1998-09-16 02:39:15 +00:00
|
|
|
/* packet.c
|
|
|
|
* Routines for packet disassembly
|
|
|
|
*
|
2004-07-18 00:24:25 +00:00
|
|
|
* $Id$
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
1998-09-16 02:39:15 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
2007-01-10 07:47:00 +00:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
1998-09-16 02:39:15 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
# include "config.h"
|
|
|
|
#endif
|
|
|
|
|
1999-03-23 03:14:46 +00:00
|
|
|
#include <glib.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
#include <stdio.h>
|
2000-03-26 07:59:47 +00:00
|
|
|
#include <stdlib.h>
|
2000-08-11 13:37:21 +00:00
|
|
|
|
|
|
|
#ifdef HAVE_STDARG_H
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <stdarg.h>
|
2000-08-11 13:37:21 +00:00
|
|
|
#endif
|
|
|
|
|
1998-11-18 03:01:44 +00:00
|
|
|
#include <string.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <ctype.h>
|
1998-10-12 01:40:57 +00:00
|
|
|
#include <time.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1998-09-27 22:12:47 +00:00
|
|
|
#include "packet.h"
|
1999-12-29 07:25:48 +00:00
|
|
|
#include "timestamp.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2001-03-22 16:24:16 +00:00
|
|
|
#include "atalk-utils.h"
|
|
|
|
#include "sna-utils.h"
|
2001-04-01 05:48:15 +00:00
|
|
|
#include "osi-utils.h"
|
2001-04-01 02:47:56 +00:00
|
|
|
#include "to_str.h"
|
1999-12-29 07:25:48 +00:00
|
|
|
|
2004-08-06 19:57:49 +00:00
|
|
|
#include "addr_resolv.h"
|
2000-05-11 08:18:09 +00:00
|
|
|
#include "tvbuff.h"
|
2000-04-04 16:33:57 +00:00
|
|
|
#include "plugins.h"
|
2001-12-18 19:09:08 +00:00
|
|
|
#include "epan_dissect.h"
|
2008-08-05 02:23:35 +00:00
|
|
|
|
2005-08-12 08:51:08 +00:00
|
|
|
#include "emem.h"
|
2000-04-04 16:33:57 +00:00
|
|
|
|
2005-02-09 23:38:00 +00:00
|
|
|
#include <epan/reassemble.h>
|
2005-10-03 18:34:21 +00:00
|
|
|
#include <epan/stream.h>
|
2006-08-31 22:56:38 +00:00
|
|
|
#include <epan/expert.h>
|
2002-02-24 06:45:14 +00:00
|
|
|
|
2001-04-01 23:11:43 +00:00
|
|
|
static gint proto_malformed = -1;
|
2001-04-01 22:01:34 +00:00
|
|
|
static dissector_handle_t frame_handle = NULL;
|
2001-11-26 05:41:15 +00:00
|
|
|
static dissector_handle_t data_handle = NULL;
|
2001-04-01 22:01:34 +00:00
|
|
|
|
2000-10-06 10:11:40 +00:00
|
|
|
void
|
|
|
|
packet_init(void)
|
|
|
|
{
|
2011-04-20 16:35:42 +00:00
|
|
|
frame_handle = find_dissector("frame");
|
|
|
|
data_handle = find_dissector("data");
|
|
|
|
proto_malformed = proto_get_id_by_filter_name("malformed");
|
2000-10-06 10:11:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
packet_cleanup(void)
|
|
|
|
{
|
|
|
|
/* nothing */
|
|
|
|
}
|
|
|
|
|
2001-06-29 09:46:54 +00:00
|
|
|
/*
|
2002-02-17 00:51:21 +00:00
|
|
|
* Given a tvbuff, and a length from a packet header, adjust the length
|
|
|
|
* of the tvbuff to reflect the specified length.
|
2001-06-29 09:46:54 +00:00
|
|
|
*/
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
set_actual_length(tvbuff_t *tvb, const guint specified_len)
|
2001-06-29 09:46:54 +00:00
|
|
|
{
|
2009-10-12 01:31:01 +00:00
|
|
|
if (specified_len < tvb_reported_length(tvb)) {
|
|
|
|
/* Adjust the length of this tvbuff to include only the specified
|
|
|
|
payload length.
|
|
|
|
|
|
|
|
The dissector above the one calling us (the dissector above is
|
|
|
|
probably us) may use that to determine how much of its packet
|
|
|
|
was padding. */
|
|
|
|
tvb_set_reported_length(tvb, specified_len);
|
|
|
|
}
|
2001-06-29 09:46:54 +00:00
|
|
|
}
|
|
|
|
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
/* Allow protocols to register "init" routines, which are called before
|
|
|
|
we make a pass through a capture file and dissect all its packets
|
|
|
|
(e.g., when we read in a new capture file, or run a "filter packets"
|
|
|
|
or "colorize packets" pass over the current capture file). */
|
|
|
|
static GSList *init_routines;
|
|
|
|
|
|
|
|
void
|
|
|
|
register_init_routine(void (*func)(void))
|
|
|
|
{
|
2004-02-01 02:35:06 +00:00
|
|
|
init_routines = g_slist_append(init_routines, (gpointer)func);
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
}
|
|
|
|
|
2004-02-01 02:35:06 +00:00
|
|
|
typedef void (*void_func_t)(void);
|
|
|
|
|
2002-02-24 06:45:14 +00:00
|
|
|
/* Initialize all data structures used for dissection. */
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
static void
|
2002-03-02 20:51:46 +00:00
|
|
|
call_init_routine(gpointer routine, gpointer dummy _U_)
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
{
|
2004-02-01 02:35:06 +00:00
|
|
|
void_func_t func = (void_func_t)routine;
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
(*func)();
|
|
|
|
}
|
|
|
|
|
2005-03-23 12:58:59 +00:00
|
|
|
/*
|
|
|
|
* XXX - for now, these are the same; the "init" routines free whatever
|
|
|
|
* stuff is left over from any previous dissection, and then initialize
|
|
|
|
* their tables.
|
|
|
|
*
|
|
|
|
* We should probably split that into "init" and "cleanup" routines, for
|
|
|
|
* cleanliness' sake.
|
|
|
|
*/
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
void
|
2002-02-24 06:45:14 +00:00
|
|
|
init_dissection(void)
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
{
|
2005-08-12 08:51:08 +00:00
|
|
|
/* Reclaim and reinitialize all memory of seasonal scope */
|
|
|
|
se_free_all();
|
|
|
|
|
2002-02-24 06:45:14 +00:00
|
|
|
/* Initialize the table of conversations. */
|
|
|
|
epan_conversation_init();
|
|
|
|
|
2002-10-22 08:22:07 +00:00
|
|
|
/* Initialize the table of circuits. */
|
|
|
|
epan_circuit_init();
|
|
|
|
|
2002-02-24 06:45:14 +00:00
|
|
|
/* Initialize protocol-specific variables. */
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
g_slist_foreach(init_routines, &call_init_routine, NULL);
|
|
|
|
|
2006-08-31 22:56:38 +00:00
|
|
|
/* Initialize the stream-handling tables */
|
2005-10-03 18:34:21 +00:00
|
|
|
stream_init();
|
2006-08-31 22:56:38 +00:00
|
|
|
|
|
|
|
/* Initialize the expert infos */
|
|
|
|
expert_init();
|
2002-02-24 06:45:14 +00:00
|
|
|
}
|
2002-01-05 04:12:17 +00:00
|
|
|
|
2005-03-23 12:58:59 +00:00
|
|
|
void
|
|
|
|
cleanup_dissection(void)
|
|
|
|
{
|
2011-10-20 02:29:13 +00:00
|
|
|
/* Cleanup the table of conversations. Do this before freeing seasonal
|
|
|
|
* memory (at least until conversation's use of g_slist is changed).
|
|
|
|
*/
|
|
|
|
epan_conversation_cleanup();
|
|
|
|
|
2009-09-06 18:25:23 +00:00
|
|
|
/* Reclaim all memory of seasonal scope */
|
|
|
|
se_free_all();
|
|
|
|
|
|
|
|
/* Cleanup the table of circuits. */
|
2009-10-12 01:31:01 +00:00
|
|
|
epan_circuit_cleanup();
|
2009-09-06 18:25:23 +00:00
|
|
|
|
|
|
|
/* TODO: Introduce cleanup_routines */
|
|
|
|
/* Cleanup protocol-specific variables. */
|
|
|
|
g_slist_foreach(init_routines, &call_init_routine, NULL);
|
|
|
|
|
|
|
|
/* Cleanup the stream-handling tables */
|
|
|
|
stream_cleanup();
|
|
|
|
|
|
|
|
/* Initialize the expert infos */
|
|
|
|
expert_cleanup();
|
2005-03-23 12:58:59 +00:00
|
|
|
}
|
|
|
|
|
2002-01-05 04:12:17 +00:00
|
|
|
/* Allow protocols to register a "cleanup" routine to be
|
|
|
|
* run after the initial sequential run through the packets.
|
|
|
|
* Note that the file can still be open after this; this is not
|
|
|
|
* the final cleanup. */
|
|
|
|
static GSList *postseq_cleanup_routines;
|
|
|
|
|
|
|
|
void
|
2004-02-01 02:35:06 +00:00
|
|
|
register_postseq_cleanup_routine(void_func_t func)
|
2002-01-05 04:12:17 +00:00
|
|
|
{
|
|
|
|
postseq_cleanup_routines = g_slist_append(postseq_cleanup_routines,
|
2004-02-01 02:35:06 +00:00
|
|
|
(gpointer)func);
|
2002-01-05 04:12:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Call all the registered "postseq_cleanup" routines. */
|
|
|
|
static void
|
2002-03-02 20:51:46 +00:00
|
|
|
call_postseq_cleanup_routine(gpointer routine, gpointer dummy _U_)
|
2002-01-05 04:12:17 +00:00
|
|
|
{
|
2004-02-01 02:35:06 +00:00
|
|
|
void_func_t func = (void_func_t)routine;
|
2002-01-05 04:12:17 +00:00
|
|
|
(*func)();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
postseq_cleanup_all_protocols(void)
|
|
|
|
{
|
|
|
|
g_slist_foreach(postseq_cleanup_routines,
|
|
|
|
&call_postseq_cleanup_routine, NULL);
|
|
|
|
}
|
|
|
|
|
2002-02-18 01:08:44 +00:00
|
|
|
/*
|
|
|
|
* Add a new data source to the list of data sources for a frame, given
|
|
|
|
* the tvbuff for the data source and its name.
|
|
|
|
*/
|
|
|
|
void
|
2005-07-23 11:41:25 +00:00
|
|
|
add_new_data_source(packet_info *pinfo, tvbuff_t *tvb, const char *name)
|
2002-02-18 01:08:44 +00:00
|
|
|
{
|
|
|
|
data_source *src;
|
|
|
|
|
2005-08-14 00:26:56 +00:00
|
|
|
src = ep_alloc(sizeof (data_source));
|
2002-02-18 01:08:44 +00:00
|
|
|
src->tvb = tvb;
|
2009-09-25 21:29:36 +00:00
|
|
|
src->name_initialized = FALSE;
|
2009-07-12 10:19:13 +00:00
|
|
|
src->name = name;
|
2002-06-04 07:03:57 +00:00
|
|
|
pinfo->data_src = g_slist_append(pinfo->data_src, src);
|
2002-02-18 01:08:44 +00:00
|
|
|
}
|
|
|
|
|
2009-07-12 10:19:13 +00:00
|
|
|
const char*
|
|
|
|
get_data_source_name(data_source *src)
|
|
|
|
{
|
|
|
|
if (!src->name_initialized) {
|
|
|
|
src->name = ep_strdup_printf("%s (%u bytes)", src->name, tvb_length(src->tvb));
|
|
|
|
src->name_initialized = TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return src->name;
|
|
|
|
}
|
|
|
|
|
2002-02-18 01:08:44 +00:00
|
|
|
/*
|
|
|
|
* Free up a frame's list of data sources.
|
|
|
|
*/
|
|
|
|
void
|
2002-06-04 07:03:57 +00:00
|
|
|
free_data_sources(packet_info *pinfo)
|
2002-02-18 01:08:44 +00:00
|
|
|
{
|
2009-08-15 06:38:10 +00:00
|
|
|
if (pinfo->data_src) {
|
|
|
|
g_slist_free(pinfo->data_src);
|
|
|
|
pinfo->data_src = NULL;
|
|
|
|
}
|
2002-02-18 01:08:44 +00:00
|
|
|
}
|
2002-01-05 04:12:17 +00:00
|
|
|
|
2012-02-28 03:19:49 +00:00
|
|
|
void
|
|
|
|
mark_frame_as_depended_upon(packet_info *pinfo, guint32 frame_num)
|
|
|
|
{
|
|
|
|
/* Don't mark a frame as dependent on itself */
|
|
|
|
if (frame_num != PINFO_FD_NUM(pinfo)) {
|
|
|
|
pinfo->dependent_frames = g_slist_prepend(pinfo->dependent_frames, GUINT_TO_POINTER(frame_num));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2002-05-09 23:50:34 +00:00
|
|
|
/* Allow dissectors to register a "final_registration" routine
|
2006-03-16 23:18:15 +00:00
|
|
|
* that is run like the proto_register_XXX() routine, but at the
|
2002-05-09 23:50:34 +00:00
|
|
|
* end of the epan_init() function; that is, *after* all other
|
2002-05-10 20:02:40 +00:00
|
|
|
* subsystems, like dfilters, have finished initializing. This is
|
2002-05-09 23:50:34 +00:00
|
|
|
* useful for dissector registration routines which need to compile
|
|
|
|
* display filters. dfilters can't initialize itself until all protocols
|
2006-03-16 23:18:15 +00:00
|
|
|
* have registered themselves. */
|
2002-05-09 23:50:34 +00:00
|
|
|
static GSList *final_registration_routines;
|
|
|
|
|
|
|
|
void
|
|
|
|
register_final_registration_routine(void (*func)(void))
|
|
|
|
{
|
|
|
|
final_registration_routines = g_slist_append(final_registration_routines,
|
2004-02-01 02:35:06 +00:00
|
|
|
(gpointer)func);
|
2002-05-09 23:50:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Call all the registered "final_registration" routines. */
|
|
|
|
static void
|
2002-05-10 20:02:40 +00:00
|
|
|
call_final_registration_routine(gpointer routine, gpointer dummy _U_)
|
2002-05-09 23:50:34 +00:00
|
|
|
{
|
2004-02-01 02:35:06 +00:00
|
|
|
void_func_t func = (void_func_t)routine;
|
2002-05-09 23:50:34 +00:00
|
|
|
|
|
|
|
(*func)();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
final_registration_all_protocols(void)
|
|
|
|
{
|
|
|
|
g_slist_foreach(final_registration_routines,
|
|
|
|
&call_final_registration_routine, NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-10-06 10:11:40 +00:00
|
|
|
/* Creates the top-most tvbuff and calls dissect_frame() */
|
1998-09-16 02:39:15 +00:00
|
|
|
void
|
2001-11-21 23:16:26 +00:00
|
|
|
dissect_packet(epan_dissect_t *edt, union wtap_pseudo_header *pseudo_header,
|
2002-08-02 21:29:45 +00:00
|
|
|
const guchar *pd, frame_data *fd, column_info *cinfo)
|
1998-09-27 22:12:47 +00:00
|
|
|
{
|
2003-04-16 05:55:41 +00:00
|
|
|
if (cinfo != NULL)
|
|
|
|
col_init(cinfo);
|
2009-07-16 20:52:36 +00:00
|
|
|
memset(&edt->pi, 0, sizeof(edt->pi));
|
2002-03-28 09:12:00 +00:00
|
|
|
edt->pi.current_proto = "<Missing Protocol Name>";
|
|
|
|
edt->pi.cinfo = cinfo;
|
|
|
|
edt->pi.fd = fd;
|
|
|
|
edt->pi.pseudo_header = pseudo_header;
|
2001-12-08 21:03:41 +00:00
|
|
|
edt->pi.dl_src.type = AT_NONE;
|
|
|
|
edt->pi.dl_dst.type = AT_NONE;
|
|
|
|
edt->pi.net_src.type = AT_NONE;
|
|
|
|
edt->pi.net_dst.type = AT_NONE;
|
|
|
|
edt->pi.src.type = AT_NONE;
|
|
|
|
edt->pi.dst.type = AT_NONE;
|
2002-10-22 08:22:07 +00:00
|
|
|
edt->pi.ctype = CT_NONE;
|
2003-02-27 03:56:48 +00:00
|
|
|
edt->pi.noreassembly_reason = "";
|
2001-12-08 21:03:41 +00:00
|
|
|
edt->pi.ptype = PT_NONE;
|
|
|
|
edt->pi.p2p_dir = P2P_DIR_UNKNOWN;
|
2005-05-02 14:07:33 +00:00
|
|
|
edt->pi.dcetransporttype = -1;
|
|
|
|
edt->pi.annex_a_used = MTP2_ANNEX_A_USED_UNKNOWN;
|
2007-02-21 20:21:11 +00:00
|
|
|
edt->pi.dcerpc_procedure_name="";
|
2009-06-06 17:03:34 +00:00
|
|
|
edt->pi.link_dir = LINK_DIR_UNKNOWN;
|
2011-08-08 17:25:35 +00:00
|
|
|
edt->tvb = NULL;
|
2008-05-21 20:20:37 +00:00
|
|
|
|
2011-04-20 16:35:42 +00:00
|
|
|
/* to enable decode as for ethertype=0x0000 (fix for bug 4721) */
|
|
|
|
edt->pi.ethertype = G_MAXINT;
|
2010-05-08 07:55:12 +00:00
|
|
|
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("before dissecting frame %d",fd->num));
|
2009-09-06 07:55:17 +00:00
|
|
|
|
2000-05-11 08:18:09 +00:00
|
|
|
TRY {
|
2011-12-13 00:44:22 +00:00
|
|
|
/*
|
|
|
|
* XXX - currently, the length arguments to
|
|
|
|
* tvb_new_real_data() are signed, but the captured
|
|
|
|
* and reported length values are unsigned; this means
|
|
|
|
* that length values > 2^31 - 1 will appear as
|
|
|
|
* negative lengths in tvb_new_real_data().
|
|
|
|
*
|
|
|
|
* Captured length values that large will already
|
|
|
|
* have been filtered out by the Wiretap modules
|
|
|
|
* (the file will be reported as corrupted), to
|
|
|
|
* avoid trying to allocate large chunks of data.
|
|
|
|
*
|
|
|
|
* Reported length values will not have been
|
|
|
|
* filtered out, and should not be filtered out,
|
|
|
|
* as those lengths are not necessarily invalid.
|
|
|
|
*
|
|
|
|
* For now, we clip the reported length at G_MAXINT,
|
|
|
|
* so that tvb_new_real_data() doesn't fail. It
|
|
|
|
* would throw an exception, which we'd catch, but
|
|
|
|
* that would mean we would have no tvbuffs
|
|
|
|
* associated with edt, which would upset much of
|
|
|
|
* the rest of the application.
|
|
|
|
*/
|
|
|
|
edt->tvb = tvb_new_real_data(pd, fd->cap_len,
|
|
|
|
fd->pkt_len > G_MAXINT ? G_MAXINT : fd->pkt_len);
|
2001-12-08 21:03:41 +00:00
|
|
|
/* Add this tvbuffer into the data_src list */
|
2010-10-30 16:00:30 +00:00
|
|
|
add_new_data_source(&edt->pi, edt->tvb, "Frame");
|
2002-02-11 19:02:56 +00:00
|
|
|
|
|
|
|
/* Even though dissect_frame() catches all the exceptions a
|
|
|
|
* sub-dissector can throw, dissect_frame() itself may throw
|
|
|
|
* a ReportedBoundsError in bizarre cases. Thus, we catch the exception
|
|
|
|
* in this function. */
|
|
|
|
if(frame_handle != NULL)
|
|
|
|
call_dissector(frame_handle, edt->tvb, &edt->pi, edt->tree);
|
|
|
|
|
2000-05-11 08:18:09 +00:00
|
|
|
}
|
|
|
|
CATCH(BoundsError) {
|
2000-10-06 10:11:40 +00:00
|
|
|
g_assert_not_reached();
|
2000-05-16 04:44:14 +00:00
|
|
|
}
|
|
|
|
CATCH(ReportedBoundsError) {
|
2005-05-02 14:07:33 +00:00
|
|
|
if(proto_malformed != -1){
|
|
|
|
proto_tree_add_protocol_format(edt->tree, proto_malformed, edt->tvb, 0, 0,
|
2009-10-12 01:31:01 +00:00
|
|
|
"[Malformed Frame: Packet Length]" );
|
2005-05-02 14:07:33 +00:00
|
|
|
} else {
|
|
|
|
g_assert_not_reached();
|
|
|
|
}
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
2007-01-15 05:16:13 +00:00
|
|
|
CATCH(OutOfMemoryError) {
|
|
|
|
RETHROW;
|
|
|
|
}
|
2000-05-11 08:18:09 +00:00
|
|
|
ENDTRY;
|
2009-09-06 07:55:17 +00:00
|
|
|
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("after dissecting frame %d",fd->num));
|
2000-05-11 08:18:09 +00:00
|
|
|
|
2000-04-13 20:39:38 +00:00
|
|
|
fd->flags.visited = 1;
|
1999-07-07 22:52:57 +00:00
|
|
|
}
|
|
|
|
|
2000-04-03 09:24:12 +00:00
|
|
|
/*********************** code added for sub-dissector lookup *********************/
|
|
|
|
|
2001-12-03 04:00:26 +00:00
|
|
|
/*
|
2010-04-03 18:18:50 +00:00
|
|
|
* A dissector handle.
|
2001-12-03 04:00:26 +00:00
|
|
|
*/
|
|
|
|
struct dissector_handle {
|
|
|
|
const char *name; /* dissector name */
|
2002-02-26 11:55:39 +00:00
|
|
|
gboolean is_new; /* TRUE if new-style dissector */
|
|
|
|
union {
|
|
|
|
dissector_t old;
|
|
|
|
new_dissector_t new;
|
|
|
|
} dissector;
|
2003-11-16 23:17:27 +00:00
|
|
|
protocol_t *protocol;
|
2001-12-03 04:00:26 +00:00
|
|
|
};
|
2001-02-01 07:34:33 +00:00
|
|
|
|
2005-05-11 10:40:53 +00:00
|
|
|
/* This function will return
|
|
|
|
* old style dissector :
|
|
|
|
* length of the payload or 1 of the payload is empty
|
|
|
|
* new dissector :
|
|
|
|
* >0 this protocol was successfully dissected and this was this protocol.
|
|
|
|
* 0 this packet did not match this protocol.
|
|
|
|
*
|
|
|
|
* The only time this function will return 0 is if it is a new style dissector
|
|
|
|
* and if the dissector rejected the packet.
|
2006-03-07 16:28:25 +00:00
|
|
|
*/
|
2003-01-20 05:42:37 +00:00
|
|
|
static int
|
|
|
|
call_dissector_through_handle(dissector_handle_t handle, tvbuff_t *tvb,
|
2009-10-12 01:31:01 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree)
|
2003-01-20 05:42:37 +00:00
|
|
|
{
|
2003-08-12 20:09:38 +00:00
|
|
|
const char *saved_proto;
|
2012-01-20 02:43:37 +00:00
|
|
|
int ret;
|
2003-01-20 05:42:37 +00:00
|
|
|
|
2003-08-12 20:09:38 +00:00
|
|
|
saved_proto = pinfo->current_proto;
|
|
|
|
|
2003-11-16 23:17:27 +00:00
|
|
|
if (handle->protocol != NULL) {
|
2003-08-12 20:09:38 +00:00
|
|
|
pinfo->current_proto =
|
2009-10-12 01:31:01 +00:00
|
|
|
proto_get_protocol_short_name(handle->protocol);
|
2003-08-12 20:09:38 +00:00
|
|
|
}
|
|
|
|
|
2005-05-11 10:40:53 +00:00
|
|
|
if (handle->is_new) {
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("before calling handle->dissector.new for %s",handle->name));
|
2003-01-20 05:42:37 +00:00
|
|
|
ret = (*handle->dissector.new)(tvb, pinfo, tree);
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("after calling handle->dissector.new for %s",handle->name));
|
2005-05-11 10:40:53 +00:00
|
|
|
} else {
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("before calling handle->dissector.old for %s",handle->name));
|
2003-01-20 05:42:37 +00:00
|
|
|
(*handle->dissector.old)(tvb, pinfo, tree);
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("after calling handle->dissector.old for %s",handle->name));
|
2003-01-20 05:42:37 +00:00
|
|
|
ret = tvb_length(tvb);
|
|
|
|
if (ret == 0) {
|
|
|
|
/*
|
|
|
|
* XXX - a tvbuff can have 0 bytes of data in
|
|
|
|
* it, so we have to make sure we don't return
|
|
|
|
* 0.
|
|
|
|
*/
|
|
|
|
ret = 1;
|
|
|
|
}
|
|
|
|
}
|
2003-08-12 20:09:38 +00:00
|
|
|
|
|
|
|
pinfo->current_proto = saved_proto;
|
|
|
|
|
2003-01-20 05:42:37 +00:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2002-10-28 23:04:15 +00:00
|
|
|
/*
|
|
|
|
* Call a dissector through a handle.
|
|
|
|
* If the protocol for that handle isn't enabled, return 0 without
|
|
|
|
* calling the dissector.
|
|
|
|
* Otherwise, if the handle refers to a new-style dissector, call the
|
|
|
|
* dissector and return its return value, otherwise call it and return
|
|
|
|
* the length of the tvbuff pointed to by the argument.
|
|
|
|
*/
|
2007-11-09 06:07:30 +00:00
|
|
|
|
|
|
|
static int
|
|
|
|
call_dissector_work_error(dissector_handle_t handle, tvbuff_t *tvb,
|
2009-10-12 01:31:01 +00:00
|
|
|
packet_info *pinfo_arg, proto_tree *tree);
|
2007-11-09 06:07:30 +00:00
|
|
|
|
2002-10-28 23:04:15 +00:00
|
|
|
static int
|
|
|
|
call_dissector_work(dissector_handle_t handle, tvbuff_t *tvb,
|
2012-01-20 02:43:37 +00:00
|
|
|
packet_info *pinfo_arg, proto_tree *tree, gboolean add_proto_name)
|
2002-10-28 23:04:15 +00:00
|
|
|
{
|
2007-11-09 06:07:30 +00:00
|
|
|
packet_info *pinfo = pinfo_arg;
|
2012-01-20 02:43:37 +00:00
|
|
|
const char *saved_proto;
|
|
|
|
guint16 saved_can_desegment;
|
|
|
|
int ret;
|
|
|
|
gint saved_layer_names_len = 0;
|
2002-10-28 23:04:15 +00:00
|
|
|
|
2003-11-16 23:17:27 +00:00
|
|
|
if (handle->protocol != NULL &&
|
|
|
|
!proto_is_protocol_enabled(handle->protocol)) {
|
2002-10-28 23:04:15 +00:00
|
|
|
/*
|
|
|
|
* The protocol isn't enabled.
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
saved_proto = pinfo->current_proto;
|
|
|
|
saved_can_desegment = pinfo->can_desegment;
|
|
|
|
|
2005-01-20 11:05:06 +00:00
|
|
|
if (pinfo->layer_names != NULL)
|
2009-04-08 05:25:14 +00:00
|
|
|
saved_layer_names_len = (gint) pinfo->layer_names->len;
|
2005-01-20 11:05:06 +00:00
|
|
|
|
2002-10-28 23:04:15 +00:00
|
|
|
/*
|
|
|
|
* can_desegment is set to 2 by anyone which offers the
|
|
|
|
* desegmentation api/service.
|
|
|
|
* Then everytime a subdissector is called it is decremented
|
|
|
|
* by one.
|
|
|
|
* Thus only the subdissector immediately on top of whoever
|
|
|
|
* offers this service can use it.
|
2003-12-29 22:44:50 +00:00
|
|
|
* We save the current value of "can_desegment" for the
|
|
|
|
* benefit of TCP proxying dissectors such as SOCKS, so they
|
|
|
|
* can restore it and allow the dissectors they call to use
|
|
|
|
* the desegmentation service.
|
2002-10-28 23:04:15 +00:00
|
|
|
*/
|
2003-12-29 22:44:50 +00:00
|
|
|
pinfo->saved_can_desegment = saved_can_desegment;
|
2002-10-28 23:04:15 +00:00
|
|
|
pinfo->can_desegment = saved_can_desegment-(saved_can_desegment>0);
|
2003-11-16 23:17:27 +00:00
|
|
|
if (handle->protocol != NULL) {
|
2002-10-28 23:04:15 +00:00
|
|
|
pinfo->current_proto =
|
2009-10-12 01:31:01 +00:00
|
|
|
proto_get_protocol_short_name(handle->protocol);
|
2005-01-19 04:49:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Add the protocol name to the layers
|
2009-04-21 16:53:00 +00:00
|
|
|
* if not told not to. Asn2wrs generated dissectors may be added multiple times otherwise.
|
2005-01-19 04:49:29 +00:00
|
|
|
*/
|
2009-04-21 16:53:00 +00:00
|
|
|
if ((pinfo->layer_names)&&(add_proto_name)) {
|
2005-01-19 04:49:29 +00:00
|
|
|
if (pinfo->layer_names->len > 0)
|
|
|
|
g_string_append(pinfo->layer_names, ":");
|
2009-09-06 07:55:17 +00:00
|
|
|
g_string_append(pinfo->layer_names,
|
|
|
|
proto_get_protocol_filter_name(proto_get_id(handle->protocol)));
|
2005-01-19 04:49:29 +00:00
|
|
|
}
|
2002-10-28 23:04:15 +00:00
|
|
|
}
|
2003-01-20 05:42:37 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
if (pinfo->flags.in_error_pkt) {
|
2007-11-09 06:07:30 +00:00
|
|
|
ret = call_dissector_work_error(handle, tvb, pinfo, tree);
|
|
|
|
} else {
|
2003-01-20 05:42:37 +00:00
|
|
|
/*
|
2007-11-09 06:07:30 +00:00
|
|
|
* Just call the subdissector.
|
|
|
|
*/
|
|
|
|
ret = call_dissector_through_handle(handle, tvb, pinfo, tree);
|
|
|
|
}
|
|
|
|
if (ret == 0) {
|
2003-01-20 05:42:37 +00:00
|
|
|
/*
|
2007-11-09 06:07:30 +00:00
|
|
|
* That dissector didn't accept the packet, so
|
|
|
|
* remove its protocol's name from the list
|
|
|
|
* of protocols.
|
2003-01-20 05:42:37 +00:00
|
|
|
*/
|
2009-04-21 16:53:00 +00:00
|
|
|
if ((pinfo->layer_names != NULL)&&(add_proto_name)) {
|
2009-09-06 07:55:17 +00:00
|
|
|
g_string_truncate(pinfo->layer_names, saved_layer_names_len);
|
2003-01-20 05:42:37 +00:00
|
|
|
}
|
2007-11-09 06:07:30 +00:00
|
|
|
}
|
|
|
|
pinfo->current_proto = saved_proto;
|
|
|
|
pinfo->can_desegment = saved_can_desegment;
|
|
|
|
return ret;
|
|
|
|
}
|
2003-01-20 05:42:37 +00:00
|
|
|
|
|
|
|
|
2007-11-09 06:07:30 +00:00
|
|
|
static int
|
|
|
|
call_dissector_work_error(dissector_handle_t handle, tvbuff_t *tvb,
|
2009-10-12 01:31:01 +00:00
|
|
|
packet_info *pinfo_arg, proto_tree *tree)
|
2007-11-09 06:07:30 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
packet_info *pinfo = pinfo_arg;
|
|
|
|
const char *saved_proto;
|
|
|
|
guint16 saved_can_desegment;
|
|
|
|
volatile int ret = 0;
|
|
|
|
gboolean save_writable;
|
|
|
|
address save_dl_src;
|
|
|
|
address save_dl_dst;
|
|
|
|
address save_net_src;
|
|
|
|
address save_net_dst;
|
|
|
|
address save_src;
|
|
|
|
address save_dst;
|
2003-01-20 05:42:37 +00:00
|
|
|
|
2007-11-09 06:07:30 +00:00
|
|
|
/*
|
|
|
|
* This isn't a packet being transported inside
|
|
|
|
* the protocol whose dissector is calling us,
|
|
|
|
* it's a copy of a packet that caused an error
|
|
|
|
* in some protocol included in a packet that
|
|
|
|
* reports the error (e.g., an ICMP Unreachable
|
|
|
|
* packet).
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Save the current state of the writability of
|
|
|
|
* the columns, and restore them after the
|
|
|
|
* dissector returns, so that the columns
|
|
|
|
* don't reflect the packet that got the error,
|
|
|
|
* they reflect the packet that reported the
|
|
|
|
* error.
|
|
|
|
*/
|
|
|
|
saved_proto = pinfo->current_proto;
|
|
|
|
saved_can_desegment = pinfo->can_desegment;
|
2003-01-20 05:42:37 +00:00
|
|
|
|
2007-11-09 06:07:30 +00:00
|
|
|
save_writable = col_get_writable(pinfo->cinfo);
|
|
|
|
col_set_writable(pinfo->cinfo, FALSE);
|
2012-01-20 02:43:37 +00:00
|
|
|
save_dl_src = pinfo->dl_src;
|
|
|
|
save_dl_dst = pinfo->dl_dst;
|
|
|
|
save_net_src = pinfo->net_src;
|
|
|
|
save_net_dst = pinfo->net_dst;
|
|
|
|
save_src = pinfo->src;
|
|
|
|
save_dst = pinfo->dst;
|
2007-11-09 06:07:30 +00:00
|
|
|
|
|
|
|
/* Dissect the contained packet. */
|
|
|
|
TRY {
|
|
|
|
ret = call_dissector_through_handle(handle, tvb,pinfo, tree);
|
|
|
|
}
|
|
|
|
CATCH(BoundsError) {
|
|
|
|
/*
|
|
|
|
* Restore the column writability and addresses.
|
|
|
|
*/
|
2003-01-20 05:42:37 +00:00
|
|
|
col_set_writable(pinfo->cinfo, save_writable);
|
2012-01-20 02:43:37 +00:00
|
|
|
pinfo->dl_src = save_dl_src;
|
|
|
|
pinfo->dl_dst = save_dl_dst;
|
2003-01-20 05:42:37 +00:00
|
|
|
pinfo->net_src = save_net_src;
|
|
|
|
pinfo->net_dst = save_net_dst;
|
2012-01-20 02:43:37 +00:00
|
|
|
pinfo->src = save_src;
|
|
|
|
pinfo->dst = save_dst;
|
2007-11-09 06:07:30 +00:00
|
|
|
|
2003-01-20 05:42:37 +00:00
|
|
|
/*
|
2007-11-09 06:07:30 +00:00
|
|
|
* Restore the current protocol, so any
|
|
|
|
* "Short Frame" indication reflects that
|
|
|
|
* protocol, not the protocol for the
|
|
|
|
* packet that got the error.
|
|
|
|
*/
|
|
|
|
pinfo->current_proto = saved_proto;
|
2005-01-20 11:05:06 +00:00
|
|
|
|
|
|
|
/*
|
2007-11-09 06:07:30 +00:00
|
|
|
* Restore the desegmentability state.
|
|
|
|
*/
|
|
|
|
pinfo->can_desegment = saved_can_desegment;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Rethrow the exception, so this will be
|
|
|
|
* reported as a short frame.
|
|
|
|
*/
|
|
|
|
RETHROW;
|
2005-01-20 11:05:06 +00:00
|
|
|
}
|
2007-11-09 06:07:30 +00:00
|
|
|
CATCH(ReportedBoundsError) {
|
|
|
|
/*
|
|
|
|
* "ret" wasn't set because an exception was thrown
|
|
|
|
* before "call_dissector_through_handle()" returned.
|
|
|
|
* As it called something, at least one dissector
|
|
|
|
* accepted the packet, and, as an exception was
|
|
|
|
* thrown, not only was all the tvbuff dissected,
|
|
|
|
* a dissector tried dissecting past the end of
|
|
|
|
* the data in some tvbuff, so we'll assume that
|
|
|
|
* the entire tvbuff was dissected.
|
|
|
|
*/
|
|
|
|
ret = tvb_length(tvb);
|
|
|
|
}
|
|
|
|
CATCH(OutOfMemoryError) {
|
|
|
|
RETHROW;
|
2009-10-12 01:31:01 +00:00
|
|
|
}
|
2007-11-09 06:07:30 +00:00
|
|
|
ENDTRY;
|
|
|
|
|
|
|
|
col_set_writable(pinfo->cinfo, save_writable);
|
2012-01-20 02:43:37 +00:00
|
|
|
pinfo->dl_src = save_dl_src;
|
|
|
|
pinfo->dl_dst = save_dl_dst;
|
2007-11-09 06:07:30 +00:00
|
|
|
pinfo->net_src = save_net_src;
|
|
|
|
pinfo->net_dst = save_net_dst;
|
2012-01-20 02:43:37 +00:00
|
|
|
pinfo->src = save_src;
|
|
|
|
pinfo->dst = save_dst;
|
2007-11-09 06:07:30 +00:00
|
|
|
pinfo->want_pdu_tracking = 0;
|
2002-10-28 23:04:15 +00:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
/*
|
|
|
|
* An entry in the hash table portion of a dissector table.
|
|
|
|
*/
|
2001-02-01 07:34:33 +00:00
|
|
|
struct dtbl_entry {
|
2001-12-03 04:00:26 +00:00
|
|
|
dissector_handle_t initial;
|
|
|
|
dissector_handle_t current;
|
2001-02-01 07:34:33 +00:00
|
|
|
};
|
|
|
|
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
/*
|
|
|
|
* A dissector table.
|
|
|
|
*
|
|
|
|
* "hash_table" is a hash table, indexed by port number, supplying
|
|
|
|
* a "struct dtbl_entry"; it records what dissector is assigned to
|
2010-12-20 05:35:29 +00:00
|
|
|
* that uint or string value in that table.
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
*
|
|
|
|
* "dissector_handles" is a list of all dissectors that *could* be
|
|
|
|
* used in that table; not all of them are necessarily in the table,
|
2010-12-20 05:35:29 +00:00
|
|
|
* as they may be for protocols that don't have a fixed uint value,
|
|
|
|
* e.g. for TCP or UDP port number tables and protocols with no fixed
|
|
|
|
* port number.
|
2001-12-08 06:41:48 +00:00
|
|
|
*
|
|
|
|
* "ui_name" is the name the dissector table has in the user interface.
|
|
|
|
*
|
2010-12-20 05:35:29 +00:00
|
|
|
* "type" is a field type giving the width of the uint value for that
|
|
|
|
* dissector table, if it's a uint dissector table.
|
2001-12-08 06:41:48 +00:00
|
|
|
*
|
2010-12-20 05:35:29 +00:00
|
|
|
* "base" is the base in which to display the uint value for that
|
|
|
|
* dissector table, if it's a uint dissector table.
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
*/
|
|
|
|
struct dissector_table {
|
2001-12-08 06:41:48 +00:00
|
|
|
GHashTable *hash_table;
|
|
|
|
GSList *dissector_handles;
|
2005-07-23 11:41:25 +00:00
|
|
|
const char *ui_name;
|
2001-12-08 06:41:48 +00:00
|
|
|
ftenum_t type;
|
|
|
|
int base;
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
static GHashTable *dissector_tables = NULL;
|
|
|
|
|
2001-12-08 06:41:48 +00:00
|
|
|
/* Finds a dissector table by table name. */
|
2002-11-15 03:10:36 +00:00
|
|
|
dissector_table_t
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
find_dissector_table(const char *name)
|
|
|
|
{
|
|
|
|
g_assert(dissector_tables);
|
|
|
|
return g_hash_table_lookup( dissector_tables, name );
|
|
|
|
}
|
2000-04-03 09:24:12 +00:00
|
|
|
|
2005-01-19 04:49:29 +00:00
|
|
|
/* Find an entry in a uint dissector table. */
|
2003-09-06 23:37:02 +00:00
|
|
|
static dtbl_entry_t *
|
2010-04-03 18:18:50 +00:00
|
|
|
find_uint_dtbl_entry(dissector_table_t sub_dissectors, const guint32 pattern)
|
2003-09-06 23:37:02 +00:00
|
|
|
{
|
|
|
|
switch (sub_dissectors->type) {
|
|
|
|
|
|
|
|
case FT_UINT8:
|
|
|
|
case FT_UINT16:
|
|
|
|
case FT_UINT24:
|
|
|
|
case FT_UINT32:
|
|
|
|
/*
|
2010-12-20 05:35:29 +00:00
|
|
|
* You can do a uint lookup in these tables.
|
2003-09-06 23:37:02 +00:00
|
|
|
*/
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
/*
|
2010-12-20 05:35:29 +00:00
|
|
|
* But you can't do a uint lookup in any other types
|
2003-09-06 23:37:02 +00:00
|
|
|
* of tables.
|
|
|
|
*/
|
|
|
|
g_assert_not_reached();
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the entry.
|
|
|
|
*/
|
|
|
|
return g_hash_table_lookup(sub_dissectors->hash_table,
|
2009-10-12 01:31:01 +00:00
|
|
|
GUINT_TO_POINTER(pattern));
|
2003-09-06 23:37:02 +00:00
|
|
|
}
|
|
|
|
|
2009-10-05 18:52:46 +00:00
|
|
|
#if 0
|
|
|
|
static void
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_add_uint_sanity_check(const char *name, guint32 pattern, dissector_handle_t handle, dissector_table_t sub_dissectors)
|
2009-10-05 18:52:46 +00:00
|
|
|
{
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
|
|
|
|
|
|
|
if (pattern == 0) {
|
|
|
|
g_warning("%s: %s registering using a pattern of 0",
|
|
|
|
name, proto_get_protocol_filter_name(proto_get_id(handle->protocol)));
|
|
|
|
}
|
|
|
|
|
|
|
|
dtbl_entry = g_hash_table_lookup(sub_dissectors->hash_table, GUINT_TO_POINTER(pattern));
|
|
|
|
if (dtbl_entry != NULL) {
|
|
|
|
g_warning("%s: %s registering using pattern %d already registered by %s",
|
|
|
|
name, proto_get_protocol_filter_name(proto_get_id(handle->protocol)),
|
2012-01-20 02:43:37 +00:00
|
|
|
pattern, proto_get_protocol_filter_name(proto_get_id(dtbl_entry->initial->protocol)));
|
2009-10-05 18:52:46 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2003-09-06 23:37:02 +00:00
|
|
|
/* Add an entry to a uint dissector table. */
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
void
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_add_uint(const char *name, const guint32 pattern, dissector_handle_t handle)
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors;
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
2000-04-03 09:24:12 +00:00
|
|
|
|
2007-04-03 19:50:04 +00:00
|
|
|
sub_dissectors = find_dissector_table(name);
|
2011-06-01 18:02:16 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Make sure the dissector table exists.
|
|
|
|
*/
|
|
|
|
if (sub_dissectors == NULL) {
|
|
|
|
fprintf(stderr, "OOPS: dissector table \"%s\" doesn't exist\n",
|
|
|
|
name);
|
|
|
|
fprintf(stderr, "Protocol being registered is \"%s\"\n",
|
|
|
|
proto_get_protocol_long_name(handle->protocol));
|
|
|
|
if (getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL)
|
|
|
|
abort();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-11-04 17:13:01 +00:00
|
|
|
/* sanity checks */
|
|
|
|
g_assert(handle!=NULL);
|
2003-09-06 23:37:02 +00:00
|
|
|
switch (sub_dissectors->type) {
|
|
|
|
|
|
|
|
case FT_UINT8:
|
|
|
|
case FT_UINT16:
|
|
|
|
case FT_UINT24:
|
|
|
|
case FT_UINT32:
|
|
|
|
/*
|
2010-12-20 05:35:29 +00:00
|
|
|
* You can do a uint lookup in these tables.
|
2003-09-06 23:37:02 +00:00
|
|
|
*/
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
/*
|
2010-12-20 05:35:29 +00:00
|
|
|
* But you can't do a uint lookup in any other types
|
2003-09-06 23:37:02 +00:00
|
|
|
* of tables.
|
|
|
|
*/
|
|
|
|
g_assert_not_reached();
|
|
|
|
}
|
2000-04-03 09:24:12 +00:00
|
|
|
|
2009-08-03 17:25:17 +00:00
|
|
|
#if 0
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_add_uint_sanity_check(name, pattern, handle, sub_dissectors);
|
2009-08-03 17:25:17 +00:00
|
|
|
#endif
|
2009-10-05 18:52:46 +00:00
|
|
|
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
dtbl_entry = g_malloc(sizeof (dtbl_entry_t));
|
2001-12-03 04:00:26 +00:00
|
|
|
dtbl_entry->current = handle;
|
2001-02-01 07:34:33 +00:00
|
|
|
dtbl_entry->initial = dtbl_entry->current;
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* do the table insertion */
|
2009-10-05 18:52:46 +00:00
|
|
|
g_hash_table_insert( sub_dissectors->hash_table,
|
2009-10-12 01:31:01 +00:00
|
|
|
GUINT_TO_POINTER( pattern), (gpointer)dtbl_entry);
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Now add it to the list of handles that could be used with this
|
|
|
|
* table, because it *is* being used with this table.
|
|
|
|
*/
|
|
|
|
dissector_add_handle(name, handle);
|
2000-04-03 09:24:12 +00:00
|
|
|
}
|
|
|
|
|
2003-09-06 23:37:02 +00:00
|
|
|
/* Delete the entry for a dissector in a uint dissector table
|
|
|
|
with a particular pattern. */
|
2000-04-03 09:24:12 +00:00
|
|
|
|
|
|
|
/* NOTE: this doesn't use the dissector call variable. It is included to */
|
2010-12-20 05:35:29 +00:00
|
|
|
/* be consistant with the dissector_add_uint and more importantly to be used */
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
/* if the technique of adding a temporary dissector is implemented. */
|
|
|
|
/* If temporary dissectors are deleted, then the original dissector must */
|
2000-04-03 09:24:12 +00:00
|
|
|
/* be available. */
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
void
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_delete_uint(const char *name, const guint32 pattern,
|
2002-03-02 20:51:46 +00:00
|
|
|
dissector_handle_t handle _U_)
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
{
|
2000-04-03 09:24:12 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
dtbl_entry_t *dtbl_entry;
|
2000-04-03 09:24:12 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* sanity check */
|
2000-04-03 09:24:12 +00:00
|
|
|
g_assert( sub_dissectors);
|
|
|
|
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
/*
|
|
|
|
* Find the entry.
|
|
|
|
*/
|
2003-09-06 23:37:02 +00:00
|
|
|
dtbl_entry = find_uint_dtbl_entry(sub_dissectors, pattern);
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
|
|
|
|
if (dtbl_entry != NULL) {
|
|
|
|
/*
|
|
|
|
* Found - remove it.
|
|
|
|
*/
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
g_hash_table_remove(sub_dissectors->hash_table,
|
2009-10-12 01:31:01 +00:00
|
|
|
GUINT_TO_POINTER(pattern));
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Now free up the entry.
|
|
|
|
*/
|
|
|
|
g_free(dtbl_entry);
|
|
|
|
}
|
2000-04-03 09:24:12 +00:00
|
|
|
}
|
|
|
|
|
2003-09-06 23:37:02 +00:00
|
|
|
/* Change the entry for a dissector in a uint dissector table
|
|
|
|
with a particular pattern to use a new dissector handle. */
|
2001-02-01 07:34:33 +00:00
|
|
|
void
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_change_uint(const char *name, const guint32 pattern, dissector_handle_t handle)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* sanity check */
|
2001-02-01 07:34:33 +00:00
|
|
|
g_assert( sub_dissectors);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* See if the entry already exists. If so, reuse it.
|
|
|
|
*/
|
2003-09-06 23:37:02 +00:00
|
|
|
dtbl_entry = find_uint_dtbl_entry(sub_dissectors, pattern);
|
2001-02-01 07:34:33 +00:00
|
|
|
if (dtbl_entry != NULL) {
|
2012-01-20 02:43:37 +00:00
|
|
|
dtbl_entry->current = handle;
|
|
|
|
return;
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2001-12-03 04:00:26 +00:00
|
|
|
* Don't create an entry if there is no dissector handle - I.E. the
|
2001-02-01 07:34:33 +00:00
|
|
|
* user said not to decode something that wasn't being decoded
|
|
|
|
* in the first place.
|
|
|
|
*/
|
2001-12-03 04:00:26 +00:00
|
|
|
if (handle == NULL)
|
2012-01-20 02:43:37 +00:00
|
|
|
return;
|
2001-02-01 07:34:33 +00:00
|
|
|
|
|
|
|
dtbl_entry = g_malloc(sizeof (dtbl_entry_t));
|
2001-12-03 04:00:26 +00:00
|
|
|
dtbl_entry->initial = NULL;
|
|
|
|
dtbl_entry->current = handle;
|
2001-02-01 07:34:33 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* do the table insertion */
|
2009-10-12 01:31:01 +00:00
|
|
|
g_hash_table_insert( sub_dissectors->hash_table,
|
|
|
|
GUINT_TO_POINTER( pattern), (gpointer)dtbl_entry);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
2003-09-06 23:37:02 +00:00
|
|
|
/* Reset an entry in a uint dissector table to its initial value. */
|
2001-02-01 07:34:33 +00:00
|
|
|
void
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_reset_uint(const char *name, const guint32 pattern)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
2001-02-01 07:34:33 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* sanity check */
|
2001-02-01 07:34:33 +00:00
|
|
|
g_assert( sub_dissectors);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the entry.
|
|
|
|
*/
|
2003-09-06 23:37:02 +00:00
|
|
|
dtbl_entry = find_uint_dtbl_entry(sub_dissectors, pattern);
|
2001-02-01 07:34:33 +00:00
|
|
|
|
|
|
|
if (dtbl_entry == NULL)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Found - is there an initial value?
|
|
|
|
*/
|
2001-12-03 04:00:26 +00:00
|
|
|
if (dtbl_entry->initial != NULL) {
|
2001-02-01 07:34:33 +00:00
|
|
|
dtbl_entry->current = dtbl_entry->initial;
|
|
|
|
} else {
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
g_hash_table_remove(sub_dissectors->hash_table,
|
2009-10-12 01:31:01 +00:00
|
|
|
GUINT_TO_POINTER(pattern));
|
2001-02-01 07:34:33 +00:00
|
|
|
g_free(dtbl_entry);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-09-06 23:37:02 +00:00
|
|
|
/* Look for a given value in a given uint dissector table and, if found,
|
|
|
|
call the dissector with the arguments supplied, and return TRUE,
|
|
|
|
otherwise return FALSE. */
|
2009-04-21 16:53:00 +00:00
|
|
|
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
gboolean
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_try_uint_new(dissector_table_t sub_dissectors, const guint32 uint_val,
|
2010-04-03 18:18:50 +00:00
|
|
|
tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, const gboolean add_proto_name)
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dtbl_entry_t *dtbl_entry;
|
2002-02-26 11:55:39 +00:00
|
|
|
struct dissector_handle *handle;
|
2012-01-20 02:43:37 +00:00
|
|
|
guint32 saved_match_uint;
|
2002-02-26 11:55:39 +00:00
|
|
|
int ret;
|
2001-11-29 09:05:25 +00:00
|
|
|
|
2010-12-20 05:35:29 +00:00
|
|
|
dtbl_entry = find_uint_dtbl_entry(sub_dissectors, uint_val);
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
if (dtbl_entry != NULL) {
|
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table. If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.
In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table. (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet. Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)
In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()". if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.
svn path=/trunk/; revision=2861
2001-01-10 10:44:48 +00:00
|
|
|
/*
|
2001-12-03 04:00:26 +00:00
|
|
|
* Is there currently a dissector handle for this entry?
|
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table. If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.
In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table. (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet. Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)
In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()". if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.
svn path=/trunk/; revision=2861
2001-01-10 10:44:48 +00:00
|
|
|
*/
|
2002-02-26 11:55:39 +00:00
|
|
|
handle = dtbl_entry->current;
|
|
|
|
if (handle == NULL) {
|
2001-12-03 04:00:26 +00:00
|
|
|
/*
|
|
|
|
* No - pretend this dissector didn't exist,
|
|
|
|
* so that other dissectors might have a chance
|
|
|
|
* to dissect this packet.
|
|
|
|
*/
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2010-12-20 05:35:29 +00:00
|
|
|
* Save the current value of "pinfo->match_uint",
|
|
|
|
* set it to the uint_val that matched, call the
|
|
|
|
* dissector, and restore "pinfo->match_uint".
|
2001-12-03 04:00:26 +00:00
|
|
|
*/
|
2012-01-20 02:43:37 +00:00
|
|
|
saved_match_uint = pinfo->match_uint;
|
2010-12-20 05:35:29 +00:00
|
|
|
pinfo->match_uint = uint_val;
|
2009-04-21 16:53:00 +00:00
|
|
|
ret = call_dissector_work(handle, tvb, pinfo, tree, add_proto_name);
|
2010-12-20 05:35:29 +00:00
|
|
|
pinfo->match_uint = saved_match_uint;
|
2002-02-26 11:55:39 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If a new-style dissector returned 0, it means that
|
|
|
|
* it didn't think this tvbuff represented a packet for
|
|
|
|
* its protocol, and didn't dissect anything.
|
|
|
|
*
|
|
|
|
* Old-style dissectors can't reject the packet.
|
|
|
|
*
|
2002-10-28 23:04:15 +00:00
|
|
|
* 0 is also returned if the protocol wasn't enabled.
|
|
|
|
*
|
|
|
|
* If the packet was rejected, we return FALSE, so that
|
|
|
|
* other dissectors might have a chance to dissect this
|
|
|
|
* packet, otherwise we return TRUE.
|
2002-02-26 11:55:39 +00:00
|
|
|
*/
|
|
|
|
return ret != 0;
|
2002-08-28 20:41:00 +00:00
|
|
|
}
|
2001-11-29 09:05:25 +00:00
|
|
|
return FALSE;
|
Make a routine that takes a dissector table, a port number, and
pd/offset/fd/tree arguments, looks up the port number in the dissector
table, and:
if it finds it, call the corresponding dissector routine with
the pd/offset/fd/tree arguments, and return TRUE;
if it doesn't find it, return FALSE.
Use that in the TCP and UDP dissectors.
Don't add arbitrary UDP ports for which a dissector is found in the
table as ports that should be dissected as TFTP; this should only be
done if we find a packet going from port XXX to the official TFTP port.
Don't register TFTP in UDP's dissector table, as it has to be handled
specially (i.e., we have to add the source port as a TFTP port, although
we really should register the source port *and* IP address); eventually,
we should move that registration to the TFTP dissector itself, at which
point we can register TFTP normally.
svn path=/trunk/; revision=1785
2000-04-04 05:37:36 +00:00
|
|
|
}
|
2000-04-03 09:24:12 +00:00
|
|
|
|
2009-04-21 16:53:00 +00:00
|
|
|
gboolean
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_try_uint(dissector_table_t sub_dissectors, const guint32 uint_val,
|
2009-10-12 01:31:01 +00:00
|
|
|
tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
2009-04-21 16:53:00 +00:00
|
|
|
{
|
|
|
|
|
2010-12-20 05:35:29 +00:00
|
|
|
return dissector_try_uint_new(sub_dissectors, uint_val, tvb, pinfo, tree, TRUE);
|
2009-04-21 16:53:00 +00:00
|
|
|
}
|
2010-12-20 05:35:29 +00:00
|
|
|
|
2003-09-06 23:37:02 +00:00
|
|
|
/* Look for a given value in a given uint dissector table and, if found,
|
|
|
|
return the dissector handle for that value. */
|
2001-12-03 05:07:18 +00:00
|
|
|
dissector_handle_t
|
2010-12-20 05:35:29 +00:00
|
|
|
dissector_get_uint_handle(dissector_table_t const sub_dissectors, const guint32 uint_val)
|
2001-12-03 05:07:18 +00:00
|
|
|
{
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
|
|
|
|
2010-12-20 05:35:29 +00:00
|
|
|
dtbl_entry = find_uint_dtbl_entry(sub_dissectors, uint_val);
|
2001-12-03 05:07:18 +00:00
|
|
|
if (dtbl_entry != NULL)
|
|
|
|
return dtbl_entry->current;
|
|
|
|
else
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2005-01-19 04:49:29 +00:00
|
|
|
/* Find an entry in a string dissector table. */
|
2003-09-06 23:37:02 +00:00
|
|
|
static dtbl_entry_t *
|
2010-04-03 18:18:50 +00:00
|
|
|
find_string_dtbl_entry(dissector_table_t const sub_dissectors, const gchar *pattern)
|
2003-09-06 23:37:02 +00:00
|
|
|
{
|
|
|
|
switch (sub_dissectors->type) {
|
|
|
|
|
|
|
|
case FT_STRING:
|
|
|
|
case FT_STRINGZ:
|
|
|
|
/*
|
|
|
|
* You can do a string lookup in these tables.
|
|
|
|
*/
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* But you can't do a string lookup in any other types
|
|
|
|
* of tables.
|
|
|
|
*/
|
|
|
|
g_assert_not_reached();
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the entry.
|
|
|
|
*/
|
|
|
|
return g_hash_table_lookup(sub_dissectors->hash_table, pattern);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add an entry to a string dissector table. */
|
|
|
|
void
|
2005-07-23 11:41:25 +00:00
|
|
|
dissector_add_string(const char *name, const gchar *pattern,
|
2009-10-12 01:31:01 +00:00
|
|
|
dissector_handle_t handle)
|
2003-09-06 23:37:02 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
2011-06-01 18:02:16 +00:00
|
|
|
/*
|
|
|
|
* Make sure the dissector table exists.
|
|
|
|
*/
|
|
|
|
if (sub_dissectors == NULL) {
|
|
|
|
fprintf(stderr, "OOPS: dissector table \"%s\" doesn't exist\n",
|
|
|
|
name);
|
|
|
|
fprintf(stderr, "Protocol being registered is \"%s\"\n",
|
|
|
|
proto_get_protocol_long_name(handle->protocol));
|
|
|
|
if (getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL)
|
|
|
|
abort();
|
|
|
|
return;
|
|
|
|
}
|
2003-09-06 23:37:02 +00:00
|
|
|
|
2011-06-01 18:02:16 +00:00
|
|
|
/* sanity checks */
|
|
|
|
g_assert(handle!=NULL);
|
2003-09-06 23:37:02 +00:00
|
|
|
switch (sub_dissectors->type) {
|
|
|
|
|
|
|
|
case FT_STRING:
|
|
|
|
case FT_STRINGZ:
|
|
|
|
/*
|
|
|
|
* You can do a string lookup in these tables.
|
|
|
|
*/
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* But you can't do a string lookup in any other types
|
|
|
|
* of tables.
|
|
|
|
*/
|
|
|
|
g_assert_not_reached();
|
|
|
|
}
|
|
|
|
|
|
|
|
dtbl_entry = g_malloc(sizeof (dtbl_entry_t));
|
|
|
|
dtbl_entry->current = handle;
|
|
|
|
dtbl_entry->initial = dtbl_entry->current;
|
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* do the table insertion */
|
2009-10-12 01:31:01 +00:00
|
|
|
g_hash_table_insert( sub_dissectors->hash_table, (gpointer)pattern,
|
|
|
|
(gpointer)dtbl_entry);
|
2003-09-06 23:37:02 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Now add it to the list of handles that could be used with this
|
|
|
|
* table, because it *is* being used with this table.
|
|
|
|
*/
|
|
|
|
dissector_add_handle(name, handle);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Delete the entry for a dissector in a string dissector table
|
|
|
|
with a particular pattern. */
|
|
|
|
|
|
|
|
/* NOTE: this doesn't use the dissector call variable. It is included to */
|
|
|
|
/* be consistant with the dissector_add_string and more importantly to */
|
|
|
|
/* be used if the technique of adding a temporary dissector is */
|
|
|
|
/* implemented. */
|
|
|
|
/* If temporary dissectors are deleted, then the original dissector must */
|
|
|
|
/* be available. */
|
|
|
|
void
|
|
|
|
dissector_delete_string(const char *name, const gchar *pattern,
|
|
|
|
dissector_handle_t handle _U_)
|
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* sanity check */
|
2003-09-06 23:37:02 +00:00
|
|
|
g_assert( sub_dissectors);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the entry.
|
|
|
|
*/
|
|
|
|
dtbl_entry = find_string_dtbl_entry(sub_dissectors, pattern);
|
|
|
|
|
|
|
|
if (dtbl_entry != NULL) {
|
|
|
|
/*
|
|
|
|
* Found - remove it.
|
|
|
|
*/
|
|
|
|
g_hash_table_remove(sub_dissectors->hash_table, pattern);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now free up the entry.
|
|
|
|
*/
|
|
|
|
g_free(dtbl_entry);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Change the entry for a dissector in a string dissector table
|
|
|
|
with a particular pattern to use a new dissector handle. */
|
|
|
|
void
|
2010-02-23 04:35:23 +00:00
|
|
|
dissector_change_string(const char *name, const gchar *pattern,
|
2009-10-12 01:31:01 +00:00
|
|
|
dissector_handle_t handle)
|
2003-09-06 23:37:02 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* sanity check */
|
2003-09-06 23:37:02 +00:00
|
|
|
g_assert( sub_dissectors);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* See if the entry already exists. If so, reuse it.
|
|
|
|
*/
|
|
|
|
dtbl_entry = find_string_dtbl_entry(sub_dissectors, pattern);
|
|
|
|
if (dtbl_entry != NULL) {
|
2012-01-20 02:43:37 +00:00
|
|
|
dtbl_entry->current = handle;
|
|
|
|
return;
|
2003-09-06 23:37:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Don't create an entry if there is no dissector handle - I.E. the
|
|
|
|
* user said not to decode something that wasn't being decoded
|
|
|
|
* in the first place.
|
|
|
|
*/
|
|
|
|
if (handle == NULL)
|
2012-01-20 02:43:37 +00:00
|
|
|
return;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
|
|
|
dtbl_entry = g_malloc(sizeof (dtbl_entry_t));
|
|
|
|
dtbl_entry->initial = NULL;
|
|
|
|
dtbl_entry->current = handle;
|
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* do the table insertion */
|
2010-02-23 04:35:23 +00:00
|
|
|
g_hash_table_insert( sub_dissectors->hash_table, (gpointer)pattern,
|
2009-10-12 01:31:01 +00:00
|
|
|
(gpointer)dtbl_entry);
|
2003-09-06 23:37:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Reset an entry in a string sub-dissector table to its initial value. */
|
|
|
|
void
|
|
|
|
dissector_reset_string(const char *name, const gchar *pattern)
|
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
2011-09-06 09:09:36 +00:00
|
|
|
/* sanity check */
|
2003-09-06 23:37:02 +00:00
|
|
|
g_assert( sub_dissectors);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the entry.
|
|
|
|
*/
|
|
|
|
dtbl_entry = find_string_dtbl_entry(sub_dissectors, pattern);
|
|
|
|
|
|
|
|
if (dtbl_entry == NULL)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Found - is there an initial value?
|
|
|
|
*/
|
|
|
|
if (dtbl_entry->initial != NULL) {
|
|
|
|
dtbl_entry->current = dtbl_entry->initial;
|
|
|
|
} else {
|
|
|
|
g_hash_table_remove(sub_dissectors->hash_table, pattern);
|
|
|
|
g_free(dtbl_entry);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Look for a given string in a given dissector table and, if found, call
|
|
|
|
the dissector with the arguments supplied, and return TRUE, otherwise
|
|
|
|
return FALSE. */
|
|
|
|
gboolean
|
|
|
|
dissector_try_string(dissector_table_t sub_dissectors, const gchar *string,
|
2009-10-12 01:31:01 +00:00
|
|
|
tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
2003-09-06 23:37:02 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dtbl_entry_t *dtbl_entry;
|
2003-09-06 23:37:02 +00:00
|
|
|
struct dissector_handle *handle;
|
2012-01-20 02:43:37 +00:00
|
|
|
int ret;
|
|
|
|
const gchar *saved_match_string;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
2007-10-27 15:02:07 +00:00
|
|
|
/* XXX ASSERT instead ? */
|
|
|
|
if (!string) return FALSE;
|
2003-09-06 23:37:02 +00:00
|
|
|
dtbl_entry = find_string_dtbl_entry(sub_dissectors, string);
|
|
|
|
if (dtbl_entry != NULL) {
|
|
|
|
/*
|
|
|
|
* Is there currently a dissector handle for this entry?
|
|
|
|
*/
|
|
|
|
handle = dtbl_entry->current;
|
|
|
|
if (handle == NULL) {
|
|
|
|
/*
|
|
|
|
* No - pretend this dissector didn't exist,
|
|
|
|
* so that other dissectors might have a chance
|
|
|
|
* to dissect this packet.
|
|
|
|
*/
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2003-11-21 21:58:55 +00:00
|
|
|
/*
|
|
|
|
* Save the current value of "pinfo->match_string",
|
|
|
|
* set it to the string that matched, call the
|
|
|
|
* dissector, and restore "pinfo->match_string".
|
|
|
|
*/
|
|
|
|
saved_match_string = pinfo->match_string;
|
|
|
|
pinfo->match_string = string;
|
2009-04-21 16:53:00 +00:00
|
|
|
ret = call_dissector_work(handle, tvb, pinfo, tree, TRUE);
|
2003-11-21 21:58:55 +00:00
|
|
|
pinfo->match_string = saved_match_string;
|
2003-09-06 23:37:02 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If a new-style dissector returned 0, it means that
|
|
|
|
* it didn't think this tvbuff represented a packet for
|
|
|
|
* its protocol, and didn't dissect anything.
|
|
|
|
*
|
|
|
|
* Old-style dissectors can't reject the packet.
|
|
|
|
*
|
|
|
|
* 0 is also returned if the protocol wasn't enabled.
|
|
|
|
*
|
|
|
|
* If the packet was rejected, we return FALSE, so that
|
|
|
|
* other dissectors might have a chance to dissect this
|
|
|
|
* packet, otherwise we return TRUE.
|
|
|
|
*/
|
|
|
|
return ret != 0;
|
|
|
|
}
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2003-09-09 18:09:42 +00:00
|
|
|
/* Look for a given value in a given string dissector table and, if found,
|
|
|
|
return the dissector handle for that value. */
|
|
|
|
dissector_handle_t
|
|
|
|
dissector_get_string_handle(dissector_table_t sub_dissectors,
|
2009-10-12 01:31:01 +00:00
|
|
|
const gchar *string)
|
2003-09-09 18:09:42 +00:00
|
|
|
{
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
|
|
|
|
|
|
|
dtbl_entry = find_string_dtbl_entry(sub_dissectors, string);
|
|
|
|
if (dtbl_entry != NULL)
|
|
|
|
return dtbl_entry->current;
|
|
|
|
else
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2001-12-03 04:00:26 +00:00
|
|
|
dissector_handle_t
|
|
|
|
dtbl_entry_get_handle (dtbl_entry_t *dtbl_entry)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
2001-12-03 04:00:26 +00:00
|
|
|
return dtbl_entry->current;
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
/* Add a handle to the list of handles that *could* be used with this
|
|
|
|
table. That list is used by code in the UI. */
|
|
|
|
void
|
|
|
|
dissector_add_handle(const char *name, dissector_handle_t handle)
|
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
GSList *entry;
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
|
2011-06-01 18:02:16 +00:00
|
|
|
/*
|
|
|
|
* Make sure the dissector table exists.
|
|
|
|
*/
|
|
|
|
if (sub_dissectors == NULL) {
|
|
|
|
fprintf(stderr, "OOPS: dissector table \"%s\" doesn't exist\n",
|
|
|
|
name);
|
|
|
|
fprintf(stderr, "Protocol being registered is \"%s\"\n",
|
|
|
|
proto_get_protocol_long_name(handle->protocol));
|
|
|
|
if (getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL)
|
|
|
|
abort();
|
|
|
|
return;
|
|
|
|
}
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
|
|
|
|
/* Is it already in this list? */
|
|
|
|
entry = g_slist_find(sub_dissectors->dissector_handles, (gpointer)handle);
|
|
|
|
if (entry != NULL) {
|
|
|
|
/*
|
|
|
|
* Yes - don't insert it again.
|
|
|
|
*/
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Add it to the list. */
|
|
|
|
sub_dissectors->dissector_handles =
|
2009-10-12 01:31:01 +00:00
|
|
|
g_slist_append(sub_dissectors->dissector_handles, (gpointer)handle);
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
}
|
|
|
|
|
2001-12-03 04:00:26 +00:00
|
|
|
dissector_handle_t
|
|
|
|
dtbl_entry_get_initial_handle (dtbl_entry_t *dtbl_entry)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
2001-12-03 04:00:26 +00:00
|
|
|
return dtbl_entry->initial;
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**************************************************/
|
|
|
|
/* */
|
|
|
|
/* Routines to walk dissector tables */
|
|
|
|
/* */
|
|
|
|
/**************************************************/
|
|
|
|
|
|
|
|
typedef struct dissector_foreach_info {
|
2012-01-20 02:43:37 +00:00
|
|
|
gpointer caller_data;
|
|
|
|
DATFunc caller_func;
|
|
|
|
GHFunc next_func;
|
2011-04-20 16:35:42 +00:00
|
|
|
const gchar *table_name;
|
2012-01-20 02:43:37 +00:00
|
|
|
ftenum_t selector_type;
|
2001-02-01 07:34:33 +00:00
|
|
|
} dissector_foreach_info_t;
|
|
|
|
|
|
|
|
/*
|
2001-12-03 01:20:51 +00:00
|
|
|
* Called for each entry in a dissector table.
|
2001-02-01 07:34:33 +00:00
|
|
|
*/
|
|
|
|
static void
|
2001-12-03 01:20:51 +00:00
|
|
|
dissector_table_foreach_func (gpointer key, gpointer value, gpointer user_data)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
|
|
|
dissector_foreach_info_t *info;
|
2012-01-20 02:43:37 +00:00
|
|
|
dtbl_entry_t *dtbl_entry;
|
2001-02-01 07:34:33 +00:00
|
|
|
|
|
|
|
g_assert(value);
|
|
|
|
g_assert(user_data);
|
|
|
|
|
|
|
|
dtbl_entry = value;
|
2001-12-03 04:00:26 +00:00
|
|
|
if (dtbl_entry->current == NULL ||
|
2003-11-16 23:17:27 +00:00
|
|
|
dtbl_entry->current->protocol == NULL) {
|
2001-12-03 04:00:26 +00:00
|
|
|
/*
|
|
|
|
* Either there is no dissector for this entry, or
|
|
|
|
* the dissector doesn't have a protocol associated
|
|
|
|
* with it.
|
|
|
|
*
|
|
|
|
* XXX - should the latter check be done?
|
|
|
|
*/
|
|
|
|
return;
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
info = user_data;
|
2003-09-07 00:47:57 +00:00
|
|
|
info->caller_func(info->table_name, info->selector_type, key, value,
|
2009-10-12 01:31:01 +00:00
|
|
|
info->caller_data);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
2001-12-03 01:20:51 +00:00
|
|
|
/*
|
|
|
|
* Called for each entry in the table of all dissector tables.
|
|
|
|
*/
|
2001-02-01 07:34:33 +00:00
|
|
|
static void
|
2001-12-03 01:20:51 +00:00
|
|
|
dissector_all_tables_foreach_func (gpointer key, gpointer value, gpointer user_data)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors;
|
2001-02-01 07:34:33 +00:00
|
|
|
dissector_foreach_info_t *info;
|
|
|
|
|
|
|
|
g_assert(value);
|
|
|
|
g_assert(user_data);
|
|
|
|
|
2001-12-03 09:00:25 +00:00
|
|
|
sub_dissectors = value;
|
2001-02-01 07:34:33 +00:00
|
|
|
info = user_data;
|
|
|
|
info->table_name = (gchar*) key;
|
2003-09-07 00:47:57 +00:00
|
|
|
info->selector_type = get_dissector_table_selector_type(info->table_name);
|
2001-12-03 09:00:25 +00:00
|
|
|
g_hash_table_foreach(sub_dissectors->hash_table, info->next_func, info);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
2001-12-03 01:20:51 +00:00
|
|
|
/*
|
|
|
|
* Walk all dissector tables calling a user supplied function on each
|
|
|
|
* entry.
|
|
|
|
*/
|
2005-08-02 04:34:35 +00:00
|
|
|
static void
|
2001-02-01 07:34:33 +00:00
|
|
|
dissector_all_tables_foreach (DATFunc func,
|
|
|
|
gpointer user_data)
|
|
|
|
{
|
|
|
|
dissector_foreach_info_t info;
|
|
|
|
|
|
|
|
info.caller_data = user_data;
|
|
|
|
info.caller_func = func;
|
2012-01-20 02:43:37 +00:00
|
|
|
info.next_func = dissector_table_foreach_func;
|
2001-12-03 01:20:51 +00:00
|
|
|
g_hash_table_foreach(dissector_tables, dissector_all_tables_foreach_func, &info);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
* Walk one dissector table's hash table calling a user supplied function
|
|
|
|
* on each entry.
|
2001-02-01 07:34:33 +00:00
|
|
|
*/
|
|
|
|
void
|
2007-04-23 10:59:26 +00:00
|
|
|
dissector_table_foreach (const char *name,
|
2012-01-20 02:43:37 +00:00
|
|
|
DATFunc func,
|
|
|
|
gpointer user_data)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
|
|
|
dissector_foreach_info_t info;
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
2001-02-01 07:34:33 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
info.table_name = name;
|
2003-09-07 00:47:57 +00:00
|
|
|
info.selector_type = sub_dissectors->type;
|
2012-01-20 02:43:37 +00:00
|
|
|
info.caller_func = func;
|
|
|
|
info.caller_data = user_data;
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
g_hash_table_foreach(sub_dissectors->hash_table, dissector_table_foreach_func, &info);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Walk one dissector table's list of handles calling a user supplied
|
|
|
|
* function on each entry.
|
|
|
|
*/
|
|
|
|
void
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_foreach_handle(const char *name,
|
|
|
|
DATFunc_handle func,
|
|
|
|
gpointer user_data)
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
{
|
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
GSList *tmp;
|
|
|
|
|
|
|
|
for (tmp = sub_dissectors->dissector_handles; tmp != NULL;
|
2009-10-12 01:31:01 +00:00
|
|
|
tmp = g_slist_next(tmp))
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
func(name, tmp->data, user_data);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2001-12-03 01:20:51 +00:00
|
|
|
* Called for each entry in a dissector table.
|
2001-02-01 07:34:33 +00:00
|
|
|
*/
|
|
|
|
static void
|
2001-12-03 01:20:51 +00:00
|
|
|
dissector_table_foreach_changed_func (gpointer key, gpointer value, gpointer user_data)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dtbl_entry_t *dtbl_entry;
|
2001-02-01 07:34:33 +00:00
|
|
|
dissector_foreach_info_t *info;
|
|
|
|
|
|
|
|
g_assert(value);
|
|
|
|
g_assert(user_data);
|
|
|
|
|
|
|
|
dtbl_entry = value;
|
2001-12-03 04:00:26 +00:00
|
|
|
if (dtbl_entry->initial == dtbl_entry->current) {
|
2001-12-03 01:20:51 +00:00
|
|
|
/*
|
|
|
|
* Entry hasn't changed - don't call the function.
|
|
|
|
*/
|
|
|
|
return;
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
info = user_data;
|
2003-09-07 00:47:57 +00:00
|
|
|
info->caller_func(info->table_name, info->selector_type, key, value,
|
2009-10-12 01:31:01 +00:00
|
|
|
info->caller_data);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
2001-12-03 01:20:51 +00:00
|
|
|
/*
|
|
|
|
* Walk all dissector tables calling a user supplied function only on
|
|
|
|
* any entry that has been changed from its original state.
|
|
|
|
*/
|
2001-02-01 07:34:33 +00:00
|
|
|
void
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_all_tables_foreach_changed (DATFunc func,
|
2001-02-01 07:34:33 +00:00
|
|
|
gpointer user_data)
|
|
|
|
{
|
|
|
|
dissector_foreach_info_t info;
|
|
|
|
|
|
|
|
info.caller_data = user_data;
|
|
|
|
info.caller_func = func;
|
2012-01-20 02:43:37 +00:00
|
|
|
info.next_func = dissector_table_foreach_changed_func;
|
2001-12-03 01:20:51 +00:00
|
|
|
g_hash_table_foreach(dissector_tables, dissector_all_tables_foreach_func, &info);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Walk one dissector table calling a user supplied function only on
|
|
|
|
* any entry that has been changed from its original state.
|
|
|
|
*/
|
|
|
|
void
|
2007-04-23 10:59:26 +00:00
|
|
|
dissector_table_foreach_changed (const char *name,
|
2012-01-20 02:43:37 +00:00
|
|
|
DATFunc func,
|
|
|
|
gpointer user_data)
|
2001-02-01 07:34:33 +00:00
|
|
|
{
|
|
|
|
dissector_foreach_info_t info;
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
2001-02-01 07:34:33 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
info.table_name = name;
|
2003-09-07 00:47:57 +00:00
|
|
|
info.selector_type = sub_dissectors->type;
|
2012-01-20 02:43:37 +00:00
|
|
|
info.caller_func = func;
|
|
|
|
info.caller_data = user_data;
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
g_hash_table_foreach(sub_dissectors->hash_table,
|
2009-10-12 01:31:01 +00:00
|
|
|
dissector_table_foreach_changed_func, &info);
|
2001-02-01 07:34:33 +00:00
|
|
|
}
|
|
|
|
|
2003-06-05 04:47:58 +00:00
|
|
|
typedef struct dissector_foreach_table_info {
|
2009-10-12 01:31:01 +00:00
|
|
|
gpointer caller_data;
|
|
|
|
DATFunc_table caller_func;
|
2003-06-05 04:47:58 +00:00
|
|
|
} dissector_foreach_table_info_t;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Called for each entry in the table of all dissector tables.
|
|
|
|
*/
|
|
|
|
static void
|
2010-04-03 18:18:50 +00:00
|
|
|
dissector_all_tables_foreach_table_func (gpointer key, const gpointer value, const gpointer user_data)
|
2003-06-05 04:47:58 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
dissector_table_t table;
|
2003-06-05 04:47:58 +00:00
|
|
|
dissector_foreach_table_info_t *info;
|
|
|
|
|
|
|
|
table = value;
|
|
|
|
info = user_data;
|
|
|
|
(*info->caller_func)((gchar*)key, table->ui_name, info->caller_data);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Walk all dissector tables calling a user supplied function on each
|
|
|
|
* table.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
dissector_all_tables_foreach_table (DATFunc_table func,
|
2012-01-20 02:43:37 +00:00
|
|
|
gpointer user_data)
|
2003-06-05 04:47:58 +00:00
|
|
|
{
|
|
|
|
dissector_foreach_table_info_t info;
|
|
|
|
|
|
|
|
info.caller_data = user_data;
|
|
|
|
info.caller_func = func;
|
|
|
|
g_hash_table_foreach(dissector_tables, dissector_all_tables_foreach_table_func, &info);
|
|
|
|
}
|
|
|
|
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
dissector_table_t
|
2010-04-03 18:18:50 +00:00
|
|
|
register_dissector_table(const char *name, const char *ui_name, const ftenum_t type,
|
|
|
|
const int base)
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
{
|
|
|
|
dissector_table_t sub_dissectors;
|
2000-04-03 09:24:12 +00:00
|
|
|
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
/* Create our hash-of-hashes if it doesn't already exist */
|
|
|
|
if (!dissector_tables) {
|
|
|
|
dissector_tables = g_hash_table_new( g_str_hash, g_str_equal );
|
|
|
|
g_assert(dissector_tables);
|
|
|
|
}
|
2000-04-03 09:24:12 +00:00
|
|
|
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
/* Make sure the registration is unique */
|
2007-10-02 05:07:13 +00:00
|
|
|
if(g_hash_table_lookup( dissector_tables, name )) {
|
|
|
|
g_error("The filter name %s (%s) is already registered - do you use a buggy plugin?", name, ui_name);
|
|
|
|
}
|
2000-04-03 09:24:12 +00:00
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
/* Create and register the dissector table for this name; returns */
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
/* a pointer to the dissector table. */
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
sub_dissectors = g_malloc(sizeof (struct dissector_table));
|
2003-09-06 23:37:02 +00:00
|
|
|
switch (type) {
|
|
|
|
|
|
|
|
case FT_UINT8:
|
|
|
|
case FT_UINT16:
|
|
|
|
case FT_UINT24:
|
|
|
|
case FT_UINT32:
|
|
|
|
/*
|
|
|
|
* XXX - there's no "g_uint_hash()" or "g_uint_equal()",
|
|
|
|
* so we use "g_direct_hash()" and "g_direct_equal()".
|
|
|
|
*/
|
|
|
|
sub_dissectors->hash_table = g_hash_table_new( g_direct_hash,
|
2009-10-12 01:31:01 +00:00
|
|
|
g_direct_equal );
|
2003-09-06 23:37:02 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case FT_STRING:
|
|
|
|
case FT_STRINGZ:
|
|
|
|
sub_dissectors->hash_table = g_hash_table_new( g_str_hash,
|
2009-10-12 01:31:01 +00:00
|
|
|
g_str_equal );
|
2003-09-06 23:37:02 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
g_assert_not_reached();
|
|
|
|
}
|
Get rid of the lists of conversation dissectors; instead, have a
dissector table contain both a hash table, to use to look up port
numbers to find a dissector, and a list of all dissectors that *could*
be assigned to ports in that hash table, to be used by user interface
code.
Make the "Decode As" dialog box code use that.
Also make it *not* let you choose whether to set the dissector for both
the UDP and TCP versions of a port; some protocols run only atop TCP,
some run only atop UDP, and even those that can run atop both may have
different dissector handles to use over TCP and UDP, so handling a
single merged list would be a mess. (If the user is setting the
dissector for a TCP port, only those protocols that Ethereal can handle
over TCP should be listed; if the user is setting the dissector for a
UDP port, only those protocols that Ethereal can handle over TCP should
be listed; if the user is setting a dissector for both, only those
protocols that Ethereal can handle over *both* TCP *and* UDP should be
listed, *and* there needs to be a way to let the "Decode As" code get
both the TCP handle *and* the UDP handle and use the right ones. If
somebody really wants that, they need to implement all of the above if
they want the code to be correct.)
Fix the code that handles setting the dissection for the IP protocol
number to correctly update the lists of protocols being dissected as TCP
and as UDP; the code before this change wasn't updating the single such
list to add new protocols.
svn path=/trunk/; revision=4311
2001-12-03 08:47:31 +00:00
|
|
|
sub_dissectors->dissector_handles = NULL;
|
2001-12-08 06:41:48 +00:00
|
|
|
sub_dissectors->ui_name = ui_name;
|
2012-01-20 02:43:37 +00:00
|
|
|
sub_dissectors->type = type;
|
|
|
|
sub_dissectors->base = base;
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
g_hash_table_insert( dissector_tables, (gpointer)name, (gpointer) sub_dissectors );
|
|
|
|
return sub_dissectors;
|
2000-04-03 09:24:12 +00:00
|
|
|
}
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
2005-07-24 19:01:28 +00:00
|
|
|
const char *
|
2001-12-08 06:41:48 +00:00
|
|
|
get_dissector_table_ui_name(const char *name)
|
|
|
|
{
|
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
|
|
|
|
return sub_dissectors->ui_name;
|
|
|
|
}
|
|
|
|
|
|
|
|
ftenum_t
|
2003-09-07 00:47:57 +00:00
|
|
|
get_dissector_table_selector_type(const char *name)
|
2001-12-08 06:41:48 +00:00
|
|
|
{
|
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
|
|
|
|
return sub_dissectors->type;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
get_dissector_table_base(const char *name)
|
|
|
|
{
|
|
|
|
dissector_table_t sub_dissectors = find_dissector_table( name);
|
|
|
|
|
|
|
|
return sub_dissectors->base;
|
|
|
|
}
|
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
static GHashTable *heur_dissector_lists = NULL;
|
|
|
|
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
|
2011-12-28 15:05:59 +00:00
|
|
|
/* Finds a heuristic dissector table by table name. */
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
static heur_dissector_list_t *
|
|
|
|
find_heur_dissector_list(const char *name)
|
|
|
|
{
|
|
|
|
g_assert(heur_dissector_lists != NULL);
|
|
|
|
return g_hash_table_lookup(heur_dissector_lists, name);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
heur_dissector_add(const char *name, heur_dissector_t dissector, const int proto)
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
{
|
|
|
|
heur_dissector_list_t *sub_dissectors = find_heur_dissector_list(name);
|
2012-01-20 02:43:37 +00:00
|
|
|
const char *proto_name;
|
|
|
|
heur_dtbl_entry_t *hdtbl_entry;
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
2011-06-01 18:02:16 +00:00
|
|
|
/*
|
|
|
|
* Make sure the dissector table exists.
|
|
|
|
*/
|
|
|
|
if (sub_dissectors == NULL) {
|
|
|
|
fprintf(stderr, "OOPS: dissector table \"%s\" doesn't exist\n",
|
|
|
|
name);
|
|
|
|
proto_name = proto_get_protocol_name(proto);
|
|
|
|
if (proto_name != NULL) {
|
|
|
|
fprintf(stderr, "Protocol being registered is \"%s\"\n",
|
|
|
|
proto_name);
|
|
|
|
}
|
|
|
|
if (getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL)
|
|
|
|
abort();
|
|
|
|
return;
|
|
|
|
}
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
/* XXX: Should verify that sub-dissector is not already in the list ? */
|
|
|
|
|
|
|
|
hdtbl_entry = g_malloc(sizeof (heur_dtbl_entry_t));
|
|
|
|
hdtbl_entry->dissector = dissector;
|
|
|
|
hdtbl_entry->protocol = find_protocol_by_id(proto);
|
|
|
|
hdtbl_entry->enabled = TRUE;
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
/* do the table insertion */
|
2012-01-20 02:43:37 +00:00
|
|
|
*sub_dissectors = g_slist_append(*sub_dissectors, (gpointer)hdtbl_entry);
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
}
|
|
|
|
|
2007-08-07 21:26:07 +00:00
|
|
|
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
static int
|
|
|
|
find_matching_heur_dissector( gconstpointer a, gconstpointer b) {
|
|
|
|
const heur_dtbl_entry_t *hdtbl_entry_a = (const heur_dtbl_entry_t *) a;
|
|
|
|
const heur_dtbl_entry_t *hdtbl_entry_b = (const heur_dtbl_entry_t *) b;
|
|
|
|
return (hdtbl_entry_a->dissector == hdtbl_entry_b->dissector) &&
|
|
|
|
(hdtbl_entry_a->protocol == hdtbl_entry_b->protocol) ? 0 : 1;
|
2007-08-07 21:26:07 +00:00
|
|
|
}
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
void
|
|
|
|
heur_dissector_delete(const char *name, heur_dissector_t dissector, const int proto) {
|
2007-08-07 21:26:07 +00:00
|
|
|
heur_dissector_list_t *sub_dissectors = find_heur_dissector_list(name);
|
2012-01-20 02:43:37 +00:00
|
|
|
heur_dtbl_entry_t hdtbl_entry;
|
|
|
|
GSList *found_entry;
|
2008-05-21 20:20:37 +00:00
|
|
|
|
2007-08-07 21:26:07 +00:00
|
|
|
/* sanity check */
|
|
|
|
g_assert(sub_dissectors != NULL);
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
hdtbl_entry.dissector = dissector;
|
2007-08-07 21:26:07 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
hdtbl_entry.protocol = find_protocol_by_id(proto);
|
2007-08-07 21:26:07 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
found_entry = g_slist_find_custom(*sub_dissectors, (gpointer) &hdtbl_entry, find_matching_heur_dissector);
|
2007-08-07 21:26:07 +00:00
|
|
|
|
|
|
|
if (found_entry) {
|
|
|
|
*sub_dissectors = g_slist_remove_link(*sub_dissectors, found_entry);
|
|
|
|
g_free(g_slist_nth_data(found_entry, 1));
|
|
|
|
g_slist_free_1(found_entry);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
void
|
|
|
|
heur_dissector_set_enabled(const char *name, heur_dissector_t dissector, const int proto, const gboolean enabled) {
|
|
|
|
heur_dissector_list_t *sub_dissectors = find_heur_dissector_list(name);
|
|
|
|
GSList *found_entry;
|
|
|
|
heur_dtbl_entry_t hdtbl_entry;
|
|
|
|
|
|
|
|
/* sanity check */
|
|
|
|
g_assert(sub_dissectors != NULL);
|
|
|
|
|
|
|
|
hdtbl_entry.dissector = dissector;
|
|
|
|
|
|
|
|
hdtbl_entry.protocol = find_protocol_by_id(proto);
|
|
|
|
|
|
|
|
found_entry = g_slist_find_custom(*sub_dissectors, (gpointer) &hdtbl_entry, find_matching_heur_dissector);
|
|
|
|
|
|
|
|
if (found_entry) {
|
|
|
|
heur_dtbl_entry_t *hdtbl_entry_p;
|
|
|
|
hdtbl_entry_p = (heur_dtbl_entry_t *)found_entry->data;
|
|
|
|
hdtbl_entry_p->enabled = enabled;
|
|
|
|
}
|
|
|
|
}
|
2007-08-07 21:26:07 +00:00
|
|
|
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
gboolean
|
|
|
|
dissector_try_heuristic(heur_dissector_list_t sub_dissectors,
|
2009-10-12 01:31:01 +00:00
|
|
|
tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
gboolean status;
|
|
|
|
const char *saved_proto;
|
|
|
|
GSList *entry;
|
|
|
|
heur_dtbl_entry_t *hdtbl_entry;
|
|
|
|
guint16 saved_can_desegment;
|
|
|
|
gint saved_layer_names_len = 0;
|
2001-11-29 09:05:25 +00:00
|
|
|
|
|
|
|
/* can_desegment is set to 2 by anyone which offers this api/service.
|
|
|
|
then everytime a subdissector is called it is decremented by one.
|
|
|
|
thus only the subdissector immediately ontop of whoever offers this
|
|
|
|
service can use it.
|
2003-12-29 22:44:50 +00:00
|
|
|
We save the current value of "can_desegment" for the
|
|
|
|
benefit of TCP proxying dissectors such as SOCKS, so they
|
|
|
|
can restore it and allow the dissectors they call to use
|
|
|
|
the desegmentation service.
|
2001-11-29 09:05:25 +00:00
|
|
|
*/
|
2012-01-20 02:43:37 +00:00
|
|
|
saved_can_desegment = pinfo->can_desegment;
|
2003-12-29 22:44:50 +00:00
|
|
|
pinfo->saved_can_desegment = saved_can_desegment;
|
2012-01-20 02:43:37 +00:00
|
|
|
pinfo->can_desegment = saved_can_desegment-(saved_can_desegment>0);
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
status = FALSE;
|
2001-01-12 09:25:29 +00:00
|
|
|
saved_proto = pinfo->current_proto;
|
2005-01-20 11:05:06 +00:00
|
|
|
|
|
|
|
if (pinfo->layer_names != NULL)
|
2009-04-08 05:25:14 +00:00
|
|
|
saved_layer_names_len = (gint) pinfo->layer_names->len;
|
2005-01-20 11:05:06 +00:00
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
for (entry = sub_dissectors; entry != NULL; entry = g_slist_next(entry)) {
|
2003-12-29 22:44:50 +00:00
|
|
|
/* XXX - why set this now and above? */
|
2001-11-29 09:05:25 +00:00
|
|
|
pinfo->can_desegment = saved_can_desegment-(saved_can_desegment>0);
|
2012-01-20 02:43:37 +00:00
|
|
|
hdtbl_entry = (heur_dtbl_entry_t *)entry->data;
|
2005-01-20 11:05:06 +00:00
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
if (hdtbl_entry->protocol != NULL &&
|
|
|
|
(!proto_is_protocol_enabled(hdtbl_entry->protocol)||(hdtbl_entry->enabled==FALSE))) {
|
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table. If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.
In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table. (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet. Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)
In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()". if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.
svn path=/trunk/; revision=2861
2001-01-10 10:44:48 +00:00
|
|
|
/*
|
|
|
|
* No - don't try this dissector.
|
|
|
|
*/
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
if (hdtbl_entry->protocol != NULL) {
|
2001-05-30 06:41:08 +00:00
|
|
|
pinfo->current_proto =
|
2012-01-20 02:43:37 +00:00
|
|
|
proto_get_protocol_short_name(hdtbl_entry->protocol);
|
2005-01-20 11:05:06 +00:00
|
|
|
|
2006-03-07 13:48:54 +00:00
|
|
|
/*
|
|
|
|
* Add the protocol name to the layers; we'll remove it
|
|
|
|
* if the dissector fails.
|
|
|
|
*/
|
|
|
|
if (pinfo->layer_names) {
|
|
|
|
if (pinfo->layer_names->len > 0)
|
|
|
|
g_string_append(pinfo->layer_names, ":");
|
2009-09-06 07:55:17 +00:00
|
|
|
g_string_append(pinfo->layer_names,
|
2012-01-20 02:43:37 +00:00
|
|
|
proto_get_protocol_filter_name(proto_get_id(hdtbl_entry->protocol)));
|
2006-03-07 13:48:54 +00:00
|
|
|
}
|
2005-01-20 11:05:06 +00:00
|
|
|
}
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("before calling heuristic dissector for protocol: %s",
|
2012-01-20 02:43:37 +00:00
|
|
|
proto_get_protocol_filter_name(proto_get_id(hdtbl_entry->protocol))));
|
|
|
|
if ((*hdtbl_entry->dissector)(tvb, pinfo, tree)) {
|
2009-10-12 01:31:01 +00:00
|
|
|
EP_CHECK_CANARY(("after heuristic dissector for protocol: %s has accepted and dissected packet",
|
2012-01-20 02:43:37 +00:00
|
|
|
proto_get_protocol_filter_name(proto_get_id(hdtbl_entry->protocol))));
|
2001-05-30 06:41:08 +00:00
|
|
|
status = TRUE;
|
|
|
|
break;
|
2005-01-20 11:05:06 +00:00
|
|
|
} else {
|
2011-04-20 16:35:42 +00:00
|
|
|
EP_CHECK_CANARY(("after heuristic dissector for protocol: %s has returned false",
|
2012-01-20 02:43:37 +00:00
|
|
|
proto_get_protocol_filter_name(proto_get_id(hdtbl_entry->protocol))));
|
2008-08-05 02:23:35 +00:00
|
|
|
|
2005-01-20 11:05:06 +00:00
|
|
|
/*
|
|
|
|
* That dissector didn't accept the packet, so
|
|
|
|
* remove its protocol's name from the list
|
|
|
|
* of protocols.
|
|
|
|
*/
|
|
|
|
if (pinfo->layer_names != NULL) {
|
2009-09-06 07:55:17 +00:00
|
|
|
g_string_truncate(pinfo->layer_names, saved_layer_names_len);
|
2009-10-12 01:31:01 +00:00
|
|
|
}
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
}
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
}
|
2001-01-12 09:25:29 +00:00
|
|
|
pinfo->current_proto = saved_proto;
|
2001-11-29 09:05:25 +00:00
|
|
|
pinfo->can_desegment=saved_can_desegment;
|
2001-01-12 09:25:29 +00:00
|
|
|
return status;
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
}
|
|
|
|
|
2011-09-05 13:04:23 +00:00
|
|
|
/*
|
|
|
|
* Called for each entry in the table of all heuristic dissector tables.
|
|
|
|
*/
|
|
|
|
typedef struct heur_dissector_foreach_table_info {
|
|
|
|
gpointer caller_data;
|
|
|
|
DATFunc_heur_table caller_func;
|
|
|
|
} heur_dissector_foreach_table_info_t;
|
|
|
|
|
2011-12-28 15:05:59 +00:00
|
|
|
|
|
|
|
static void
|
|
|
|
dissector_dump_heur_decodes_display(const gchar *table_name, const gpointer value, const gpointer user_data _U_)
|
|
|
|
{
|
|
|
|
heur_dissector_list_t sub_dissectors = *(heur_dissector_list_t *)value;
|
|
|
|
GSList *entry;
|
2012-01-20 02:43:37 +00:00
|
|
|
heur_dtbl_entry_t *hdtbl_entry;
|
2011-12-28 15:05:59 +00:00
|
|
|
|
|
|
|
for (entry = sub_dissectors; entry != NULL; entry = g_slist_next(entry)) {
|
2012-01-20 02:43:37 +00:00
|
|
|
hdtbl_entry = (heur_dtbl_entry_t *)entry->data;
|
|
|
|
if (hdtbl_entry->protocol != NULL) {
|
2011-12-28 15:05:59 +00:00
|
|
|
printf("%s\t%s\t%c\n",
|
|
|
|
table_name,
|
2012-01-20 02:43:37 +00:00
|
|
|
proto_get_protocol_filter_name(proto_get_id(hdtbl_entry->protocol)),
|
|
|
|
(proto_is_protocol_enabled(hdtbl_entry->protocol) && hdtbl_entry->enabled) ? 'T' : 'F');
|
2011-12-28 15:05:59 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-09-05 13:04:23 +00:00
|
|
|
static void
|
|
|
|
dissector_all_heur_tables_foreach_table_func (gpointer key, const gpointer value, const gpointer user_data)
|
|
|
|
{
|
|
|
|
heur_dissector_foreach_table_info_t *info;
|
|
|
|
|
|
|
|
info = user_data;
|
|
|
|
(*info->caller_func)((gchar*)key, value, info->caller_data);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Walk all heuristic dissector tables calling a user supplied function on each
|
|
|
|
* table.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
dissector_all_heur_tables_foreach_table (DATFunc_heur_table func,
|
2012-01-20 02:43:37 +00:00
|
|
|
gpointer user_data)
|
2011-09-05 13:04:23 +00:00
|
|
|
{
|
|
|
|
heur_dissector_foreach_table_info_t info;
|
|
|
|
|
|
|
|
info.caller_data = user_data;
|
|
|
|
info.caller_func = func;
|
|
|
|
g_hash_table_foreach(heur_dissector_lists, dissector_all_heur_tables_foreach_table_func, &info);
|
|
|
|
}
|
|
|
|
|
2011-12-28 15:05:59 +00:00
|
|
|
/*
|
|
|
|
* For each heuristic dissector table, dump list of dissectors (filter_names) for that table
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
dissector_dump_heur_decodes(void)
|
|
|
|
{
|
|
|
|
dissector_all_heur_tables_foreach_table(dissector_dump_heur_decodes_display, NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
void
|
|
|
|
register_heur_dissector_list(const char *name, heur_dissector_list_t *sub_dissectors)
|
|
|
|
{
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
/* Create our hash-of-lists if it doesn't already exist */
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
if (heur_dissector_lists == NULL) {
|
|
|
|
heur_dissector_lists = g_hash_table_new(g_str_hash, g_str_equal);
|
|
|
|
g_assert(heur_dissector_lists != NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Make sure the registration is unique */
|
|
|
|
g_assert(g_hash_table_lookup(heur_dissector_lists, name) == NULL);
|
|
|
|
|
|
|
|
*sub_dissectors = NULL; /* initially empty */
|
|
|
|
g_hash_table_insert(heur_dissector_lists, (gpointer)name,
|
2009-10-12 01:31:01 +00:00
|
|
|
(gpointer) sub_dissectors);
|
Add tables of "conversation" dissectors, which are associated with
particular protocols, and which keep track of all dissectors that could
be associated with conversations using those particular protocols - for
example, the RTP and RTCP dissectors could be assigned to UDP
conversations.
This is for future use with UI features allowing the dissector for a
given conversation to be set from the UI, to allow
1) conversations between two ports, both of which have
dissectors associated with them, that have been given to the
wrong dissector to be given to the right dissector;
2) conversations between two ports, neither of which have
dissectors associated with them, to be given to a dissector
(RTP and RTCP, for example, typically run on random ports,
and if you don't have, in a capture, traffic that would say
"OK, traffic between these two hosts and ports will be RTP
traffic", you may have to tell Ethereal explicitly what
protocol the conversation is).
svn path=/trunk/; revision=2848
2001-01-09 05:53:21 +00:00
|
|
|
}
|
|
|
|
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
/*
|
|
|
|
* Register dissectors by name; used if one dissector always calls a
|
|
|
|
* particular dissector, or if it bases the decision of which dissector
|
|
|
|
* to call on something other than a numerical value or on "try a bunch
|
|
|
|
* of dissectors until one likes the packet".
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* List of registered dissectors.
|
|
|
|
*/
|
|
|
|
static GHashTable *registered_dissectors = NULL;
|
|
|
|
|
2011-03-31 12:14:59 +00:00
|
|
|
/* Get the long name of the protocol for a dissector handle, if it has
|
|
|
|
a protocol. */
|
|
|
|
const char *
|
|
|
|
dissector_handle_get_long_name(const dissector_handle_t handle)
|
|
|
|
{
|
|
|
|
if (handle == NULL || handle->protocol == NULL) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
return proto_get_protocol_long_name(handle->protocol);
|
|
|
|
}
|
|
|
|
|
2004-02-28 20:59:23 +00:00
|
|
|
/* Get the short name of the protocol for a dissector handle, if it has
|
|
|
|
a protocol. */
|
2005-07-24 19:01:28 +00:00
|
|
|
const char *
|
2010-04-03 18:18:50 +00:00
|
|
|
dissector_handle_get_short_name(const dissector_handle_t handle)
|
2001-12-03 04:00:26 +00:00
|
|
|
{
|
2004-02-28 20:59:23 +00:00
|
|
|
if (handle->protocol == NULL) {
|
|
|
|
/*
|
|
|
|
* No protocol (see, for example, the handle for
|
|
|
|
* dissecting the set of protocols where the first
|
|
|
|
* octet of the payload is an OSI network layer protocol
|
|
|
|
* ID).
|
|
|
|
*/
|
|
|
|
return NULL;
|
|
|
|
}
|
2003-11-16 23:17:27 +00:00
|
|
|
return proto_get_protocol_short_name(handle->protocol);
|
2001-12-03 04:00:26 +00:00
|
|
|
}
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
|
2004-02-28 20:59:23 +00:00
|
|
|
/* Get the index of the protocol for a dissector handle, if it has
|
|
|
|
a protocol. */
|
2002-11-15 03:10:36 +00:00
|
|
|
int
|
2010-04-03 18:18:50 +00:00
|
|
|
dissector_handle_get_protocol_index(const dissector_handle_t handle)
|
2002-11-15 03:10:36 +00:00
|
|
|
{
|
2004-02-28 20:59:23 +00:00
|
|
|
if (handle->protocol == NULL) {
|
|
|
|
/*
|
|
|
|
* No protocol (see, for example, the handle for
|
|
|
|
* dissecting the set of protocols where the first
|
|
|
|
* octet of the payload is an OSI network layer protocol
|
|
|
|
* ID).
|
|
|
|
*/
|
|
|
|
return -1;
|
|
|
|
}
|
2003-11-16 23:17:27 +00:00
|
|
|
return proto_get_id(handle->protocol);
|
2002-11-15 03:10:36 +00:00
|
|
|
}
|
|
|
|
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
/* Find a registered dissector by name. */
|
|
|
|
dissector_handle_t
|
|
|
|
find_dissector(const char *name)
|
|
|
|
{
|
|
|
|
g_assert(registered_dissectors != NULL);
|
|
|
|
return g_hash_table_lookup(registered_dissectors, name);
|
|
|
|
}
|
|
|
|
|
2001-11-27 07:13:32 +00:00
|
|
|
/* Create an anonymous handle for a dissector. */
|
|
|
|
dissector_handle_t
|
2010-04-03 18:18:50 +00:00
|
|
|
create_dissector_handle(dissector_t dissector, const int proto)
|
2001-11-27 07:13:32 +00:00
|
|
|
{
|
|
|
|
struct dissector_handle *handle;
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
handle = g_malloc(sizeof (struct dissector_handle));
|
|
|
|
handle->name = NULL;
|
|
|
|
handle->is_new = FALSE;
|
2002-02-27 00:26:29 +00:00
|
|
|
handle->dissector.old = dissector;
|
2012-01-20 02:43:37 +00:00
|
|
|
handle->protocol = find_protocol_by_id(proto);
|
2001-11-27 07:13:32 +00:00
|
|
|
|
|
|
|
return handle;
|
|
|
|
}
|
|
|
|
|
2002-04-28 00:13:05 +00:00
|
|
|
dissector_handle_t
|
2010-04-03 18:18:50 +00:00
|
|
|
new_create_dissector_handle(new_dissector_t dissector, const int proto)
|
2002-04-28 00:13:05 +00:00
|
|
|
{
|
|
|
|
struct dissector_handle *handle;
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
handle = g_malloc(sizeof (struct dissector_handle));
|
|
|
|
handle->name = NULL;
|
|
|
|
handle->is_new = TRUE;
|
2002-04-28 00:13:05 +00:00
|
|
|
handle->dissector.new = dissector;
|
2012-01-20 02:43:37 +00:00
|
|
|
handle->protocol = find_protocol_by_id(proto);
|
2002-04-28 00:13:05 +00:00
|
|
|
|
|
|
|
return handle;
|
|
|
|
}
|
|
|
|
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
/* Register a dissector by name. */
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
register_dissector(const char *name, dissector_t dissector, const int proto)
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
{
|
|
|
|
struct dissector_handle *handle;
|
|
|
|
|
|
|
|
/* Create our hash table if it doesn't already exist */
|
|
|
|
if (registered_dissectors == NULL) {
|
|
|
|
registered_dissectors = g_hash_table_new(g_str_hash, g_str_equal);
|
|
|
|
g_assert(registered_dissectors != NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Make sure the registration is unique */
|
|
|
|
g_assert(g_hash_table_lookup(registered_dissectors, name) == NULL);
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
handle = g_malloc(sizeof (struct dissector_handle));
|
|
|
|
handle->name = name;
|
|
|
|
handle->is_new = FALSE;
|
2002-02-26 11:55:39 +00:00
|
|
|
handle->dissector.old = dissector;
|
2012-01-20 02:43:37 +00:00
|
|
|
handle->protocol = find_protocol_by_id(proto);
|
2002-08-28 20:41:00 +00:00
|
|
|
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
g_hash_table_insert(registered_dissectors, (gpointer)name,
|
2009-10-12 01:31:01 +00:00
|
|
|
(gpointer) handle);
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
new_register_dissector(const char *name, new_dissector_t dissector, const int proto)
|
2002-02-26 11:55:39 +00:00
|
|
|
{
|
|
|
|
struct dissector_handle *handle;
|
|
|
|
|
|
|
|
/* Create our hash table if it doesn't already exist */
|
|
|
|
if (registered_dissectors == NULL) {
|
|
|
|
registered_dissectors = g_hash_table_new(g_str_hash, g_str_equal);
|
|
|
|
g_assert(registered_dissectors != NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Make sure the registration is unique */
|
|
|
|
g_assert(g_hash_table_lookup(registered_dissectors, name) == NULL);
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
handle = g_malloc(sizeof (struct dissector_handle));
|
|
|
|
handle->name = name;
|
|
|
|
handle->is_new = TRUE;
|
2002-02-26 11:55:39 +00:00
|
|
|
handle->dissector.new = dissector;
|
2012-01-20 02:43:37 +00:00
|
|
|
handle->protocol = find_protocol_by_id(proto);
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2002-02-26 11:55:39 +00:00
|
|
|
g_hash_table_insert(registered_dissectors, (gpointer)name,
|
2009-10-12 01:31:01 +00:00
|
|
|
(gpointer) handle);
|
2002-02-26 11:55:39 +00:00
|
|
|
}
|
|
|
|
|
2007-12-15 13:20:17 +00:00
|
|
|
/* Call a dissector through a handle but if the dissector rejected it
|
|
|
|
* return 0.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
call_dissector_only(dissector_handle_t handle, tvbuff_t *tvb,
|
2009-10-12 01:31:01 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree)
|
2007-12-15 13:20:17 +00:00
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
g_assert(handle != NULL);
|
2009-04-21 16:53:00 +00:00
|
|
|
ret = call_dissector_work(handle, tvb, pinfo, tree, TRUE);
|
2007-12-15 13:20:17 +00:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2005-05-11 10:40:53 +00:00
|
|
|
/* Call a dissector through a handle and if this fails call the "data"
|
|
|
|
* dissector.
|
|
|
|
*/
|
2002-02-26 11:55:39 +00:00
|
|
|
int
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
call_dissector(dissector_handle_t handle, tvbuff_t *tvb,
|
2009-10-12 01:31:01 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree)
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
{
|
2002-02-26 11:55:39 +00:00
|
|
|
int ret;
|
2001-01-12 09:25:29 +00:00
|
|
|
|
2007-12-15 13:20:17 +00:00
|
|
|
ret = call_dissector_only(handle, tvb, pinfo, tree);
|
2002-10-28 23:04:15 +00:00
|
|
|
if (ret == 0) {
|
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table. If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.
In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table. (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet. Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)
In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()". if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.
svn path=/trunk/; revision=2861
2001-01-10 10:44:48 +00:00
|
|
|
/*
|
2002-10-28 23:04:15 +00:00
|
|
|
* The protocol was disabled, or the dissector rejected
|
|
|
|
* it. Just dissect this packet as data.
|
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table. If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.
In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table. (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet. Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)
In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()". if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.
svn path=/trunk/; revision=2861
2001-01-10 10:44:48 +00:00
|
|
|
*/
|
2009-10-12 01:31:01 +00:00
|
|
|
g_assert(data_handle != NULL);
|
2003-11-16 23:17:27 +00:00
|
|
|
g_assert(data_handle->protocol != NULL);
|
2009-04-21 16:53:00 +00:00
|
|
|
call_dissector_work(data_handle, tvb, pinfo, tree, TRUE);
|
2002-02-26 11:55:39 +00:00
|
|
|
return tvb_length(tvb);
|
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table. If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.
In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table. (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet. Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)
In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()". if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.
svn path=/trunk/; revision=2861
2001-01-10 10:44:48 +00:00
|
|
|
}
|
2002-02-26 11:55:39 +00:00
|
|
|
return ret;
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
}
|
2005-03-11 16:17:41 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Dumps the "layer type"/"decode as" associations to stdout, similar
|
|
|
|
* to the proto_registrar_dump_*() routines.
|
|
|
|
*
|
|
|
|
* There is one record per line. The fields are tab-delimited.
|
|
|
|
*
|
|
|
|
* Field 1 = layer type, e.g. "tcp.port"
|
|
|
|
* Field 2 = selector in decimal
|
|
|
|
* Field 3 = "decode as" name, e.g. "http"
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
2007-04-23 17:40:33 +00:00
|
|
|
dissector_dump_decodes_display(const gchar *table_name,
|
2010-04-03 18:18:50 +00:00
|
|
|
ftenum_t selector_type _U_, const gpointer key, const gpointer value,
|
2009-10-12 01:31:01 +00:00
|
|
|
gpointer user_data _U_)
|
2005-03-11 16:17:41 +00:00
|
|
|
{
|
2012-01-20 02:43:37 +00:00
|
|
|
guint32 selector = (guint32)(unsigned long) key;
|
|
|
|
dissector_table_t sub_dissectors = find_dissector_table(table_name);
|
|
|
|
dtbl_entry_t *dtbl_entry;
|
|
|
|
dissector_handle_t handle;
|
|
|
|
gint proto_id;
|
|
|
|
const gchar *decode_as;
|
2005-03-11 16:17:41 +00:00
|
|
|
|
|
|
|
g_assert(sub_dissectors);
|
|
|
|
switch (sub_dissectors->type) {
|
|
|
|
|
|
|
|
case FT_UINT8:
|
|
|
|
case FT_UINT16:
|
|
|
|
case FT_UINT24:
|
|
|
|
case FT_UINT32:
|
|
|
|
dtbl_entry = value;
|
|
|
|
g_assert(dtbl_entry);
|
|
|
|
|
2012-01-20 02:43:37 +00:00
|
|
|
handle = dtbl_entry->current;
|
2005-03-11 16:17:41 +00:00
|
|
|
g_assert(handle);
|
|
|
|
|
|
|
|
proto_id = dissector_handle_get_protocol_index(handle);
|
|
|
|
|
|
|
|
if (proto_id != -1) {
|
|
|
|
decode_as = proto_get_protocol_filter_name(proto_id);
|
|
|
|
g_assert(decode_as != NULL);
|
2005-08-16 16:11:02 +00:00
|
|
|
printf("%s\t%u\t%s\n", table_name, selector, decode_as);
|
2005-03-11 16:17:41 +00:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2011-05-17 22:18:32 +00:00
|
|
|
dissector_dump_decodes(void)
|
2008-05-21 20:20:37 +00:00
|
|
|
{
|
2005-03-11 16:17:41 +00:00
|
|
|
dissector_all_tables_foreach(dissector_dump_decodes_display, NULL);
|
|
|
|
}
|
2006-01-24 00:26:57 +00:00
|
|
|
|
|
|
|
static GPtrArray* post_dissectors = NULL;
|
|
|
|
static guint num_of_postdissectors = 0;
|
|
|
|
|
2008-05-21 20:20:37 +00:00
|
|
|
void
|
|
|
|
register_postdissector(dissector_handle_t handle)
|
|
|
|
{
|
2009-10-12 01:31:01 +00:00
|
|
|
if (!post_dissectors)
|
|
|
|
post_dissectors = g_ptr_array_new();
|
2006-03-07 16:28:25 +00:00
|
|
|
|
2009-10-12 01:31:01 +00:00
|
|
|
g_ptr_array_add(post_dissectors, handle);
|
|
|
|
num_of_postdissectors++;
|
2006-01-24 00:26:57 +00:00
|
|
|
}
|
|
|
|
|
2008-05-21 16:56:50 +00:00
|
|
|
gboolean
|
2011-05-17 22:18:32 +00:00
|
|
|
have_postdissector(void)
|
2008-05-21 20:20:37 +00:00
|
|
|
{
|
2009-10-12 01:31:01 +00:00
|
|
|
guint i;
|
|
|
|
dissector_handle_t handle;
|
2008-05-21 20:20:37 +00:00
|
|
|
|
2009-10-12 01:31:01 +00:00
|
|
|
for(i = 0; i < num_of_postdissectors; i++) {
|
|
|
|
handle = (dissector_handle_t) g_ptr_array_index(post_dissectors,i);
|
2008-05-21 20:20:37 +00:00
|
|
|
|
2009-10-12 01:31:01 +00:00
|
|
|
if (handle->protocol != NULL
|
|
|
|
&& proto_is_protocol_enabled(handle->protocol)) {
|
|
|
|
/* We have at least one enabled postdissector */
|
|
|
|
return TRUE;
|
|
|
|
}
|
2008-05-21 20:20:37 +00:00
|
|
|
}
|
2009-10-12 01:31:01 +00:00
|
|
|
return FALSE;
|
2008-05-21 16:40:15 +00:00
|
|
|
}
|
|
|
|
|
2008-05-21 20:20:37 +00:00
|
|
|
void
|
|
|
|
call_all_postdissectors(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|
|
|
{
|
2009-10-12 01:31:01 +00:00
|
|
|
guint i;
|
2008-05-21 20:20:37 +00:00
|
|
|
|
2009-10-12 01:31:01 +00:00
|
|
|
for(i = 0; i < num_of_postdissectors; i++) {
|
|
|
|
call_dissector_only((dissector_handle_t) g_ptr_array_index(post_dissectors,i),
|
|
|
|
tvb,pinfo,tree);
|
|
|
|
}
|
2006-01-24 00:26:57 +00:00
|
|
|
}
|