diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
commit | e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc (patch) | |
tree | 68cb5ef9081156392f1dd62a00c6ccc1451b93df /epan/dissectors/packet-scop.c | |
parent | Initial commit. (diff) | |
download | wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.tar.xz wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.zip |
Adding upstream version 4.2.2.upstream/4.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'epan/dissectors/packet-scop.c')
-rw-r--r-- | epan/dissectors/packet-scop.c | 385 |
1 files changed, 385 insertions, 0 deletions
diff --git a/epan/dissectors/packet-scop.c b/epan/dissectors/packet-scop.c new file mode 100644 index 00000000..63867179 --- /dev/null +++ b/epan/dissectors/packet-scop.c @@ -0,0 +1,385 @@ +/* packet-scop.c + * Owen Kirby <osk@exegin.com> + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "config.h" + +#include <epan/packet.h> +#include "packet-tcp.h" + +/* Default SCOP Port numbers. */ +#define SCOP_DEFAULT_PORT_RANGE "17755-17756" + +void proto_register_scop(void); + +/* Structure to contain information from the SCoP packet. */ +typedef struct { + guint8 transport; + guint8 version; + guint16 length; + gboolean encrypted; + guint8 service; + guint8 type; +} scop_packet; + +/* Header definitions for use with the TCP transport layer. */ +#define SCOP_HEADER_LENGTH 4 +#define SCOP_LENGTH_OFFSET 2 + +/* SCoP Transport Types */ +#define SCOP_TRANSPORT_UDP 1 +#define SCOP_TRANSPORT_TCP 2 +#define SCOP_TRANSPORT_UDP_CCM 129 +#define SCOP_TRANSPORT_TCP_CCM 130 +#define SCOP_TRANSPORT_TCP_SSL 131 + +/* Service Identifier Field */ +#define SCOP_SERVICE_SCOP 0x00 +#define SCOP_SERVICE_BRIDGE 0x01 +#define SCOP_SERVICE_GATEWAY 0x02 + +/* SCoP Command Values */ +#define SCOP_CMD_HELLO 0x00 +#define SCOP_CMD_HELLO_RESP 0x01 +#define SCOP_CMD_HELLO_ACK 0x02 +#define SCOP_CMD_GOODBYE 0x04 +#define SCOP_CMD_GOODBYE_RESP 0x05 +#define SCOP_CMD_KEEPALIVE_PING 0x06 +#define SCOP_CMD_KEEPALIVE_PONG 0x07 + +/* Bridge Command type values. */ +#define SCOP_BRIDGE_CMD 0x00 +#define SCOP_BRIDGE_MSG 0x01 + +/* Function declarations */ +void proto_reg_handoff_scop(void); + +static void dissect_scop_zip (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); +static void dissect_scop_bridge (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); + +static guint get_scop_length(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data); + +/* Initialize protocol and registered fields */ +static int proto_scop = -1; +static int hf_scop_transport = -1; +static int hf_scop_version = -1; +static int hf_scop_length = -1; +static int hf_scop_service = -1; +static int hf_scop_type = -1; +static int hf_scop_status = -1; + +static gint ett_scop = -1; + +static const value_string scop_transports [] = { + { SCOP_TRANSPORT_UDP, "UDP Mode 1" }, + { SCOP_TRANSPORT_TCP, "TCP Mode 2" }, + { SCOP_TRANSPORT_UDP_CCM, "UDP Mode 1 with CCM* Security" }, + { SCOP_TRANSPORT_TCP_CCM, "TCP Mode 2 with CCM* Security" }, + { SCOP_TRANSPORT_TCP_SSL, "TCP Mode 3 with SSL/TSL Tunnel" }, + { 0, NULL } +}; + +static const value_string scop_types [] = { + { SCOP_CMD_HELLO, "Hello" }, + { SCOP_CMD_HELLO_RESP, "Hello Response" }, + { SCOP_CMD_HELLO_ACK, "Hello Acknowledgment" }, + { SCOP_CMD_GOODBYE, "Goodbye" }, + { SCOP_CMD_GOODBYE_RESP, "Goodbye Response" }, + { SCOP_CMD_KEEPALIVE_PING, "Keep Alive Ping" }, + { SCOP_CMD_KEEPALIVE_PONG, "Keep Alive Pong" }, + { 0, NULL } +}; + +static const value_string scop_services [] = { + { SCOP_SERVICE_SCOP, "SCoP" }, + { SCOP_SERVICE_BRIDGE, "Bridge" }, + { SCOP_SERVICE_GATEWAY, "Gateway" }, + { 0, NULL } +}; + +/* Dissector handle */ +static dissector_handle_t ieee802154_handle; +static dissector_handle_t scop_udp_handle; +static dissector_handle_t scop_tcp_handle; + + +/*FUNCTION:------------------------------------------------------ + * NAME + * dissect_scop + * DESCRIPTION + * ZigBee SCoP packet dissection routine for Wireshark. + * PARAMETERS + * tvbuff_t *tvb - pointer to buffer containing raw packet. + * packet_info *pinfo - pointer to packet information fields + * proto_tree *tree - pointer to data tree Wireshark uses to display packet. + * RETURNS + * void + *--------------------------------------------------------------- + */ +static int +dissect_scop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) +{ + tvbuff_t *next_tvb; + proto_item *proto_root; + proto_tree *scop_tree; + + guint offset = 0; + scop_packet packet; + + memset(&packet, 0, sizeof(packet)); + + /* Set the protocol name. */ + col_set_str(pinfo->cinfo, COL_PROTOCOL, "SCoP"); + + /* Clear the info column. */ + col_clear(pinfo->cinfo, COL_INFO); + + /* Create the protocol display tree. */ + proto_root = proto_tree_add_protocol_format(tree, proto_scop, tvb, 0, tvb_captured_length(tvb), + "ZigBee SCoP"); + scop_tree = proto_item_add_subtree(proto_root, ett_scop); + + /* Extract the SCoP Transport type. */ + packet.transport = tvb_get_guint8(tvb, offset); + proto_tree_add_uint(scop_tree, hf_scop_transport, tvb, offset, 1, packet.transport); + offset += 1; + + /* Extract the SCoP Version. */ + packet.version = tvb_get_guint8(tvb, offset); + proto_tree_add_uint(scop_tree, hf_scop_version, tvb, offset, 1, packet.version); + offset += 1; + + /* Extract the SCoP Packet length. */ + packet.length = tvb_get_ntohs(tvb, offset); + proto_tree_add_uint(scop_tree, hf_scop_length, tvb, offset, 2, packet.length); + offset += 2; + + if ( (packet.transport == SCOP_TRANSPORT_UDP_CCM) + || (packet.transport == SCOP_TRANSPORT_TCP_CCM)) { + /* Decryption Failed. */ + return offset; + } + next_tvb = tvb; + + /* Extract the service type. */ + packet.service = tvb_get_guint8(next_tvb, offset); + proto_tree_add_uint(scop_tree, hf_scop_service, next_tvb, offset, 1, packet.service); + offset += 1; + + /* Call the appropriate helper routine to dissect based on the service type. */ + switch (packet.service) { + case SCOP_SERVICE_SCOP: + dissect_scop_zip(tvb_new_subset_remaining(next_tvb, offset), pinfo, scop_tree); + break; + case SCOP_SERVICE_BRIDGE: + dissect_scop_bridge(tvb_new_subset_remaining(next_tvb, offset), pinfo, scop_tree); + break; + case SCOP_SERVICE_GATEWAY: + /* Nothing yet defined for the gateway. Fall-Through. */ + default: + /* Unknown Service Type. */ + call_data_dissector(tvb_new_subset_remaining(next_tvb, offset), pinfo, tree); + break; + } + + return tvb_captured_length(tvb); +} /* dissect_scop() */ + +/*FUNCTION:------------------------------------------------------ + * NAME + * get_scop_length + * DESCRIPTION + * Returns the length of a SCoP packet. For use with the TCP + * transport type. + * PARAMETERS + * packet_info *pinfo - pointer to packet information fields + * tvbuff_t *tvb - pointer to buffer containing the packet. + * int offset - beginning of packet. + * RETURNS + * guint - Length of SCoP packet + *--------------------------------------------------------------- + */ +static guint +get_scop_length(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_) +{ + /* Byte 0: Protocol Type. + * Byte 1: Protocol Version. + * Bytes 2-3: Packet Length (network order). + */ + return tvb_get_ntohs(tvb, offset + SCOP_LENGTH_OFFSET); +} /* get_scop_length */ + +/*FUNCTION:------------------------------------------------------ + * NAME + * dissect_scop_tcp + * DESCRIPTION + * ZigBee SCoP packet dissection routine for Wireshark. + * for use with TCP ports. + * PARAMETERS + * tvbuff_t *tvb - pointer to buffer containing raw packet. + * packet_info *pinfo - pointer to packet information fields + * proto_tree *tree - pointer to data tree Wireshark uses to display packet. + * RETURNS + * void + *--------------------------------------------------------------- + */ +static int +dissect_scop_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) +{ + tcp_dissect_pdus(tvb, pinfo, tree, TRUE, SCOP_HEADER_LENGTH, get_scop_length, dissect_scop, data); + return tvb_captured_length(tvb); +} /* dissect_scop_tcp */ + + +/*FUNCTION:------------------------------------------------------ + * NAME + * dissect_scop_zip + * DESCRIPTION + * Intermediate dissector for the SCoP service type. + * PARAMETERS + * tvbuff_t *tvb - pointer to buffer containing raw packet. + * packet_info *pinfo - pointer to packet information fields + * proto_tree *tree - pointer to data tree Wireshark uses to display packet. + * RETURNS + * void + *--------------------------------------------------------------- + */ +static void +dissect_scop_zip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + guint offset = 0; + guint8 type = tvb_get_guint8(tvb, offset); + guint16 status; + + /* Display the Packet type*/ + proto_tree_add_uint(tree, hf_scop_type, tvb, offset, 1, type); + proto_item_append_text(tree, ", %s", val_to_str_const(type, scop_types, "Reserved Type")); + col_set_str(pinfo->cinfo, COL_INFO, val_to_str_const(type, scop_types, "Reserved Type")); + offset += 2; + + if (type == SCOP_CMD_HELLO_RESP) { + status = tvb_get_ntohs(tvb, 1); + proto_tree_add_uint_format_value(tree, hf_scop_status, tvb, offset, 2, status, "%s", (status==0x0000)?"Success":"Failure"); + offset += 2; + } + + /* If there are any bytes left over, pass them to the data dissector. */ + if (offset < tvb_reported_length(tvb)) { + tvbuff_t *payload_tvb = tvb_new_subset_remaining(tvb, offset); + proto_tree *root = proto_tree_get_root(tree); + call_data_dissector(payload_tvb, pinfo, root); + } +} /* dissect_scop_zip() */ + +/*FUNCTION:------------------------------------------------------ + * NAME + * dissect_scop_bridge + * DESCRIPTION + * Intermediate dissector for the Bridge service type. + * PARAMETERS + * tvbuff_t *tvb - pointer to buffer containing raw packet. + * packet_info *pinfo - pointer to packet information fields + * proto_tree *tree - pointer to data tree Wireshark uses to display packet. + * RETURNS + * void + *--------------------------------------------------------------- + */ +static void +dissect_scop_bridge(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + call_dissector(ieee802154_handle, tvb, pinfo, proto_tree_get_root(tree)); +} /* dissect_scop_bridge() */ + +/*FUNCTION:------------------------------------------------------ + * NAME + * proto_register_scop + * DESCRIPTION + * SCoP protocol registration. + * PARAMETERS + * none + * RETURNS + * void + *--------------------------------------------------------------- + */ +void proto_register_scop(void) +{ + static hf_register_info hf[] = { + { &hf_scop_transport, + { "Transport Type", "scop.transport", FT_UINT8, BASE_DEC, VALS(scop_transports), 0x0, + "The type of transport used.", HFILL }}, + + { &hf_scop_version, + { "Version", "scop.version", FT_UINT8, BASE_DEC, NULL, 0x0, + "The version of the sniffer.", HFILL }}, + + { &hf_scop_length, + { "Length", "scop.length", FT_UINT16, BASE_DEC, NULL, 0x0, + NULL, HFILL }}, + + { &hf_scop_service, + { "Service Identifier", "scop.service", FT_UINT8, BASE_DEC, VALS(scop_services), 0x0, + NULL, HFILL }}, + + { &hf_scop_type, + { "Packet Type", "scop.type", FT_UINT8, BASE_DEC, VALS(scop_types), 0x0, + "Service-specific packet type.", HFILL }}, + + { &hf_scop_status, + { "Status", "scop.status", FT_UINT16, BASE_HEX, NULL, 0x0, + "Status of the SCoP Command.", HFILL }} + }; + + static gint *ett[] = { + &ett_scop + }; + + /* Register protocol name and description. */ + proto_scop = proto_register_protocol("ZigBee SCoP", "SCoP", "scop"); + + /* Register header fields and subtrees. */ + proto_register_field_array(proto_scop, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + + /* Register dissector with Wireshark. */ + scop_udp_handle = register_dissector("scop.udp", dissect_scop, proto_scop); + scop_tcp_handle = register_dissector("scop.tcp", dissect_scop_tcp, proto_scop); +} /* proto_register_scop() */ + +/*FUNCTION:------------------------------------------------------ + * NAME + * proto_reg_handoff_scop + * DESCRIPTION + * Registers the zigbee dissector with Wireshark. + * Will be called every time 'apply' is pressed in the preferences menu. + * PARAMETERS + * none + * RETURNS + * void + *--------------------------------------------------------------- + */ +void proto_reg_handoff_scop(void) +{ + ieee802154_handle = find_dissector_add_dependency("wpan_nofcs", proto_scop); + + dissector_add_uint_range_with_preference("udp.port", SCOP_DEFAULT_PORT_RANGE, scop_udp_handle); + dissector_add_uint_range_with_preference("tcp.port", SCOP_DEFAULT_PORT_RANGE, scop_tcp_handle); +} + +/* + * Editor modelines - https://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * vi: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ |