IPComp (RFC2393) decoding.

svn path=/trunk/; revision=838
author: Jun-ichiro itojun Hagino <itojun@itojun.org> 1999-10-15 05:30:43 +0000
committer: Jun-ichiro itojun Hagino <itojun@itojun.org> 1999-10-15 05:30:43 +0000
commit: 33d11fff97631cf0663dcb47788f1b24d3dc5316 (patch)
tree: ba3b2fb56787bf9d5769da392028b168cefde6da /packet-ipsec.c
parent: 45ca99c55b0be82ef9f7c607c8c890eea2cb0a1d (diff)
download: wireshark-33d11fff97631cf0663dcb47788f1b24d3dc5316.tar.gz
wireshark-33d11fff97631cf0663dcb47788f1b24d3dc5316.tar.bz2
wireshark-33d11fff97631cf0663dcb47788f1b24d3dc5316.zip
1 files changed, 99 insertions, 10 deletions
diff --git a/packet-ipsec.c b/packet-ipsec.c
index 9d9bef8fd9..e6654e0a09 100644
--- a/packet-ipsec.c
+++ b/packet-ipsec.c
@@ -1,7 +1,7 @@
 /* packet-ipsec.c
- * Routines for IPsec packet disassembly 
+ * Routines for IPsec/IPComp packet disassembly 
  *
- * $Id: packet-ipsec.c,v 1.6 1999/10/14 03:50:29 itojun Exp $
+ * $Id: packet-ipsec.c,v 1.7 1999/10/15 05:30:40 itojun Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -47,6 +47,8 @@ static int hf_ah_sequence = -1;
 static int proto_esp = -1;
 static int hf_esp_spi = -1;
 static int hf_esp_sequence = -1;
+static int proto_ipcomp = -1;
+static int hf_ipcomp_cpi = -1;
 
 struct newah {
 	guint8	ah_nxt;		/* Next Header */
@@ -68,6 +70,25 @@ struct newesp {
 	/*variable size, 32bit bound*/	/* Authentication data */
 };
 
+struct ipcomp {
+	guint8 comp_nxt;	/* Next Header */
+	guint8 comp_flags;	/* Must be zero */
+	guint16 comp_cpi;	/* Compression parameter index */
+};
+
+/* well-known algorithm number (in CPI), from RFC2409 */
+#define IPCOMP_OUI	1	/* vendor specific */
+#define IPCOMP_DEFLATE	2	/* RFC2394 */
+#define IPCOMP_LZS	3	/* RFC2395 */
+#define IPCOMP_MAX	4
+
+static const value_string cpi2val[] = {
+    { IPCOMP_OUI, "OUI" },
+    { IPCOMP_DEFLATE, "DEFLATE" },
+    { IPCOMP_LZS, "LZS" },
+    { 0, NULL },
+};
+
 #ifndef offsetof
 #define	offsetof(type, member)	((size_t)(&((type *)0)->member))
 #endif
@@ -86,7 +107,7 @@ dissect_ah(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
     if (check_col(fd, COL_PROTOCOL))
 	col_add_str(fd, COL_PROTOCOL, "AH");
     if (check_col(fd, COL_INFO)) {
-	col_add_fstr(fd, COL_INFO, "AH (SPI=%08x)",
+	col_add_fstr(fd, COL_INFO, "AH (SPI=0x%08x)",
 	    (guint32)ntohl(ah.ah_spi));
     }
 
@@ -102,11 +123,12 @@ dissect_ah(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
 	proto_tree_add_item_format(ah_tree, hf_ah_spi,
 				   offset + offsetof(struct newah, ah_spi), 4,
 				   (guint32)ntohl(ah.ah_spi),
-				   "SPI: %08x", (guint32)ntohl(ah.ah_spi));
+				   "SPI: 0x%08x",
+				   (guint32)ntohl(ah.ah_spi));
 	proto_tree_add_item_format(ah_tree, hf_ah_sequence,
 				   offset + offsetof(struct newah, ah_seq), 4,
 				   (guint32)ntohl(ah.ah_seq),
-				   "Sequence?: %08x",
+				   "Sequence?: 0x%08x",
 				   (guint32)ntohl(ah.ah_seq));
 	proto_tree_add_text(ah_tree, offset + sizeof(ah), (ah.ah_len - 1) << 2,
 	    "ICV");
@@ -132,7 +154,7 @@ dissect_esp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
     if (check_col(fd, COL_PROTOCOL))
 	col_add_str(fd, COL_PROTOCOL, "ESP");
     if (check_col(fd, COL_INFO)) {
-	col_add_fstr(fd, COL_INFO, "ESP (SPI=%08x)",
+	col_add_fstr(fd, COL_INFO, "ESP (SPI=0x%08x)",
 	    (guint32)ntohl(esp.esp_spi));
     }
 
@@ -141,18 +163,76 @@ dissect_esp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
      * (ie none)
      */
     if(tree) {
-	ti = proto_tree_add_item(tree, proto_esp, 0, 0, NULL);
+	ti = proto_tree_add_item(tree, proto_esp, offset, END_OF_FRAME, NULL);
 	esp_tree = proto_item_add_subtree(ti, ETT_ESP);
 	proto_tree_add_item_format(esp_tree, hf_esp_spi, 
 				   offset + offsetof(struct newesp, esp_spi), 4,
 				   (guint32)ntohl(esp.esp_spi),
-				   "SPI: %08x", 
+				   "SPI: 0x%08x", 
 				   (guint32)ntohl(esp.esp_spi));
 	proto_tree_add_item_format(esp_tree, hf_esp_sequence,
 				   offset + offsetof(struct newesp, esp_seq), 4,
 				   (guint32)ntohl(esp.esp_seq),
-				   "Sequence?: %08x", 
+				   "Sequence?: 0x%08x", 
 				   (guint32)ntohl(esp.esp_seq));
+	dissect_data(pd, offset + sizeof(struct newesp), fd, esp_tree);
+    }
+}
+
+void
+dissect_ipcomp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
+{
+    proto_tree *ipcomp_tree;
+    proto_item *ti;
+    struct ipcomp ipcomp;
+    char *p;
+
+    memcpy(&ipcomp, (void *) &pd[offset], sizeof(ipcomp)); 
+
+    /*
+     * load the top pane info. This should be overwritten by
+     * the next protocol in the stack
+     */
+    if (check_col(fd, COL_PROTOCOL))
+	col_add_str(fd, COL_PROTOCOL, "IPComp");
+    if (check_col(fd, COL_INFO)) {
+	p = val_to_str(ntohs(ipcomp.comp_cpi), cpi2val, "");
+	if (p[0] == '\0') {
+	    col_add_fstr(fd, COL_INFO, "IPComp (CPI=0x%04x)",
+		ntohs(ipcomp.comp_cpi));
+	} else
+	    col_add_fstr(fd, COL_INFO, "IPComp (CPI=%s)", p);
+    }
+
+    /*
+     * populate a tree in the second pane with the status of the link layer
+     * (ie none)
+     */
+    if (tree) {
+	ti = proto_tree_add_item(tree, proto_ipcomp, offset, END_OF_FRAME,
+	    NULL);
+	ipcomp_tree = proto_item_add_subtree(ti, ETT_IPCOMP);
+
+	proto_tree_add_text(ipcomp_tree,
+	    offset + offsetof(struct ipcomp, comp_nxt), 1,
+	    "Next Header: %s (0x%02x)",
+	    ipprotostr(ipcomp.comp_nxt), ipcomp.comp_nxt);
+	proto_tree_add_text(ipcomp_tree,
+	    offset + offsetof(struct ipcomp, comp_flags), 1,
+	    "Flags: 0x%02x", ipcomp.comp_flags);
+	p = val_to_str(ntohs(ipcomp.comp_cpi), cpi2val, "");
+	if (p[0] == '\0') {
+	    proto_tree_add_item(ipcomp_tree, hf_ipcomp_cpi, 
+		offset + offsetof(struct ipcomp, comp_cpi), 2,
+		ntohs(ipcomp.comp_cpi));
+	} else {
+	    proto_tree_add_item_format(ipcomp_tree, hf_ipcomp_cpi, 
+		offset + offsetof(struct ipcomp, comp_cpi), 2,
+		ntohs(ipcomp.comp_cpi),
+		"CPI: %s (0x%04x)",
+		p, ntohs(ipcomp.comp_cpi));
+	}
+	dissect_data(pd, offset + sizeof(struct ipcomp), fd, ipcomp_tree);
     }
 }
 
@@ -178,9 +258,18 @@ proto_register_ipsec(void)
       	"" }}
   };
 
+  static hf_register_info hf_ipcomp[] = {
+    { &hf_ipcomp_cpi,
+      { "CPI",		"ipcomp.cpi",	FT_UINT16,	BASE_HEX, NULL, 0x0,
+      	"" }},
+  };
+
   proto_ah = proto_register_protocol("Authentication Header", "ah");
-  proto_esp = proto_register_protocol("Encapsulated Security Payload", "esp");
   proto_register_field_array(proto_ah, hf_ah, array_length(hf_ah));
+
+  proto_esp = proto_register_protocol("Encapsulated Security Payload", "esp");
   proto_register_field_array(proto_esp, hf_esp, array_length(hf_esp));
 
+  proto_ipcomp = proto_register_protocol("IP Payload Compression", "ipcomp");
+  proto_register_field_array(proto_ipcomp, hf_ipcomp, array_length(hf_ipcomp));
 }
author	Jun-ichiro itojun Hagino <itojun@itojun.org>	1999-10-15 05:30:43 +0000
committer	Jun-ichiro itojun Hagino <itojun@itojun.org>	1999-10-15 05:30:43 +0000
commit	33d11fff97631cf0663dcb47788f1b24d3dc5316 (patch)
tree	ba3b2fb56787bf9d5769da392028b168cefde6da /packet-ipsec.c
parent	45ca99c55b0be82ef9f7c607c8c890eea2cb0a1d (diff)
download	wireshark-33d11fff97631cf0663dcb47788f1b24d3dc5316.tar.gz wireshark-33d11fff97631cf0663dcb47788f1b24d3dc5316.tar.bz2 wireshark-33d11fff97631cf0663dcb47788f1b24d3dc5316.zip