/* packet-ldap.c
* Routines for ldap packet dissection
*
- * $Id: packet-ldap.c,v 1.6 2000/04/03 07:48:55 guy Exp $
+ * $Id: packet-ldap.c,v 1.29 2001/12/03 03:59:36 guy Exp $
*
* Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@zing.org>
+ * By Gerald Combs <gerald@ethereal.com>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
/*
* This is not a complete implementation. It doesn't handle the full version 3, more specifically,
* it handles only the commands of version 2, but any additional characteristics of the ver3 command are supported.
- * It's also missing the substring and extensible search filters.
+ * It's also missing extensible search filters.
*
* There should probably be alot more error checking, I simply assume that if we have a full packet, it will be a complete
* and correct packet.
#include <string.h>
#include <glib.h>
+
+#ifdef NEED_SNPRINTF_H
+# include "snprintf.h"
+#endif
+
#include "packet.h"
#include "packet-ldap.h"
static gint ett_ldap_referrals = -1;
static gint ett_ldap_attribute = -1;
+#define TCP_PORT_LDAP 389
+
static value_string msgTypes [] = {
{LDAP_REQ_BIND, "Bind Request"},
{LDAP_REQ_UNBIND, "Unbind Request"},
{LDAP_RES_MODRDN, "Modify RDN Result"},
{LDAP_RES_COMPARE, "Compare Result"},
{LDAP_REQ_EXTENDED, "Extended Response"},
+ {0, NULL},
};
static int read_length(ASN1_SCK *a, proto_tree *tree, int hf_id, guint *len)
{
guint length = 0;
gboolean def = FALSE;
- const guchar *start = a->pointer;
+ int start = a->offset;
asn1_length_decode(a, &def, &length);
*len = length;
if (tree)
- proto_tree_add_item(tree, hf_id, start-a->begin, a->pointer-start, length);
+ proto_tree_add_uint(tree, hf_id, a->tvb, start, a->offset-start, length);
return 0;
}
return 1;
if (cls != ASN1_UNI || con != ASN1_CON || tag != ASN1_SEQ)
return 1;
-
+
if (len)
*len = length;
}
static int read_integer_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
- proto_tree **new_tree, guint *i, const guchar *start, guint length)
+ proto_tree **new_tree, guint *i, int start, guint length)
{
guint integer = 0;
if (tree)
{
proto_tree *temp_tree = 0;
- temp_tree = proto_tree_add_item(tree, hf_id, start-a->begin, a->pointer-start, integer);
+ temp_tree = proto_tree_add_uint(tree, hf_id, a->tvb, start, a->offset-start, integer);
if (new_tree)
*new_tree = temp_tree;
}
guint cls, con, tag;
gboolean def;
guint length;
- const guchar *start = a->pointer;
+ int start = a->offset;
if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
return 1;
return read_integer_value(a, tree, hf_id, new_tree, i, start, length);
}
+static int read_boolean_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
+ proto_tree **new_tree, guint *i, int start, guint length)
+{
+ guint integer = 0;
+
+ asn1_uint32_value_decode(a, length, &integer);
+
+ if (i)
+ *i = integer;
+
+ if (tree)
+ {
+ proto_tree *temp_tree = 0;
+ temp_tree = proto_tree_add_boolean(tree, hf_id, a->tvb, start, a->offset-start, integer);
+ if (new_tree)
+ *new_tree = temp_tree;
+ }
+
+ return 0;
+}
+
+static int read_boolean(ASN1_SCK *a, proto_tree *tree, int hf_id,
+ proto_tree **new_tree, guint *i)
+{
+ guint cls, con, tag;
+ gboolean def;
+ guint length;
+ int start = a->offset;
+
+ if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
+ return 1;
+ if (cls != ASN1_UNI || con != ASN1_PRI || tag != ASN1_BOL)
+ return 1;
+
+ return read_boolean_value(a, tree, hf_id, new_tree, i, start, length);
+}
+
static void read_string_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
- proto_tree **new_tree, char **s, const guchar *start, guint length)
+ proto_tree **new_tree, char **s, int start, guint length)
{
guchar *string;
if (length)
{
- asn1_octet_string_value_decode(a, length, &string);
+ asn1_string_value_decode(a, length, &string);
string = g_realloc(string, length + 1);
string[length] = '\0';
}
if (tree)
{
proto_tree *temp_tree;
- temp_tree = proto_tree_add_item(tree, hf_id, start - a->begin, a->pointer - start, string);
+ temp_tree = proto_tree_add_string(tree, hf_id, a->tvb, start, a->offset - start, string);
if (new_tree)
*new_tree = temp_tree;
}
guint cls, con, tag;
gboolean def;
guint length;
- const guchar *start = a->pointer;
+ int start = a->offset;
int ret;
ret = asn1_header_decode(a, &cls, &con, &tag, &def, &length);
{
guchar *string;
guchar *string2;
- gint string_length;
- gint string2_length;
+ guint string_length;
+ guint string2_length;
guint string_bytes;
+ char *filterp;
int ret;
ret = asn1_octet_string_decode(a, &string, &string_length, &string_bytes);
return ret;
*filter_length += 2 + strlen(operation) + string_length + string2_length;
*filter = g_realloc(*filter, *filter_length);
- sprintf(*filter + strlen(*filter), "(%.*s%s%.*s)", string_length, string, operation, string2_length, string2);
+ filterp = *filter + strlen(*filter);
+ *filterp++ = '(';
+ if (string_length != 0) {
+ memcpy(filterp, string, string_length);
+ filterp += string_length;
+ }
+ strcpy(filterp, operation);
+ filterp += strlen(operation);
+ if (string2_length != 0) {
+ memcpy(filterp, string2, string2_length);
+ filterp += string2_length;
+ }
+ *filterp++ = ')';
+ *filterp = '\0';
g_free(string);
g_free(string2);
return ASN1_ERR_NOERROR;
}
+/* Richard Dawe: To parse substring filters, I added this function. */
+static int parse_filter_substrings(ASN1_SCK *a, char **filter, guint *filter_length)
+{
+ int end;
+ guchar *string;
+ char *filterp;
+ guint string_length;
+ guint string_bytes;
+ guint seq_len;
+ guint header_bytes;
+ int ret, any_valued;
+
+ /* For ASN.1 parsing of octet strings */
+ guint cls;
+ guint con;
+ guint tag;
+ gboolean def;
+
+ ret = asn1_octet_string_decode(a, &string, &string_length, &string_bytes);
+ if (ret != ASN1_ERR_NOERROR)
+ return ret;
+
+ ret = asn1_sequence_decode(a, &seq_len, &header_bytes);
+ if (ret != ASN1_ERR_NOERROR)
+ return ret;
+
+ *filter_length += 2 + 1 + string_length;
+ *filter = g_realloc(*filter, *filter_length);
+
+ filterp = *filter + strlen(*filter);
+ *filterp++ = '(';
+ if (string_length != 0) {
+ memcpy(filterp, string, string_length);
+ filterp += string_length;
+ }
+ *filterp++ = '=';
+ *filterp = '\0';
+ g_free(string);
+
+ /* Now decode seq_len's worth of octet strings. */
+ any_valued = 0;
+ end = a->offset + seq_len;
+
+ while (a->offset < end) {
+ /* Octet strings here are context-specific, which
+ * asn1_octet_string_decode() barfs on. Emulate it, but don't barf. */
+ ret = asn1_header_decode (a, &cls, &con, &tag, &def, &string_length);
+ if (ret != ASN1_ERR_NOERROR)
+ return ret;
+
+ /* XXX - check the tag? */
+ if (cls != ASN1_CTX || con != ASN1_PRI) {
+ /* XXX - handle the constructed encoding? */
+ return ASN1_ERR_WRONG_TYPE;
+ }
+ if (!def)
+ return ASN1_ERR_LENGTH_NOT_DEFINITE;
+
+ ret = asn1_string_value_decode(a, (int) string_length, &string);
+ if (ret != ASN1_ERR_NOERROR)
+ return ret;
+
+ /* If we have an 'any' component with a string value, we need to append
+ * an extra asterisk before final component. */
+ if ((tag == 1) && (string_length != 0))
+ any_valued = 1;
+
+ if ( (tag == 1) || ((tag == 2) && any_valued) )
+ (*filter_length)++;
+ *filter_length += string_length;
+ *filter = g_realloc(*filter, *filter_length);
+
+ filterp = *filter + strlen(*filter);
+ if ( (tag == 1) || ((tag == 2) && any_valued) )
+ *filterp++ = '*';
+ if (tag == 2)
+ any_valued = 0;
+ if (string_length != 0) {
+ memcpy(filterp, string, string_length);
+ filterp += string_length;
+ }
+ *filterp = '\0';
+ g_free(string);
+ }
+
+ if (any_valued)
+ {
+ (*filter_length)++;
+ *filter = g_realloc(*filter, *filter_length);
+ filterp = *filter + strlen(*filter);
+ *filterp++ = '*';
+ }
+
+ /* NB: Allocated byte for this earlier */
+ *filterp++ = ')';
+ *filterp = '\0';
+
+ return ASN1_ERR_NOERROR;
+}
+
/* Returns -1 if we're at the end, returns an ASN1_ERR value otherwise. */
-static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const guchar **end)
+static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length,
+ int *end)
{
guint cls, con, tag;
guint length;
if (*end == 0)
{
- *end = a->pointer + length;
+ *end = a->offset + length;
*filter_length = 1;
*filter = g_malloc0(*filter_length);
}
{
case LDAP_FILTER_AND:
{
- const guchar *add_end;
+ int add_end;
if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE;
- add_end = a->pointer + length;
+ add_end = a->offset + length;
*filter_length += 3;
*filter = g_realloc(*filter, *filter_length);
strcat(*filter, "(&");
break;
case LDAP_FILTER_OR:
{
- const guchar *or_end;
+ int or_end;
if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE;
- or_end = a->pointer + length;
+ or_end = a->offset + length;
*filter_length += 3;
*filter = g_realloc(*filter, *filter_length);
strcat(*filter, "(|");
break;
case LDAP_FILTER_NOT:
{
- const guchar *not_end;
+ int not_end;
if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE;
- not_end = a->pointer + length;
+ not_end = a->offset + length;
*filter_length += 3;
*filter = g_realloc(*filter, *filter_length);
strcat(*filter, "(!");
case LDAP_FILTER_PRESENT:
{
guchar *string;
+ char *filterp;
if (con != ASN1_PRI)
return ASN1_ERR_WRONG_TYPE;
- ret = asn1_octet_string_value_decode(a, length, &string);
+ ret = asn1_string_value_decode(a, length, &string);
if (ret != ASN1_ERR_NOERROR)
return ret;
- *filter_length += 3 + length;
+ *filter_length += 4 + length;
*filter = g_realloc(*filter, *filter_length);
- sprintf(*filter + strlen(*filter), "(%.*s=*)", (int)length, string);
+ filterp = *filter + strlen(*filter);
+ *filterp++ = '(';
+ if (length != 0) {
+ memcpy(filterp, string, length);
+ filterp += length;
+ }
+ *filterp++ = '=';
+ *filterp++ = '*';
+ *filterp++ = ')';
+ *filterp = '\0';
g_free(string);
}
break;
case LDAP_FILTER_SUBSTRINGS:
if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE;
- asn1_null_decode(a, length); /* XXX - actually decode this... */
+ /* Richard Dawe: Handle substrings */
+ ret = parse_filter_substrings(a, filter, filter_length);
+ if (ret != -1 && ret != ASN1_ERR_NOERROR)
+ return ret;
break;
default:
return ASN1_ERR_WRONG_TYPE;
}
}
- if (a->pointer == *end)
+ if (a->offset == *end)
return -1;
else
return ret;
static int read_filter(ASN1_SCK *a, proto_tree *tree, int hf_id)
{
- const guchar *start = a->pointer;
+ int start = a->offset;
char *filter = 0;
guint filter_length = 0;
- const guchar *end = 0;
+ int end = 0;
int ret;
while ((ret = parse_filter(a, &filter, &filter_length, &end))
if (tree) {
if (ret != -1) {
- proto_tree_add_text(tree, start-a->begin, 0,
+ proto_tree_add_text(tree, a->tvb, start, 0,
"Error parsing filter (%d)", ret);
} else
- proto_tree_add_item(tree, hf_id, start-a->begin, a->pointer-start, filter);
+ proto_tree_add_string(tree, hf_id, a->tvb, start, a->offset-start, filter);
}
g_free(filter);
if (resultCode == 10) /* Referral */
{
- const guchar *start = a->pointer;
- const guchar *end;
+ int start = a->offset;
+ int end;
guint length;
proto_tree *t, *referralTree;
read_sequence(a, &length);
- t = proto_tree_add_text(tree, start-a->begin, length, "Referral URLs");
+ t = proto_tree_add_text(tree, a->tvb, start, length, "Referral URLs");
referralTree = proto_item_add_subtree(t, ett_ldap_referrals);
- end = a->pointer + length;;
- while (a->pointer < end)
+ end = a->offset + length;
+ while (a->offset < end)
read_string(a, referralTree, hf_ldap_message_result_referral, 0, 0, ASN1_UNI, ASN1_OTS);
}
{
guint cls, con, tag;
guint def, length;
- const guchar *start;
+ int start;
read_integer(a, tree, hf_ldap_message_bind_version, 0, 0, ASN1_INT);
read_string(a, tree, hf_ldap_message_bind_dn, 0, 0, ASN1_UNI, ASN1_OTS);
- start = a->pointer;
+ start = a->offset;
if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
return 1; /* XXX - right return value for an error? */
if (cls != ASN1_CTX)
return 1; /* RFCs 1777 and 2251 say these are context-specific types */
- proto_tree_add_item(tree, hf_ldap_message_bind_auth, start - a->begin,
- a->pointer - start, tag);
+ proto_tree_add_uint(tree, hf_ldap_message_bind_auth, a->tvb, start,
+ a->offset - start, tag);
switch (tag)
{
case LDAP_AUTH_SIMPLE:
static int dissect_ldap_request_search(ASN1_SCK *a, proto_tree *tree)
{
guint seq_length;
- const guchar *end;
+ int end;
int ret;
read_string(a, tree, hf_ldap_message_search_base, 0, 0, ASN1_UNI, ASN1_OTS);
read_integer(a, tree, hf_ldap_message_search_deref, 0, 0, ASN1_ENUM);
read_integer(a, tree, hf_ldap_message_search_sizeLimit, 0, 0, ASN1_INT);
read_integer(a, tree, hf_ldap_message_search_timeLimit, 0, 0, ASN1_INT);
- read_integer(a, tree, hf_ldap_message_search_typesOnly, 0, 0, ASN1_BOL);
+ read_boolean(a, tree, hf_ldap_message_search_typesOnly, 0, 0);
ret = read_filter(a, tree, hf_ldap_message_search_filter);
if (ret != ASN1_ERR_NOERROR)
return ret;
read_sequence(a, &seq_length);
- end = a->pointer + seq_length;
- while (a->pointer < end) {
+ end = a->offset + seq_length;
+ while (a->offset < end) {
ret = read_string(a, tree, hf_ldap_message_attribute, 0, 0, ASN1_UNI, ASN1_OTS);
if (ret != ASN1_ERR_NOERROR)
return ret;
static int dissect_ldap_response_search_entry(ASN1_SCK *a, proto_tree *tree)
{
guint seq_length;
- const guchar *end_of_sequence;
+ int end_of_sequence;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, &seq_length);
- end_of_sequence = a->pointer + seq_length;
- while (a->pointer < end_of_sequence)
+ end_of_sequence = a->offset + seq_length;
+ while (a->offset < end_of_sequence)
{
proto_tree *t, *attr_tree;
guint set_length;
- const guchar *end_of_set;
+ int end_of_set;
read_sequence(a, 0);
read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS);
attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
read_set(a, &set_length);
- end_of_set = a->pointer + set_length;
- while (a->pointer < end_of_set)
+ end_of_set = a->offset + set_length;
+ while (a->offset < end_of_set)
read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
}
static int dissect_ldap_request_add(ASN1_SCK *a, proto_tree *tree)
{
guint seq_length;
- const guchar *end_of_sequence;
+ int end_of_sequence;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, &seq_length);
- end_of_sequence = a->pointer + seq_length;
- while (a->pointer < end_of_sequence)
+ end_of_sequence = a->offset + seq_length;
+ while (a->offset < end_of_sequence)
{
proto_tree *t, *attr_tree;
guint set_length;
- const guchar *end_of_set;
+ int end_of_set;
read_sequence(a, 0);
read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS);
attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
read_set(a, &set_length);
- end_of_set = a->pointer + set_length;
- while (a->pointer < end_of_set)
+ end_of_set = a->offset + set_length;
+ while (a->offset < end_of_set)
read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
}
}
static int dissect_ldap_request_delete(ASN1_SCK *a, proto_tree *tree,
- const guchar *start, guint length)
+ int start, guint length)
{
read_string_value(a, tree, hf_ldap_message_dn, NULL, NULL, start, length);
return 0;
static int dissect_ldap_request_modifyrdn(ASN1_SCK *a, proto_tree *tree,
guint length)
{
- const guchar *start = a->pointer;
+ int start = a->offset;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_string(a, tree, hf_ldap_message_modrdn_name, 0, 0, ASN1_UNI, ASN1_OTS);
- read_integer(a, tree, hf_ldap_message_modrdn_delete, 0, 0, ASN1_BOL);
+ read_boolean(a, tree, hf_ldap_message_modrdn_delete, 0, 0);
- if (a->pointer < (start + length)) {
+ if (a->offset < (int) (start + length)) {
/* LDAP V3 Modify DN operation, with newSuperior */
read_string(a, tree, hf_ldap_message_modrdn_superior, 0, 0, ASN1_UNI, ASN1_OTS);
}
static int dissect_ldap_request_compare(ASN1_SCK *a, proto_tree *tree)
{
- const guchar *start;
+ int start;
int length;
char *string1 = 0;
char *string2 = 0;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, 0);
- start = a->pointer;
+ start = a->offset;
read_string(a, 0, -1, 0, &string1, ASN1_UNI, ASN1_OTS);
read_string(a, 0, -1, 0, &string2, ASN1_UNI, ASN1_OTS);
+ if (string1 == 0 && string2 == 0) /* read_string failed */
+ return 1;
+
length = 2 + strlen(string1) + strlen(string2);
compare = g_malloc0(length);
snprintf(compare, length, "%s=%s", string1, string2);
- proto_tree_add_item(tree, hf_ldap_message_compare, start-a->begin, a->pointer-start, compare);
+ proto_tree_add_string(tree, hf_ldap_message_compare, a->tvb, start,
+ a->offset-start, compare);
g_free(string1);
g_free(string2);
static int dissect_ldap_request_modify(ASN1_SCK *a, proto_tree *tree)
{
guint seq_length;
- const guchar *end_of_sequence;
+ int end_of_sequence;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, &seq_length);
- end_of_sequence = a->pointer + seq_length;
- while (a->pointer < end_of_sequence)
+ end_of_sequence = a->offset + seq_length;
+ while (a->offset < end_of_sequence)
{
proto_tree *t = 0, *attr_tree;
guint set_length;
- const guchar *end_of_set;
+ int end_of_set;
guint operation;
read_sequence(a, 0);
attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
read_set(a, &set_length);
- end_of_set = a->pointer + set_length;
- while (a->pointer < end_of_set)
+ end_of_set = a->offset + set_length;
+ while (a->offset < end_of_set)
read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
}
}
static int dissect_ldap_request_abandon(ASN1_SCK *a, proto_tree *tree,
- const guchar *start, guint length)
+ int start, guint length)
{
read_integer_value(a, tree, hf_ldap_message_abandon_msgid, NULL, NULL,
start, length);
return 0;
}
-void
-dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
+static void
+dissect_ldap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
+ int offset = 0;
proto_tree *ldap_tree = 0, *ti, *msg_tree;
guint messageLength;
guint messageId;
gchar *typestr;
guint opLen;
ASN1_SCK a;
- const guchar *start;
+ int start;
int first_time = 1;
int ret;
+ if (check_col(pinfo->fd, COL_PROTOCOL))
+ col_set_str(pinfo->fd, COL_PROTOCOL, "LDAP");
+ if (check_col(pinfo->fd, COL_INFO))
+ col_clear(pinfo->fd, COL_INFO);
+
if (tree)
{
- ti = proto_tree_add_item(tree, proto_ldap, offset, END_OF_FRAME, NULL);
+ ti = proto_tree_add_item(tree, proto_ldap, tvb, offset, tvb_length(tvb),
+ FALSE);
ldap_tree = proto_item_add_subtree(ti, ett_ldap);
}
- asn1_open(&a, pd, pi.captured_len);
- a.pointer += offset;
+ asn1_open(&a, tvb, 0);
- while (a.pointer < a.end)
+ while (tvb_reported_length_remaining(tvb, offset) > 0)
{
int message_id_start;
int message_id_length;
int message_start;
- message_start = a.pointer - a.begin;
+ message_start = a.offset;
if (read_sequence(&a, &messageLength))
{
+ if (first_time && check_col(pinfo->fd, COL_INFO))
+ col_set_str(pinfo->fd, COL_INFO, "Invalid LDAP packet");
if (ldap_tree)
- proto_tree_add_text(ldap_tree, offset, 1, "Invalid LDAP packet");
+ proto_tree_add_text(ldap_tree, tvb, offset, 1, "Invalid LDAP packet");
break;
}
- if (messageLength > (a.end - a.pointer))
+ message_id_start = a.offset;
+ if (read_integer(&a, 0, -1, 0, &messageId, ASN1_INT))
{
+ if (first_time && check_col(pinfo->fd, COL_INFO))
+ col_set_str(pinfo->fd, COL_INFO, "Invalid LDAP packet (No Message ID)");
if (ldap_tree)
- proto_tree_add_text(ldap_tree, message_start, END_OF_FRAME, "Short message! (expected: %u, actual: %u)",
- messageLength, a.end - a.pointer);
+ proto_tree_add_text(ldap_tree, tvb, message_id_start, 1,
+ "Invalid LDAP packet (No Message ID)");
break;
}
-
- message_id_start = a.pointer - a.begin;
- read_integer(&a, 0, -1, 0, &messageId, ASN1_INT);
- message_id_length = (a.pointer - a.begin) - message_id_start;
+ message_id_length = a.offset - message_id_start;
- start = a.pointer;
+ start = a.offset;
asn1_id_decode(&a, &protocolOpCls, &protocolOpCon, &protocolOpTag);
if (protocolOpCls != ASN1_APL)
typestr = "Bad message type (not Application)";
if (first_time)
{
- if (check_col(fd, COL_PROTOCOL))
- col_add_str(fd, COL_PROTOCOL, "LDAP");
-
- if (check_col(fd, COL_INFO))
- col_add_fstr(fd, COL_INFO, "MsgId=%u MsgType=%s",
+ if (check_col(pinfo->fd, COL_INFO))
+ col_add_fstr(pinfo->fd, COL_INFO, "MsgId=%u MsgType=%s",
messageId, typestr);
first_time = 0;
if (!tree)
if (ldap_tree)
{
- proto_tree_add_item_hidden(ldap_tree, hf_ldap_message_id, message_id_start, message_id_length, messageId);
- proto_tree_add_item_hidden(ldap_tree, hf_ldap_message_type,
- start - a.begin, a.pointer - start, protocolOpTag);
- ti = proto_tree_add_text(ldap_tree, message_id_start, messageLength, "Message: Id=%u %s", messageId, typestr);
+ proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_id, tvb, message_id_start, message_id_length, messageId);
+ proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_type, tvb,
+ start, a.offset - start, protocolOpTag);
+ ti = proto_tree_add_text(ldap_tree, tvb, message_id_start, messageLength, "Message: Id=%u %s", messageId, typestr);
msg_tree = proto_item_add_subtree(ti, ett_ldap_message);
- start = a.pointer;
+ start = a.offset;
read_length(&a, msg_tree, hf_ldap_message_length, &opLen);
switch (protocolOpTag)
break;
case LDAP_REQ_SEARCH:
ret = dissect_ldap_request_search(&a, msg_tree);
- if (ret != ASN1_ERR_NOERROR)
- break;
+ /* XXX - do something with "ret" */
break;
case LDAP_REQ_ADD:
dissect_ldap_request_add(&a, msg_tree);
break;
}
}
+ offset = a.offset;
}
}
{69, "Objectclass modification prohibited"},
{71, "Affects multiple DSAs"},
{80, "Other"},
+ {0, NULL},
};
static value_string auth_types[] = {
{LDAP_AUTH_KRBV4LDAP, "Kerberos V4 to the LDAP server"},
{LDAP_AUTH_KRBV4DSA, "Kerberos V4 to the DSA"},
{LDAP_AUTH_SASL, "SASL"},
+ {0, NULL},
};
static value_string search_scope[] = {
{0x00, "Base"},
{0x01, "Single"},
{0x02, "Subtree"},
+ {0x00, NULL},
};
static value_string search_dereference[] = {
{0x01, "Searching"},
{0x02, "Base Object"},
{0x03, "Always"},
+ {0x00, NULL},
};
static hf_register_info hf[] = {
{ &hf_ldap_length,
{ "Length", "ldap.length",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Length" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Length", HFILL }},
{ &hf_ldap_message_id,
{ "Message Id", "ldap.message_id",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Message Id" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Message Id", HFILL }},
{ &hf_ldap_message_type,
{ "Message Type", "ldap.message_type",
FT_UINT8, BASE_HEX, &msgTypes, 0x0,
- "LDAP Message Type" }},
+ "LDAP Message Type", HFILL }},
{ &hf_ldap_message_length,
{ "Message Length", "ldap.message_length",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Message Length" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Message Length", HFILL }},
{ &hf_ldap_message_result,
{ "Result Code", "ldap.result.code",
- FT_INT8, BASE_HEX, result_codes, 0x0,
- "LDAP Result Code" }},
+ FT_UINT8, BASE_HEX, result_codes, 0x0,
+ "LDAP Result Code", HFILL }},
{ &hf_ldap_message_result_matcheddn,
{ "Matched DN", "ldap.result.matcheddn",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Result Matched DN" }},
+ "LDAP Result Matched DN", HFILL }},
{ &hf_ldap_message_result_errormsg,
{ "Error Message", "ldap.result.errormsg",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Result Error Message" }},
+ "LDAP Result Error Message", HFILL }},
{ &hf_ldap_message_result_referral,
{ "Referral", "ldap.result.referral",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Result Referral URL" }},
+ "LDAP Result Referral URL", HFILL }},
{ &hf_ldap_message_bind_version,
{ "Version", "ldap.bind.version",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Bind Version" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Bind Version", HFILL }},
{ &hf_ldap_message_bind_dn,
{ "DN", "ldap.bind.dn",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Bind Distinguished Name" }},
+ "LDAP Bind Distinguished Name", HFILL }},
{ &hf_ldap_message_bind_auth,
{ "Auth Type", "ldap.bind.auth_type",
FT_UINT8, BASE_HEX, auth_types, 0x0,
- "LDAP Bind Auth Type" }},
+ "LDAP Bind Auth Type", HFILL }},
{ &hf_ldap_message_bind_auth_password,
{ "Password", "ldap.bind.password",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Bind Password" }},
+ "LDAP Bind Password", HFILL }},
{ &hf_ldap_message_search_base,
{ "Base DN", "ldap.search.basedn",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Search Base Distinguished Name" }},
+ "LDAP Search Base Distinguished Name", HFILL }},
{ &hf_ldap_message_search_scope,
{ "Scope", "ldap.search.scope",
FT_UINT8, BASE_HEX, search_scope, 0x0,
- "LDAP Search Scope" }},
+ "LDAP Search Scope", HFILL }},
{ &hf_ldap_message_search_deref,
{ "Dereference", "ldap.search.dereference",
FT_UINT8, BASE_HEX, search_dereference, 0x0,
- "LDAP Search Dereference" }},
+ "LDAP Search Dereference", HFILL }},
{ &hf_ldap_message_search_sizeLimit,
{ "Size Limit", "ldap.search.sizelimit",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Search Size Limit" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Search Size Limit", HFILL }},
{ &hf_ldap_message_search_timeLimit,
{ "Time Limit", "ldap.search.timelimit",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Search Time Limit" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Search Time Limit", HFILL }},
{ &hf_ldap_message_search_typesOnly,
{ "Attributes Only", "ldap.search.typesonly",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
- "LDAP Search Attributes Only" }},
+ "LDAP Search Attributes Only", HFILL }},
{ &hf_ldap_message_search_filter,
{ "Filter", "ldap.search.filter",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Search Filter" }},
+ "LDAP Search Filter", HFILL }},
{ &hf_ldap_message_dn,
{ "Distinguished Name", "ldap.dn",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Distinguished Name" }},
+ "LDAP Distinguished Name", HFILL }},
{ &hf_ldap_message_attribute,
{ "Attribute", "ldap.attribute",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Attribute" }},
+ "LDAP Attribute", HFILL }},
{ &hf_ldap_message_value,
{ "Value", "ldap.value",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Value" }},
+ "LDAP Value", HFILL }},
{ &hf_ldap_message_modrdn_name,
{ "New Name", "ldap.modrdn.name",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP New Name" }},
+ "LDAP New Name", HFILL }},
{ &hf_ldap_message_modrdn_delete,
{ "Delete Values", "ldap.modrdn.delete",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
- "LDAP Modify RDN - Delete original values" }},
+ "LDAP Modify RDN - Delete original values", HFILL }},
{ &hf_ldap_message_modrdn_superior,
{ "New Location", "ldap.modrdn.superior",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Modify RDN - New Location" }},
+ "LDAP Modify RDN - New Location", HFILL }},
{ &hf_ldap_message_compare,
{ "Test", "ldap.compare.test",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Compare Test" }},
+ "LDAP Compare Test", HFILL }},
{ &hf_ldap_message_modify_add,
{ "Add", "ldap.modify.add",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Add" }},
+ "LDAP Add", HFILL }},
{ &hf_ldap_message_modify_replace,
{ "Replace", "ldap.modify.replace",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Replace" }},
+ "LDAP Replace", HFILL }},
{ &hf_ldap_message_modify_delete,
{ "Delete", "ldap.modify.delete",
FT_STRING, BASE_NONE, NULL, 0x0,
- "LDAP Delete" }},
+ "LDAP Delete", HFILL }},
{ &hf_ldap_message_abandon_msgid,
{ "Abandon Msg Id", "ldap.abandon.msgid",
- FT_INT32, BASE_DEC, NULL, 0x0,
- "LDAP Abandon Msg Id" }},
+ FT_UINT32, BASE_DEC, NULL, 0x0,
+ "LDAP Abandon Msg Id", HFILL }},
};
static gint *ett[] = {
&ett_ldap_attribute
};
- proto_ldap = proto_register_protocol("Lightweight Directory Access Protocol", "ldap");
+ proto_ldap = proto_register_protocol("Lightweight Directory Access Protocol",
+ "LDAP", "ldap");
proto_register_field_array(proto_ldap, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
}
+
+void
+proto_reg_handoff_ldap(void)
+{
+ dissector_handle_t ldap_handle;
+
+ ldap_handle = create_dissector_handle(dissect_ldap, proto_ldap);
+ dissector_add("tcp.port", TCP_PORT_LDAP, ldap_handle);
+}