diff options
author | Anders Broman <anders.broman@ericsson.com> | 2005-11-16 07:13:12 +0000 |
---|---|---|
committer | Anders Broman <anders.broman@ericsson.com> | 2005-11-16 07:13:12 +0000 |
commit | c33182b8982742ece2bbfa298977a5aa09f48377 (patch) | |
tree | 0c7664cef1a075c4ecb3ad5ddc8d364055957829 /asn1 | |
parent | 893ad69c74f54fc9bb7ac7b7ffc3c0e28bd4d418 (diff) |
From Graeme Lunt:
Here are a number of small patches for asn1 based dissectors:
acse:
release request/response column information (many X.400/X.500 unbinds are
empty)
"standardised" PNAME to "ISO 8650-1 OSI Association Control Service"
fix for crash when using EXTERNAL dissector
rtse:
column information when attempting a resume
x509if:
generation of LDAP-style DNs from RDNSequences
new function x509if_get_last_dn() to get the last DN generated.
x509af:
DSS parameters
certificate extension naming
subject naming of certificate
x509sat:
Guide syntax (as SET now supported)
PDU exports.
cms:
verification of message digest attribute (SHA-1 and MD5)
ess:
enumerated/restrictive/permissive/informative security categories
x411:
generation of string encoding of X.400 addresses, trace information and message identifiers.
s4406:
separate types for primary and copy precedence to allow better filtering (e.g. primary precedence = flash)
priority-level-qualifier
svn path=/trunk/; revision=16508
Diffstat (limited to 'asn1')
32 files changed, 808 insertions, 67 deletions
diff --git a/asn1/acse/Makefile.nmake b/asn1/acse/Makefile.nmake index 72b766eeba..9c5b15df58 100644 --- a/asn1/acse/Makefile.nmake +++ b/asn1/acse/Makefile.nmake @@ -37,6 +37,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/acse/acse.cnf b/asn1/acse/acse.cnf index 5a72fa3690..b22d1c6e6a 100644 --- a/asn1/acse/acse.cnf +++ b/asn1/acse/acse.cnf @@ -102,4 +102,30 @@ ACRQ-apdu/aSO-context-name aCRQ_aSO_context_name #.FN_BODY EXTERNAL/encoding/single-ASN1-type offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, top_tree ? top_tree : tree); +#.FN_PARS Release-request-reason + VAL_PTR=&reason + +#.FN_BODY Release-request-reason + int reason = -1; + + %(DEFAULT_BODY)s + + if((reason != -1) && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, "Release-Request (%%s)", val_to_str(reason, acse_Release_request_reason_vals, "reason(%%d)")); + + +#.FN_PARS Release-response-reason + VAL_PTR=&reason + +#.FN_BODY Release-response-reason + int reason = -1; + + %(DEFAULT_BODY)s + + if((reason != -1) && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, "Release-Response (%%s)", val_to_str(reason, acse_Release_request_reason_vals, "reason(%%d)")); + + + + #.END diff --git a/asn1/acse/packet-acse-template.c b/asn1/acse/packet-acse-template.c index 0e32bcaa57..7218dff4c2 100644 --- a/asn1/acse/packet-acse-template.c +++ b/asn1/acse/packet-acse-template.c @@ -52,7 +52,7 @@ #include "packet-pres.h" #include "packet-x509if.h" -#define PNAME "ACSE" +#define PNAME "ISO 8650-1 OSI Association Control Service" #define PSNAME "ACSE" #define PFNAME "acse" @@ -154,8 +154,6 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) proto_tree *tree=NULL; char *oid; - /* save parent_tree so subdissectors can create new top nodes */ - top_tree=parent_tree; /* first, try to check length */ /* do we have at least 2 bytes */ @@ -181,6 +179,9 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) } } } + /* save parent_tree so subdissectors can create new top nodes */ + top_tree=parent_tree; + /* ACSE has only AARQ,AARE,RLRQ,RLRE,ABRT type of pdu */ /* reject everything else */ /* data pdu is not ACSE pdu and has to go directly to app dissector */ @@ -205,8 +206,10 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) proto_tree_add_text(parent_tree, tvb, offset, -1, "dissector is not available"); } + top_tree = NULL; return; default: + top_tree = NULL; return; } @@ -232,7 +235,8 @@ dissect_acse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) break; } } - + +top_tree = NULL; } /*--- proto_register_acse ----------------------------------------------*/ diff --git a/asn1/cms/Makefile.nmake b/asn1/cms/Makefile.nmake index 21948a74a3..4bbaef8195 100644 --- a/asn1/cms/Makefile.nmake +++ b/asn1/cms/Makefile.nmake @@ -37,6 +37,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/cms/cms.cnf b/asn1/cms/cms.cnf index 2c09a38d58..95e29b91c1 100644 --- a/asn1/cms/cms.cnf +++ b/asn1/cms/cms.cnf @@ -46,6 +46,13 @@ Countersignature B "1.2.840.113549.1.9.6" "id-counterSignature" #.FIELD_RENAME SignerInfo/signature signatureValue RecipientEncryptedKey/rid rekRid +EncryptedContentInfo/contentType encryptedContentType + +#.FN_BODY ContentInfo + top_tree = tree; + %(DEFAULT_BODY)s + content_tvb = NULL; + top_tree = NULL; #.FN_BODY ContentInfo/contentType offset = dissect_ber_object_identifier_str(FALSE, pinfo, tree, tvb, offset, @@ -64,13 +71,16 @@ RecipientEncryptedKey/rid rekRid gint32 tag; guint32 len; int pdu_offset = offset; + int content_offset; /* XXX Do we care about printing out the octet string? */ - offset = dissect_cms_OCTET_STRING(FALSE, tvb, offset, pinfo, tree, hf_cms_eContent); + offset = dissect_cms_OCTET_STRING(FALSE, tvb, offset, pinfo, NULL, hf_cms_eContent); pdu_offset = get_ber_identifier(tvb, pdu_offset, &class, &pc, &tag); - pdu_offset = get_ber_length(tree, tvb, pdu_offset, &len, &ind); - pdu_offset = call_ber_oid_callback(object_identifier_id, tvb, pdu_offset, pinfo, tree); + content_offset = pdu_offset = get_ber_length(tree, tvb, pdu_offset, &len, &ind); + pdu_offset = call_ber_oid_callback(object_identifier_id, tvb, pdu_offset, pinfo, top_tree ? top_tree : tree); + + content_tvb = tvb_new_subset(tvb, content_offset, len, -1); #.FN_PARS OtherKeyAttribute/keyAttrId FN_VARIANT = _str HF_INDEX = hf_cms_ci_contentType VAL_PTR = &object_identifier_id @@ -78,13 +88,39 @@ RecipientEncryptedKey/rid rekRid #.FN_BODY OtherKeyAttribute/keyAttr offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); + #.FN_PARS Attribute/attrType FN_VARIANT = _str HF_INDEX = hf_cms_attrType VAL_PTR = &object_identifier_id +#.FN_BODY Attribute/attrType + char *name = NULL; + + %(DEFAULT_BODY)s + + if(object_identifier_id) { + name = get_ber_oid_name(object_identifier_id); + proto_item_append_text(tree, " (%%s)", name ? name : object_identifier_id); + } + #.FN_BODY AttributeValue offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); +#.FN_BODY MessageDigest + proto_item *pi; + int old_offset = offset; + + %(DEFAULT_BODY)s + + pi = get_ber_last_created_item(); + + /* move past TLV */ + old_offset = get_ber_identifier(tvb, old_offset, NULL, NULL, NULL); + old_offset = get_ber_length(tree, tvb, old_offset, NULL, NULL); + + if(content_tvb) + cms_verify_msg_digest(pi, content_tvb, x509af_get_last_algorithm_id(), tvb, old_offset); + #.END diff --git a/asn1/cms/packet-cms-template.c b/asn1/cms/packet-cms-template.c index c52c79da72..48115551a1 100644 --- a/asn1/cms/packet-cms-template.c +++ b/asn1/cms/packet-cms-template.c @@ -39,6 +39,9 @@ #include "packet-x509af.h" #include "packet-x509if.h" +#include <epan/sha1.h> +#include <epan/crypt-md5.h> + #define PNAME "Cryptographic Message Syntax" #define PSNAME "CMS" #define PFNAME "cms" @@ -55,9 +58,80 @@ static int dissect_cms_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb, in static const char *object_identifier_id; +static tvbuff_t *content_tvb = NULL; -#include "packet-cms-fn.c" +static proto_tree *top_tree=NULL; + +#define HASH_SHA1 "1.3.14.3.2.26" +#define SHA1_BUFFER_SIZE 20 + +#define HASH_MD5 "1.2.840.113549.2.5" +#define MD5_BUFFER_SIZE 16 + + +/* SHA-2 variants */ +#define HASH_SHA224 "2.16.840.1.101.3.4.2.4" +#define SHA224_BUFFER_SIZE 32 /* actually 28 */ +#define HASH_SHA256 "2.16.840.1.101.3.4.2.1" +#define SHA256_BUFFER_SIZE 32 + +unsigned char digest_buf[MAX(SHA1_BUFFER_SIZE, MD5_BUFFER_SIZE)]; + +static void +cms_verify_msg_digest(proto_item *pi, tvbuff_t *content, char *alg, tvbuff_t *tvb, int offset) +{ + sha1_context sha1_ctx; + md5_state_t md5_ctx; + int i= 0, buffer_size = 0; + + /* we only support two algorithms at the moment - if we do add SHA2 + we should add a registration process to use a registration process */ + + if(strcmp(alg, HASH_SHA1) == 0) { + + sha1_starts(&sha1_ctx); + + sha1_update(&sha1_ctx, + (guint8*)tvb_get_ptr(content, 0, tvb_length(content)), + tvb_length(content)); + sha1_finish(&sha1_ctx, digest_buf); + + buffer_size = SHA1_BUFFER_SIZE; + + } else if(strcmp(alg, HASH_MD5) == 0) { + + md5_init(&md5_ctx); + + md5_append(&md5_ctx, + (const guint8*) tvb_get_ptr(content, 0, tvb_length(content)), + tvb_length(content)); + + md5_finish(&md5_ctx, digest_buf); + + buffer_size = MD5_BUFFER_SIZE; + } + + if(buffer_size) { + /* compare our computed hash with what we have received */ + + if(tvb_bytes_exist(tvb, offset, buffer_size) && + (memcmp(tvb_get_ptr(tvb, offset, buffer_size), digest_buf, buffer_size) != 0)) { + proto_item_append_text(pi, " [incorrect, should be "); + for(i = 0; i < buffer_size; i++) + proto_item_append_text(pi, "%02X", digest_buf[i]); + + proto_item_append_text(pi, "]"); + } + else + proto_item_append_text(pi, " [correct]"); + } else { + proto_item_append_text(pi, " [unable to verify]"); + } + +} + +#include "packet-cms-fn.c" /*--- proto_register_cms ----------------------------------------------*/ void proto_register_cms(void) { diff --git a/asn1/ess/ExtendedSecurityServices.asn b/asn1/ess/ExtendedSecurityServices.asn index 69b2979c6d..06a0eeb192 100644 --- a/asn1/ess/ExtendedSecurityServices.asn +++ b/asn1/ess/ExtendedSecurityServices.asn @@ -191,6 +191,35 @@ SecurityCategory ::= SEQUENCE { --VALUE NOTATION ::= value (VALUE OBJECT IDENTIFIER) --END +-- this is a commonly used definition of security categories + +RestrictiveTag ::= SEQUENCE { + tagName OBJECT IDENTIFIER, + attributeFlags BIT STRING +} + +EnumeratedTag ::= SEQUENCE { + tagName OBJECT IDENTIFIER, + attributeList SET OF SecurityAttribute +} + +PermissiveTag ::= SEQUENCE { + tagName OBJECT IDENTIFIER, + attributeFlags BIT STRING +} + +SecurityAttribute ::= INTEGER + +InformativeTag ::= SEQUENCE { + tagName OBJECT IDENTIFIER, + attributes FreeFormField +} + +FreeFormField ::= CHOICE { + bitSetAttributes BIT STRING, + securityAttributes SET OF SecurityAttribute +} + -- Section 3.4 diff --git a/asn1/ess/Makefile.nmake b/asn1/ess/Makefile.nmake index 3fd2af8b37..acc6e626bf 100644 --- a/asn1/ess/Makefile.nmake +++ b/asn1/ess/Makefile.nmake @@ -43,6 +43,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/ess/ess.cnf b/asn1/ess/ess.cnf index 10c2caa3ae..e788eced90 100644 --- a/asn1/ess/ess.cnf +++ b/asn1/ess/ess.cnf @@ -28,6 +28,11 @@ EquivalentLabels B "1.2.840.113549.1.9.16.2.9" "id-aa-equivalentLabels" MLExpansionHistory B "1.2.840.113549.1.9.16.2.3" "id-aa-mlExpandHistory" SigningCertificate B "1.2.840.113549.1.9.16.2.12" "id-aa-signingCertificate" +RestrictiveTag B "2.16.840.1.101.2.1.8.3.0" "id-restrictiveAttributes" +EnumeratedTag B "2.16.840.1.101.2.1.8.3.1" "id-enumeratedPermissiveAttributes" +PermissiveTag B "2.16.840.1.101.2.1.8.3.2" "id-restrictiveAttributes" +InformativeTag B "2.16.840.1.101.2.1.8.3.3" "id-informativeAttributes" +EnumeratedTag B "2.16.840.1.101.2.1.8.3.4" "id-enumeratedRestrictiveAttributes" #.NO_EMIT diff --git a/asn1/rtse/Makefile.nmake b/asn1/rtse/Makefile.nmake index 91bb36c1f9..740198a277 100644 --- a/asn1/rtse/Makefile.nmake +++ b/asn1/rtse/Makefile.nmake @@ -37,6 +37,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/rtse/packet-rtse-template.c b/asn1/rtse/packet-rtse-template.c index dbf689682e..27c2b9f6cb 100644 --- a/asn1/rtse/packet-rtse-template.c +++ b/asn1/rtse/packet-rtse-template.c @@ -50,6 +50,7 @@ int proto_rtse = -1; static struct SESSION_DATA_STRUCTURE* session = NULL; static char object_identifier_id[MAX_OID_STR_LEN]; +static gboolean open_request=FALSE; /* indirect_reference, used to pick up the signalling so we know what kind of data is transferred in SES_DATA_TRANSFER_PDUs */ static guint32 indir_ref=0; diff --git a/asn1/rtse/rtse.cnf b/asn1/rtse/rtse.cnf index 37519bc9f0..8ba90ffed0 100644 --- a/asn1/rtse/rtse.cnf +++ b/asn1/rtse/rtse.cnf @@ -38,19 +38,16 @@ EXTERNAL if((session = (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data)) != NULL) session->ros_op = (ROS_OP_BIND | ROS_OP_ARGUMENT); - - offset = dissect_ber_set(implicit_tag, pinfo, tree, tvb, offset, - RTORQapdu_set, hf_index, ett_rtse_RTORQapdu); - + open_request=TRUE; + %(DEFAULT_BODY)s + open_request=FALSE; #.FN_BODY RTOACapdu if((session = (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data)) != NULL) session->ros_op = (ROS_OP_BIND | ROS_OP_RESULT); - offset = dissect_ber_set(implicit_tag, pinfo, tree, tvb, offset, - RTOACapdu_set, hf_index, ett_rtse_RTOACapdu); - + %(DEFAULT_BODY)s #.FN_BODY T_open @@ -135,4 +132,33 @@ EXTERNAL offset = dissect_ber_integer(TRUE, pinfo, tree, tvb, offset, hf_index, &app_proto); +#.FN_BODY SessionConnectionIdentifier + if(open_request && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, "Recover"); + %(DEFAULT_BODY)s + +#.FN_PARS T61String + VAL_PTR=&string +#.FN_BODY T61String + tvbuff_t *string = NULL; + %(DEFAULT_BODY)s + if(open_request && string && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " %%s", tvb_format_text(string, 0, tvb_length(string))); + +#.FN_PARS CommonReference + VAL_PTR=&string +#.FN_BODY CommonReference + tvbuff_t *string = NULL; + %(DEFAULT_BODY)s + if(open_request && string && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " %%s", tvb_format_text(string, 0, tvb_length(string))); + +#.FN_PARS OCTET_STRING + VAL_PTR=&string +#.FN_BODY OCTET_STRING + tvbuff_t *string = NULL; + %(DEFAULT_BODY)s + if(open_request && string && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " %%s", tvb_format_text(string, 0, tvb_length(string))); + #.END diff --git a/asn1/s4406/Makefile.nmake b/asn1/s4406/Makefile.nmake index e7a8714826..bc53951d7b 100644 --- a/asn1/s4406/Makefile.nmake +++ b/asn1/s4406/Makefile.nmake @@ -37,6 +37,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/s4406/s4406.asn b/asn1/s4406/s4406.asn index c1f8773d2a..f9251dba39 100644 --- a/asn1/s4406/s4406.asn +++ b/asn1/s4406/s4406.asn @@ -130,7 +130,7 @@ OriginatorReference ::= MilitaryString -- VALUE MMHSPrecedence -- ::= id-nato-mmhs-mm-primary-precedence -MMHSPrecedence ::= INTEGER {deferred (0), routine (1), priority (2), immediate (3), +PrimaryPrecedence ::= INTEGER {deferred (0), routine (1), priority (2), immediate (3), flash (4), override (5), -- these are used by some National systems XXX need to verify ecp(16), critic(17), override(18)} @@ -145,6 +145,13 @@ MMHSPrecedence ::= INTEGER {deferred (0), routine (1), priority (2), immediate ( -- VALUE MMHSPrecedence -- ::= id-nato-mmhs-mm-copy-precedence +-- we have expanded MMHSPrecedence to PrimaryPrecedence and CopyPrecedence to +-- all rules to be written to highlight high priority messages. +CopyPrecedence ::= INTEGER {deferred (0), routine (1), priority (2), immediate (3), + flash (4), override (5), +-- these are used by some National systems XXX need to verify + ecp(16), critic(17), override(18)} + -- Note: Values 0 to 15 are reserved for NATO defined precedence levels. -- Values 16 to 31 are reserved for national user. @@ -200,13 +207,19 @@ OtherRecipientDesignator ::= SET { -- ::= id-nato-mmhs-mm-pilot-forwarding-info PilotInformation ::= SEQUENCE { - pilotPrecedence [0] MMHSPrecedence OPTIONAL, + pilotPrecedence [0] PilotPrecedence OPTIONAL, -- Note: Values 0 to 15 are reserved for NATO defined precedence levels. -- Values 16 to 31 are reserved for national use. pilotRecipient [1] SEQUENCE OF ORDescriptor OPTIONAL, pilotSecurity [2] --Message--SecurityLabel OPTIONAL, pilotHandling [3] SEQUENCE OF MilitaryString OPTIONAL} +PilotPrecedence ::= INTEGER {deferred (0), routine (1), priority (2), immediate (3), + flash (4), override (5), +-- these are used by some National systems XXX need to verify + ecp(16), critic(17), override(18)} + + -- Acp127 message identifier -- a string to store routing indicator, station serial number and julian file @@ -261,4 +274,8 @@ BodyPartSequenceNumber ::= INTEGER -- Annex B for instruction on the use of its replacement, the -- ESSSecurityLabel. +PriorityLevelQualifier ::= ENUMERATED { + low(0), + high(1) } + END -- of Military heading extensions used in MMS diff --git a/asn1/s4406/s4406.cnf b/asn1/s4406/s4406.cnf index 5d123aa9c5..f5850b38bc 100644 --- a/asn1/s4406/s4406.cnf +++ b/asn1/s4406/s4406.cnf @@ -15,7 +15,8 @@ MessageType/type message_type_type OtherRecipientDesignator/type other_recipient_type #.PDU -MMHSPrecedence +PrimaryPrecedence +CopyPrecedence MessageType AddressListDesignator ExemptedAddress @@ -32,8 +33,8 @@ OriginatorPlad SecurityInformationLabels #.REGISTER -MMHSPrecedence B "1.3.26.0.4406.0.2.0" "primary-precedence" -MMHSPrecedence B "1.3.26.0.4406.0.2.1" "copy-precedence" +PrimaryPrecedence B "1.3.26.0.4406.0.2.0" "primary-precedence" +CopyPrecedence B "1.3.26.0.4406.0.2.1" "copy-precedence" MessageType B "1.3.26.0.4406.0.2.2" "message-type" AddressListDesignator B "1.3.26.0.4406.0.2.3" "address-list-indicator" ExemptedAddress B "1.3.26.0.4406.0.2.4" "exempted-address" @@ -49,5 +50,23 @@ Acp127MessageIdentifier B "1.3.26.0.4406.0.2.13" "acp127-message-identifierr" OriginatorPlad B "1.3.26.0.4406.0.2.14" "originator-plad" SecurityInformationLabels B "1.3.26.0.4406.0.2.17" "information-labels" +PriorityLevelQualifier B "1.3.26.0.4406.0.8.0" "priority-level-qualifier" + #.FN_BODY T_dist_value /* XXX: not implemented */ + +#.FN_PARS PrimaryPrecedence + VAL_PTR=&precedence +#.FN_BODY PrimaryPrecedence + int precedence = -1; + %(DEFAULT_BODY)s + if((precedence != -1) && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " (primary=%%s)", val_to_str(precedence, s4406_PrimaryPrecedence_vals, "precedence(%%d)")); + +#.FN_PARS CopyPrecedence + VAL_PTR=&precedence +#.FN_BODY CopyPrecedence + int precedence = -1; + %(DEFAULT_BODY)s + if((precedence != -1) && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " (copy=%%s)", val_to_str(precedence, s4406_CopyPrecedence_vals, "precedence(%%d)")); diff --git a/asn1/x411/Makefile.nmake b/asn1/x411/Makefile.nmake index 4686fd8f5a..0f6db775d6 100644 --- a/asn1/x411/Makefile.nmake +++ b/asn1/x411/Makefile.nmake @@ -37,6 +37,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/x411/packet-x411-template.c b/asn1/x411/packet-x411-template.c index f0c68d266d..58c90a98bf 100644 --- a/asn1/x411/packet-x411-template.c +++ b/asn1/x411/packet-x411-template.c @@ -55,8 +55,14 @@ int proto_x411 = -1; static struct SESSION_DATA_STRUCTURE* session = NULL; -static int extension_id = 0; /* integer extension id */ -static const char *object_identifier_id; /* content type identifier */ +static int extension_id = -1; /* integer extension id */ +static char *object_identifier_id; /* extensions identifier */ +static char *content_type_id; /* content type identifier */ + +#define MAX_ORA_STR_LEN 256 +static char *oraddress = NULL; +static gboolean doing_address=FALSE; +static proto_item *address_item; static proto_tree *top_tree=NULL; diff --git a/asn1/x411/x411.cnf b/asn1/x411/x411.cnf index 72cdef65c7..1b67c0d54d 100644 --- a/asn1/x411/x411.cnf +++ b/asn1/x411/x411.cnf @@ -192,8 +192,16 @@ UniversalOrganizationalUnitNames B "x411.extension-attribute.27" "universal-orga /*XXX not implemented yet */ #.FN_BODY ExtensionValue - - offset=call_x411_oid_callback("x411.extension", tvb, offset, pinfo, tree); + char *name; + + if(extension_id != -1) + offset=call_x411_oid_callback("x411.extension", tvb, offset, pinfo, tree); + else if(object_identifier_id) { + call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); + name = get_ber_oid_name(object_identifier_id); + proto_item_append_text(tree, " (%%s)", name ? name : object_identifier_id); + } + #.FN_BODY CategoryValue @@ -219,9 +227,15 @@ UniversalOrganizationalUnitNames B "x411.extension-attribute.27" "universal-orga offset = get_ber_identifier(tvb, offset, &class, &pc, &tag); offset = get_ber_length(tree, tvb, offset, &len1, &ind_field); } + + if(doing_address) + g_strlcat(oraddress, "/C=", MAX_ORA_STR_LEN); + offset = dissect_ber_choice(pinfo, tree, tvb, offset, CountryName_choice, hf_index, ett_x411_CountryName, NULL); + + #.FN_BODY AdministrationDomainName gint8 class; gboolean pc, ind_field; @@ -236,6 +250,9 @@ UniversalOrganizationalUnitNames B "x411.extension-attribute.27" "universal-orga offset = get_ber_length(tree, tvb, offset, &len1, &ind_field); } + if(doing_address) + g_strlcat(oraddress, "/A=", MAX_ORA_STR_LEN); + offset = dissect_ber_choice(pinfo, tree, tvb, offset, AdministrationDomainName_choice, hf_index, ett_x411_AdministrationDomainName, NULL); @@ -262,9 +279,30 @@ UniversalOrganizationalUnitNames B "x411.extension-attribute.27" "universal-orga #.FN_PARS INTEGER VAL_PTR = &extension_id -#.FN_PARS ExtendedContentType +#.FN_PARS OBJECT_IDENTIFIER FN_VARIANT = _str VAL_PTR = &object_identifier_id +#.FN_BODY OBJECT_IDENTIFIER + + %(DEFAULT_BODY)s + extension_id = -1; + +#.FN_PARS ExtendedContentType + FN_VARIANT = _str VAL_PTR = &content_type_id + +#.FN_BODY ExtendedContentType + char *name = NULL; + + %(DEFAULT_BODY)s + + if(content_type_id) { + name = get_ber_oid_name(content_type_id); + + if(!name) name = content_type_id; + + proto_item_append_text(tree, " (%%s)", name); + } + #.FN_PARS BuiltInContentType VAL_PTR = &ict @@ -289,22 +327,272 @@ UniversalOrganizationalUnitNames B "x411.extension-attribute.27" "universal-orga tvbuff_t *next_tvb; /* we can do this now constructed octet strings are supported */ - offset = dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_index, &next_tvb); + offset = dissect_ber_octet_string(FALSE, pinfo, NULL, tvb, offset, hf_index, &next_tvb); - if (next_tvb) - (void) call_ber_oid_callback(object_identifier_id, next_tvb, 0, pinfo, top_tree ? top_tree : tree); + if (next_tvb && content_type_id) + (void) call_ber_oid_callback(content_type_id, next_tvb, 0, pinfo, top_tree ? top_tree : tree); #.FN_PARS MTAName VAL_PTR = &mtaname #.FN_BODY MTAName - tvbuff_t *mtaname; + tvbuff_t *mtaname = NULL; %(DEFAULT_BODY)s - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr(pinfo->cinfo, COL_INFO, " %%s", tvb_get_string(mtaname, 0, tvb_length(mtaname))); + if(doing_address) { + + proto_item_append_text(address_item, " %%s", tvb_format_text(mtaname, 0, tvb_length(mtaname))); + + } else { + + if (check_col(pinfo->cinfo, COL_INFO) && mtaname) { + col_append_fstr(pinfo->cinfo, COL_INFO, " %%s", tvb_format_text(mtaname, 0, tvb_length(mtaname))); } -#.END + } + +#.FN_PARS X121Address + VAL_PTR=&string + +#.FN_BODY X121Address + tvbuff_t *string = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && string) { + g_strlcat(oraddress, "/X121=", MAX_ORA_STR_LEN); + g_strlcat(oraddress, tvb_format_text(string, 0, tvb_length(string)), MAX_ORA_STR_LEN); + } + + +#.FN_PARS TerminalIdentifier + VAL_PTR=&string + +#.FN_BODY TerminalIdentifier + tvbuff_t *string = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && string) { + g_strlcat(oraddress, "/UA-ID=", MAX_ORA_STR_LEN); + g_strlcat(oraddress, tvb_format_text(string, 0, tvb_length(string)), MAX_ORA_STR_LEN); + } + +#.FN_BODY PrivateDomainName + + if(doing_address) + g_strlcat(oraddress, "/P=", MAX_ORA_STR_LEN); + + %(DEFAULT_BODY)s + +#.FN_BODY PrivateDomainIdentifier + + if(doing_address) + g_strlcat(oraddress, "/P=", MAX_ORA_STR_LEN); + + %(DEFAULT_BODY)s + +#.FN_PARS OrganizationName + VAL_PTR=&string + +#.FN_BODY OrganizationName + tvbuff_t *string = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && string) { + g_strlcat(oraddress, "/O=", MAX_ORA_STR_LEN); + g_strlcat(oraddress, tvb_format_text(string, 0, tvb_length(string)), MAX_ORA_STR_LEN); + } + +#.FN_PARS CommonName + VAL_PTR=&string + +#.FN_BODY CommonName + tvbuff_t *string = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && string) { + g_strlcat(oraddress, "/CN=", MAX_ORA_STR_LEN); + g_strlcat(oraddress, tvb_format_text(string, 0, tvb_length(string)), MAX_ORA_STR_LEN); + } + + + +#.FN_PARS NumericString + VAL_PTR=&nstring + +#.FN_BODY NumericString + tvbuff_t *nstring = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && nstring) + g_strlcat(oraddress, tvb_format_text(nstring, 0, tvb_length(nstring)), MAX_ORA_STR_LEN); + +#.FN_PARS TeletexString + +#.FN_BODY TeletexString + tvbuff_t *tstring = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && tstring) + g_strlcat(oraddress, tvb_format_text(tstring, 0, tvb_length(tstring)), MAX_ORA_STR_LEN); + +#.FN_PARS PrintableString + VAL_PTR=&pstring + +#.FN_BODY PrintableString + tvbuff_t *pstring = NULL; + char *fmt = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && pstring) { + if(hf_index == hf_x411_printable_surname) fmt = "/S="; + else if(hf_index == hf_x411_printable_given_name) fmt = "/G="; + else if(hf_index == hf_x411_printable_initials) fmt = "/I="; + else if(hf_index == hf_x411_printable_generation_qualifier) fmt = "/GQ="; + else if(hf_index == hf_x411_printable_type) fmt = "/DD."; + else if(hf_index == hf_x411_printable_value) fmt = "="; + + if(fmt) + g_strlcat(oraddress, fmt, MAX_ORA_STR_LEN); + + g_strlcat(oraddress, tvb_format_text(pstring, 0, tvb_length(pstring)), MAX_ORA_STR_LEN); + + } + +#.FN_BODY ORAddress + + oraddress = ep_alloc(MAX_ORA_STR_LEN); oraddress[0] = '\0'; + doing_address = TRUE; + address_item = NULL; + + %(DEFAULT_BODY)s + + if(*oraddress && address_item) + proto_item_append_text(address_item, " %%s/", oraddress); + + doing_address = FALSE; + +#.FN_BODY ORName + + oraddress = ep_alloc(MAX_ORA_STR_LEN); oraddress[0] = '\0'; + address_item = NULL; + doing_address = TRUE; + + %(DEFAULT_BODY)s + + if(*oraddress && address_item) + proto_item_append_text(address_item, " (%%s/)", oraddress); + + doing_address = FALSE; + +#.FN_BODY GlobalDomainIdentifier + + oraddress = ep_alloc(MAX_ORA_STR_LEN); oraddress[0] = '\0'; + address_item = tree; + + %(DEFAULT_BODY)s + + if(*oraddress) + proto_item_append_text(address_item, " (%%s/", oraddress); + + +#.FN_PARS LocalIdentifier + VAL_PTR=&id + +#.FN_BODY LocalIdentifier + tvbuff_t *id = NULL; + + %(DEFAULT_BODY)s + + if(doing_address && id) + proto_item_append_text(address_item, " $ %%s)", tvb_format_text(id, 0, tvb_length(id))); + +#.FN_BODY MTSIdentifier + + doing_address = TRUE; + + %(DEFAULT_BODY)s + + doing_address = FALSE; + +#.FN_BODY BuiltInStandardAttributes + + address_item = tree; + + %(DEFAULT_BODY)s + +#.FN_BODY TraceInformationElement + + doing_address = TRUE; + + %(DEFAULT_BODY)s + + doing_address = FALSE; + +#.FN_BODY InternalTraceInformationElement + + doing_address = TRUE; + + %(DEFAULT_BODY)s + + doing_address = FALSE; + + +#.FN_BODY DomainSuppliedInformation + + doing_address = FALSE; + + %(DEFAULT_BODY)s + + doing_address = TRUE; + proto_item_append_text(tree, ")"); + +#.FN_BODY MTASuppliedInformation + + doing_address = FALSE; + + %(DEFAULT_BODY)s + + doing_address = TRUE; + proto_item_append_text(tree, ")"); + +#.FN_PARS Time + VAL_PTR = &arrival + +#.FN_BODY Time + tvbuff_t *arrival = NULL; + + %(DEFAULT_BODY)s + + if(arrival) + proto_item_append_text(address_item, " %%s", tvb_format_text(arrival, 0, tvb_length(arrival))); + +#.FN_PARS RoutingAction + VAL_PTR = &action + +#.FN_BODY RoutingAction + int action = 0; + + %(DEFAULT_BODY)s + + proto_item_append_text(address_item, " %%s", val_to_str(action, x411_RoutingAction_vals, "action(%%d)")); + +#.FN_PARS MTABindError + VAL_PTR=&error + +#.FN_BODY MTABindError + int error = -1; + %(DEFAULT_BODY)s + if((error != -1) && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " (%%s)", val_to_str(error, x411_MTABindError_vals, "error(%%d)")); + + +#.END diff --git a/asn1/x420/x420.cnf b/asn1/x420/x420.cnf index 564089c8a3..1ea117d1dc 100644 --- a/asn1/x420/x420.cnf +++ b/asn1/x420/x420.cnf @@ -62,22 +62,34 @@ IPMAssemblyInstructions B "2.6.1.17.2" "id-mst-assembly-instructions" #.FN_BODY IPM - %(DEFAULT_BODY)s if((hf_index == hf_x420_ipm) && check_col(pinfo->cinfo, COL_INFO)) col_append_fstr(pinfo->cinfo, COL_INFO, " Message"); + %(DEFAULT_BODY)s + #.FN_BODY IPN - %(DEFAULT_BODY)s if((hf_index == hf_x420_ipn) && check_col(pinfo->cinfo, COL_INFO)) col_append_fstr(pinfo->cinfo, COL_INFO, " Notification"); + %(DEFAULT_BODY)s + +#.FN_PARS SubjectField + VAL_PTR=&subject + +#.FN_BODY SubjectField + tvbuff_t *subject=NULL; + + %(DEFAULT_BODY)s + + if(subject && check_col(pinfo->cinfo, COL_INFO)) + col_append_fstr(pinfo->cinfo, COL_INFO, " (%%s)", tvb_format_text(subject, 0, tvb_length(subject))); + + #.FN_BODY Interchange_Data_Element -/*ARGSUSED*/ /* XXX Not implemented yet */ #.FN_BODY NationallyDefinedBodyPart -/*ARGSUSED*/ /* XXX Not implemented yet */ diff --git a/asn1/x509af/AuthenticationFramework.asn b/asn1/x509af/AuthenticationFramework.asn index c51f7f1223..050015e4c6 100644 --- a/asn1/x509af/AuthenticationFramework.asn +++ b/asn1/x509af/AuthenticationFramework.asn @@ -14,7 +14,7 @@ IMPORTS basicAccessControl, certificateExtensions FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 3} - Name, ATTRIBUTE, AttributeType, MATCHING-RULE, Attribute + Name, ATTRIBUTE, AttributeType, MATCHING-RULE, Attribute, RDNSequence FROM InformationFramework informationFramework ub-user-password FROM UpperBounds upperBounds @@ -32,9 +32,9 @@ Certificate ::= SEQUENCE { version [0] Version DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, - issuer Name, + issuer Name, validity Validity, - subject Name, + subject SubjectName, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL, -- if present, version must be v2 or v3 @@ -46,6 +46,11 @@ Certificate ::= SEQUENCE { encrypted BIT STRING } +-- imported to allow labelling +SubjectName ::= CHOICE { + rdnSequence RDNSequence +} + Version ::= INTEGER {v1(0), v2(1), v3(2)} CertificateSerialNumber ::= INTEGER @@ -122,7 +127,7 @@ CertificateList ::= SEQUENCE { version Version OPTIONAL, -- if present, version must be v2 signature AlgorithmIdentifier, - issuer Name, + issuer Name, thisUpdate Time, nextUpdate Time OPTIONAL, revokedCertificates @@ -192,7 +197,7 @@ AttCertValidityPeriod ::= SEQUENCE { AttributeCertificateAssertion ::= SEQUENCE { subject [0] CHOICE {baseCertificateID [0] IssuerSerial, - subjectName [1] Name} OPTIONAL, + subjectName [1] SubjectName} OPTIONAL, issuer [1] Name OPTIONAL, attCertValidity [2] GeneralizedTime OPTIONAL, attType [3] SET OF AttributeType OPTIONAL @@ -264,6 +269,14 @@ id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} --id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} +-- these are sneaked in from DSS - a separate dissector seems OTT + +DSS-Params ::= SEQUENCE { + p INTEGER, + q INTEGER, + g INTEGER +} + END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/asn1/x509af/Makefile.nmake b/asn1/x509af/Makefile.nmake index b88a7c8596..1e14d4f63d 100644 --- a/asn1/x509af/Makefile.nmake +++ b/asn1/x509af/Makefile.nmake @@ -37,5 +37,5 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/x509af/packet-x509af-template.c b/asn1/x509af/packet-x509af-template.c index 393a052eea..c289bda7da 100644 --- a/asn1/x509af/packet-x509af-template.c +++ b/asn1/x509af/packet-x509af-template.c @@ -55,13 +55,14 @@ static gint ett_pkix_crl = -1; #include "packet-x509af-ett.c" static const char *algorithm_id; - - static const char *extension_id; - #include "packet-x509af-fn.c" +char *x509af_get_last_algorithm_id() { + return algorithm_id; +} + static int dissect_pkix_crl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) diff --git a/asn1/x509af/packet-x509af-template.h b/asn1/x509af/packet-x509af-template.h index aee498631c..bd1b0cf86c 100644 --- a/asn1/x509af/packet-x509af-template.h +++ b/asn1/x509af/packet-x509af-template.h @@ -28,5 +28,7 @@ #include "packet-x509af-exp.h" +extern char* x509af_get_last_algorithm_id(); + #endif /* PACKET_X509AF_H */ diff --git a/asn1/x509af/x509af.cnf b/asn1/x509af/x509af.cnf index 4bde694356..182b1a6d48 100644 --- a/asn1/x509af/x509af.cnf +++ b/asn1/x509af/x509af.cnf @@ -47,6 +47,7 @@ CertificatePair B "2.5.4.40" "id-at-crossCertificatePair" AttributeCertificate B "2.5.4.58" "id-at-attributeCertificate" CertificateList B "2.5.4.59" "id-at-attributeCertificateRevocationList" +DSS-Params B "1.2.840.10040.4.1" "id-dsa" #.NO_EMIT #.TYPE_RENAME @@ -69,6 +70,16 @@ CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate #.FN_PARS AlgorithmIdentifier/algorithmId FN_VARIANT = _str HF_INDEX = hf_x509af_algorithm_id VAL_PTR = &algorithm_id +#.FN_BODY AlgorithmIdentifier/algorithmId + char *name; + + %(DEFAULT_BODY)s + + if(algorithm_id) { + name = get_ber_oid_name(algorithm_id); + + proto_item_append_text(tree, " (%%s)", name ? name : algorithm_id); + } #.FN_BODY AlgorithmIdentifier/parameters offset=call_ber_oid_callback(algorithm_id, tvb, offset, pinfo, tree); @@ -76,6 +87,17 @@ CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate #.FN_PARS Extension/extnId FN_VARIANT = _str HF_INDEX = hf_x509af_extension_id VAL_PTR = &extension_id +#.FN_BODY Extension/extnId + char *name; + + %(DEFAULT_BODY)s + + if(extension_id) { + name = get_ber_oid_name(extension_id); + + proto_item_append_text(tree, " (%%s)", name ? name : extension_id); + } + #.FN_BODY Extension/extnValue gint8 class; gboolean pc, ind; @@ -86,3 +108,10 @@ CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate offset = dissect_ber_length(pinfo, tree, tvb, offset, &len, &ind); offset=call_ber_oid_callback(extension_id, tvb, offset, pinfo, tree); +#.FN_BODY SubjectName + + %(DEFAULT_BODY)s + + proto_item_append_text(proto_item_get_parent(tree), " (%%s)", x509if_get_last_dn()); + +#.END diff --git a/asn1/x509if/Makefile.nmake b/asn1/x509if/Makefile.nmake index a2daf38060..2d562986b4 100644 --- a/asn1/x509if/Makefile.nmake +++ b/asn1/x509if/Makefile.nmake @@ -37,5 +37,5 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/x509if/packet-x509if-template.c b/asn1/x509if/packet-x509if-template.c index a53ddcc364..847231eebe 100644 --- a/asn1/x509if/packet-x509if-template.c +++ b/asn1/x509if/packet-x509if-template.c @@ -45,15 +45,32 @@ /* Initialize the protocol and registered fields */ int proto_x509if = -1; static int hf_x509if_object_identifier_id = -1; +static int hf_x509if_any_string = -1; #include "packet-x509if-hf.c" /* Initialize the subtree pointers */ #include "packet-x509if-ett.c" static const char *object_identifier_id; +static proto_tree *top_of_dn = NULL; +static proto_tree *top_of_rdn = NULL; + +static gboolean rdn_one_value = FALSE; /* have we seen one value in an RDN yet */ +static gboolean dn_one_rdn = FALSE; /* have we seen one RDN in a DN yet */ +static gboolean doing_dn = TRUE; + +#define MAX_RDN_STR_LEN 64 +#define MAX_DN_STR_LEN (20 * MAX_RDN_STR_LEN) + +static char *last_dn = NULL; +static char *last_rdn = NULL; #include "packet-x509if-fn.c" +const char * x509if_get_last_dn() +{ + return last_dn; +} /*--- proto_register_x509if ----------------------------------------------*/ void proto_register_x509if(void) { @@ -63,6 +80,9 @@ void proto_register_x509if(void) { { &hf_x509if_object_identifier_id, { "Id", "x509if.id", FT_STRING, BASE_NONE, NULL, 0, "Object identifier Id", HFILL }}, + { &hf_x509if_any_string, + { "AnyString", "x509if.any.String", FT_BYTES, BASE_HEX, + NULL, 0, "This is any String", HFILL }}, #include "packet-x509if-hfarr.c" }; @@ -84,5 +104,6 @@ void proto_register_x509if(void) { /*--- proto_reg_handoff_x509if -------------------------------------------*/ void proto_reg_handoff_x509if(void) { + } diff --git a/asn1/x509if/packet-x509if-template.h b/asn1/x509if/packet-x509if-template.h index 1326b15a40..d1614911df 100644 --- a/asn1/x509if/packet-x509if-template.h +++ b/asn1/x509if/packet-x509if-template.h @@ -28,5 +28,7 @@ #include "packet-x509if-exp.h" +extern const char * x509if_get_last_dn(); + #endif /* PACKET_X509IF_H */ diff --git a/asn1/x509if/x509if-exp.cnf b/asn1/x509if/x509if-exp.cnf index ff9802e1d5..bc2429db1f 100644 --- a/asn1/x509if/x509if-exp.cnf +++ b/asn1/x509if/x509if-exp.cnf @@ -1,4 +1,5 @@ #.IMPORT_TAG +AttributeValue BER_CLASS_ANY 0 Attribute BER_CLASS_UNI BER_UNI_TAG_SEQUENCE AttributeType BER_CLASS_UNI BER_UNI_TAG_OID Context BER_CLASS_UNI BER_UNI_TAG_SEQUENCE @@ -41,6 +42,7 @@ MRSubstitution BER_CLASS_UNI BER_UNI_TAG_SEQUENCE #.END #.TYPE_ATTR +AttributeValue TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 Attribute TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 AttributeType TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 Context TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0 diff --git a/asn1/x509if/x509if.cnf b/asn1/x509if/x509if.cnf index d59a97022a..63f964bca7 100644 --- a/asn1/x509if/x509if.cnf +++ b/asn1/x509if/x509if.cnf @@ -16,6 +16,7 @@ AttributeType AttributeTypeAndDistinguishedValue AttributeTypeAssertion AttributeUsage +AttributeValue AttributeValueAssertion BaseDistance ChopSpecification @@ -49,6 +50,10 @@ SearchRuleDescription SearchRuleId SubtreeSpecification +#.PDU +DistinguishedName +Name + #.NO_EMIT #.TYPE_RENAME @@ -93,9 +98,48 @@ RequestAttribute/selectedValues/_item ra_selectedValues_item #.FN_PARS AttributeId FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id +#.FN_BODY AttributeId + char *name; + + %(DEFAULT_BODY)s + + if(object_identifier_id) { + /* see if we can find a nice name */ + name = get_ber_oid_name(object_identifier_id); + if(!name) name = object_identifier_id; + + if(doing_dn) { /* append it to the RDN */ + g_strlcat(last_rdn, name, MAX_RDN_STR_LEN); + g_strlcat(last_rdn, "=", MAX_RDN_STR_LEN); + + /* append it to the tree */ + proto_item_append_text(tree, " (%%s=", name); + } + } + #.FN_BODY AttributeValue + int old_offset = offset; + tvbuff_t *out_tvb; + char *value = NULL; + offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); + /* try and dissect as a string */ + dissect_ber_octet_string(FALSE, pinfo, NULL, tvb, old_offset, hf_x509if_any_string, &out_tvb); + + if(out_tvb) { + /* it was a string - format it */ + value = tvb_format_text(out_tvb, 0, tvb_length(out_tvb)); + + if(doing_dn) { + g_strlcat(last_rdn, value, MAX_RDN_STR_LEN); + + /* append it to the tree*/ + proto_item_append_text(tree, "%%s)", value); + } + + } + #.FN_BODY SelectedValues offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); @@ -108,6 +152,69 @@ RequestAttribute/selectedValues/_item ra_selectedValues_item #.FN_BODY ValuesWithContextValue offset=call_ber_oid_callback("unknown", tvb, offset, pinfo, tree); +#.FN_BODY RelativeDistinguishedName + char *temp_dn; + + rdn_one_value = FALSE; + top_of_rdn = tree; + last_rdn = ep_alloc(MAX_DN_STR_LEN); *last_rdn = '\0'; + doing_dn = TRUE; + + %(DEFAULT_BODY)s + + /* we've finished - close the bracket */ + proto_item_append_text(top_of_rdn, " (%%s)", last_rdn); + + /* now append this to the DN */ + if(*last_dn) { + temp_dn = ep_alloc(MAX_DN_STR_LEN); /* is there a better way to use ep_alloc here ? */ + g_snprintf(temp_dn, MAX_DN_STR_LEN, "%%s,%%s", last_rdn, last_dn); + last_dn[0] = '\0'; + g_strlcat(last_dn, temp_dn, MAX_DN_STR_LEN); + } else + g_strlcat(last_dn, last_rdn, MAX_DN_STR_LEN); + + doing_dn = FALSE; + last_rdn = NULL; /* it will get freed when the next packet is dissected */ + +#.FN_BODY RelativeDistinguishedName/_item + + if(!rdn_one_value) { + top_of_rdn = tree; + } else { + + if(doing_dn) + /* this is an additional value - delimit */ + g_strlcat(last_rdn, "+", MAX_RDN_STR_LEN); + } + + %(DEFAULT_BODY)s + + rdn_one_value = TRUE; + +#.FN_BODY RDNSequence + + dn_one_rdn = FALSE; /* reset */ + last_dn = ep_alloc(MAX_RDN_STR_LEN); *last_dn = '\0'; + top_of_dn = NULL; + + %(DEFAULT_BODY)s + + /* we've finished - append the dn */ + proto_item_append_text(top_of_dn, " (%%s)", last_dn); + + +#.FN_BODY RDNSequence/_item + + if(!dn_one_rdn) { + /* this is the first element - record the top */ + top_of_dn = tree; + } + + %(DEFAULT_BODY)s + + dn_one_rdn = TRUE; + #.END diff --git a/asn1/x509sat/Makefile.nmake b/asn1/x509sat/Makefile.nmake index 8b6b884f5f..25d633f0f1 100644 --- a/asn1/x509sat/Makefile.nmake +++ b/asn1/x509sat/Makefile.nmake @@ -37,6 +37,6 @@ fix_eol: generate_dissector del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp copy_files: generate_dissector fix_eol - xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d - xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d + xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y + xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y diff --git a/asn1/x509sat/SelectedAttributeTypes.asn b/asn1/x509sat/SelectedAttributeTypes.asn index aba6a6278d..e4f3fc6474 100644 --- a/asn1/x509sat/SelectedAttributeTypes.asn +++ b/asn1/x509sat/SelectedAttributeTypes.asn @@ -218,11 +218,11 @@ CountryName ::= PrintableString -- ID id-at-searchGuide -- } --- XXX Asn2eth bug it can not handle SET for BER, only for PER --- Guide ::= SET { --- objectClass [0] OBJECT IDENTIFIER OPTIONAL, --- criteria [1] Criteria --- } + +Guide ::= SET { + objectClass [0] OBJECT IDENTIFIER OPTIONAL, + criteria [1] Criteria +} Criteria ::= CHOICE { type [0] CriteriaItem, diff --git a/asn1/x509sat/x509sat.cnf b/asn1/x509sat/x509sat.cnf index 6cf27891cf..c112117295 100644 --- a/asn1/x509sat/x509sat.cnf +++ b/asn1/x509sat/x509sat.cnf @@ -40,6 +40,27 @@ XDayOf ZonalResult ZonalSelect +#.PDU +CaseIgnoreListMatch +CountryName +Criteria +DayTime +DayTimeBand +DestinationIndicator +DirectoryString +EnhancedGuide +FacsimileTelephoneNumber +Guide +InternationalISDNNumber +NameAndOptionalUID +PostalAddress +PreferredDeliveryMethod +PresentationAddress +TelephoneNumber +TelexNumber +UniqueIdentifier +X121Address + #.REGISTER CountryName B "2.5.4.6" "id-at-countryName" DirectoryString B "2.5.4.2" "id-at-knowledgeInformation" |