2 * Routines for sap packet dissection
5 * Heikki Vatiainen <hessu@cs.tut.fi>
7 * $Id: packet-sap.c,v 1.27 2002/01/24 09:20:51 guy Exp $
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * Copied from packet-tftp.c
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version 2
18 * of the License, or (at your option) any later version.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 #ifdef HAVE_SYS_TYPES_H
35 # include <sys/types.h>
38 #ifdef HAVE_NETINET_IN_H
39 # include <netinet/in.h>
44 #include <epan/packet.h>
45 #include "packet-ipv6.h"
47 #define UDP_PORT_SAP 9875
49 #define MCAST_SAP_VERSION_MASK 0xE0 /* 3 bits for SAP version*/
50 #define MCAST_SAP_VERSION_SHIFT 5 /* Right shift 5 bits to get the version */
51 #define MCAST_SAP_VER0 0 /* Version 0 */
52 #define MCAST_SAP_VER1PLUS 1 /* Version 1 or later */
53 static const value_string mcast_sap_ver[] = {
54 { MCAST_SAP_VER0, "SAPv0"},
55 { MCAST_SAP_VER1PLUS, "SAPv1 or later"},
58 static const true_false_string mcast_sap_address_type = {
63 static const true_false_string flags_set_truth = {
68 static const true_false_string mcast_sap_message_type = {
73 static const true_false_string mcast_sap_crypt_type = {
75 "Payload not encrypted "
78 static const true_false_string mcast_sap_comp_type = {
80 "Payload not compressed"
83 static const value_string mcast_sap_auth_ver[] = {
84 { 1, "SAP authentication header v1"},
87 static const true_false_string mcast_sap_auth_pad = {
88 "Authentication subheader padded to 32 bits",
89 "No padding required for the authentication subheader"
92 #define MCAST_SAP_AUTH_TYPE_MASK 0x0F /* 4 bits for the type of the authentication header */
93 #define MCAST_SAP_AUTH_TYPE_PGP 0
94 #define MCAST_SAP_AUTH_TYPE_CMS 1
95 static const value_string mcast_sap_auth_type[] = {
96 { MCAST_SAP_AUTH_TYPE_PGP, "PGP"},
97 { MCAST_SAP_AUTH_TYPE_CMS, "CMS"},
100 #define MCAST_SAP_BIT_A 0x10 /* Address type: 0 IPv4, 1 IPv6 */
101 #define MCAST_SAP_BIT_R 0x08 /* Reserved: Must be 0 */
102 #define MCAST_SAP_BIT_T 0x04 /* Message Type: 0 announcement, 1 deletion */
103 #define MCAST_SAP_BIT_E 0x02 /* Encryption Bit: 1 payload encrypted */
104 #define MCAST_SAP_BIT_C 0x01 /* Compressed Bit: 1 payload zlib compressed */
106 #define MCAST_SAP_AUTH_BIT_P 0x10 /* Padding required for the authentication header */
109 static int proto_sap = -1;
110 static int hf_sap_flags = -1;
111 static int hf_sap_flags_v = -1;
112 static int hf_sap_flags_a = -1;
113 static int hf_sap_flags_r = -1;
114 static int hf_sap_flags_t = -1;
115 static int hf_sap_flags_e = -1;
116 static int hf_sap_flags_c = -1;
117 static int hf_auth_data = -1;
118 static int hf_auth_flags = -1;
119 static int hf_auth_flags_v = -1;
120 static int hf_auth_flags_p = -1;
121 static int hf_auth_flags_t = -1;
123 static gint ett_sap = -1;
124 static gint ett_sap_flags = -1;
125 static gint ett_sap_auth = -1;
126 static gint ett_sap_authf = -1;
128 static dissector_handle_t sdp_handle;
131 dissect_sap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
134 int sap_version, is_ipv6, is_del, is_enc, is_comp, addr_len;
142 proto_item *si, *sif;
143 proto_tree *sap_tree, *sap_flags_tree;
145 if (check_col(pinfo->cinfo, COL_PROTOCOL))
146 col_set_str(pinfo->cinfo, COL_PROTOCOL, "SAP");
147 if (check_col(pinfo->cinfo, COL_INFO))
148 col_clear(pinfo->cinfo, COL_INFO);
150 vers_flags = tvb_get_guint8(tvb, offset);
151 is_ipv6 = vers_flags&MCAST_SAP_BIT_A;
152 is_del = vers_flags&MCAST_SAP_BIT_T;
153 is_enc = vers_flags&MCAST_SAP_BIT_E;
154 is_comp = vers_flags&MCAST_SAP_BIT_C;
156 sap_version = (vers_flags&MCAST_SAP_VERSION_MASK)>>MCAST_SAP_VERSION_SHIFT;
157 addr_len = (is_ipv6) ? sizeof(struct e_in6_addr) : 4;
159 if (check_col(pinfo->cinfo, COL_INFO)) {
160 col_add_fstr(pinfo->cinfo, COL_INFO, "%s (v%u)",
161 (is_del) ? "Deletion" : "Announcement", sap_version);
165 si = proto_tree_add_item(tree, proto_sap, tvb, offset, -1, FALSE);
166 sap_tree = proto_item_add_subtree(si, ett_sap);
168 sif = proto_tree_add_uint(sap_tree, hf_sap_flags, tvb, offset, 1, vers_flags);
169 sap_flags_tree = proto_item_add_subtree(sif, ett_sap_flags);
170 proto_tree_add_uint(sap_flags_tree, hf_sap_flags_v, tvb, offset, 1, vers_flags);
171 proto_tree_add_boolean(sap_flags_tree, hf_sap_flags_a, tvb, offset, 1, vers_flags);
172 proto_tree_add_boolean(sap_flags_tree, hf_sap_flags_r, tvb, offset, 1, vers_flags);
173 proto_tree_add_boolean(sap_flags_tree, hf_sap_flags_t, tvb, offset, 1, vers_flags);
174 proto_tree_add_boolean(sap_flags_tree, hf_sap_flags_e, tvb, offset, 1, vers_flags);
175 proto_tree_add_boolean(sap_flags_tree, hf_sap_flags_c, tvb, offset, 1, vers_flags);
178 auth_len = tvb_get_guint8(tvb, offset);
179 proto_tree_add_text(sap_tree, tvb, offset, 1, "Authentication Length: %u", auth_len);
182 tmp1 = tvb_get_ntohs(tvb, offset);
183 proto_tree_add_text(sap_tree, tvb, offset, 2, "Message Identifier Hash: 0x%x", tmp1);
186 addr = tvb_get_ptr(tvb, offset, addr_len);
187 proto_tree_add_text(sap_tree, tvb, offset, addr_len, "Originating Source: %s",
188 (is_ipv6) ? ip6_to_str((struct e_in6_addr*)addr) : ip_to_str(addr));
191 /* Authentication data lives in its own subtree */
193 guint32 auth_data_len;
194 proto_item *sdi, *sai;
195 proto_tree *sa_tree, *saf_tree;
199 auth_data_len = auth_len * sizeof(guint32);
201 sdi = proto_tree_add_item(sap_tree, hf_auth_data, tvb, offset, auth_data_len, FALSE);
202 sa_tree = proto_item_add_subtree(sdi, ett_sap_auth);
204 auth_flags = tvb_get_guint8(tvb, offset);
205 sai = proto_tree_add_uint(sa_tree, hf_auth_flags, tvb, offset, 1, auth_flags);
206 saf_tree = proto_item_add_subtree(sai, ett_sap_authf);
207 proto_tree_add_uint(saf_tree, hf_auth_flags_v, tvb, offset, 1, auth_flags);
208 proto_tree_add_boolean(saf_tree, hf_auth_flags_p, tvb, offset, 1, auth_flags);
209 proto_tree_add_uint(saf_tree, hf_auth_flags_t, tvb, offset, 1, auth_flags);
211 has_pad = auth_flags&MCAST_SAP_AUTH_BIT_P;
213 pad_len = tvb_get_guint8(tvb, offset+auth_data_len-1);
215 proto_tree_add_text(sa_tree, tvb, offset+1, auth_data_len-pad_len-1,
216 "Authentication subheader: (%u byte%s)",
217 auth_data_len-1, plurality(auth_data_len-1, "", "s"));
219 proto_tree_add_text(sa_tree, tvb, offset+auth_data_len-pad_len, pad_len,
220 "Authentication data padding: (%u byte%s)",
221 pad_len, plurality(pad_len, "", "s"));
222 proto_tree_add_text(sa_tree, tvb, offset+auth_data_len-1, 1,
223 "Authentication data pad count: %u byte%s",
224 pad_len, plurality(pad_len, "", "s"));
227 offset += auth_data_len;
229 if (is_enc || is_comp) {
231 if (is_enc && is_comp) mangle = "compressed and encrypted";
232 else if (is_enc) mangle = "encrypted";
233 else mangle = "compressed";
234 proto_tree_add_text(sap_tree, tvb, offset, -1,
235 "The rest of the packet is %s", mangle);
239 /* Do we have the optional payload type aka. MIME content specifier */
240 if (tvb_strneql(tvb, offset, "v=", strlen("v="))) {
245 remaining_len = tvb_length_remaining(tvb, offset);
246 if (remaining_len == 0) {
248 * "tvb_strneql()" failed because there was no
249 * data left in the packet.
251 * Set the remaining length to 1, so that
252 * we throw the appropriate exception in
253 * "tvb_get_ptr()", rather than displaying
258 pt_string_len = tvb_strnlen(tvb, offset, remaining_len);
259 if (pt_string_len == -1) {
261 * We didn't find a terminating '\0'; run to the
264 pt_string_len = remaining_len;
265 pt_len = pt_string_len;
268 * Include the '\0' in the total item length.
270 pt_len = pt_string_len + 1;
272 proto_tree_add_text(sap_tree, tvb, offset, pt_len,
273 "Payload type: %.*s", pt_string_len,
274 tvb_get_ptr(tvb, offset, pt_string_len));
280 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
281 call_dissector(sdp_handle, next_tvb, pinfo, tree);
286 void proto_register_sap(void)
289 static hf_register_info hf[] = {
291 { "Flags", "sap.flags",
292 FT_UINT8, BASE_HEX, NULL, 0x0,
293 "Bits in the beginning of the SAP header", HFILL }},
296 { "Version Number", "sap.flags.v",
297 FT_UINT8, BASE_DEC, VALS(mcast_sap_ver), MCAST_SAP_VERSION_MASK,
298 "3 bit version field in the SAP header", HFILL }},
301 { "Address Type", "sap.flags.a",
302 FT_BOOLEAN, 8, TFS(&mcast_sap_address_type), MCAST_SAP_BIT_A,
303 "Originating source address type", HFILL }},
306 { "Reserved", "sap.flags.r",
307 FT_BOOLEAN, 8, TFS(&flags_set_truth), MCAST_SAP_BIT_R,
308 "Reserved", HFILL }},
311 { "Message Type", "sap.flags.t",
312 FT_BOOLEAN, 8, TFS(&mcast_sap_message_type), MCAST_SAP_BIT_T,
313 "Announcement type", HFILL }},
316 { "Encryption Bit", "sap.flags.e",
317 FT_BOOLEAN, 8, TFS(&mcast_sap_crypt_type), MCAST_SAP_BIT_E,
318 "Encryption", HFILL }},
321 { "Compression Bit", "sap.flags.c",
322 FT_BOOLEAN, 8, TFS(&mcast_sap_comp_type), MCAST_SAP_BIT_C,
323 "Compression", HFILL }},
326 { "Authentication data", "sap.auth",
327 FT_NONE, BASE_NONE, NULL, 0x0,
328 "Auth data", HFILL }},
331 { "Authentication data flags", "sap.auth.flags",
332 FT_UINT8, BASE_HEX, NULL, 0x0,
333 "Auth flags", HFILL }},
336 { "Version Number", "sap.auth.flags.v",
337 FT_UINT8, BASE_DEC, VALS(&mcast_sap_auth_ver), MCAST_SAP_VERSION_MASK,
341 { "Padding Bit", "sap.auth.flags.p",
342 FT_BOOLEAN, 8, TFS(&mcast_sap_auth_pad), MCAST_SAP_AUTH_BIT_P,
343 "Compression", HFILL }},
346 { "Authentication Type", "sap.auth.flags.t",
347 FT_UINT8, BASE_DEC, VALS(&mcast_sap_auth_type), MCAST_SAP_AUTH_TYPE_MASK,
348 "Auth type", HFILL }}
350 static gint *ett[] = {
357 proto_sap = proto_register_protocol("Session Announcement Protocol", "SAP",
359 proto_register_field_array(proto_sap, hf, array_length(hf));
360 proto_register_subtree_array(ett, array_length(ett));
364 proto_reg_handoff_sap(void)
366 dissector_handle_t sap_handle;
368 sap_handle = create_dissector_handle(dissect_sap, proto_sap);
369 dissector_add("udp.port", UDP_PORT_SAP, sap_handle);
372 * Get a handle for the SDP dissector.
374 sdp_handle = find_dissector("sdp");