A "working" example of TPG...
svn path=/trunk/; revision=16030
This commit is contained in:
parent
1407da9827
commit
ec0f669770
|
@ -0,0 +1,71 @@
|
|||
# Makefile.am
|
||||
# Automake file for MATE Ethereal plugin
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
# Ethereal - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@ethereal.com>
|
||||
# Copyright 1998 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
# as published by the Free Software Foundation; either version 2
|
||||
# of the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
#
|
||||
|
||||
INCLUDES = -I$(top_srcdir)
|
||||
|
||||
plugindir = @plugindir@
|
||||
|
||||
plugin_LTLIBRARIES = tpg.la
|
||||
|
||||
tpg_la_SOURCES = \
|
||||
moduleinfo.h \
|
||||
http-parser.c \
|
||||
http-parser.h \
|
||||
packet-http.c
|
||||
|
||||
tpg_la_LDFLAGS = -module -avoid-version
|
||||
tpg_la_LIBADD = @PLUGIN_LIBS@
|
||||
|
||||
# Libs must be cleared, or else libtool won't create a shared module.
|
||||
# If your module needs to be linked against any particular libraries,
|
||||
# add them here.
|
||||
LIBS =
|
||||
|
||||
CLEANFILES = \
|
||||
tpg \
|
||||
*~
|
||||
|
||||
DISTCLEANFILES = \
|
||||
http-parser.c \
|
||||
http-parser.h
|
||||
|
||||
MAINTAINERCLEANFILES = \
|
||||
Makefile.in \
|
||||
http-parser.c \
|
||||
http-parser.h
|
||||
|
||||
EXTRA_DIST = \
|
||||
http.tpg \
|
||||
Makefile.nmake
|
||||
|
||||
TPG = ../../tools/tpg
|
||||
|
||||
http-parser.h: http-parser.c
|
||||
|
||||
$(TPG)/TPG.pm: $(TPG)/TPG.yp
|
||||
cd $(TPG) && make
|
||||
|
||||
http-parser.c: http.tpg $(TPG)/tpg.pl $(TPG)/TPG.pm
|
||||
$(PERL) -I$(TPG) $(TPG)/tpg.pl http.tpg
|
||||
|
|
@ -0,0 +1,65 @@
|
|||
#
|
||||
# $Id$
|
||||
#
|
||||
|
||||
include ..\..\config.nmake
|
||||
include <win32.mak>
|
||||
|
||||
############### no need to modify below this line #########
|
||||
|
||||
LEMON=..\..\tools\lemon
|
||||
|
||||
CFLAGS=/DHAVE_CONFIG_H /I../.. /I../../wiretap $(GLIB_CFLAGS) /I$(LEMON)\
|
||||
/I$(PCAP_DIR)\include -D_U_="" $(LOCAL_CFLAGS)
|
||||
|
||||
.c.obj::
|
||||
$(CC) $(CFLAGS) -Fdmate.pdb -c $<
|
||||
|
||||
LDFLAGS = /NOLOGO /INCREMENTAL:no /MACHINE:I386 $(LOCAL_LDFLAGS)
|
||||
|
||||
!IFDEF ENABLE_LIBETHEREAL
|
||||
LINK_PLUGIN_WITH=..\..\epan\libethereal.lib
|
||||
CFLAGS=/DHAVE_WIN32_LIBETHEREAL_LIB /D_NEED_VAR_IMPORT_ $(CFLAGS)
|
||||
|
||||
OBJECTS=packet-mate.obj\
|
||||
mate_setup.obj\
|
||||
mate_runtime.obj\
|
||||
mate_util.obj\
|
||||
mate_plugin.obj\
|
||||
mate_grammar.obj\
|
||||
mate_parser.obj
|
||||
|
||||
mate.dll mate.exp mate.lib : $(OBJECTS) $(LINK_PLUGIN_WITH)
|
||||
link -dll /out:mate.dll $(LDFLAGS) $(OBJECTS) $(LINK_PLUGIN_WITH) \
|
||||
$(GLIB_LIBS)
|
||||
|
||||
!ENDIF
|
||||
|
||||
clean:
|
||||
rm -f $(OBJECTS) mate.dll mate.exp mate.lib *.pdb
|
||||
|
||||
#
|
||||
# We remove the generated files with "distclean" because one of them,
|
||||
# "mate_parser.c", needs different #includes for UN*X and Windows
|
||||
# (UN*X versions of Flex make it include <unistd.h>, but that's a
|
||||
# UN*X-only header), so if you're going to build from source, you need
|
||||
# to build "mate_parser.c" from "mate_parser.l" with Flex.
|
||||
# This might not be necessary for "mate_grammar.{c,h}", but we handle them
|
||||
# the same for now.
|
||||
#
|
||||
distclean: clean
|
||||
rm -f mate_parser.c mate_grammar.c mate_grammar.h mate_grammar.out
|
||||
|
||||
maintainer-clean: distclean
|
||||
|
||||
mate_parser.c : mate_parser.l
|
||||
$(LEX) -Pdf_ -omate_parser.c mate_parser.l
|
||||
|
||||
mate_grammar.h : mate_grammar.c
|
||||
mate_grammar.c : mate_grammar.lemon $(LEMON)\lemon.exe
|
||||
$(LEMON)\lemon.exe t=$(LEMON)\lempar.c mate_grammar.lemon
|
||||
|
||||
$(LEMON)\lemon.exe:
|
||||
cd ../../tools/lemon
|
||||
$(MAKE) -f makefile.nmake
|
||||
cd ../../plugins/mate
|
|
@ -0,0 +1,142 @@
|
|||
#
|
||||
# HTTP header TPG description
|
||||
#
|
||||
# (c) 2005 Luis E. Garcia Ontanon <luis.ontanon@gmail.com>
|
||||
#
|
||||
# $Id $
|
||||
#
|
||||
# Ethereal - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@ethereal.com>
|
||||
# Copyright 2004 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
# as published by the Free Software Foundation; either version 2
|
||||
# of the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
|
||||
%header_head %{
|
||||
typedef struct _http_info_value_t
|
||||
{
|
||||
guint32 framenum;
|
||||
gchar *request_method;
|
||||
guint response_code;
|
||||
gchar *http_host;
|
||||
gchar *request_uri;
|
||||
guint content_length;
|
||||
gchar* media;
|
||||
gboolean is_response;
|
||||
gchar* transfer_encoding;
|
||||
} http_info_value_t;
|
||||
%}
|
||||
|
||||
%parser_name http .
|
||||
%export req_resp header crlf .
|
||||
|
||||
|
||||
%tt_type %{ http_info_value_t %}
|
||||
|
||||
%rule crlf = "\r\n" .
|
||||
|
||||
%rule sp = [ ]+ .
|
||||
|
||||
%field version hyttp.version "HTTP Version" FT_STRING.
|
||||
%rule http_version = "HTTP/" ( "1.0" | "1.1" )<version> .
|
||||
|
||||
%field response hyttp.response "Response" FT_BOOLEAN .
|
||||
%field response_code hyttp.response.code "Response Code" FT_UINT32 BASE_DEC %{ http_response_codes %} .
|
||||
%rule response = (http_version sp [0-9]+<response_code:RESPONSE> ... { crlf } )<response:%plain_text> . {
|
||||
%root response
|
||||
%code %{
|
||||
TT_DATA->is_response = TRUE;
|
||||
TT_DATA->response_code = TPG_UINT(RESPONSE);
|
||||
%}
|
||||
}
|
||||
|
||||
%field request hyttp.request "Request" FT_BOOLEAN .
|
||||
%field method hyttp.request.method "Request Method" FT_STRING .
|
||||
%field uri hyttp.request.uri "Request URI" FT_STRING .
|
||||
%rule request = ([A-Z]+<method:METHOD> sp [^ ]+<uri:URI> sp http_version crlf )<request:%plain_text> . {
|
||||
%root request
|
||||
%code %{
|
||||
TT_DATA->is_response = FALSE;
|
||||
TT_DATA->request_method = TPG_STRING(METHOD);
|
||||
TT_DATA->request_uri = TPG_STRING(URI);
|
||||
%}
|
||||
}
|
||||
|
||||
%rule req_resp = ( request | response ).
|
||||
|
||||
%rule media = [a-z]+ "/" [a-z]+ .
|
||||
|
||||
%field content_type hyttp.content_type "Content-Type" FT_STRING .
|
||||
%rule content_type = "Content-Type: " media<content_type:MEDIA> sp? crlf . {
|
||||
%code %{
|
||||
TT_DATA->media = TPG_STRING(MEDIA);
|
||||
%}
|
||||
}
|
||||
|
||||
%field content_length hyttp.headers.content_length "Content-Length" FT_UINT32 BASE_DEC .
|
||||
%rule content_length = "Content-Length: " media<content_length:LENGTH> sp? crlf . {
|
||||
%code %{
|
||||
TT_DATA->content_length = TPG_UINT(LENGTH);
|
||||
%}
|
||||
}
|
||||
|
||||
%field transfer_encoding hyttp.transfer_encoding "Transfer-Encoding" FT_STRING .
|
||||
%rule transfer_encoding = "Transfer-Encoding: " ...<transfer_encoding:ENCODING> { crlf }. {
|
||||
%code %{
|
||||
TT_DATA->transfer_encoding = TPG_STRING(ENCODING);
|
||||
%}
|
||||
}
|
||||
|
||||
%field authorization hyttp.authorization "Authorization" FT_STRING .
|
||||
%rule authorization = "Authorization: " ...<authorization> { crlf } .
|
||||
|
||||
%field proxy_authorization hyttp.proxy_authorization "Proxy-Authorization" FT_STRING .
|
||||
%rule proxy_author = "Proxy-Authorization: " ...<proxy_authorization> { crlf } .
|
||||
|
||||
%field proxy_authen hyttp.proxy_authenti "Proxy-Authenticate" FT_STRING .
|
||||
%rule proxy_authen = "Proxy-Authenticate: " ...<proxy_authen> { crlf } .
|
||||
|
||||
%field www_auth hyttp.www_authenticate "WWW-Authenticate" FT_STRING .
|
||||
%rule www_auth = "WWW-Authenticate: " ...<www_auth> { crlf } .
|
||||
|
||||
%field content_encoding hyttp.content_encoding "Content-Encoding" FT_STRING .
|
||||
%rule content_encoding = "Content-Encoding: " ...<content_encoding> { crlf } .
|
||||
|
||||
%field user_agent hyttp.content_encoding "User-Agent" FT_STRING .
|
||||
%rule user_agent = "User-Agent: " ...<user_agent> { crlf } .
|
||||
|
||||
%field host hyttp.host "Host" FT_STRING .
|
||||
%rule host = "Host: " ...<host> { crlf } .
|
||||
|
||||
%rule other_header = ([A-Z] [a-zA-Z-]+)<NAME> ": " ...<VALUE> { crlf } .
|
||||
|
||||
%field header hyttp.headers.line "HTTP Header Line" FT_BOOLEAN .
|
||||
%rule header = (
|
||||
content_type
|
||||
| transfer_encoding
|
||||
| content_length
|
||||
| authorization
|
||||
| proxy_author
|
||||
| proxy_authen
|
||||
| www_auth
|
||||
| content_encoding
|
||||
| user_agent
|
||||
| host
|
||||
| other_header)<header:%plain_text> . {
|
||||
%root header
|
||||
}
|
||||
|
||||
%tail %{
|
||||
/* tail */
|
||||
%}
|
|
@ -0,0 +1,98 @@
|
|||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "http-parser.h"
|
||||
#include <gmodule.h>
|
||||
|
||||
static const value_string http_response_codes[] = {
|
||||
{ 200, "OK" },
|
||||
{ 302, "Later" },
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
static gint ett_http = -1;
|
||||
static int proto_http = -1;
|
||||
|
||||
static tvbparse_wanted_t* rule_http_crlf;
|
||||
static tvbparse_wanted_t* rule_http_header;
|
||||
static tvbparse_wanted_t* rule_http_req_resp;
|
||||
|
||||
static dissector_handle_t http_handle;
|
||||
|
||||
static void dissect_http(tvbuff_t* tvb, packet_info* pinfo _U_, proto_tree* tree) {
|
||||
http_info_value_t* msgdata = ep_alloc(sizeof(http_info_value_t));
|
||||
tvbparse_elem_t* reqresp;
|
||||
tpg_parser_data_t* tpg;
|
||||
proto_item* pi = proto_tree_add_item(tree,proto_http,tvb,0,-1,FALSE);
|
||||
proto_tree* pt = proto_item_add_subtree(pi,ett_http);
|
||||
|
||||
tpg = tpg_start(pt,tvb,0,-1,msgdata);
|
||||
|
||||
if (( reqresp = TPG_GET(tpg,rule_http_req_resp) )) {
|
||||
tvbparse_elem_t* hdr;
|
||||
|
||||
while(( hdr = TPG_GET(tpg,rule_http_header) )) ;
|
||||
|
||||
if ( TPG_GET(tpg,rule_http_crlf) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
} else {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
static void proto_register_http(void) {
|
||||
static hf_register_info hf[] = {
|
||||
HF_HTTP_PARSER
|
||||
};
|
||||
|
||||
static gint *ett[] = {
|
||||
ETT_HTTP_PARSER,
|
||||
&ett_http
|
||||
};
|
||||
|
||||
tpg_http_init();
|
||||
|
||||
proto_http = proto_register_protocol("HyTeTrP",
|
||||
"HyTeTrP", "hytetrpr");
|
||||
proto_register_field_array(proto_http, hf, array_length(hf));
|
||||
proto_register_subtree_array(ett, array_length(ett));
|
||||
|
||||
rule_http_crlf = wanted_http_crlf();
|
||||
rule_http_header = wanted_http_header();
|
||||
rule_http_req_resp = wanted_http_req_resp();
|
||||
|
||||
}
|
||||
|
||||
|
||||
static void proto_reg_handoff_http(void) {
|
||||
http_handle = create_dissector_handle(dissect_http, proto_http);
|
||||
|
||||
dissector_delete("tcp.port", 80, NULL);
|
||||
dissector_add("tcp.port", 80, http_handle);
|
||||
|
||||
}
|
||||
|
||||
#ifndef ENABLE_STATIC
|
||||
|
||||
G_MODULE_EXPORT const gchar version[] = "0.0.0";
|
||||
|
||||
G_MODULE_EXPORT void
|
||||
plugin_register(void)
|
||||
{
|
||||
/* register the new protocol, protocol fields, and subtrees */
|
||||
if (proto_http == -1) { /* execute protocol initialization only once */
|
||||
proto_register_http();
|
||||
}
|
||||
}
|
||||
|
||||
G_MODULE_EXPORT void
|
||||
plugin_reg_handoff(void){
|
||||
proto_reg_handoff_http();
|
||||
}
|
||||
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue