pop3: add credentials to tap.
Change-Id: I0779a4c11451ee63be8d10ee78a7f920f519f77a Reviewed-on: https://code.wireshark.org/review/33799 Reviewed-by: Pascal Quantin <pascal@wireshark.org> Petri-Dish: Pascal Quantin <pascal@wireshark.org> Tested-by: Petri Dish Buildbot Reviewed-by: Dario Lombardo <lomato@gmail.com>
This commit is contained in:
parent
aec8480760
commit
dfb147269f
|
@ -27,6 +27,9 @@
|
|||
#include <wsutil/str_util.h>
|
||||
#include <wsutil/strtoi.h>
|
||||
|
||||
#include <ui/tap-credentials.h>
|
||||
#include <tap.h>
|
||||
|
||||
#include "packet-tls.h"
|
||||
#include "packet-tls-utils.h"
|
||||
|
||||
|
@ -35,6 +38,8 @@ void proto_reg_handoff_pop(void);
|
|||
|
||||
static int proto_pop = -1;
|
||||
|
||||
static int credentials_tap = -1;
|
||||
|
||||
static int hf_pop_response = -1;
|
||||
static int hf_pop_response_indicator = -1;
|
||||
static int hf_pop_response_description = -1;
|
||||
|
@ -109,9 +114,15 @@ struct pop_data_val {
|
|||
guint32 msg_read_len; /* Length of RETR message read so far */
|
||||
guint32 msg_tot_len; /* Total length of RETR message */
|
||||
gboolean stls_request; /* Received STLS request */
|
||||
gchar* username;
|
||||
guint username_num;
|
||||
};
|
||||
|
||||
|
||||
typedef enum {
|
||||
pop_arg_type_unknown,
|
||||
pop_arg_type_username,
|
||||
pop_arg_type_password
|
||||
} pop_arg_type_t;
|
||||
|
||||
static gboolean response_is_continuation(const guchar *data);
|
||||
|
||||
|
@ -134,6 +145,7 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
|
|||
conversation_t *conversation = NULL;
|
||||
struct pop_data_val *data_val = NULL;
|
||||
gint length_remaining;
|
||||
pop_arg_type_t pop_arg_type = pop_arg_type_unknown;
|
||||
|
||||
col_set_str(pinfo->cinfo, COL_PROTOCOL, "POP");
|
||||
|
||||
|
@ -276,6 +288,14 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
|
|||
if (g_ascii_strncasecmp(line, "STLS", 4) == 0) {
|
||||
data_val->stls_request = TRUE;
|
||||
}
|
||||
|
||||
if (g_ascii_strncasecmp(line, "USER", 4) == 0) {
|
||||
pop_arg_type = pop_arg_type_username;
|
||||
}
|
||||
|
||||
if (g_ascii_strncasecmp(line, "PASS", 4) == 0) {
|
||||
pop_arg_type = pop_arg_type_password;
|
||||
}
|
||||
} else {
|
||||
if (data_val->msg_request) {
|
||||
/* this is a response to a RETR or TOP command */
|
||||
|
@ -305,43 +325,62 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
|
|||
}
|
||||
|
||||
|
||||
if (tree) {
|
||||
/*
|
||||
* Add the rest of the first line as request or
|
||||
* reply param/description.
|
||||
*/
|
||||
if (linelen != 0) {
|
||||
proto_tree_add_item(reqresp_tree,
|
||||
(is_request) ?
|
||||
hf_pop_request_parameter :
|
||||
hf_pop_response_description,
|
||||
tvb, offset, linelen, ENC_ASCII|ENC_NA);
|
||||
/*
|
||||
* Add the rest of the first line as request or
|
||||
* reply param/description.
|
||||
*/
|
||||
if (linelen != 0) {
|
||||
tap_credential_t* auth;
|
||||
proto_tree_add_item(reqresp_tree,
|
||||
(is_request) ?
|
||||
hf_pop_request_parameter :
|
||||
hf_pop_response_description,
|
||||
tvb, offset, linelen, ENC_ASCII|ENC_NA);
|
||||
switch (pop_arg_type) {
|
||||
case pop_arg_type_username:
|
||||
if (!data_val->username && linelen > 0) {
|
||||
data_val->username = tvb_get_string_enc(wmem_file_scope(), tvb, offset, linelen, ENC_NA|ENC_ASCII);;
|
||||
data_val->username_num = pinfo->num;
|
||||
}
|
||||
break;
|
||||
case pop_arg_type_password:
|
||||
auth = wmem_new0(wmem_packet_scope(), tap_credential_t);
|
||||
auth->num = pinfo->num;
|
||||
auth->username_num = data_val->username_num;
|
||||
auth->password_hf_id = hf_pop_request_parameter;
|
||||
auth->username = data_val->username;
|
||||
auth->proto = "POP3";
|
||||
auth->info = wmem_strdup_printf(wmem_packet_scope(), "Username in packet %u", data_val->username_num);
|
||||
tap_queue_packet(credentials_tap, pinfo, auth);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
offset = next_offset;
|
||||
|
||||
/*
|
||||
* Show the rest of the request or response as text,
|
||||
* a line at a time.
|
||||
*/
|
||||
while (tvb_offset_exists(tvb, offset)) {
|
||||
/*
|
||||
* Find the end of the line.
|
||||
*/
|
||||
tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE);
|
||||
|
||||
/*
|
||||
* Put this line.
|
||||
*/
|
||||
proto_tree_add_string_format(pop_tree,
|
||||
(is_request) ?
|
||||
hf_pop_request_data :
|
||||
hf_pop_response_data,
|
||||
tvb, offset,
|
||||
next_offset - offset,
|
||||
"", "%s",
|
||||
tvb_format_text(tvb, offset, next_offset - offset));
|
||||
offset = next_offset;
|
||||
|
||||
/*
|
||||
* Show the rest of the request or response as text,
|
||||
* a line at a time.
|
||||
*/
|
||||
while (tvb_offset_exists(tvb, offset)) {
|
||||
/*
|
||||
* Find the end of the line.
|
||||
*/
|
||||
tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE);
|
||||
|
||||
/*
|
||||
* Put this line.
|
||||
*/
|
||||
proto_tree_add_string_format(pop_tree,
|
||||
(is_request) ?
|
||||
hf_pop_request_data :
|
||||
hf_pop_response_data,
|
||||
tvb, offset,
|
||||
next_offset - offset,
|
||||
"", "%s",
|
||||
tvb_format_text(tvb, offset, next_offset - offset));
|
||||
offset = next_offset;
|
||||
}
|
||||
}
|
||||
return tvb_captured_length(tvb);
|
||||
}
|
||||
|
@ -456,6 +495,8 @@ proto_register_pop(void)
|
|||
|
||||
expert_pop = expert_register_protocol(proto_pop);
|
||||
expert_register_field_array(expert_pop, ei, array_length(ei));
|
||||
|
||||
credentials_tap = register_tap("credentials");
|
||||
}
|
||||
|
||||
void
|
||||
|
|
Loading…
Reference in New Issue