diff options
author | Anders Broman <anders.broman@ericsson.com> | 2008-04-23 20:49:54 +0000 |
---|---|---|
committer | Anders Broman <anders.broman@ericsson.com> | 2008-04-23 20:49:54 +0000 |
commit | 36b88b8e15da9c277ae1e928f66effee5c6c49ec (patch) | |
tree | 9a9a61295b108f5964e455c85555cfa12034b84f | |
parent | 02353b11ce7a88db438a4cd2b682b148c91dc068 (diff) | |
download | wireshark-36b88b8e15da9c277ae1e928f66effee5c6c49ec.tar.gz |
From : Martin Peylo:
PKIXCMP: fix new plain TCP transport style, add OID and preferences
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2499
svn path=/trunk/; revision=25157
-rw-r--r-- | epan/dissectors/packet-cmp.c | 153 | ||||
-rw-r--r-- | epan/dissectors/packet-cmp.h | 4 |
2 files changed, 121 insertions, 36 deletions
diff --git a/epan/dissectors/packet-cmp.c b/epan/dissectors/packet-cmp.c index 29569fface..60d89045da 100644 --- a/epan/dissectors/packet-cmp.c +++ b/epan/dissectors/packet-cmp.c @@ -54,6 +54,7 @@ #include "packet-pkix1implicit.h" #include <epan/emem.h> #include "packet-tcp.h" +#include "packet-http.h" #include <epan/prefs.h> #include <epan/nstime.h> @@ -66,6 +67,18 @@ /* desegmentation of CMP over TCP */ static gboolean cmp_desegment = TRUE; +static dissector_handle_t cmp_http_handle; +static dissector_handle_t cmp_tcp_style_http_handle; +static dissector_handle_t cmp_tcp_handle; + +static gboolean inited = FALSE; +static guint cmp_alternate_tcp_port = 0; +static guint cmp_alternate_tcp_port_prev = 0; +static guint cmp_alternate_http_port = 0; +static guint cmp_alternate_http_port_prev = 0; +static guint cmp_alternate_tcp_style_http_port = 0; +static guint cmp_alternate_tcp_style_http_port_prev = 0; + /* Initialize the protocol and registered fields */ int proto_cmp = -1; static int hf_cmp_type_oid = -1; @@ -239,7 +252,7 @@ static int hf_cmp_PKIFailureInfo_systemFailure = -1; static int hf_cmp_PKIFailureInfo_duplicateCertReq = -1; /*--- End of included file: packet-cmp-hf.c ---*/ -#line 72 "packet-cmp-template.c" +#line 85 "packet-cmp-template.c" /* Initialize the subtree pointers */ static gint ett_cmp = -1; @@ -295,7 +308,7 @@ static gint ett_cmp_PollRepContent = -1; static gint ett_cmp_PollRepContent_item = -1; /*--- End of included file: packet-cmp-ett.c ---*/ -#line 76 "packet-cmp-template.c" +#line 89 "packet-cmp-template.c" static const char *object_identifier_id; @@ -1463,7 +1476,7 @@ static void dissect_SuppLangTagsValue_PDU(tvbuff_t *tvb _U_, packet_info *pinfo /*--- End of included file: packet-cmp-fn.c ---*/ -#line 81 "packet-cmp-template.c" +#line 94 "packet-cmp-template.c" static int dissect_cmp_pdu(tvbuff_t *tvb, proto_tree *tree, asn1_ctx_t *actx) @@ -1612,6 +1625,7 @@ dissect_cmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) { guint32 pdu_len; guint8 pdu_type; + int offset=4; /* RFC2510 TCP transport header length */ /* only attempt to dissect it as CMP over TCP if we have * at least 5 bytes. @@ -1623,17 +1637,32 @@ dissect_cmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) pdu_len=tvb_get_ntohl(tvb, 0); pdu_type=tvb_get_guint8(tvb, 4); - /* arbitrary limit: assume a CMP over TCP pdu is never >10000 bytes - * in size. - * It is definitely at least 1 byte to accomodate the flags byte - */ - if((pdu_len<=0)||(pdu_len>10000)){ - return 0; - } - /* type is between 0 and 6 */ - if(pdu_type>6){ - return 0; + if(pdu_type == 10) { + /* post RFC2510 TCP transport */ + pdu_type = tvb_get_guint8(tvb, 7); + offset = 7; /* post RFC2510 TCP transport header length */ + /* arbitrary limit: assume a CMP over TCP pdu is never >10000 bytes + * in size. + * It is definitely at least 3 byte for post RFC2510 TCP transport + */ + if((pdu_len<=2)||(pdu_len>10000)){ + return 0; + } + } else { + /* RFC2510 TCP transport */ + /* type is between 0 and 6 */ + if(pdu_type>6){ + return 0; + } + /* arbitrary limit: assume a CMP over TCP pdu is never >10000 bytes + * in size. + * It is definitely at least 1 byte to accomodate the flags byte + */ + if((pdu_len<=0)||(pdu_len>10000)){ + return 0; + } } + /* type 0 contains a PKI message and must therefore be >= 3 bytes * long (flags + BER TAG + BER LENGTH */ @@ -1641,7 +1670,7 @@ dissect_cmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) return 0; } - tcp_dissect_pdus(tvb, pinfo, parent_tree, cmp_desegment, 4, get_cmp_pdu_len, + tcp_dissect_pdus(tvb, pinfo, parent_tree, cmp_desegment, offset, get_cmp_pdu_len, dissect_cmp_tcp_pdu); return tvb_length(tvb); @@ -2344,7 +2373,7 @@ void proto_register_cmp(void) { "", HFILL }}, /*--- End of included file: packet-cmp-hfarr.c ---*/ -#line 329 "packet-cmp-template.c" +#line 358 "packet-cmp-template.c" }; /* List of subtrees */ @@ -2402,7 +2431,7 @@ void proto_register_cmp(void) { &ett_cmp_PollRepContent_item, /*--- End of included file: packet-cmp-ettarr.c ---*/ -#line 335 "packet-cmp-template.c" +#line 364 "packet-cmp-template.c" }; module_t *cmp_module; @@ -2413,39 +2442,59 @@ void proto_register_cmp(void) { proto_register_field_array(proto_cmp, hf, array_length(hf)); proto_register_subtree_array(ett, array_length(ett)); - cmp_module = prefs_register_protocol(proto_cmp, NULL); + cmp_module = prefs_register_protocol(proto_cmp, proto_reg_handoff_cmp); prefs_register_bool_preference(cmp_module, "desegment", "Reassemble CMP-over-TCP messages spanning multiple TCP segments", "Whether the CMP-over-TCP dissector should reassemble messages spanning multiple TCP segments. " "To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", &cmp_desegment); + + prefs_register_uint_preference(cmp_module, "tcp_alternate_port", + "Alternate TCP port", + "Decode this TCP port\'s traffic as CMP. Set to \"0\" to disable.", + 10, + &cmp_alternate_tcp_port); + + prefs_register_uint_preference(cmp_module, "http_alternate_port", + "Alternate HTTP port", + "Decode this TCP port\'s traffic as CMP-over-HTTP. Set to \"0\" to disable. " + "Use this if the Content-Type is not set correctly.", + 10, + &cmp_alternate_http_port); + + prefs_register_uint_preference(cmp_module, "tcp_style_http_alternate_port", + "Alternate TCP-style-HTTP port", + "Decode this TCP port\'s traffic as TCP-transport-style CMP-over-HTTP. Set to \"0\" to disable. " + "Use this if the Content-Type is not set correctly.", + 10, + &cmp_alternate_tcp_style_http_port); } /*--- proto_reg_handoff_cmp -------------------------------------------*/ void proto_reg_handoff_cmp(void) { - dissector_handle_t cmp_http_handle; - dissector_handle_t cmp_tcp_style_http_handle; - dissector_handle_t cmp_tcp_handle; - cmp_http_handle = new_create_dissector_handle(dissect_cmp_http, proto_cmp); - dissector_add_string("media_type", "application/pkixcmp", cmp_http_handle); - dissector_add_string("media_type", "application/x-pkixcmp", cmp_http_handle); + if (!inited) { + cmp_http_handle = new_create_dissector_handle(dissect_cmp_http, proto_cmp); + dissector_add_string("media_type", "application/pkixcmp", cmp_http_handle); + dissector_add_string("media_type", "application/x-pkixcmp", cmp_http_handle); + + cmp_tcp_style_http_handle = new_create_dissector_handle(dissect_cmp_tcp_pdu, proto_cmp); + dissector_add_string("media_type", "application/pkixcmp-poll", cmp_tcp_style_http_handle); + dissector_add_string("media_type", "application/x-pkixcmp-poll", cmp_tcp_style_http_handle); - cmp_tcp_style_http_handle = new_create_dissector_handle(dissect_cmp_tcp_pdu, proto_cmp); - dissector_add_string("media_type", "application/pkixcmp-poll", cmp_tcp_style_http_handle); - dissector_add_string("media_type", "application/x-pkixcmp-poll", cmp_tcp_style_http_handle); + cmp_tcp_handle = new_create_dissector_handle(dissect_cmp_tcp, proto_cmp); + dissector_add("tcp.port", TCP_PORT_CMP, cmp_tcp_handle); - cmp_tcp_handle = new_create_dissector_handle(dissect_cmp_tcp, proto_cmp); - dissector_add("tcp.port", TCP_PORT_CMP, cmp_tcp_handle); + oid_add_from_string("Cryptlib-presence-check","1.3.6.1.4.1.3029.3.1.1"); + oid_add_from_string("Cryptlib-PKIBoot","1.3.6.1.4.1.3029.3.1.2"); - oid_add_from_string("Cryptlib-presence-check","1.3.6.1.4.1.3029.3.1.1"); - oid_add_from_string("Cryptlib-PKIBoot","1.3.6.1.4.1.3029.3.1.2"); + oid_add_from_string("HMAC MD5","1.3.6.1.5.5.8.1.1"); + oid_add_from_string("HMAC SHA-1","1.3.6.1.5.5.8.1.2"); + oid_add_from_string("HMAC TIGER","1.3.6.1.5.5.8.1.3"); + oid_add_from_string("HMAC RIPEMD-160","1.3.6.1.5.5.8.1.4"); - oid_add_from_string("HMAC MD5","1.3.6.1.5.5.8.1.1"); - oid_add_from_string("HMAC SHA-1","1.3.6.1.5.5.8.1.2"); - oid_add_from_string("HMAC TIGER","1.3.6.1.5.5.8.1.3"); - oid_add_from_string("HMAC RIPEMD-160","1.3.6.1.5.5.8.1.4"); + oid_add_from_string("sha256WithRSAEncryption","1.2.840.113549.1.1.11"); /*--- Included file: packet-cmp-dis-tab.c ---*/ @@ -2469,6 +2518,40 @@ void proto_reg_handoff_cmp(void) { /*--- End of included file: packet-cmp-dis-tab.c ---*/ -#line 380 "packet-cmp-template.c" +#line 429 "packet-cmp-template.c" + inited = TRUE; + } + + /* change alternate TCP port if changed in the preferences */ + if (cmp_alternate_tcp_port != cmp_alternate_tcp_port_prev) { + if (cmp_alternate_tcp_port_prev != 0) + dissector_delete("tcp.port", cmp_alternate_tcp_port_prev, cmp_tcp_handle); + if (cmp_alternate_tcp_port != 0) + dissector_add("tcp.port", cmp_alternate_tcp_port, cmp_tcp_handle); + cmp_alternate_tcp_port_prev = cmp_alternate_tcp_port; + } + + /* change alternate HTTP port if changed in the preferences */ + if (cmp_alternate_http_port != cmp_alternate_http_port_prev) { + if (cmp_alternate_http_port_prev != 0) { + dissector_delete("tcp.port", cmp_alternate_http_port_prev, NULL); + dissector_delete("http.port", cmp_alternate_http_port_prev, NULL); + } + if (cmp_alternate_http_port != 0) + http_dissector_add( cmp_alternate_http_port, cmp_http_handle); + cmp_alternate_http_port_prev = cmp_alternate_http_port; + } + + /* change alternate TCP-style-HTTP port if changed in the preferences */ + if (cmp_alternate_tcp_style_http_port != cmp_alternate_tcp_style_http_port_prev) { + if (cmp_alternate_tcp_style_http_port_prev != 0) { + dissector_delete("tcp.port", cmp_alternate_tcp_style_http_port_prev, NULL); + dissector_delete("http.port", cmp_alternate_tcp_style_http_port_prev, NULL); + } + if (cmp_alternate_tcp_style_http_port != 0) + http_dissector_add( cmp_alternate_tcp_style_http_port, cmp_tcp_style_http_handle); + cmp_alternate_tcp_style_http_port_prev = cmp_alternate_tcp_style_http_port; + } + } diff --git a/epan/dissectors/packet-cmp.h b/epan/dissectors/packet-cmp.h index 5b90bf3742..12cd23fdca 100644 --- a/epan/dissectors/packet-cmp.h +++ b/epan/dissectors/packet-cmp.h @@ -34,6 +34,8 @@ #ifndef PACKET_CMP_H #define PACKET_CMP_H +void proto_reg_handoff_cmp(void); + /*--- Included file: packet-cmp-exp.h ---*/ #line 1 "packet-cmp-exp.h" @@ -81,7 +83,7 @@ int dissect_cmp_PollReqContent(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int int dissect_cmp_PollRepContent(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_); /*--- End of included file: packet-cmp-exp.h ---*/ -#line 30 "packet-cmp-template.h" +#line 32 "packet-cmp-template.h" #endif /* PACKET_CMP_H */ |