summaryrefslogtreecommitdiffstats
path: root/epan/dissectors/packet-tpkt.c
diff options
context:
space:
mode:
Diffstat (limited to 'epan/dissectors/packet-tpkt.c')
-rw-r--r--epan/dissectors/packet-tpkt.c70
1 files changed, 38 insertions, 32 deletions
diff --git a/epan/dissectors/packet-tpkt.c b/epan/dissectors/packet-tpkt.c
index c029f9ee..dde66264 100644
--- a/epan/dissectors/packet-tpkt.c
+++ b/epan/dissectors/packet-tpkt.c
@@ -30,20 +30,20 @@ void proto_reg_handoff_tpkt(void);
static heur_dissector_list_t tpkt_heur_subdissector_list;
/* TPKT header fields */
-static int proto_tpkt = -1;
-static int proto_tpkt_heur = -1;
+static int proto_tpkt;
+static int proto_tpkt_heur;
static protocol_t *proto_tpkt_ptr;
-static int hf_tpkt_version = -1;
-static int hf_tpkt_reserved = -1;
-static int hf_tpkt_length = -1;
-static int hf_tpkt_continuation_data = -1;
+static int hf_tpkt_version;
+static int hf_tpkt_reserved;
+static int hf_tpkt_length;
+static int hf_tpkt_continuation_data;
/* TPKT fields defining a sub tree */
-static gint ett_tpkt = -1;
+static int ett_tpkt;
/* desegmentation of OSI over TPKT over TCP */
-static gboolean tpkt_desegment = TRUE;
+static bool tpkt_desegment = true;
#define TCP_PORT_TPKT_RANGE "102"
@@ -68,7 +68,7 @@ static dissector_handle_t tpkt_handle;
int
is_tpkt(tvbuff_t *tvb, int min_len)
{
- guint16 pkt_len;
+ uint16_t pkt_len;
/*
* If TPKT is disabled, don't dissect it, just return -1, meaning
@@ -86,7 +86,7 @@ is_tpkt(tvbuff_t *tvb, int min_len)
* The H.323 implementers guide suggests that this might not
* always be the case....
*/
- if (!(tvb_get_guint8(tvb, 0) == 3 && tvb_get_guint8(tvb, 1) == 0))
+ if (!(tvb_get_uint8(tvb, 0) == 3 && tvb_get_uint8(tvb, 1) == 0))
return -1; /* they're not */
/*
@@ -102,10 +102,10 @@ is_tpkt(tvbuff_t *tvb, int min_len)
*/
return pkt_len;
}
-guint16
+uint16_t
is_asciitpkt(tvbuff_t *tvb)
{
- guint16 count;
+ uint16_t count;
/*
* If TPKT is disabled, don't dissect it, just return -1, meaning
* "this isn't TPKT".
@@ -122,7 +122,7 @@ is_asciitpkt(tvbuff_t *tvb)
*/
for (count = 0; count <=7 ; count ++)
{
- if(!g_ascii_isalnum(tvb_get_guint8(tvb,count)))
+ if(!g_ascii_isalnum(tvb_get_uint8(tvb,count)))
{
return 0;
}
@@ -132,10 +132,10 @@ is_asciitpkt(tvbuff_t *tvb)
}
static int
-parseLengthText ( guint8* pTpktData )
+parseLengthText ( uint8_t* pTpktData )
{
int value = 0;
- const guint8 * pData = pTpktData;
+ const uint8_t * pData = pTpktData;
int bitvalue = 0, count1 = 3;
int count;
for (count = 0; count <= 3; count++)
@@ -153,10 +153,10 @@ parseLengthText ( guint8* pTpktData )
return value;
}
static int
-parseVersionText ( guint8* pTpktData )
+parseVersionText ( uint8_t* pTpktData )
{
int value = 0;
- guint8 * pData = pTpktData;
+ uint8_t * pData = pTpktData;
int bitvalue = 0, count1 = 1;
int count;
for (count = 0; count <= 1; count++)
@@ -175,10 +175,10 @@ parseVersionText ( guint8* pTpktData )
return value;
}
static int
-parseReservedText ( guint8* pTpktData )
+parseReservedText ( uint8_t* pTpktData )
{
int value = 0;
- guint8 * pData = pTpktData;
+ uint8_t * pData = pTpktData;
int bitvalue = 0, count1 = 1;
int count;
for (count = 0; count <= 1; count++)
@@ -220,7 +220,7 @@ dissect_asciitpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
volatile int length;
tvbuff_t *volatile next_tvb;
const char *saved_proto;
- guint8 string[4];
+ uint8_t string[4];
/*
* If we're reassembling segmented TPKT PDUs, empty the COL_INFO
@@ -240,7 +240,7 @@ dissect_asciitpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
* Is the first byte of this putative TPKT header
* a valid TPKT version number, i.e. 3?
*/
- if (tvb_get_guint8(tvb, offset) != 48) {
+ if (tvb_get_uint8(tvb, offset) != 48) {
/*
* No, so don't assume this is a TPKT header;
* we might be in the middle of TPKT data,
@@ -265,11 +265,11 @@ dissect_asciitpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
* Get the length from the TPKT header.
*/
- tvb_memcpy(tvb, (guint8 *)string, offset, 2);
+ tvb_memcpy(tvb, (uint8_t *)string, offset, 2);
mgcp_version = parseVersionText(string);
- tvb_memcpy(tvb, (guint8 *)string, offset +2, 2);
+ tvb_memcpy(tvb, (uint8_t *)string, offset +2, 2);
mgcp_reserved = parseReservedText(string);
- tvb_memcpy(tvb, (guint8 *)string, offset + 4, 4);
+ tvb_memcpy(tvb, (uint8_t *)string, offset + 4, 4);
mgcp_packet_len = parseLengthText(string);
data_len = mgcp_packet_len;
@@ -357,7 +357,7 @@ dissect_asciitpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
*/
void
dissect_tpkt_encap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
- gboolean desegment, dissector_handle_t subdissector_handle)
+ bool desegment, dissector_handle_t subdissector_handle)
{
proto_item *ti = NULL;
proto_tree *tpkt_tree = NULL;
@@ -387,7 +387,7 @@ dissect_tpkt_encap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
* Is the first byte of this putative TPKT header
* a valid TPKT version number, i.e. 3?
*/
- if (tvb_get_guint8(tvb, offset) != 3) {
+ if (tvb_get_uint8(tvb, offset) != 3) {
/*
* No, so don't assume this is a TPKT header;
* we might be in the middle of TPKT data,
@@ -592,7 +592,7 @@ dissect_ascii_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* da
* or may not be present depending on the RDP security settings.
*/
static int
-dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
+dissect_tpkt_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
if (is_tpkt(tvb, 0) == -1) {
/* Doesn't look like TPKT directly. Might be over TLS, so reject
@@ -604,6 +604,12 @@ dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *dat
return dissect_tpkt(tvb, pinfo, tree, data);
}
+static bool
+dissect_tpkt_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
+{
+ return dissect_tpkt_tcp(tvb, pinfo, tree, data) > 0;
+}
+
void
proto_register_tpkt(void)
{
@@ -613,7 +619,7 @@ proto_register_tpkt(void)
{
"Version",
"tpkt.version",
- FT_UINT8,
+ FT_UINT16,
BASE_DEC,
NULL,
0x0,
@@ -658,7 +664,7 @@ proto_register_tpkt(void)
},
};
- static gint *ett[] =
+ static int *ett[] =
{
&ett_tpkt,
};
@@ -677,8 +683,8 @@ proto_register_tpkt(void)
"To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
&tpkt_desegment);
- /* heuristic dissectors for premable CredSSP before RDP and Fast-Path RDP packets */
- tpkt_heur_subdissector_list = register_heur_dissector_list("tpkt", proto_tpkt);
+ /* heuristic dissectors for preamble CredSSP before RDP and Fast-Path RDP packets */
+ tpkt_heur_subdissector_list = register_heur_dissector_list_with_description("tpkt", "TPKT fragment", proto_tpkt);
proto_tpkt_heur = proto_register_protocol_in_name_only("TPKT Heuristic (for RDP)", "TPKT Heuristic (for RDP)", "tpkt", proto_tpkt, FT_PROTOCOL);
}
@@ -697,7 +703,7 @@ proto_reg_handoff_tpkt(void)
* if rejected the TLS heuristic dissector will be tried.
*/
dissector_add_uint("tls.port", TCP_PORT_RDP, tpkt_handle);
- dissector_add_uint("tcp.port", TCP_PORT_RDP, create_dissector_handle(dissect_tpkt_heur, proto_tpkt_heur));
+ dissector_add_uint("tcp.port", TCP_PORT_RDP, create_dissector_handle(dissect_tpkt_tcp, proto_tpkt_heur));
heur_dissector_add("tcp", dissect_tpkt_heur, "TPKT over TCP", "tpkt_tcp", proto_tpkt, HEURISTIC_DISABLE);
/*
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-14 11:37:13 +0000