packet-smb-direct.c: add initial implementation

See [MS-SMBD] http://msdn.microsoft.com/en-us/library/hh536346.aspx Change-Id: If2cf719bdf5da82bc5f5e086dd69d02caff2166a Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-on: https://code.wireshark.org/review/55 Reviewed-by: Evan Huus <eapache@gmail.com>
author: Stefan Metzmacher <metze@samba.org> 2012-09-19 16:21:21 +0200
committer: Evan Huus <eapache@gmail.com> 2014-02-25 21:58:26 +0000
commit: 8fe9187b98d159ed15961f57070675fcd9d53dda (patch)
tree: adfd76dae0fc17bd79c182a0b613e95f0e36d503 /epan/dissectors/packet-smb-direct.c
parent: 621a9c50239e0d7c187c758f2ef4ba8f075dc8cb (diff)
1 files changed, 488 insertions, 0 deletions
diff --git a/epan/dissectors/packet-smb-direct.c b/epan/dissectors/packet-smb-direct.c
new file mode 100644
index 0000000000..af8d3a6d81
--- /dev/null
+++ b/epan/dissectors/packet-smb-direct.c
@@ -0,0 +1,488 @@
+/*
+ * packet-smb-direct.c
+ *
+ * Routines for [MS-SMBD] the RDMA transport layer for SMB2/3
+ *
+ * Copyright 2012 Stefan Metzmacher <metze@samba.org>
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "config.h"
+
+#include <glib.h>
+
+#include "packet-windows-common.h"
+
+static int proto_smb_direct = -1;
+
+static gint ett_smb_direct = -1;
+static gint ett_smb_direct_hdr = -1;
+static gint ett_smb_direct_flags = -1;
+
+static int hf_smb_direct_negotiate_request = -1;
+static int hf_smb_direct_negotiate_response = -1;
+static int hf_smb_direct_data_message = -1;
+static int hf_smb_direct_min_version = -1;
+static int hf_smb_direct_max_version = -1;
+static int hf_smb_direct_negotiated_version = -1;
+static int hf_smb_direct_credits_requested = -1;
+static int hf_smb_direct_credits_granted = -1;
+static int hf_smb_direct_status = -1;
+static int hf_smb_direct_max_read_write_size = -1;
+static int hf_smb_direct_preferred_send_size = -1;
+static int hf_smb_direct_max_receive_size = -1;
+static int hf_smb_direct_max_fragmented_size = -1;
+static int hf_smb_direct_flags = -1;
+static int hf_smb_direct_flags_response_requested = -1;
+static int hf_smb_direct_remaining_length = -1;
+static int hf_smb_direct_data_offset = -1;
+static int hf_smb_direct_data_length = -1;
+
+enum SMB_DIRECT_HDR_TYPE {
+	SMB_DIRECT_HDR_UNKNOWN = -1,
+	SMB_DIRECT_HDR_NEG_REQ = 1,
+	SMB_DIRECT_HDR_NEG_REP = 2,
+	SMB_DIRECT_HDR_DATA = 3
+};
+
+#define SMB_DIRECT_RESPONSE_REQUESTED 0x0001
+
+static heur_dissector_list_t smb_direct_heur_subdissector_list;
+static dissector_handle_t data_handle;
+
+static void
+dissect_smb_direct_payload(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+	if (!dissector_try_heuristic(smb_direct_heur_subdissector_list,
+				    tvb, pinfo, tree, NULL))
+		call_dissector(data_handle,tvb, pinfo, tree);
+}
+
+static void
+dissect_smb_direct(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree,
+		   enum SMB_DIRECT_HDR_TYPE hdr_type)
+
+{
+	proto_tree *tree = NULL;
+	proto_item *item = NULL;
+	proto_tree *neg_req_tree = NULL;
+	proto_tree *neg_rep_tree = NULL;
+	proto_tree *data_tree = NULL;
+	int offset = 0;
+	guint32 status = 0;
+	guint16 flags = 0;
+	proto_tree *flags_tree = NULL;
+	proto_item *flags_item = NULL;
+	guint32 data_offset = 0;
+	guint32 data_length = 0;
+	guint rlen = tvb_reported_length(tvb);
+	gint len = 0;
+	tvbuff_t *next_tvb = NULL;
+
+	col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMBDirect");
+	col_clear(pinfo->cinfo, COL_INFO);
+
+	if (parent_tree != NULL) {
+		item = proto_tree_add_item(parent_tree, proto_smb_direct, tvb, 0, -1, ENC_NA);
+		tree = proto_item_add_subtree(item, ett_smb_direct);
+	}
+
+	switch (hdr_type) {
+	case SMB_DIRECT_HDR_UNKNOWN:
+		break;
+
+	case SMB_DIRECT_HDR_NEG_REQ:
+		col_append_str(pinfo->cinfo, COL_INFO, "NegotiateRequest");
+
+		if (tree == NULL) {
+			break;
+		}
+
+		item = proto_tree_add_item(tree, hf_smb_direct_negotiate_request, tvb, 0, -1, ENC_NA);
+		neg_req_tree = proto_item_add_subtree(item, ett_smb_direct_hdr);
+
+		proto_tree_add_item(neg_req_tree, hf_smb_direct_min_version,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(neg_req_tree, hf_smb_direct_max_version,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		/* 2 bytes reserved */
+		offset += 2;
+
+		proto_tree_add_item(neg_req_tree, hf_smb_direct_credits_requested,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(neg_req_tree, hf_smb_direct_preferred_send_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		proto_tree_add_item(neg_req_tree, hf_smb_direct_max_receive_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		proto_tree_add_item(neg_req_tree, hf_smb_direct_max_fragmented_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		/* offset += 4; */
+		break;
+
+	case SMB_DIRECT_HDR_NEG_REP:
+		col_append_str(pinfo->cinfo, COL_INFO, "NegotiateResponse");
+
+		status = tvb_get_letohl(tvb, 12);
+		if (status != 0) {
+			col_append_fstr(
+				pinfo->cinfo, COL_INFO, ", Error: %s",
+				val_to_str(status, NT_errors, "Unknown (0x%08X)"));
+		}
+
+		if (tree == NULL) {
+			break;
+		}
+
+		item = proto_tree_add_item(tree, hf_smb_direct_negotiate_response, tvb, 0, -1, ENC_NA);
+		neg_rep_tree = proto_item_add_subtree(item, ett_smb_direct_hdr);
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_min_version,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_max_version,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_negotiated_version,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		/* 2 bytes reserved */
+		offset += 2;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_credits_requested,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_credits_granted,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_status,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_max_read_write_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_preferred_send_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_max_receive_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		proto_tree_add_item(neg_rep_tree, hf_smb_direct_max_fragmented_size,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		/* offset += 4; */
+		break;
+
+	case SMB_DIRECT_HDR_DATA:
+		col_append_str(pinfo->cinfo, COL_INFO, "DataMessage");
+
+		if (tree == NULL) {
+			break;
+		}
+
+		rlen = MIN(rlen, 24);
+
+		item = proto_tree_add_item(tree, hf_smb_direct_data_message, tvb, 0, rlen, ENC_NA);
+		data_tree = proto_item_add_subtree(item, ett_smb_direct_hdr);
+
+		proto_tree_add_item(data_tree, hf_smb_direct_credits_requested,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		proto_tree_add_item(data_tree, hf_smb_direct_credits_granted,
+				    tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		offset += 2;
+
+		flags = tvb_get_letohs(tvb, offset);
+		flags_item = proto_tree_add_item(data_tree, hf_smb_direct_flags,
+						 tvb, offset, 2, ENC_LITTLE_ENDIAN);
+		flags_tree = proto_item_add_subtree(flags_item, ett_smb_direct_flags);
+		proto_tree_add_boolean(flags_tree, hf_smb_direct_flags_response_requested,
+				       tvb, offset, 2, flags);
+		offset += 2;
+
+		/* 2 bytes reserved */
+		offset += 2;
+
+		proto_tree_add_item(data_tree, hf_smb_direct_remaining_length,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		data_offset = tvb_get_letohl(tvb, offset);
+		proto_tree_add_item(data_tree, hf_smb_direct_data_offset,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		data_length = tvb_get_letohl(tvb, offset);
+		proto_tree_add_item(data_tree, hf_smb_direct_data_length,
+				    tvb, offset, 4, ENC_LITTLE_ENDIAN);
+		offset += 4;
+
+		if (data_length > 0 && data_offset > (guint32)offset) {
+			len = tvb_reported_length_remaining(tvb, data_offset);
+		}
+
+		if (data_length <= (guint32)len) {
+			next_tvb = tvb_new_subset(tvb, data_offset,
+						  data_length, data_length);
+		}
+
+		if (next_tvb != NULL) {
+			dissect_smb_direct_payload(next_tvb, pinfo, parent_tree);
+		}
+
+		/* offset = data_offset + data_length; */
+		break;
+	}
+
+	return;
+}
+
+static enum SMB_DIRECT_HDR_TYPE
+is_smb_direct(tvbuff_t *tvb, packet_info *pinfo _U_)
+{
+	gboolean maybe_neg_req = FALSE;
+	gboolean maybe_data = FALSE;
+	guint len = tvb_reported_length(tvb);
+
+	if (len < 20) {
+		return SMB_DIRECT_HDR_UNKNOWN;
+	}
+
+	if (len == 32 &&
+	    tvb_get_letohs(tvb, 0) == 0x0100 && /* min version */
+	    tvb_get_letohs(tvb, 2) == 0x0100 && /* max version */
+	    tvb_get_letohs(tvb, 4) == 0x0100 && /* negotiated version */
+	    tvb_get_letohs(tvb, 6) == 0x0000)   /* reserved */
+	{
+		/* Negotiate Response */
+		return SMB_DIRECT_HDR_NEG_REP;
+	}
+
+	if (tvb_get_letohs(tvb, 0) == 0x0100 && /* min version */
+	    tvb_get_letohs(tvb, 2) == 0x0100 && /* max version */
+	    tvb_get_letohs(tvb, 4) == 0x0000)   /* reserved */
+	{
+		maybe_neg_req = TRUE;
+	}
+
+	if (tvb_get_letohs(tvb, 0) <= 255 &&    /* credits up to 255 */
+	    tvb_get_letohs(tvb, 2) <= 255 &&    /* credits up to 255 */
+	    tvb_get_letohs(tvb, 4) <= 1   &&    /* flags 0 or 1 */
+	    tvb_get_letohs(tvb, 6) == 0)    /* reserved */
+	{
+		maybe_data = TRUE;
+	}
+
+	if (len == 20) {
+		if (tvb_get_letohl(tvb, 8) != 0) { /* remaining */
+			maybe_data = FALSE;
+		}
+		if (tvb_get_letohl(tvb, 12) != 0) { /* data offset */
+			maybe_data = FALSE;
+		}
+		if (tvb_get_letohl(tvb, 16) != 0) { /* data length */
+			maybe_data = FALSE;
+		}
+
+		if (maybe_neg_req && !maybe_data) {
+			/* Negotiate Request */
+			return SMB_DIRECT_HDR_NEG_REQ;
+		}
+		/* maybe_neg_req = FALSE; */
+		if (maybe_data) {
+			/* Data Message */
+			return SMB_DIRECT_HDR_DATA;
+		}
+	}
+
+	if (len <= 24) {
+		return SMB_DIRECT_HDR_UNKNOWN;
+	}
+
+	if (tvb_get_letohl(tvb, 12) != 24) { /* data offset */
+		return SMB_DIRECT_HDR_UNKNOWN;
+	}
+
+	if (tvb_get_letohl(tvb, 16) == 0) {  /* data length */
+		return SMB_DIRECT_HDR_UNKNOWN;
+	}
+
+	if (tvb_get_letohl(tvb, 20) != 0) { /* padding */
+		return SMB_DIRECT_HDR_UNKNOWN;
+	}
+
+	if (maybe_data) {
+		/* Data Message */
+		return SMB_DIRECT_HDR_DATA;
+	}
+
+	return SMB_DIRECT_HDR_UNKNOWN;
+}
+
+static gboolean
+dissect_smb_direct_iwarp_heur(tvbuff_t *tvb, packet_info *pinfo,
+			      proto_tree *parent_tree, void *data _U_)
+{
+	enum SMB_DIRECT_HDR_TYPE hdr_type;
+
+	hdr_type = is_smb_direct(tvb, pinfo);
+	if (hdr_type == SMB_DIRECT_HDR_UNKNOWN) {
+		return FALSE;
+	}
+
+	dissect_smb_direct(tvb, pinfo, parent_tree, hdr_type);
+	return TRUE;
+}
+
+void proto_register_smb_direct(void)
+{
+	static gint *ett[] = {
+		&ett_smb_direct,
+		&ett_smb_direct_hdr,
+		&ett_smb_direct_flags,
+	};
+
+	static hf_register_info hf[] = {
+	{ &hf_smb_direct_negotiate_request,
+		{ "NegotiateRequest", "smb_direct.negotiate_request",
+		FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }},
+
+	{ &hf_smb_direct_negotiate_response,
+		{ "NegotiateResponse", "smb_direct.negotiate_response",
+		FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }},
+
+	{ &hf_smb_direct_data_message,
+		{ "DataMessage", "smb_direct.data_message",
+		FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }},
+
+	{ &hf_smb_direct_min_version,
+		{ "MinVersion", "smb_direct.version.min",
+		FT_UINT16, BASE_HEX, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_max_version,
+		{ "MaxVersion", "smb_direct.version.max",
+		FT_UINT16, BASE_HEX, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_negotiated_version,
+		{ "NegotiatedVersion", "smb_direct.version.negotiated",
+		FT_UINT16, BASE_HEX, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_credits_requested,
+		{ "CreditsRequested", "smb_direct.credits.requested",
+		FT_UINT16, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_credits_granted,
+		{ "CreditsGranted", "smb_direct.credits.granted",
+		FT_UINT16, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_status,
+		{ "Status", "smb_direct.status",
+		FT_UINT32, BASE_HEX, VALS(NT_errors), 0,
+		"NT Status code", HFILL }},
+
+	{ &hf_smb_direct_max_read_write_size,
+		{ "MaxReadWriteSize", "smb_direct.max_read_write_size",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_preferred_send_size,
+		{ "PreferredSendSize", "smb_direct.preferred_send_size",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_max_receive_size,
+		{ "MaxReceiveSize", "smb_direct.max_receive_size",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_max_fragmented_size,
+		{ "MaxFragmentedSize", "smb_direct.max_fragmented_size",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_flags,
+		{ "Flags", "smb_direct.flags",
+		FT_UINT16, BASE_HEX, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_flags_response_requested,
+		{ "ResponseRequested", "smb_direct.flags.response_requested",
+		FT_BOOLEAN, 16, NULL, SMB_DIRECT_RESPONSE_REQUESTED,
+		NULL, HFILL }},
+
+	{ &hf_smb_direct_remaining_length,
+		{ "RemainingLength", "smb_direct.remaining_length",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_data_offset,
+		{ "DataOffset", "smb_direct.data_offset",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	{ &hf_smb_direct_data_length,
+		{ "DataLength", "smb_direct.data_length",
+		FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
+
+	};
+
+	proto_smb_direct = proto_register_protocol("SMB-Direct (SMB RDMA Transport)",
+						   "SMBDirect", "smb_direct");
+	proto_register_subtree_array(ett, array_length(ett));
+	proto_register_field_array(proto_smb_direct, hf, array_length(hf));
+
+	register_heur_dissector_list("smb_direct",
+				     &smb_direct_heur_subdissector_list);
+}
+
+void
+proto_reg_handoff_smb_direct(void)
+{
+	data_handle = find_dissector("data");
+	heur_dissector_add("iwarp_ddp_rdmap",
+			   dissect_smb_direct_iwarp_heur,
+			   proto_smb_direct);
+}
+
+/*
+ * Editor modelines  -  http://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 8
+ * tab-width: 8
+ * indent-tabs-mode: t
+ * End:
+ *
+ * vi: set shiftwidth=8 tabstop=8 noexpandtab:
+ * :indentSize=8:tabSize=8:noTabs=false:
+ */
author	Stefan Metzmacher <metze@samba.org>	2012-09-19 16:21:21 +0200
committer	Evan Huus <eapache@gmail.com>	2014-02-25 21:58:26 +0000
commit	8fe9187b98d159ed15961f57070675fcd9d53dda (patch)
tree	adfd76dae0fc17bd79c182a0b613e95f0e36d503 /epan/dissectors/packet-smb-direct.c
parent	621a9c50239e0d7c187c758f2ef4ba8f075dc8cb (diff)