/src/wireshark/epan/dissectors/packet-fcgi.c

Source
/* packet-fcgi.c
 * Routines for FastCGI dissection
 * Copyright 2010, Tom Hughes <tom@compton.nu>
 *
 * Wireshark - Network traffic analyzer
 * By Gerald Combs <gerald@wireshark.org>
 * Copyright 1998 Gerald Combs
 *
 * SPDX-License-Identifier: GPL-2.0-or-later
 */

#include "config.h"

#include <epan/packet.h>
#include "packet-tcp.h"

void proto_register_fcgi(void);
void proto_reg_handoff_fcgi(void);

static int proto_fcgi;

static int hf_fcgi_version;
static int hf_fcgi_type;
static int hf_fcgi_id;
static int hf_fcgi_content_length;
static int hf_fcgi_padding_length;
static int hf_fcgi_content_data;
static int hf_fcgi_padding_data;
static int hf_fcgi_begin_request_role;
static int hf_fcgi_begin_request_flags;
static int hf_fcgi_begin_request_keep_conn;
static int hf_fcgi_end_request_app_status;
static int hf_fcgi_end_request_protocol_status;
static int hf_fcgi_nv_name;

static int ett_fcgi;
static int ett_fcgi_begin_request;
static int ett_fcgi_abort_request;
static int ett_fcgi_end_request;
static int ett_fcgi_params;

static dissector_handle_t fcgi_handle;

#define FCGI_BEGIN_REQUEST       1
#define FCGI_ABORT_REQUEST       2
#define FCGI_END_REQUEST         3
#define FCGI_PARAMS              4
#define FCGI_STDIN               5
#define FCGI_STDOUT              6
#define FCGI_STDERR              7
#define FCGI_DATA                8
#define FCGI_GET_VALUES          9
#define FCGI_GET_VALUES_RESULT  10
#define FCGI_UNKNOWN_TYPE       11

static const value_string record_types[] = {
   { 1, "FCGI_BEGIN_REQUEST" },
   { 2, "FCGI_ABORT_REQUEST" },
   { 3, "FCGI_END_REQUEST" },
   { 4, "FCGI_PARAMS" },
   { 5, "FCGI_STDIN" },
   { 6, "FCGI_STDOUT" },
   { 7, "FCGI_STDERR" },
   { 8, "FCGI_DATA" },
   { 9, "FCGI_GET_VALUES" },
   { 10, "FCGI_GET_VALUES_RESULT" },
   { 11, "FCGI_UNKNOWN_TYPE" },
   { 0, NULL }
};

static const value_string application_roles[] = {
   { 1, "FCGI_RESPONDER" },
   { 2, "FCGI_AUTHORIZER" },
   { 3, "FCGI_FILTER" },
   { 0, NULL }
};

#define FCGI_KEEP_CONN  1

static const value_string protocol_statuses[] = {
   { 0, "FCGI_REQUEST_COMPLETE" },
   { 1, "FCGI_CANT_MPX_CONN" },
   { 2, "FCGI_OVERLOADED" },
   { 3, "FCGI_UNKNOWN_ROLE" },
   { 0, NULL }
};

static void
dissect_nv_pairs(tvbuff_t *tvb, packet_info *pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   int end_offset = offset + len;

   while (offset < end_offset) {
      int start_offset = offset;
      uint32_t namelen;
      uint32_t valuelen;
      char *name;
      char *value;

      namelen = tvb_get_uint8(tvb, offset);
      if ((namelen & 0x80) == 0) {
         offset += 1;
      } else {
         namelen = tvb_get_ntohl(tvb, offset) & 0x7FFFFFFF;
         offset += 4;
      }

      valuelen = tvb_get_uint8(tvb, offset);
      if ((valuelen & 0x80) == 0) {
         offset += 1;
      } else {
         valuelen = tvb_get_ntohl(tvb, offset) & 0x7FFFFFFF;
         offset += 4;
      }

      name = (char*)tvb_get_string_enc(pinfo->pool, tvb, offset, namelen, ENC_ASCII);
      offset += namelen;

      if (valuelen > 0) {
         value = (char*)tvb_get_string_enc(pinfo->pool, tvb, offset, valuelen, ENC_ASCII);
         offset += valuelen;

         proto_tree_add_string_format(fcgi_tree, hf_fcgi_nv_name, tvb, start_offset, offset - start_offset,
                            name, "%s = %s", name, value);
      } else {
         proto_tree_add_string_format(fcgi_tree, hf_fcgi_nv_name, tvb, start_offset, offset - start_offset,
                            name, "%s", name);
      }
   }
}

static int
dissect_begin_request(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   proto_tree *br_tree;

   br_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_begin_request, NULL, "Begin Request:");

   proto_tree_add_item(br_tree, hf_fcgi_begin_request_role, tvb, offset, 2, ENC_BIG_ENDIAN);
   offset += 2;

   proto_tree_add_item(br_tree, hf_fcgi_begin_request_flags, tvb, offset, 1, ENC_BIG_ENDIAN);
   proto_tree_add_item(br_tree, hf_fcgi_begin_request_keep_conn, tvb, offset, 1, ENC_BIG_ENDIAN);
   offset += 1;

   offset += 5;

   return offset;
}

static void
dissect_abort_request(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_abort_request, NULL, "Abort Request:");

   return;
}

static int
dissect_end_request(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   proto_tree *er_tree;

   er_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_end_request, NULL, "End Request:");

   proto_tree_add_item(er_tree, hf_fcgi_end_request_app_status, tvb, offset, 4, ENC_BIG_ENDIAN);
   offset += 4;

   proto_tree_add_item(er_tree, hf_fcgi_end_request_protocol_status, tvb, offset, 1, ENC_BIG_ENDIAN);
   offset += 1;

   offset += 3;

   return offset;
}

static void
dissect_params(tvbuff_t *tvb, packet_info *pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   proto_tree *p_tree;

   p_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_params, NULL, "Params:");

   dissect_nv_pairs(tvb, pinfo, p_tree, offset, len);

   return;
}

static void
dissect_get_values(tvbuff_t *tvb, packet_info *pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   proto_tree *gv_tree;

   gv_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_params, NULL, "Get Values:");

   dissect_nv_pairs(tvb, pinfo, gv_tree, offset, len);

   return;
}

static void
dissect_get_values_result(tvbuff_t *tvb, packet_info *pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
{
   proto_tree *gvr_tree;

   gvr_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_params, NULL, "Get Values:");

   dissect_nv_pairs(tvb, pinfo, gvr_tree, offset, len);

   return;
}

static int
dissect_fcgi_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
{
   int offset = 0;
   uint8_t type;

   type = tvb_get_uint8(tvb, 1);

   /* When there are multiple FCGI records in a TCP frame the following code */
   /* will append the type for each record to COL_INFO.                      */
   /* XXX: Unfortunately, something in the tcp_dissect_pdus() code is broken */
   /*      such that only the type for the first FCGI record appears in the  */
   /*      INFO column. (All write attempts to COL_INFO after the first fail */
   /*      because pinfo->cinfo->writable is false).                         */
   col_set_str(pinfo->cinfo, COL_PROTOCOL, "FCGI");
   col_clear(pinfo->cinfo, COL_INFO);
   col_append_sep_str(pinfo->cinfo, COL_INFO, NULL,
                      val_to_str(pinfo->pool, type, record_types, "Unknown (%u)"));
   col_set_fence(pinfo->cinfo, COL_INFO);

   if (tree) { /* we are being asked for details */
      proto_item *ti;
      proto_tree *fcgi_tree;
      uint16_t clen;
      uint8_t plen;

      ti = proto_tree_add_item(tree, proto_fcgi, tvb, 0, -1, ENC_NA);
      proto_item_append_text(ti, " (%s)",
                             val_to_str(pinfo->pool, type, record_types, "Unknown (%u)"));
      fcgi_tree = proto_item_add_subtree(ti, ett_fcgi);

      proto_tree_add_item(fcgi_tree, hf_fcgi_version, tvb, offset, 1, ENC_BIG_ENDIAN);
      offset += 1;

      proto_tree_add_item(fcgi_tree, hf_fcgi_type, tvb, offset, 1, ENC_BIG_ENDIAN);
      offset += 1;

      proto_tree_add_item(fcgi_tree, hf_fcgi_id, tvb, offset, 2, ENC_BIG_ENDIAN);
      offset += 2;

      clen = tvb_get_ntohs(tvb, offset);
      proto_tree_add_item(fcgi_tree, hf_fcgi_content_length, tvb, offset, 2, ENC_BIG_ENDIAN);
      offset += 2;

      plen = tvb_get_uint8(tvb, offset);
      proto_tree_add_item(fcgi_tree, hf_fcgi_padding_length, tvb, offset, 1, ENC_BIG_ENDIAN);
      offset += 1;

      offset += 1;

      switch (type)
      {
      case FCGI_BEGIN_REQUEST:
         dissect_begin_request(tvb, pinfo, fcgi_tree, offset, clen);
         offset += clen;
         break;
      case FCGI_ABORT_REQUEST:
         dissect_abort_request(tvb, pinfo, fcgi_tree, offset, clen);
         offset += clen;
         break;
      case FCGI_END_REQUEST:
         dissect_end_request(tvb, pinfo, fcgi_tree, offset, clen);
         offset += clen;
         break;
      case FCGI_PARAMS:
         dissect_params(tvb, pinfo, fcgi_tree, offset, clen);
         offset += clen;
         break;
      case FCGI_GET_VALUES:
         dissect_get_values(tvb, pinfo, fcgi_tree, offset, clen);
         offset += clen;
         break;
      case FCGI_GET_VALUES_RESULT:
         dissect_get_values_result(tvb, pinfo, fcgi_tree, offset, clen);
         offset += clen;
         break;
      default:
         if (clen > 0) {
            proto_tree_add_item(fcgi_tree, hf_fcgi_content_data, tvb, offset, clen, ENC_NA);
            offset += clen;
         }
         break;
      }

      if (plen > 0) {
         proto_tree_add_item(fcgi_tree, hf_fcgi_padding_data, tvb, offset, plen, ENC_NA);
         /*offset += plen;*/
      }
   }

   return tvb_captured_length(tvb);
}

static unsigned
get_fcgi_record_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_)
{
   return 8 + tvb_get_ntohs(tvb, offset + 4) + tvb_get_uint8(tvb, offset + 6);
}

static int
dissect_fcgi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
{
   tcp_dissect_pdus(tvb, pinfo, tree, true, 8, get_fcgi_record_len, dissect_fcgi_record, data);
   return tvb_captured_length(tvb);
}

void
proto_register_fcgi(void)
{
   static hf_register_info hf[] = {
      { &hf_fcgi_version,
        { "Version", "fcgi.version",
          FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_type,
        { "Type", "fcgi.type",
          FT_UINT8, BASE_DEC, VALS(record_types), 0x0, NULL, HFILL } },
      { &hf_fcgi_id,
        { "Request ID", "fcgi.id",
          FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_content_length,
        { "Content Length", "fcgi.content.length",
          FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_padding_length,
        { "Padding Length", "fcgi.padding.length",
          FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_content_data,
        { "Content Data", "fcgi.content.data",
          FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_padding_data,
        { "Padding Data", "fcgi.padding.data",
          FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_begin_request_role,
        { "Role", "fcgi.begin_request.role",
          FT_UINT16, BASE_DEC, VALS(application_roles), 0x0, NULL, HFILL } },
      { &hf_fcgi_begin_request_flags,
        { "Flags", "fcgi.begin_request.flags",
          FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_begin_request_keep_conn,
        { "FCGI_KEEP_CONN", "fcgi.begin_request.keep_conn",
          FT_BOOLEAN, 8, NULL, FCGI_KEEP_CONN, NULL, HFILL } },
      { &hf_fcgi_end_request_app_status,
        { "Application Status", "fcgi.end_request.app_status",
          FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL } },
      { &hf_fcgi_end_request_protocol_status,
        { "Protocol Status", "fcgi.end_request.protocol_status",
          FT_UINT32, BASE_DEC, VALS(protocol_statuses), 0x0, NULL, HFILL } },
      { &hf_fcgi_nv_name,
        { "NV Pair name", "fcgi.nv_name",
          FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL } },
   };
   static int *ett[] = {
      &ett_fcgi,
      &ett_fcgi_begin_request,
      &ett_fcgi_abort_request,
      &ett_fcgi_end_request,
      &ett_fcgi_params
   };

   proto_fcgi = proto_register_protocol("FastCGI", "FCGI", "fcgi");

   proto_register_field_array(proto_fcgi, hf, array_length(hf));
   proto_register_subtree_array(ett, array_length(ett));

   fcgi_handle = register_dissector("fcgi", dissect_fcgi, proto_fcgi);
}

void
proto_reg_handoff_fcgi(void)
{
   dissector_add_for_decode_as_with_preference("tcp.port", fcgi_handle);
}

/*
 * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
 *
 * Local Variables:
 * c-basic-offset: 3
 * tab-width: 8
 * indent-tabs-mode: nil
 * End:
 *
 * ex: set shiftwidth=3 tabstop=8 expandtab:
 * :indentSize=3:tabSize=8:noTabs=true:
 */

Coverage Report

Created: 2026-05-14 06:28

Line	Count	Source
1		/* packet-fcgi.c
2		* Routines for FastCGI dissection
3		* Copyright 2010, Tom Hughes <tom@compton.nu>
4		*
5		* Wireshark - Network traffic analyzer
6		* By Gerald Combs <gerald@wireshark.org>
7		* Copyright 1998 Gerald Combs
8		*
9		* SPDX-License-Identifier: GPL-2.0-or-later
10		*/
11
12		#include "config.h"
13
14		#include <epan/packet.h>
15		#include "packet-tcp.h"
16
17		void proto_register_fcgi(void);
18		void proto_reg_handoff_fcgi(void);
19
20		static int proto_fcgi;
21
22		static int hf_fcgi_version;
23		static int hf_fcgi_type;
24		static int hf_fcgi_id;
25		static int hf_fcgi_content_length;
26		static int hf_fcgi_padding_length;
27		static int hf_fcgi_content_data;
28		static int hf_fcgi_padding_data;
29		static int hf_fcgi_begin_request_role;
30		static int hf_fcgi_begin_request_flags;
31		static int hf_fcgi_begin_request_keep_conn;
32		static int hf_fcgi_end_request_app_status;
33		static int hf_fcgi_end_request_protocol_status;
34		static int hf_fcgi_nv_name;
35
36		static int ett_fcgi;
37		static int ett_fcgi_begin_request;
38		static int ett_fcgi_abort_request;
39		static int ett_fcgi_end_request;
40		static int ett_fcgi_params;
41
42		static dissector_handle_t fcgi_handle;
43
44	0	#define FCGI_BEGIN_REQUEST 1
45	0	#define FCGI_ABORT_REQUEST 2
46	0	#define FCGI_END_REQUEST 3
47	0	#define FCGI_PARAMS 4
48		#define FCGI_STDIN 5
49		#define FCGI_STDOUT 6
50		#define FCGI_STDERR 7
51		#define FCGI_DATA 8
52	0	#define FCGI_GET_VALUES 9
53	0	#define FCGI_GET_VALUES_RESULT 10
54		#define FCGI_UNKNOWN_TYPE 11
55
56		static const value_string record_types[] = {
57		{ 1, "FCGI_BEGIN_REQUEST" },
58		{ 2, "FCGI_ABORT_REQUEST" },
59		{ 3, "FCGI_END_REQUEST" },
60		{ 4, "FCGI_PARAMS" },
61		{ 5, "FCGI_STDIN" },
62		{ 6, "FCGI_STDOUT" },
63		{ 7, "FCGI_STDERR" },
64		{ 8, "FCGI_DATA" },
65		{ 9, "FCGI_GET_VALUES" },
66		{ 10, "FCGI_GET_VALUES_RESULT" },
67		{ 11, "FCGI_UNKNOWN_TYPE" },
68		{ 0, NULL }
69		};
70
71		static const value_string application_roles[] = {
72		{ 1, "FCGI_RESPONDER" },
73		{ 2, "FCGI_AUTHORIZER" },
74		{ 3, "FCGI_FILTER" },
75		{ 0, NULL }
76		};
77
78	15	#define FCGI_KEEP_CONN 1
79
80		static const value_string protocol_statuses[] = {
81		{ 0, "FCGI_REQUEST_COMPLETE" },
82		{ 1, "FCGI_CANT_MPX_CONN" },
83		{ 2, "FCGI_OVERLOADED" },
84		{ 3, "FCGI_UNKNOWN_ROLE" },
85		{ 0, NULL }
86		};
87
88		static void
89		dissect_nv_pairs(tvbuff_t tvb, packet_info pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
90	0	{
91	0	int end_offset = offset + len;
92
93	0	while (offset < end_offset) {
94	0	int start_offset = offset;
95	0	uint32_t namelen;
96	0	uint32_t valuelen;
97	0	char *name;
98	0	char *value;
99
100	0	namelen = tvb_get_uint8(tvb, offset);
101	0	if ((namelen & 0x80) == 0) {
102	0	offset += 1;
103	0	} else {
104	0	namelen = tvb_get_ntohl(tvb, offset) & 0x7FFFFFFF;
105	0	offset += 4;
106	0	}
107
108	0	valuelen = tvb_get_uint8(tvb, offset);
109	0	if ((valuelen & 0x80) == 0) {
110	0	offset += 1;
111	0	} else {
112	0	valuelen = tvb_get_ntohl(tvb, offset) & 0x7FFFFFFF;
113	0	offset += 4;
114	0	}
115
116	0	name = (char*)tvb_get_string_enc(pinfo->pool, tvb, offset, namelen, ENC_ASCII);
117	0	offset += namelen;
118
119	0	if (valuelen > 0) {
120	0	value = (char*)tvb_get_string_enc(pinfo->pool, tvb, offset, valuelen, ENC_ASCII);
121	0	offset += valuelen;
122
123	0	proto_tree_add_string_format(fcgi_tree, hf_fcgi_nv_name, tvb, start_offset, offset - start_offset,
124	0	name, "%s = %s", name, value);
125	0	} else {
126	0	proto_tree_add_string_format(fcgi_tree, hf_fcgi_nv_name, tvb, start_offset, offset - start_offset,
127	0	name, "%s", name);
128	0	}
129	0	}
130	0	}
131
132		static int
133		dissect_begin_request(tvbuff_t tvb, packet_info pinfo _U_, proto_tree *fcgi_tree, int offset, uint16_t len)
134	0	{
135	0	proto_tree *br_tree;
136
137	0	br_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_begin_request, NULL, "Begin Request:");
138
139	0	proto_tree_add_item(br_tree, hf_fcgi_begin_request_role, tvb, offset, 2, ENC_BIG_ENDIAN);
140	0	offset += 2;
141
142	0	proto_tree_add_item(br_tree, hf_fcgi_begin_request_flags, tvb, offset, 1, ENC_BIG_ENDIAN);
143	0	proto_tree_add_item(br_tree, hf_fcgi_begin_request_keep_conn, tvb, offset, 1, ENC_BIG_ENDIAN);
144	0	offset += 1;
145
146	0	offset += 5;
147
148	0	return offset;
149	0	}
150
151		static void
152		dissect_abort_request(tvbuff_t tvb, packet_info pinfo _U_, proto_tree *fcgi_tree, int offset, uint16_t len)
153	0	{
154	0	proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_abort_request, NULL, "Abort Request:");
155
156	0	return;
157	0	}
158
159		static int
160		dissect_end_request(tvbuff_t tvb, packet_info pinfo _U_, proto_tree *fcgi_tree, int offset, uint16_t len)
161	0	{
162	0	proto_tree *er_tree;
163
164	0	er_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_end_request, NULL, "End Request:");
165
166	0	proto_tree_add_item(er_tree, hf_fcgi_end_request_app_status, tvb, offset, 4, ENC_BIG_ENDIAN);
167	0	offset += 4;
168
169	0	proto_tree_add_item(er_tree, hf_fcgi_end_request_protocol_status, tvb, offset, 1, ENC_BIG_ENDIAN);
170	0	offset += 1;
171
172	0	offset += 3;
173
174	0	return offset;
175	0	}
176
177		static void
178		dissect_params(tvbuff_t tvb, packet_info pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
179	0	{
180	0	proto_tree *p_tree;
181
182	0	p_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_params, NULL, "Params:");
183
184	0	dissect_nv_pairs(tvb, pinfo, p_tree, offset, len);
185
186	0	return;
187	0	}
188
189		static void
190		dissect_get_values(tvbuff_t tvb, packet_info pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
191	0	{
192	0	proto_tree *gv_tree;
193
194	0	gv_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_params, NULL, "Get Values:");
195
196	0	dissect_nv_pairs(tvb, pinfo, gv_tree, offset, len);
197
198	0	return;
199	0	}
200
201		static void
202		dissect_get_values_result(tvbuff_t tvb, packet_info pinfo, proto_tree *fcgi_tree, int offset, uint16_t len)
203	0	{
204	0	proto_tree *gvr_tree;
205
206	0	gvr_tree = proto_tree_add_subtree(fcgi_tree, tvb, offset, len, ett_fcgi_params, NULL, "Get Values:");
207
208	0	dissect_nv_pairs(tvb, pinfo, gvr_tree, offset, len);
209
210	0	return;
211	0	}
212
213		static int
214		dissect_fcgi_record(tvbuff_t tvb, packet_info pinfo, proto_tree tree, void data _U_)
215	0	{
216	0	int offset = 0;
217	0	uint8_t type;
218
219	0	type = tvb_get_uint8(tvb, 1);
220
221		/* When there are multiple FCGI records in a TCP frame the following code */
222		/* will append the type for each record to COL_INFO. */
223		/* XXX: Unfortunately, something in the tcp_dissect_pdus() code is broken */
224		/* such that only the type for the first FCGI record appears in the */
225		/* INFO column. (All write attempts to COL_INFO after the first fail */
226		/* because pinfo->cinfo->writable is false). */
227	0	col_set_str(pinfo->cinfo, COL_PROTOCOL, "FCGI");
228	0	col_clear(pinfo->cinfo, COL_INFO);
229	0	col_append_sep_str(pinfo->cinfo, COL_INFO, NULL,
230	0	val_to_str(pinfo->pool, type, record_types, "Unknown (%u)"));
231	0	col_set_fence(pinfo->cinfo, COL_INFO);
232
233	0	if (tree) { /* we are being asked for details */
234	0	proto_item *ti;
235	0	proto_tree *fcgi_tree;
236	0	uint16_t clen;
237	0	uint8_t plen;
238
239	0	ti = proto_tree_add_item(tree, proto_fcgi, tvb, 0, -1, ENC_NA);
240	0	proto_item_append_text(ti, " (%s)",
241	0	val_to_str(pinfo->pool, type, record_types, "Unknown (%u)"));
242	0	fcgi_tree = proto_item_add_subtree(ti, ett_fcgi);
243
244	0	proto_tree_add_item(fcgi_tree, hf_fcgi_version, tvb, offset, 1, ENC_BIG_ENDIAN);
245	0	offset += 1;
246
247	0	proto_tree_add_item(fcgi_tree, hf_fcgi_type, tvb, offset, 1, ENC_BIG_ENDIAN);
248	0	offset += 1;
249
250	0	proto_tree_add_item(fcgi_tree, hf_fcgi_id, tvb, offset, 2, ENC_BIG_ENDIAN);
251	0	offset += 2;
252
253	0	clen = tvb_get_ntohs(tvb, offset);
254	0	proto_tree_add_item(fcgi_tree, hf_fcgi_content_length, tvb, offset, 2, ENC_BIG_ENDIAN);
255	0	offset += 2;
256
257	0	plen = tvb_get_uint8(tvb, offset);
258	0	proto_tree_add_item(fcgi_tree, hf_fcgi_padding_length, tvb, offset, 1, ENC_BIG_ENDIAN);
259	0	offset += 1;
260
261	0	offset += 1;
262
263	0	switch (type)
264	0	{
265	0	case FCGI_BEGIN_REQUEST:
266	0	dissect_begin_request(tvb, pinfo, fcgi_tree, offset, clen);
267	0	offset += clen;
268	0	break;
269	0	case FCGI_ABORT_REQUEST:
270	0	dissect_abort_request(tvb, pinfo, fcgi_tree, offset, clen);
271	0	offset += clen;
272	0	break;
273	0	case FCGI_END_REQUEST:
274	0	dissect_end_request(tvb, pinfo, fcgi_tree, offset, clen);
275	0	offset += clen;
276	0	break;
277	0	case FCGI_PARAMS:
278	0	dissect_params(tvb, pinfo, fcgi_tree, offset, clen);
279	0	offset += clen;
280	0	break;
281	0	case FCGI_GET_VALUES:
282	0	dissect_get_values(tvb, pinfo, fcgi_tree, offset, clen);
283	0	offset += clen;
284	0	break;
285	0	case FCGI_GET_VALUES_RESULT:
286	0	dissect_get_values_result(tvb, pinfo, fcgi_tree, offset, clen);
287	0	offset += clen;
288	0	break;
289	0	default:
290	0	if (clen > 0) {
291	0	proto_tree_add_item(fcgi_tree, hf_fcgi_content_data, tvb, offset, clen, ENC_NA);
292	0	offset += clen;
293	0	}
294	0	break;
295	0	}
296
297	0	if (plen > 0) {
298	0	proto_tree_add_item(fcgi_tree, hf_fcgi_padding_data, tvb, offset, plen, ENC_NA);
299		/offset += plen;/
300	0	}
301	0	}
302
303	0	return tvb_captured_length(tvb);
304	0	}
305
306		static unsigned
307		get_fcgi_record_len(packet_info pinfo _U_, tvbuff_t tvb, int offset, void *data _U_)
308	0	{
309	0	return 8 + tvb_get_ntohs(tvb, offset + 4) + tvb_get_uint8(tvb, offset + 6);
310	0	}
311
312		static int
313		dissect_fcgi(tvbuff_t tvb, packet_info pinfo, proto_tree tree, void data)
314	0	{
315	0	tcp_dissect_pdus(tvb, pinfo, tree, true, 8, get_fcgi_record_len, dissect_fcgi_record, data);
316	0	return tvb_captured_length(tvb);
317	0	}
318
319		void
320		proto_register_fcgi(void)
321	15	{
322	15	static hf_register_info hf[] = {
323	15	{ &hf_fcgi_version,
324	15	{ "Version", "fcgi.version",
325	15	FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } },
326	15	{ &hf_fcgi_type,
327	15	{ "Type", "fcgi.type",
328	15	FT_UINT8, BASE_DEC, VALS(record_types), 0x0, NULL, HFILL } },
329	15	{ &hf_fcgi_id,
330	15	{ "Request ID", "fcgi.id",
331	15	FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL } },
332	15	{ &hf_fcgi_content_length,
333	15	{ "Content Length", "fcgi.content.length",
334	15	FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL } },
335	15	{ &hf_fcgi_padding_length,
336	15	{ "Padding Length", "fcgi.padding.length",
337	15	FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } },
338	15	{ &hf_fcgi_content_data,
339	15	{ "Content Data", "fcgi.content.data",
340	15	FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } },
341	15	{ &hf_fcgi_padding_data,
342	15	{ "Padding Data", "fcgi.padding.data",
343	15	FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } },
344	15	{ &hf_fcgi_begin_request_role,
345	15	{ "Role", "fcgi.begin_request.role",
346	15	FT_UINT16, BASE_DEC, VALS(application_roles), 0x0, NULL, HFILL } },
347	15	{ &hf_fcgi_begin_request_flags,
348	15	{ "Flags", "fcgi.begin_request.flags",
349	15	FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL } },
350	15	{ &hf_fcgi_begin_request_keep_conn,
351	15	{ "FCGI_KEEP_CONN", "fcgi.begin_request.keep_conn",
352	15	FT_BOOLEAN, 8, NULL, FCGI_KEEP_CONN, NULL, HFILL } },
353	15	{ &hf_fcgi_end_request_app_status,
354	15	{ "Application Status", "fcgi.end_request.app_status",
355	15	FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL } },
356	15	{ &hf_fcgi_end_request_protocol_status,
357	15	{ "Protocol Status", "fcgi.end_request.protocol_status",
358	15	FT_UINT32, BASE_DEC, VALS(protocol_statuses), 0x0, NULL, HFILL } },
359	15	{ &hf_fcgi_nv_name,
360	15	{ "NV Pair name", "fcgi.nv_name",
361	15	FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL } },
362	15	};
363	15	static int *ett[] = {
364	15	&ett_fcgi,
365	15	&ett_fcgi_begin_request,
366	15	&ett_fcgi_abort_request,
367	15	&ett_fcgi_end_request,
368	15	&ett_fcgi_params
369	15	};
370
371	15	proto_fcgi = proto_register_protocol("FastCGI", "FCGI", "fcgi");
372
373	15	proto_register_field_array(proto_fcgi, hf, array_length(hf));
374	15	proto_register_subtree_array(ett, array_length(ett));
375
376	15	fcgi_handle = register_dissector("fcgi", dissect_fcgi, proto_fcgi);
377	15	}
378
379		void
380		proto_reg_handoff_fcgi(void)
381	15	{
382	15	dissector_add_for_decode_as_with_preference("tcp.port", fcgi_handle);
383	15	}
384
385		/*
386		* Editor modelines - https://www.wireshark.org/tools/modelines.html
387		*
388		* Local Variables:
389		* c-basic-offset: 3
390		* tab-width: 8
391		* indent-tabs-mode: nil
392		* End:
393		*
394		* ex: set shiftwidth=3 tabstop=8 expandtab:
395		* :indentSize=3:tabSize=8:noTabs=true:
396		*/