree, guint *i, const guchar *start, guint length)
231 asn1_uint32_value_decode(a, length, &integer);
238 proto_tree *temp_tree = 0;
239 temp_tree = proto_tree_add_boolean(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, integer);
241 *new_tree = temp_tree;
247 static int read_boolean(ASN1_SCK *a, proto_tree *tree, int hf_id,
248 proto_tree **new_tree, guint *i)
253 const guchar *start = a->pointer;
255 if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
257 if (cls != ASN1_UNI || con != ASN1_PRI || tag != ASN1_BOL)
260 return read_boolean_value(a, tree, hf_id, new_tree, i, start, length);
263 static void read_string_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
264 proto_tree **new_tree, char **s, const guchar *start, guint length)
270 asn1_string_value_decode(a, length, &string);
271 string = g_realloc(string, length + 1);
272 string[length] = '\0';
279 proto_tree *temp_tree;
280 temp_tree = proto_tree_add_string(tree, hf_id, NullTVB, start - a->begin, a->pointer - start, string);
282 *new_tree = temp_tree;
291 static int read_string(ASN1_SCK *a, proto_tree *tree, int hf_id,
292 proto_tree **new_tree, char **s, guint expected_cls, guint expected_tag)
297 const guchar *start = a->pointer;
300 ret = asn1_header_decode(a, &cls, &con, &tag, &def, &length);
301 if (ret != ASN1_ERR_NOERROR)
303 if (cls != expected_cls || con != ASN1_PRI || tag != expected_tag)
304 return ASN1_ERR_WRONG_TYPE;
306 read_string_value(a, tree, hf_id, new_tree, s, start, length);
307 return ASN1_ERR_NOERROR;
310 static int parse_filter_strings(ASN1_SCK *a, char **filter, guint *filter_length, const guchar *operation)
315 guint string2_length;
320 ret = asn1_octet_string_decode(a, &string, &string_length, &string_bytes);
321 if (ret != ASN1_ERR_NOERROR)
323 ret = asn1_octet_string_decode(a, &string2, &string2_length, &string_bytes);
324 if (ret != ASN1_ERR_NOERROR)
326 *filter_length += 2 + strlen(operation) + string_length + string2_length;
327 *filter = g_realloc(*filter, *filter_length);
328 filterp = *filter + strlen(*filter);
330 if (string_length != 0) {
331 memcpy(filterp, string, string_length);
332 filterp += string_length;
334 strcpy(filterp, operation);
335 filterp += strlen(operation);
336 if (string2_length != 0) {
337 memcpy(filterp, string2, string2_length);
338 filterp += string2_length;
344 return ASN1_ERR_NOERROR;
347 /* Richard Dawe: To parse substring filters, I added this function. */
348 static int parse_filter_substrings(ASN1_SCK *a, char **filter, guint *filter_length)
359 /* For ASN.1 parsing of octet strings */
365 ret = asn1_octet_string_decode(a, &string, &string_length, &string_bytes);
366 if (ret != ASN1_ERR_NOERROR)
369 ret = asn1_sequence_decode(a, &seq_len, &header_bytes);
370 if (ret != ASN1_ERR_NOERROR)
373 *filter_length += 2 + 1 + string_length;
374 *filter = g_realloc(*filter, *filter_length);
376 filterp = *filter + strlen(*filter);
378 if (string_length != 0) {
379 memcpy(filterp, string, string_length);
380 filterp += string_length;
386 /* Now decode seq_len's worth of octet strings. */
388 end = (guchar *) (a->pointer + seq_len);
390 while (a->pointer < end) {
391 /* Octet strings here are context-specific, which
392 * asn1_octet_string_decode() barfs on. Emulate it, but don't barf. */
393 ret = asn1_header_decode (a, &cls, &con, &tag, &def, &string_length);
394 if (ret != ASN1_ERR_NOERROR)
397 /* XXX - check the tag? */
398 if (cls != ASN1_CTX || con != ASN1_PRI) {
399 /* XXX - handle the constructed encoding? */
400 return ASN1_ERR_WRONG_TYPE;
403 return ASN1_ERR_LENGTH_NOT_DEFINITE;
405 ret = asn1_string_value_decode(a, (int) string_length, &string);
406 if (ret != ASN1_ERR_NOERROR)
409 /* If we have an 'any' component with a string value, we need to append
410 * an extra asterisk before final component. */
411 if ((tag == 1) && (string_length != 0))
414 if ( (tag == 1) || ((tag == 2) && any_valued) )
416 *filter_length += string_length;
417 *filter = g_realloc(*filter, *filter_length);
419 filterp = *filter + strlen(*filter);
420 if ( (tag == 1) || ((tag == 2) && any_valued) )
424 if (string_length != 0) {
425 memcpy(filterp, string, string_length);
426 filterp += string_length;
435 *filter = g_realloc(*filter, *filter_length);
436 filterp = *filter + strlen(*filter);
440 /* NB: Allocated byte for this earlier */
444 return ASN1_ERR_NOERROR;
447 /* Returns -1 if we're at the end, returns an ASN1_ERR value otherwise. */
448 static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const guchar **end)
455 ret = asn1_header_decode(a, &cls, &con, &tag, &def, &length);
456 if (ret != ASN1_ERR_NOERROR)
461 *end = a->pointer + length;
463 *filter = g_malloc0(*filter_length);
466 if (cls == ASN1_CTX) /* XXX - handle other types as errors? */
470 case LDAP_FILTER_AND:
472 const guchar *add_end;
475 return ASN1_ERR_WRONG_TYPE;
476 add_end = a->pointer + length;
478 *filter = g_realloc(*filter, *filter_length);
479 strcat(*filter, "(&");
480 while ((ret = parse_filter(a, filter, filter_length, &add_end))
485 strcat(*filter, ")");
490 const guchar *or_end;
493 return ASN1_ERR_WRONG_TYPE;
494 or_end = a->pointer + length;
496 *filter = g_realloc(*filter, *filter_length);
497 strcat(*filter, "(|");
498 while ((ret = parse_filter(a, filter, filter_length, &or_end))
503 strcat(*filter, ")");
506 case LDAP_FILTER_NOT:
508 const guchar *not_end;
511 return ASN1_ERR_WRONG_TYPE;
512 not_end = a->pointer + length;
514 *filter = g_realloc(*filter, *filter_length);
515 strcat(*filter, "(!");
516 ret = parse_filter(a, filter, filter_length, ¬_end);
517 if (ret != -1 && ret != ASN1_ERR_NOERROR)
519 strcat(*filter, ")");
522 case LDAP_FILTER_EQUALITY:
524 return ASN1_ERR_WRONG_TYPE;
525 ret = parse_filter_strings(a, filter, filter_length, "=");
526 if (ret != -1 && ret != ASN1_ERR_NOERROR)
531 return ASN1_ERR_WRONG_TYPE;
532 ret = parse_filter_strings(a, filter, filter_length, ">=");
533 if (ret != -1 && ret != ASN1_ERR_NOERROR)
538 return ASN1_ERR_WRONG_TYPE;
539 ret = parse_filter_strings(a, filter, filter_length, "<=");
540 if (ret != -1 && ret != ASN1_ERR_NOERROR)
543 case LDAP_FILTER_APPROX:
545 return ASN1_ERR_WRONG_TYPE;
546 ret = parse_filter_strings(a, filter, filter_length, "~=");
547 if (ret != -1 && ret != ASN1_ERR_NOERROR)
550 case LDAP_FILTER_PRESENT:
556 return ASN1_ERR_WRONG_TYPE;
557 ret = asn1_string_value_decode(a, length, &string);
558 if (ret != ASN1_ERR_NOERROR)
560 *filter_length += 4 + length;
561 *filter = g_realloc(*filter, *filter_length);
562 filterp = *filter + strlen(*filter);
565 memcpy(filterp, string, length);
575 case LDAP_FILTER_SUBSTRINGS:
577 return ASN1_ERR_WRONG_TYPE;
578 /* Richard Dawe: Handle substrings */
579 ret = parse_filter_substrings(a, filter, filter_length);
580 if (ret != -1 && ret != ASN1_ERR_NOERROR)
584 return ASN1_ERR_WRONG_TYPE;
588 if (a->pointer == *end)
594 static int read_filter(ASN1_SCK *a, proto_tree *tree, int hf_id)
596 const guchar *start = a->pointer;
598 guint filter_length = 0;
599 const guchar *end = 0;
602 while ((ret = parse_filter(a, &filter, &filter_length, &end))
608 proto_tree_add_text(tree, NullTVB, start-a->begin, 0,
609 "Error parsing filter (%d)", ret);
611 proto_tree_add_string(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, filter);
619 /********************************************************************************************/
621 static int dissect_ldap_result(ASN1_SCK *a, proto_tree *tree)
623 guint resultCode = 0;
625 read_integer(a, tree, hf_ldap_message_result, 0, &resultCode, ASN1_ENUM);
626 read_string(a, tree, hf_ldap_message_result_matcheddn, 0, 0, ASN1_UNI, ASN1_OTS);
627 read_string(a, tree, hf_ldap_message_result_errormsg, 0, 0, ASN1_UNI, ASN1_OTS);
629 if (resultCode == 10) /* Referral */
631 const guchar *start = a->pointer;
634 proto_tree *t, *referralTree;
636 read_sequence(a, &length);
637 t = proto_tree_add_text(tree, NullTVB, start-a->begin, length, "Referral URLs");
638 referralTree = proto_item_add_subtree(t, ett_ldap_referrals);
640 end = a->pointer + length;;
641 while (a->pointer < end)
642 read_string(a, referralTree, hf_ldap_message_result_referral, 0, 0, ASN1_UNI, ASN1_OTS);
648 static int dissect_ldap_request_bind(ASN1_SCK *a, proto_tree *tree)
654 read_integer(a, tree, hf_ldap_message_bind_version, 0, 0, ASN1_INT);
655 read_string(a, tree, hf_ldap_message_bind_dn, 0, 0, ASN1_UNI, ASN1_OTS);
658 if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
659 return 1; /* XXX - right return value for an error? */
661 return 1; /* RFCs 1777 and 2251 say these are context-specific types */
662 proto_tree_add_uint(tree, hf_ldap_message_bind_auth, NullTVB, start - a->begin,
663 a->pointer - start, tag);
666 case LDAP_AUTH_SIMPLE:
667 read_string_value(a, tree, hf_ldap_message_bind_auth_password, NULL, NULL,
671 /* For Kerberos V4, dissect it as a ticket. */
672 /* For SASL, dissect it as SaslCredentials. */
678 static int dissect_ldap_response_bind(ASN1_SCK *a, proto_tree *tree)
680 dissect_ldap_result(a, tree);
681 /* FIXME: handle SASL data */
685 static int dissect_ldap_request_search(ASN1_SCK *a, proto_tree *tree)
691 read_string(a, tree, hf_ldap_message_search_base, 0, 0, ASN1_UNI, ASN1_OTS);
692 read_integer(a, tree, hf_ldap_message_search_scope, 0, 0, ASN1_ENUM);
693 read_integer(a, tree, hf_ldap_message_search_deref, 0, 0, ASN1_ENUM);
694 read_integer(a, tree, hf_ldap_message_search_sizeLimit, 0, 0, ASN1_INT);
695 read_integer(a, tree, hf_ldap_message_search_timeLimit, 0, 0, ASN1_INT);
696 read_boolean(a, tree, hf_ldap_message_search_typesOnly, 0, 0);
697 ret = read_filter(a, tree, hf_ldap_message_search_filter);
698 if (ret != ASN1_ERR_NOERROR)
700 read_sequence(a, &seq_length);
701 end = a->pointer + seq_length;
702 while (a->pointer < end) {
703 ret = read_string(a, tree, hf_ldap_message_attribute, 0, 0, ASN1_UNI, ASN1_OTS);
704 if (ret != ASN1_ERR_NOERROR)
707 return ASN1_ERR_NOERROR;
710 static int dissect_ldap_response_search_entry(ASN1_SCK *a, proto_tree *tree)
713 const guchar *end_of_sequence;
715 read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
716 read_sequence(a, &seq_length);
718 end_of_sequence = a->pointer + seq_length;
719 while (a->pointer < end_of_sequence)
721 proto_tree *t, *attr_tree;
723 const guchar *end_of_set;
726 read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS);
727 attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
729 read_set(a, &set_length);
730 end_of_set = a->pointer + set_length;
731 while (a->pointer < end_of_set)
732 read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
738 static int dissect_ldap_request_add(ASN1_SCK *a, proto_tree *tree)
741 const guchar *end_of_sequence;
743 read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
745 read_sequence(a, &seq_length);
746 end_of_sequence = a->pointer + seq_length;
747 while (a->pointer < end_of_sequence)
749 proto_tree *t, *attr_tree;
751 const guchar *end_of_set;
754 read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS);
755 attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
757 read_set(a, &set_length);
758 end_of_set = a->pointer + set_length;
759 while (a->pointer < end_of_set)
760 read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
766 static int dissect_ldap_request_delete(ASN1_SCK *a, proto_tree *tree,
767 const guchar *start, guint length)
769 read_string_value(a, tree, hf_ldap_message_dn, NULL, NULL, start, length);
773 static int dissect_ldap_request_modifyrdn(ASN1_SCK *a, proto_tree *tree,
776 const guchar *start = a->pointer;
778 read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
779 read_string(a, tree, hf_ldap_message_modrdn_name, 0, 0, ASN1_UNI, ASN1_OTS);
780 read_boolean(a, tree, hf_ldap_message_modrdn_delete, 0, 0);
782 if (a->pointer < (start + length)) {
783 /* LDAP V3 Modify DN operation, with newSuperior */
784 read_string(a, tree, hf_ldap_message_modrdn_superior, 0, 0, ASN1_UNI, ASN1_OTS);
790 static int dissect_ldap_request_compare(ASN1_SCK *a, proto_tree *tree)
798 read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
802 read_string(a, 0, -1, 0, &string1, ASN1_UNI, ASN1_OTS);
803 read_string(a, 0, -1, 0, &string2, ASN1_UNI, ASN1_OTS);
805 length = 2 + strlen(string1) + strlen(string2);
806 compare = g_malloc0(length);
807 snprintf(compare, length, "%s=%s", string1, string2);
808 proto_tree_add_string(tree, hf_ldap_message_compare, NullTVB, start-a->begin, a->pointer-start, compare);
817 static int dissect_ldap_request_modify(ASN1_SCK *a, proto_tree *tree)
820 const guchar *end_of_sequence;
822 read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
823 read_sequence(a, &seq_length);
824 end_of_sequence = a->pointer + seq_length;
825 while (a->pointer < end_of_sequence)
827 proto_tree *t = 0, *attr_tree;
829 const guchar *end_of_set;
833 read_integer(a, 0, -1, 0, &operation, ASN1_ENUM);
839 read_string(a, tree, hf_ldap_message_modify_add, &t, 0, ASN1_UNI, ASN1_OTS);
841 case LDAP_MOD_REPLACE:
842 read_string(a, tree, hf_ldap_message_modify_replace, &t, 0, ASN1_UNI, ASN1_OTS);
844 case LDAP_MOD_DELETE:
845 read_string(a, tree, hf_ldap_message_modify_delete, &t, 0, ASN1_UNI, ASN1_OTS);
848 attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
850 read_set(a, &set_length);
851 end_of_set = a->pointer + set_length;
852 while (a->pointer < end_of_set)
853 read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
859 static int dissect_ldap_request_abandon(ASN1_SCK *a, proto_tree *tree,
860 const guchar *start, guint length)
862 read_integer_value(a, tree, hf_ldap_message_abandon_msgid, NULL, NULL,
868 dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
870 proto_tree *ldap_tree = 0, *ti, *msg_tree;
873 guint protocolOpCls, protocolOpCon, protocolOpTag;
881 OLD_CHECK_DISPLAY_AS_DATA(proto_ldap, pd, offset, fd, tree);
885 ti = proto_tree_add_item(tree, proto_ldap, NullTVB, offset, END_OF_FRAME, FALSE);
886 ldap_tree = proto_item_add_subtree(ti, ett_ldap);
889 asn1_open(&a, pd, pi.captured_len);
892 while (a.pointer < a.end)
894 int message_id_start;
895 int message_id_length;
898 message_start = a.pointer - a.begin;
899 if (read_sequence(&a, &messageLength))
902 proto_tree_add_text(ldap_tree, NullTVB, offset, 1, "Invalid LDAP packet");
906 if (messageLength > (a.end - a.pointer))
909 proto_tree_add_text(ldap_tree, NullTVB, message_start, END_OF_FRAME, "Short message! (expected: %u, actual: %u)",
910 messageLength, a.end - a.pointer);
914 message_id_start = a.pointer - a.begin;
915 read_integer(&a, 0, -1, 0, &messageId, ASN1_INT);
916 message_id_length = (a.pointer - a.begin) - message_id_start;
919 asn1_id_decode(&a, &protocolOpCls, &protocolOpCon, &protocolOpTag);
920 if (protocolOpCls != ASN1_APL)
921 typestr = "Bad message type (not Application)";
923 typestr = val_to_str(protocolOpTag, msgTypes, "Bad message type (%u)");
927 if (check_col(fd, COL_PROTOCOL))
928 col_set_str(fd, COL_PROTOCOL, "LDAP");
930 if (check_col(fd, COL_INFO))
931 col_add_fstr(fd, COL_INFO, "MsgId=%u MsgType=%s",
940 proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_id, NullTVB, message_id_start, message_id_length, messageId);
941 proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_type, NullTVB,
942 start - a.begin, a.pointer - start, protocolOpTag);
943 ti = proto_tree_add_text(ldap_tree, NullTVB, message_id_start, messageLength, "Message: Id=%u %s", messageId, typestr);
944 msg_tree = proto_item_add_subtree(ti, ett_ldap_message);
946 read_length(&a, msg_tree, hf_ldap_message_length, &opLen);
948 switch (protocolOpTag)
951 dissect_ldap_request_bind(&a, msg_tree);
953 case LDAP_REQ_SEARCH:
954 ret = dissect_ldap_request_search(&a, msg_tree);
955 if (ret != ASN1_ERR_NOERROR)
959 dissect_ldap_request_add(&a, msg_tree);
961 case LDAP_REQ_DELETE:
962 dissect_ldap_request_delete(&a, msg_tree, start, opLen);
964 case LDAP_REQ_MODRDN:
965 dissect_ldap_request_modifyrdn(&a, msg_tree, opLen);
967 case LDAP_REQ_COMPARE:
968 dissect_ldap_request_compare(&a, msg_tree);
970 case LDAP_REQ_MODIFY:
971 dissect_ldap_request_modify(&a, msg_tree);
973 case LDAP_REQ_ABANDON:
974 dissect_ldap_request_abandon(&a, msg_tree, start, opLen);
977 dissect_ldap_response_bind(&a, msg_tree);
979 case LDAP_RES_SEARCH_ENTRY:
980 dissect_ldap_response_search_entry(&a, msg_tree);
982 case LDAP_RES_SEARCH_RESULT:
983 case LDAP_RES_MODIFY:
985 case LDAP_RES_DELETE:
986 case LDAP_RES_MODRDN:
987 case LDAP_RES_COMPARE:
988 dissect_ldap_result(&a, msg_tree);
996 proto_register_ldap(void)
998 static value_string result_codes[] = {
1000 {1, "Operations error"},
1001 {2, "Protocol error"},
1002 {3, "Time limit exceeded"},
1003 {4, "Size limit exceeded"},
1004 {5, "Compare false"},
1005 {6, "Compare true"},
1006 {7, "Authentication method not supported"},
1007 {8, "Strong authentication required"},
1009 {11, "Administrative limit exceeded"},
1010 {12, "Unavailable critical extension"},
1011 {13, "Confidentiality required"},
1012 {14, "SASL bind in progress"},
1013 {16, "No such attribute"},
1014 {17, "Undefined attribute type"},
1015 {18, "Inappropriate matching"},
1016 {19, "Constraint violation"},
1017 {20, "Attribute or value exists"},
1018 {21, "Invalid attribute syntax"},
1019 {32, "No such object"},
1020 {33, "Alias problem"},
1021 {34, "Invalid DN syntax"},
1022 {36, "Alias derefetencing problem"},
1023 {48, "Inappropriate authentication"},
1024 {49, "Invalid credentials"},
1025 {50, "Insufficient access rights"},
1027 {52, "Unavailable"},
1028 {53, "Unwilling to perform"},
1029 {54, "Loop detected"},
1030 {64, "Naming violation"},
1031 {65, "Objectclass violation"},
1032 {66, "Not allowed on non-leaf"},
1033 {67, "Not allowed on RDN"},
1034 {68, "Entry already exists"},
1035 {69, "Objectclass modification prohibited"},
1036 {71, "Affects multiple DSAs"},
1040 static value_string auth_types[] = {
1041 {LDAP_AUTH_SIMPLE, "Simple"},
1042 {LDAP_AUTH_KRBV4LDAP, "Kerberos V4 to the LDAP server"},
1043 {LDAP_AUTH_KRBV4DSA, "Kerberos V4 to the DSA"},
1044 {LDAP_AUTH_SASL, "SASL"},
1047 static value_string search_scope[] = {
1053 static value_string search_dereference[] = {
1055 {0x01, "Searching"},
1056 {0x02, "Base Object"},
1060 static hf_register_info hf[] = {
1062 { "Length", "ldap.length",
1063 FT_UINT32, BASE_DEC, NULL, 0x0,
1066 { &hf_ldap_message_id,
1067 { "Message Id", "ldap.message_id",
1068 FT_UINT32, BASE_DEC, NULL, 0x0,
1069 "LDAP Message Id" }},
1070 { &hf_ldap_message_type,
1071 { "Message Type", "ldap.message_type",
1072 FT_UINT8, BASE_HEX, &msgTypes, 0x0,
1073 "LDAP Message Type" }},
1074 { &hf_ldap_message_length,
1075 { "Message Length", "ldap.message_length",
1076 FT_UINT32, BASE_DEC, NULL, 0x0,
1077 "LDAP Message Length" }},
1079 { &hf_ldap_message_result,
1080 { "Result Code", "ldap.result.code",
1081 FT_UINT8, BASE_HEX, result_codes, 0x0,
1082 "LDAP Result Code" }},
1083 { &hf_ldap_message_result_matcheddn,
1084 { "Matched DN", "ldap.result.matcheddn",
1085 FT_STRING, BASE_NONE, NULL, 0x0,
1086 "LDAP Result Matched DN" }},
1087 { &hf_ldap_message_result_errormsg,
1088 { "Error Message", "ldap.result.errormsg",
1089 FT_STRING, BASE_NONE, NULL, 0x0,
1090 "LDAP Result Error Message" }},
1091 { &hf_ldap_message_result_referral,
1092 { "Referral", "ldap.result.referral",
1093 FT_STRING, BASE_NONE, NULL, 0x0,
1094 "LDAP Result Referral URL" }},
1096 { &hf_ldap_message_bind_version,
1097 { "Version", "ldap.bind.version",
1098 FT_UINT32, BASE_DEC, NULL, 0x0,
1099 "LDAP Bind Version" }},
1100 { &hf_ldap_message_bind_dn,
1101 { "DN", "ldap.bind.dn",
1102 FT_STRING, BASE_NONE, NULL, 0x0,
1103 "LDAP Bind Distinguished Name" }},
1104 { &hf_ldap_message_bind_auth,
1105 { "Auth Type", "ldap.bind.auth_type",
1106 FT_UINT8, BASE_HEX, auth_types, 0x0,
1107 "LDAP Bind Auth Type" }},
1108 { &hf_ldap_message_bind_auth_password,
1109 { "Password", "ldap.bind.password",
1110 FT_STRING, BASE_NONE, NULL, 0x0,
1111 "LDAP Bind Password" }},
1113 { &hf_ldap_message_search_base,
1114 { "Base DN", "ldap.search.basedn",
1115 FT_STRING, BASE_NONE, NULL, 0x0,
1116 "LDAP Search Base Distinguished Name" }},
1117 { &hf_ldap_message_search_scope,
1118 { "Scope", "ldap.search.scope",
1119 FT_UINT8, BASE_HEX, search_scope, 0x0,
1120 "LDAP Search Scope" }},
1121 { &hf_ldap_message_search_deref,
1122 { "Dereference", "ldap.search.dereference",
1123 FT_UINT8, BASE_HEX, search_dereference, 0x0,
1124 "LDAP Search Dereference" }},
1125 { &hf_ldap_message_search_sizeLimit,
1126 { "Size Limit", "ldap.search.sizelimit",
1127 FT_UINT32, BASE_DEC, NULL, 0x0,
1128 "LDAP Search Size Limit" }},
1129 { &hf_ldap_message_search_timeLimit,
1130 { "Time Limit", "ldap.search.timelimit",
1131 FT_UINT32, BASE_DEC, NULL, 0x0,
1132 "LDAP Search Time Limit" }},
1133 { &hf_ldap_message_search_typesOnly,
1134 { "Attributes Only", "ldap.search.typesonly",
1135 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
1136 "LDAP Search Attributes Only" }},
1137 { &hf_ldap_message_search_filter,
1138 { "Filter", "ldap.search.filter",
1139 FT_STRING, BASE_NONE, NULL, 0x0,
1140 "LDAP Search Filter" }},
1141 { &hf_ldap_message_dn,
1142 { "Distinguished Name", "ldap.dn",
1143 FT_STRING, BASE_NONE, NULL, 0x0,
1144 "LDAP Distinguished Name" }},
1145 { &hf_ldap_message_attribute,
1146 { "Attribute", "ldap.attribute",
1147 FT_STRING, BASE_NONE, NULL, 0x0,
1148 "LDAP Attribute" }},
1149 { &hf_ldap_message_value,
1150 { "Value", "ldap.value",
1151 FT_STRING, BASE_NONE, NULL, 0x0,
1154 { &hf_ldap_message_modrdn_name,
1155 { "New Name", "ldap.modrdn.name",
1156 FT_STRING, BASE_NONE, NULL, 0x0,
1158 { &hf_ldap_message_modrdn_delete,
1159 { "Delete Values", "ldap.modrdn.delete",
1160 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
1161 "LDAP Modify RDN - Delete original values" }},
1162 { &hf_ldap_message_modrdn_superior,
1163 { "New Location", "ldap.modrdn.superior",
1164 FT_STRING, BASE_NONE, NULL, 0x0,
1165 "LDAP Modify RDN - New Location" }},
1167 { &hf_ldap_message_compare,
1168 { "Test", "ldap.compare.test",
1169 FT_STRING, BASE_NONE, NULL, 0x0,
1170 "LDAP Compare Test" }},
1172 { &hf_ldap_message_modify_add,
1173 { "Add", "ldap.modify.add",
1174 FT_STRING, BASE_NONE, NULL, 0x0,
1176 { &hf_ldap_message_modify_replace,
1177 { "Replace", "ldap.modify.replace",
1178 FT_STRING, BASE_NONE, NULL, 0x0,
1180 { &hf_ldap_message_modify_delete,
1181 { "Delete", "ldap.modify.delete",
1182 FT_STRING, BASE_NONE, NULL, 0x0,
1185 { &hf_ldap_message_abandon_msgid,
1186 { "Abandon Msg Id", "ldap.abandon.msgid",
1187 FT_UINT32, BASE_DEC, NULL, 0x0,
1188 "LDAP Abandon Msg Id" }},
1191 static gint *ett[] = {
1194 &ett_ldap_referrals,
1198 proto_ldap = proto_register_protocol("Lightweight Directory Access Protocol", "ldap");
1199 proto_register_field_array(proto_ldap, hf, array_length(hf));
1200 proto_register_subtree_array(ett, array_length(ett));
1204 proto_reg_handoff_ldap(void)
1206 old_dissector_add("tcp.port", TCP_PORT_LDAP, dissect_ldap);
git.samba.org / obnox / wireshark / wip.git / blob