2 * Routines for RTSP packet disassembly (RFC 2326)
4 * Jason Lango <jal@netapp.com>
5 * Liberally copied from packet-http.c, by Guy Harris <guy@alum.mit.edu>
7 * $Id: packet-rtsp.c,v 1.63 2004/03/19 05:33:34 guy Exp $
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 * RTSP is defined in RFC 2326, http://www.ietf.org/rfc/rfc2326.txt?number=2326
29 * http://www.iana.org/assignments/rsvp-parameters
42 #include <epan/packet.h>
43 #include "req_resp_hdrs.h"
44 #include "packet-rtp.h"
45 #include "packet-rtcp.h"
46 #include <epan/conversation.h>
47 #include <epan/strutil.h>
48 #include "packet-e164.h"
50 static int proto_rtsp = -1;
52 static gint ett_rtsp = -1;
53 static gint ett_rtspframe = -1;
54 static gint ett_rtsp_method = -1;
56 static int hf_rtsp_method = -1;
57 static int hf_rtsp_url = -1;
58 static int hf_rtsp_status = -1;
59 static int hf_rtsp_session = -1;
60 static int hf_rtsp_X_Vig_Msisdn = -1;
62 static dissector_handle_t sdp_handle;
63 static dissector_handle_t rtp_handle;
64 static dissector_handle_t rtcp_handle;
66 void proto_reg_handoff_rtsp(void);
68 static GMemChunk *rtsp_vals = NULL;
69 #define rtsp_hash_init_count 20
72 * desegmentation of RTSP headers
73 * (when we are over TCP or another protocol providing the desegmentation API)
75 static gboolean rtsp_desegment_headers = FALSE;
78 * desegmentation of RTSP bodies
79 * (when we are over TCP or another protocol providing the desegmentation API)
80 * TODO let the user filter on content-type the bodies he wants desegmented
82 static gboolean rtsp_desegment_body = FALSE;
84 /* http://www.iana.org/assignments/port-numberslists two rtsp ports */
85 #define TCP_PORT_RTSP 554
86 #define TCP_ALTERNATE_PORT_RTSP 8554
87 static guint global_rtsp_tcp_port = TCP_PORT_RTSP;
88 static guint global_rtsp_tcp_alternate_port = TCP_ALTERNATE_PORT_RTSP;
90 * Variables to allow for proper deletion of dissector registration when
91 * the user changes port from the gui.
93 static guint tcp_port = 0;
94 static guint tcp_alternate_port = 0;
97 * Takes an array of bytes, assumed to contain a null-terminated
98 * string, as an argument, and returns the length of the string -
99 * i.e., the size of the array, minus 1 for the null terminator.
101 #define STRLEN_CONST(str) (sizeof (str) - 1)
103 #define RTSP_FRAMEHDR ('$')
106 dissector_handle_t dissector;
107 } rtsp_interleaved_t;
109 #define RTSP_MAX_INTERLEAVED (8)
112 * Careful about dynamically allocating memory in this structure (say
113 * for dynamically increasing the size of the 'interleaved' array) -
114 * the containing structure is garbage collected and contained
115 * pointers will not be freed.
118 rtsp_interleaved_t interleaved[RTSP_MAX_INTERLEAVED];
119 } rtsp_conversation_data_t;
122 dissect_rtspinterleaved(tvbuff_t *tvb, int offset, packet_info *pinfo,
125 guint length_remaining;
127 proto_tree *rtspframe_tree = NULL;
129 guint8 rf_start; /* always RTSP_FRAMEHDR */
130 guint8 rf_chan; /* interleaved channel id */
131 guint16 rf_len; /* packet length */
133 conversation_t *conv;
134 rtsp_conversation_data_t *data;
135 dissector_handle_t dissector;
138 * This will throw an exception if we don't have any data left.
139 * That's what we want. (See "tcp_dissect_pdus()", which is
142 length_remaining = tvb_ensure_length_remaining(tvb, offset);
145 * Can we do reassembly?
147 if (rtsp_desegment_headers && pinfo->can_desegment) {
149 * Yes - would an RTSP multiplexed header starting at
150 * this offset be split across segment boundaries?
152 if (length_remaining < 4) {
154 * Yes. Tell the TCP dissector where the data
155 * for this message starts in the data it handed
156 * us, and how many more bytes we need, and return.
158 pinfo->desegment_offset = offset;
159 pinfo->desegment_len = 4 - length_remaining;
165 * Get the "$", channel, and length from the header.
167 orig_offset = offset;
168 rf_start = tvb_get_guint8(tvb, offset);
169 rf_chan = tvb_get_guint8(tvb, offset+1);
170 rf_len = tvb_get_ntohs(tvb, offset+2);
173 * Can we do reassembly?
175 if (rtsp_desegment_body && pinfo->can_desegment) {
177 * Yes - is the header + encapsulated packet split
178 * across segment boundaries?
180 if (length_remaining < 4U + rf_len) {
182 * Yes. Tell the TCP dissector where the data
183 * for this message starts in the data it handed
184 * us, and how many more bytes we need, and return.
186 pinfo->desegment_offset = offset;
187 pinfo->desegment_len = 4U + rf_len - length_remaining;
192 if (check_col(pinfo->cinfo, COL_INFO))
193 col_add_fstr(pinfo->cinfo, COL_INFO,
194 "Interleaved channel 0x%02x, %u bytes",
198 ti = proto_tree_add_protocol_format(tree, proto_rtsp, tvb,
200 "RTSP Interleaved Frame, Channel: 0x%02x, %u bytes",
202 rtspframe_tree = proto_item_add_subtree(ti, ett_rtspframe);
204 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
211 proto_tree_add_text(rtspframe_tree, tvb, offset, 1,
218 proto_tree_add_text(rtspframe_tree, tvb, offset, 2,
225 * We set the actual length of the tvbuff for the interleaved
226 * stuff to the minimum of what's left in the tvbuff and the
227 * length in the header.
229 * XXX - what if there's nothing left in the tvbuff?
230 * We'd want a BoundsError exception to be thrown, so
231 * that a Short Frame would be reported.
233 if (length_remaining > rf_len)
234 length_remaining = rf_len;
235 next_tvb = tvb_new_subset(tvb, offset, length_remaining, rf_len);
237 conv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
238 pinfo->srcport, pinfo->destport, 0);
241 (data = conversation_get_proto_data(conv, proto_rtsp)) &&
242 rf_chan < RTSP_MAX_INTERLEAVED &&
243 (dissector = data->interleaved[rf_chan].dissector)) {
244 call_dissector(dissector, next_tvb, pinfo, tree);
246 proto_tree_add_text(rtspframe_tree, tvb, offset, rf_len,
247 "Data (%u bytes)", rf_len);
252 return offset - orig_offset;
255 static void process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
256 size_t linelen, proto_tree *tree);
258 static void process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
259 size_t linelen, proto_tree *tree);
267 static const char *rtsp_methods[] = {
281 #define RTSP_NMETHODS (sizeof rtsp_methods / sizeof rtsp_methods[0])
284 is_rtsp_request_or_reply(const guchar *line, size_t linelen, rtsp_type_t *type)
288 /* Is this an RTSP reply? */
289 if (linelen >= 5 && strncasecmp("RTSP/", line, 5) == 0) {
298 * Is this an RTSP request?
299 * Check whether the line begins with one of the RTSP request
302 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
303 size_t len = strlen(rtsp_methods[ii]);
304 if (linelen >= len &&
305 strncasecmp(rtsp_methods[ii], line, len) == 0) {
306 *type = RTSP_REQUEST;
314 static const char rtsp_content_type[] = "Content-Type:";
317 is_content_sdp(const guchar *line, size_t linelen)
319 static const char type[] = "application/sdp";
320 size_t typelen = STRLEN_CONST(type);
322 line += STRLEN_CONST(rtsp_content_type);
323 linelen -= STRLEN_CONST(rtsp_content_type);
324 while (linelen > 0 && (*line == ' ' || *line == '\t')) {
329 if (linelen < typelen || strncasecmp(type, line, typelen))
334 if (linelen > 0 && !isspace(*line))
340 static const char rtsp_transport[] = "Transport:";
341 static const char rtsp_sps[] = "server_port=";
342 static const char rtsp_cps[] = "client_port=";
343 static const char rtsp_rtp[] = "rtp/";
344 static const char rtsp_inter[] = "interleaved=";
347 rtsp_create_conversation(packet_info *pinfo, const guchar *line_begin,
350 conversation_t *conv;
353 guint c_data_port, c_mon_port;
354 guint s_data_port, s_mon_port;
357 if (line_len > sizeof(buf) - 1) {
359 * Don't overflow the buffer.
361 line_len = sizeof(buf) - 1;
363 memcpy(buf, line_begin, line_len);
364 buf[line_len] = '\0';
366 tmp = buf + STRLEN_CONST(rtsp_transport);
367 while (*tmp && isspace(*tmp))
369 if (strncasecmp(tmp, rtsp_rtp, strlen(rtsp_rtp)) != 0) {
370 g_warning("Frame %u: rtsp: unknown transport", pinfo->fd->num);
374 c_data_port = c_mon_port = 0;
375 s_data_port = s_mon_port = 0;
376 if ((tmp = strstr(buf, rtsp_sps))) {
377 tmp += strlen(rtsp_sps);
378 if (sscanf(tmp, "%u-%u", &s_data_port, &s_mon_port) < 1) {
379 g_warning("Frame %u: rtsp: bad server_port",
384 if ((tmp = strstr(buf, rtsp_cps))) {
385 tmp += strlen(rtsp_cps);
386 if (sscanf(tmp, "%u-%u", &c_data_port, &c_mon_port) < 1) {
387 g_warning("Frame %u: rtsp: bad client_port",
393 rtsp_conversation_data_t *data;
394 guint s_data_chan, s_mon_chan;
398 * Deal with RTSP TCP-interleaved conversations.
400 if ((tmp = strstr(buf, rtsp_inter)) == NULL) {
402 * No interleaved or server_port - probably a
403 * SETUP request, rather than reply.
407 tmp += strlen(rtsp_inter);
408 i = sscanf(tmp, "%u-%u", &s_data_chan, &s_mon_chan);
410 g_warning("Frame %u: rtsp: bad interleaved",
414 conv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
415 pinfo->srcport, pinfo->destport, 0);
417 conv = conversation_new(&pinfo->src, &pinfo->dst,
418 pinfo->ptype, pinfo->srcport, pinfo->destport,
421 data = conversation_get_proto_data(conv, proto_rtsp);
423 data = g_mem_chunk_alloc(rtsp_vals);
424 conversation_add_proto_data(conv, proto_rtsp, data);
426 if (s_data_chan < RTSP_MAX_INTERLEAVED) {
427 data->interleaved[s_data_chan].dissector =
430 if (i > 1 && s_mon_chan < RTSP_MAX_INTERLEAVED) {
431 data->interleaved[s_mon_chan].dissector =
438 * We only want to match on the destination address, not the
439 * source address, because the server might send back a packet
440 * from an address other than the address to which its client
441 * sent the packet, so we construct a conversation with no
444 SET_ADDRESS(&null_addr, pinfo->src.type, 0, NULL);
446 conv = conversation_new(&pinfo->dst, &null_addr, PT_UDP, c_data_port,
447 s_data_port, NO_ADDR2 | (!s_data_port ? NO_PORT2 : 0));
448 conversation_set_dissector(conv, rtp_handle);
453 conv = conversation_new(&pinfo->dst, &null_addr, PT_UDP, c_mon_port,
454 s_mon_port, NO_ADDR2 | (!s_mon_port ? NO_PORT2 : 0));
455 conversation_set_dissector(conv, rtcp_handle);
458 static const char rtsp_content_length[] = "Content-Length:";
461 rtsp_get_content_length(const guchar *line_begin, size_t line_len)
469 if (line_len > sizeof(buf) - 1) {
471 * Don't overflow the buffer.
473 line_len = sizeof(buf) - 1;
475 memcpy(buf, line_begin, line_len);
476 buf[line_len] = '\0';
478 tmp = buf + STRLEN_CONST(rtsp_content_length);
479 while (*tmp && isspace(*tmp))
481 content_length = strtol(tmp, &p, 10);
483 if (up == tmp || (*up != '\0' && !isspace(*up)))
484 return -1; /* not a valid number */
485 return content_length;
488 static const char rtsp_Session[] = "Session:";
489 static const char rtsp_X_Vig_Msisdn[] = "X-Vig-Msisdn";
492 dissect_rtspmessage(tvbuff_t *tvb, int offset, packet_info *pinfo,
495 proto_tree *rtsp_tree = NULL;
496 proto_tree *sub_tree = NULL;
497 proto_item *ti = NULL;
500 const guchar *linep, *lineend;
502 int first_linelen, linelen;
505 gboolean is_request_or_reply;
506 gboolean body_requires_content_len;
507 gboolean saw_req_resp_or_header;
509 rtsp_type_t rtsp_type;
510 gboolean is_mime_header;
514 int reported_datalen;
517 e164_info_t e164_info;
519 * Is this a request or response?
521 * Note that "tvb_find_line_end()" will return a value that
522 * is not longer than what's in the buffer, so the
523 * "tvb_get_ptr()" call won't throw an exception.
525 first_linelen = tvb_find_line_end(tvb, offset,
526 tvb_ensure_length_remaining(tvb, offset), &next_offset,
529 * Is the first line a request or response?
531 line = tvb_get_ptr(tvb, offset, first_linelen);
532 is_request_or_reply = is_rtsp_request_or_reply(line, first_linelen,
534 if (is_request_or_reply) {
536 * Yes, it's a request or response.
537 * Do header desegmentation if we've been told to,
538 * and do body desegmentation if we've been told to and
539 * we find a Content-Length header.
541 if (!req_resp_hdrs_do_reassembly(tvb, pinfo,
542 rtsp_desegment_headers, rtsp_desegment_body)) {
544 * More data needed for desegmentation.
551 * RFC 2326 says that a content length must be specified
552 * in requests that have a body, although section 4.4 speaks
553 * of a server closing the connection indicating the end of
556 * We assume that an absent content length in a request means
557 * that we don't have a body, and that an absent content length
558 * in a reply means that the reply body runs to the end of
559 * the connection. If the first line is neither, we assume
560 * that whatever follows a blank line should be treated as a
561 * body; there's not much else we can do, as we're jumping
562 * into the message in the middle.
564 * XXX - if there was no Content-Length entity header, we should
565 * accumulate all data until the end of the connection.
566 * That'd require that the TCP dissector call subdissectors
567 * for all frames with FIN, even if they contain no data,
568 * which would require subdissectors to deal intelligently
569 * with empty segments.
571 if (rtsp_type == RTSP_REQUEST)
572 body_requires_content_len = TRUE;
574 body_requires_content_len = FALSE;
576 if (check_col(pinfo->cinfo, COL_PROTOCOL))
577 col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTSP");
578 if (check_col(pinfo->cinfo, COL_INFO)) {
580 * Put the first line from the buffer into the summary
581 * if it's an RTSP request or reply (but leave out the
583 * Otherwise, just call it a continuation.
585 * Note that "tvb_find_line_end()" will return a value that
586 * is not longer than what's in the buffer, so the
587 * "tvb_get_ptr()" call won't throw an exception.
589 line = tvb_get_ptr(tvb, offset, first_linelen);
590 if (is_request_or_reply)
591 if ( rtsp_type == RTSP_REPLY ) {
592 col_add_str(pinfo->cinfo, COL_INFO, "Reply: ");
593 col_append_str(pinfo->cinfo, COL_INFO,
594 format_text(line, first_linelen));
597 col_add_str(pinfo->cinfo, COL_INFO,
598 format_text(line, first_linelen));
601 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
605 orig_offset = offset;
607 ti = proto_tree_add_item(tree, proto_rtsp, tvb, offset, -1,
609 rtsp_tree = proto_item_add_subtree(ti, ett_rtsp);
613 * We haven't yet seen a Content-Length header.
618 * Process the packet data, a line at a time.
620 saw_req_resp_or_header = FALSE; /* haven't seen anything yet */
621 while (tvb_reported_length_remaining(tvb, offset) != 0) {
623 * We haven't yet concluded that this is a MIME header.
625 is_mime_header = FALSE;
628 * Find the end of the line.
630 linelen = tvb_find_line_end(tvb, offset,
631 tvb_ensure_length_remaining(tvb, offset), &next_offset,
635 line_end_offset = offset + linelen;
637 * colon_offset may be -1
639 colon_offset = tvb_find_guint8(tvb, offset, linelen, ':');
643 * Get a buffer that refers to the line.
645 line = tvb_get_ptr(tvb, offset, linelen);
646 lineend = line + linelen;
649 * OK, does it look like an RTSP request or response?
651 is_request_or_reply = is_rtsp_request_or_reply(line, linelen,
653 if (is_request_or_reply)
657 * No. Does it look like a blank line (as would appear
658 * at the end of an RTSP request)?
661 goto is_rtsp; /* Yes. */
664 * No. Does it look like a header?
667 while (linep < lineend) {
670 break; /* not printable, not a MIME header */
690 * It's a tspecial, so it's not
691 * part of a token, so it's not
692 * a field name for the beginning
699 * This ends the token; we consider
700 * this to be a MIME header.
702 is_mime_header = TRUE;
708 * LWS (RFC-2616, 4.2); continue the previous
716 * We haven't seen the colon, but everything else looks
717 * OK for a header line.
719 * If we've already seen an RTSP request or response
720 * line, or a header line, and we're at the end of
721 * the tvbuff, we assume this is an incomplete header
722 * line. (We quit this loop after seeing a blank line,
723 * so if we've seen a request or response line, or a
724 * header line, this is probably more of the request
725 * or response we're presumably seeing. There is some
726 * risk of false positives, but the same applies for
727 * full request or response lines or header lines,
728 * although that's less likely.)
730 * We throw an exception in that case, by checking for
731 * the existence of the next byte after the last one
732 * in the line. If it exists, "tvb_ensure_bytes_exist()"
733 * throws no exception, and we fall through to the
734 * "not RTSP" case. If it doesn't exist,
735 * "tvb_ensure_bytes_exist()" will throw the appropriate
738 if (saw_req_resp_or_header)
739 tvb_ensure_bytes_exist(tvb, offset, linelen + 1);
743 * We don't consider this part of an RTSP request or
744 * reply, so we don't display it.
754 * This is a blank line, which means that
755 * whatever follows it isn't part of this
758 proto_tree_add_text(rtsp_tree, tvb, offset,
759 next_offset - offset, "%s",
760 tvb_format_text(tvb, offset, next_offset - offset));
761 offset = next_offset;
766 * Not a blank line - either a request, a reply, or a header
769 saw_req_resp_or_header = TRUE;
771 ti = proto_tree_add_text(rtsp_tree, tvb, offset,
772 next_offset - offset, "%s",
773 tvb_format_text(tvb, offset, next_offset - offset));
775 sub_tree = proto_item_add_subtree(ti, ett_rtsp_method);
780 process_rtsp_request(tvb, offset, line, linelen,
785 process_rtsp_reply(tvb, offset, line, linelen,
793 if (is_mime_header) {
795 * Process some MIME headers specially.
797 #define MIME_HDR_MATCHES(header) \
798 (linelen > STRLEN_CONST(header) && \
799 strncasecmp(line, (header), STRLEN_CONST(header)) == 0)
801 if (MIME_HDR_MATCHES(rtsp_transport)) {
803 * Based on the port numbers specified
804 * in the Transport: header, set up
805 * a conversation that will be dissected
806 * with the appropriate dissector.
808 rtsp_create_conversation(pinfo, line, linelen);
809 } else if (MIME_HDR_MATCHES(rtsp_content_type)) {
811 * If the Content-Type: header says this
812 * is SDP, dissect the payload as SDP.
814 * XXX - we should just do the same
815 * sort of header processing
816 * that HTTP does, and use the
817 * "media_type" dissector table on
820 * We should use those for Transport:
821 * and Content-Length: as well (and
822 * should process Content-Length: in
825 if (is_content_sdp(line, linelen))
827 } else if (MIME_HDR_MATCHES(rtsp_content_length)) {
829 * Only the amount specified by the
830 * Content-Length: header should be treated
833 content_length = rtsp_get_content_length(line,
836 } else if (MIME_HDR_MATCHES(rtsp_Session)) {
838 * Extract the session string
842 if ( colon_offset != -1 ){
844 * Skip whitespace after the colon.
845 * (Code from SIP dissector )
847 value_offset = colon_offset + 1;
848 while (value_offset < line_end_offset
849 && ((c = tvb_get_guint8(tvb,
850 value_offset)) == ' '
854 * Put the value into the protocol tree
856 value_len = line_end_offset - value_offset;
857 proto_tree_add_string(sub_tree, hf_rtsp_session,tvb,
858 value_offset, value_len ,
859 tvb_format_text(tvb, value_offset, value_len));
862 } else if (MIME_HDR_MATCHES(rtsp_X_Vig_Msisdn)) {
864 * Extract the X_Vig_Msisdn string
866 if ( colon_offset != -1 ){
868 * Skip whitespace after the colon.
869 * (Code from SIP dissector )
871 value_offset = colon_offset + 1;
872 while (value_offset < line_end_offset
873 && ((c = tvb_get_guint8(tvb,
874 value_offset)) == ' '
878 * Put the value into the protocol tree
880 value_len = line_end_offset - value_offset;
881 proto_tree_add_string(sub_tree, hf_rtsp_X_Vig_Msisdn,tvb,
882 value_offset, value_len ,
883 tvb_format_text(tvb, value_offset, value_len));
885 e164_info.e164_number_type = CALLING_PARTY_NUMBER;
886 e164_info.nature_of_address = 0;
888 e164_info.E164_number_str = tvb_get_string(tvb, value_offset,
890 e164_info.E164_number_length = value_len;
891 dissect_e164_number(tvb, sub_tree, value_offset,
892 value_len, e164_info);
893 g_free(e164_info.E164_number_str);
900 offset = next_offset;
904 * If a content length was supplied, the amount of data to be
905 * processed as RTSP payload is the minimum of the content
906 * length and the amount of data remaining in the frame.
908 * If no content length was supplied (or if a bad content length
909 * was supplied), the amount of data to be processed is the amount
910 * of data remaining in the frame.
912 datalen = tvb_length_remaining(tvb, offset);
913 reported_datalen = tvb_reported_length_remaining(tvb, offset);
914 if (content_length != -1) {
916 * Content length specified; display only that amount
919 if (datalen > content_length)
920 datalen = content_length;
923 * XXX - limit the reported length in the tvbuff we'll
924 * hand to a subdissector to be no greater than the
927 * We really need both unreassembled and "how long it'd
928 * be if it were reassembled" lengths for tvbuffs, so
929 * that we throw the appropriate exceptions for
930 * "not enough data captured" (running past the length),
931 * "packet needed reassembly" (within the length but
932 * running past the unreassembled length), and
933 * "packet is malformed" (running past the reassembled
936 if (reported_datalen > content_length)
937 reported_datalen = content_length;
940 * No content length specified; if this message doesn't
941 * have a body if no content length is specified, process
942 * nothing as payload.
944 if (body_requires_content_len)
950 * There's stuff left over; process it.
956 * Fix up the top-level item so that it doesn't
957 * include the SDP stuff.
960 proto_item_set_len(ti, offset);
963 * Now create a tvbuff for the SDP stuff and
966 * The amount of data to be processed that's
967 * available in the tvbuff is "datalen", which
968 * is the minimum of the amount of data left in
969 * the tvbuff and any specified content length.
971 * The amount of data to be processed that's in
972 * this frame, regardless of whether it was
973 * captured or not, is "reported_datalen",
974 * which, if no content length was specified,
975 * is -1, i.e. "to the end of the frame.
977 new_tvb = tvb_new_subset(tvb, offset, datalen,
979 call_dissector(sdp_handle, new_tvb, pinfo, tree);
981 if (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR) {
983 * This is interleaved stuff; don't
984 * treat it as raw data - set "datalen"
985 * to 0, so we won't skip the offset
986 * past it, which will cause our
987 * caller to process that stuff itself.
991 proto_tree_add_text(rtsp_tree, tvb, offset,
992 datalen, "Data (%d bytes)",
998 * We've processed "datalen" bytes worth of data
999 * (which may be no data at all); advance the
1000 * offset past whatever data we've processed.
1004 return offset - orig_offset;
1008 process_rtsp_request(tvbuff_t *tvb, int offset, const guchar *data,
1009 size_t linelen, proto_tree *tree)
1011 const guchar *lineend = data + linelen;
1014 const guchar *url_start;
1017 /* Request Methods */
1018 for (ii = 0; ii < RTSP_NMETHODS; ii++) {
1019 size_t len = strlen(rtsp_methods[ii]);
1020 if (linelen >= len && !strncasecmp(rtsp_methods[ii], data, len))
1023 if (ii == RTSP_NMETHODS) {
1025 * We got here because "is_rtsp_request_or_reply()" returned
1026 * RTSP_REQUEST, so we know one of the request methods
1027 * matched, so we "can't get here".
1029 g_assert_not_reached();
1033 proto_tree_add_string(tree, hf_rtsp_method, tvb, offset,
1034 strlen(rtsp_methods[ii]), rtsp_methods[ii]);
1039 while (url < lineend && !isspace(*url))
1041 while (url < lineend && isspace(*url))
1044 while (url < lineend && !isspace(*url))
1046 tmp_url = g_malloc(url - url_start + 1);
1047 memcpy(tmp_url, url_start, url - url_start);
1048 tmp_url[url - url_start] = 0;
1049 proto_tree_add_string(tree, hf_rtsp_url, tvb,
1050 offset + (url_start - data), url - url_start, tmp_url);
1055 process_rtsp_reply(tvbuff_t *tvb, int offset, const guchar *data,
1056 size_t linelen, proto_tree *tree)
1058 const guchar *lineend = data + linelen;
1059 const guchar *status = data;
1060 const guchar *status_start;
1061 unsigned int status_i;
1064 while (status < lineend && !isspace(*status))
1066 while (status < lineend && isspace(*status))
1068 status_start = status;
1070 while (status < lineend && isdigit(*status))
1071 status_i = status_i * 10 + *status++ - '0';
1072 proto_tree_add_uint(tree, hf_rtsp_status, tvb,
1073 offset + (status_start - data),
1074 status - status_start, status_i);
1078 dissect_rtsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1083 while (tvb_reported_length_remaining(tvb, offset) != 0) {
1084 len = (tvb_get_guint8(tvb, offset) == RTSP_FRAMEHDR)
1085 ? dissect_rtspinterleaved(tvb, offset, pinfo, tree)
1086 : dissect_rtspmessage(tvb, offset, pinfo, tree);
1092 * OK, we've set the Protocol and Info columns for the
1093 * first RTSP message; make the columns non-writable,
1094 * so that we don't change it for subsequent RTSP messages.
1096 col_set_writable(pinfo->cinfo, FALSE);
1103 /* Routine to initialize rtsp protocol before each capture or filter pass. */
1104 /* Release any memory if needed. Then setup the memory chunks. */
1107 g_mem_chunk_destroy(rtsp_vals);
1109 rtsp_vals = g_mem_chunk_new("rtsp_vals",
1110 sizeof(rtsp_conversation_data_t),
1111 rtsp_hash_init_count * sizeof(rtsp_conversation_data_t),
1116 proto_register_rtsp(void)
1118 static gint *ett[] = {
1123 static hf_register_info hf[] = {
1125 { "Method", "rtsp.method", FT_STRING, BASE_NONE, NULL, 0,
1128 { "URL", "rtsp.url", FT_STRING, BASE_NONE, NULL, 0,
1131 { "Status", "rtsp.status", FT_UINT32, BASE_DEC, NULL, 0,
1134 { "Session", "rtsp.session", FT_STRING, BASE_NONE, NULL, 0,
1136 { &hf_rtsp_X_Vig_Msisdn,
1137 { "X-Vig-Msisdn", "X_Vig_Msisdn", FT_STRING, BASE_NONE, NULL, 0,
1142 module_t *rtsp_module;
1144 proto_rtsp = proto_register_protocol("Real Time Streaming Protocol",
1146 proto_register_field_array(proto_rtsp, hf, array_length(hf));
1147 proto_register_subtree_array(ett, array_length(ett));
1149 /* Register our configuration options, particularly our ports */
1151 rtsp_module = prefs_register_protocol(proto_rtsp, proto_reg_handoff_rtsp);
1152 prefs_register_uint_preference(rtsp_module, "tcp.port",
1154 "Set the TCP port for RTSP messages",
1155 10, &global_rtsp_tcp_port);
1156 prefs_register_uint_preference(rtsp_module, "tcp.alternate_port",
1157 "Alternate RTSP TCP Port",
1158 "Set the alternate TCP port for RTSP messages",
1159 10, &global_rtsp_tcp_alternate_port);
1160 prefs_register_bool_preference(rtsp_module, "desegment_headers",
1161 "Desegment all RTSP headers\nspanning multiple TCP segments",
1162 "Whether the RTSP dissector should desegment all headers "
1163 "of a request spanning multiple TCP segments",
1164 &rtsp_desegment_headers);
1165 prefs_register_bool_preference(rtsp_module, "desegment_body",
1166 "Trust the \"Content-length:\" header and\ndesegment RTSP "
1167 "bodies\nspanning multiple TCP segments",
1168 "Whether the RTSP dissector should use the "
1169 "\"Content-length:\" value to desegment the body "
1170 "of a request spanning multiple TCP segments",
1171 &rtsp_desegment_body);
1173 register_init_routine(rtsp_init); /* register re-init routine */
1177 proto_reg_handoff_rtsp(void)
1179 dissector_handle_t rtsp_handle;
1180 static int rtsp_prefs_initialized = FALSE;
1182 rtsp_handle = create_dissector_handle(dissect_rtsp, proto_rtsp);
1184 if (!rtsp_prefs_initialized) {
1185 rtsp_prefs_initialized = TRUE;
1188 dissector_delete("tcp.port", tcp_port, rtsp_handle);
1189 dissector_delete("tcp.port", tcp_alternate_port, rtsp_handle);
1191 /* Set our port number for future use */
1193 tcp_port = global_rtsp_tcp_port;
1194 tcp_alternate_port = global_rtsp_tcp_alternate_port;
1196 dissector_add("tcp.port", tcp_port, rtsp_handle);
1197 dissector_add("tcp.port", tcp_alternate_port, rtsp_handle);
1199 sdp_handle = find_dissector("sdp");
1200 rtp_handle = find_dissector("rtp");
1201 rtcp_handle = find_dissector("rtcp");