2 * Routines for the Session Initiation Protocol (SIP) dissection.
5 * TODO: Pay attention to Content-Type: It might not always be SDP.
6 * Add hf_* fields for filtering support.
7 * Add sip msg body dissection based on Content-Type for:
8 * SDP, MIME, and other types
9 * Align SIP methods with recent Internet Drafts or RFC
10 * (SIP INFO, rfc2976 - done)
11 * (SIP SUBSCRIBE-NOTIFY - done)
15 * Copyright 2000, Heikki Vatiainen <hessu@cs.tut.fi>
16 * Copyright 2001, Jean-Francois Mule <jfm@clarent.com>
18 * $Id: packet-sip.c,v 1.25 2002/03/29 01:25:57 gerald Exp $
20 * Ethereal - Network traffic analyzer
21 * By Gerald Combs <gerald@ethereal.com>
22 * Copyright 1998 Gerald Combs
24 * Copied from packet-cops.c
26 * This program is free software; you can redistribute it and/or
27 * modify it under the terms of the GNU General Public License
28 * as published by the Free Software Foundation; either version 2
29 * of the License, or (at your option) any later version.
31 * This program is distributed in the hope that it will be useful,
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
34 * GNU General Public License for more details.
36 * You should have received a copy of the GNU General Public License
37 * along with this program; if not, write to the Free Software
38 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
50 #include <epan/packet.h>
52 #define TCP_PORT_SIP 5060
53 #define UDP_PORT_SIP 5060
55 /* Initialize the protocol and registered fields */
56 static gint proto_sip = -1;
57 static gint hf_msg_hdr = -1;
59 /* Initialize the subtree pointers */
60 static gint ett_sip = -1;
61 static gint ett_sip_hdr = -1;
63 static const char *sip_methods[] = {
64 "<Invalid method>", /* Pad so that the real methods start at index 1 */
82 static gboolean sip_is_request(tvbuff_t *tvb, guint32 offset, gint eol);
83 static gboolean sip_is_known_request(tvbuff_t *tvb, guint32 offset);
84 static gint sip_get_msg_offset(tvbuff_t *tvb, guint32 offset);
86 static dissector_handle_t sdp_handle;
87 static dissector_handle_t data_handle;
89 #define SIP2_HDR "SIP/2.0"
90 #define SIP2_HDR_LEN (strlen (SIP2_HDR))
92 /* Code to actually dissect the packets */
93 static void dissect_sip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
96 gint eol, next_offset, msg_offset;
98 gboolean is_request, is_known_request;
102 * Note that "tvb_strneql()" doesn't throw exceptions, so
103 * "sip_is_request()" won't throw an exception.
105 * Note that "tvb_find_line_end()" will return a value that
106 * is not longer than what's in the buffer, so the
107 * "tvb_get_ptr()" call s below won't throw exceptions.
110 eol = tvb_find_line_end(tvb, 0, -1, &next_offset);
111 /* XXX - Check for a valid status message as well. */
112 is_request = sip_is_request(tvb, 0, eol);
113 is_known_request = sip_is_known_request(tvb, 0);
114 /* XXX - Is this case-sensitive? RFC 2543 didn't explicitly say. */
115 if (tvb_strneql(tvb, 0, SIP2_HDR, SIP2_HDR_LEN) != 0 && ! is_request)
118 if (check_col(pinfo->cinfo, COL_PROTOCOL))
119 col_set_str(pinfo->cinfo, COL_PROTOCOL, "SIP");
121 req_descr = is_known_request ? "Request" : "Unknown request";
122 if (check_col(pinfo->cinfo, COL_INFO))
123 col_add_fstr(pinfo->cinfo, COL_INFO, "%s: %s",
124 is_request ? req_descr : "Status",
126 tvb_format_text(tvb, 0, eol - SIP2_HDR_LEN - 1) :
127 tvb_format_text(tvb, SIP2_HDR_LEN + 1, eol - SIP2_HDR_LEN - 1));
130 msg_offset = sip_get_msg_offset(tvb, offset);
131 if (msg_offset < 0) {
133 * XXX - this may just mean that the entire SIP message
134 * didn't fit in this TCP segment.
141 proto_tree *sip_tree, *hdr_tree;
143 ti = proto_tree_add_item(tree, proto_sip, tvb, 0, -1, FALSE);
144 sip_tree = proto_item_add_subtree(ti, ett_sip);
146 proto_tree_add_text(sip_tree, tvb, 0, next_offset, "%s line: %s",
147 is_request ? req_descr : "Status",
148 tvb_format_text(tvb, 0, eol));
150 offset = next_offset;
151 th = proto_tree_add_item(sip_tree, hf_msg_hdr, tvb, offset, msg_offset - offset, FALSE);
152 hdr_tree = proto_item_add_subtree(th, ett_sip_hdr);
154 /* - 2 since we have a CRLF separating the message-body */
155 while (msg_offset - 2 > (int) offset) {
156 eol = tvb_find_line_end(tvb, offset, -1, &next_offset);
157 proto_tree_add_text(hdr_tree, tvb, offset, next_offset - offset, "%s",
158 tvb_format_text(tvb, offset, eol));
159 offset = next_offset;
161 offset += 2; /* Skip the CRLF mentioned above */
164 if (tvb_offset_exists(tvb, msg_offset)) {
165 next_tvb = tvb_new_subset(tvb, msg_offset, -1, -1);
166 call_dissector(sdp_handle, next_tvb, pinfo, tree);
172 next_tvb = tvb_new_subset(tvb, offset, -1, -1);
173 call_dissector(data_handle,next_tvb, pinfo, tree);
178 /* Returns the offset to the start of the optional message-body, or
181 static gint sip_get_msg_offset(tvbuff_t *tvb, guint32 offset)
185 while ((eol = tvb_find_guint8(tvb, offset, -1, '\r')) > 0
186 && tvb_bytes_exist(tvb, eol, 4)) {
187 if (tvb_get_guint8(tvb, eol + 1) == '\n' &&
188 tvb_get_guint8(tvb, eol + 2) == '\r' &&
189 tvb_get_guint8(tvb, eol + 3) == '\n')
197 /* From section 4.1 of RFC 2543:
199 * Request-Line = Method SP Request-URI SP SIP-Version CRLF
202 static gboolean sip_is_request(tvbuff_t *tvb, guint32 offset, gint eol)
204 gint meth_len, req_len, req_colon_pos;
205 guint8 req_start, ver_start, ver_len;
207 meth_len = tvb_find_guint8(tvb, 0, -1, ' ');
208 req_start = meth_len + 1;
209 req_len = tvb_find_guint8(tvb, req_start, -1, ' ') - meth_len - 1;
210 req_colon_pos = tvb_find_guint8(tvb, req_start + 1, -1, ':');
211 ver_start = meth_len + req_len + 2;
212 ver_len = eol - req_len - meth_len - 2; /*CRLF, plus two spaces */
215 * A method of at least one character?
216 * A URI consisting of at least three characters?
217 * A version string length matching that of SIP2_HDR?
219 if (meth_len <= 0 || req_len <= 3 || ver_len != SIP2_HDR_LEN)
222 /* Does our method have a colon character? */
223 if (req_colon_pos < 0 || req_colon_pos > ver_start)
225 /* XXX - Check for a proper URI prefix? */
227 /* Do we have a proper version string? */
228 if (tvb_strneql(tvb, ver_start, SIP2_HDR, SIP2_HDR_LEN))
234 static gboolean sip_is_known_request(tvbuff_t *tvb, guint32 offset)
238 meth_len = tvb_find_guint8(tvb, 0, -1, ' ');
240 for (i = 1; i < array_length(sip_methods); i++) {
241 if ((meth_len == strlen(sip_methods[i])) && tvb_strneql(tvb, offset, sip_methods[i], strlen(sip_methods[i])) == 0)
248 /* Register the protocol with Ethereal */
249 void proto_register_sip(void)
252 /* Setup list of header fields */
253 static hf_register_info hf[] = {
256 { "Message Header", "sip.msg_hdr",
258 "Message Header in SIP message", HFILL }
262 /* Setup protocol subtree array */
263 static gint *ett[] = {
268 /* Register the protocol name and description */
269 proto_sip = proto_register_protocol("Session Initiation Protocol",
272 /* Required function calls to register the header fields and subtrees used */
273 proto_register_field_array(proto_sip, hf, array_length(hf));
274 proto_register_subtree_array(ett, array_length(ett));
278 proto_reg_handoff_sip(void)
280 dissector_handle_t sip_handle;
282 sip_handle = create_dissector_handle(dissect_sip, proto_sip);
283 dissector_add("tcp.port", TCP_PORT_SIP, sip_handle);
284 dissector_add("udp.port", UDP_PORT_SIP, sip_handle);
287 * Get a handle for the SDP dissector.
289 sdp_handle = find_dissector("sdp");
290 data_handle = find_dissector("data");