/src/wireshark/epan/dissectors/packet-discard.c
Line | Count | Source |
1 | | /* packet-discard.c |
2 | | * Routines for Discard Protocol dissection |
3 | | * |
4 | | * Discard specs taken from RFC 863 |
5 | | * https://tools.ietf.org/html/rfc863 |
6 | | * |
7 | | * Inspiration from packet-chargen.c and packet-data. |
8 | | * |
9 | | * Wireshark - Network traffic analyzer |
10 | | * By Gerald Combs <gerald@wireshark.org> |
11 | | * Copyright 1998 Gerald Combs |
12 | | * |
13 | | * SPDX-License-Identifier: GPL-2.0-or-later |
14 | | */ |
15 | | |
16 | | #include "config.h" |
17 | | |
18 | | #include <epan/packet.h> |
19 | | #include <epan/prefs.h> |
20 | | #include <wsutil/wsgcrypt.h> |
21 | | #include <wsutil/to_str.h> |
22 | | |
23 | 14 | #define DISCARD_PORT_UDP 9 |
24 | 14 | #define DISCARD_PORT_TCP 9 |
25 | | |
26 | | void proto_register_discard(void); |
27 | | void proto_reg_handoff_discard(void); |
28 | | |
29 | | static int proto_discard; |
30 | | |
31 | | static int hf_discard_data; |
32 | | static int hf_discard_text; |
33 | | static int hf_discard_md5_hash; |
34 | | static int hf_discard_len; |
35 | | |
36 | | static bool show_as_text; |
37 | | static bool generate_md5_hash; |
38 | | |
39 | | static int ett_discard; |
40 | | |
41 | | dissector_handle_t discard_handle; |
42 | | dissector_handle_t wol_handle; |
43 | | |
44 | | /* dissect_discard - dissects discard packet data |
45 | | * tvb - tvbuff for packet data (IN) |
46 | | * pinfo - packet info |
47 | | * proto_tree - resolved protocol tree |
48 | | */ |
49 | | static int |
50 | | dissect_discard(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* dissector_data _U_) |
51 | 6 | { |
52 | 6 | proto_tree* discard_tree; |
53 | 6 | proto_item* ti; |
54 | 6 | uint32_t len; |
55 | 6 | uint32_t cap_len; |
56 | | |
57 | 6 | col_set_str(pinfo->cinfo, COL_PROTOCOL, "DISCARD"); |
58 | | |
59 | 6 | if (show_as_text) { |
60 | 0 | col_set_str(pinfo->cinfo, COL_INFO, "Discard: "); |
61 | 6 | } else { |
62 | 6 | col_set_str(pinfo->cinfo, COL_INFO, "Discard"); |
63 | 6 | } |
64 | | |
65 | 6 | ti = proto_tree_add_item(tree, proto_discard, tvb, 0, -1, ENC_NA); |
66 | 6 | discard_tree = proto_item_add_subtree(ti, ett_discard); |
67 | | |
68 | 6 | len = tvb_reported_length(tvb); |
69 | 6 | cap_len = tvb_captured_length(tvb); |
70 | | |
71 | 6 | proto_tree_add_item(discard_tree, hf_discard_data, tvb, 0, -1, ENC_NA); |
72 | | |
73 | 6 | if (show_as_text) { |
74 | 0 | char *display_str; |
75 | |
|
76 | 0 | proto_tree_add_item_ret_display_string(discard_tree, hf_discard_text, tvb, 0, -1, ENC_ASCII, pinfo->pool, &display_str); |
77 | 0 | col_append_str(pinfo->cinfo, COL_INFO, display_str); |
78 | 0 | } |
79 | | |
80 | 6 | if (generate_md5_hash) { |
81 | 0 | const uint8_t *cp; |
82 | 0 | uint8_t digest[HASH_MD5_LENGTH]; |
83 | 0 | const char *digest_string; |
84 | |
|
85 | 0 | cp = tvb_get_ptr(tvb, 0, cap_len); |
86 | |
|
87 | 0 | gcry_md_hash_buffer(GCRY_MD_MD5, digest, cp, cap_len); |
88 | 0 | digest_string = bytes_to_str_punct(pinfo->pool, digest, HASH_MD5_LENGTH, '\0'); |
89 | |
|
90 | 0 | ti = proto_tree_add_string(discard_tree, hf_discard_md5_hash, tvb, 0, 0, digest_string); |
91 | 0 | proto_item_set_generated(ti); |
92 | 0 | } |
93 | | |
94 | 6 | ti = proto_tree_add_uint(discard_tree, hf_discard_len, tvb, 0, 0, len); |
95 | 6 | proto_item_set_generated(ti); |
96 | | |
97 | 6 | if(len > cap_len) { |
98 | | /* |
99 | | * Trigger _ws.short, e.g. [Packet size limited during capture: DISCARD truncated] |
100 | | */ |
101 | 1 | tvb_get_ptr(tvb, 0, len); |
102 | 1 | } |
103 | | |
104 | 6 | return cap_len; |
105 | 6 | } |
106 | | |
107 | | static int |
108 | | dissect_discard_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) |
109 | 4 | { |
110 | | /* Wake On Lan is commonly used over UDP port 9 and has strong heuristics, |
111 | | * whereas the discard dissector never rejects a packet, so try WOL first. |
112 | | * Unfortunately "discard" still ends up in frame.protocols this way. |
113 | | */ |
114 | 4 | if (wol_handle && call_dissector_only(wol_handle, tvb, pinfo, tree, data)) { |
115 | 1 | return tvb_captured_length(tvb); |
116 | 1 | } |
117 | 3 | return dissect_discard(tvb, pinfo, tree, data); |
118 | 4 | } |
119 | | |
120 | | void |
121 | | proto_register_discard(void) |
122 | 14 | { |
123 | 14 | static hf_register_info hf[] = { |
124 | 14 | { &hf_discard_data, { |
125 | 14 | "Data", "discard.data", |
126 | 14 | FT_BYTES, BASE_NONE, NULL, 0, |
127 | 14 | NULL, HFILL } |
128 | 14 | }, |
129 | 14 | { &hf_discard_text, { |
130 | 14 | "Text", "discard.text", |
131 | 14 | FT_STRING, BASE_NONE, NULL, 0, |
132 | 14 | NULL, HFILL } |
133 | 14 | }, |
134 | 14 | { &hf_discard_md5_hash, { |
135 | 14 | "Payload MD5 hash", "discard.md5_hash", |
136 | 14 | FT_STRING, BASE_NONE, NULL, 0, |
137 | 14 | NULL, HFILL } |
138 | 14 | }, |
139 | 14 | { &hf_discard_len, { |
140 | 14 | "Reported Length", "discard.len", |
141 | 14 | FT_UINT32, BASE_DEC, NULL, 0, |
142 | 14 | NULL, HFILL } |
143 | 14 | }, |
144 | 14 | }; |
145 | | |
146 | 14 | static int *ett[] = { |
147 | 14 | &ett_discard, |
148 | 14 | }; |
149 | | |
150 | 14 | module_t *module_data; |
151 | | |
152 | 14 | proto_discard = proto_register_protocol("Discard Protocol", "DISCARD", "discard"); |
153 | | |
154 | 14 | proto_register_field_array(proto_discard, hf, array_length(hf)); |
155 | 14 | proto_register_subtree_array(ett, array_length(ett)); |
156 | | |
157 | 14 | module_data = prefs_register_protocol(proto_discard, NULL); |
158 | | |
159 | 14 | prefs_register_bool_preference(module_data, |
160 | 14 | "show_as_text", |
161 | 14 | "Show data as text", |
162 | 14 | "Show data as text in the Packet Details pane", |
163 | 14 | &show_as_text); |
164 | | |
165 | 14 | prefs_register_bool_preference(module_data, |
166 | 14 | "md5_hash", |
167 | 14 | "Generate MD5 hash", |
168 | 14 | "Whether or not MD5 hashes should be generated and shown for each payload.", |
169 | 14 | &generate_md5_hash); |
170 | | |
171 | 14 | discard_handle = register_dissector("discard", dissect_discard, proto_discard); |
172 | 14 | } |
173 | | |
174 | | void |
175 | | proto_reg_handoff_discard(void) |
176 | 14 | { |
177 | 14 | dissector_add_uint_with_preference("udp.port", DISCARD_PORT_UDP, create_dissector_handle(dissect_discard_udp, proto_discard)); |
178 | 14 | dissector_add_uint_with_preference("tcp.port", DISCARD_PORT_TCP, discard_handle); |
179 | | |
180 | 14 | wol_handle = find_dissector_add_dependency("wol", proto_discard); |
181 | 14 | } |
182 | | |
183 | | /* |
184 | | * Editor modelines - https://www.wireshark.org/tools/modelines.html |
185 | | * |
186 | | * Local variables: |
187 | | * c-basic-offset: 8 |
188 | | * tab-width: 8 |
189 | | * indent-tabs-mode: t |
190 | | * End: |
191 | | * |
192 | | * vi: set shiftwidth=8 tabstop=8 noexpandtab: |
193 | | * :indentSize=8:tabSize=8:noTabs=false: |
194 | | */ |