diff options
Diffstat (limited to 'epan/dissectors/packet-imf.c')
| -rw-r--r-- | epan/dissectors/packet-imf.c | 267 |
1 files changed, 141 insertions, 126 deletions
diff --git a/epan/dissectors/packet-imf.c b/epan/dissectors/packet-imf.c index 9a2de8ef4b..882370c65d 100644 --- a/epan/dissectors/packet-imf.c +++ b/epan/dissectors/packet-imf.c @@ -22,7 +22,7 @@ #include <epan/export_object.h> #include "packet-ber.h" -#include "packet-http.h" +#include "packet-media-type.h" #include "packet-imf.h" #include "packet-ess.h" #include "packet-p1.h" @@ -30,118 +30,121 @@ void proto_register_imf(void); void proto_reg_handoff_imf(void); -static int imf_eo_tap = -1; +static int imf_eo_tap; #define PNAME "Internet Message Format" #define PSNAME "IMF" #define PFNAME "imf" -static int proto_imf = -1; - -static int hf_imf_date = -1; -static int hf_imf_from = -1; -static int hf_imf_sender = -1; -static int hf_imf_reply_to = -1; -static int hf_imf_to = -1; -static int hf_imf_cc = -1; -static int hf_imf_bcc = -1; -static int hf_imf_message_id = -1; -static int hf_imf_in_reply_to = -1; -static int hf_imf_references = -1; -static int hf_imf_subject = -1; -static int hf_imf_comments = -1; -static int hf_imf_user_agent = -1; -static int hf_imf_keywords = -1; -static int hf_imf_resent_date = -1; -static int hf_imf_resent_from = -1; -static int hf_imf_resent_sender = -1; -static int hf_imf_resent_to = -1; -static int hf_imf_resent_cc = -1; -static int hf_imf_resent_bcc = -1; -static int hf_imf_resent_message_id = -1; -static int hf_imf_return_path = -1; -static int hf_imf_received = -1; -static int hf_imf_content_type = -1; -static int hf_imf_content_type_type = -1; -static int hf_imf_content_type_parameters = -1; -static int hf_imf_content_id = -1; -static int hf_imf_content_transfer_encoding = -1; -static int hf_imf_content_description = -1; -static int hf_imf_mime_version = -1; -static int hf_imf_thread_index = -1; -static int hf_imf_ext_mailer = -1; -static int hf_imf_ext_mimeole = -1; -static int hf_imf_ext_tnef_correlator = -1; -static int hf_imf_ext_expiry_date = -1; -static int hf_imf_ext_uidl = -1; -static int hf_imf_ext_authentication_warning = -1; -static int hf_imf_ext_virus_scanned = -1; -static int hf_imf_extension = -1; -static int hf_imf_extension_type = -1; -static int hf_imf_extension_value = -1; +static int proto_imf; + +static int hf_imf_date; +static int hf_imf_from; +static int hf_imf_sender; +static int hf_imf_reply_to; +static int hf_imf_to; +static int hf_imf_cc; +static int hf_imf_bcc; +static int hf_imf_message_id; +static int hf_imf_in_reply_to; +static int hf_imf_references; +static int hf_imf_subject; +static int hf_imf_comments; +static int hf_imf_user_agent; +static int hf_imf_keywords; +static int hf_imf_resent_date; +static int hf_imf_resent_from; +static int hf_imf_resent_sender; +static int hf_imf_resent_to; +static int hf_imf_resent_cc; +static int hf_imf_resent_bcc; +static int hf_imf_resent_message_id; +static int hf_imf_return_path; +static int hf_imf_received; +static int hf_imf_content_type; +static int hf_imf_content_type_type; +static int hf_imf_content_type_parameters; +static int hf_imf_content_id; +static int hf_imf_content_transfer_encoding; +static int hf_imf_content_description; +static int hf_imf_mime_version; +static int hf_imf_thread_index; +static int hf_imf_lines; +static int hf_imf_precedence; +static int hf_imf_ext_mailer; +static int hf_imf_ext_mimeole; +static int hf_imf_ext_tnef_correlator; +static int hf_imf_ext_expiry_date; +static int hf_imf_ext_uidl; +static int hf_imf_ext_authentication_warning; +static int hf_imf_ext_virus_scanned; +static int hf_imf_ext_original_to; +static int hf_imf_extension; +static int hf_imf_extension_type; +static int hf_imf_extension_value; /* RFC 2156 */ -static int hf_imf_autoforwarded = -1; -static int hf_imf_autosubmitted = -1; -static int hf_imf_x400_content_identifier = -1; -static int hf_imf_content_language = -1; -static int hf_imf_conversion = -1; -static int hf_imf_conversion_with_loss = -1; -static int hf_imf_delivery_date = -1; -static int hf_imf_discarded_x400_ipms_extensions = -1; -static int hf_imf_discarded_x400_mts_extensions = -1; -static int hf_imf_dl_expansion_history = -1; -static int hf_imf_deferred_delivery = -1; -static int hf_imf_expires = -1; -static int hf_imf_importance = -1; -static int hf_imf_incomplete_copy = -1; -static int hf_imf_latest_delivery_time = -1; -static int hf_imf_message_type = -1; -static int hf_imf_original_encoded_information_types = -1; -static int hf_imf_originator_return_address = -1; -static int hf_imf_priority = -1; -static int hf_imf_reply_by = -1; -static int hf_imf_sensitivity = -1; -static int hf_imf_supersedes = -1; -static int hf_imf_x400_content_type = -1; -static int hf_imf_x400_mts_identifier = -1; -static int hf_imf_x400_originator = -1; -static int hf_imf_x400_received = -1; -static int hf_imf_x400_recipients = -1; - -static int hf_imf_delivered_to = -1; - -static int hf_imf_message_text = -1; - -static int hf_imf_display_name = -1; -static int hf_imf_address = -1; -/* static int hf_imf_mailbox_list = -1; */ -static int hf_imf_mailbox_list_item = -1; -/* static int hf_imf_address_list = -1; */ -static int hf_imf_address_list_item = -1; +static int hf_imf_autoforwarded; +static int hf_imf_autosubmitted; +static int hf_imf_x400_content_identifier; +static int hf_imf_content_language; +static int hf_imf_conversion; +static int hf_imf_conversion_with_loss; +static int hf_imf_delivery_date; +static int hf_imf_discarded_x400_ipms_extensions; +static int hf_imf_discarded_x400_mts_extensions; +static int hf_imf_dl_expansion_history; +static int hf_imf_deferred_delivery; +static int hf_imf_expires; +static int hf_imf_importance; +static int hf_imf_incomplete_copy; +static int hf_imf_latest_delivery_time; +static int hf_imf_message_type; +static int hf_imf_original_encoded_information_types; +static int hf_imf_originator_return_address; +static int hf_imf_priority; +static int hf_imf_reply_by; +static int hf_imf_sensitivity; +static int hf_imf_supersedes; +static int hf_imf_x400_content_type; +static int hf_imf_x400_mts_identifier; +static int hf_imf_x400_originator; +static int hf_imf_x400_received; +static int hf_imf_x400_recipients; + +static int hf_imf_delivered_to; + +static int hf_imf_message_text; + +static int hf_imf_display_name; +static int hf_imf_address; +/* static int hf_imf_mailbox_list; */ +static int hf_imf_mailbox_list_item; +/* static int hf_imf_address_list; */ +static int hf_imf_address_list_item; /* draft-zeilenga-email-seclabel-04 */ -static int hf_imf_siolabel = -1; -static int hf_imf_siolabel_marking = -1; -static int hf_imf_siolabel_fgcolor = -1; -static int hf_imf_siolabel_bgcolor = -1; -static int hf_imf_siolabel_type = -1; -static int hf_imf_siolabel_label = -1; -static int hf_imf_siolabel_unknown = -1; - -static int ett_imf = -1; -static int ett_imf_content_type = -1; -static int ett_imf_mailbox = -1; -static int ett_imf_group = -1; -static int ett_imf_mailbox_list = -1; -static int ett_imf_address_list = -1; -static int ett_imf_siolabel = -1; -static int ett_imf_extension = -1; -static int ett_imf_message_text = -1; +static int hf_imf_siolabel; +static int hf_imf_siolabel_marking; +static int hf_imf_siolabel_fgcolor; +static int hf_imf_siolabel_bgcolor; +static int hf_imf_siolabel_type; +static int hf_imf_siolabel_label; +static int hf_imf_siolabel_unknown; + +static int ett_imf; +static int ett_imf_content_type; +static int ett_imf_mailbox; +static int ett_imf_group; +static int ett_imf_mailbox_list; +static int ett_imf_address_list; +static int ett_imf_siolabel; +static int ett_imf_extension; +static int ett_imf_message_text; static dissector_handle_t imf_handle; -static expert_field ei_imf_unknown_param = EI_INIT; +static expert_field ei_imf_unknown_param; /* Used for IMF Export Object feature */ typedef struct _imf_eo_t { @@ -153,7 +156,7 @@ typedef struct _imf_eo_t { } imf_eo_t; static tap_packet_status -imf_eo_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *data) +imf_eo_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *data, tap_flags_t flags _U_) { export_object_list_t *object_list = (export_object_list_t *)tapdata; const imf_eo_t *eo_info = (const imf_eo_t *)data; @@ -169,14 +172,14 @@ imf_eo_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const /* Only include the string inside of the "<>" brackets. If there is nothing between the two brackets use the sender_data string */ if(start && stop && stop > start && (stop - start) > 2){ - entry->hostname = g_strdup_printf("%.*s", (int) (stop - start - 1), start + 1); + entry->hostname = ws_strdup_printf("%.*s", (int) (stop - start - 1), start + 1); } else { entry->hostname = g_strdup(eo_info->sender_data); } entry->pkt_num = pinfo->num; entry->content_type = g_strdup("EML file"); - entry->filename = g_strdup_printf("%s.eml", eo_info->subject_data); + entry->filename = ws_strdup_printf("%s.eml", eo_info->subject_data); entry->payload_len = eo_info->payload_len; entry->payload_data = (guint8 *)g_memdup2(eo_info->payload_data, eo_info->payload_len); @@ -268,12 +271,15 @@ static struct imf_field imf_fields[] = { /* some others */ {"x-mailer", &hf_imf_ext_mailer, NO_SUBDISSECTION, FALSE}, /* unstructured */ {"thread-index", &hf_imf_thread_index, NO_SUBDISSECTION, FALSE}, /* unstructured */ + {"lines", &hf_imf_lines, NULL, FALSE}, + {"precedence", &hf_imf_precedence, NULL, FALSE}, {"x-mimeole", &hf_imf_ext_mimeole, NO_SUBDISSECTION, FALSE}, /* unstructured */ {"expiry-date", &hf_imf_ext_expiry_date, NO_SUBDISSECTION, FALSE}, /* unstructured */ {"x-ms-tnef-correlator", &hf_imf_ext_tnef_correlator, NO_SUBDISSECTION, FALSE}, /* unstructured */ {"x-uidl", &hf_imf_ext_uidl, NO_SUBDISSECTION, FALSE}, /* unstructured */ {"x-authentication-warning", &hf_imf_ext_authentication_warning, NO_SUBDISSECTION, FALSE}, /* unstructured */ {"x-virus-scanned", &hf_imf_ext_virus_scanned, NO_SUBDISSECTION, FALSE}, /* unstructured */ + {"x-original-to", &hf_imf_ext_original_to, dissect_imf_address_list, FALSE}, {"sio-label", &hf_imf_siolabel, dissect_imf_siolabel, FALSE}, /* sio-label */ {NULL, NULL, NULL, FALSE}, }; @@ -317,7 +323,7 @@ static GHashTable *custom_field_table; static hf_register_info *dynamic_hf; static guint dynamic_hf_size; -static gboolean +static bool header_fields_update_cb(void *r, char **err) { header_field_t *rec = (header_field_t *)r; @@ -339,7 +345,7 @@ header_fields_update_cb(void *r, char **err) */ c = proto_check_field_name(rec->header_name); if (c) { - *err = g_strdup_printf("Header name can't contain '%c'", c); + *err = ws_strdup_printf("Header name can't contain '%c'", c); return FALSE; } @@ -398,7 +404,7 @@ dissect_imf_address(tvbuff_t *tvb, int offset, int length, proto_item *item, pac group_tree = proto_item_add_subtree(item, ett_imf_group); /* the display-name is mandatory */ - group_item = proto_tree_add_item(group_tree, hf_imf_display_name, tvb, offset, addr_pos - offset - 1, ENC_ASCII|ENC_NA); + group_item = proto_tree_add_item(group_tree, hf_imf_display_name, tvb, offset, addr_pos - offset - 1, ENC_ASCII); /* consume any whitespace */ for(addr_pos++ ;addr_pos < (offset + length); addr_pos++) { @@ -435,7 +441,7 @@ dissect_imf_mailbox(tvbuff_t *tvb, int offset, int length, proto_item *item, pac if((addr_pos = tvb_find_guint8(tvb, offset, length, '<')) == -1) { /* we can't find an angle bracket - the whole field is therefore the address */ - (void) proto_tree_add_item(mbox_tree, hf_imf_address, tvb, offset, length, ENC_ASCII|ENC_NA); + (void) proto_tree_add_item(mbox_tree, hf_imf_address, tvb, offset, length, ENC_ASCII); } else { /* we can find an angle bracket - let's see if we can find a display name */ @@ -448,12 +454,12 @@ dissect_imf_mailbox(tvbuff_t *tvb, int offset, int length, proto_item *item, pac } if(offset != addr_pos) { /* there is a display name */ - (void) proto_tree_add_item(mbox_tree, hf_imf_display_name, tvb, offset, addr_pos - offset - 1, ENC_ASCII|ENC_NA); + (void) proto_tree_add_item(mbox_tree, hf_imf_display_name, tvb, offset, addr_pos - offset - 1, ENC_ASCII); } end_pos = tvb_find_guint8(tvb, addr_pos + 1, length - (addr_pos + 1 - offset), '>'); if(end_pos != -1) { - (void) proto_tree_add_item(mbox_tree, hf_imf_address, tvb, addr_pos + 1, end_pos - addr_pos - 1, ENC_ASCII|ENC_NA); + (void) proto_tree_add_item(mbox_tree, hf_imf_address, tvb, addr_pos + 1, end_pos - addr_pos - 1, ENC_ASCII); } } } @@ -485,7 +491,7 @@ dissect_imf_address_list(tvbuff_t *tvb, int offset, int length, proto_item *item } else { item_length = end_offset - item_offset; } - addr_item = proto_tree_add_item(tree, hf_imf_address_list_item, tvb, item_offset, item_length, ENC_ASCII|ENC_NA); + addr_item = proto_tree_add_item(tree, hf_imf_address_list_item, tvb, item_offset, item_length, ENC_ASCII); dissect_imf_address(tvb, item_offset, item_length, addr_item, pinfo); if(end_offset != -1) { @@ -524,7 +530,7 @@ dissect_imf_mailbox_list(tvbuff_t *tvb, int offset, int length, proto_item *item } else { item_length = end_offset - item_offset; } - mbox_item = proto_tree_add_item(tree, hf_imf_mailbox_list_item, tvb, item_offset, item_length, ENC_ASCII|ENC_NA); + mbox_item = proto_tree_add_item(tree, hf_imf_mailbox_list_item, tvb, item_offset, item_length, ENC_ASCII); dissect_imf_mailbox(tvb, item_offset, item_length, mbox_item, pinfo); if(end_offset != -1) { @@ -583,14 +589,14 @@ dissect_imf_siolabel(tvbuff_t *tvb, int offset, int length, proto_item *item, pa proto_item_append_text(item, ": %s", marking); } else if (tvb_strneql(tvb, item_offset, "fgcolor", 7) == 0) { - proto_tree_add_item(tree, hf_imf_siolabel_fgcolor, tvb, value_offset, value_length, ENC_ASCII|ENC_NA); + proto_tree_add_item(tree, hf_imf_siolabel_fgcolor, tvb, value_offset, value_length, ENC_ASCII); } else if (tvb_strneql(tvb, item_offset, "bgcolor", 7) == 0) { - proto_tree_add_item(tree, hf_imf_siolabel_bgcolor, tvb, value_offset, value_length, ENC_ASCII|ENC_NA); + proto_tree_add_item(tree, hf_imf_siolabel_bgcolor, tvb, value_offset, value_length, ENC_ASCII); } else if (tvb_strneql(tvb, item_offset, "type", 4) == 0) { type = tvb_get_string_enc(pinfo->pool, tvb, value_offset + 1, value_length - 2, ENC_ASCII); /* quoted */ - proto_tree_add_item(tree, hf_imf_siolabel_type, tvb, value_offset, value_length, ENC_ASCII|ENC_NA); + proto_tree_add_item(tree, hf_imf_siolabel_type, tvb, value_offset, value_length, ENC_ASCII); } else if (tvb_strneql(tvb, item_offset, "label", 5) == 0) { gchar *label = tvb_get_string_enc(pinfo->pool, tvb, value_offset + 1, value_length - 2, ENC_ASCII); /* quoted */ @@ -601,11 +607,11 @@ dissect_imf_siolabel(tvbuff_t *tvb, int offset, int length, proto_item *item, pa proto_tree_add_string_format(tree, hf_imf_siolabel_label, tvb, value_offset, value_length, label, "Label[%d]: \"%s\"", num, label); } else { - proto_tree_add_item(tree, hf_imf_siolabel_label, tvb, value_offset, value_length, ENC_ASCII|ENC_NA); + proto_tree_add_item(tree, hf_imf_siolabel_label, tvb, value_offset, value_length, ENC_ASCII); } } else { - sub_item = proto_tree_add_item(tree, hf_imf_siolabel_unknown, tvb, item_offset, item_length, ENC_ASCII|ENC_NA); + sub_item = proto_tree_add_item(tree, hf_imf_siolabel_unknown, tvb, item_offset, item_length, ENC_ASCII); expert_add_info(pinfo, sub_item, &ei_imf_unknown_param); } @@ -813,16 +819,16 @@ dissect_imf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) if(hf_id == hf_imf_extension_type) { /* remove 2 bytes to take off the final CRLF to make things a little prettier */ - item = proto_tree_add_item(tree, hf_imf_extension, tvb, unknown_offset, end_offset - unknown_offset - 2, ENC_ASCII|ENC_NA); + item = proto_tree_add_item(tree, hf_imf_extension, tvb, unknown_offset, end_offset - unknown_offset - 2, ENC_ASCII); proto_item_append_text(item, " (Contact Wireshark developers if you want this supported.)"); unknown_tree = proto_item_add_subtree(item, ett_imf_extension); - proto_tree_add_item(unknown_tree, hf_imf_extension_type, tvb, unknown_offset, start_offset - 1 - unknown_offset, ENC_ASCII|ENC_NA); + proto_tree_add_item(unknown_tree, hf_imf_extension_type, tvb, unknown_offset, start_offset - 1 - unknown_offset, ENC_ASCII); /* remove 2 bytes to take off the final CRLF to make things a little prettier */ - item = proto_tree_add_item(unknown_tree, hf_imf_extension_value, tvb, value_offset, end_offset - value_offset - 2, ENC_ASCII|ENC_NA); + item = proto_tree_add_item(unknown_tree, hf_imf_extension_value, tvb, value_offset, end_offset - value_offset - 2, ENC_ASCII); } else { /* remove 2 bytes to take off the final CRLF to make things a little prettier */ @@ -876,7 +882,7 @@ dissect_imf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) /* now dissect the MIME based upon the content type */ if(content_type_str && media_type_dissector_table) { - http_message_info_t message_info; + media_content_info_t content_info; col_set_fence(pinfo->cinfo, COL_INFO); @@ -888,10 +894,10 @@ dissect_imf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) next_tvb = tvb_new_subset_remaining(tvb, end_offset); } - message_info.type = HTTP_OTHERS; - message_info.media_str = parameters; - message_info.data = NULL; - dissector_try_string(media_type_dissector_table, content_type_str, next_tvb, pinfo, tree, (void*)&message_info); + content_info.type = MEDIA_CONTAINER_OTHER; + content_info.media_str = parameters; + content_info.data = NULL; + dissector_try_string(media_type_dissector_table, content_type_str, next_tvb, pinfo, tree, (void*)&content_info); } else { /* just show the lines or highlight the rest of the buffer as message text */ @@ -983,7 +989,7 @@ header_fields_post_update_cb (void) dynamic_hf[i].p_id = hf_id; dynamic_hf[i].hfinfo.name = header_name; - dynamic_hf[i].hfinfo.abbrev = g_strdup_printf ("imf.header.%s", header_name); + dynamic_hf[i].hfinfo.abbrev = ws_strdup_printf ("imf.header.%s", header_name); dynamic_hf[i].hfinfo.type = FT_STRING; dynamic_hf[i].hfinfo.display = BASE_NONE; dynamic_hf[i].hfinfo.strings = NULL; @@ -1234,9 +1240,18 @@ proto_register_imf(void) { &hf_imf_ext_virus_scanned, { "X-Virus-Scanned", "imf.ext.virus_scanned", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_imf_ext_original_to, + { "X-Original-To", "imf.ext.original-to", FT_STRING, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, { &hf_imf_thread_index, { "Thread-Index", "imf.thread-index", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_imf_lines, + { "Lines", "imf.lines", FT_STRING, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, + { &hf_imf_precedence, + { "Precedence", "imf.precedence", FT_STRING, BASE_NONE, NULL, 0x0, + NULL, HFILL }}, { &hf_imf_extension, { "Unknown-Extension", "imf.extension", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }}, |