diff options
Diffstat (limited to 'epan/dissectors/asn1/snmp/packet-snmp-template.c')
-rw-r--r-- | epan/dissectors/asn1/snmp/packet-snmp-template.c | 705 |
1 files changed, 378 insertions, 327 deletions
diff --git a/epan/dissectors/asn1/snmp/packet-snmp-template.c b/epan/dissectors/asn1/snmp/packet-snmp-template.c index 96a4a4ae..03b6aef0 100644 --- a/epan/dissectors/asn1/snmp/packet-snmp-template.c +++ b/epan/dissectors/asn1/snmp/packet-snmp-template.c @@ -50,6 +50,7 @@ #include <epan/oids.h> #include <epan/srt_table.h> #include <epan/tap.h> +#include <wsutil/array.h> #include "packet-ipx.h" #include "packet-hpext.h" #include "packet-ber.h" @@ -69,27 +70,27 @@ #define SNMP_NUM_PROCEDURES 8 /* Initialize the protocol and registered fields */ -static int snmp_tap = -1; -static int proto_snmp = -1; -static int proto_smux = -1; +static int snmp_tap; +static int proto_snmp; +static int proto_smux; -static gboolean display_oid = TRUE; -static gboolean snmp_var_in_tree = TRUE; +static bool display_oid = true; +static bool snmp_var_in_tree = true; void proto_register_snmp(void); void proto_reg_handoff_snmp(void); void proto_register_smux(void); void proto_reg_handoff_smux(void); -static void snmp_usm_password_to_key(const snmp_usm_auth_model_t model, const guint8 *password, guint passwordlen, - const guint8 *engineID, guint engineLength, guint8 *key); +static void snmp_usm_password_to_key(const snmp_usm_auth_model_t model, const uint8_t *password, unsigned passwordlen, + const uint8_t *engineID, unsigned engineLength, uint8_t *key); -static tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, gchar const**); -static tvbuff_t* snmp_usm_priv_aes128(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, gchar const**); -static tvbuff_t* snmp_usm_priv_aes192(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, gchar const**); -static tvbuff_t* snmp_usm_priv_aes256(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, gchar const**); +static tvbuff_t* snmp_usm_priv_des(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, char const**); +static tvbuff_t* snmp_usm_priv_aes128(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, char const**); +static tvbuff_t* snmp_usm_priv_aes192(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, char const**); +static tvbuff_t* snmp_usm_priv_aes256(snmp_usm_params_t*, tvbuff_t*, packet_info *pinfo, char const**); -static bool snmp_usm_auth(const packet_info *pinfo, const snmp_usm_auth_model_t model, snmp_usm_params_t* p, guint8**, guint*, gchar const**); +static bool snmp_usm_auth(const packet_info *pinfo, const snmp_usm_auth_model_t model, snmp_usm_params_t* p, uint8_t**, unsigned*, char const**); static const value_string auth_types[] = { {SNMP_USM_AUTH_MD5,"MD5"}, @@ -101,7 +102,7 @@ static const value_string auth_types[] = { {0,NULL} }; -static const guint auth_hash_len[] = { +static const unsigned auth_hash_len[] = { HASH_MD5_LENGTH, HASH_SHA1_LENGTH, HASH_SHA2_224_LENGTH, @@ -110,7 +111,7 @@ static const guint auth_hash_len[] = { HASH_SHA2_512_LENGTH }; -static const guint auth_tag_len[] = { +static const unsigned auth_tag_len[] = { 12, 12, 16, @@ -147,37 +148,46 @@ static snmp_usm_decoder_t priv_protos[] = { snmp_usm_priv_aes256 }; -static snmp_ue_assoc_t* ueas = NULL; -static guint num_ueas = 0; -static snmp_ue_assoc_t* localized_ues = NULL; -static snmp_ue_assoc_t* unlocalized_ues = NULL; +#define PRIVKEYEXP_USM_3DESDESEDE_00 0 +#define PRIVKEYEXP_AGENTPP 1 + +static const value_string priv_key_exp_types[] = { + { PRIVKEYEXP_USM_3DESDESEDE_00, "draft-reeder-snmpv3-usm-3desede-00" }, + { PRIVKEYEXP_AGENTPP, "AGENT++" }, + { 0, NULL } +}; + +static snmp_ue_assoc_t* ueas; +static unsigned num_ueas; +static snmp_ue_assoc_t* localized_ues; +static snmp_ue_assoc_t* unlocalized_ues; /****/ /* Variables used for handling enterprise specific trap types */ typedef struct _snmp_st_assoc_t { char *enterprise; - guint trap; + unsigned trap; char *desc; } snmp_st_assoc_t; -static guint num_specific_traps = 0; -static snmp_st_assoc_t *specific_traps = NULL; -static const char *enterprise_oid = NULL; -static guint generic_trap = 0; -static guint32 snmp_version = 0; -static guint32 RequestID = -1; +static unsigned num_specific_traps; +static snmp_st_assoc_t *specific_traps; +static const char *enterprise_oid; +static unsigned generic_trap; +static uint32_t snmp_version; +static uint32_t RequestID = -1; -static snmp_usm_params_t usm_p = {FALSE,FALSE,0,0,0,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,FALSE}; +static snmp_usm_params_t usm_p; #define TH_AUTH 0x01 #define TH_CRYPT 0x02 #define TH_REPORT 0x04 /* desegmentation of SNMP-over-TCP */ -static gboolean snmp_desegment = TRUE; +static bool snmp_desegment = true; /* Global variables */ -guint32 MsgSecurityModel; +uint32_t MsgSecurityModel; tvbuff_t *oid_tvb=NULL; tvbuff_t *value_tvb=NULL; @@ -188,103 +198,103 @@ static dissector_handle_t smux_handle; static next_tvb_list_t *var_list; -static int hf_snmp_response_in = -1; -static int hf_snmp_response_to = -1; -static int hf_snmp_time = -1; - -static int hf_snmp_v3_flags_auth = -1; -static int hf_snmp_v3_flags_crypt = -1; -static int hf_snmp_v3_flags_report = -1; - -static int hf_snmp_engineid_conform = -1; -static int hf_snmp_engineid_enterprise = -1; -static int hf_snmp_engineid_format = -1; -static int hf_snmp_engineid_ipv4 = -1; -static int hf_snmp_engineid_ipv6 = -1; -static int hf_snmp_engineid_cisco_type = -1; -static int hf_snmp_engineid_mac = -1; -static int hf_snmp_engineid_text = -1; -static int hf_snmp_engineid_time = -1; -static int hf_snmp_engineid_data = -1; -static int hf_snmp_decryptedPDU = -1; -static int hf_snmp_msgAuthentication = -1; - -static int hf_snmp_noSuchObject = -1; -static int hf_snmp_noSuchInstance = -1; -static int hf_snmp_endOfMibView = -1; -static int hf_snmp_unSpecified = -1; - -static int hf_snmp_integer32_value = -1; -static int hf_snmp_octetstring_value = -1; -static int hf_snmp_oid_value = -1; -static int hf_snmp_null_value = -1; -static int hf_snmp_ipv4_value = -1; -static int hf_snmp_ipv6_value = -1; -static int hf_snmp_anyaddress_value = -1; -static int hf_snmp_unsigned32_value = -1; -static int hf_snmp_unknown_value = -1; -static int hf_snmp_opaque_value = -1; -static int hf_snmp_nsap_value = -1; -static int hf_snmp_counter_value = -1; -static int hf_snmp_timeticks_value = -1; -static int hf_snmp_big_counter_value = -1; -static int hf_snmp_gauge32_value = -1; - -static int hf_snmp_objectname = -1; -static int hf_snmp_scalar_instance_index = -1; - -static int hf_snmp_var_bind_str = -1; -static int hf_snmp_agentid_trailer = -1; +static int hf_snmp_response_in; +static int hf_snmp_response_to; +static int hf_snmp_time; + +static int hf_snmp_v3_flags_auth; +static int hf_snmp_v3_flags_crypt; +static int hf_snmp_v3_flags_report; + +static int hf_snmp_engineid_conform; +static int hf_snmp_engineid_enterprise; +static int hf_snmp_engineid_format; +static int hf_snmp_engineid_ipv4; +static int hf_snmp_engineid_ipv6; +static int hf_snmp_engineid_cisco_type; +static int hf_snmp_engineid_mac; +static int hf_snmp_engineid_text; +static int hf_snmp_engineid_time; +static int hf_snmp_engineid_data; +static int hf_snmp_decryptedPDU; +static int hf_snmp_msgAuthentication; + +static int hf_snmp_noSuchObject; +static int hf_snmp_noSuchInstance; +static int hf_snmp_endOfMibView; +static int hf_snmp_unSpecified; + +static int hf_snmp_integer32_value; +static int hf_snmp_octetstring_value; +static int hf_snmp_oid_value; +static int hf_snmp_null_value; +static int hf_snmp_ipv4_value; +static int hf_snmp_ipv6_value; +static int hf_snmp_anyaddress_value; +static int hf_snmp_unsigned32_value; +static int hf_snmp_unknown_value; +static int hf_snmp_opaque_value; +static int hf_snmp_nsap_value; +static int hf_snmp_counter_value; +static int hf_snmp_timeticks_value; +static int hf_snmp_big_counter_value; +static int hf_snmp_gauge32_value; + +static int hf_snmp_objectname; +static int hf_snmp_scalar_instance_index; + +static int hf_snmp_var_bind_str; +static int hf_snmp_agentid_trailer; #include "packet-snmp-hf.c" /* Initialize the subtree pointers */ -static gint ett_smux = -1; -static gint ett_snmp = -1; -static gint ett_engineid = -1; -static gint ett_msgFlags = -1; -static gint ett_encryptedPDU = -1; -static gint ett_decrypted = -1; -static gint ett_authParameters = -1; -static gint ett_internet = -1; -static gint ett_varbind = -1; -static gint ett_name = -1; -static gint ett_value = -1; -static gint ett_decoding_error = -1; +static int ett_smux; +static int ett_snmp; +static int ett_engineid; +static int ett_msgFlags; +static int ett_encryptedPDU; +static int ett_decrypted; +static int ett_authParameters; +static int ett_internet; +static int ett_varbind; +static int ett_name; +static int ett_value; +static int ett_decoding_error; #include "packet-snmp-ett.c" -static expert_field ei_snmp_failed_decrypted_data_pdu = EI_INIT; -static expert_field ei_snmp_decrypted_data_bad_formatted = EI_INIT; -static expert_field ei_snmp_verify_authentication_error = EI_INIT; -static expert_field ei_snmp_authentication_ok = EI_INIT; -static expert_field ei_snmp_authentication_error = EI_INIT; -static expert_field ei_snmp_varbind_not_uni_class_seq = EI_INIT; -static expert_field ei_snmp_varbind_has_indicator = EI_INIT; -static expert_field ei_snmp_objectname_not_oid = EI_INIT; -static expert_field ei_snmp_objectname_has_indicator = EI_INIT; -static expert_field ei_snmp_value_not_primitive_encoding = EI_INIT; -static expert_field ei_snmp_invalid_oid = EI_INIT; -static expert_field ei_snmp_varbind_wrong_tag = EI_INIT; -static expert_field ei_snmp_varbind_response = EI_INIT; -static expert_field ei_snmp_no_instance_subid = EI_INIT; -static expert_field ei_snmp_wrong_num_of_subids = EI_INIT; -static expert_field ei_snmp_index_suboid_too_short = EI_INIT; -static expert_field ei_snmp_unimplemented_instance_index = EI_INIT; -static expert_field ei_snmp_index_suboid_len0 = EI_INIT; -static expert_field ei_snmp_index_suboid_too_long = EI_INIT; -static expert_field ei_snmp_index_string_too_long = EI_INIT; -static expert_field ei_snmp_column_parent_not_row = EI_INIT; -static expert_field ei_snmp_uint_too_large = EI_INIT; -static expert_field ei_snmp_int_too_large = EI_INIT; -static expert_field ei_snmp_integral_value0 = EI_INIT; -static expert_field ei_snmp_missing_mib = EI_INIT; -static expert_field ei_snmp_varbind_wrong_length_value = EI_INIT; -static expert_field ei_snmp_varbind_wrong_class_tag = EI_INIT; -static expert_field ei_snmp_rfc1910_non_conformant = EI_INIT; -static expert_field ei_snmp_rfc3411_non_conformant = EI_INIT; -static expert_field ei_snmp_version_unknown = EI_INIT; -static expert_field ei_snmp_trap_pdu_obsolete = EI_INIT; +static expert_field ei_snmp_failed_decrypted_data_pdu; +static expert_field ei_snmp_decrypted_data_bad_formatted; +static expert_field ei_snmp_verify_authentication_error; +static expert_field ei_snmp_authentication_ok; +static expert_field ei_snmp_authentication_error; +static expert_field ei_snmp_varbind_not_uni_class_seq; +static expert_field ei_snmp_varbind_has_indicator; +static expert_field ei_snmp_objectname_not_oid; +static expert_field ei_snmp_objectname_has_indicator; +static expert_field ei_snmp_value_not_primitive_encoding; +static expert_field ei_snmp_invalid_oid; +static expert_field ei_snmp_varbind_wrong_tag; +static expert_field ei_snmp_varbind_response; +static expert_field ei_snmp_no_instance_subid; +static expert_field ei_snmp_wrong_num_of_subids; +static expert_field ei_snmp_index_suboid_too_short; +static expert_field ei_snmp_unimplemented_instance_index; +static expert_field ei_snmp_index_suboid_len0; +static expert_field ei_snmp_index_suboid_too_long; +static expert_field ei_snmp_index_string_too_long; +static expert_field ei_snmp_column_parent_not_row; +static expert_field ei_snmp_uint_too_large; +static expert_field ei_snmp_int_too_large; +static expert_field ei_snmp_integral_value0; +static expert_field ei_snmp_missing_mib; +static expert_field ei_snmp_varbind_wrong_length_value; +static expert_field ei_snmp_varbind_wrong_class_tag; +static expert_field ei_snmp_rfc1910_non_conformant; +static expert_field ei_snmp_rfc3411_non_conformant; +static expert_field ei_snmp_version_unknown; +static expert_field ei_snmp_trap_pdu_obsolete; static const true_false_string auth_flags = { "OK", @@ -325,7 +335,7 @@ static const value_string smux_types[] = { #endif /* Procedure names (used in Service Response Time) */ -const value_string snmp_procedure_names[] = { +static const value_string snmp_procedure_names[] = { { 0, "Get" }, { 1, "GetNext" }, { 3, "Set" }, @@ -362,7 +372,7 @@ static snmp_conv_info_t* snmp_find_conversation_and_get_conv_data(packet_info *pinfo); static snmp_request_response_t * -snmp_get_request_response_pointer(wmem_map_t *map, guint32 requestId) +snmp_get_request_response_pointer(wmem_map_t *map, uint32_t requestId) { snmp_request_response_t *srrp=(snmp_request_response_t *)wmem_map_lookup(map, &requestId); if (!srrp) { @@ -375,7 +385,7 @@ snmp_get_request_response_pointer(wmem_map_t *map, guint32 requestId) } static snmp_request_response_t* -snmp_match_request_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint requestId, guint procedure_id, snmp_conv_info_t *snmp_info) +snmp_match_request_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, unsigned requestId, unsigned procedure_id, snmp_conv_info_t *snmp_info) { snmp_request_response_t *srrp=NULL; @@ -435,7 +445,7 @@ static void snmpstat_init(struct register_srt* srt _U_, GArray* srt_array) { srt_stat_table *snmp_srt_table; - guint32 i; + uint32_t i; snmp_srt_table = init_srt_table("SNMP Commands", NULL, srt_array, SNMP_NUM_PROCEDURES, NULL, "snmp.data", NULL); for (i = 0; i < SNMP_NUM_PROCEDURES; i++) @@ -448,7 +458,7 @@ snmpstat_init(struct register_srt* srt _U_, GArray* srt_array) static tap_packet_status snmpstat_packet(void *psnmp, packet_info *pinfo, epan_dissect_t *edt _U_, const void *psi, tap_flags_t flags _U_) { - guint i = 0; + unsigned i = 0; srt_stat_table *snmp_srt_table; const snmp_request_response_t *snmp=(const snmp_request_response_t *)psi; srt_data_t *data = (srt_data_t *)psnmp; @@ -459,10 +469,10 @@ snmpstat_packet(void *psnmp, packet_info *pinfo, epan_dissect_t *edt _U_, const return TAP_PACKET_REDRAW; } -static const gchar * -snmp_lookup_specific_trap (guint specific_trap) +static const char * +snmp_lookup_specific_trap (unsigned specific_trap) { - guint i; + unsigned i; for (i = 0; i < num_specific_traps; i++) { snmp_st_assoc_t *u = &(specific_traps[i]); @@ -523,27 +533,27 @@ DateAndTime ::= TEXTUAL-CONVENTION static proto_item * dissect_snmp_variable_date_and_time(proto_tree *tree, packet_info *pinfo, int hfid, tvbuff_t *tvb, int offset, int length) { - guint16 year; - guint8 month; - guint8 day; - guint8 hour; - guint8 minutes; - guint8 seconds; - guint8 deci_seconds; - guint8 hour_from_utc; - guint8 min_from_utc; - gchar *str; + uint16_t year; + uint8_t month; + uint8_t day; + uint8_t hour; + uint8_t minutes; + uint8_t seconds; + uint8_t deci_seconds; + uint8_t hour_from_utc; + uint8_t min_from_utc; + char *str; year = tvb_get_ntohs(tvb,offset); - month = tvb_get_guint8(tvb,offset+2); - day = tvb_get_guint8(tvb,offset+3); - hour = tvb_get_guint8(tvb,offset+4); - minutes = tvb_get_guint8(tvb,offset+5); - seconds = tvb_get_guint8(tvb,offset+6); - deci_seconds = tvb_get_guint8(tvb,offset+7); + month = tvb_get_uint8(tvb,offset+2); + day = tvb_get_uint8(tvb,offset+3); + hour = tvb_get_uint8(tvb,offset+4); + minutes = tvb_get_uint8(tvb,offset+5); + seconds = tvb_get_uint8(tvb,offset+6); + deci_seconds = tvb_get_uint8(tvb,offset+7); if(length > 8){ - hour_from_utc = tvb_get_guint8(tvb,offset+9); - min_from_utc = tvb_get_guint8(tvb,offset+10); + hour_from_utc = tvb_get_uint8(tvb,offset+9); + min_from_utc = tvb_get_uint8(tvb,offset+10); str = wmem_strdup_printf(pinfo->pool, "%u-%u-%u, %u:%u:%u.%u UTC %s%u:%u", @@ -645,15 +655,15 @@ dissect_snmp_VarBind(bool implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) { int seq_offset, name_offset, value_offset, value_start; - guint32 seq_len, name_len, value_len; - gint8 ber_class; + uint32_t seq_len, name_len, value_len; + int8_t ber_class; bool pc; - gint32 tag; + int32_t tag; bool ind; - guint32* subids; - guint8* oid_bytes; + uint32_t* subids; + uint8_t* oid_bytes; oid_info_t* oid_info = NULL; - guint oid_matched, oid_left; + unsigned oid_matched, oid_left; proto_item *pi_name, *pi_varbind, *pi_value = NULL; proto_tree *pt, *pt_varbind, *pt_name, *pt_value; char label[ITEM_LABEL_LENGTH]; @@ -732,10 +742,10 @@ dissect_snmp_VarBind(bool implicit_tag _U_, tvbuff_t *tvb, int offset, return dissect_unknown_ber(actx->pinfo, tvb, value_start, pt); } - /* Now, we know where everithing is */ + /* Now, we know where everything is */ /* fetch ObjectName and its relative oid_info */ - oid_bytes = (guint8*)tvb_memdup(actx->pinfo->pool, tvb, name_offset, name_len); + oid_bytes = (uint8_t*)tvb_memdup(actx->pinfo->pool, tvb, name_offset, name_len); oid_info = oid_get_from_encoded(actx->pinfo->pool, oid_bytes, name_len, &subids, &oid_matched, &oid_left); add_oid_debug_subtree(oid_info,pt_name); @@ -796,7 +806,7 @@ dissect_snmp_VarBind(bool implicit_tag _U_, tvbuff_t *tvb, int offset, if (oid_left == 1) { /* OK: we got the instance sub-id */ proto_tree_add_uint64(pt_name,hf_snmp_scalar_instance_index,tvb,name_offset,name_len,subids[oid_matched]); - oid_info_is_ok = TRUE; + oid_info_is_ok = true; goto indexing_done; } else if (oid_left == 0) { if (ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) { @@ -805,21 +815,21 @@ dissect_snmp_VarBind(bool implicit_tag _U_, tvbuff_t *tvb, int offset, goto set_label; } else { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_no_instance_subid,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } } else { proto_tree_add_expert_format(pt_name,actx->pinfo,&ei_snmp_wrong_num_of_subids,tvb,0,0,"A scalar should have only one instance sub-id this has: %d",oid_left); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } break; case OID_KIND_COLUMN: if ( oid_info->parent->kind == OID_KIND_ROW) { oid_key_t* k = oid_info->parent->key; - guint key_start = oid_matched; - guint key_len = oid_left; - oid_info_is_ok = TRUE; + unsigned key_start = oid_matched; + unsigned key_len = oid_left; + oid_info_is_ok = true; if ( key_len == 0 && ber_class == BER_CLASS_UNI && tag == BER_UNI_TAG_NULL) { /* unSpecified does not require an instance sub-id add the new value and get off the way! */ @@ -829,25 +839,25 @@ dissect_snmp_VarBind(bool implicit_tag _U_, tvbuff_t *tvb, int offset, if (k) { for (;k;k = k->next) { - guint suboid_len; + unsigned suboid_len; if (key_start >= oid_matched+oid_left) { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_too_short,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } switch(k->key_type) { case OID_KEY_TYPE_WRONG: { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_unimplemented_instance_index,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } case OID_KEY_TYPE_INTEGER: { if (FT_IS_INT(k->ft_type)) { - proto_tree_add_int(pt_name,k->hfid,tvb,name_offset,name_len,(guint)subids[key_start]); + proto_tree_add_int(pt_name,k->hfid,tvb,name_offset,name_len,(unsigned)subids[key_start]); } else { /* if it's not an unsigned int let proto_tree_add_uint throw a warning */ - proto_tree_add_uint64(pt_name,k->hfid,tvb,name_offset,name_len,(guint)subids[key_start]); + proto_tree_add_uint64(pt_name,k->hfid,tvb,name_offset,name_len,(unsigned)subids[key_start]); } key_start++; key_len--; @@ -859,9 +869,9 @@ dissect_snmp_VarBind(bool implicit_tag _U_, tvbuff_t *tvb, int offset, goto show_oid_index; case OID_KEY_TYPE_OID: { - guint8* suboid_buf; - guint suboid_buf_len; - guint32* suboid; + uint8_t* suboid_buf; + unsigned suboid_buf_len; + uint32_t* suboid; suboid_len = subids[key_start++]; key_len--; @@ -871,13 +881,13 @@ show_oid_index: if( suboid_len == 0 ) { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_len0,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } if( key_len < suboid_len ) { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_suboid_too_long,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } @@ -892,10 +902,10 @@ show_oid_index: continue; /* k->next */ } default: { - guint8* buf; - guint buf_len; - guint32* suboid; - guint i; + uint8_t* buf; + unsigned buf_len; + uint32_t* suboid; + unsigned i; switch (k->key_type) { @@ -923,13 +933,13 @@ show_oid_index: if( key_len < buf_len ) { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_index_string_too_long,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } - buf = (guint8*)wmem_alloc(actx->pinfo->pool, buf_len+1); + buf = (uint8_t*)wmem_alloc(actx->pinfo->pool, buf_len+1); for (i = 0; i < buf_len; i++) - buf[i] = (guint8)suboid[i]; + buf[i] = (uint8_t)suboid[i]; buf[i] = '\0'; switch(k->key_type) { @@ -946,7 +956,7 @@ show_oid_index: proto_tree_add_ether(pt_name,k->hfid,tvb,name_offset,buf_len, buf); break; case OID_KEY_TYPE_IPADDR: { - guint32* ipv4_p = (guint32*)buf; + uint32_t* ipv4_p = (uint32_t*)buf; proto_tree_add_ipv4(pt_name,k->hfid,tvb,name_offset,buf_len, *ipv4_p); } break; @@ -964,17 +974,17 @@ show_oid_index: goto indexing_done; } else { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_unimplemented_instance_index,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } } else { proto_tree_add_expert(pt_name,actx->pinfo,&ei_snmp_column_parent_not_row,tvb,0,0); - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } default: { /* proto_tree_add_expert (pt_name,actx->pinfo,PI_MALFORMED, PI_WARN,tvb,0,0,"This kind OID should have no value"); */ - oid_info_is_ok = FALSE; + oid_info_is_ok = false; goto indexing_done; } } @@ -1014,12 +1024,12 @@ indexing_done: switch(ber_class|(tag<<4)) { case BER_CLASS_UNI|(BER_UNI_TAG_INTEGER<<4): { - gint64 val=0; + int64_t val=0; unsigned int int_val_offset = value_offset; unsigned int i; max_len = 4; min_len = 1; - if (value_len > (guint)max_len || value_len < (guint)min_len) { + if (value_len > (unsigned)max_len || value_len < (unsigned)min_len) { hfid = hf_snmp_integer32_value; format_error = BER_WRONG_LENGTH; break; @@ -1027,11 +1037,11 @@ indexing_done: if(value_len > 0) { /* extend sign bit */ - if(tvb_get_guint8(tvb, int_val_offset)&0x80) { + if(tvb_get_uint8(tvb, int_val_offset)&0x80) { val=-1; } for(i=0;i<value_len;i++) { - val=(val<<8)|tvb_get_guint8(tvb, int_val_offset); + val=(val<<8)|tvb_get_uint8(tvb, int_val_offset); int_val_offset++; } } @@ -1048,7 +1058,7 @@ indexing_done: break; case BER_CLASS_UNI|(BER_UNI_TAG_OID<<4): max_len = -1; min_len = 1; - if (value_len < (guint)min_len) format_error = BER_WRONG_LENGTH; + if (value_len < (unsigned)min_len) format_error = BER_WRONG_LENGTH; hfid = hf_snmp_oid_value; break; case BER_CLASS_UNI|(BER_UNI_TAG_NULL<<4): @@ -1098,7 +1108,7 @@ indexing_done: * Check if this is an unsigned int64 with * a big value. */ - if (value_len > 9 || tvb_get_guint8(tvb, value_offset) != 0) { + if (value_len > 9 || tvb_get_uint8(tvb, value_offset) != 0) { /* It is. Fail. */ proto_tree_add_expert_format(pt_varbind,actx->pinfo,&ei_snmp_uint_too_large,tvb,value_offset,value_len,"Integral value too large"); goto already_added; @@ -1222,6 +1232,7 @@ static const true_false_string tfs_snmp_engineid_conform = { #define SNMP_ENGINEID_FORMAT_MACADDRESS 0x03 #define SNMP_ENGINEID_FORMAT_TEXT 0x04 #define SNMP_ENGINEID_FORMAT_OCTETS 0x05 +#define SNMP_ENGINEID_FORMAT_LOCAL 0x06 static const value_string snmp_engineid_format_vals[] = { { SNMP_ENGINEID_FORMAT_IPV4, "IPv4 address" }, @@ -1229,6 +1240,7 @@ static const value_string snmp_engineid_format_vals[] = { { SNMP_ENGINEID_FORMAT_MACADDRESS, "MAC address" }, { SNMP_ENGINEID_FORMAT_TEXT, "Text, administratively assigned" }, { SNMP_ENGINEID_FORMAT_OCTETS, "Octets, administratively assigned" }, + { SNMP_ENGINEID_FORMAT_LOCAL, "Local engine" }, { 0, NULL } }; @@ -1249,15 +1261,15 @@ int dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int offset, int len) { proto_item *item = NULL; - guint8 conformance, format; - guint32 enterpriseid; + uint8_t conformance, format; + uint32_t enterpriseid; time_t seconds; nstime_t ts; int len_remain = len; /* first bit: engine id conformance */ if (len_remain<1) return offset; - conformance = ((tvb_get_guint8(tvb, offset)>>7) & 0x01); + conformance = ((tvb_get_uint8(tvb, offset)>>7) & 0x01); proto_tree_add_item(tree, hf_snmp_engineid_conform, tvb, offset, 1, ENC_BIG_ENDIAN); /* 4-byte enterprise number/name */ @@ -1287,7 +1299,7 @@ dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int o /* 1-byte format specifier */ if (len_remain<1) return offset; - format = tvb_get_guint8(tvb, offset); + format = tvb_get_uint8(tvb, offset); item = proto_tree_add_uint_format(tree, hf_snmp_engineid_format, tvb, offset, 1, format, "Engine ID Format: %s (%d)", val_to_str_const(format, snmp_engineid_format_vals, "Reserved/Enterprise-specific"), format); @@ -1333,6 +1345,8 @@ dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int o len_remain=0; } break; + case SNMP_ENGINEID_FORMAT_LOCAL: + break; case 128: /* most common enterprise-specific format: (ucd|net)-snmp random */ if ((enterpriseid==2021)||(enterpriseid==8072)) { @@ -1349,7 +1363,7 @@ dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int o ts.nsecs = 0; proto_tree_add_time_format_value(tree, hf_snmp_engineid_time, tvb, offset + 4, len_remain - 4, &ts, "%s", - abs_time_secs_to_str(pinfo->pool, seconds, ABSOLUTE_TIME_LOCAL, TRUE)); + abs_time_secs_to_str(pinfo->pool, seconds, ABSOLUTE_TIME_LOCAL, true)); offset+=len_remain; len_remain=0; } @@ -1359,7 +1373,7 @@ dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int o case SNMP_ENGINEID_FORMAT_OCTETS: default: /* max. 27 bytes, administratively assigned or unknown format */ - if (len_remain<=27) { + if (len_remain>0 && len_remain<=27) { proto_tree_add_item(tree, hf_snmp_engineid_data, tvb, offset, len_remain, ENC_NA); offset+=len_remain; len_remain=0; @@ -1377,9 +1391,9 @@ dissect_snmp_engineid(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, int o static void set_ue_keys(snmp_ue_assoc_t* n ) { - guint key_size = auth_hash_len[n->user.authModel]; + unsigned const key_size = auth_hash_len[n->user.authModel]; - n->user.authKey.data = (guint8 *)g_malloc(key_size); + n->user.authKey.data = (uint8_t *)g_malloc(key_size); n->user.authKey.len = key_size; snmp_usm_password_to_key(n->user.authModel, n->user.authPassword.data, @@ -1389,18 +1403,18 @@ static void set_ue_keys(snmp_ue_assoc_t* n ) { n->user.authKey.data); if (n->priv_proto == PRIV_AES128 || n->priv_proto == PRIV_AES192 || n->priv_proto == PRIV_AES256) { - guint need_key_len = + unsigned need_key_len = (n->priv_proto == PRIV_AES128) ? 16 : (n->priv_proto == PRIV_AES192) ? 24 : (n->priv_proto == PRIV_AES256) ? 32 : 0; - guint key_len = key_size; + unsigned key_len = key_size; while (key_len < need_key_len) key_len += key_size; - n->user.privKey.data = (guint8 *)g_malloc(key_len); + n->user.privKey.data = (uint8_t *)g_malloc(key_len); n->user.privKey.len = need_key_len; snmp_usm_password_to_key(n->user.authModel, @@ -1414,18 +1428,49 @@ static void set_ue_keys(snmp_ue_assoc_t* n ) { /* extend key if needed */ while (key_len < need_key_len) { - snmp_usm_password_to_key(n->user.authModel, - n->user.privKey.data, - key_len, - n->engine.data, - n->engine.len, - n->user.privKey.data + key_len); + switch (n->priv_key_exp) { + /* Baed on draft-reeder-snmpv3-usm-3desede-00, section 2.1 */ + case PRIVKEYEXP_USM_3DESDESEDE_00: + { + snmp_usm_password_to_key(n->user.authModel, + n->user.privKey.data + (key_len - key_size), + key_size, + n->engine.data, + n->engine.len, + n->user.privKey.data + key_len); + break; + } + /* Based on snmp++ method PrivAES::extend_short_key in Agent++ */ + case PRIVKEYEXP_AGENTPP: + { + /* Key expansion in Agent++ + * K1 = key + * K2 = hash(K1) + * K3 = hash(K1 | K2) + * localized_key = K1 | K2 | K3 + */ + gcry_md_hd_t hash_handle; + + if (gcry_md_open(&hash_handle, auth_hash_algo[n->user.authModel], 0)) { + return; + } + + gcry_md_write(hash_handle, n->user.privKey.data, key_len); + memcpy(n->user.privKey.data + key_len, gcry_md_read(hash_handle, 0), key_size); + gcry_md_close(hash_handle); + + break; + } + + default: + break; + } key_len += key_size; } } else { - n->user.privKey.data = (guint8 *)g_malloc(key_size); + n->user.privKey.data = (uint8_t *)g_malloc(key_size); n->user.privKey.len = key_size; snmp_usm_password_to_key(n->user.authModel, n->user.privPassword.data, @@ -1445,19 +1490,19 @@ ue_dup(snmp_ue_assoc_t* o) d->user.privProtocol = o->user.privProtocol; - d->user.userName.data = (guint8 *)g_memdup2(o->user.userName.data,o->user.userName.len); + d->user.userName.data = (uint8_t *)g_memdup2(o->user.userName.data,o->user.userName.len); d->user.userName.len = o->user.userName.len; - d->user.authPassword.data = o->user.authPassword.data ? (guint8 *)g_memdup2(o->user.authPassword.data,o->user.authPassword.len) : NULL; + d->user.authPassword.data = o->user.authPassword.data ? (uint8_t *)g_memdup2(o->user.authPassword.data,o->user.authPassword.len) : NULL; d->user.authPassword.len = o->user.authPassword.len; - d->user.privPassword.data = o->user.privPassword.data ? (guint8 *)g_memdup2(o->user.privPassword.data,o->user.privPassword.len) : NULL; + d->user.privPassword.data = o->user.privPassword.data ? (uint8_t *)g_memdup2(o->user.privPassword.data,o->user.privPassword.len) : NULL; d->user.privPassword.len = o->user.privPassword.len; d->engine.len = o->engine.len; if (d->engine.len) { - d->engine.data = (guint8 *)g_memdup2(o->engine.data,o->engine.len); + d->engine.data = (uint8_t *)g_memdup2(o->engine.data,o->engine.len); set_ue_keys(d); } @@ -1477,24 +1522,24 @@ snmp_users_copy_cb(void* dest, const void* orig, size_t len _U_) d->priv_proto = o->priv_proto; d->user.privProtocol = priv_protos[o->priv_proto]; - d->user.userName.data = (guint8*)g_memdup2(o->user.userName.data,o->user.userName.len); + d->user.userName.data = (uint8_t*)g_memdup2(o->user.userName.data,o->user.userName.len); d->user.userName.len = o->user.userName.len; - d->user.authPassword.data = o->user.authPassword.data ? (guint8*)g_memdup2(o->user.authPassword.data,o->user.authPassword.len) : NULL; + d->user.authPassword.data = o->user.authPassword.data ? (uint8_t*)g_memdup2(o->user.authPassword.data,o->user.authPassword.len) : NULL; d->user.authPassword.len = o->user.authPassword.len; - d->user.privPassword.data = o->user.privPassword.data ? (guint8*)g_memdup2(o->user.privPassword.data,o->user.privPassword.len) : NULL; + d->user.privPassword.data = o->user.privPassword.data ? (uint8_t*)g_memdup2(o->user.privPassword.data,o->user.privPassword.len) : NULL; d->user.privPassword.len = o->user.privPassword.len; d->engine.len = o->engine.len; if (o->engine.data) { - d->engine.data = (guint8*)g_memdup2(o->engine.data,o->engine.len); + d->engine.data = (uint8_t*)g_memdup2(o->engine.data,o->engine.len); } - d->user.authKey.data = o->user.authKey.data ? (guint8*)g_memdup2(o->user.authKey.data,o->user.authKey.len) : NULL; + d->user.authKey.data = o->user.authKey.data ? (uint8_t*)g_memdup2(o->user.authKey.data,o->user.authKey.len) : NULL; d->user.authKey.len = o->user.authKey.len; - d->user.privKey.data = o->user.privKey.data ? (guint8*)g_memdup2(o->user.privKey.data,o->user.privKey.len) : NULL; + d->user.privKey.data = o->user.privKey.data ? (uint8_t*)g_memdup2(o->user.privKey.data,o->user.privKey.len) : NULL; d->user.privKey.len = o->user.privKey.len; return d; @@ -1554,10 +1599,11 @@ snmp_users_update_cb(void* p _U_, char** err) if (es->len) { es = g_string_truncate(es,es->len-1); *err = g_string_free(es, FALSE); - return FALSE; + return false; } - return TRUE; + g_string_free(es, TRUE); + return true; } static void @@ -1579,7 +1625,7 @@ free_ue_cache(snmp_ue_assoc_t **cache) static void init_ue_cache(void) { - guint i; + unsigned i; for (i = 0; i < num_ueas; i++) { snmp_ue_assoc_t* a = ue_dup(&(ueas[i])); @@ -1611,19 +1657,19 @@ renew_ue_cache(void) static snmp_ue_assoc_t* -localize_ue( snmp_ue_assoc_t* o, const guint8* engine, guint engine_len ) +localize_ue( snmp_ue_assoc_t* o, const uint8_t* engine, unsigned engine_len ) { snmp_ue_assoc_t* n = (snmp_ue_assoc_t*)g_memdup2(o,sizeof(snmp_ue_assoc_t)); - n->user.userName.data = (guint8*)g_memdup2(o->user.userName.data,o->user.userName.len); + n->user.userName.data = (uint8_t*)g_memdup2(o->user.userName.data,o->user.userName.len); n->user.authModel = o->user.authModel; - n->user.authPassword.data = (guint8*)g_memdup2(o->user.authPassword.data,o->user.authPassword.len); + n->user.authPassword.data = (uint8_t*)g_memdup2(o->user.authPassword.data,o->user.authPassword.len); n->user.authPassword.len = o->user.authPassword.len; - n->user.privPassword.data = (guint8*)g_memdup2(o->user.privPassword.data,o->user.privPassword.len); + n->user.privPassword.data = (uint8_t*)g_memdup2(o->user.privPassword.data,o->user.privPassword.len); n->user.privPassword.len = o->user.privPassword.len; - n->user.authKey.data = (guint8*)g_memdup2(o->user.authKey.data,o->user.authKey.len); - n->user.privKey.data = (guint8*)g_memdup2(o->user.privKey.data,o->user.privKey.len); - n->engine.data = (guint8*)g_memdup2(engine,engine_len); + n->user.authKey.data = (uint8_t*)g_memdup2(o->user.authKey.data,o->user.authKey.len); + n->user.privKey.data = (uint8_t*)g_memdup2(o->user.privKey.data,o->user.privKey.len); + n->engine.data = (uint8_t*)g_memdup2(engine,engine_len); n->engine.len = engine_len; n->priv_proto = o->priv_proto; @@ -1646,10 +1692,10 @@ static snmp_ue_assoc_t* get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb, packet_info *pinfo) { static snmp_ue_assoc_t* a; - guint given_username_len; - guint8* given_username; - guint given_engine_len = 0; - guint8* given_engine = NULL; + unsigned given_username_len; + uint8_t* given_username; + unsigned given_engine_len = 0; + uint8_t* given_engine = NULL; if ( ! (localized_ues || unlocalized_ues ) ) return NULL; @@ -1658,8 +1704,8 @@ get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb, packet_info *pinfo) given_username_len = tvb_captured_length(user_tvb); given_engine_len = tvb_captured_length(engine_tvb); if (! ( given_engine_len && given_username_len ) ) return NULL; - given_username = (guint8*)tvb_memdup(pinfo->pool,user_tvb,0,-1); - given_engine = (guint8*)tvb_memdup(pinfo->pool,engine_tvb,0,-1); + given_username = (uint8_t*)tvb_memdup(pinfo->pool,user_tvb,0,-1); + given_engine = (uint8_t*)tvb_memdup(pinfo->pool,engine_tvb,0,-1); for (a = localized_ues; a; a = a->next) { if ( localized_match(a, given_username, given_username_len, given_engine, given_engine_len) ) { @@ -1679,23 +1725,23 @@ get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb, packet_info *pinfo) } static bool -snmp_usm_auth(const packet_info *pinfo, const snmp_usm_auth_model_t model, snmp_usm_params_t* p, guint8** calc_auth_p, - guint* calc_auth_len_p, gchar const** error) +snmp_usm_auth(const packet_info *pinfo, const snmp_usm_auth_model_t model, snmp_usm_params_t* p, uint8_t** calc_auth_p, + unsigned* calc_auth_len_p, char const** error) { - gint msg_len; - guint8* msg; - guint auth_len; - guint8* auth; - guint8* key; - guint key_len; - guint8 *calc_auth; - guint start; - guint end; - guint i; + int msg_len; + uint8_t* msg; + unsigned auth_len; + uint8_t* auth; + uint8_t* key; + unsigned key_len; + uint8_t *calc_auth; + unsigned start; + unsigned end; + unsigned i; if (!p->auth_tvb) { *error = "No Authenticator"; - return FALSE; + return false; } key = p->user_assoc->user.authKey.data; @@ -1703,24 +1749,24 @@ snmp_usm_auth(const packet_info *pinfo, const snmp_usm_auth_model_t model, snmp_ if (! key ) { *error = "User has no authKey"; - return FALSE; + return false; } auth_len = tvb_captured_length(p->auth_tvb); if (auth_len != auth_tag_len[model]) { *error = "Authenticator length wrong"; - return FALSE; + return false; } msg_len = tvb_captured_length(p->msg_tvb); if (msg_len <= 0) { *error = "Not enough data remaining"; - return FALSE; + return false; } - msg = (guint8*)tvb_memdup(pinfo->pool,p->msg_tvb,0,msg_len); + msg = (uint8_t*)tvb_memdup(pinfo->pool,p->msg_tvb,0,msg_len); - auth = (guint8*)tvb_memdup(pinfo->pool,p->auth_tvb,0,auth_len); + auth = (uint8_t*)tvb_memdup(pinfo->pool,p->auth_tvb,0,auth_len); start = p->auth_offset - p->start_offset; end = start + auth_len; @@ -1730,34 +1776,34 @@ snmp_usm_auth(const packet_info *pinfo, const snmp_usm_auth_model_t model, snmp_ msg[i] = '\0'; } - calc_auth = (guint8*)wmem_alloc(pinfo->pool, auth_hash_len[model]); + calc_auth = (uint8_t*)wmem_alloc(pinfo->pool, auth_hash_len[model]); if (ws_hmac_buffer(auth_hash_algo[model], calc_auth, msg, msg_len, key, key_len)) { - return FALSE; + return false; } if (calc_auth_p) *calc_auth_p = calc_auth; if (calc_auth_len_p) *calc_auth_len_p = auth_len; - return ( memcmp(auth,calc_auth,auth_len) != 0 ) ? FALSE : TRUE; + return ( memcmp(auth,calc_auth,auth_len) != 0 ) ? false : true; } static tvbuff_t* -snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) +snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, char const** error) { gcry_error_t err; gcry_cipher_hd_t hd = NULL; - guint8* cleartext; - guint8* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */ - guint8* pre_iv = &(p->user_assoc->user.privKey.data[8]); /* last 8 bytes */ - guint8* salt; - gint salt_len; - gint cryptgrm_len; - guint8* cryptgrm; + uint8_t* cleartext; + uint8_t* des_key = p->user_assoc->user.privKey.data; /* first 8 bytes */ + uint8_t* pre_iv = &(p->user_assoc->user.privKey.data[8]); /* last 8 bytes */ + uint8_t* salt; + int salt_len; + int cryptgrm_len; + uint8_t* cryptgrm; tvbuff_t* clear_tvb; - guint8 iv[8]; - guint i; + uint8_t iv[8]; + unsigned i; salt_len = tvb_captured_length(p->priv_tvb); @@ -1767,7 +1813,7 @@ snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pi return NULL; } - salt = (guint8*)tvb_memdup(pinfo->pool,p->priv_tvb,0,salt_len); + salt = (uint8_t*)tvb_memdup(pinfo->pool,p->priv_tvb,0,salt_len); /* The resulting "salt" is XOR-ed with the pre-IV to obtain the IV. @@ -1783,9 +1829,9 @@ snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pi return NULL; } - cryptgrm = (guint8*)tvb_memdup(pinfo->pool,encryptedData,0,-1); + cryptgrm = (uint8_t*)tvb_memdup(pinfo->pool,encryptedData,0,-1); - cleartext = (guint8*)wmem_alloc(pinfo->pool, cryptgrm_len); + cleartext = (uint8_t*)wmem_alloc(pinfo->pool, cryptgrm_len); err = gcry_cipher_open(&hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0); if (err != GPG_ERR_NO_ERROR) goto on_gcry_error; @@ -1806,24 +1852,24 @@ snmp_usm_priv_des(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pi return clear_tvb; on_gcry_error: - *error = (const gchar *)gcry_strerror(err); + *error = (const char *)gcry_strerror(err); if (hd) gcry_cipher_close(hd); return NULL; } static tvbuff_t* -snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error, int algo) +snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, char const** error, int algo) { gcry_error_t err; gcry_cipher_hd_t hd = NULL; - guint8* cleartext; - guint8* aes_key = p->user_assoc->user.privKey.data; + uint8_t* cleartext; + uint8_t* aes_key = p->user_assoc->user.privKey.data; int aes_key_len = p->user_assoc->user.privKey.len; - guint8 iv[16]; - gint priv_len; - gint cryptgrm_len; - guint8* cryptgrm; + uint8_t iv[16]; + int priv_len; + int cryptgrm_len; + uint8_t* cryptgrm; tvbuff_t* clear_tvb; priv_len = tvb_captured_length(p->priv_tvb); @@ -1848,9 +1894,9 @@ snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_i *error = "Not enough data remaining"; return NULL; } - cryptgrm = (guint8*)tvb_memdup(pinfo->pool,encryptedData,0,-1); + cryptgrm = (uint8_t*)tvb_memdup(pinfo->pool,encryptedData,0,-1); - cleartext = (guint8*)wmem_alloc(pinfo->pool, cryptgrm_len); + cleartext = (uint8_t*)wmem_alloc(pinfo->pool, cryptgrm_len); err = gcry_cipher_open(&hd, algo, GCRY_CIPHER_MODE_CFB, 0); if (err != GPG_ERR_NO_ERROR) goto on_gcry_error; @@ -1871,48 +1917,48 @@ snmp_usm_priv_aes_common(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_i return clear_tvb; on_gcry_error: - *error = (const gchar *)gcry_strerror(err); + *error = (const char *)gcry_strerror(err); if (hd) gcry_cipher_close(hd); return NULL; } static tvbuff_t* -snmp_usm_priv_aes128(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) +snmp_usm_priv_aes128(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, char const** error) { return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES); } static tvbuff_t* -snmp_usm_priv_aes192(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) +snmp_usm_priv_aes192(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, char const** error) { return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES192); } static tvbuff_t* -snmp_usm_priv_aes256(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, gchar const** error) +snmp_usm_priv_aes256(snmp_usm_params_t* p, tvbuff_t* encryptedData, packet_info *pinfo, char const** error) { return snmp_usm_priv_aes_common(p, encryptedData, pinfo, error, GCRY_CIPHER_AES256); } -static gboolean +static bool check_ScopedPdu(tvbuff_t* tvb) { int offset; - gint8 ber_class; + int8_t ber_class; bool pc; - gint32 tag; + int32_t tag; int hoffset, eoffset; - guint32 len; + uint32_t len; offset = get_ber_identifier(tvb, 0, &ber_class, &pc, &tag); offset = get_ber_length(tvb, offset, NULL, NULL); if ( ! (((ber_class!=BER_CLASS_APP) && (ber_class!=BER_CLASS_PRI) ) && ( (!pc) || (ber_class!=BER_CLASS_UNI) || (tag!=BER_UNI_TAG_ENUMERATED) ) - )) return FALSE; + )) return false; - if((tvb_get_guint8(tvb, offset)==0)&&(tvb_get_guint8(tvb, offset+1)==0)) - return TRUE; + if((tvb_get_uint8(tvb, offset)==0)&&(tvb_get_uint8(tvb, offset+1)==0)) + return true; hoffset = offset; @@ -1920,14 +1966,14 @@ check_ScopedPdu(tvbuff_t* tvb) offset = get_ber_length(tvb, offset, &len, NULL); eoffset = offset + len; - if (eoffset <= hoffset) return FALSE; + if (eoffset <= hoffset) return false; if ((ber_class!=BER_CLASS_APP)&&(ber_class!=BER_CLASS_PRI)) if( (ber_class!=BER_CLASS_UNI) ||((tag<BER_UNI_TAG_NumericString)&&(tag!=BER_UNI_TAG_OCTETSTRING)&&(tag!=BER_UNI_TAG_UTF8String)) ) - return FALSE; + return false; - return TRUE; + return true; } @@ -1969,19 +2015,19 @@ snmp_find_conversation_and_get_conv_data(packet_info *pinfo) { return snmp_info; } -guint +unsigned dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, - proto_tree *tree, int proto, gint ett, gboolean is_tcp) + proto_tree *tree, int proto, int ett, bool is_tcp) { - guint length_remaining; - gint8 ber_class; + unsigned length_remaining; + int8_t ber_class; bool pc, ind = 0; - gint32 tag; - guint32 len; - guint message_length; + int32_t tag; + uint32_t len; + unsigned message_length; int start_offset = offset; - guint32 version = 0; + uint32_t version = 0; tvbuff_t *next_tvb; proto_tree *snmp_tree = NULL; @@ -1990,7 +2036,7 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, snmp_conv_info_t *snmp_info = snmp_find_conversation_and_get_conv_data(pinfo); asn1_ctx_t asn1_ctx; - asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo); asn1_ctx.private_data = snmp_info; @@ -2003,11 +2049,11 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, usm_p.auth_offset = 0; usm_p.priv_tvb = NULL; usm_p.user_assoc = NULL; - usm_p.authenticated = FALSE; - usm_p.encrypted = FALSE; + usm_p.authenticated = false; + usm_p.encrypted = false; usm_p.boots = 0; usm_p.snmp_time = 0; - usm_p.authOK = FALSE; + usm_p.authOK = false; /* * This will throw an exception if we don't have any data left. @@ -2063,7 +2109,7 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, message_length = len + offset; /*Get the SNMP version data*/ - /*offset =*/ dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version); + /*offset =*/ dissect_ber_integer(false, &asn1_ctx, 0, tvb, offset, -1, &version); /* @@ -2104,14 +2150,14 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, switch (version) { case 0: /* v1 */ case 1: /* v2c */ - offset = dissect_snmp_Message(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1); + offset = dissect_snmp_Message(false , tvb, start_offset, &asn1_ctx, snmp_tree, -1); break; case 2: /* v2u */ - offset = dissect_snmp_Messagev2u(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1); + offset = dissect_snmp_Messagev2u(false , tvb, start_offset, &asn1_ctx, snmp_tree, -1); break; /* v3 */ case 3: - offset = dissect_snmp_SNMPv3Message(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1); + offset = dissect_snmp_SNMPv3Message(false , tvb, start_offset, &asn1_ctx, snmp_tree, -1); break; default: /* @@ -2121,13 +2167,12 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, */ expert_add_info(pinfo, item, &ei_snmp_version_unknown); return length_remaining; - break; } /* There may be appended data after the SNMP data, so treat as raw * data which needs to be dissected in case of UDP as UDP is PDU oriented. */ - if((!is_tcp) && (length_remaining > (guint)offset)) { + if((!is_tcp) && (length_remaining > (unsigned)offset)) { next_tvb = tvb_new_subset_remaining(tvb, offset); call_dissector(data_handle, next_tvb, pinfo, tree); } else { @@ -2137,14 +2182,14 @@ dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, return offset; } -static gint +static int dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) { int offset; - gint8 tmp_class; + int8_t tmp_class; bool tmp_pc; - gint32 tmp_tag; - guint32 tmp_length; + int32_t tmp_tag; + uint32_t tmp_length; bool tmp_ind; /* @@ -2170,11 +2215,11 @@ dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_ */ if (!pinfo->fragmented && !pinfo->flags.in_error_pkt) { if ( pinfo->ptype == PT_UDP ) { - if(tmp_length>(guint32)tvb_reported_length_remaining(tvb, offset)) { + if(tmp_length>(uint32_t)tvb_reported_length_remaining(tvb, offset)) { return 0; } }else{ - if(tmp_length!=(guint32)tvb_reported_length_remaining(tvb, offset)) { + if(tmp_length!=(uint32_t)tvb_reported_length_remaining(tvb, offset)) { return 0; } } @@ -2226,17 +2271,17 @@ dissect_snmp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_ } } - return dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, FALSE); + return dissect_snmp_pdu(tvb, 0, pinfo, tree, proto_snmp, ett_snmp, false); } static int dissect_snmp_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { int offset = 0; - guint message_len; + unsigned message_len; while (tvb_reported_length_remaining(tvb, offset) > 0) { - message_len = dissect_snmp_pdu(tvb, offset, pinfo, tree, proto_snmp, ett_snmp, TRUE); + message_len = dissect_snmp_pdu(tvb, offset, pinfo, tree, proto_snmp, ett_snmp, true); if (message_len == 0) { /* * We don't have all the data for that message, @@ -2272,14 +2317,14 @@ dissect_smux(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) SHA2 Password to Key Algorithm from RFC 7860 9.3 */ static void -snmp_usm_password_to_key(const snmp_usm_auth_model_t model, const guint8 *password, - guint passwordlen, const guint8 *engineID, guint engineLength, guint8 *key) +snmp_usm_password_to_key(const snmp_usm_auth_model_t model, const uint8_t *password, + unsigned passwordlen, const uint8_t *engineID, unsigned engineLength, uint8_t *key) { gcry_md_hd_t hash_handle; - guint8 *cp, password_buf[64]; - guint32 password_index = 0; - guint32 count = 0, i; - guint hash_len; + uint8_t *cp, password_buf[64]; + uint32_t password_index = 0; + uint32_t count = 0, i; + unsigned hash_len; if (gcry_md_open(&hash_handle, auth_hash_algo[model], 0)) { return; @@ -2335,8 +2380,9 @@ UAT_LSTRING_CB_DEF(snmp_users,userName,snmp_ue_assoc_t,user.userName.data,user.u UAT_LSTRING_CB_DEF(snmp_users,authPassword,snmp_ue_assoc_t,user.authPassword.data,user.authPassword.len) UAT_LSTRING_CB_DEF(snmp_users,privPassword,snmp_ue_assoc_t,user.privPassword.data,user.privPassword.len) UAT_BUFFER_CB_DEF(snmp_users,engine_id,snmp_ue_assoc_t,engine.data,engine.len) -UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,guint,0,"MD5") -UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,guint,0,"DES") +UAT_VS_DEF(snmp_users,auth_model,snmp_ue_assoc_t,unsigned,0,"MD5") +UAT_VS_DEF(snmp_users,priv_proto,snmp_ue_assoc_t,unsigned,0,"DES") +UAT_VS_DEF(snmp_users,priv_key_exp,snmp_ue_assoc_t,unsigned,0,"draft-reeder-snmpv3-usm-3desede-00") static void * snmp_specific_trap_copy_cb(void *dest, const void *orig, size_t len _U_) @@ -2498,7 +2544,7 @@ void proto_register_snmp(void) { }; /* List of subtrees */ - static gint *ett[] = { + static int *ett[] = { &ett_snmp, &ett_engineid, &ett_msgFlags, @@ -2529,7 +2575,7 @@ void proto_register_snmp(void) { { &ei_snmp_no_instance_subid, { "snmp.no_instance_subid", PI_MALFORMED, PI_WARN, "No instance sub-id in scalar value", EXPFILL }}, { &ei_snmp_wrong_num_of_subids, { "snmp.wrong_num_of_subids", PI_MALFORMED, PI_WARN, "Wrong number of instance sub-ids in scalar value", EXPFILL }}, { &ei_snmp_index_suboid_too_short, { "snmp.index_suboid_too_short", PI_MALFORMED, PI_WARN, "index sub-oid shorter than expected", EXPFILL }}, - { &ei_snmp_unimplemented_instance_index, { "snmp.unimplemented_instance_index", PI_UNDECODED, PI_WARN, "OID instaces not handled, if you want this implemented please contact the wireshark developers", EXPFILL }}, + { &ei_snmp_unimplemented_instance_index, { "snmp.unimplemented_instance_index", PI_UNDECODED, PI_WARN, "OID instances not handled, if you want this implemented please contact the wireshark developers", EXPFILL }}, { &ei_snmp_index_suboid_len0, { "snmp.ndex_suboid_len0", PI_MALFORMED, PI_WARN, "an index sub-oid OID cannot be 0 bytes long!", EXPFILL }}, { &ei_snmp_index_suboid_too_long, { "snmp.index_suboid_too_long", PI_MALFORMED, PI_WARN, "index sub-oid should not be longer than remaining oid size", EXPFILL }}, { &ei_snmp_index_string_too_long, { "snmp.index_string_too_long", PI_MALFORMED, PI_WARN, "index string should not be longer than remaining oid size", EXPFILL }}, @@ -2557,13 +2603,14 @@ void proto_register_snmp(void) { UAT_FLD_LSTRING(snmp_users,authPassword,"Password","The password used for authenticating packets for this entry"), UAT_FLD_VS(snmp_users,priv_proto,"Privacy protocol",priv_types,"Algorithm to be used for privacy."), UAT_FLD_LSTRING(snmp_users,privPassword,"Privacy password","The password used for encrypting packets for this entry"), + UAT_FLD_VS(snmp_users,priv_key_exp,"Key expansion method",priv_key_exp_types,"Privacy protocol key expansion method"), UAT_END_FIELDS }; uat_t *assocs_uat = uat_new("SNMP Users", sizeof(snmp_ue_assoc_t), "snmp_users", - TRUE, + true, &ueas, &num_ueas, UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ @@ -2575,6 +2622,10 @@ void proto_register_snmp(void) { NULL, users_fields); + static const char *assocs_uat_defaults[] = { + NULL, NULL, NULL, NULL, NULL, NULL, "draft-reeder-snmpv3-usm-3desede-00"}; + uat_set_default_values(assocs_uat, assocs_uat_defaults); + static uat_field_t specific_traps_flds[] = { UAT_FLD_CSTRING(specific_traps,enterprise,"Enterprise OID","Enterprise Object Identifier"), UAT_FLD_DEC(specific_traps,trap,"Trap Id","The specific-trap value"), @@ -2585,7 +2636,7 @@ void proto_register_snmp(void) { uat_t* specific_traps_uat = uat_new("SNMP Enterprise Specific Trap Types", sizeof(snmp_st_assoc_t), "snmp_specific_traps", - TRUE, + true, &specific_traps, &num_specific_traps, UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ @@ -2700,7 +2751,7 @@ void proto_reg_handoff_snmp(void) { void proto_register_smux(void) { - static gint *ett[] = { + static int *ett[] = { &ett_smux, }; |