Adding upstream version 4.2.2.upstream/4.2.2

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 229 insertions, 0 deletions

diff --git a/epan/dissectors/packet-ddtp.c b/epan/dissectors/packet-ddtp.c
new file mode 100644
index 00000000..790f9dab
--- /dev/null
+++ b/epan/dissectors/packet-ddtp.c
@@ -0,0 +1,229 @@
+/* packet-ddtp.c
+ * Routines for DDTP (Dynamic DNS Tools Protocol) packet disassembly
+ * see http://ddt.sourceforge.net/
+ * Olivier Abad <oabad@noos.fr>
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 2000
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "config.h"
+
+#include <epan/packet.h>
+#include <epan/expert.h>
+
+#define DDTP_VERSION_ERROR      0
+#define DDTP_VERSION_4          1
+#define DDTP_VERSION_5          2
+
+#define DDTP_ENCRYPT_ERROR      0
+#define DDTP_ENCRYPT_PLAINTEXT  1
+#define DDTP_ENCRYPT_BLOWFISH   2
+
+#define DDTP_MESSAGE_ERROR      0
+#define DDTP_UPDATE_QUERY       1
+#define DDTP_UPDATE_REPLY       2
+#define DDTP_ALIVE_QUERY        3
+#define DDTP_ALIVE_REPLY        4
+
+#define DDTP_MARK_ONLINE        0
+#define DDTP_MARK_OFFLINE       1
+
+#define DDTP_UPDATE_SUCCEEDED   0
+#define DDTP_UPDATE_FAILED      1
+#define DDTP_INVALID_PASSWORD   2
+#define DDTP_INVALID_ACCOUNT    3
+#define DDTP_INVALID_OPCODE     4
+
+void proto_register_ddtp (void);
+void proto_reg_handoff_ddtp (void);
+
+static dissector_handle_t ddtp_handle;
+
+static int proto_ddtp = -1;
+static int hf_ddtp_version = -1;
+static int hf_ddtp_encrypt = -1;
+static int hf_ddtp_hostid = -1;
+static int hf_ddtp_msgtype = -1;
+static int hf_ddtp_opcode = -1;
+static int hf_ddtp_ipaddr = -1;
+static int hf_ddtp_status = -1;
+static int hf_ddtp_alive = -1;
+
+static int ett_ddtp = -1;
+
+static expert_field ei_ddtp_msgtype = EI_INIT;
+
+#define UDP_PORT_DDTP   1052
+
+/*
+ * XXX - is 0 an invalid value?  If so, should we remove it from this
+ * list, so that putative DDNS packets with a version number of 0 are
+ * rejected?
+ */
+static const value_string vals_ddtp_version[] = {
+    { DDTP_VERSION_ERROR, "Protocol Error" },
+    { DDTP_VERSION_4,     "4" },
+    { DDTP_VERSION_5,     "5" },
+    { 0, NULL}
+};
+
+static const value_string vals_ddtp_encrypt[] = {
+    { DDTP_ENCRYPT_ERROR,     "Encryption Error" },
+    { DDTP_ENCRYPT_PLAINTEXT, "Plain text" },
+    { DDTP_ENCRYPT_BLOWFISH,  "Blowfish" },
+    { 0, NULL}
+};
+
+static const value_string vals_ddtp_msgtype[] = {
+    { DDTP_MESSAGE_ERROR, "Message Error" },
+    { DDTP_UPDATE_QUERY,  "Update Query" },
+    { DDTP_UPDATE_REPLY,  "Update Reply" },
+    { DDTP_ALIVE_QUERY,   "Alive Query" },
+    { DDTP_ALIVE_REPLY,   "Alive Reply" },
+    { 0, NULL}
+};
+
+static const value_string vals_ddtp_opcode[] = {
+    { DDTP_MARK_ONLINE,  "Mark online" },
+    { DDTP_MARK_OFFLINE, "Mark offline" },
+    { 0, NULL}
+};
+
+static const value_string vals_ddtp_status[] = {
+    { DDTP_UPDATE_SUCCEEDED, "Update succeeded" },
+    { DDTP_UPDATE_FAILED,    "Update failed" },
+    { DDTP_INVALID_PASSWORD, "Invalid password" },
+    { DDTP_INVALID_ACCOUNT,  "Invalid account" },
+    { DDTP_INVALID_OPCODE,   "Invalid opcode" },
+    { 0, NULL}
+};
+
+static int
+dissect_ddtp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
+{
+    proto_tree *ddtp_tree;
+    proto_item *ti;
+
+    /*
+     * If we don't recognize the version number, don't dissect this.
+     */
+    if (tvb_reported_length(tvb) < 4)
+        return 0;
+
+    if (try_val_to_str(tvb_get_ntohl(tvb, 0), vals_ddtp_version) == NULL)
+            return 0;
+
+    /* Indicate what kind of message this is. */
+    col_set_str (pinfo->cinfo, COL_PROTOCOL, "DDTP");
+    /* In case we throw an exception below. */
+    col_clear (pinfo->cinfo, COL_INFO);
+
+        ti = proto_tree_add_item(tree, proto_ddtp, tvb, 0, -1, ENC_NA);
+        ddtp_tree = proto_item_add_subtree(ti, ett_ddtp);
+
+        proto_tree_add_item(ddtp_tree, hf_ddtp_version, tvb, 0, 4, ENC_BIG_ENDIAN);
+        proto_tree_add_item(ddtp_tree, hf_ddtp_encrypt, tvb, 4, 4, ENC_BIG_ENDIAN);
+        proto_tree_add_item(ddtp_tree, hf_ddtp_hostid, tvb, 8, 4, ENC_BIG_ENDIAN);
+
+    if (tvb_get_ntohl(tvb, 4) == DDTP_ENCRYPT_PLAINTEXT) {
+            ti = proto_tree_add_item(ddtp_tree, hf_ddtp_msgtype, tvb, 12, 4, ENC_BIG_ENDIAN);
+        switch (tvb_get_ntohl(tvb, 12)) {
+        case DDTP_MESSAGE_ERROR :
+            col_set_str(pinfo->cinfo, COL_INFO, "Message Error");
+            break;
+        case DDTP_UPDATE_QUERY :
+            col_set_str(pinfo->cinfo, COL_INFO, "Update Query");
+                proto_tree_add_item(ddtp_tree, hf_ddtp_opcode, tvb, 16, 4, ENC_BIG_ENDIAN);
+                proto_tree_add_item(ddtp_tree, hf_ddtp_ipaddr, tvb, 20, 4, ENC_BIG_ENDIAN);
+            break;
+        case DDTP_UPDATE_REPLY :
+            col_set_str(pinfo->cinfo, COL_INFO, "Update Reply");
+                proto_tree_add_item(ddtp_tree, hf_ddtp_status, tvb, 16, 4, ENC_BIG_ENDIAN);
+            break;
+        case DDTP_ALIVE_QUERY :
+            col_set_str(pinfo->cinfo, COL_INFO, "Alive Query");
+                proto_tree_add_item(ddtp_tree, hf_ddtp_alive, tvb, 16, 4, ENC_BIG_ENDIAN);
+            break;
+        case DDTP_ALIVE_REPLY :
+            col_set_str(pinfo->cinfo, COL_INFO, "Alive Reply");
+                proto_tree_add_item(ddtp_tree, hf_ddtp_alive, tvb, 16, 4, ENC_BIG_ENDIAN);
+            break;
+        default :
+            col_set_str(pinfo->cinfo, COL_INFO, "Unknown type");
+                expert_add_info(pinfo, ti, &ei_ddtp_msgtype);
+        }
+    } else {
+        col_set_str(pinfo->cinfo, COL_INFO, "Encrypted payload");
+    }
+    return tvb_reported_length(tvb);
+}
+
+void
+proto_register_ddtp(void)
+{
+    static hf_register_info hf_ddtp[] = {
+        { &hf_ddtp_version,
+          { "Version", "ddtp.version", FT_UINT32, BASE_DEC, VALS(vals_ddtp_version), 0x0,
+            NULL, HFILL }},
+        { &hf_ddtp_encrypt,
+          { "Encryption", "ddtp.encrypt", FT_UINT32, BASE_DEC, VALS(vals_ddtp_encrypt), 0x0,
+            "Encryption type", HFILL }},
+        { &hf_ddtp_hostid,
+          { "Hostid", "ddtp.hostid", FT_UINT32, BASE_DEC, NULL, 0x0,
+            "Host ID", HFILL }},
+        { &hf_ddtp_msgtype,
+          { "Message type", "ddtp.msgtype", FT_UINT32, BASE_DEC, VALS(vals_ddtp_msgtype), 0x0,
+            NULL, HFILL }},
+        { &hf_ddtp_opcode,
+          { "Opcode", "ddtp.opcode", FT_UINT32, BASE_DEC, VALS(vals_ddtp_opcode), 0x0,
+            "Update query opcode", HFILL }},
+        { &hf_ddtp_ipaddr,
+          { "IP address", "ddtp.ipaddr", FT_IPv4, BASE_NONE, NULL, 0x0,
+            NULL, HFILL }},
+        { &hf_ddtp_status,
+          { "Status", "ddtp.status", FT_UINT32, BASE_DEC, VALS(vals_ddtp_status), 0x0,
+            "Update reply status", HFILL }},
+        { &hf_ddtp_alive,
+          { "Dummy", "ddtp.alive", FT_UINT32, BASE_DEC, NULL, 0x0,
+            NULL, HFILL }},
+    };
+
+    static gint *ett[] = { &ett_ddtp };
+
+    static ei_register_info ei[] = {
+        { &ei_ddtp_msgtype, { "ddtp.msgtype.unknown", PI_PROTOCOL, PI_WARN, "Unknown type", EXPFILL }},
+    };
+
+    expert_module_t* expert_ddtp;
+
+    proto_ddtp = proto_register_protocol("Dynamic DNS Tools Protocol", "DDTP", "ddtp");
+    proto_register_field_array(proto_ddtp, hf_ddtp, array_length(hf_ddtp));
+    proto_register_subtree_array(ett, array_length(ett));
+    expert_ddtp = expert_register_protocol(proto_ddtp);
+    expert_register_field_array(expert_ddtp, ei, array_length(ei));
+
+    ddtp_handle = register_dissector("ddtp", dissect_ddtp, proto_ddtp);
+}
+
+void
+proto_reg_handoff_ddtp(void)
+{
+    dissector_add_uint_with_preference("udp.port", UDP_PORT_DDTP, ddtp_handle);
+}
+
+/*
+ * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 4
+ * tab-width: 8
+ * indent-tabs-mode: nil
+ * End:
+ *
+ * vi: set shiftwidth=4 tabstop=8 expandtab:
+ * :indentSize=4:tabSize=8:noTabs=true:
+ */