From 74ed47db1810b2e5fe3d1fe4aacc54a77e28548f Mon Sep 17 00:00:00 2001
From: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>
Date: Sat, 24 May 2003 12:22:52 +0000
Subject: [PATCH] From Brad Hards,   DISTCC protocol dissector. Added TCP
 desegmentation to the dissector.

svn path=/trunk/; revision=7729
---
 AUTHORS         |   2 +
 Makefile.am     |   3 +-
 Makefile.nmake  |   3 +-
 packet-distcc.c | 418 ++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 424 insertions(+), 2 deletions(-)
 create mode 100644 packet-distcc.c

diff --git a/AUTHORS b/AUTHORS
index ccb65bc96f..5588095324 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -632,6 +632,7 @@ Ronnie Sahlberg <ronnie_sahlberg[AT]ozemail.com.au> {
 	DCE/RPC fragment reassembly
 	TCP ACK/SEQ number analysis and relative sequence numbers
 	TAP system and ONC RPC and DCE RPC examples
+	DISTCC updates
 }
 
 Borosa Tomislav <tomislav.borosa[AT]SIEMENS.HR> {
@@ -1517,6 +1518,7 @@ Brad Hards <bhards[AT]bigpond.net.au> {
 	Clean up summary line for PTR records
 	Initial rsync support
 	ACAP support
+	DISTCC support
 }
 
 cjs 2895 <cjs2895[AT]hotmail.com> {
diff --git a/Makefile.am b/Makefile.am
index eb48ad8a0a..6c1ab5853d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,7 +1,7 @@
 # Makefile.am
 # Automake file for Ethereal
 #
-# $Id: Makefile.am,v 1.582 2003/05/08 00:18:47 guy Exp $
+# $Id: Makefile.am,v 1.583 2003/05/24 12:22:52 sahlberg Exp $
 #
 # Ethereal - Network traffic analyzer
 # By Gerald Combs <gerald@ethereal.com>
@@ -174,6 +174,7 @@ DISSECTOR_SRC = \
 	packet-dec-bpdu.c \
 	packet-dhcpv6.c \
 	packet-diameter.c \
+	packet-distcc.c \
 	packet-dlsw.c  \
 	packet-dns.c   \
 	packet-dsi.c   \
diff --git a/Makefile.nmake b/Makefile.nmake
index 0ab82a6eab..fe949d1184 100644
--- a/Makefile.nmake
+++ b/Makefile.nmake
@@ -1,7 +1,7 @@
 ## Makefile for building ethereal.exe with Microsoft C and nmake
 ## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
 #
-# $Id: Makefile.nmake,v 1.298 2003/04/30 23:21:19 guy Exp $
+# $Id: Makefile.nmake,v 1.299 2003/05/24 12:22:52 sahlberg Exp $
 
 include config.nmake
 include <win32.mak>
@@ -116,6 +116,7 @@ DISSECTOR_SRC = \
 	packet-dec-bpdu.c \
 	packet-dhcpv6.c \
 	packet-diameter.c \
+	packet-distcc.c \
 	packet-dlsw.c  \
 	packet-dns.c   \
 	packet-dsi.c   \
diff --git a/packet-distcc.c b/packet-distcc.c
new file mode 100644
index 0000000000..560baa302e
--- /dev/null
+++ b/packet-distcc.c
@@ -0,0 +1,418 @@
+/* packet-distcc.c
+ * Routines for distcc dissection
+ * Copyright 2003, Brad Hards <bradh@frogmouth.net>
+ * Copyright 2003, Ronnie Sahlberg, added TCP desegmentation.
+ *
+ * $Id: packet-distcc.c,v 1.1 2003/05/24 12:22:52 sahlberg Exp $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+/* This dissector supports version 1 of the DISTCC protocol */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <string.h>
+#include <time.h>
+#include <glib.h>
+
+#include <epan/packet.h>
+#include <epan/strutil.h>
+#include <epan/conversation.h>
+
+#include "prefs.h"
+
+
+static int proto_distcc = -1;
+static int hf_distcc_version = -1;
+static int hf_distcc_argc = -1;
+static int hf_distcc_argv = -1;
+static int hf_distcc_doti_source = -1;
+static int hf_distcc_stat = -1;
+static int hf_distcc_serr = -1;
+static int hf_distcc_sout = -1;
+static int hf_distcc_doto_object = -1;
+
+
+static gint ett_distcc = -1;
+
+static dissector_handle_t distcc_handle;
+static dissector_handle_t data_handle;
+
+
+static gboolean distcc_desegment = TRUE;
+
+
+#define TCP_PORT_DISTCC	3632
+
+static int glb_distcc_tcp_port = TCP_PORT_DISTCC;
+
+
+#define CHECK_PDU_LEN(x) \
+	if(parameter>tvb_length_remaining(tvb, offset)){\
+		len=tvb_length_remaining(tvb, offset);\
+		if (check_col(pinfo->cinfo, COL_INFO)) {\
+			col_append_fstr(pinfo->cinfo, COL_INFO, "[Short" x " PDU]");\
+		}\
+	}
+
+
+#define DESEGMENT_TCP(x) \
+	if(distcc_desegment && pinfo->can_desegment){\
+		/* only attempt reassembly if whe have the full segment */\
+		if(tvb_length_remaining(tvb, offset)==tvb_reported_length_remaining(tvb, offset)){\
+			if(parameter>tvb_length_remaining(tvb, offset)){\
+				proto_tree_add_text(tree, tvb, offset-12, -1, "[Short " x " PDU]");\
+				pinfo->desegment_offset=offset-12;\
+				pinfo->desegment_len=parameter-tvb_length_remaining(tvb, offset);\
+				return offset+len;\
+			}\
+		}\
+	}
+
+
+
+
+
+static int
+dissect_distcc_dist(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint32 parameter)
+{
+	proto_tree_add_uint_format(tree, hf_distcc_version, tvb, offset-12, 12, parameter, "DIST: %d", parameter);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "DIST:%d ", parameter);
+	}
+
+	return offset;
+}
+
+static int
+dissect_distcc_done(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint32 parameter)
+{
+	proto_tree_add_uint_format(tree, hf_distcc_version, tvb, offset-12, 12, parameter, "DONE: %d", parameter);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "DONE:%d ", parameter);
+	}
+
+	return offset;
+}
+
+static int
+dissect_distcc_stat(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint32 parameter)
+{
+	proto_tree_add_uint_format(tree, hf_distcc_stat, tvb, offset-12, 12, parameter, "STAT: %d", parameter);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "STAT:%d ", parameter);
+	}
+
+	return offset;
+}
+
+static int
+dissect_distcc_argc(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, guint32 parameter)
+{
+	proto_tree_add_uint_format(tree, hf_distcc_argc, tvb, offset-12, 12, parameter, "ARGC: %d", parameter);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "ARGC:%d ", parameter);
+	}
+
+	return offset;
+}
+
+static int
+dissect_distcc_argv(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, gint parameter)
+{
+	char argv[256]; 
+	int argv_len;
+	gint len=parameter;
+
+
+	CHECK_PDU_LEN("ARGV");
+
+	/* see if we need to desegment the PDU */
+	DESEGMENT_TCP("ARGV");
+
+
+
+	argv_len=len>255?255:len;
+	tvb_memcpy(tvb, argv, offset, argv_len);
+	argv[argv_len]=0;
+
+	proto_tree_add_item(tree, hf_distcc_argv, tvb, offset, len, FALSE);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "%s ", argv);
+	}
+
+	if(len!=parameter){
+		proto_tree_add_text(tree, tvb, 0, 0, "[Short ARGV PDU]");
+	}
+	return offset+len;
+}
+
+static int
+dissect_distcc_serr(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, gint parameter)
+{
+	char argv[256]; 
+	int argv_len;
+	gint len=parameter;
+
+
+	CHECK_PDU_LEN("SERR");
+
+	/* see if we need to desegment the PDU */
+	DESEGMENT_TCP("SERR");
+
+
+
+	argv_len=len>255?255:len;
+	tvb_memcpy(tvb, argv, offset, argv_len);
+	argv[argv_len]=0;
+
+	proto_tree_add_item(tree, hf_distcc_serr, tvb, offset, len, FALSE);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "SERR:%s ", argv);
+	}
+
+	if(len!=parameter){
+		proto_tree_add_text(tree, tvb, 0, 0, "[Short SERR PDU]");
+	}
+	return offset+len;
+}
+
+static int
+dissect_distcc_sout(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, gint parameter)
+{
+	char argv[256]; 
+	int argv_len;
+	gint len=parameter;
+
+
+	CHECK_PDU_LEN("SOUT");
+
+	/* see if we need to desegment the PDU */
+	DESEGMENT_TCP("SOUT");
+
+
+
+	argv_len=len>255?255:len;
+	tvb_memcpy(tvb, argv, offset, argv_len);
+	argv[argv_len]=0;
+
+	proto_tree_add_item(tree, hf_distcc_sout, tvb, offset, len, FALSE);
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "SOUT:%s ", argv);
+	}
+
+	if(len!=parameter){
+		proto_tree_add_text(tree, tvb, 0, 0, "[Short SOUT PDU]");
+	}
+	return offset+len;
+}
+
+
+static int
+dissect_distcc_doti(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, gint parameter)
+{
+	gint len=parameter;
+
+
+	CHECK_PDU_LEN("DOTI");
+
+	/* see if we need to desegment the PDU */
+	DESEGMENT_TCP("DOTI");
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "DOTI source ");
+	}
+
+	proto_tree_add_item(tree, hf_distcc_doti_source, tvb, offset, len, FALSE);
+	if(len!=parameter){
+		proto_tree_add_text(tree, tvb, 0, 0, "[Short DOTI PDU]");
+	}
+	return offset+len;
+}
+
+static int
+dissect_distcc_doto(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, gint parameter)
+{
+	gint len=parameter;
+
+
+	CHECK_PDU_LEN("DOTO");
+
+	/* see if we need to desegment the PDU */
+	DESEGMENT_TCP("DOTO");
+
+	if (check_col(pinfo->cinfo, COL_INFO)) {
+		col_append_fstr(pinfo->cinfo, COL_INFO, "DOTO object ");
+	}
+
+	proto_tree_add_item(tree, hf_distcc_doto_object, tvb, offset, len, FALSE);
+	if(len!=parameter){
+		proto_tree_add_text(tree, tvb, 0, 0, "[Short DOTO PDU]");
+	}
+	return offset+len;
+}
+
+
+
+/* Packet dissection routine called by tcp (& udp) when port 3632 detected */
+static void
+dissect_distcc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
+{
+	int offset=0;
+	proto_tree *tree=NULL;
+	proto_item *item=NULL;
+	char token[4];
+	gint parameter;
+	
+
+	if (check_col(pinfo->cinfo, COL_PROTOCOL))
+		col_set_str(pinfo->cinfo, COL_PROTOCOL, "DISTCC ");
+
+	if (check_col(pinfo->cinfo, COL_INFO))
+		col_clear(pinfo->cinfo, COL_INFO);
+
+	if (parent_tree) {
+		item = proto_tree_add_item(parent_tree, proto_distcc, tvb, offset,
+			-1, FALSE);
+		tree = proto_item_add_subtree(item, ett_distcc);
+	}
+
+	while(1){
+		/* we must have at least 12 bytes so we can read the 
+		   token and the parameter */
+		if(tvb_length_remaining(tvb, offset)<12){
+			return;
+		}
+
+		/* read the token */
+		tvb_memcpy(tvb, token, offset, 4);
+		offset+=4;
+
+		/* read the parameter */
+		sscanf(tvb_get_ptr(tvb, offset, 8), "%08x", &parameter);
+		offset+=8;
+
+		if(!strncmp(token, "DIST", 4)){
+			offset=dissect_distcc_dist(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "ARGC", 4)){
+			offset=dissect_distcc_argc(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "ARGV", 4)){
+			offset=dissect_distcc_argv(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "DOTI", 4)){
+			offset=dissect_distcc_doti(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "DONE", 4)){
+			offset=dissect_distcc_done(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "STAT", 4)){
+			offset=dissect_distcc_stat(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "SERR", 4)){
+			offset=dissect_distcc_serr(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "SOUT", 4)){
+			offset=dissect_distcc_sout(tvb, pinfo, tree, offset, parameter);
+		} else if(!strncmp(token, "DOTO", 4)){
+			offset=dissect_distcc_doto(tvb, pinfo, tree, offset, parameter);
+		} else {
+			call_dissector(data_handle, tvb, pinfo, tree);
+			return;
+		}		
+	}
+
+
+}
+
+/* Register protocol with Ethereal. */
+void
+proto_register_distcc(void)
+{
+    static hf_register_info hf[] = {
+	{&hf_distcc_version,
+	 {"DISTCC Version", "distcc.version",
+	  FT_UINT32, BASE_DEC, NULL, 0x0, "DISTCC Version", HFILL }
+	},
+	{&hf_distcc_argc,
+	 {"ARGC", "distcc.argc",
+	  FT_UINT32, BASE_DEC, NULL, 0x0, "Number of arguments", HFILL }
+	},
+	{&hf_distcc_argv,
+	 {"ARGV", "distcc.argv",
+	  FT_STRING, BASE_NONE, NULL, 0x0, "ARGV argument", HFILL }
+	},
+	{&hf_distcc_doti_source,
+	 {"Source", "distcc.doti_source",
+	  FT_STRING, BASE_NONE, NULL, 0x0, "DOTI Preprocessed Source File (.i)", HFILL }
+	},
+	{&hf_distcc_stat,
+	 {"Status", "distcc.status",
+	  FT_UINT32, BASE_DEC, NULL, 0x0, "Unix wait status for command completion", HFILL }
+	},
+	{&hf_distcc_serr,
+	 {"SERR", "distcc.serr",
+	  FT_STRING, BASE_NONE, NULL, 0x0, "STDERR output", HFILL }
+	},
+	{&hf_distcc_sout,
+	 {"SOUT", "distcc.sout",
+	  FT_STRING, BASE_NONE, NULL, 0x0, "STDOUT output", HFILL }
+	},
+	{&hf_distcc_doto_object,
+	 {"Object", "distcc.doto_object",
+	  FT_BYTES, BASE_HEX, NULL, 0x0, "DOTO Compiled object file (.o)", HFILL }
+	}
+
+	};
+
+	static gint *ett[] = {
+		&ett_distcc,
+	};
+
+	module_t *distcc_module;
+
+	proto_distcc = proto_register_protocol("Distcc Distributed Compiler",
+					   "DISTCC", "distcc");
+	proto_register_field_array(proto_distcc, hf, array_length(hf));
+	proto_register_subtree_array(ett, array_length(ett));
+
+	distcc_module = prefs_register_protocol(proto_distcc, NULL);
+	prefs_register_uint_preference(distcc_module, "tcp.port",
+				   "DISTCC TCP Port",
+				   "Set the TCP port for DISTCC messages",
+				   10,
+				   &glb_distcc_tcp_port);
+	prefs_register_bool_preference(distcc_module, "desegment_distcc_over_tcp",
+		"Desegment all DISTCC-over-TCP messages",
+		"Whether the DISTCC dissector should desegment all DISTCC-over-TCP messages",
+		&distcc_desegment);
+}
+void
+proto_reg_handoff_distcc(void)
+{
+	data_handle = find_dissector("data");
+	distcc_handle = create_dissector_handle(dissect_distcc, proto_distcc);
+	dissector_add("tcp.port", glb_distcc_tcp_port, distcc_handle);
+}