Fixes bug 974 by adding RSP trailer. Also resolves packet-asp "FIXME" for
IANA Enterprise ID as well as extended packet-asp decoding of authentication and integrity payloads using the sample capture file attached to the bug. Fuzz tested ~500 passes on that 3 packet capture file. svn path=/trunk/; revision=34701
This commit is contained in:
parent
c469f5cd6e
commit
a12e86f59f
|
@ -33,6 +33,7 @@
|
|||
|
||||
#include <glib.h>
|
||||
#include <epan/packet.h>
|
||||
#include <epan/sminmpec.h>
|
||||
|
||||
/*
|
||||
* See
|
||||
|
@ -47,32 +48,106 @@ static int hf_asf_iana = -1;
|
|||
static int hf_asf_type = -1;
|
||||
static int hf_asf_tag = -1;
|
||||
static int hf_asf_len = -1;
|
||||
static int hf_asf_rssp_status_code = -1;
|
||||
static int hf_asf_mgt_console_id = -1;
|
||||
static int hf_asf_client_id = -1;
|
||||
static int hf_asf_payload = -1;
|
||||
static int hf_asf_payload_type = -1;
|
||||
static int hf_asf_payload_len = -1;
|
||||
static int hf_asf_payload_data = -1;
|
||||
static int hf_asf_auth_alg = -1;
|
||||
static int hf_asf_integrity_alg = -1;
|
||||
static int hf_asf_reserved = -1;
|
||||
|
||||
static dissector_handle_t data_handle;
|
||||
static gint ett_asf = -1;
|
||||
static gint ett_asf_payload = -1;
|
||||
static gint ett_asf_alg_payload = -1;
|
||||
|
||||
#define ASF_TYPE_RESET 0x10
|
||||
#define ASF_TYPE_PWR_UP 0x11
|
||||
#define ASF_TYPE_PWR_DOWN 0x12
|
||||
#define ASF_TYPE_PWR_CYCLE 0x13
|
||||
#define ASF_TYPE_PRES_PONG 0x40
|
||||
#define ASF_TYPE_CAP_RESP 0x41
|
||||
#define ASF_TYPE_SYS_STATE_RESP 0x42
|
||||
#define ASF_TYPE_OPEN_SESS_RESP 0x43
|
||||
#define ASF_TYPE_CLOSE_SESS_RESP 0x44
|
||||
#define ASF_TYPE_PRES_PING 0x80
|
||||
#define ASF_TYPE_CAP_RQST 0x81
|
||||
#define ASF_TYPE_SYS_STATE_RQST 0x82
|
||||
#define ASF_TYPE_OPEN_SESS_RQST 0x83
|
||||
#define ASF_TYPE_CLOSE_SESS_RQST 0x84
|
||||
#define ASF_TYPE_RAKP_MSG_1 0xC0
|
||||
#define ASF_TYPE_RAKP_MSG_2 0xC1
|
||||
#define ASF_TYPE_RAKP_MSG_3 0xC2
|
||||
|
||||
static const value_string asf_type_vals[] = {
|
||||
{ 0x10, "Reset" },
|
||||
{ 0x11, "Power-up" },
|
||||
{ 0x12, "Unconditional Power-down" },
|
||||
{ 0x13, "Power Cycle" },
|
||||
{ 0x40, "Presence Pong" },
|
||||
{ 0x41, "Capabilities Response" },
|
||||
{ 0x42, "System State Response" },
|
||||
{ 0x43, "Open Session Response" },
|
||||
{ 0x44, "Close Session Response" },
|
||||
{ 0x80, "Presence Ping" },
|
||||
{ 0x81, "Capabilities Request" },
|
||||
{ 0x82, "System State Request" },
|
||||
{ 0x83, "Open Session Request" },
|
||||
{ 0x84, "Close Session Request" },
|
||||
{ 0xC0, "RAKP Message 1" },
|
||||
{ 0xC1, "RAKP Message 2" },
|
||||
{ 0xC2, "RAKP Message 3" },
|
||||
{ ASF_TYPE_RESET, "Reset" },
|
||||
{ ASF_TYPE_PWR_UP, "Power-up" },
|
||||
{ ASF_TYPE_PWR_DOWN, "Unconditional Power-down" },
|
||||
{ ASF_TYPE_PWR_CYCLE, "Power Cycle" },
|
||||
{ ASF_TYPE_PRES_PONG, "Presence Pong" },
|
||||
{ ASF_TYPE_CAP_RESP, "Capabilities Response" },
|
||||
{ ASF_TYPE_SYS_STATE_RESP, "System State Response" },
|
||||
{ ASF_TYPE_OPEN_SESS_RESP, "Open Session Response" },
|
||||
{ ASF_TYPE_CLOSE_SESS_RESP, "Close Session Response" },
|
||||
{ ASF_TYPE_PRES_PING, "Presence Ping" },
|
||||
{ ASF_TYPE_CAP_RQST, "Capabilities Request" },
|
||||
{ ASF_TYPE_SYS_STATE_RQST, "System State Request" },
|
||||
{ ASF_TYPE_OPEN_SESS_RQST, "Open Session Request" },
|
||||
{ ASF_TYPE_CLOSE_SESS_RQST, "Close Session Request" },
|
||||
{ ASF_TYPE_RAKP_MSG_1, "RAKP Message 1" },
|
||||
{ ASF_TYPE_RAKP_MSG_2, "RAKP Message 2" },
|
||||
{ ASF_TYPE_RAKP_MSG_3, "RAKP Message 3" },
|
||||
{ 0x00, NULL }
|
||||
};
|
||||
|
||||
static void
|
||||
static const value_string asf_rssp_status_code_vals[] = {
|
||||
{ 0x00, "No errors" },
|
||||
{ 0x01, "Insufficient resources to create a session" },
|
||||
{ 0x02, "Invalid session ID" },
|
||||
{ 0x03, "Invalid payload type" },
|
||||
{ 0x04, "Invalid authentication algorithm" },
|
||||
{ 0x05, "Invalid integrity algorithm" },
|
||||
{ 0x06, "No matching authentication payload" },
|
||||
{ 0x07, "No matching integrity payload" },
|
||||
{ 0x00, NULL }
|
||||
};
|
||||
|
||||
#define ASF_PAYLOAD_TYPE_NONE 0x00
|
||||
#define ASF_PAYLOAD_TYPE_AUTHENTICATION 0x01
|
||||
#define ASF_PAYLOAD_TYPE_INTEGRITY 0x02
|
||||
|
||||
static const value_string asf_payload_type_vals[] = {
|
||||
{ ASF_PAYLOAD_TYPE_NONE, "No payload present (end of list)" },
|
||||
{ ASF_PAYLOAD_TYPE_AUTHENTICATION, "Authentication algorithm payload" },
|
||||
{ ASF_PAYLOAD_TYPE_INTEGRITY, "Integrity algorithm payload" },
|
||||
{ 0x00, NULL }
|
||||
};
|
||||
|
||||
static const value_string asf_authentication_type_vals[] = {
|
||||
{ 0x01, "RAKP-HMAC-SHA1" },
|
||||
{ 0x00, NULL }
|
||||
};
|
||||
|
||||
static const value_string asf_integrity_type_vals[] = {
|
||||
{ 0x01, "HMAC-SHA1-96" },
|
||||
{ 0x00, NULL }
|
||||
};
|
||||
|
||||
static void dissect_asf_open_session_request(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len);
|
||||
static void dissect_asf_open_session_response(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len);
|
||||
static void dissect_asf_payloads(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len);
|
||||
static void dissect_asf_payload_authentication(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len);
|
||||
static void dissect_asf_payload_integrity(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len);
|
||||
|
||||
static int
|
||||
dissect_asf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
proto_tree *asf_tree = NULL;
|
||||
|
@ -90,12 +165,11 @@ dissect_asf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
|
||||
if (check_col(pinfo->cinfo, COL_INFO))
|
||||
col_add_str(pinfo->cinfo, COL_INFO,
|
||||
val_to_str(type, asf_type_vals, "Unknown (0x%02x)"));
|
||||
val_to_str(type, asf_type_vals, "Unknown (0x%02x)"));
|
||||
|
||||
if (tree) {
|
||||
ti = proto_tree_add_item(tree, proto_asf, tvb, 0, 8, FALSE);
|
||||
asf_tree = proto_item_add_subtree(ti, ett_asf);
|
||||
/* FIXME: resolve enterprise ID */
|
||||
proto_tree_add_item(asf_tree, hf_asf_iana, tvb, 0, 4, FALSE);
|
||||
proto_tree_add_item(asf_tree, hf_asf_type, tvb, 4, 1, FALSE);
|
||||
proto_tree_add_item(asf_tree, hf_asf_tag, tvb, 5, 1, FALSE);
|
||||
|
@ -103,9 +177,117 @@ dissect_asf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
}
|
||||
|
||||
if (len) {
|
||||
next_tvb = tvb_new_subset(tvb, 8, -1, len);
|
||||
call_dissector(data_handle, next_tvb, pinfo, tree);
|
||||
switch(type) {
|
||||
case ASF_TYPE_OPEN_SESS_RQST:
|
||||
dissect_asf_open_session_request(tvb, asf_tree, 8, len);
|
||||
break;
|
||||
case ASF_TYPE_OPEN_SESS_RESP:
|
||||
dissect_asf_open_session_response(tvb, asf_tree, 8, len);
|
||||
break;
|
||||
|
||||
/* TODO: Add the rest as captures become available to test. */
|
||||
|
||||
default:
|
||||
next_tvb = tvb_new_subset(tvb, 8, len, len);
|
||||
call_dissector(data_handle, next_tvb, pinfo, tree);
|
||||
break;
|
||||
}
|
||||
}
|
||||
return 8 + len;
|
||||
}
|
||||
|
||||
static void dissect_asf_open_session_request(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len)
|
||||
{
|
||||
proto_tree_add_item(tree, hf_asf_mgt_console_id, tvb, offset, 4, FALSE);
|
||||
offset += 4;
|
||||
len -= 4;
|
||||
dissect_asf_payloads(tvb, tree, offset, len);
|
||||
}
|
||||
|
||||
static void dissect_asf_open_session_response(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len)
|
||||
{
|
||||
proto_tree_add_item(tree, hf_asf_rssp_status_code, tvb, offset, 1, FALSE);
|
||||
proto_tree_add_item(tree, hf_asf_mgt_console_id, tvb, offset + 4, 4, FALSE);
|
||||
proto_tree_add_item(tree, hf_asf_client_id, tvb, offset + 8, 4, FALSE);
|
||||
offset += 12;
|
||||
len -= 12;
|
||||
dissect_asf_payloads(tvb, tree, offset, len);
|
||||
}
|
||||
|
||||
static void dissect_asf_payloads(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len)
|
||||
{
|
||||
guint8 ptype;
|
||||
guint16 plen;
|
||||
proto_item *ti;
|
||||
proto_tree *ptree;
|
||||
|
||||
while ( len >= 4 )
|
||||
{
|
||||
ptype = tvb_get_guint8(tvb, offset);
|
||||
plen = tvb_get_ntohs(tvb, offset + 2);
|
||||
|
||||
ti = proto_tree_add_none_format(tree, hf_asf_payload, tvb, offset,
|
||||
plen, "%s: %u bytes",
|
||||
val_to_str(ptype, asf_payload_type_vals, "Unknown (%u)"), plen);
|
||||
ptree = proto_item_add_subtree(ti, ett_asf_payload);
|
||||
proto_tree_add_item(ptree, hf_asf_payload_type, tvb, offset, 1, FALSE);
|
||||
proto_tree_add_item(ptree, hf_asf_payload_len, tvb, offset + 2, 2, FALSE);
|
||||
if ( ptype && (plen > 4) )
|
||||
{
|
||||
switch ( ptype )
|
||||
{
|
||||
case ASF_PAYLOAD_TYPE_AUTHENTICATION:
|
||||
dissect_asf_payload_authentication(tvb, ptree,
|
||||
offset + 4, plen - 4);
|
||||
break;
|
||||
case ASF_PAYLOAD_TYPE_INTEGRITY:
|
||||
dissect_asf_payload_integrity(tvb, ptree,
|
||||
offset + 4, plen - 4);
|
||||
break;
|
||||
default:
|
||||
proto_tree_add_item(ptree, hf_asf_payload_data, tvb,
|
||||
offset + 4, plen - 4, FALSE);
|
||||
break;
|
||||
}
|
||||
}
|
||||
offset += plen;
|
||||
len -= plen;
|
||||
}
|
||||
}
|
||||
|
||||
static void dissect_asf_payload_authentication(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len)
|
||||
{
|
||||
guint8 alg;
|
||||
proto_item *ti;
|
||||
proto_tree *atree;
|
||||
|
||||
alg = tvb_get_guint8(tvb, offset);
|
||||
ti = proto_tree_add_none_format(tree, hf_asf_payload_data, tvb, offset,
|
||||
len, "Authentication Algorithm: %s",
|
||||
val_to_str(alg, asf_authentication_type_vals, "Unknown (%u)"));
|
||||
atree = proto_item_add_subtree(ti, ett_asf_alg_payload);
|
||||
proto_tree_add_item(atree, hf_asf_auth_alg, tvb, offset, 1, FALSE);
|
||||
proto_tree_add_item(atree, hf_asf_reserved, tvb, offset + 1, len - 1, FALSE);
|
||||
}
|
||||
|
||||
static void dissect_asf_payload_integrity(tvbuff_t *tvb, proto_tree *tree,
|
||||
gint offset, gint len)
|
||||
{
|
||||
guint8 alg;
|
||||
proto_item *ti;
|
||||
proto_tree *atree;
|
||||
|
||||
alg = tvb_get_guint8(tvb, offset);
|
||||
ti = proto_tree_add_none_format(tree, hf_asf_payload_data, tvb, offset,
|
||||
len, "Integrity Algorithm: %s",
|
||||
val_to_str(alg, asf_integrity_type_vals, "Unknown (%u)"));
|
||||
atree = proto_item_add_subtree(ti, ett_asf_alg_payload);
|
||||
proto_tree_add_item(atree, hf_asf_integrity_alg, tvb, offset, 1, FALSE);
|
||||
proto_tree_add_item(atree, hf_asf_reserved, tvb, offset + 1, len - 1, FALSE);
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -114,8 +296,8 @@ proto_register_asf(void)
|
|||
static hf_register_info hf[] = {
|
||||
{ &hf_asf_iana, {
|
||||
"IANA Enterprise Number", "asf.iana",
|
||||
FT_UINT32, BASE_HEX, NULL, 0,
|
||||
"ASF IANA Enterprise Number", HFILL }},
|
||||
FT_UINT32, BASE_DEC|BASE_EXT_STRING, &sminmpec_values_ext, 0,
|
||||
"IANA Enterprise Number", HFILL }},
|
||||
{ &hf_asf_type, {
|
||||
"Message Type", "asf.type",
|
||||
FT_UINT8, BASE_HEX, VALS(asf_type_vals), 0,
|
||||
|
@ -128,9 +310,52 @@ proto_register_asf(void)
|
|||
"Data Length", "asf.len",
|
||||
FT_UINT8, BASE_DEC, NULL, 0,
|
||||
"ASF Data Length", HFILL }},
|
||||
{ &hf_asf_rssp_status_code, {
|
||||
"Status Code", "asf.rssp_status_code",
|
||||
FT_UINT8, BASE_DEC, VALS(asf_rssp_status_code_vals), 0,
|
||||
"Identifies the status of the previous message", HFILL }},
|
||||
{ &hf_asf_mgt_console_id, {
|
||||
"Mgt Console Session ID", "asf.mgt_console_id",
|
||||
FT_UINT32, BASE_DEC, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_asf_client_id, {
|
||||
"Managed Client Session ID", "asf.client_id",
|
||||
FT_UINT32, BASE_DEC, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_asf_payload, {
|
||||
"Payload", "asf.payload",
|
||||
FT_NONE, BASE_NONE, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_asf_payload_type, {
|
||||
"Payload Type", "asf.payload.type",
|
||||
FT_UINT8, BASE_DEC, VALS(asf_payload_type_vals), 0,
|
||||
"Identifies the type of payload that follows", HFILL }},
|
||||
{ &hf_asf_payload_len, {
|
||||
"Payload Length", "asf.payload.len",
|
||||
FT_UINT16, BASE_DEC, NULL, 0,
|
||||
"The total length in bytes of the payload including the header",
|
||||
HFILL }},
|
||||
{ &hf_asf_payload_data, {
|
||||
"Data", "asf.payload.data",
|
||||
FT_NONE, BASE_NONE, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_asf_auth_alg, {
|
||||
"Authentication Algorithm", "asf.auth_alg",
|
||||
FT_UINT8, BASE_DEC, VALS(asf_authentication_type_vals), 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_asf_integrity_alg, {
|
||||
"Integrity Algorithm", "asf.integrity_alg",
|
||||
FT_UINT8, BASE_DEC, VALS(asf_integrity_type_vals), 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_asf_reserved, {
|
||||
"Reserved", "asf.reserved",
|
||||
FT_NONE, BASE_NONE, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
};
|
||||
static gint *ett[] = {
|
||||
&ett_asf,
|
||||
&ett_asf_payload,
|
||||
&ett_asf_alg_payload
|
||||
};
|
||||
|
||||
proto_asf = proto_register_protocol(
|
||||
|
|
|
@ -110,7 +110,7 @@ static const true_false_string ipmi_payload_enc_val = {
|
|||
"Payload is unencrypted"
|
||||
};
|
||||
|
||||
static void
|
||||
static int
|
||||
dissect_ipmi_session(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
proto_tree *sess_tree = NULL, *s_tree;
|
||||
|
@ -261,6 +261,7 @@ dissect_ipmi_session(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
tvb, offset, tvb_length(tvb) - offset, TRUE);
|
||||
}
|
||||
}
|
||||
return tvb_length(tvb);
|
||||
}
|
||||
|
||||
void
|
||||
|
|
|
@ -93,6 +93,7 @@ dissect_rmcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
guint8 class;
|
||||
const gchar *class_str;
|
||||
guint8 type;
|
||||
guint len;
|
||||
|
||||
/*
|
||||
* Check whether it's a known class value; if not, assume it's
|
||||
|
@ -140,8 +141,13 @@ dissect_rmcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
next_tvb = tvb_new_subset_remaining(tvb, 4);
|
||||
|
||||
if (!dissector_try_port(rmcp_dissector_table, class, next_tvb, pinfo,
|
||||
tree))
|
||||
call_dissector(data_handle, next_tvb, pinfo, tree);
|
||||
tree)) {
|
||||
len = call_dissector(data_handle, next_tvb, pinfo, tree);
|
||||
if (len < tvb_length(next_tvb)) {
|
||||
proto_tree_add_text(tree, tvb, 4 + len, -1,
|
||||
"RSP Trailer (%d bytes):", tvb_length(next_tvb) - len);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return tvb_length(tvb);
|
||||
|
|
Loading…
Reference in New Issue