* draft-nguyen-ospf-oob-resync-05.txt
* draft-nguyen-ospf-restart-05.txt
* - (c) 2005 Michael Rozhavsky <mrozhavsky@fortinet.com>
- *
+ *
* At this time, this module is able to analyze OSPF
* packets as specified in RFC2328. MOSPF (RFC1584) and other
* OSPF Extensions which introduce new Packet types
static void dissect_ospf_v3_address_prefix(tvbuff_t *, int, int, proto_tree *);
-static int
+static int
ospf_has_lls_block(tvbuff_t *tvb, int offset, guint8 packet_type)
{
guint8 flags;
switch (packet_type){
case OSPF_HELLO:
- dissect_ospf_hello(tvb, ospf_header_length, ospf_tree, version,
+ dissect_ospf_hello(tvb, ospf_header_length, ospf_tree, version,
ospflen - ospf_header_length);
break;
case OSPF_DB_DESC:
- dissect_ospf_db_desc(tvb, ospf_header_length, ospf_tree, version,
+ dissect_ospf_db_desc(tvb, ospf_header_length, ospf_tree, version,
ospflen - ospf_header_length);
break;
case OSPF_LS_REQ:
- dissect_ospf_ls_req(tvb, ospf_header_length, ospf_tree, version,
+ dissect_ospf_ls_req(tvb, ospf_header_length, ospf_tree, version,
ospflen - ospf_header_length);
break;
case OSPF_LS_UPD:
- dissect_ospf_ls_upd(tvb, ospf_header_length, ospf_tree, version,
+ dissect_ospf_ls_upd(tvb, ospf_header_length, ospf_tree, version,
ospflen - ospf_header_length);
break;
case OSPF_LS_ACK:
- dissect_ospf_ls_ack(tvb, ospf_header_length, ospf_tree, version,
+ dissect_ospf_ls_ack(tvb, ospf_header_length, ospf_tree, version,
ospflen - ospf_header_length);
break;
/* take care of the LLS data block */
if (ospf_has_lls_block(tvb, ospf_header_length, packet_type))
- dissect_ospf_lls_data_block(tvb, ospflen + crypto_len, ospf_tree,
+ dissect_ospf_lls_data_block(tvb, ospflen + crypto_len, ospf_tree,
version);
}
}
type = tvb_get_ntohs(tvb, offset);
length = tvb_get_ntohs(tvb, offset + 2);
- ti = proto_tree_add_text(tree, tvb, offset, length + 4,
+ ti = proto_tree_add_text(tree, tvb, offset, length + 4,
val_to_str(type, lls_tlv_type_vals, "Unknown TLV"));
ospf_lls_tlv_tree = proto_item_add_subtree(ti, ett_ospf_lls_tlv);
-
+
proto_tree_add_text(ospf_lls_tlv_tree, tvb, offset, 2,
"Type: %d", type);
proto_tree_add_text(ospf_lls_tlv_tree, tvb, offset + 2, 2,
"Length: %d", length);
-
+
switch(type) {
case 1:
dissect_ospf_bitfield(ospf_lls_tlv_tree, tvb, offset + 4, &bfinfo_lls_ext_options);
break;
case 2:
- proto_tree_add_text(ospf_lls_tlv_tree, tvb, offset + 4, 4,
- "Sequence number 0x%08x",
+ proto_tree_add_text(ospf_lls_tlv_tree, tvb, offset + 4, 4,
+ "Sequence number 0x%08x",
tvb_get_ntohl(tvb, offset + 4));
proto_tree_add_text(ospf_lls_tlv_tree, tvb, offset + 8, length - 4,
- "Auth Data: %s",
+ "Auth Data: %s",
tvb_bytes_to_str(tvb, offset + 8, length - 4));
break;
}
}
static void
-dissect_ospf_lls_data_block(tvbuff_t *tvb, int offset, proto_tree *tree,
+dissect_ospf_lls_data_block(tvbuff_t *tvb, int offset, proto_tree *tree,
guint8 version)
{
proto_tree *ospf_lls_data_block_tree;
ospf_lls_len = tvb_get_ntohs(tvb, offset + 2);
ti = proto_tree_add_text(tree, tvb, offset, -1, "OSPF LLS Data Block");
- ospf_lls_data_block_tree = proto_item_add_subtree(ti,
+ ospf_lls_data_block_tree = proto_item_add_subtree(ti,
ett_ospf_lls_data_block);
if (version != OSPF_VERSION_2)
return;
/* TODO: verify checksum */
- proto_tree_add_text(ospf_lls_data_block_tree, tvb, offset, 2,
+ proto_tree_add_text(ospf_lls_data_block_tree, tvb, offset, 2,
"Checksum: 0x%04x", tvb_get_ntohs(tvb, offset));
proto_tree_add_text(ospf_lls_data_block_tree, tvb, offset + 2, 2,
"LLS Data Length: %d bytes", ospf_lls_len * 4);
-
+
offset += 4;
while (orig_offset + ospf_lls_len * 4 > offset)
offset = dissect_ospf_lls_tlv (tvb, offset, ospf_lls_data_block_tree);
}
static void
-dissect_ospf_hello(tvbuff_t *tvb, int offset, proto_tree *tree, guint8 version,
+dissect_ospf_hello(tvbuff_t *tvb, int offset, proto_tree *tree, guint8 version,
guint16 length)
{
proto_tree *ospf_hello_tree;
}
static void
-dissect_ospf_db_desc(tvbuff_t *tvb, int offset, proto_tree *tree,
+dissect_ospf_db_desc(tvbuff_t *tvb, int offset, proto_tree *tree,
guint8 version, guint16 length)
{
proto_tree *ospf_db_desc_tree=NULL;
while (lsa_counter < lsa_nr) {
if ( version == OSPF_VERSION_2)
offset = dissect_ospf_v2_lsa(tvb, offset, ospf_lsa_upd_tree, TRUE);
- else
- if ( version == OSPF_VERSION_3)
+ else if ( version == OSPF_VERSION_3)
offset = dissect_ospf_v3_lsa(tvb, offset, ospf_lsa_upd_tree, TRUE);
+ else
+ /* We could potentially waste CPU cycles looping */
+ lsa_counter = lsa_nr;
+
lsa_counter += 1;
}
}
ti = proto_tree_add_text(tlv_tree, tvb, stlv_offset, stlv_len+4,
"%s: %u - %s", stlv_name,
tvb_get_guint8(tvb, stlv_offset + 4),
- val_to_str(tvb_get_guint8(tvb, stlv_offset + 4),
+ val_to_str(tvb_get_guint8(tvb, stlv_offset + 4),
mpls_link_stlv_ltype_str, "Unknown Link Type"));
stlv_tree = proto_item_add_subtree(ti, ett_ospf_lsa_mpls_link_stlv);
proto_tree_add_text(stlv_tree, tvb, stlv_offset, 2,
tvb_get_ntohl(tvb, stlv_offset + 8),
tvb_get_ntohl(tvb, stlv_offset + 8));
stlv_tree = proto_item_add_subtree(ti, ett_ospf_lsa_mpls_link_stlv);
-
+
proto_tree_add_text(stlv_tree, tvb, stlv_offset, 2,
"TLV Type: %u: %s", stlv_type, stlv_name);
proto_tree_add_text(stlv_tree, tvb, stlv_offset+2, 2, "TLV Length: %u",
- stlv_len);
+ stlv_len);
proto_tree_add_item(stlv_tree,
ospf_filter[OSPFF_LS_MPLS_LOCAL_IFID],
tvb, stlv_offset+4, 4, FALSE);
proto_tree_add_text(stlv_tree, tvb, stlv_offset+4, 1, "Protection Capability: %s (0x%x)",
val_to_str(tvb_get_guint8(tvb,stlv_offset+4), gmpls_protection_cap_str, "Unknown (%d)"),tvb_get_guint8(tvb,stlv_offset+4));
break;
-
+
case MPLS_LINK_SHARED_RISK_GROUP:
ti = proto_tree_add_text(tlv_tree, tvb, stlv_offset, stlv_len+4,
"%s", stlv_name);
proto_tree_add_text(stlv_tree, tvb, stlv_offset+2, 2, "TLV Length: %u",
stlv_len);
for (i=0; i < stlv_len; i+=4)
- proto_tree_add_text(stlv_tree, tvb, stlv_offset+4+i, 4, "Shared Risk Link Group: %u",
- tvb_get_ntohl(tvb,stlv_offset+4+i));
+ proto_tree_add_text(stlv_tree, tvb, stlv_offset+4+i, 4, "Shared Risk Link Group: %u",
+ tvb_get_ntohl(tvb,stlv_offset+4+i));
break;
case OIF_LOCAL_NODE_ID:
nr_tos = tvb_get_guint8(tvb, offset + 9);
-
+
ti_local = proto_tree_add_text(ospf_lsa_tree, tvb, offset, 12 + 4 * nr_tos,
"Type: %-8s ID: %-15s Data: %-15s Metric: %d",
- link_type_short_str,
+ link_type_short_str,
ip_to_str(tvb_get_ptr(tvb, offset, 4)),
ip_to_str(tvb_get_ptr(tvb, offset + 4, 4)),
tvb_get_ntohs(tvb, offset + 10));
* Routines for PacketCable (PKTC) Kerberized Key Management and
* PacketCable (PKTC) MTA FQDN packet disassembly
*
- * References:
- * [1] PacketCable 1.0 Security Specification, PKT-SP-SEC-I11-040730, July 30,
+ * References:
+ * [1] PacketCable 1.0 Security Specification, PKT-SP-SEC-I11-040730, July 30,
* 2004, Cable Television Laboratories, Inc., http://www.PacketCable.com/
*
* Ronnie Sahlberg 2004
break;
case DOI_IPSEC:
switch(kmmid){
- /* we dont distinguish between SPIs for inbound Security Associations
- of the client (AP-REQ) vs. server (AP-REP, REKEY). Feel free to add
+ /* we dont distinguish between SPIs for inbound Security Associations
+ of the client (AP-REQ) vs. server (AP-REP, REKEY). Feel free to add
separation for this if it is imporant enough for you. */
case KMMID_AP_REQUEST:
case KMMID_AP_REPLY:
guint32 snonce;
/* AP Request kerberos blob */
- pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE, NULL);
/* Server Nonce */
tvbuff_t *pktc_tvb;
/* AP Reply kerberos blob */
- pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE, NULL);
/* app specific data */
/* Timestamp: YYMMDDhhmmssZ */
/* They really came up with a two-digit year in late 1990s! =8o */
timestr=tvb_get_ptr(tvb, offset, 13);
- proto_tree_add_string_format(tree, hf_pktc_timestamp, tvb, offset, 13, timestr,
- "%s: %.2s-%.2s-%.2s %.2s:%.2s:%.2s",
+ proto_tree_add_string_format(tree, hf_pktc_timestamp, tvb, offset, 13, timestr,
+ "%s: %.2s-%.2s-%.2s %.2s:%.2s:%.2s",
proto_registrar_get_name(hf_pktc_timestamp),
timestr, timestr+2, timestr+4, timestr+6, timestr+8, timestr+10);
offset+=13;
tvbuff_t *pktc_tvb;
/* KRB_ERROR */
- pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE, NULL);
return offset;
offset+=1;
if (check_col(pinfo->cinfo, COL_INFO))
- col_set_str(pinfo->cinfo, COL_INFO,
+ col_set_str(pinfo->cinfo, COL_INFO,
val_to_str(msgtype, pktc_mtafqdn_msgtype_vals, "MsgType %u"));
/* enterprise */
/* manufacturer cert revocation time */
bignum = tvb_get_ntohl(tvb, offset);
ts.secs = bignum;
- proto_tree_add_time_format(tree, hf_pktc_mtafqdn_manu_cert_revoked, tvb, offset, 4,
+ proto_tree_add_time_format(tree, hf_pktc_mtafqdn_manu_cert_revoked, tvb, offset, 4,
&ts, "%s: %s",
proto_registrar_get_name(hf_pktc_mtafqdn_manu_cert_revoked),
(bignum==0) ? "not revoked" : abs_time_secs_to_str(bignum));
case PKTC_MTAFQDN_REP:
/* MTA FQDN */
string_len = tvb_length_remaining(tvb, offset) - 4;
- proto_tree_add_item(tree, hf_pktc_mtafqdn_fqdn, tvb, offset, string_len, FALSE);
- offset+=string_len;
+ DISSECTOR_ASSERT(string_len > 0);
+ proto_tree_add_item(tree, hf_pktc_mtafqdn_fqdn, tvb, offset, string_len, FALSE);
+ offset+=string_len;
/* MTA IP address */
- tvb_memcpy(tvb, (guint8 *)&bignum, offset, sizeof(bignum));
- proto_tree_add_ipv4(tree, hf_pktc_mtafqdn_ip, tvb, offset, 4, bignum);
+ tvb_memcpy(tvb, (guint8 *)&bignum, offset, sizeof(bignum));
+ proto_tree_add_ipv4(tree, hf_pktc_mtafqdn_ip, tvb, offset, 4, bignum);
break;
}
/* KRB_AP_RE[QP] */
- pktc_mtafqdn_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ pktc_mtafqdn_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset += dissect_kerberos_main(pktc_mtafqdn_tvb, pinfo, pktc_mtafqdn_tree, FALSE, NULL);
/* KRB_SAFE */
- pktc_mtafqdn_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ pktc_mtafqdn_tvb = tvb_new_subset(tvb, offset, -1, -1);
offset += dissect_kerberos_main(pktc_mtafqdn_tvb, pinfo, pktc_mtafqdn_tree, FALSE, cb);
proto_item_set_len(item, offset);
doi=tvb_get_guint8(tvb, offset);
proto_tree_add_uint(pktc_tree, hf_pktc_doi, tvb, offset, 1, doi);
offset+=1;
-
+
/* version */
version=tvb_get_guint8(tvb, offset);
proto_tree_add_text(pktc_tree, tvb, offset, 1, "Version: %d.%d", (version>>4)&0x0f, (version)&0x0f);
/* fill COL_INFO */
if (check_col(pinfo->cinfo, COL_INFO)) {
- col_add_str(pinfo->cinfo, COL_INFO,
+ col_add_str(pinfo->cinfo, COL_INFO,
val_to_str(kmmid, kmmid_types, "Unknown KMMID %#x"));
col_append_fstr(pinfo->cinfo, COL_INFO, " (%s)",
val_to_str(doi, doi_types, "Unknown DOI %#x"));