raknet, mcpe: Improve dissectors
packet-raknet.c now correctly dissects the following offline messages:
* ID_UNCONNECTED_PING
* ID_UNCONNECTED_PING_OPEN_CONNECTIONS
* ID_OPEN_CONNECTION_REQUEST_1
* ID_OPEN_CONNECTION_REPLY_1
* ID_OPEN_CONNECTION_REQUEST_2
* ID_OPEN_CONNECTION_REPLY_2
* ID_OUT_OF_BAND_INTERNAL
* ID_CONNECTION_ATTEMPT_FAILED
* ID_ALREADY_CONNECTED
* ID_NO_FREE_INCOMING_CONNECTIONS
* ID_CONNECTION_BANNED
* ID_INCOMPATIBLE_PROTOCOL_VERSION
* ID_IP_RECENTLY_CONNECTED
* ID_UNCONNECTED_PONG
packet-raknet.c now correctly dissects the following system messages:
* ID_CONNECTED_PING
* ID_CONNECTED_PONG
* ID_CONNECTION_REQUEST
* ID_CONNECTION_REQUEST_ACCEPTED
* ID_NEW_INCOMING_CONNECTION
packet-raknet.h exports the following functions:
* raknet_add_udp_dissector()
* raknet_delete_udp_dissector()
* raknet_conversation_set_dissector()
packet-raknet.c now dissects message flags, reliability, reliable message number and so on. It now reassembles fragmented packets, supports heuristics, supports dissecting combined packets, and gives up dissecting messages when they are encrypted.
packet-raknet.c now calls subdissectors with a tvbuff buffer only having a message ID and payload. It first tries to locate a subdissector based on the port, and then tries heuristic dissectors if any.
packet-mcpe.c is updated so that it uses the new raknet interface, and it now correctly dissects the following game packets:
* 0x01 Login
* 0x03 Server to Client Handshake
* 0x06 Batch
packet-mcpe.c now supports heuristics, and gives up dissecting packets in a conversation once it sees a "Server to Client Handshake" packet because everything, including packet ID, are encrypted after that.
Change-Id: I92c0b3ff0f18d22d4513bb014aeb4ea6475fb06c
Reviewed-on: https://code.wireshark.org/review/18044
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-10-03 00:22:35 +00:00
|
|
|
/* packet-raknet.h
|
|
|
|
*
|
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
2018-02-12 11:23:27 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
raknet, mcpe: Improve dissectors
packet-raknet.c now correctly dissects the following offline messages:
* ID_UNCONNECTED_PING
* ID_UNCONNECTED_PING_OPEN_CONNECTIONS
* ID_OPEN_CONNECTION_REQUEST_1
* ID_OPEN_CONNECTION_REPLY_1
* ID_OPEN_CONNECTION_REQUEST_2
* ID_OPEN_CONNECTION_REPLY_2
* ID_OUT_OF_BAND_INTERNAL
* ID_CONNECTION_ATTEMPT_FAILED
* ID_ALREADY_CONNECTED
* ID_NO_FREE_INCOMING_CONNECTIONS
* ID_CONNECTION_BANNED
* ID_INCOMPATIBLE_PROTOCOL_VERSION
* ID_IP_RECENTLY_CONNECTED
* ID_UNCONNECTED_PONG
packet-raknet.c now correctly dissects the following system messages:
* ID_CONNECTED_PING
* ID_CONNECTED_PONG
* ID_CONNECTION_REQUEST
* ID_CONNECTION_REQUEST_ACCEPTED
* ID_NEW_INCOMING_CONNECTION
packet-raknet.h exports the following functions:
* raknet_add_udp_dissector()
* raknet_delete_udp_dissector()
* raknet_conversation_set_dissector()
packet-raknet.c now dissects message flags, reliability, reliable message number and so on. It now reassembles fragmented packets, supports heuristics, supports dissecting combined packets, and gives up dissecting messages when they are encrypted.
packet-raknet.c now calls subdissectors with a tvbuff buffer only having a message ID and payload. It first tries to locate a subdissector based on the port, and then tries heuristic dissectors if any.
packet-mcpe.c is updated so that it uses the new raknet interface, and it now correctly dissects the following game packets:
* 0x01 Login
* 0x03 Server to Client Handshake
* 0x06 Batch
packet-mcpe.c now supports heuristics, and gives up dissecting packets in a conversation once it sees a "Server to Client Handshake" packet because everything, including packet ID, are encrypted after that.
Change-Id: I92c0b3ff0f18d22d4513bb014aeb4ea6475fb06c
Reviewed-on: https://code.wireshark.org/review/18044
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-10-03 00:22:35 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __PACKET_RAKNET_H__
|
|
|
|
#define __PACKET_RAKNET_H__
|
|
|
|
|
|
|
|
#include <epan/packet.h>
|
|
|
|
#include "ws_symbol_export.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Different protocols (i.e. games) use different set of message IDs,
|
|
|
|
* and we can't infer protocols from message ID because there is no
|
|
|
|
* central registry. So the only thing we can do is to use port number
|
|
|
|
* or heuristics to determine the protocol.
|
|
|
|
*
|
|
|
|
* If your protocol has a fixed port number, you can register it with
|
|
|
|
* this function. The registered dissector will be called with a tvb
|
|
|
|
* buffer which contains a RakNet message including message ID at its
|
|
|
|
* first octet. Header analysis, packet reassembly, and RakNet system
|
|
|
|
* messages are all handled by the RakNet dissector so you don't need
|
|
|
|
* to worry about them.
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
|
|
|
raknet_add_udp_dissector(guint32 port, const dissector_handle_t handle);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Opposite of "raknet_add_udp_dissector()".
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
|
|
|
raknet_delete_udp_dissector(guint32 port, const dissector_handle_t handle);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* You can also register a heuristic dissector for your protocol with
|
|
|
|
* the standard "heur_dissector_add()" function with parent protocol
|
|
|
|
* "raknet". Protocols with no fixed port are especially encouraged to
|
|
|
|
* do so. Once your heuristic dissector finds that the protocol of the
|
|
|
|
* conversation is indeed yours, call this function to skip further
|
|
|
|
* heuristics. DO NOT USE the standard "conversation_set_dissector()".
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
|
|
|
raknet_conversation_set_dissector(packet_info *pinfo, const dissector_handle_t handle);
|
|
|
|
|
|
|
|
#endif /* __PACKET_RAKNET_H__ */
|