aboutsummaryrefslogtreecommitdiffstats
path: root/epan/dissectors/asn1/snmp/snmp.cnf
diff options
context:
space:
mode:
Diffstat (limited to 'epan/dissectors/asn1/snmp/snmp.cnf')
-rw-r--r--epan/dissectors/asn1/snmp/snmp.cnf241
1 files changed, 241 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/snmp/snmp.cnf b/epan/dissectors/asn1/snmp/snmp.cnf
new file mode 100644
index 0000000000..c1ed1575e6
--- /dev/null
+++ b/epan/dissectors/asn1/snmp/snmp.cnf
@@ -0,0 +1,241 @@
+# snmp.cnf
+# snmp conformation file
+
+
+#.PDU
+SMUX-PDUs
+
+#.NO_EMIT
+NotificationName
+VarBind
+
+#.TYPE_RENAME
+Message/community Community
+Trap-PDU/_untag/generic-trap GenericTrap
+Trap-PDU/_untag/specific-trap SpecificTrap
+
+#.FIELD_RENAME
+Messagev2u/datav2u/plaintext v2u_plaintext
+BulkPDU/request-id bulkPDU_request-id
+
+#.FN_PARS Version VAL_PTR = &snmp_version
+
+#.FN_PARS PDUs
+
+ VAL_PTR = &pdu_type
+
+#.FN_BODY PDUs
+gint pdu_type=-1;
+
+ col_clear(actx->pinfo->cinfo, COL_INFO);
+
+%(DEFAULT_BODY)s
+ if( (pdu_type!=-1) && snmp_PDUs_vals[pdu_type].strptr ){
+ col_prepend_fstr(actx->pinfo->cinfo, COL_INFO, "%%s", snmp_PDUs_vals[pdu_type].strptr);
+ }
+
+#.END
+
+#.FN_BODY Trap-PDU/_untag
+ generic_trap = 0;
+ enterprise_oid = NULL;
+
+%(DEFAULT_BODY)s
+
+ if (snmp_version != 0) {
+ expert_add_info(actx->pinfo, tree, &ei_snmp_trap_pdu_obsolete);
+ }
+
+#.FN_PARS Trap-PDU/_untag/generic-trap VAL_PTR = &generic_trap
+
+#.FN_BODY Trap-PDU/_untag/specific-trap VAL_PTR = &specific_trap
+ guint specific_trap;
+
+%(DEFAULT_BODY)s
+
+ if (generic_trap == 6) { /* enterprise specific */
+ const gchar *specific_str = snmp_lookup_specific_trap (specific_trap);
+ if (specific_str) {
+ proto_item_append_text(actx->created_item, " (%%s)", specific_str);
+ }
+ }
+#.END
+
+
+#.FN_PARS EnterpriseOID FN_VARIANT = _str VAL_PTR = &enterprise_oid
+
+#.FN_BODY EnterpriseOID
+ const gchar* name;
+
+%(DEFAULT_BODY)s
+
+ if (display_oid && enterprise_oid) {
+ name = oid_resolved_from_string(wmem_packet_scope(), enterprise_oid);
+ if (name) {
+ col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %%s", name);
+ }
+ }
+
+#.END
+
+#.FN_PARS HeaderData/msgSecurityModel
+
+ VAL_PTR = &MsgSecurityModel
+
+#.FN_PARS UsmSecurityParameters/msgAuthoritativeEngineBoots
+
+ VAL_PTR = &usm_p.boots
+
+#.FN_PARS UsmSecurityParameters/msgAuthoritativeEngineTime
+
+ VAL_PTR = &usm_p.snmp_time
+
+#.FN_BODY UsmSecurityParameters/msgAuthoritativeEngineID
+
+ offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, &usm_p.engine_tvb);
+ if (usm_p.engine_tvb) {
+ proto_tree* engine_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_engineid);
+ dissect_snmp_engineid(engine_tree, actx->pinfo, usm_p.engine_tvb, 0, tvb_reported_length_remaining(usm_p.engine_tvb,0));
+ }
+
+#.FN_BODY SnmpEngineID
+ tvbuff_t* param_tvb = NULL;
+
+ offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, &param_tvb);
+ if (param_tvb) {
+ proto_tree* engine_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_engineid);
+ dissect_snmp_engineid(engine_tree, actx->pinfo, param_tvb, 0, tvb_reported_length_remaining(param_tvb,0));
+ }
+
+#.FN_PARS UsmSecurityParameters/msgUserName
+ VAL_PTR = &usm_p.user_tvb
+
+#.FN_BODY UsmSecurityParameters/msgAuthenticationParameters
+ offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &usm_p.auth_tvb);
+ if (usm_p.auth_tvb) {
+ usm_p.auth_item = %(ACTX)s->created_item;
+ usm_p.auth_offset = tvb_offset_from_real_beginning(usm_p.auth_tvb);
+ }
+#.FN_PARS UsmSecurityParameters/msgPrivacyParameters
+ VAL_PTR = &usm_p.priv_tvb
+
+#.FN_BODY ScopedPduData/encryptedPDU
+ tvbuff_t* crypt_tvb;
+ offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_snmp_encryptedPDU, &crypt_tvb);
+
+ if( usm_p.encrypted && crypt_tvb
+ && usm_p.user_assoc
+ && usm_p.user_assoc->user.privProtocol ) {
+
+ const gchar* error = NULL;
+ proto_tree* encryptedpdu_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_encryptedPDU);
+ tvbuff_t* cleartext_tvb = usm_p.user_assoc->user.privProtocol(&usm_p, crypt_tvb, &error );
+
+ if (! cleartext_tvb) {
+ proto_tree_add_expert_format(encryptedpdu_tree, actx->pinfo, &ei_snmp_failed_decrypted_data_pdu,
+ crypt_tvb, 0, -1, "Failed to decrypt encryptedPDU: %%s", error);
+
+ col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: Failed to decrypt");
+
+ return offset;
+ } else {
+ proto_item* decrypted_item;
+ proto_tree* decrypted_tree;
+
+ if (! check_ScopedPdu(cleartext_tvb)) {
+ proto_tree_add_expert(encryptedpdu_tree, actx->pinfo, &ei_snmp_decrypted_data_bad_formatted, cleartext_tvb, 0, -1);
+
+ col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: Decrypted data not formatted as expected");
+
+ return offset;
+ }
+
+
+ add_new_data_source(actx->pinfo, cleartext_tvb, "Decrypted ScopedPDU");
+
+ decrypted_item = proto_tree_add_item(encryptedpdu_tree, hf_snmp_decryptedPDU,cleartext_tvb,0,-1,ENC_NA);
+ decrypted_tree = proto_item_add_subtree(decrypted_item,ett_decrypted);
+ dissect_snmp_ScopedPDU(FALSE, cleartext_tvb, 0, actx, decrypted_tree, -1);
+ }
+ } else {
+ col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: privKey Unknown");
+ }
+
+#.FN_BODY SNMPv3Message/msgSecurityParameters
+
+ switch(MsgSecurityModel){
+ case SNMP_SEC_USM: /* 3 */
+ offset = get_ber_identifier(tvb, offset, NULL, NULL, NULL);
+ offset = get_ber_length(tvb, offset, NULL, NULL);
+ offset = dissect_snmp_UsmSecurityParameters(FALSE, tvb, offset, actx, tree, -1);
+ usm_p.user_assoc = get_user_assoc(usm_p.engine_tvb, usm_p.user_tvb);
+ break;
+ case SNMP_SEC_ANY: /* 0 */
+ case SNMP_SEC_V1: /* 1 */
+ case SNMP_SEC_V2C: /* 2 */
+ default:
+ %(DEFAULT_BODY)s
+ break;
+ }
+
+#.FN_FTR SNMPv3Message
+
+ if( usm_p.authenticated
+ && usm_p.user_assoc
+ && usm_p.user_assoc->user.authModel ) {
+ const gchar* error = NULL;
+ proto_item* authen_item;
+ proto_tree* authen_tree = proto_item_add_subtree(usm_p.auth_item,ett_authParameters);
+ guint8* calc_auth;
+ guint calc_auth_len;
+
+ usm_p.authOK = usm_p.user_assoc->user.authModel->authenticate( &usm_p, &calc_auth, &calc_auth_len, &error );
+
+ if (error) {
+ expert_add_info_format( actx->pinfo, usm_p.auth_item, &ei_snmp_verify_authentication_error, "Error while verifying Message authenticity: %s", error );
+ } else {
+ expert_field* expert;
+
+ authen_item = proto_tree_add_boolean(authen_tree, hf_snmp_msgAuthentication, tvb, 0, 0, usm_p.authOK);
+ PROTO_ITEM_SET_GENERATED(authen_item);
+
+ if (usm_p.authOK) {
+ expert = &ei_snmp_authentication_ok;
+ } else {
+ const gchar* calc_auth_str = bytestring_to_str(wmem_packet_scope(), calc_auth,calc_auth_len,' ');
+ proto_item_append_text(authen_item, " calculated = %s", calc_auth_str);
+ expert = &ei_snmp_authentication_error;
+ }
+
+ expert_add_info( actx->pinfo, authen_item, expert);
+ }
+ }
+
+#.END
+
+
+
+#.FN_BODY HeaderData/msgFlags VAL_PTR = &parameter_tvb
+ tvbuff_t *parameter_tvb = NULL;
+
+ %(DEFAULT_BODY)s
+ if (parameter_tvb){
+ guint8 v3_flags = tvb_get_guint8(parameter_tvb, 0);
+ proto_tree* flags_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_msgFlags);
+
+ proto_tree_add_item(flags_tree, hf_snmp_v3_flags_report, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(flags_tree, hf_snmp_v3_flags_crypt, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
+ proto_tree_add_item(flags_tree, hf_snmp_v3_flags_auth, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
+
+ usm_p.encrypted = v3_flags & TH_CRYPT ? TRUE : FALSE;
+ usm_p.authenticated = v3_flags & TH_AUTH ? TRUE : FALSE;
+ }
+
+
+#.TYPE_ATTR
+NetworkAddress TYPE = FT_IPv4 DISPLAY = BASE_NONE STRINGS = NULL
+Message/community TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
+HeaderData/msgSecurityModel TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(sec_models)
+UsmSecurityParameters/msgUserName TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
+ScopedPDU/contextName TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
+#.END
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-19 13:43:08 +0000