diff options
-rw-r--r-- | epan/dissectors/Makefile.common | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-classicstun.c | 739 | ||||
-rw-r--r-- | epan/dissectors/packet-rtcp.c | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-rtp.c | 24 | ||||
-rw-r--r-- | epan/dissectors/packet-sip.c | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-stun.c | 1501 | ||||
-rw-r--r-- | epan/dissectors/packet-stun2.c | 1364 | ||||
-rw-r--r-- | epan/dissectors/packet-tftp.c | 2 |
8 files changed, 1817 insertions, 1819 deletions
diff --git a/epan/dissectors/Makefile.common b/epan/dissectors/Makefile.common index 0c4d62fca6..0a8d65fd12 100644 --- a/epan/dissectors/Makefile.common +++ b/epan/dissectors/Makefile.common @@ -288,6 +288,7 @@ DISSECTOR_SRC = \ packet-cisco-oui.c \ packet-cisco-sm.c \ packet-cisco-wids.c \ + packet-classicstun.c \ packet-clearcase.c \ packet-clip.c \ packet-clnp.c \ @@ -829,7 +830,6 @@ DISSECTOR_SRC = \ packet-stat-notify.c \ packet-stat.c \ packet-stun.c \ - packet-stun2.c \ packet-sua.c \ packet-symantec.c \ packet-synergy.c \ diff --git a/epan/dissectors/packet-classicstun.c b/epan/dissectors/packet-classicstun.c new file mode 100644 index 0000000000..8634e0d9b2 --- /dev/null +++ b/epan/dissectors/packet-classicstun.c @@ -0,0 +1,739 @@ +/* packet-classicstun.c + * Routines for Simple Traversal of UDP Through NAT dissection + * Copyright 2003, Shiang-Ming Huang <smhuang@pcs.csie.nctu.edu.tw> + * + * $Id$ + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * Please refer to RFC 3489 for protocol detail. + * (supports extra message attributes described in draft-ietf-behave-rfc3489bis-00) + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <glib.h> + +#include <epan/packet.h> +#include <epan/conversation.h> + +/* Initialize the protocol and registered fields */ +static int proto_classicstun = -1; + +static int hf_classicstun_type = -1; /* CLASSIC-STUN message header */ +static int hf_classicstun_length = -1; +static int hf_classicstun_id = -1; +static int hf_classicstun_att = -1; +static int hf_classicstun_response_in = -1; +static int hf_classicstun_response_to = -1; +static int hf_classicstun_time = -1; + + +static int classicstun_att_type = -1; /* CLASSIC-STUN attribute fields */ +static int classicstun_att_length = -1; +static int classicstun_att_value = -1; +static int classicstun_att_family = -1; +static int classicstun_att_ipv4 = -1; +static int classicstun_att_ipv6 = -1; +static int classicstun_att_port = -1; +static int classicstun_att_change_ip = -1; +static int classicstun_att_change_port = -1; +static int classicstun_att_unknown = -1; +static int classicstun_att_error_class = -1; +static int classicstun_att_error_number = -1; +static int classicstun_att_error_reason = -1; +static int classicstun_att_server_string = -1; +static int classicstun_att_xor_ipv4 = -1; +static int classicstun_att_xor_ipv6 = -1; +static int classicstun_att_xor_port = -1; +static int classicstun_att_lifetime = -1; +static int classicstun_att_magic_cookie = -1; +static int classicstun_att_bandwidth = -1; +static int classicstun_att_data = -1; +static int classicstun_att_connection_request_binding = -1; + +/* Structure containing transaction specific information */ +typedef struct _classicstun_transaction_t { + guint32 req_frame; + guint32 rep_frame; + nstime_t req_time; +} classicstun_transaction_t; + +/* Structure containing conversation specific information */ +typedef struct _classicstun_conv_info_t { + emem_tree_t *pdus; +} classicstun_conv_info_t; + + +/* Message Types */ +#define BINDING_REQUEST 0x0001 +#define BINDING_RESPONSE 0x0101 +#define BINDING_ERROR_RESPONSE 0x0111 +#define SHARED_SECRET_REQUEST 0x0002 +#define SHARED_SECRET_RESPONSE 0x0102 +#define SHARED_SECRET_ERROR_RESPONSE 0x1112 +#define ALLOCATE_REQUEST 0x0003 +#define ALLOCATE_RESPONSE 0x0103 +#define ALLOCATE_ERROR_RESPONSE 0x0113 +#define SEND_REQUEST 0x0004 +#define SEND_RESPONSE 0x0104 +#define SEND_ERROR_RESPONSE 0x0114 +#define DATA_INDICATION 0x0115 +#define SET_ACTIVE_DESTINATION_REQUEST 0x0006 +#define SET_ACTIVE_DESTINATION_RESPONSE 0x0106 +#define SET_ACTIVE_DESTINATION_ERROR_RESPONSE 0x0116 + + +/* Message classes */ +#define CLASS_MASK 0xC110 +#define REQUEST 0x0000 +#define INDICATION 0x0001 +#define RESPONSE 0x0010 +#define ERROR_RESPONSE 0x0011 + +/* Attribute Types */ +#define MAPPED_ADDRESS 0x0001 +#define RESPONSE_ADDRESS 0x0002 +#define CHANGE_REQUEST 0x0003 +#define SOURCE_ADDRESS 0x0004 +#define CHANGED_ADDRESS 0x0005 +#define USERNAME 0x0006 +#define PASSWORD 0x0007 +#define MESSAGE_INTEGRITY 0x0008 +#define ERROR_CODE 0x0009 +#define UNKNOWN_ATTRIBUTES 0x000a +#define REFLECTED_FROM 0x000b +#define LIFETIME 0x000d +#define ALTERNATE_SERVER 0x000e +#define MAGIC_COOKIE 0x000f +#define BANDWIDTH 0x0010 +#define DESTINATION_ADDRESS 0x0011 +#define REMOTE_ADDRESS 0x0012 +#define DATA 0x0013 +#define NONCE 0x0014 +#define REALM 0x0015 +#define REQUESTED_ADDRESS_TYPE 0x0016 +#define XOR_MAPPED_ADDRESS 0x8020 +#define XOR_ONLY 0x0021 +#define SERVER 0x8022 +#define CONNECTION_REQUEST_BINDING 0xc001 +#define BINDING_CHANGE 0xc002 + + + +/* Initialize the subtree pointers */ +static gint ett_classicstun = -1; +static gint ett_classicstun_att_type = -1; +static gint ett_classicstun_att = -1; + + +#define UDP_PORT_STUN 3478 +#define TCP_PORT_STUN 3478 + + +#define CLASSICSTUN_HDR_LEN ((guint)20) /* CLASSIC-STUN message header length */ +#define ATTR_HDR_LEN 4 /* CLASSIC-STUN attribute header length */ + + +static const true_false_string set_flag = { + "SET", + "NOT SET" +}; + +static const value_string messages[] = { + {BINDING_REQUEST, "Binding Request"}, + {BINDING_RESPONSE, "Binding Response"}, + {BINDING_ERROR_RESPONSE, "Binding Error Response"}, + {SHARED_SECRET_REQUEST, "Shared Secret Request"}, + {SHARED_SECRET_RESPONSE, "Shared Secret Response"}, + {SHARED_SECRET_ERROR_RESPONSE, "Shared Secret Error Response"}, + {ALLOCATE_REQUEST, "Allocate Request"}, + {ALLOCATE_RESPONSE, "Allocate Response"}, + {ALLOCATE_ERROR_RESPONSE, "Allocate Error Response"}, + {SEND_REQUEST, "Send Request"}, + {SEND_RESPONSE, "Send Response"}, + {SEND_ERROR_RESPONSE, "Send Error Response"}, + {DATA_INDICATION, "Data Indication"}, + {SET_ACTIVE_DESTINATION_REQUEST, "Set Active Destination Request"}, + {SET_ACTIVE_DESTINATION_RESPONSE, "Set Active Destination Response"}, + {SET_ACTIVE_DESTINATION_ERROR_RESPONSE, "Set Active Destination Error Response"}, + {0x00, NULL} +}; + +static const value_string attributes[] = { + {MAPPED_ADDRESS, "MAPPED-ADDRESS"}, + {RESPONSE_ADDRESS, "RESPONSE-ADDRESS"}, + {CHANGE_REQUEST, "CHANGE-REQUEST"}, + {SOURCE_ADDRESS, "SOURCE-ADDRESS"}, + {CHANGED_ADDRESS, "CHANGED-ADDRESS"}, + {USERNAME, "USERNAME"}, + {PASSWORD, "PASSWORD"}, + {MESSAGE_INTEGRITY, "MESSAGE-INTEGRITY"}, + {ERROR_CODE, "ERROR-CODE"}, + {REFLECTED_FROM, "REFLECTED-FROM"}, + {LIFETIME, "LIFETIME"}, + {ALTERNATE_SERVER, "ALTERNATE_SERVER"}, + {MAGIC_COOKIE, "MAGIC_COOKIE"}, + {BANDWIDTH, "BANDWIDTH"}, + {DESTINATION_ADDRESS, "DESTINATION_ADDRESS"}, + {REMOTE_ADDRESS, "REMOTE_ADDRESS"}, + {DATA, "DATA"}, + {NONCE, "NONCE"}, + {REALM, "REALM"}, + {REQUESTED_ADDRESS_TYPE, "REQUESTED_ADDRESS_TYPE"}, + {XOR_MAPPED_ADDRESS, "XOR_MAPPED_ADDRESS"}, + {XOR_ONLY, "XOR_ONLY"}, + {SERVER, "SERVER"}, + {CONNECTION_REQUEST_BINDING, "CONNECTION-REQUEST-BINDING"}, + {BINDING_CHANGE, "BINDING-CHANGE"}, + {0x00, NULL} +}; + +static const value_string attributes_family[] = { + {0x0001, "IPv4"}, + {0x0002, "IPv6"}, + {0x00, NULL} +}; + +static int +dissect_classicstun(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + + proto_item *ti; + proto_item *ta; + proto_tree *classicstun_tree; + proto_tree *att_type_tree; + proto_tree *att_tree; + guint16 msg_type; + guint16 msg_length; + const char *msg_type_str; + guint16 att_type; + guint16 att_length; + guint16 offset; + guint len; + guint i; + conversation_t *conversation; + classicstun_conv_info_t *classicstun_info; + classicstun_transaction_t * classicstun_trans; + emem_tree_key_t transaction_id_key[2]; + guint32 transaction_id[4]; + + + /* + * First check if the frame is really meant for us. + */ + len = tvb_length(tvb); + /* First, make sure we have enough data to do the check. */ + if (len < CLASSICSTUN_HDR_LEN) + return 0; + + msg_type = tvb_get_ntohs(tvb, 0); + + if (msg_type & 0xC000 || tvb_get_ntohl(tvb, 4) == 0x2112a442) + return 0; + + /* check if message type is correct */ + msg_type_str = match_strval(msg_type, messages); + if (msg_type_str == NULL) + return 0; + + msg_length = tvb_get_ntohs(tvb, 2); + + /* check if payload enough */ + if (len != CLASSICSTUN_HDR_LEN+msg_length) + return 0; + + /* The message seems to be a valid CLASSIC-STUN message! */ + + /* Create the transaction key which may be used + to track the conversation */ + transaction_id[0] = tvb_get_ntohl(tvb, 4); + transaction_id[1] = tvb_get_ntohl(tvb, 8); + transaction_id[2] = tvb_get_ntohl(tvb, 12); + transaction_id[3] = tvb_get_ntohl(tvb, 16); + + transaction_id_key[0].length = 4; + transaction_id_key[0].key = transaction_id; + transaction_id_key[1].length = 0; + transaction_id_key[1].key = NULL; + + /* + * Do we have a conversation for this connection? + */ + conversation = find_conversation(pinfo->fd->num, + &pinfo->src, &pinfo->dst, + pinfo->ptype, + pinfo->srcport, pinfo->destport, 0); + if (conversation == NULL) { + /* We don't yet have a conversation, so create one. */ + conversation = conversation_new(pinfo->fd->num, + &pinfo->src, &pinfo->dst, + pinfo->ptype, + pinfo->srcport, pinfo->destport, 0); + } + /* + * Do we already have a state structure for this conv + */ + classicstun_info = conversation_get_proto_data(conversation, proto_classicstun); + if (!classicstun_info) { + /* No. Attach that information to the conversation, and add + * it to the list of information structures. + */ + classicstun_info = se_alloc(sizeof(classicstun_conv_info_t)); + classicstun_info->pdus=se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "classicstun_pdus"); + conversation_add_proto_data(conversation, proto_classicstun, classicstun_info); + } + + if(!pinfo->fd->flags.visited){ + if (((msg_type & CLASS_MASK) >> 4) == REQUEST) { + /* This is a request */ + classicstun_trans=se_alloc(sizeof(classicstun_transaction_t)); + classicstun_trans->req_frame=pinfo->fd->num; + classicstun_trans->rep_frame=0; + classicstun_trans->req_time=pinfo->fd->abs_ts; + se_tree_insert32_array(classicstun_info->pdus, transaction_id_key, + (void *)classicstun_trans); + } else { + classicstun_trans=se_tree_lookup32_array(classicstun_info->pdus, + transaction_id_key); + if(classicstun_trans){ + classicstun_trans->rep_frame=pinfo->fd->num; + } + } + } else { + classicstun_trans=se_tree_lookup32_array(classicstun_info->pdus, transaction_id_key); + } + if(!classicstun_trans){ + /* create a "fake" pana_trans structure */ + classicstun_trans=ep_alloc(sizeof(classicstun_transaction_t)); + classicstun_trans->req_frame=0; + classicstun_trans->rep_frame=0; + classicstun_trans->req_time=pinfo->fd->abs_ts; + } + + + + col_set_str(pinfo->cinfo, COL_PROTOCOL, "CLASSIC-STUN"); + + if (check_col(pinfo->cinfo, COL_INFO)) { + col_add_fstr(pinfo->cinfo, COL_INFO, "Message: %s", + msg_type_str); + } + + if (tree) { + guint transaction_id_first_word; + + ti = proto_tree_add_item(tree, proto_classicstun, tvb, 0, -1, FALSE); + + classicstun_tree = proto_item_add_subtree(ti, ett_classicstun); + + if (((msg_type & CLASS_MASK) >> 4) == REQUEST) { + if (classicstun_trans->rep_frame) { + proto_item *it; + it=proto_tree_add_uint(classicstun_tree, hf_classicstun_response_in, + tvb, 0, 0, + classicstun_trans->rep_frame); + PROTO_ITEM_SET_GENERATED(it); + } + } + else if ((((msg_type & CLASS_MASK) >> 4) == RESPONSE) || + (((msg_type & CLASS_MASK) >> 4) == ERROR_RESPONSE)) { + /* This is a response */ + if(classicstun_trans->req_frame){ + proto_item *it; + nstime_t ns; + + it=proto_tree_add_uint(classicstun_tree, hf_classicstun_response_to, tvb, 0, 0, classicstun_trans->req_frame); + PROTO_ITEM_SET_GENERATED(it); + + nstime_delta(&ns, &pinfo->fd->abs_ts, &classicstun_trans->req_time); + it=proto_tree_add_time(classicstun_tree, hf_classicstun_time, tvb, 0, 0, &ns); + PROTO_ITEM_SET_GENERATED(it); + } + + } + + proto_tree_add_uint(classicstun_tree, hf_classicstun_type, tvb, 0, 2, msg_type); + proto_tree_add_uint(classicstun_tree, hf_classicstun_length, tvb, 2, 2, msg_length); + proto_tree_add_item(classicstun_tree, hf_classicstun_id, tvb, 4, 16, FALSE); + + /* Remember this (in host order) so we can show clear xor'd addresses */ + transaction_id_first_word = tvb_get_ntohl(tvb, 4); + + if (msg_length > 0) { + ta = proto_tree_add_item(classicstun_tree, hf_classicstun_att, tvb, CLASSICSTUN_HDR_LEN, msg_length, FALSE); + att_type_tree = proto_item_add_subtree(ta, ett_classicstun_att_type); + + offset = CLASSICSTUN_HDR_LEN; + + while( msg_length > 0) { + att_type = tvb_get_ntohs(tvb, offset); /* Type field in attribute header */ + att_length = tvb_get_ntohs(tvb, offset+2); /* Length field in attribute header */ + + ta = proto_tree_add_text(att_type_tree, tvb, offset, + ATTR_HDR_LEN+att_length, + "Attribute: %s", + val_to_str(att_type, attributes, "Unknown (0x%04x)")); + att_tree = proto_item_add_subtree(ta, ett_classicstun_att); + + proto_tree_add_uint(att_tree, classicstun_att_type, tvb, + offset, 2, att_type); + offset += 2; + if (ATTR_HDR_LEN+att_length > msg_length) { + proto_tree_add_uint_format(att_tree, + classicstun_att_length, tvb, offset, 2, + att_length, + "Attribute Length: %u (bogus, goes past the end of the message)", + att_length); + break; + } + proto_tree_add_uint(att_tree, classicstun_att_length, tvb, + offset, 2, att_length); + offset += 2; + switch( att_type ){ + case MAPPED_ADDRESS: + case RESPONSE_ADDRESS: + case SOURCE_ADDRESS: + case CHANGED_ADDRESS: + case REFLECTED_FROM: + case ALTERNATE_SERVER: + case DESTINATION_ADDRESS: + case REMOTE_ADDRESS: + if (att_length < 2) + break; + proto_tree_add_item(att_tree, classicstun_att_family, tvb, offset+1, 1, FALSE); + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_port, tvb, offset+2, 2, FALSE); + switch( tvb_get_guint8(tvb, offset+1) ){ + case 1: + if (att_length < 8) + break; + proto_tree_add_item(att_tree, classicstun_att_ipv4, tvb, offset+4, 4, FALSE); + break; + + case 2: + if (att_length < 20) + break; + proto_tree_add_item(att_tree, classicstun_att_ipv6, tvb, offset+4, 16, FALSE); + break; + } + break; + + case CHANGE_REQUEST: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_change_ip, tvb, offset, 4, FALSE); + proto_tree_add_item(att_tree, classicstun_att_change_port, tvb, offset, 4, FALSE); + break; + + case USERNAME: + case PASSWORD: + case MESSAGE_INTEGRITY: + case NONCE: + case REALM: + if (att_length < 1) + break; + proto_tree_add_item(att_tree, classicstun_att_value, tvb, offset, att_length, FALSE); + break; + + case ERROR_CODE: + if (att_length < 3) + break; + proto_tree_add_item(att_tree, classicstun_att_error_class, tvb, offset+2, 1, FALSE); + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_error_number, tvb, offset+3, 1, FALSE); + if (att_length < 5) + break; + proto_tree_add_item(att_tree, classicstun_att_error_reason, tvb, offset+4, (att_length-4), FALSE); + break; + + case LIFETIME: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_lifetime, tvb, offset, 4, FALSE); + break; + + case MAGIC_COOKIE: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_magic_cookie, tvb, offset, 4, FALSE); + break; + + case BANDWIDTH: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_bandwidth, tvb, offset, 4, FALSE); + break; + + case DATA: + proto_tree_add_item(att_tree, classicstun_att_data, tvb, offset, att_length, FALSE); + break; + + case UNKNOWN_ATTRIBUTES: + for (i = 0; i < att_length; i += 4) { + proto_tree_add_item(att_tree, classicstun_att_unknown, tvb, offset+i, 2, FALSE); + proto_tree_add_item(att_tree, classicstun_att_unknown, tvb, offset+i+2, 2, FALSE); + } + break; + + case SERVER: + proto_tree_add_item(att_tree, classicstun_att_server_string, tvb, offset, att_length, FALSE); + break; + + case XOR_MAPPED_ADDRESS: + if (att_length < 2) + break; + proto_tree_add_item(att_tree, classicstun_att_family, tvb, offset+1, 1, FALSE); + if (att_length < 4) + break; + proto_tree_add_item(att_tree, classicstun_att_xor_port, tvb, offset+2, 2, FALSE); + + /* Show the port 'in the clear' + XOR (host order) transid with (host order) xor-port. + Add host-order port into tree. */ + ti = proto_tree_add_uint(att_tree, classicstun_att_port, tvb, offset+2, 2, + tvb_get_ntohs(tvb, offset+2) ^ + (transaction_id_first_word >> 16)); + PROTO_ITEM_SET_GENERATED(ti); + + if (att_length < 8) + break; + switch( tvb_get_guint8(tvb, offset+1) ){ + case 1: + if (att_length < 8) + break; + proto_tree_add_item(att_tree, classicstun_att_xor_ipv4, tvb, offset+4, 4, FALSE); + + /* Show the address 'in the clear'. + XOR (host order) transid with (host order) xor-address. + Add in network order tree. */ + ti = proto_tree_add_ipv4(att_tree, classicstun_att_ipv4, tvb, offset+4, 4, + g_htonl(tvb_get_ntohl(tvb, offset+4) ^ + transaction_id_first_word)); + PROTO_ITEM_SET_GENERATED(ti); + break; + + case 2: + if (att_length < 20) + break; + proto_tree_add_item(att_tree, classicstun_att_xor_ipv6, tvb, offset+4, 16, FALSE); + break; + } + break; + + case REQUESTED_ADDRESS_TYPE: + if (att_length < 2) + break; + proto_tree_add_item(att_tree, classicstun_att_family, tvb, offset+1, 1, FALSE); + break; + + case CONNECTION_REQUEST_BINDING: + proto_tree_add_item(att_tree, classicstun_att_connection_request_binding, tvb, offset, att_length, FALSE); + break; + + default: + break; + } + offset += att_length; + msg_length -= ATTR_HDR_LEN+att_length; + } + } + } + return tvb_length(tvb); +} + + +static gboolean +dissect_classicstun_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + if (dissect_classicstun(tvb, pinfo, tree) == 0) + return FALSE; + + return TRUE; +} + + + + +void +proto_register_classicstun(void) +{ + static hf_register_info hf[] = { + { &hf_classicstun_type, + { "Message Type", "classicstun.type", FT_UINT16, + BASE_HEX, VALS(messages), 0x0, NULL, HFILL } + }, + { &hf_classicstun_length, + { "Message Length", "classicstun.length", FT_UINT16, + BASE_HEX, NULL, 0x0, NULL, HFILL } + }, + { &hf_classicstun_id, + { "Message Transaction ID", "classicstun.id", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &hf_classicstun_att, + { "Attributes", "classicstun.att", FT_NONE, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &hf_classicstun_response_in, + { "Response In", "classicstun.response_in", + FT_FRAMENUM, BASE_NONE, NULL, 0x0, + "The response to this CLASSICSTUN query is in this frame", HFILL }}, + { &hf_classicstun_response_to, + { "Request In", "classicstun.response_to", + FT_FRAMENUM, BASE_NONE, NULL, 0x0, + "This is a response to the CLASSICSTUN Request in this frame", HFILL }}, + { &hf_classicstun_time, + { "Time", "classicstun.time", + FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0, + "The time between the Request and the Response", HFILL }}, + + /* ////////////////////////////////////// */ + { &classicstun_att_type, + { "Attribute Type", "classicstun.att.type", FT_UINT16, + BASE_HEX, VALS(attributes), 0x0, NULL, HFILL } + }, + { &classicstun_att_length, + { "Attribute Length", "classicstun.att.length", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_value, + { "Value", "classicstun.att.value", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_family, + { "Protocol Family", "classicstun.att.family", FT_UINT16, + BASE_HEX, VALS(attributes_family), 0x0, NULL, HFILL } + }, + { &classicstun_att_ipv4, + { "IP", "classicstun.att.ipv4", FT_IPv4, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_ipv6, + { "IP", "classicstun.att.ipv6", FT_IPv6, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_port, + { "Port", "classicstun.att.port", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_change_ip, + { "Change IP","classicstun.att.change.ip", FT_BOOLEAN, + 16, TFS(&set_flag), 0x0004, NULL, HFILL} + }, + { &classicstun_att_change_port, + { "Change Port","classicstun.att.change.port", FT_BOOLEAN, + 16, TFS(&set_flag), 0x0002, NULL, HFILL} + }, + { &classicstun_att_unknown, + { "Unknown Attribute","classicstun.att.unknown", FT_UINT16, + BASE_HEX, NULL, 0x0, NULL, HFILL} + }, + { &classicstun_att_error_class, + { "Error Class","classicstun.att.error.class", FT_UINT8, + BASE_DEC, NULL, 0x07, NULL, HFILL} + }, + { &classicstun_att_error_number, + { "Error Code","classicstun.att.error", FT_UINT8, + BASE_DEC, NULL, 0x0, NULL, HFILL} + }, + { &classicstun_att_error_reason, + { "Error Reason Phase","classicstun.att.error.reason", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL} + }, + { &classicstun_att_xor_ipv4, + { "IP (XOR-d)", "classicstun.att.ipv4-xord", FT_IPv4, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_xor_ipv6, + { "IP (XOR-d)", "classicstun.att.ipv6-xord", FT_IPv6, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_xor_port, + { "Port (XOR-d)", "classicstun.att.port-xord", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_server_string, + { "Server version","classicstun.att.server", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL} + }, + { &classicstun_att_lifetime, + { "Lifetime", "classicstun.att.lifetime", FT_UINT32, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_magic_cookie, + { "Magic Cookie", "classicstun.att.magic.cookie", FT_UINT32, + BASE_HEX, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_bandwidth, + { "Bandwidth", "classicstun.att.bandwidth", FT_UINT32, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_data, + { "Data", "classicstun.att.data", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &classicstun_att_connection_request_binding, + { "Connection Request Binding", "classicstun.att.connection_request_binding", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + }; + +/* Setup protocol subtree array */ + static gint *ett[] = { + &ett_classicstun, + &ett_classicstun_att_type, + &ett_classicstun_att, + }; + +/* Register the protocol name and description */ + proto_classicstun = proto_register_protocol("Simple Traversal of UDP Through NAT", + "CLASSICSTUN", "classicstun"); + +/* Required function calls to register the header fields and subtrees used */ + proto_register_field_array(proto_classicstun, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + + new_register_dissector("classicstun", dissect_classicstun, proto_classicstun); + new_register_dissector("classicstun-heur", dissect_classicstun_heur, proto_classicstun); +} + + +void +proto_reg_handoff_classicstun(void) +{ +#if 0 /* The stun dissector registers on these ports */ + dissector_handle_t classicstun_handle; + + classicstun_handle = find_dissector("classicstun"); + + dissector_add("tcp.port", TCP_PORT_STUN, classicstun_handle); + dissector_add("udp.port", UDP_PORT_STUN, classicstun_handle); +#endif + heur_dissector_add("udp", dissect_classicstun_heur, proto_classicstun); + heur_dissector_add("tcp", dissect_classicstun_heur, proto_classicstun); +} diff --git a/epan/dissectors/packet-rtcp.c b/epan/dissectors/packet-rtcp.c index 9c02140630..1845114f23 100644 --- a/epan/dissectors/packet-rtcp.c +++ b/epan/dissectors/packet-rtcp.c @@ -4598,5 +4598,5 @@ proto_reg_handoff_rtcp(void) dissector_add_handle("udp.port", rtcp_handle); heur_dissector_add( "udp", dissect_rtcp_heur, proto_rtcp); - heur_dissector_add("stun2", dissect_rtcp_heur, proto_rtcp); + heur_dissector_add("stun", dissect_rtcp_heur, proto_rtcp); } diff --git a/epan/dissectors/packet-rtp.c b/epan/dissectors/packet-rtp.c index 851b592fa9..5208c22859 100644 --- a/epan/dissectors/packet-rtp.c +++ b/epan/dissectors/packet-rtp.c @@ -134,8 +134,8 @@ static const fragment_items rtp_fragment_items = { }; static dissector_handle_t rtp_handle; -static dissector_handle_t stun_handle; -static dissector_handle_t stun_heur_handle; +static dissector_handle_t classicstun_handle; +static dissector_handle_t classicstun_heur_handle; static dissector_handle_t t38_handle; static dissector_handle_t zrtp_handle; @@ -204,12 +204,12 @@ static guint global_pkt_ccc_udp_port = 0; #define RTP0_INVALID 0 -#define RTP0_STUN 1 +#define RTP0_CLASSICSTUN 1 #define RTP0_T38 2 static enum_val_t rtp_version0_types[] = { { "invalid", "Invalid or ZRTP packets", RTP0_INVALID }, - { "stun", "STUN packets", RTP0_STUN }, + { "classicstun", "CLASSIC-STUN packets", RTP0_CLASSICSTUN }, { "t38", "T.38 packets", RTP0_T38 }, { NULL, NULL, 0 } }; @@ -558,8 +558,8 @@ dissect_rtp_heur( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree ) return TRUE; } else { switch (global_rtp_version0_type) { - case RTP0_STUN: - return call_dissector_only(stun_heur_handle, tvb, pinfo, tree); + case RTP0_CLASSICSTUN: + return call_dissector_only(classicstun_heur_handle, tvb, pinfo, tree); case RTP0_T38: /* XXX: Should really be calling a heuristic dissector for T38 ??? */ @@ -1033,8 +1033,8 @@ dissect_rtp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree ) if (version == 0) { switch (global_rtp_version0_type) { - case RTP0_STUN: - call_dissector(stun_handle, tvb, pinfo, tree); + case RTP0_CLASSICSTUN: + call_dissector(classicstun_handle, tvb, pinfo, tree); return; case RTP0_T38: @@ -1996,7 +1996,7 @@ proto_register_rtp(void) prefs_register_enum_preference(rtp_module, "version0_type", "Treat RTP version 0 packets as", "If an RTP version 0 packet is encountered, it can be treated as " - "an invalid or ZRTP packet, a STUN packet, or a T.38 packet", + "an invalid or ZRTP packet, a CLASSIC-STUN packet, or a T.38 packet", &global_rtp_version0_type, rtp_version0_types, FALSE); prefs_register_uint_preference(rtp_module, @@ -2022,11 +2022,11 @@ proto_reg_handoff_rtp(void) dissector_add_handle("udp.port", rtp_handle); /* for 'decode-as' */ dissector_add_string("rtp_dyn_payload_type", "red", rtp_rfc2198_handle); heur_dissector_add( "udp", dissect_rtp_heur, proto_rtp); - heur_dissector_add("stun2", dissect_rtp_heur, proto_rtp); + heur_dissector_add("stun", dissect_rtp_heur, proto_rtp); data_handle = find_dissector("data"); - stun_handle = find_dissector("stun"); - stun_heur_handle = find_dissector("stun-heur"); + classicstun_handle = find_dissector("classicstun"); + classicstun_heur_handle = find_dissector("classicstun-heur"); t38_handle = find_dissector("t38"); zrtp_handle = find_dissector("zrtp"); diff --git a/epan/dissectors/packet-sip.c b/epan/dissectors/packet-sip.c index 110363f3b9..80296faafa 100644 --- a/epan/dissectors/packet-sip.c +++ b/epan/dissectors/packet-sip.c @@ -4740,7 +4740,7 @@ proto_reg_handoff_sip(void) heur_dissector_add("udp", dissect_sip_heur, proto_sip); heur_dissector_add("tcp", dissect_sip_tcp_heur, proto_sip); heur_dissector_add("sctp", dissect_sip_heur, proto_sip); - heur_dissector_add("stun2", dissect_sip_heur, proto_sip); + heur_dissector_add("stun", dissect_sip_heur, proto_sip); sip_prefs_initialized = TRUE; } else { dissector_delete("tcp.port", saved_sip_tcp_port, sip_tcp_handle); diff --git a/epan/dissectors/packet-stun.c b/epan/dissectors/packet-stun.c index 6fea9f229b..6989ca5d3c 100644 --- a/epan/dissectors/packet-stun.c +++ b/epan/dissectors/packet-stun.c @@ -1,29 +1,36 @@ /* packet-stun.c - * Routines for Simple Traversal of UDP Through NAT dissection + * Routines for Session Traversal Utilities for NAT (STUN) dissection * Copyright 2003, Shiang-Ming Huang <smhuang@pcs.csie.nctu.edu.tw> + * Copyright 2006, Marc Petit-Huguenin <marc@petit-huguenin.org> + * Copyright 2007-2008, 8x8 Inc. <petithug@8x8.com> + * Copyright 2008, Gael Breard <gael@breard.org> * * $Id$ * * Wireshark - Network traffic analyzer * By Gerald Combs <gerald@wireshark.org> * Copyright 1998 Gerald Combs - * + * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * - * Please refer to RFC 3489 for protocol detail. - * (supports extra message attributes described in draft-ietf-behave-rfc3489bis-00) + * Please refer to the following specs for protocol detail: + * - draft-ietf-behave-rfc3489bis-17 + * - draft-ietf-mmusic-ice-19 + * - draft-ietf-behave-nat-behavior-discovery-03 + * - draft-ietf-behave-turn-10 + * - draft-ietf-behave-turn-ipv6-03 */ #ifdef HAVE_CONFIG_H @@ -38,41 +45,73 @@ #include <epan/packet.h> #include <epan/conversation.h> +#include <epan/ipproto.h> +#include <packet-tcp.h> +#include <packet-udp.h> + +/* heuristic subdissectors */ +static heur_dissector_list_t heur_subdissector_list; + +/* data dissector handle */ +static dissector_handle_t data_handle; /* Initialize the protocol and registered fields */ static int proto_stun = -1; -static int hf_stun_type = -1; /* STUN message header */ +static int hf_stun_channel = -1; + +static int hf_stun_type = -1; +static int hf_stun_type_class = -1; +static int hf_stun_type_method = -1; +static int hf_stun_type_method_assignment = -1; static int hf_stun_length = -1; +static int hf_stun_cookie = -1; static int hf_stun_id = -1; -static int hf_stun_att = -1; +static int hf_stun_attributes = -1; static int hf_stun_response_in = -1; static int hf_stun_response_to = -1; static int hf_stun_time = -1; - +static int hf_stun_duplicate = -1; +static int hf_stun_attr = -1; static int stun_att_type = -1; /* STUN attribute fields */ static int stun_att_length = -1; -static int stun_att_value = -1; static int stun_att_family = -1; +static int stun_att_type_comprehension = -1; +static int stun_att_type_assignment = -1; static int stun_att_ipv4 = -1; static int stun_att_ipv6 = -1; static int stun_att_port = -1; -static int stun_att_change_ip = -1; -static int stun_att_change_port = -1; -static int stun_att_unknown = -1; +static int stun_att_username = -1; +static int stun_att_padding = -1; +static int stun_att_hmac = -1; +static int stun_att_crc32 = -1; static int stun_att_error_class = -1; static int stun_att_error_number = -1; static int stun_att_error_reason = -1; -static int stun_att_server_string = -1; +static int stun_att_realm = -1; +static int stun_att_nonce = -1; +static int stun_att_unknown = -1; static int stun_att_xor_ipv4 = -1; static int stun_att_xor_ipv6 = -1; static int stun_att_xor_port = -1; -static int stun_att_lifetime = -1; -static int stun_att_magic_cookie = -1; +static int stun_att_icmp_type = -1; +static int stun_att_icmp_code = -1; +static int stun_att_software = -1; +static int stun_att_priority = -1; +static int stun_att_tie_breaker = -1; +static int stun_att_change_ip = -1; +static int stun_att_change_port = -1; +static int stun_att_cache_timeout = -1; +static int stun_att_token = -1; +static int stun_att_reserve_next = -1; +static int stun_att_reserved = -1; +static int stun_att_value = -1; +static int stun_att_transp = -1; static int stun_att_bandwidth = -1; -static int stun_att_data = -1; -static int stun_att_connection_request_binding = -1; +static int stun_att_lifetime = -1; +static int stun_att_channelnum = -1; + /* Structure containing transaction specific information */ typedef struct _stun_transaction_t { @@ -83,131 +122,184 @@ typedef struct _stun_transaction_t { /* Structure containing conversation specific information */ typedef struct _stun_conv_info_t { - emem_tree_t *pdus; + emem_tree_t *transaction_pdus; } stun_conv_info_t; -/* Message Types */ -#define BINDING_REQUEST 0x0001 -#define BINDING_RESPONSE 0x0101 -#define BINDING_ERROR_RESPONSE 0x0111 -#define SHARED_SECRET_REQUEST 0x0002 -#define SHARED_SECRET_RESPONSE 0x0102 -#define SHARED_SECRET_ERROR_RESPONSE 0x1112 -#define ALLOCATE_REQUEST 0x0003 -#define ALLOCATE_RESPONSE 0x0103 -#define ALLOCATE_ERROR_RESPONSE 0x0113 -#define SEND_REQUEST 0x0004 -#define SEND_RESPONSE 0x0104 -#define SEND_ERROR_RESPONSE 0x0114 -#define DATA_INDICATION 0x0115 -#define SET_ACTIVE_DESTINATION_REQUEST 0x0006 -#define SET_ACTIVE_DESTINATION_RESPONSE 0x0106 -#define SET_ACTIVE_DESTINATION_ERROR_RESPONSE 0x0116 - - /* Message classes */ -#define CLASS_MASK 0xC110 #define REQUEST 0x0000 #define INDICATION 0x0001 -#define RESPONSE 0x0010 -#define ERROR_RESPONSE 0x0011 +#define RESPONSE 0x0002 +#define ERROR_RESPONSE 0x0003 + + +/* Methods */ +#define BINDING 0x0001 /*draft-ietf-behave-rfc3489bis-17 */ +#define ALLOCATE 0x0003 /*draft-ietf-behave-turn-10*/ +#define REFRESH 0x0004 /*draft-ietf-behave-turn-10*/ +#define CHANNELBIND 0x0009 /*draft-ietf-behave-turn-10*/ +#define CREATE_PERMISSION 0x0008 /* draft-ietf-behave-turn-10 */ +/* Indications */ +#define SEND 0x0006 /*draft-ietf-behave-turn-10*/ +#define DATA_IND 0x0007 /*draft-ietf-behave-turn-10*/ + /* Attribute Types */ -#define MAPPED_ADDRESS 0x0001 -#define RESPONSE_ADDRESS 0x0002 -#define CHANGE_REQUEST 0x0003 -#define SOURCE_ADDRESS 0x0004 -#define CHANGED_ADDRESS 0x0005 -#define USERNAME 0x0006 -#define PASSWORD 0x0007 -#define MESSAGE_INTEGRITY 0x0008 -#define ERROR_CODE 0x0009 -#define UNKNOWN_ATTRIBUTES 0x000a -#define REFLECTED_FROM 0x000b -#define LIFETIME 0x000d -#define ALTERNATE_SERVER 0x000e -#define MAGIC_COOKIE 0x000f -#define BANDWIDTH 0x0010 -#define DESTINATION_ADDRESS 0x0011 -#define REMOTE_ADDRESS 0x0012 -#define DATA 0x0013 -#define NONCE 0x0014 -#define REALM 0x0015 -#define REQUESTED_ADDRESS_TYPE 0x0016 -#define XOR_MAPPED_ADDRESS 0x8020 -#define XOR_ONLY 0x0021 -#define SERVER 0x8022 -#define CONNECTION_REQUEST_BINDING 0xc001 -#define BINDING_CHANGE 0xc002 +/* Comprehension-required range (0x0000-0x7FFF) */ +#define MAPPED_ADDRESS 0x0001 /* draft-ietf-behave-rfc3489bis-17 */ +#define CHANGE_REQUEST 0x0003 /* draft-ietf-behave-nat-behavior-discovery-03 */ +#define USERNAME 0x0006 /* draft-ietf-behave-rfc3489bis-17 */ +#define MESSAGE_INTEGRITY 0x0008 /* draft-ietf-behave-rfc3489bis-17 */ +#define ERROR_CODE 0x0009 /* draft-ietf-behave-rfc3489bis-17 */ +#define UNKNOWN_ATTRIBUTES 0x000a /* draft-ietf-behave-rfc3489bis-17 */ +#define CHANNEL_NUMBER 0x000c /* draft-ietf-behave-turn-10 */ +#define LIFETIME 0x000d /* draft-ietf-behave-turn-10 */ +#define BANDWIDTH 0x0010 /* turn-07 */ +#define XOR_PEER_ADDRESS 0x0012 /* draft-ietf-behave-turn-10 */ +#define DATA 0x0013 /* draft-ietf-behave-turn-10 */ +#define REALM 0x0014 /* draft-ietf-behave-rfc3489bis-17 */ +#define NONCE 0x0015 /* draft-ietf-behave-rfc3489bis-17 */ +#define XOR_RELAYED_ADDRESS 0x0016 /* draft-ietf-behave-turn-10 */ +#define REQUESTED_ADDRESS_TYPE 0x0017 /* draft-ietf-behave-turn-ipv6-03 */ +#define EVEN_PORT 0x0018 /* draft-ietf-behave-turn-10 */ +#define REQUESTED_TRANSPORT 0x0019 /* draft-ietf-behave-turn-10 */ +#define DONT_FRAGMENT 0x001a /* draft-ietf-behave-turn-10 */ +#define XOR_MAPPED_ADDRESS 0x0020 /* draft-ietf-behave-rfc3489bis-17 */ +#define RESERVATION_TOKEN 0x0022 /* draft-ietf-behave-turn-10 */ +#define PRIORITY 0x0024 /* draft-ietf-mmusic-ice-19 */ +#define USE_CANDIDATE 0x0025 /* draft-ietf-mmusic-ice-19 */ +#define PADDING 0x0026 /* draft-ietf-behave-nat-behavior-discovery-03 */ +#define XOR_RESPONSE_TARGET 0x0027 /* draft-ietf-behave-nat-behavior-discovery-03 */ +#define XOR_REFLECTED_FROM 0x0028 /* draft-ietf-behave-nat-behavior-discovery-03 */ +#define ICMP 0x0030 /* Moved from TURN to a future I-D */ +/* Comprehension-optional range (0x8000-0xFFFF) */ +#define SOFTWARE 0x8022 /* draft-ietf-behave-rfc3489bis-17 */ +#define ALTERNATE_SERVER 0x8023 /* draft-ietf-behave-rfc3489bis-17 */ +#define CACHE_TIMEOUT 0x8027 /* draft-ietf-behave-nat-behavior-discovery-03 */ +#define FINGERPRINT 0x8028 /* draft-ietf-behave-rfc3489bis-17 */ +#define ICE_CONTROLLED 0x8029 /* draft-ietf-mmusic-ice-19 */ +#define ICE_CONTROLLING 0x802a /* draft-ietf-mmusic-ice-19 */ +#define RESPONSE_ORIGIN 0x802b /* draft-ietf-behave-nat-behavior-discovery-03 */ +#define OTHER_ADDRESS 0x802c /* draft-ietf-behave-nat-behavior-discovery-03 */ + +/* divers */ +#define PROTO_NUM_UDP 17 +#define PROTO_NUM_TCP 6 +#define PROTO_NUM_ERR 255 + +#define TURN_REQUESTED_PROPS_EVEN_PORT 0x01 +#define TURN_REQUESTED_PROPS_PAIR_OF_PORTS 0x02 + +#define TURN_CHANNEL_NUMBER_MIN 0x4000 +#define TURN_CHANNEL_NUMBER_MAX 0xFFFE + + + + /* Initialize the subtree pointers */ static gint ett_stun = -1; -static gint ett_stun_att_type = -1; +static gint ett_stun_type = -1; +static gint ett_stun_att_all= -1; static gint ett_stun_att = -1; - +static gint ett_stun_att_type = -1; #define UDP_PORT_STUN 3478 #define TCP_PORT_STUN 3478 +#define STUN_HDR_LEN ((guint)20) /* STUN message header length */ +#define ATTR_HDR_LEN 4 /* STUN attribute header length */ +#define CHANNEL_DATA_HDR_LEN 4 /* TURN CHANNEL-DATA Message hdr length */ +#define MIN_HDR_LEN 4 -#define STUN_HDR_LEN ((guint)20) /* STUN message header length */ -#define ATTR_HDR_LEN 4 /* STUN attribute header length */ - +static const value_string transportnames[] = { + { 17, "UDP" }, + { 6, "TCP" }, + { 0, NULL } +}; -static const true_false_string set_flag = { - "SET", - "NOT SET" +static const value_string classes[] = { + {REQUEST, "Request"}, + {INDICATION, "Indication"}, + {RESPONSE, "Success Response"}, + {ERROR_RESPONSE, "Error Response"}, + {0x00, NULL} }; -static const value_string messages[] = { - {BINDING_REQUEST, "Binding Request"}, - {BINDING_RESPONSE, "Binding Response"}, - {BINDING_ERROR_RESPONSE, "Binding Error Response"}, - {SHARED_SECRET_REQUEST, "Shared Secret Request"}, - {SHARED_SECRET_RESPONSE, "Shared Secret Response"}, - {SHARED_SECRET_ERROR_RESPONSE, "Shared Secret Error Response"}, - {ALLOCATE_REQUEST, "Allocate Request"}, - {ALLOCATE_RESPONSE, "Allocate Response"}, - {ALLOCATE_ERROR_RESPONSE, "Allocate Error Response"}, - {SEND_REQUEST, "Send Request"}, - {SEND_RESPONSE, "Send Response"}, - {SEND_ERROR_RESPONSE, "Send Error Response"}, - {DATA_INDICATION, "Data Indication"}, - {SET_ACTIVE_DESTINATION_REQUEST, "Set Active Destination Request"}, - {SET_ACTIVE_DESTINATION_RESPONSE, "Set Active Destination Response"}, - {SET_ACTIVE_DESTINATION_ERROR_RESPONSE, "Set Active Destination Error Response"}, +static const value_string methods[] = { + {BINDING, "Binding"}, + {ALLOCATE, "Allocate"}, + {REFRESH, "Refresh"}, + {CHANNELBIND, "Channel-Bind"}, + {SEND, "Send"}, + {DATA_IND, "Data"}, + {CREATE_PERMISSION, "CreatePermission"}, {0x00, NULL} }; + + static const value_string attributes[] = { {MAPPED_ADDRESS, "MAPPED-ADDRESS"}, - {RESPONSE_ADDRESS, "RESPONSE-ADDRESS"}, - {CHANGE_REQUEST, "CHANGE-REQUEST"}, - {SOURCE_ADDRESS, "SOURCE-ADDRESS"}, - {CHANGED_ADDRESS, "CHANGED-ADDRESS"}, + {CHANGE_REQUEST, "CHANGE_REQUEST"}, {USERNAME, "USERNAME"}, - {PASSWORD, "PASSWORD"}, {MESSAGE_INTEGRITY, "MESSAGE-INTEGRITY"}, {ERROR_CODE, "ERROR-CODE"}, - {REFLECTED_FROM, "REFLECTED-FROM"}, + {UNKNOWN_ATTRIBUTES, "UNKNOWN-ATTRIBUTES"}, + {CHANNEL_NUMBER, "CHANNEL-NUMBER"}, {LIFETIME, "LIFETIME"}, - {ALTERNATE_SERVER, "ALTERNATE_SERVER"}, - {MAGIC_COOKIE, "MAGIC_COOKIE"}, {BANDWIDTH, "BANDWIDTH"}, - {DESTINATION_ADDRESS, "DESTINATION_ADDRESS"}, - {REMOTE_ADDRESS, "REMOTE_ADDRESS"}, + {XOR_PEER_ADDRESS, "XOR-PEER-ADDRESS"}, {DATA, "DATA"}, - {NONCE, "NONCE"}, {REALM, "REALM"}, - {REQUESTED_ADDRESS_TYPE, "REQUESTED_ADDRESS_TYPE"}, - {XOR_MAPPED_ADDRESS, "XOR_MAPPED_ADDRESS"}, - {XOR_ONLY, "XOR_ONLY"}, - {SERVER, "SERVER"}, - {CONNECTION_REQUEST_BINDING, "CONNECTION-REQUEST-BINDING"}, - {BINDING_CHANGE, "BINDING-CHANGE"}, + {NONCE, "NONCE"}, + {XOR_RELAYED_ADDRESS, "XOR-RELAYED-ADDRESS"}, + {REQUESTED_ADDRESS_TYPE, "REQUESTED-ADDRESS-TYPE"}, + {EVEN_PORT, "EVEN-PORT"}, + {REQUESTED_TRANSPORT, "REQUESTED-TRANSPORT"}, + {DONT_FRAGMENT, "DONT-FRAGMENT"}, + {XOR_MAPPED_ADDRESS, "XOR-MAPPED-ADDRESS"}, + {RESERVATION_TOKEN, "RESERVATION-TOKEN"}, + {PRIORITY, "PRIORITY"}, + {USE_CANDIDATE, "USE-CANDIDATE"}, + {PADDING, "PADDING"}, + {XOR_RESPONSE_TARGET, "XOR-RESPONSE-TARGET"}, + {XOR_REFLECTED_FROM, "XOR-REFELECTED-FROM"}, + {ICMP, "ICMP"}, + {SOFTWARE, "SOFTWARE"}, + {ALTERNATE_SERVER, "ALTERNATE-SERVER"}, + {CACHE_TIMEOUT, "CACHE-TIMEOUT"}, + {FINGERPRINT, "FINGERPRINT"}, + {ICE_CONTROLLED, "ICE-CONTROLLED"}, + {ICE_CONTROLLING, "ICE-CONTROLLING"}, + {RESPONSE_ORIGIN, "RESPONSE-ORIGIN"}, + {OTHER_ADDRESS, "OTHER-ADDRESS"}, + {0x00, NULL} +}; + +static const value_string assignments[] = { + {0x0000, "IETF Review"}, + {0x0001, "Designated Expert"}, + {0x00, NULL} +}; + +static const value_string comprehensions[] = { + {0x0000, "Required"}, + {0x0001, "Optional"}, + {0x00, NULL} +}; + +static const value_string attributes_reserve_next[] = { + {0, "No reservation"}, + {1, "Reserve next port number"}, + {0x00, NULL} +}; + +static const value_string attributes_properties_p[] = { + {0, "All allocation"}, + {1, "Preserving allocation"}, {0x00, NULL} }; @@ -217,75 +309,202 @@ static const value_string attributes_family[] = { {0x00, NULL} }; -static int -dissect_stun(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +static const true_false_string set_flag = { + "SET", + "NOT SET" +}; + +static const value_string error_code[] = { + {300, "Try Alternate"},/* rfc3489bis-15 */ + {400, "Bad Request"},/* rfc3489bis-15 */ + {401, "Unauthorized"},/* rfc3489bis-15 */ + {420, "Unknown Attribute"},/* rfc3489bis-15 */ + {437, "Allocation Mismatch"},/* turn-07 */ + {438, "Stale Nonce"},/* rfc3489bis-15 */ + {439, "Wrong Credentials"}, /* turn-07 - collision 38=>39 */ + {442, "Unsupported Transport Protocol"},/* turn-07 */ + {440, "Address Family not Supported"}, /* turn-ipv6-04 */ + {481, "Connection does not exist"}, /* nat-behavior-discovery-03 */ + {486, "Allocation Quota Reached"},/* turn-07 */ + {500, "Server Error"},/* rfc3489bis-15 */ + {503, "Service Unavailable"}, /* nat-behavior-discovery-03 */ + {507, "Insufficient Bandwidth Capacity"},/* turn-07 */ + {508, "Insufficient Port Capacity"},/* turn-07 */ + {600, "Global Failure"}, + {0x00, NULL} +}; + + +static guint +get_stun_message_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset) { + guint16 type = tvb_get_ntohs(tvb, offset); + guint16 length = tvb_get_ntohs(tvb, offset+2); + guint res = 0; + + if (type & 0xC000) + { + /* two first bits not NULL => should be a channel-data message */ + res = (guint) ((length + CHANNEL_DATA_HDR_LEN +3) & -4); + } + else + { + /* Normal STUN message */ + res = (guint) length + STUN_HDR_LEN; + } + return res; +} +static int +dissect_stun_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ proto_item *ti; - proto_item *ta; proto_tree *stun_tree; + proto_tree *stun_type_tree; + proto_tree *att_all_tree; proto_tree *att_type_tree; proto_tree *att_tree; guint16 msg_type; guint16 msg_length; - const char *msg_type_str; + guint16 msg_type_method; + guint16 msg_type_class; + const char *msg_class_str; + const char *msg_method_str; guint16 att_type; guint16 att_length; + const char *att_type_str; guint16 offset; - guint len; guint i; - conversation_t *conversation; + guint magic_cookie_first_word; + guint len; + guint msg_total_len; + conversation_t *conversation=NULL; stun_conv_info_t *stun_info; stun_transaction_t * stun_trans; emem_tree_key_t transaction_id_key[2]; - guint32 transaction_id[4]; - + guint32 transaction_id[3]; /* * First check if the frame is really meant for us. */ + + offset = 0; len = tvb_length(tvb); + + + /* First, make sure we have enough data to do the check. */ - if (len < STUN_HDR_LEN) + if (len < MIN_HDR_LEN) return 0; - - msg_type = tvb_get_ntohs(tvb, 0); - if (msg_type & 0xC000 || tvb_get_ntohl(tvb, 4) == 0x2112a442) - return 0; - - /* check if message type is correct */ - msg_type_str = match_strval(msg_type, messages); - if (msg_type_str == NULL) - return 0; - + msg_type = tvb_get_ntohs(tvb, 0); msg_length = tvb_get_ntohs(tvb, 2); - - /* check if payload enough */ - if (len != STUN_HDR_LEN+msg_length) - return 0; + + if (msg_type & 0xC000) + { + /* two first bits not NULL => should be a channel-data message */ + if (msg_type == 0xFFFF) + return 0; + /* note that padding is only mandatory over streaming + protocols */ + msg_total_len = (guint) ((msg_length + CHANNEL_DATA_HDR_LEN +3) & -4) ; + + /* check if payload enough */ + if (len != msg_total_len) { + if (pinfo->ipproto != IP_PROTO_UDP) { + return 0; + } + /* recalculate the total length without padding */ + msg_total_len = (guint) msg_length + CHANNEL_DATA_HDR_LEN; + if (len != msg_total_len) + return 0; + } + } + else + { + /* Normal STUN message */ + msg_total_len = (guint) msg_length + STUN_HDR_LEN; + if (len < STUN_HDR_LEN) + return 0; + /* Check if it is really a STUN message */ + if ( tvb_get_ntohl(tvb, 4) != 0x2112a442) + return 0; + + /* check if payload enough */ + if (len != msg_total_len) + return 0; + } /* The message seems to be a valid STUN message! */ + col_set_str(pinfo->cinfo, COL_PROTOCOL, "STUN"); + + /* BEGIN of CHANNEL-DATA specific section */ + if (msg_type & 0xC000) + { + guint data_length; + tvbuff_t *next_tvb; + guint reported_len, new_len; + /* two first bits not NULL => should be a channel-data message*/ + + /* Clear out stuff in the info column */ + if (check_col(pinfo->cinfo,COL_INFO)) { + col_add_fstr(pinfo->cinfo, COL_INFO, "ChannelData TURN Message"); + } + if (!tree) + return tvb_length(tvb); + ti = proto_tree_add_item( + tree, proto_stun, tvb, 0, + CHANNEL_DATA_HDR_LEN, + FALSE); + proto_item_append_text(ti, ", TURN ChannelData Message"); + stun_tree = proto_item_add_subtree(ti, ett_stun); + proto_tree_add_item(stun_tree, hf_stun_channel, tvb, offset, 2, FALSE); offset += 2; + data_length = tvb_get_ntohs(tvb, 2); + proto_tree_add_item(stun_tree, hf_stun_length, tvb, offset, 2, FALSE); offset += 2; + + + new_len = tvb_length_remaining(tvb, CHANNEL_DATA_HDR_LEN); + reported_len = tvb_reported_length_remaining(tvb, + CHANNEL_DATA_HDR_LEN); + if (data_length < reported_len) { + reported_len = data_length; + } + next_tvb = tvb_new_subset(tvb, CHANNEL_DATA_HDR_LEN, new_len, + reported_len); + + + if (!dissector_try_heuristic(heur_subdissector_list, + next_tvb, pinfo, tree)) { + call_dissector_only(data_handle,next_tvb, pinfo, tree); + } + + return tvb_length(tvb); + } + /* END of CHANNEL-DATA specific section */ + + /* At this stage, we know this is a standard stun message */ + /* Create the transaction key which may be used to track the conversation */ - transaction_id[0] = tvb_get_ntohl(tvb, 4); - transaction_id[1] = tvb_get_ntohl(tvb, 8); - transaction_id[2] = tvb_get_ntohl(tvb, 12); - transaction_id[3] = tvb_get_ntohl(tvb, 16); + transaction_id[0] = tvb_get_ntohl(tvb, 8); + transaction_id[1] = tvb_get_ntohl(tvb, 12); + transaction_id[2] = tvb_get_ntohl(tvb, 16); - transaction_id_key[0].length = 4; + transaction_id_key[0].length = 3; transaction_id_key[0].key = transaction_id; - transaction_id_key[1].length = 0; - transaction_id_key[1].key = NULL; - - /* - * Do we have a conversation for this connection? - */ - conversation = find_conversation(pinfo->fd->num, - &pinfo->src, &pinfo->dst, - pinfo->ptype, - pinfo->srcport, pinfo->destport, 0); + transaction_id_key[1].length = 0; + transaction_id_key[1].key = NULL; + + msg_type_class = ((msg_type & 0x0010) >> 4) | ((msg_type & 0x0100) >> 7) ; + msg_type_method = (msg_type & 0x000F) | ((msg_type & 0x00E0) >> 1) | ((msg_type & 0x3E00) >> 2); + + /* Do we already have a conversation ? */ + conversation = + find_conversation(pinfo->fd->num, + &pinfo->src, &pinfo->dst, + pinfo->ptype, + pinfo->srcport, pinfo->destport, 0); if (conversation == NULL) { /* We don't yet have a conversation, so create one. */ conversation = conversation_new(pinfo->fd->num, @@ -296,444 +515,848 @@ dissect_stun(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) /* * Do we already have a state structure for this conv */ - stun_info = conversation_get_proto_data(conversation, proto_stun); + stun_info = conversation_get_proto_data(conversation, proto_stun); if (!stun_info) { /* No. Attach that information to the conversation, and add * it to the list of information structures. */ stun_info = se_alloc(sizeof(stun_conv_info_t)); - stun_info->pdus=se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "stun_pdus"); + stun_info->transaction_pdus=se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "stun_transaction_pdus"); conversation_add_proto_data(conversation, proto_stun, stun_info); } - - if(!pinfo->fd->flags.visited){ - if (((msg_type & CLASS_MASK) >> 4) == REQUEST) { - /* This is a request */ + + if (!pinfo->fd->flags.visited){ + if ((stun_trans= + se_tree_lookup32_array(stun_info->transaction_pdus, + transaction_id_key)) == NULL) { stun_trans=se_alloc(sizeof(stun_transaction_t)); - stun_trans->req_frame=pinfo->fd->num; + stun_trans->req_frame=0; stun_trans->rep_frame=0; stun_trans->req_time=pinfo->fd->abs_ts; - se_tree_insert32_array(stun_info->pdus, transaction_id_key, - (void *)stun_trans); + se_tree_insert32_array(stun_info->transaction_pdus, + transaction_id_key, + (void *)stun_trans); + } + + if (msg_type_class == REQUEST) { + /* This is a request */ + if (stun_trans->req_frame == 0) { + stun_trans->req_frame=pinfo->fd->num; + } + } else { - stun_trans=se_tree_lookup32_array(stun_info->pdus, - transaction_id_key); - if(stun_trans){ - stun_trans->rep_frame=pinfo->fd->num; + /* This is a catch-all for all non-request messages */ + if (stun_trans->rep_frame == 0) { + stun_trans->rep_frame=pinfo->fd->num; } + } } else { - stun_trans=se_tree_lookup32_array(stun_info->pdus, transaction_id_key); + stun_trans=se_tree_lookup32_array(stun_info->transaction_pdus, + transaction_id_key); } - if(!stun_trans){ - /* create a "fake" pana_trans structure */ + + if (!stun_trans) { + /* create a "fake" pana_trans structure */ stun_trans=ep_alloc(sizeof(stun_transaction_t)); stun_trans->req_frame=0; stun_trans->rep_frame=0; stun_trans->req_time=pinfo->fd->abs_ts; } - + + msg_class_str = match_strval(msg_type_class, classes); + msg_method_str = match_strval(msg_type_method, methods); - col_set_str(pinfo->cinfo, COL_PROTOCOL, "STUN"); - - if (check_col(pinfo->cinfo, COL_INFO)) { - col_add_fstr(pinfo->cinfo, COL_INFO, "Message: %s", - msg_type_str); - } + if (msg_method_str == NULL) + msg_method_str = "Unknown"; - if (tree) { - guint transaction_id_first_word; + if (check_col(pinfo->cinfo, COL_INFO)) + col_add_fstr(pinfo->cinfo, COL_INFO, "%s %s", + msg_method_str, msg_class_str); - ti = proto_tree_add_item(tree, proto_stun, tvb, 0, -1, FALSE); - - stun_tree = proto_item_add_subtree(ti, ett_stun); + if (!tree) + return tvb_length(tvb); - if (((msg_type & CLASS_MASK) >> 4) == REQUEST) { - if (stun_trans->rep_frame) { - proto_item *it; - it=proto_tree_add_uint(stun_tree, hf_stun_response_in, - tvb, 0, 0, - stun_trans->rep_frame); - PROTO_ITEM_SET_GENERATED(it); - } - } - else if ((((msg_type & CLASS_MASK) >> 4) == RESPONSE) || - (((msg_type & CLASS_MASK) >> 4) == ERROR_RESPONSE)) { - /* This is a response */ - if(stun_trans->req_frame){ - proto_item *it; - nstime_t ns; - - it=proto_tree_add_uint(stun_tree, hf_stun_response_to, tvb, 0, 0, stun_trans->req_frame); - PROTO_ITEM_SET_GENERATED(it); - - nstime_delta(&ns, &pinfo->fd->abs_ts, &stun_trans->req_time); - it=proto_tree_add_time(stun_tree, hf_stun_time, tvb, 0, 0, &ns); - PROTO_ITEM_SET_GENERATED(it); - } - - } + ti = proto_tree_add_item(tree, proto_stun, tvb, 0, -1, FALSE); - proto_tree_add_uint(stun_tree, hf_stun_type, tvb, 0, 2, msg_type); - proto_tree_add_uint(stun_tree, hf_stun_length, tvb, 2, 2, msg_length); - proto_tree_add_item(stun_tree, hf_stun_id, tvb, 4, 16, FALSE); + stun_tree = proto_item_add_subtree(ti, ett_stun); - /* Remember this (in host order) so we can show clear xor'd addresses */ - transaction_id_first_word = tvb_get_ntohl(tvb, 4); - if (msg_length > 0) { - ta = proto_tree_add_item(stun_tree, hf_stun_att, tvb, STUN_HDR_LEN, msg_length, FALSE); - att_type_tree = proto_item_add_subtree(ta, ett_stun_att_type); + if (msg_type_class == REQUEST) { + if (stun_trans->req_frame != pinfo->fd->num) { + proto_item *it; + it=proto_tree_add_uint(stun_tree, hf_stun_duplicate, + tvb, 0, 0, + stun_trans->req_frame); + PROTO_ITEM_SET_GENERATED(it); + } + if (stun_trans->rep_frame) { + proto_item *it; + it=proto_tree_add_uint(stun_tree, hf_stun_response_in, + tvb, 0, 0, + stun_trans->rep_frame); + PROTO_ITEM_SET_GENERATED(it); + } + } + else { + /* Retransmission control */ + if (stun_trans->rep_frame != pinfo->fd->num) { + proto_item *it; + it=proto_tree_add_uint(stun_tree, hf_stun_duplicate, + tvb, 0, 0, + stun_trans->rep_frame); + PROTO_ITEM_SET_GENERATED(it); + } + if (msg_type_class == RESPONSE || msg_type_class == ERROR_RESPONSE) { + /* This is a response */ + if (stun_trans->req_frame) { + proto_item *it; + nstime_t ns; + + it=proto_tree_add_uint(stun_tree, hf_stun_response_to, tvb, 0, 0, stun_trans->req_frame); + PROTO_ITEM_SET_GENERATED(it); + + nstime_delta(&ns, &pinfo->fd->abs_ts, &stun_trans->req_time); + it=proto_tree_add_time(stun_tree, hf_stun_time, tvb, 0, 0, &ns); + PROTO_ITEM_SET_GENERATED(it); + } + + } + } + + ti = proto_tree_add_uint_format(stun_tree, hf_stun_type, tvb, 0, 2, msg_type, "Message Type: 0x%04x (%s %s)", msg_type, msg_method_str, msg_class_str); + stun_type_tree = proto_item_add_subtree(ti, ett_stun_type); + proto_tree_add_uint(stun_type_tree, hf_stun_type_class, tvb, 0, 2, msg_type); + ti = proto_tree_add_text(stun_type_tree, tvb, 0, 2, "%s (%d)", msg_class_str, msg_type_class); + PROTO_ITEM_SET_GENERATED(ti); + proto_tree_add_uint(stun_type_tree, hf_stun_type_method, tvb, 0, 2, msg_type); + ti = proto_tree_add_text(stun_type_tree, tvb, 0, 2, "%s (0x%03x)", msg_method_str, msg_type_method); + PROTO_ITEM_SET_GENERATED(ti); + proto_tree_add_uint(stun_type_tree, hf_stun_type_method_assignment, tvb, 0, 2, msg_type); + ti = proto_tree_add_text(stun_type_tree, tvb, 0, 2, "%s (%d)", match_strval((msg_type & 0x2000) >> 13, assignments), (msg_type & 0x2000) >> 13); + PROTO_ITEM_SET_GENERATED(ti); - offset = STUN_HDR_LEN; + proto_tree_add_uint(stun_tree, hf_stun_length, tvb, 2, 2, msg_length); + proto_tree_add_item(stun_tree, hf_stun_cookie, tvb, 4, 4, FALSE); + proto_tree_add_item(stun_tree, hf_stun_id, tvb, 8, 12, FALSE); - while( msg_length > 0) { + /* Remember this (in host order) so we can show clear xor'd addresses */ + magic_cookie_first_word = tvb_get_ntohl(tvb, 4); + + if (msg_length > 0) { + ti = proto_tree_add_item(stun_tree, hf_stun_attributes, tvb, STUN_HDR_LEN, msg_length, FALSE); + att_all_tree = proto_item_add_subtree(ti, ett_stun_att_all); + + offset = STUN_HDR_LEN; + + while (msg_length > 0) { att_type = tvb_get_ntohs(tvb, offset); /* Type field in attribute header */ att_length = tvb_get_ntohs(tvb, offset+2); /* Length field in attribute header */ - - ta = proto_tree_add_text(att_type_tree, tvb, offset, - ATTR_HDR_LEN+att_length, - "Attribute: %s", - val_to_str(att_type, attributes, "Unknown (0x%04x)")); - att_tree = proto_item_add_subtree(ta, ett_stun_att); - - proto_tree_add_uint(att_tree, stun_att_type, tvb, - offset, 2, att_type); + att_type_str = match_strval(att_type, attributes); + if (att_type_str == NULL) + att_type_str = "Unknown"; + ti = proto_tree_add_uint_format(att_all_tree, hf_stun_attr, tvb, offset, ATTR_HDR_LEN+att_length, att_type, "%s", att_type_str); + att_tree = proto_item_add_subtree(ti, ett_stun_att); + ti = proto_tree_add_uint(att_tree, stun_att_type, tvb, + offset, 2, att_type); + att_type_tree = proto_item_add_subtree(ti, ett_stun_att_type); + proto_tree_add_uint(att_type_tree, stun_att_type_comprehension, tvb, offset, 2, att_type); + ti = proto_tree_add_text(att_type_tree, tvb, offset, 2, "%s (%d)", match_strval((att_type & 0x8000) >> 15, comprehensions), (att_type & 0x8000) >> 15); + PROTO_ITEM_SET_GENERATED(ti); + proto_tree_add_uint(att_type_tree, stun_att_type_assignment, tvb, offset, 2, att_type); + ti = proto_tree_add_text(att_type_tree, tvb, offset, 2, "%s (%d)", match_strval((att_type & 0x4000) >> 14, assignments), (att_type & 0x4000) >> 14); + PROTO_ITEM_SET_GENERATED(ti); + offset += 2; if (ATTR_HDR_LEN+att_length > msg_length) { proto_tree_add_uint_format(att_tree, - stun_att_length, tvb, offset, 2, - att_length, - "Attribute Length: %u (bogus, goes past the end of the message)", - att_length); + stun_att_length, tvb, offset, 2, + att_length, + "Attribute Length: %u (bogus, goes past the end of the message)", + att_length); break; } proto_tree_add_uint(att_tree, stun_att_length, tvb, - offset, 2, att_length); + offset, 2, att_length); offset += 2; - switch( att_type ){ - case MAPPED_ADDRESS: - case RESPONSE_ADDRESS: - case SOURCE_ADDRESS: - case CHANGED_ADDRESS: - case REFLECTED_FROM: - case ALTERNATE_SERVER: - case DESTINATION_ADDRESS: - case REMOTE_ADDRESS: - if (att_length < 2) - break; - proto_tree_add_item(att_tree, stun_att_family, tvb, offset+1, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun_att_port, tvb, offset+2, 2, FALSE); - switch( tvb_get_guint8(tvb, offset+1) ){ - case 1: - if (att_length < 8) - break; - proto_tree_add_item(att_tree, stun_att_ipv4, tvb, offset+4, 4, FALSE); - break; - - case 2: - if (att_length < 20) - break; - proto_tree_add_item(att_tree, stun_att_ipv6, tvb, offset+4, 16, FALSE); - break; - } + switch (att_type) { + case MAPPED_ADDRESS: + case ALTERNATE_SERVER: + case RESPONSE_ORIGIN: + case OTHER_ADDRESS: + if (att_length < 1) break; - - case CHANGE_REQUEST: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun_att_change_ip, tvb, offset, 4, FALSE); - proto_tree_add_item(att_tree, stun_att_change_port, tvb, offset, 4, FALSE); - break; - - case USERNAME: - case PASSWORD: - case MESSAGE_INTEGRITY: - case NONCE: - case REALM: - if (att_length < 1) - break; - proto_tree_add_item(att_tree, stun_att_value, tvb, offset, att_length, FALSE); + proto_tree_add_uint(att_tree, stun_att_reserved, tvb, offset, 1, 1); + if (att_length < 2) break; - - case ERROR_CODE: - if (att_length < 3) - break; - proto_tree_add_item(att_tree, stun_att_error_class, tvb, offset+2, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun_att_error_number, tvb, offset+3, 1, FALSE); - if (att_length < 5) - break; - proto_tree_add_item(att_tree, stun_att_error_reason, tvb, offset+4, (att_length-4), FALSE); + proto_tree_add_item(att_tree, stun_att_family, tvb, offset+1, 1, FALSE); + if (att_length < 4) break; - - case LIFETIME: - if (att_length < 4) + proto_tree_add_item(att_tree, stun_att_port, tvb, offset+2, 2, FALSE); + switch (tvb_get_guint8(tvb, offset+1)) { + case 1: + if (att_length < 8) break; - proto_tree_add_item(att_tree, stun_att_lifetime, tvb, offset, 4, FALSE); + proto_tree_add_item(att_tree, stun_att_ipv4, tvb, offset+4, 4, FALSE); + { + const gchar *ipstr; + guint32 ip; + ip = tvb_get_ipv4(tvb,offset+4); + ipstr = ip_to_str((guint8*)&ip); + proto_item_append_text(att_tree, ": %s:%d", ipstr,tvb_get_ntohs(tvb,offset+2)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " %s: %s:%d", + val_to_str(att_type, attributes, "Unknown"), + ipstr, + tvb_get_ntohs(tvb,offset+2) + ); + } + } break; - case MAGIC_COOKIE: - if (att_length < 4) + case 2: + if (att_length < 20) break; - proto_tree_add_item(att_tree, stun_att_magic_cookie, tvb, offset, 4, FALSE); + proto_tree_add_item(att_tree, stun_att_ipv6, tvb, offset+4, 16, FALSE); break; + } + break; - case BANDWIDTH: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun_att_bandwidth, tvb, offset, 4, FALSE); - break; + case CHANGE_REQUEST: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_change_ip, tvb, offset, 4, FALSE); + proto_tree_add_item(att_tree, stun_att_change_port, tvb, offset, 4, FALSE); + break; + + case USERNAME: + proto_tree_add_item(att_tree, stun_att_username, tvb, offset, att_length, FALSE); + proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset, att_length)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " user: %s", + tvb_get_ephemeral_string(tvb,offset, att_length) + ); + } + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; - case DATA: - proto_tree_add_item(att_tree, stun_att_data, tvb, offset, att_length, FALSE); + case MESSAGE_INTEGRITY: + if (att_length < 20) break; + proto_tree_add_item(att_tree, stun_att_hmac, tvb, offset, att_length, FALSE); + break; - case UNKNOWN_ATTRIBUTES: - for (i = 0; i < att_length; i += 4) { - proto_tree_add_item(att_tree, stun_att_unknown, tvb, offset+i, 2, FALSE); - proto_tree_add_item(att_tree, stun_att_unknown, tvb, offset+i+2, 2, FALSE); + case ERROR_CODE: + if (att_length < 2) + break; + proto_tree_add_uint(att_tree, stun_att_reserved, tvb, offset, 2, 2); + if (att_length < 3) + break; + proto_tree_add_item(att_tree, stun_att_error_class, tvb, offset+2, 1, FALSE); + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_error_number, tvb, offset+3, 1, FALSE); + { + int human_error_num = tvb_get_guint8(tvb, offset+2) * 100 + tvb_get_guint8(tvb, offset+3); + proto_item_append_text( + att_tree, + " %d (%s)", + human_error_num, /* human readable error code */ + val_to_str(human_error_num, error_code, "*Unknown error code*") + ); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " error-code: %d (%s)", + human_error_num, + val_to_str(human_error_num, error_code, "*Unknown error code*") + ); } + } + if (att_length < 5) break; - - case SERVER: - proto_tree_add_item(att_tree, stun_att_server_string, tvb, offset, att_length, FALSE); + proto_tree_add_item(att_tree, stun_att_error_reason, tvb, offset+4, att_length-4, FALSE); + + proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset+4, att_length-4)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " %s", + tvb_get_ephemeral_string(tvb, offset+4, att_length-4) + ); + } + + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; + + case UNKNOWN_ATTRIBUTES: + for (i = 0; i < att_length; i += 2) + proto_tree_add_item(att_tree, stun_att_unknown, tvb, offset+i, 2, FALSE); + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; + + case REALM: + proto_tree_add_item(att_tree, stun_att_realm, tvb, offset, att_length, FALSE); + proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset, att_length)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " realm: %s", + tvb_get_ephemeral_string(tvb,offset, att_length) + ); + } + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; + + case NONCE: + proto_tree_add_item(att_tree, stun_att_nonce, tvb, offset, att_length, FALSE); + proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset, att_length)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " with nonce" + ); + } + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; + + case XOR_MAPPED_ADDRESS: + case XOR_PEER_ADDRESS: + case XOR_RELAYED_ADDRESS: + case XOR_RESPONSE_TARGET: + case XOR_REFLECTED_FROM: + if (att_length < 1) + break; + proto_tree_add_uint(att_tree, stun_att_reserved, tvb, offset, 1, 1); + if (att_length < 2) + break; + proto_tree_add_item(att_tree, stun_att_family, tvb, offset+1, 1, FALSE); + if (att_length < 4) break; + proto_tree_add_item(att_tree, stun_att_xor_port, tvb, offset+2, 2, FALSE); - case XOR_MAPPED_ADDRESS: - if (att_length < 2) - break; - proto_tree_add_item(att_tree, stun_att_family, tvb, offset+1, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun_att_xor_port, tvb, offset+2, 2, FALSE); - - /* Show the port 'in the clear' - XOR (host order) transid with (host order) xor-port. - Add host-order port into tree. */ - ti = proto_tree_add_uint(att_tree, stun_att_port, tvb, offset+2, 2, - tvb_get_ntohs(tvb, offset+2) ^ - (transaction_id_first_word >> 16)); - PROTO_ITEM_SET_GENERATED(ti); + /* Show the port 'in the clear' + XOR (host order) transid with (host order) xor-port. + Add host-order port into tree. */ + ti = proto_tree_add_uint(att_tree, stun_att_port, tvb, offset+2, 2, + tvb_get_ntohs(tvb, offset+2) ^ + (magic_cookie_first_word >> 16)); + PROTO_ITEM_SET_GENERATED(ti); + if (att_length < 8) + break; + switch (tvb_get_guint8(tvb, offset+1)) { + case 1: if (att_length < 8) break; - switch( tvb_get_guint8(tvb, offset+1) ){ - case 1: - if (att_length < 8) - break; - proto_tree_add_item(att_tree, stun_att_xor_ipv4, tvb, offset+4, 4, FALSE); - - /* Show the address 'in the clear'. - XOR (host order) transid with (host order) xor-address. - Add in network order tree. */ - ti = proto_tree_add_ipv4(att_tree, stun_att_ipv4, tvb, offset+4, 4, - g_htonl(tvb_get_ntohl(tvb, offset+4) ^ - transaction_id_first_word)); - PROTO_ITEM_SET_GENERATED(ti); - break; - - case 2: - if (att_length < 20) - break; - proto_tree_add_item(att_tree, stun_att_xor_ipv6, tvb, offset+4, 16, FALSE); - break; + proto_tree_add_item(att_tree, stun_att_xor_ipv4, tvb, offset+4, 4, FALSE); + + /* Show the address 'in the clear'. + XOR (host order) transid with (host order) xor-address. + Add in network order tree. */ + ti = proto_tree_add_ipv4(att_tree, stun_att_ipv4, tvb, offset+4, 4, + g_htonl(tvb_get_ntohl(tvb, offset+4) ^ + magic_cookie_first_word)); + PROTO_ITEM_SET_GENERATED(ti); + + { + const gchar *ipstr; + guint32 ip; + guint16 port; + ip = g_htonl(tvb_get_ntohl(tvb, offset+4) ^ magic_cookie_first_word); + ipstr = ip_to_str((guint8*)&ip); + port = tvb_get_ntohs(tvb, offset+2) ^ (magic_cookie_first_word >> 16); + proto_item_append_text(att_tree, ": %s:%d", ipstr, port); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " %s: %s:%d", + val_to_str(att_type, attributes, "Unknown"), + ipstr, + port + ); } + } break; - case REQUESTED_ADDRESS_TYPE: - if (att_length < 2) + case 2: + if (att_length < 20) break; - proto_tree_add_item(att_tree, stun_att_family, tvb, offset+1, 1, FALSE); + proto_tree_add_item(att_tree, stun_att_xor_ipv6, tvb, offset+4, 16, FALSE); + { + guint32 IPv6[4]; + IPv6[0] = g_htonl(tvb_get_ntohl(tvb, offset+4) ^ magic_cookie_first_word); + IPv6[1] = g_htonl(tvb_get_ntohl(tvb, offset+8) ^ transaction_id[0]); + IPv6[2] = g_htonl(tvb_get_ntohl(tvb, offset+12) ^ transaction_id[1]); + IPv6[3] = g_htonl(tvb_get_ntohl(tvb, offset+16) ^ transaction_id[2]); + ti = proto_tree_add_ipv6(att_tree, stun_att_ipv6, tvb, offset+4, 16, (const guint8 *)IPv6); + PROTO_ITEM_SET_GENERATED(ti); + } + break; + } + break; + + case REQUESTED_ADDRESS_TYPE: + if (att_length < 1) + break; + proto_tree_add_item(att_tree, stun_att_family, tvb, offset, 1, FALSE); + if (att_length < 4) + break; + proto_tree_add_uint(att_tree, stun_att_reserved, tvb, offset+1, 3, 3); + break; +case EVEN_PORT: + if (att_length < 1) + break; + proto_tree_add_item(att_tree, stun_att_reserve_next, tvb, offset, 1, FALSE); + break; + + case RESERVATION_TOKEN: + if (att_length < 8) + break; + proto_tree_add_item(att_tree, stun_att_token, tvb, offset, 8, FALSE); + break; + + case PRIORITY: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_priority, tvb, offset, 4, FALSE); + break; - case CONNECTION_REQUEST_BINDING: - proto_tree_add_item(att_tree, stun_att_connection_request_binding, tvb, offset, att_length, FALSE); - break; + case PADDING: + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset, att_length, att_length); + break; - default: + case ICMP: + if (att_length < 4) break; + proto_tree_add_item(att_tree, stun_att_icmp_type, tvb, offset, 1, FALSE); + proto_tree_add_item(att_tree, stun_att_icmp_code, tvb, offset+1, 1, FALSE); + break; + + case SOFTWARE: + proto_tree_add_item(att_tree, stun_att_software, tvb, offset, att_length, FALSE); + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; + + case CACHE_TIMEOUT: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_cache_timeout, tvb, offset, 4, FALSE); + break; + + case FINGERPRINT: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_crc32, tvb, offset, att_length, FALSE); + break; + + case ICE_CONTROLLED: + case ICE_CONTROLLING: + if (att_length < 8) + break; + proto_tree_add_item(att_tree, stun_att_tie_breaker, tvb, offset, 8, FALSE); + break; + + case DATA: + if (att_length > 0) { + tvbuff_t *next_tvb; + guint reported_len, pad=0; + proto_tree_add_item(att_tree, stun_att_value, tvb, offset, att_length, FALSE); + if (att_length % 4 != 0) { + pad = 4-(att_length % 4); + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, pad, pad); + } + reported_len = att_length; + + + next_tvb = + tvb_new_subset(tvb, offset, + reported_len, + reported_len); + + if (!dissector_try_heuristic(heur_subdissector_list, + next_tvb, pinfo, att_tree)) { + call_dissector_only(data_handle,next_tvb, pinfo, att_tree); + } + + } + break; + + case REQUESTED_TRANSPORT: + if (att_length < 1) + break; + proto_tree_add_item(att_tree, stun_att_transp, tvb, offset, 1, FALSE); + if (att_length < 4) + break; + + { + guint8 protoCode = tvb_get_guint8(tvb, offset); + proto_item_append_text(att_tree, ": %s", val_to_str(protoCode, transportnames, "Unknown (0x%8x)")); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " %s", + val_to_str(protoCode, transportnames, "Unknown (0x%8x)") + ); + } + } + proto_tree_add_uint(att_tree, stun_att_reserved, tvb, offset+1, 3, 3); + break; + + case CHANNEL_NUMBER: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_channelnum, tvb, offset, 2, FALSE); + { + guint16 chan = tvb_get_ntohs(tvb, offset); + proto_item_append_text(att_tree, ": 0x%x", chan); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " ChannelNumber=0x%x", + chan + ); + } + } + proto_tree_add_uint(att_tree, stun_att_reserved, tvb, offset+2, 2, 2); + break; + + case BANDWIDTH: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_bandwidth, tvb, offset, 4, FALSE); + proto_item_append_text(att_tree, " %d", tvb_get_ntohl(tvb, offset)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " bandwidth: %d", + tvb_get_ntohl(tvb, offset) + ); + } + break; + case LIFETIME: + if (att_length < 4) + break; + proto_tree_add_item(att_tree, stun_att_lifetime, tvb, offset, 4, FALSE); + proto_item_append_text(att_tree, " %d", tvb_get_ntohl(tvb, offset)); + if (check_col(pinfo->cinfo, COL_INFO)) { + col_append_fstr( + pinfo->cinfo, COL_INFO, + " lifetime: %d", + tvb_get_ntohl(tvb, offset) + ); + } + break; + + default: + if (att_length > 0) + proto_tree_add_item(att_tree, stun_att_value, tvb, offset, att_length, FALSE); + if (att_length % 4 != 0) + proto_tree_add_uint(att_tree, stun_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); + break; } - offset += att_length; - msg_length -= ATTR_HDR_LEN+att_length; - } + offset += (att_length+3) & -4; + msg_length -= (ATTR_HDR_LEN+att_length+3) & -4; } } + return tvb_length(tvb); } +static int +dissect_stun_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + return dissect_stun_message(tvb, pinfo, tree); +} + +static void +dissect_stun_message_no_return(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + dissect_stun_message(tvb, pinfo, tree); +} + +static void +dissect_stun_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + tcp_dissect_pdus(tvb, pinfo, tree, TRUE, MIN_HDR_LEN, + get_stun_message_len, dissect_stun_message_no_return); +} static gboolean dissect_stun_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { - if (dissect_stun(tvb, pinfo, tree) == 0) + if (dissect_stun_message(tvb, pinfo, tree) == 0) { + /* + * It wasn't a valid STUN message, and wasn't + * dissected as such. + */ return FALSE; - + } return TRUE; } - - - void proto_register_stun(void) { static hf_register_info hf[] = { + + { &hf_stun_channel, + { "Channel Number", "stun.channel", FT_UINT16, + BASE_HEX, NULL, 0x0, NULL, HFILL } + }, + + /* ////////////////////////////////////// */ { &hf_stun_type, - { "Message Type", "stun.type", FT_UINT16, - BASE_HEX, VALS(messages), 0x0, NULL, HFILL } + { "Message Type", "stun.type", FT_UINT16, + BASE_HEX, NULL, 0, NULL, HFILL } + }, + { &hf_stun_type_class, + { "Message Class", "stun.type.class", FT_UINT16, + BASE_HEX, NULL, 0x0110, NULL, HFILL } }, + { &hf_stun_type_method, + { "Message Method", "stun.type.method", FT_UINT16, + BASE_HEX, NULL, 0x3EEF, NULL, HFILL } + }, + { &hf_stun_type_method_assignment, + { "Message Method Assignment", "stun.type.method-assignment", FT_UINT16, + BASE_HEX, NULL, 0x2000, NULL, HFILL } + }, { &hf_stun_length, - { "Message Length", "stun.length", FT_UINT16, - BASE_HEX, NULL, 0x0, NULL, HFILL } + { "Message Length", "stun.length", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &hf_stun_cookie, + { "Message Cookie", "stun.cookie", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &hf_stun_id, - { "Message Transaction ID", "stun.id", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { "Message Transaction ID", "stun.id", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &hf_stun_attributes, + { "Attributes", "stun.attributes", FT_NONE, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_stun_att, - { "Attributes", "stun.att", FT_NONE, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { &hf_stun_attr, + { "Attribute Type", "stun.attribute", FT_UINT16, + BASE_HEX, NULL, 0, NULL, HFILL } }, { &hf_stun_response_in, - { "Response In", "stun.response_in", - FT_FRAMENUM, BASE_NONE, NULL, 0x0, - "The response to this STUN query is in this frame", HFILL }}, + { "Response In", "stun.response-in", FT_FRAMENUM, + BASE_NONE, NULL, 0x0, "The response to this STUN query is in this frame", HFILL } + }, { &hf_stun_response_to, - { "Request In", "stun.response_to", - FT_FRAMENUM, BASE_NONE, NULL, 0x0, - "This is a response to the STUN Request in this frame", HFILL }}, + { "Request In", "stun.response-to", FT_FRAMENUM, + BASE_NONE, NULL, 0x0, "This is a response to the STUN Request in this frame", HFILL } + }, { &hf_stun_time, - { "Time", "stun.time", - FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0, - "The time between the Request and the Response", HFILL }}, - + { "Time", "stun.time", FT_RELATIVE_TIME, + BASE_NONE, NULL, 0x0, "The time between the Request and the Response", HFILL } + }, + { &hf_stun_duplicate, + { "Duplicated original message in", "stun.reqduplicate", FT_FRAMENUM, + BASE_NONE, NULL, 0x0, "This is a duplicate of STUN message in this frame", HFILL } + }, /* ////////////////////////////////////// */ { &stun_att_type, - { "Attribute Type", "stun.att.type", FT_UINT16, - BASE_HEX, VALS(attributes), 0x0, NULL, HFILL } + { "Attribute Type", "stun.att.type", FT_UINT16, + BASE_HEX, VALS(attributes), 0x0, NULL, HFILL } }, - { &stun_att_length, - { "Attribute Length", "stun.att.length", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } + { &stun_att_type_comprehension, + { "Attribute Type Comprehension", "stun.att.type.comprehension", FT_UINT16, + BASE_HEX, NULL, 0x8000, NULL, HFILL } }, - { &stun_att_value, - { "Value", "stun.att.value", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { &stun_att_type_assignment, + { "Attribute Type Assignment", "stun.att.type.assignment", FT_UINT16, + BASE_HEX, NULL, 0x4000, NULL, HFILL } + }, + { &stun_att_length, + { "Attribute Length", "stun.att.length", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } }, { &stun_att_family, - { "Protocol Family", "stun.att.family", FT_UINT16, - BASE_HEX, VALS(attributes_family), 0x0, NULL, HFILL } + { "Protocol Family", "stun.att.family", FT_UINT8, + BASE_HEX, VALS(attributes_family), 0x0, NULL, HFILL } }, { &stun_att_ipv4, - { "IP", "stun.att.ipv4", FT_IPv4, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { "IP", "stun.att.ipv4", FT_IPv4, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &stun_att_ipv6, - { "IP", "stun.att.ipv6", FT_IPv6, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { "IP", "stun.att.ipv6", FT_IPv6, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &stun_att_port, - { "Port", "stun.att.port", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } + { "Port", "stun.att.port", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } }, - { &stun_att_change_ip, - { "Change IP","stun.att.change.ip", FT_BOOLEAN, - 16, TFS(&set_flag), 0x0004, NULL, HFILL} + { &stun_att_username, + { "Username", "stun.att.username", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &stun_att_change_port, - { "Change Port","stun.att.change.port", FT_BOOLEAN, - 16, TFS(&set_flag), 0x0002, NULL, HFILL} - }, - { &stun_att_unknown, - { "Unknown Attribute","stun.att.unknown", FT_UINT16, - BASE_HEX, NULL, 0x0, NULL, HFILL} + { &stun_att_padding, + { "Padding", "stun.att.padding", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_hmac, + { "HMAC-SHA1", "stun.att.hmac", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_crc32, + { "CRC-32", "stun.att.crc32", FT_UINT32, + BASE_HEX, NULL, 0x0, NULL, HFILL } }, { &stun_att_error_class, - { "Error Class","stun.att.error.class", FT_UINT8, - BASE_DEC, NULL, 0x07, NULL, HFILL} + { "Error Class","stun.att.error.class", FT_UINT8, + BASE_DEC, NULL, 0x07, NULL, HFILL} }, { &stun_att_error_number, - { "Error Code","stun.att.error", FT_UINT8, - BASE_DEC, NULL, 0x0, NULL, HFILL} + { "Error Code","stun.att.error", FT_UINT8, + BASE_DEC, NULL, 0x0, NULL, HFILL} }, { &stun_att_error_reason, - { "Error Reason Phase","stun.att.error.reason", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL} + { "Error Reason Phrase","stun.att.error.reason", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL} + }, + { &stun_att_realm, + { "Realm", "stun.att.realm", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_nonce, + { "Nonce", "stun.att.nonce", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_unknown, + { "Unknown Attribute","stun.att.unknown", FT_UINT16, + BASE_HEX, NULL, 0x0, NULL, HFILL} }, { &stun_att_xor_ipv4, - { "IP (XOR-d)", "stun.att.ipv4-xord", FT_IPv4, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { "IP (XOR-d)", "stun.att.ipv4-xord", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &stun_att_xor_ipv6, - { "IP (XOR-d)", "stun.att.ipv6-xord", FT_IPv6, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { "IP (XOR-d)", "stun.att.ipv6-xord", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &stun_att_xor_port, - { "Port (XOR-d)", "stun.att.port-xord", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } + { "Port (XOR-d)", "stun.att.port-xord", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &stun_att_server_string, - { "Server version","stun.att.server", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL} + { &stun_att_icmp_type, + { "ICMP type", "stun.att.icmp.type", FT_UINT8, + BASE_DEC, NULL, 0x0, NULL, HFILL} }, - { &stun_att_lifetime, - { "Lifetime", "stun.att.lifetime", FT_UINT32, - BASE_DEC, NULL, 0x0, NULL, HFILL } + { &stun_att_icmp_code, + { "ICMP code", "stun.att.icmp.code", FT_UINT8, + BASE_DEC, NULL, 0x0, NULL, HFILL} + }, + { &stun_att_software, + { "Software","stun.att.software", FT_STRING, + BASE_NONE, NULL, 0x0, NULL, HFILL} }, - { &stun_att_magic_cookie, - { "Magic Cookie", "stun.att.magic.cookie", FT_UINT32, - BASE_HEX, NULL, 0x0, NULL, HFILL } + { &stun_att_priority, + { "Priority", "stun.att.priority", FT_UINT32, + BASE_DEC, NULL, 0x0, NULL, HFILL} + }, + { &stun_att_tie_breaker, + { "Tie breaker", "stun.att.tie-breaker", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &stun_att_bandwidth, - { "Bandwidth", "stun.att.bandwidth", FT_UINT32, - BASE_DEC, NULL, 0x0, NULL, HFILL } + { &stun_att_lifetime, + { "Lifetime", "stun.att.lifetime", FT_UINT32, + BASE_DEC, NULL, 0x0, NULL, HFILL} + }, + { &stun_att_change_ip, + { "Change IP","stun.att.change-ip", FT_BOOLEAN, + 16, TFS(&set_flag), 0x0004, NULL, HFILL} }, - { &stun_att_data, - { "Data", "stun.att.data", FT_BYTES, + { &stun_att_change_port, + { "Change Port","stun.att.change-port", FT_BOOLEAN, + 16, TFS(&set_flag), 0x0002, NULL, HFILL} + }, + { &stun_att_reserve_next, + { "Reserve next","stun.att.even-port.reserve-next", FT_UINT8, + BASE_DEC, VALS(attributes_reserve_next), 0x80, NULL, HFILL} + }, + { &stun_att_cache_timeout, + { "Cache timeout", "stun.att.cache-timeout", FT_UINT32, + BASE_DEC, NULL, 0x0, NULL, HFILL} + }, + { &stun_att_token, + { "Token", "stun.att.token", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &stun_att_connection_request_binding, - { "Connection Request Binding", "stun.att.connection_request_binding", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL } + { &stun_att_value, + { "Value", "stun.value", FT_BYTES, + BASE_NONE, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_reserved, + { "Reserved", "stun.att.reserved", FT_UINT16, + BASE_DEC, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_transp, + { "Transport", "stun.att.transp", FT_UINT8, + BASE_HEX, VALS(transportnames), 0x0, NULL, HFILL } + }, + { &stun_att_channelnum, + { "Channel-Number", "stun.att.channelnum", FT_UINT16, + BASE_HEX, NULL, 0x0, NULL, HFILL } + }, + { &stun_att_bandwidth, + { "Bandwidth", "stun.port.bandwidth", FT_UINT32, + BASE_DEC, NULL, 0x0, NULL, HFILL } }, }; -/* Setup protocol subtree array */ + /* Setup protocol subtree array */ static gint *ett[] = { &ett_stun, - &ett_stun_att_type, + &ett_stun_type, + &ett_stun_att_all, &ett_stun_att, + &ett_stun_att_type, }; -/* Register the protocol name and description */ - proto_stun = proto_register_protocol("Simple Traversal of UDP Through NAT", - "STUN", "stun"); + /* Register the protocol name and description */ + proto_stun = proto_register_protocol("Session Traversal Utilities for NAT", "STUN", "stun"); -/* Required function calls to register the header fields and subtrees used */ + /* Required function calls to register the header fields and subtrees used */ proto_register_field_array(proto_stun, hf, array_length(hf)); proto_register_subtree_array(ett, array_length(ett)); - new_register_dissector("stun", dissect_stun, proto_stun); - new_register_dissector("stun-heur", dissect_stun_heur, proto_stun); + /* heuristic subdissectors (used for the DATA field) */ + register_heur_dissector_list("stun", &heur_subdissector_list); } - void proto_reg_handoff_stun(void) { -#if 0 /* The stun2 dissector registers on these ports */ - dissector_handle_t stun_handle; + dissector_handle_t stun_tcp_handle; + dissector_handle_t stun_udp_handle; - stun_handle = find_dissector("stun"); + stun_tcp_handle = create_dissector_handle(dissect_stun_tcp, proto_stun); + stun_udp_handle = new_create_dissector_handle(dissect_stun_udp, proto_stun); + + dissector_add("tcp.port", TCP_PORT_STUN, stun_tcp_handle); + dissector_add("udp.port", UDP_PORT_STUN, stun_udp_handle); - dissector_add("tcp.port", TCP_PORT_STUN, stun_handle); - dissector_add("udp.port", UDP_PORT_STUN, stun_handle); -#endif heur_dissector_add("udp", dissect_stun_heur, proto_stun); heur_dissector_add("tcp", dissect_stun_heur, proto_stun); + heur_dissector_add("stun", dissect_stun_heur, proto_stun); + + data_handle = find_dissector("data"); } + diff --git a/epan/dissectors/packet-stun2.c b/epan/dissectors/packet-stun2.c deleted file mode 100644 index 32e7bab97b..0000000000 --- a/epan/dissectors/packet-stun2.c +++ /dev/null @@ -1,1364 +0,0 @@ -/* packet-stun2.c - * Routines for Session Traversal Utilities for NAT (STUN) dissection - * Copyright 2003, Shiang-Ming Huang <smhuang@pcs.csie.nctu.edu.tw> - * Copyright 2006, Marc Petit-Huguenin <marc@petit-huguenin.org> - * Copyright 2007-2008, 8x8 Inc. <petithug@8x8.com> - * Copyright 2008, Gael Breard <gael@breard.org> - * - * $Id$ - * - * Wireshark - Network traffic analyzer - * By Gerald Combs <gerald@wireshark.org> - * Copyright 1998 Gerald Combs - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - * Please refer to the following specs for protocol detail: - * - draft-ietf-behave-rfc3489bis-17 - * - draft-ietf-mmusic-ice-19 - * - draft-ietf-behave-nat-behavior-discovery-03 - * - draft-ietf-behave-turn-10 - * - draft-ietf-behave-turn-ipv6-03 - */ - -#ifdef HAVE_CONFIG_H -# include "config.h" -#endif - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include <glib.h> - -#include <epan/packet.h> -#include <epan/conversation.h> -#include <epan/ipproto.h> -#include <packet-tcp.h> -#include <packet-udp.h> - -/* heuristic subdissectors */ -static heur_dissector_list_t heur_subdissector_list; - -/* data dissector handle */ -static dissector_handle_t data_handle; - -/* Initialize the protocol and registered fields */ -static int proto_stun2 = -1; - -static int hf_stun2_channel = -1; - -static int hf_stun2_type = -1; -static int hf_stun2_type_class = -1; -static int hf_stun2_type_method = -1; -static int hf_stun2_type_method_assignment = -1; -static int hf_stun2_length = -1; -static int hf_stun2_cookie = -1; -static int hf_stun2_id = -1; -static int hf_stun2_attributes = -1; -static int hf_stun2_response_in = -1; -static int hf_stun2_response_to = -1; -static int hf_stun2_time = -1; -static int hf_stun2_duplicate = -1; -static int hf_stun2_attr = -1; - -static int stun2_att_type = -1; /* STUN2 attribute fields */ -static int stun2_att_length = -1; -static int stun2_att_family = -1; -static int stun2_att_type_comprehension = -1; -static int stun2_att_type_assignment = -1; -static int stun2_att_ipv4 = -1; -static int stun2_att_ipv6 = -1; -static int stun2_att_port = -1; -static int stun2_att_username = -1; -static int stun2_att_padding = -1; -static int stun2_att_hmac = -1; -static int stun2_att_crc32 = -1; -static int stun2_att_error_class = -1; -static int stun2_att_error_number = -1; -static int stun2_att_error_reason = -1; -static int stun2_att_realm = -1; -static int stun2_att_nonce = -1; -static int stun2_att_unknown = -1; -static int stun2_att_xor_ipv4 = -1; -static int stun2_att_xor_ipv6 = -1; -static int stun2_att_xor_port = -1; -static int stun2_att_icmp_type = -1; -static int stun2_att_icmp_code = -1; -static int stun2_att_software = -1; -static int stun2_att_priority = -1; -static int stun2_att_tie_breaker = -1; -static int stun2_att_change_ip = -1; -static int stun2_att_change_port = -1; -static int stun2_att_cache_timeout = -1; -static int stun2_att_token = -1; -static int stun2_att_reserve_next = -1; -static int stun2_att_reserved = -1; -static int stun2_att_value = -1; -static int stun2_att_transp = -1; -static int stun2_att_bandwidth = -1; -static int stun2_att_lifetime = -1; -static int stun2_att_channelnum = -1; - - -/* Structure containing transaction specific information */ -typedef struct _stun2_transaction_t { - guint32 req_frame; - guint32 rep_frame; - nstime_t req_time; -} stun2_transaction_t; - -/* Structure containing conversation specific information */ -typedef struct _stun2_conv_info_t { - emem_tree_t *transaction_pdus; -} stun2_conv_info_t; - - -/* Message classes */ -#define REQUEST 0x0000 -#define INDICATION 0x0001 -#define RESPONSE 0x0002 -#define ERROR_RESPONSE 0x0003 - - -/* Methods */ -#define BINDING 0x0001 /*draft-ietf-behave-rfc3489bis-17 */ -#define ALLOCATE 0x0003 /*draft-ietf-behave-turn-10*/ -#define REFRESH 0x0004 /*draft-ietf-behave-turn-10*/ -#define CHANNELBIND 0x0009 /*draft-ietf-behave-turn-10*/ -#define CREATE_PERMISSION 0x0008 /* draft-ietf-behave-turn-10 */ -/* Indications */ -#define SEND 0x0006 /*draft-ietf-behave-turn-10*/ -#define DATA_IND 0x0007 /*draft-ietf-behave-turn-10*/ - - -/* Attribute Types */ -/* Comprehension-required range (0x0000-0x7FFF) */ -#define MAPPED_ADDRESS 0x0001 /* draft-ietf-behave-rfc3489bis-17 */ -#define CHANGE_REQUEST 0x0003 /* draft-ietf-behave-nat-behavior-discovery-03 */ -#define USERNAME 0x0006 /* draft-ietf-behave-rfc3489bis-17 */ -#define MESSAGE_INTEGRITY 0x0008 /* draft-ietf-behave-rfc3489bis-17 */ -#define ERROR_CODE 0x0009 /* draft-ietf-behave-rfc3489bis-17 */ -#define UNKNOWN_ATTRIBUTES 0x000a /* draft-ietf-behave-rfc3489bis-17 */ -#define CHANNEL_NUMBER 0x000c /* draft-ietf-behave-turn-10 */ -#define LIFETIME 0x000d /* draft-ietf-behave-turn-10 */ -#define BANDWIDTH 0x0010 /* turn-07 */ -#define XOR_PEER_ADDRESS 0x0012 /* draft-ietf-behave-turn-10 */ -#define DATA 0x0013 /* draft-ietf-behave-turn-10 */ -#define REALM 0x0014 /* draft-ietf-behave-rfc3489bis-17 */ -#define NONCE 0x0015 /* draft-ietf-behave-rfc3489bis-17 */ -#define XOR_RELAYED_ADDRESS 0x0016 /* draft-ietf-behave-turn-10 */ -#define REQUESTED_ADDRESS_TYPE 0x0017 /* draft-ietf-behave-turn-ipv6-03 */ -#define EVEN_PORT 0x0018 /* draft-ietf-behave-turn-10 */ -#define REQUESTED_TRANSPORT 0x0019 /* draft-ietf-behave-turn-10 */ -#define DONT_FRAGMENT 0x001a /* draft-ietf-behave-turn-10 */ -#define XOR_MAPPED_ADDRESS 0x0020 /* draft-ietf-behave-rfc3489bis-17 */ -#define RESERVATION_TOKEN 0x0022 /* draft-ietf-behave-turn-10 */ -#define PRIORITY 0x0024 /* draft-ietf-mmusic-ice-19 */ -#define USE_CANDIDATE 0x0025 /* draft-ietf-mmusic-ice-19 */ -#define PADDING 0x0026 /* draft-ietf-behave-nat-behavior-discovery-03 */ -#define XOR_RESPONSE_TARGET 0x0027 /* draft-ietf-behave-nat-behavior-discovery-03 */ -#define XOR_REFLECTED_FROM 0x0028 /* draft-ietf-behave-nat-behavior-discovery-03 */ -#define ICMP 0x0030 /* Moved from TURN to a future I-D */ -/* Comprehension-optional range (0x8000-0xFFFF) */ -#define SOFTWARE 0x8022 /* draft-ietf-behave-rfc3489bis-17 */ -#define ALTERNATE_SERVER 0x8023 /* draft-ietf-behave-rfc3489bis-17 */ -#define CACHE_TIMEOUT 0x8027 /* draft-ietf-behave-nat-behavior-discovery-03 */ -#define FINGERPRINT 0x8028 /* draft-ietf-behave-rfc3489bis-17 */ -#define ICE_CONTROLLED 0x8029 /* draft-ietf-mmusic-ice-19 */ -#define ICE_CONTROLLING 0x802a /* draft-ietf-mmusic-ice-19 */ -#define RESPONSE_ORIGIN 0x802b /* draft-ietf-behave-nat-behavior-discovery-03 */ -#define OTHER_ADDRESS 0x802c /* draft-ietf-behave-nat-behavior-discovery-03 */ - -/* divers */ -#define PROTO_NUM_UDP 17 -#define PROTO_NUM_TCP 6 -#define PROTO_NUM_ERR 255 - -#define TURN_REQUESTED_PROPS_EVEN_PORT 0x01 -#define TURN_REQUESTED_PROPS_PAIR_OF_PORTS 0x02 - -#define TURN_CHANNEL_NUMBER_MIN 0x4000 -#define TURN_CHANNEL_NUMBER_MAX 0xFFFE - - - - - - - -/* Initialize the subtree pointers */ -static gint ett_stun2 = -1; -static gint ett_stun2_type = -1; -static gint ett_stun2_att_all= -1; -static gint ett_stun2_att = -1; -static gint ett_stun2_att_type = -1; - -#define UDP_PORT_STUN2 3478 -#define TCP_PORT_STUN2 3478 - -#define STUN2_HDR_LEN ((guint)20) /* STUN2 message header length */ -#define ATTR_HDR_LEN 4 /* STUN2 attribute header length */ -#define CHANNEL_DATA_HDR_LEN 4 /* TURN CHANNEL-DATA Message hdr length */ -#define MIN_HDR_LEN 4 - -static const value_string transportnames[] = { - { 17, "UDP" }, - { 6, "TCP" }, - { 0, NULL } -}; - -static const value_string classes[] = { - {REQUEST, "Request"}, - {INDICATION, "Indication"}, - {RESPONSE, "Success Response"}, - {ERROR_RESPONSE, "Error Response"}, - {0x00, NULL} -}; - -static const value_string methods[] = { - {BINDING, "Binding"}, - {ALLOCATE, "Allocate"}, - {REFRESH, "Refresh"}, - {CHANNELBIND, "Channel-Bind"}, - {SEND, "Send"}, - {DATA_IND, "Data"}, - {CREATE_PERMISSION, "CreatePermission"}, - {0x00, NULL} -}; - - - -static const value_string attributes[] = { - {MAPPED_ADDRESS, "MAPPED-ADDRESS"}, - {CHANGE_REQUEST, "CHANGE_REQUEST"}, - {USERNAME, "USERNAME"}, - {MESSAGE_INTEGRITY, "MESSAGE-INTEGRITY"}, - {ERROR_CODE, "ERROR-CODE"}, - {UNKNOWN_ATTRIBUTES, "UNKNOWN-ATTRIBUTES"}, - {CHANNEL_NUMBER, "CHANNEL-NUMBER"}, - {LIFETIME, "LIFETIME"}, - {BANDWIDTH, "BANDWIDTH"}, - {XOR_PEER_ADDRESS, "XOR-PEER-ADDRESS"}, - {DATA, "DATA"}, - {REALM, "REALM"}, - {NONCE, "NONCE"}, - {XOR_RELAYED_ADDRESS, "XOR-RELAYED-ADDRESS"}, - {REQUESTED_ADDRESS_TYPE, "REQUESTED-ADDRESS-TYPE"}, - {EVEN_PORT, "EVEN-PORT"}, - {REQUESTED_TRANSPORT, "REQUESTED-TRANSPORT"}, - {DONT_FRAGMENT, "DONT-FRAGMENT"}, - {XOR_MAPPED_ADDRESS, "XOR-MAPPED-ADDRESS"}, - {RESERVATION_TOKEN, "RESERVATION-TOKEN"}, - {PRIORITY, "PRIORITY"}, - {USE_CANDIDATE, "USE-CANDIDATE"}, - {PADDING, "PADDING"}, - {XOR_RESPONSE_TARGET, "XOR-RESPONSE-TARGET"}, - {XOR_REFLECTED_FROM, "XOR-REFELECTED-FROM"}, - {ICMP, "ICMP"}, - {SOFTWARE, "SOFTWARE"}, - {ALTERNATE_SERVER, "ALTERNATE-SERVER"}, - {CACHE_TIMEOUT, "CACHE-TIMEOUT"}, - {FINGERPRINT, "FINGERPRINT"}, - {ICE_CONTROLLED, "ICE-CONTROLLED"}, - {ICE_CONTROLLING, "ICE-CONTROLLING"}, - {RESPONSE_ORIGIN, "RESPONSE-ORIGIN"}, - {OTHER_ADDRESS, "OTHER-ADDRESS"}, - {0x00, NULL} -}; - -static const value_string assignments[] = { - {0x0000, "IETF Review"}, - {0x0001, "Designated Expert"}, - {0x00, NULL} -}; - -static const value_string comprehensions[] = { - {0x0000, "Required"}, - {0x0001, "Optional"}, - {0x00, NULL} -}; - -static const value_string attributes_reserve_next[] = { - {0, "No reservation"}, - {1, "Reserve next port number"}, - {0x00, NULL} -}; - -static const value_string attributes_properties_p[] = { - {0, "All allocation"}, - {1, "Preserving allocation"}, - {0x00, NULL} -}; - -static const value_string attributes_family[] = { - {0x0001, "IPv4"}, - {0x0002, "IPv6"}, - {0x00, NULL} -}; - -static const true_false_string set_flag = { - "SET", - "NOT SET" -}; - -static const value_string error_code[] = { - {300, "Try Alternate"},/* rfc3489bis-15 */ - {400, "Bad Request"},/* rfc3489bis-15 */ - {401, "Unauthorized"},/* rfc3489bis-15 */ - {420, "Unknown Attribute"},/* rfc3489bis-15 */ - {437, "Allocation Mismatch"},/* turn-07 */ - {438, "Stale Nonce"},/* rfc3489bis-15 */ - {439, "Wrong Credentials"}, /* turn-07 - collision 38=>39 */ - {442, "Unsupported Transport Protocol"},/* turn-07 */ - {440, "Address Family not Supported"}, /* turn-ipv6-04 */ - {481, "Connection does not exist"}, /* nat-behavior-discovery-03 */ - {486, "Allocation Quota Reached"},/* turn-07 */ - {500, "Server Error"},/* rfc3489bis-15 */ - {503, "Service Unavailable"}, /* nat-behavior-discovery-03 */ - {507, "Insufficient Bandwidth Capacity"},/* turn-07 */ - {508, "Insufficient Port Capacity"},/* turn-07 */ - {600, "Global Failure"}, - {0x00, NULL} -}; - - -static guint -get_stun2_message_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset) -{ - guint16 type = tvb_get_ntohs(tvb, offset); - guint16 length = tvb_get_ntohs(tvb, offset+2); - guint res = 0; - - if (type & 0xC000) - { - /* two first bits not NULL => should be a channel-data message */ - res = (guint) ((length + CHANNEL_DATA_HDR_LEN +3) & -4); - } - else - { - /* Normal STUN message */ - res = (guint) length + STUN2_HDR_LEN; - } - return res; -} - -static int -dissect_stun2_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - proto_item *ti; - proto_tree *stun2_tree; - proto_tree *stun2_type_tree; - proto_tree *att_all_tree; - proto_tree *att_type_tree; - proto_tree *att_tree; - guint16 msg_type; - guint16 msg_length; - guint16 msg_type_method; - guint16 msg_type_class; - const char *msg_class_str; - const char *msg_method_str; - guint16 att_type; - guint16 att_length; - const char *att_type_str; - guint16 offset; - guint i; - guint magic_cookie_first_word; - guint len; - guint msg_total_len; - conversation_t *conversation=NULL; - stun2_conv_info_t *stun2_info; - stun2_transaction_t * stun2_trans; - emem_tree_key_t transaction_id_key[2]; - guint32 transaction_id[3]; - - /* - * First check if the frame is really meant for us. - */ - - offset = 0; - len = tvb_length(tvb); - - - - /* First, make sure we have enough data to do the check. */ - if (len < MIN_HDR_LEN) - return 0; - - msg_type = tvb_get_ntohs(tvb, 0); - msg_length = tvb_get_ntohs(tvb, 2); - - if (msg_type & 0xC000) - { - /* two first bits not NULL => should be a channel-data message */ - if (msg_type == 0xFFFF) - return 0; - /* note that padding is only mandatory over streaming - protocols */ - msg_total_len = (guint) ((msg_length + CHANNEL_DATA_HDR_LEN +3) & -4) ; - - /* check if payload enough */ - if (len != msg_total_len) { - if (pinfo->ipproto != IP_PROTO_UDP) { - return 0; - } - /* recalculate the total length without padding */ - msg_total_len = (guint) msg_length + CHANNEL_DATA_HDR_LEN; - if (len != msg_total_len) - return 0; - } - } - else - { - /* Normal STUN message */ - msg_total_len = (guint) msg_length + STUN2_HDR_LEN; - if (len < STUN2_HDR_LEN) - return 0; - /* Check if it is really a STUN2 message */ - if ( tvb_get_ntohl(tvb, 4) != 0x2112a442) - return 0; - - /* check if payload enough */ - if (len != msg_total_len) - return 0; - } - - /* The message seems to be a valid STUN2 message! */ - - col_set_str(pinfo->cinfo, COL_PROTOCOL, "STUN2"); - - /* BEGIN of CHANNEL-DATA specific section */ - if (msg_type & 0xC000) - { - guint data_length; - tvbuff_t *next_tvb; - guint reported_len, new_len; - /* two first bits not NULL => should be a channel-data message*/ - - /* Clear out stuff in the info column */ - if (check_col(pinfo->cinfo,COL_INFO)) { - col_add_fstr(pinfo->cinfo, COL_INFO, "ChannelData TURN Message"); - } - if (!tree) - return tvb_length(tvb); - ti = proto_tree_add_item( - tree, proto_stun2, tvb, 0, - CHANNEL_DATA_HDR_LEN, - FALSE); - proto_item_append_text(ti, ", TURN ChannelData Message"); - stun2_tree = proto_item_add_subtree(ti, ett_stun2); - proto_tree_add_item(stun2_tree, hf_stun2_channel, tvb, offset, 2, FALSE); offset += 2; - data_length = tvb_get_ntohs(tvb, 2); - proto_tree_add_item(stun2_tree, hf_stun2_length, tvb, offset, 2, FALSE); offset += 2; - - - new_len = tvb_length_remaining(tvb, CHANNEL_DATA_HDR_LEN); - reported_len = tvb_reported_length_remaining(tvb, - CHANNEL_DATA_HDR_LEN); - if (data_length < reported_len) { - reported_len = data_length; - } - next_tvb = tvb_new_subset(tvb, CHANNEL_DATA_HDR_LEN, new_len, - reported_len); - - - if (!dissector_try_heuristic(heur_subdissector_list, - next_tvb, pinfo, tree)) { - call_dissector_only(data_handle,next_tvb, pinfo, tree); - } - - return tvb_length(tvb); - } - /* END of CHANNEL-DATA specific section */ - - /* At this stage, we know this is a standard stun2 message */ - - /* Create the transaction key which may be used - to track the conversation */ - transaction_id[0] = tvb_get_ntohl(tvb, 8); - transaction_id[1] = tvb_get_ntohl(tvb, 12); - transaction_id[2] = tvb_get_ntohl(tvb, 16); - - transaction_id_key[0].length = 3; - transaction_id_key[0].key = transaction_id; - transaction_id_key[1].length = 0; - transaction_id_key[1].key = NULL; - - msg_type_class = ((msg_type & 0x0010) >> 4) | ((msg_type & 0x0100) >> 7) ; - msg_type_method = (msg_type & 0x000F) | ((msg_type & 0x00E0) >> 1) | ((msg_type & 0x3E00) >> 2); - - /* Do we already have a conversation ? */ - conversation = - find_conversation(pinfo->fd->num, - &pinfo->src, &pinfo->dst, - pinfo->ptype, - pinfo->srcport, pinfo->destport, 0); - if (conversation == NULL) { - /* We don't yet have a conversation, so create one. */ - conversation = conversation_new(pinfo->fd->num, - &pinfo->src, &pinfo->dst, - pinfo->ptype, - pinfo->srcport, pinfo->destport, 0); - } - /* - * Do we already have a state structure for this conv - */ - stun2_info = conversation_get_proto_data(conversation, proto_stun2); - if (!stun2_info) { - /* No. Attach that information to the conversation, and add - * it to the list of information structures. - */ - stun2_info = se_alloc(sizeof(stun2_conv_info_t)); - stun2_info->transaction_pdus=se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "stun2_transaction_pdus"); - conversation_add_proto_data(conversation, proto_stun2, stun2_info); - } - - if (!pinfo->fd->flags.visited){ - if ((stun2_trans= - se_tree_lookup32_array(stun2_info->transaction_pdus, - transaction_id_key)) == NULL) { - stun2_trans=se_alloc(sizeof(stun2_transaction_t)); - stun2_trans->req_frame=0; - stun2_trans->rep_frame=0; - stun2_trans->req_time=pinfo->fd->abs_ts; - se_tree_insert32_array(stun2_info->transaction_pdus, - transaction_id_key, - (void *)stun2_trans); - } - - if (msg_type_class == REQUEST) { - /* This is a request */ - if (stun2_trans->req_frame == 0) { - stun2_trans->req_frame=pinfo->fd->num; - } - - } else { - /* This is a catch-all for all non-request messages */ - if (stun2_trans->rep_frame == 0) { - stun2_trans->rep_frame=pinfo->fd->num; - } - - } - } else { - stun2_trans=se_tree_lookup32_array(stun2_info->transaction_pdus, - transaction_id_key); - } - - if (!stun2_trans) { - /* create a "fake" pana_trans structure */ - stun2_trans=ep_alloc(sizeof(stun2_transaction_t)); - stun2_trans->req_frame=0; - stun2_trans->rep_frame=0; - stun2_trans->req_time=pinfo->fd->abs_ts; - } - - - msg_class_str = match_strval(msg_type_class, classes); - msg_method_str = match_strval(msg_type_method, methods); - - if (msg_method_str == NULL) - msg_method_str = "Unknown"; - - if (check_col(pinfo->cinfo, COL_INFO)) - col_add_fstr(pinfo->cinfo, COL_INFO, "%s %s", - msg_method_str, msg_class_str); - - if (!tree) - return tvb_length(tvb); - - ti = proto_tree_add_item(tree, proto_stun2, tvb, 0, -1, FALSE); - - stun2_tree = proto_item_add_subtree(ti, ett_stun2); - - - if (msg_type_class == REQUEST) { - if (stun2_trans->req_frame != pinfo->fd->num) { - proto_item *it; - it=proto_tree_add_uint(stun2_tree, hf_stun2_duplicate, - tvb, 0, 0, - stun2_trans->req_frame); - PROTO_ITEM_SET_GENERATED(it); - } - if (stun2_trans->rep_frame) { - proto_item *it; - it=proto_tree_add_uint(stun2_tree, hf_stun2_response_in, - tvb, 0, 0, - stun2_trans->rep_frame); - PROTO_ITEM_SET_GENERATED(it); - } - } - else { - /* Retransmission control */ - if (stun2_trans->rep_frame != pinfo->fd->num) { - proto_item *it; - it=proto_tree_add_uint(stun2_tree, hf_stun2_duplicate, - tvb, 0, 0, - stun2_trans->rep_frame); - PROTO_ITEM_SET_GENERATED(it); - } - if (msg_type_class == RESPONSE || msg_type_class == ERROR_RESPONSE) { - /* This is a response */ - if (stun2_trans->req_frame) { - proto_item *it; - nstime_t ns; - - it=proto_tree_add_uint(stun2_tree, hf_stun2_response_to, tvb, 0, 0, stun2_trans->req_frame); - PROTO_ITEM_SET_GENERATED(it); - - nstime_delta(&ns, &pinfo->fd->abs_ts, &stun2_trans->req_time); - it=proto_tree_add_time(stun2_tree, hf_stun2_time, tvb, 0, 0, &ns); - PROTO_ITEM_SET_GENERATED(it); - } - - } - } - - ti = proto_tree_add_uint_format(stun2_tree, hf_stun2_type, tvb, 0, 2, msg_type, "Message Type: 0x%04x (%s %s)", msg_type, msg_method_str, msg_class_str); - stun2_type_tree = proto_item_add_subtree(ti, ett_stun2_type); - proto_tree_add_uint(stun2_type_tree, hf_stun2_type_class, tvb, 0, 2, msg_type); - ti = proto_tree_add_text(stun2_type_tree, tvb, 0, 2, "%s (%d)", msg_class_str, msg_type_class); - PROTO_ITEM_SET_GENERATED(ti); - proto_tree_add_uint(stun2_type_tree, hf_stun2_type_method, tvb, 0, 2, msg_type); - ti = proto_tree_add_text(stun2_type_tree, tvb, 0, 2, "%s (0x%03x)", msg_method_str, msg_type_method); - PROTO_ITEM_SET_GENERATED(ti); - proto_tree_add_uint(stun2_type_tree, hf_stun2_type_method_assignment, tvb, 0, 2, msg_type); - ti = proto_tree_add_text(stun2_type_tree, tvb, 0, 2, "%s (%d)", match_strval((msg_type & 0x2000) >> 13, assignments), (msg_type & 0x2000) >> 13); - PROTO_ITEM_SET_GENERATED(ti); - - proto_tree_add_uint(stun2_tree, hf_stun2_length, tvb, 2, 2, msg_length); - proto_tree_add_item(stun2_tree, hf_stun2_cookie, tvb, 4, 4, FALSE); - proto_tree_add_item(stun2_tree, hf_stun2_id, tvb, 8, 12, FALSE); - - /* Remember this (in host order) so we can show clear xor'd addresses */ - magic_cookie_first_word = tvb_get_ntohl(tvb, 4); - - if (msg_length > 0) { - ti = proto_tree_add_item(stun2_tree, hf_stun2_attributes, tvb, STUN2_HDR_LEN, msg_length, FALSE); - att_all_tree = proto_item_add_subtree(ti, ett_stun2_att_all); - - offset = STUN2_HDR_LEN; - - while (msg_length > 0) { - att_type = tvb_get_ntohs(tvb, offset); /* Type field in attribute header */ - att_length = tvb_get_ntohs(tvb, offset+2); /* Length field in attribute header */ - att_type_str = match_strval(att_type, attributes); - if (att_type_str == NULL) - att_type_str = "Unknown"; - ti = proto_tree_add_uint_format(att_all_tree, hf_stun2_attr, tvb, offset, ATTR_HDR_LEN+att_length, att_type, "%s", att_type_str); - att_tree = proto_item_add_subtree(ti, ett_stun2_att); - ti = proto_tree_add_uint(att_tree, stun2_att_type, tvb, - offset, 2, att_type); - att_type_tree = proto_item_add_subtree(ti, ett_stun2_att_type); - proto_tree_add_uint(att_type_tree, stun2_att_type_comprehension, tvb, offset, 2, att_type); - ti = proto_tree_add_text(att_type_tree, tvb, offset, 2, "%s (%d)", match_strval((att_type & 0x8000) >> 15, comprehensions), (att_type & 0x8000) >> 15); - PROTO_ITEM_SET_GENERATED(ti); - proto_tree_add_uint(att_type_tree, stun2_att_type_assignment, tvb, offset, 2, att_type); - ti = proto_tree_add_text(att_type_tree, tvb, offset, 2, "%s (%d)", match_strval((att_type & 0x4000) >> 14, assignments), (att_type & 0x4000) >> 14); - PROTO_ITEM_SET_GENERATED(ti); - - offset += 2; - if (ATTR_HDR_LEN+att_length > msg_length) { - proto_tree_add_uint_format(att_tree, - stun2_att_length, tvb, offset, 2, - att_length, - "Attribute Length: %u (bogus, goes past the end of the message)", - att_length); - break; - } - proto_tree_add_uint(att_tree, stun2_att_length, tvb, - offset, 2, att_length); - offset += 2; - switch (att_type) { - case MAPPED_ADDRESS: - case ALTERNATE_SERVER: - case RESPONSE_ORIGIN: - case OTHER_ADDRESS: - if (att_length < 1) - break; - proto_tree_add_uint(att_tree, stun2_att_reserved, tvb, offset, 1, 1); - if (att_length < 2) - break; - proto_tree_add_item(att_tree, stun2_att_family, tvb, offset+1, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_port, tvb, offset+2, 2, FALSE); - switch (tvb_get_guint8(tvb, offset+1)) { - case 1: - if (att_length < 8) - break; - proto_tree_add_item(att_tree, stun2_att_ipv4, tvb, offset+4, 4, FALSE); - { - const gchar *ipstr; - guint32 ip; - ip = tvb_get_ipv4(tvb,offset+4); - ipstr = ip_to_str((guint8*)&ip); - proto_item_append_text(att_tree, ": %s:%d", ipstr,tvb_get_ntohs(tvb,offset+2)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " %s: %s:%d", - val_to_str(att_type, attributes, "Unknown"), - ipstr, - tvb_get_ntohs(tvb,offset+2) - ); - } - } - break; - - case 2: - if (att_length < 20) - break; - proto_tree_add_item(att_tree, stun2_att_ipv6, tvb, offset+4, 16, FALSE); - break; - } - break; - - case CHANGE_REQUEST: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_change_ip, tvb, offset, 4, FALSE); - proto_tree_add_item(att_tree, stun2_att_change_port, tvb, offset, 4, FALSE); - break; - - case USERNAME: - proto_tree_add_item(att_tree, stun2_att_username, tvb, offset, att_length, FALSE); - proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset, att_length)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " user: %s", - tvb_get_ephemeral_string(tvb,offset, att_length) - ); - } - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - - case MESSAGE_INTEGRITY: - if (att_length < 20) - break; - proto_tree_add_item(att_tree, stun2_att_hmac, tvb, offset, att_length, FALSE); - break; - - case ERROR_CODE: - if (att_length < 2) - break; - proto_tree_add_uint(att_tree, stun2_att_reserved, tvb, offset, 2, 2); - if (att_length < 3) - break; - proto_tree_add_item(att_tree, stun2_att_error_class, tvb, offset+2, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_error_number, tvb, offset+3, 1, FALSE); - { - int human_error_num = tvb_get_guint8(tvb, offset+2) * 100 + tvb_get_guint8(tvb, offset+3); - proto_item_append_text( - att_tree, - " %d (%s)", - human_error_num, /* human readable error code */ - val_to_str(human_error_num, error_code, "*Unknown error code*") - ); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " error-code: %d (%s)", - human_error_num, - val_to_str(human_error_num, error_code, "*Unknown error code*") - ); - } - } - if (att_length < 5) - break; - proto_tree_add_item(att_tree, stun2_att_error_reason, tvb, offset+4, att_length-4, FALSE); - - proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset+4, att_length-4)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " %s", - tvb_get_ephemeral_string(tvb, offset+4, att_length-4) - ); - } - - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - - case UNKNOWN_ATTRIBUTES: - for (i = 0; i < att_length; i += 2) - proto_tree_add_item(att_tree, stun2_att_unknown, tvb, offset+i, 2, FALSE); - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - - case REALM: - proto_tree_add_item(att_tree, stun2_att_realm, tvb, offset, att_length, FALSE); - proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset, att_length)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " realm: %s", - tvb_get_ephemeral_string(tvb,offset, att_length) - ); - } - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - - case NONCE: - proto_tree_add_item(att_tree, stun2_att_nonce, tvb, offset, att_length, FALSE); - proto_item_append_text(att_tree, ": %s", tvb_get_ephemeral_string(tvb, offset, att_length)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " with nonce" - ); - } - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - - case XOR_MAPPED_ADDRESS: - case XOR_PEER_ADDRESS: - case XOR_RELAYED_ADDRESS: - case XOR_RESPONSE_TARGET: - case XOR_REFLECTED_FROM: - if (att_length < 1) - break; - proto_tree_add_uint(att_tree, stun2_att_reserved, tvb, offset, 1, 1); - if (att_length < 2) - break; - proto_tree_add_item(att_tree, stun2_att_family, tvb, offset+1, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_xor_port, tvb, offset+2, 2, FALSE); - - /* Show the port 'in the clear' - XOR (host order) transid with (host order) xor-port. - Add host-order port into tree. */ - ti = proto_tree_add_uint(att_tree, stun2_att_port, tvb, offset+2, 2, - tvb_get_ntohs(tvb, offset+2) ^ - (magic_cookie_first_word >> 16)); - PROTO_ITEM_SET_GENERATED(ti); - - if (att_length < 8) - break; - switch (tvb_get_guint8(tvb, offset+1)) { - case 1: - if (att_length < 8) - break; - proto_tree_add_item(att_tree, stun2_att_xor_ipv4, tvb, offset+4, 4, FALSE); - - /* Show the address 'in the clear'. - XOR (host order) transid with (host order) xor-address. - Add in network order tree. */ - ti = proto_tree_add_ipv4(att_tree, stun2_att_ipv4, tvb, offset+4, 4, - g_htonl(tvb_get_ntohl(tvb, offset+4) ^ - magic_cookie_first_word)); - PROTO_ITEM_SET_GENERATED(ti); - - { - const gchar *ipstr; - guint32 ip; - guint16 port; - ip = g_htonl(tvb_get_ntohl(tvb, offset+4) ^ magic_cookie_first_word); - ipstr = ip_to_str((guint8*)&ip); - port = tvb_get_ntohs(tvb, offset+2) ^ (magic_cookie_first_word >> 16); - proto_item_append_text(att_tree, ": %s:%d", ipstr, port); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " %s: %s:%d", - val_to_str(att_type, attributes, "Unknown"), - ipstr, - port - ); - } - } - break; - - case 2: - if (att_length < 20) - break; - proto_tree_add_item(att_tree, stun2_att_xor_ipv6, tvb, offset+4, 16, FALSE); - { - guint32 IPv6[4]; - IPv6[0] = g_htonl(tvb_get_ntohl(tvb, offset+4) ^ magic_cookie_first_word); - IPv6[1] = g_htonl(tvb_get_ntohl(tvb, offset+8) ^ transaction_id[0]); - IPv6[2] = g_htonl(tvb_get_ntohl(tvb, offset+12) ^ transaction_id[1]); - IPv6[3] = g_htonl(tvb_get_ntohl(tvb, offset+16) ^ transaction_id[2]); - ti = proto_tree_add_ipv6(att_tree, stun2_att_ipv6, tvb, offset+4, 16, (const guint8 *)IPv6); - PROTO_ITEM_SET_GENERATED(ti); - } - - break; - } - break; - - case REQUESTED_ADDRESS_TYPE: - if (att_length < 1) - break; - proto_tree_add_item(att_tree, stun2_att_family, tvb, offset, 1, FALSE); - if (att_length < 4) - break; - proto_tree_add_uint(att_tree, stun2_att_reserved, tvb, offset+1, 3, 3); - break; -case EVEN_PORT: - if (att_length < 1) - break; - proto_tree_add_item(att_tree, stun2_att_reserve_next, tvb, offset, 1, FALSE); - break; - - case RESERVATION_TOKEN: - if (att_length < 8) - break; - proto_tree_add_item(att_tree, stun2_att_token, tvb, offset, 8, FALSE); - break; - - case PRIORITY: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_priority, tvb, offset, 4, FALSE); - break; - - case PADDING: - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset, att_length, att_length); - break; - - case ICMP: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_icmp_type, tvb, offset, 1, FALSE); - proto_tree_add_item(att_tree, stun2_att_icmp_code, tvb, offset+1, 1, FALSE); - break; - - case SOFTWARE: - proto_tree_add_item(att_tree, stun2_att_software, tvb, offset, att_length, FALSE); - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - - case CACHE_TIMEOUT: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_cache_timeout, tvb, offset, 4, FALSE); - break; - - case FINGERPRINT: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_crc32, tvb, offset, att_length, FALSE); - break; - - case ICE_CONTROLLED: - case ICE_CONTROLLING: - if (att_length < 8) - break; - proto_tree_add_item(att_tree, stun2_att_tie_breaker, tvb, offset, 8, FALSE); - break; - - case DATA: - if (att_length > 0) { - tvbuff_t *next_tvb; - guint reported_len, pad=0; - proto_tree_add_item(att_tree, stun2_att_value, tvb, offset, att_length, FALSE); - if (att_length % 4 != 0) { - pad = 4-(att_length % 4); - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, pad, pad); - } - reported_len = att_length; - - - next_tvb = - tvb_new_subset(tvb, offset, - reported_len, - reported_len); - - if (!dissector_try_heuristic(heur_subdissector_list, - next_tvb, pinfo, att_tree)) { - call_dissector_only(data_handle,next_tvb, pinfo, att_tree); - } - - } - break; - - case REQUESTED_TRANSPORT: - if (att_length < 1) - break; - proto_tree_add_item(att_tree, stun2_att_transp, tvb, offset, 1, FALSE); - if (att_length < 4) - break; - - { - guint8 protoCode = tvb_get_guint8(tvb, offset); - proto_item_append_text(att_tree, ": %s", val_to_str(protoCode, transportnames, "Unknown (0x%8x)")); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " %s", - val_to_str(protoCode, transportnames, "Unknown (0x%8x)") - ); - } - } - proto_tree_add_uint(att_tree, stun2_att_reserved, tvb, offset+1, 3, 3); - break; - - case CHANNEL_NUMBER: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_channelnum, tvb, offset, 2, FALSE); - { - guint16 chan = tvb_get_ntohs(tvb, offset); - proto_item_append_text(att_tree, ": 0x%x", chan); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " ChannelNumber=0x%x", - chan - ); - } - } - proto_tree_add_uint(att_tree, stun2_att_reserved, tvb, offset+2, 2, 2); - break; - - case BANDWIDTH: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_bandwidth, tvb, offset, 4, FALSE); - proto_item_append_text(att_tree, " %d", tvb_get_ntohl(tvb, offset)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " bandwidth: %d", - tvb_get_ntohl(tvb, offset) - ); - } - break; - case LIFETIME: - if (att_length < 4) - break; - proto_tree_add_item(att_tree, stun2_att_lifetime, tvb, offset, 4, FALSE); - proto_item_append_text(att_tree, " %d", tvb_get_ntohl(tvb, offset)); - if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr( - pinfo->cinfo, COL_INFO, - " lifetime: %d", - tvb_get_ntohl(tvb, offset) - ); - } - break; - - default: - if (att_length > 0) - proto_tree_add_item(att_tree, stun2_att_value, tvb, offset, att_length, FALSE); - if (att_length % 4 != 0) - proto_tree_add_uint(att_tree, stun2_att_padding, tvb, offset+att_length, 4-(att_length % 4), 4-(att_length % 4)); - break; - } - offset += (att_length+3) & -4; - msg_length -= (ATTR_HDR_LEN+att_length+3) & -4; - } - } - - return tvb_length(tvb); -} - -static int -dissect_stun2_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - return dissect_stun2_message(tvb, pinfo, tree); -} - -static void -dissect_stun2_message_no_return(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - dissect_stun2_message(tvb, pinfo, tree); -} - -static void -dissect_stun2_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - tcp_dissect_pdus(tvb, pinfo, tree, TRUE, MIN_HDR_LEN, - get_stun2_message_len, dissect_stun2_message_no_return); -} - -static gboolean -dissect_stun2_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - if (dissect_stun2_message(tvb, pinfo, tree) == 0) { - /* - * It wasn't a valid STUN2 message, and wasn't - * dissected as such. - */ - return FALSE; - } - return TRUE; -} - -void -proto_register_stun2(void) -{ - static hf_register_info hf[] = { - - { &hf_stun2_channel, - { "Channel Number", "stun2.channel", FT_UINT16, - BASE_HEX, NULL, 0x0, NULL, HFILL } - }, - - /* ////////////////////////////////////// */ - { &hf_stun2_type, - { "Message Type", "stun2.type", FT_UINT16, - BASE_HEX, NULL, 0, NULL, HFILL } - }, - { &hf_stun2_type_class, - { "Message Class", "stun2.type.class", FT_UINT16, - BASE_HEX, NULL, 0x0110, NULL, HFILL } - }, - { &hf_stun2_type_method, - { "Message Method", "stun2.type.method", FT_UINT16, - BASE_HEX, NULL, 0x3EEF, NULL, HFILL } - }, - { &hf_stun2_type_method_assignment, - { "Message Method Assignment", "stun2.type.method-assignment", FT_UINT16, - BASE_HEX, NULL, 0x2000, NULL, HFILL } - }, - { &hf_stun2_length, - { "Message Length", "stun2.length", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } - }, - { &hf_stun2_cookie, - { "Message Cookie", "stun2.cookie", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &hf_stun2_id, - { "Message Transaction ID", "stun2.id", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &hf_stun2_attributes, - { "Attributes", "stun2.attributes", FT_NONE, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &hf_stun2_attr, - { "Attribute Type", "stun2.attribute", FT_UINT16, - BASE_HEX, NULL, 0, NULL, HFILL } - }, - { &hf_stun2_response_in, - { "Response In", "stun2.response-in", FT_FRAMENUM, - BASE_NONE, NULL, 0x0, "The response to this STUN2 query is in this frame", HFILL } - }, - { &hf_stun2_response_to, - { "Request In", "stun2.response-to", FT_FRAMENUM, - BASE_NONE, NULL, 0x0, "This is a response to the STUN2 Request in this frame", HFILL } - }, - { &hf_stun2_time, - { "Time", "stun2.time", FT_RELATIVE_TIME, - BASE_NONE, NULL, 0x0, "The time between the Request and the Response", HFILL } - }, - { &hf_stun2_duplicate, - { "Duplicated original message in", "stun2.reqduplicate", FT_FRAMENUM, - BASE_NONE, NULL, 0x0, "This is a duplicate of STUN2 message in this frame", HFILL } - }, - /* ////////////////////////////////////// */ - { &stun2_att_type, - { "Attribute Type", "stun2.att.type", FT_UINT16, - BASE_HEX, VALS(attributes), 0x0, NULL, HFILL } - }, - { &stun2_att_type_comprehension, - { "Attribute Type Comprehension", "stun2.att.type.comprehension", FT_UINT16, - BASE_HEX, NULL, 0x8000, NULL, HFILL } - }, - { &stun2_att_type_assignment, - { "Attribute Type Assignment", "stun2.att.type.assignment", FT_UINT16, - BASE_HEX, NULL, 0x4000, NULL, HFILL } - }, - { &stun2_att_length, - { "Attribute Length", "stun2.att.length", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_family, - { "Protocol Family", "stun2.att.family", FT_UINT8, - BASE_HEX, VALS(attributes_family), 0x0, NULL, HFILL } - }, - { &stun2_att_ipv4, - { "IP", "stun2.att.ipv4", FT_IPv4, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_ipv6, - { "IP", "stun2.att.ipv6", FT_IPv6, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_port, - { "Port", "stun2.att.port", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_username, - { "Username", "stun2.att.username", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_padding, - { "Padding", "stun2.att.padding", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_hmac, - { "HMAC-SHA1", "stun2.att.hmac", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_crc32, - { "CRC-32", "stun2.att.crc32", FT_UINT32, - BASE_HEX, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_error_class, - { "Error Class","stun2.att.error.class", FT_UINT8, - BASE_DEC, NULL, 0x07, NULL, HFILL} - }, - { &stun2_att_error_number, - { "Error Code","stun2.att.error", FT_UINT8, - BASE_DEC, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_error_reason, - { "Error Reason Phrase","stun2.att.error.reason", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_realm, - { "Realm", "stun2.att.realm", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_nonce, - { "Nonce", "stun2.att.nonce", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_unknown, - { "Unknown Attribute","stun2.att.unknown", FT_UINT16, - BASE_HEX, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_xor_ipv4, - { "IP (XOR-d)", "stun2.att.ipv4-xord", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_xor_ipv6, - { "IP (XOR-d)", "stun2.att.ipv6-xord", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_xor_port, - { "Port (XOR-d)", "stun2.att.port-xord", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_icmp_type, - { "ICMP type", "stun2.att.icmp.type", FT_UINT8, - BASE_DEC, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_icmp_code, - { "ICMP code", "stun2.att.icmp.code", FT_UINT8, - BASE_DEC, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_software, - { "Software","stun2.att.software", FT_STRING, - BASE_NONE, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_priority, - { "Priority", "stun2.att.priority", FT_UINT32, - BASE_DEC, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_tie_breaker, - { "Tie breaker", "stun2.att.tie-breaker", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_lifetime, - { "Lifetime", "stun2.att.lifetime", FT_UINT32, - BASE_DEC, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_change_ip, - { "Change IP","stun2.att.change-ip", FT_BOOLEAN, - 16, TFS(&set_flag), 0x0004, NULL, HFILL} - }, - { &stun2_att_change_port, - { "Change Port","stun2.att.change-port", FT_BOOLEAN, - 16, TFS(&set_flag), 0x0002, NULL, HFILL} - }, - { &stun2_att_reserve_next, - { "Reserve next","stun2.att.even-port.reserve-next", FT_UINT8, - BASE_DEC, VALS(attributes_reserve_next), 0x80, NULL, HFILL} - }, - { &stun2_att_cache_timeout, - { "Cache timeout", "stun2.att.cache-timeout", FT_UINT32, - BASE_DEC, NULL, 0x0, NULL, HFILL} - }, - { &stun2_att_token, - { "Token", "stun2.att.token", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_value, - { "Value", "stun2.value", FT_BYTES, - BASE_NONE, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_reserved, - { "Reserved", "stun2.att.reserved", FT_UINT16, - BASE_DEC, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_transp, - { "Transport", "stun2.att.transp", FT_UINT8, - BASE_HEX, VALS(transportnames), 0x0, NULL, HFILL } - }, - { &stun2_att_channelnum, - { "Channel-Number", "stun2.att.channelnum", FT_UINT16, - BASE_HEX, NULL, 0x0, NULL, HFILL } - }, - { &stun2_att_bandwidth, - { "Bandwidth", "stun2.port.bandwidth", FT_UINT32, - BASE_DEC, NULL, 0x0, NULL, HFILL } - }, - }; - - /* Setup protocol subtree array */ - static gint *ett[] = { - &ett_stun2, - &ett_stun2_type, - &ett_stun2_att_all, - &ett_stun2_att, - &ett_stun2_att_type, - }; - - /* Register the protocol name and description */ - proto_stun2 = proto_register_protocol("Session Traversal Utilities for NAT", - "STUN2", "stun2"); - - /* Required function calls to register the header fields and subtrees used */ - proto_register_field_array(proto_stun2, hf, array_length(hf)); - proto_register_subtree_array(ett, array_length(ett)); - - /* heuristic subdissectors (used for the DATA field) */ - register_heur_dissector_list("stun2", &heur_subdissector_list); -} - -void -proto_reg_handoff_stun2(void) -{ - dissector_handle_t stun2_tcp_handle; - dissector_handle_t stun2_udp_handle; - - stun2_tcp_handle = create_dissector_handle(dissect_stun2_tcp, proto_stun2); - stun2_udp_handle = new_create_dissector_handle(dissect_stun2_udp, proto_stun2); - - dissector_add("tcp.port", TCP_PORT_STUN2, stun2_tcp_handle); - dissector_add("udp.port", UDP_PORT_STUN2, stun2_udp_handle); - - heur_dissector_add("udp", dissect_stun2_heur, proto_stun2); - heur_dissector_add("tcp", dissect_stun2_heur, proto_stun2); - heur_dissector_add("stun2", dissect_stun2_heur, - proto_stun2); - - data_handle = find_dissector("data"); -} - diff --git a/epan/dissectors/packet-tftp.c b/epan/dissectors/packet-tftp.c index d3bb5df1d8..2fce1eaa0a 100644 --- a/epan/dissectors/packet-tftp.c +++ b/epan/dissectors/packet-tftp.c @@ -554,7 +554,7 @@ proto_reg_handoff_tftp(void) if (!tftp_initialized) { tftp_handle = find_dissector("tftp"); - heur_dissector_add("stun2", dissect_embeddedtftp_heur, proto_tftp); + heur_dissector_add("stun", dissect_embeddedtftp_heur, proto_tftp); tftp_initialized = TRUE; } else { range_foreach (tftp_port_range, range_delete_callback); |