Updated RTPproxy dissector

Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
This commit is contained in:
Peter Lemenkov 2013-11-13 15:53:53 +04:00
parent 23f6167453
commit 1738882448
15 changed files with 381 additions and 329 deletions

View File

@ -1,11 +1,8 @@
From 9d38601b45c6bce770946ac3c36a675a2f1a4359 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Radek=20Vok=C3=A1l?= <rvokal@fedoraproject.org>
Date: Tue, 15 Dec 2009 08:36:27 +0000
Subject: [PATCH 01/13] enable Lua support
Subject: [PATCH] enable Lua support
---
epan/wslua/template-init.lua | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/wslua/template-init.lua b/epan/wslua/template-init.lua
index e6ec4ae..2538c4c 100644
@ -20,6 +17,3 @@ index e6ec4ae..2538c4c 100644
loadfile = function() error("loadfile " .. hint) end
loadlib = function() error("loadlib " .. hint) end
require = function() error("require " .. hint) end
--
1.8.3.1

View File

@ -1,15 +1,12 @@
From d7b9380cb2b827fb627f82a1c3b73496b089b8dd Mon Sep 17 00:00:00 2001
From: Jan Safranek <jsafrane@redhat.com>
Date: Fri, 26 Nov 2010 14:30:45 +0300
Subject: [PATCH 02/13] Customize 'permission denied' error.
Subject: [PATCH] Customize 'permission denied' error.
Add Fedora-specific message to error output when dumpcap cannot be started
because of permissions.
Signed-off-by: Jan Safranek <jsafrane@redhat.com>
---
capture_sync.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/capture_sync.c b/capture_sync.c
index 391aa6a..6dfe1de 100644
@ -59,6 +56,3 @@ index 391aa6a..6dfe1de 100644
sync_pipe_errmsg_to_parent(2, errmsg, "");
/* Exit with "_exit()", so that we don't close the connection
--
1.8.3.1

View File

@ -1,14 +1,11 @@
From 0d0f937fcbb73fb36a44bd7061817ff1cdac0032 Mon Sep 17 00:00:00 2001
From: Jan Safranek <jsafrane@redhat.com>
Date: Thu, 9 Jun 2011 14:56:59 +0200
Subject: [PATCH 03/13] Load correct shared object name in python.
Subject: [PATCH] Load correct shared object name in python.
This fixes following error message shown by wireshark/tshark when wireshark-devel
was not installed:
libwireshark.so: cannot open shared object file: No such file or directory
---
epan/wspython/wspy_libws.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/wspython/wspy_libws.py b/epan/wspython/wspy_libws.py
index a293a17..73ce012 100755
@ -23,6 +20,3 @@ index a293a17..73ce012 100755
def get_libws_handle():
global __libwireshark
--
1.8.3.1

View File

@ -1,12 +1,8 @@
From 8e34a9a261f26ceabc39ea373d9025a24805b832 Mon Sep 17 00:00:00 2001
From: Peter Hatina <phatina@redhat.com>
Date: Mon, 8 Apr 2013 13:03:24 +0200
Subject: [PATCH 04/13] fix documentation build error
Subject: [PATCH] fix documentation build error
---
doc/asn2deb.pod | 1 +
doc/idl2deb.pod | 1 +
2 files changed, 2 insertions(+)
diff --git a/doc/asn2deb.pod b/doc/asn2deb.pod
index 0d88a95..fb25349 100644
@ -26,6 +22,3 @@ index 7daa798..82e933a 100644
=head1 NAME
--
1.8.3.1

View File

@ -1,11 +1,8 @@
From dfd843cda67cfd9b785b44f5096a185c04c08be8 Mon Sep 17 00:00:00 2001
From: Peter Hatina <phatina@redhat.com>
Date: Wed, 4 Sep 2013 10:03:57 +0200
Subject: [PATCH 05/13] fix string overrun in plugins/profinet
Subject: [PATCH] fix string overrun in plugins/profinet
---
plugins/profinet/packet-dcom-cba.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plugins/profinet/packet-dcom-cba.c b/plugins/profinet/packet-dcom-cba.c
index b44caed..396de82 100644
@ -20,6 +17,3 @@ index b44caed..396de82 100644
guint32 u32MaxStr = sizeof(szStr);
dcerpc_info *info = (dcerpc_info *) pinfo->private_data;
gchar *call;
--
1.8.3.1

View File

@ -1,7 +1,7 @@
From b516cc6516b505b264bd75ef5e574490f22912e5 Mon Sep 17 00:00:00 2001
From 1b67a9195503e6f22429a46e98def1dd31a05451 Mon Sep 17 00:00:00 2001
From: Evan Huus <eapache@gmail.com>
Date: Sun, 18 Aug 2013 19:49:08 +0000
Subject: [PATCH 06/13] From Peter Lemenkov via
Subject: [PATCH] From Peter Lemenkov via
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8326
Dissector for the Sippy RTPproxy controlling protocol. RTPproxy is a well-known
@ -33,28 +33,63 @@ svn path=/trunk/; revision=51421
Fix Coverity CID 1063335: Unused pointer value.
svn path=/trunk/; revision=51430
---
AUTHORS | 2 +-
epan/CMakeLists.txt | 1 +
epan/dissectors/Makefile.common | 1 +
epan/dissectors/packet-rtpproxy.c | 808 ++++++++++++++++++++++++++++++++++++++
4 files changed, 811 insertions(+), 1 deletion(-)
create mode 100644 epan/dissectors/packet-rtpproxy.c
From Peter Lemenkov via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9211 :
Add basic conversation support for rtpproxy dissector
svn path=/trunk/; revision=52331
Let's please fix-encoding-args.pl
svn path=/trunk/; revision=52334
Make RTPProxy a newstyle dissector.
svn path=/trunk/; revision=52476
Try to fix
packet-rtpproxy.c:217: warning: comparison between signed and unsigned
svn path=/trunk/; revision=52477
Fix signed vs. unsigned comparison warnings.
svn path=/trunk/; revision=52483
Add response time to the rtpproxy dissector. Bug 9380 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9380)
From Peter Lemenkov.
svn path=/trunk/; revision=53115
Decode more error replies in RTPproxy dissector. Bug 9408 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9408)
From Peter Lemenkov
svn path=/trunk/; revision=53245
From Peter Lemenkov
display a text description for the RTPProxy version request
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9416
svn path=/trunk/; revision=53249
replace proto_tree_add_string_format_value() with proto_tree_add_item()
svn path=/trunk/; revision=53261
diff --git a/AUTHORS b/AUTHORS
index 10782b0..4c77f60 100644
index 10782b0..e7b3c18 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -3733,9 +3733,9 @@ Max Baker <max[AT]warped.org>
@@ -3733,6 +3733,7 @@ Max Baker <max[AT]warped.org>
Mike Garratt <mg.wireshark[AT]evn.co.nz>
Bart Van Assche <bvanassche[AT]acm.org>
Karl Beldan <karl.beldan[AT]gmail.com>
+Peter Lemenkov <lemenkov[AT]gmail.com>
Masayuki Takemura <masayuki.takemura[AT]gmail.com>
-
Dan Lasley <dlasley[AT]promus.com> gave permission for his
dumpit() hex-dump routine to be used.
diff --git a/epan/CMakeLists.txt b/epan/CMakeLists.txt
index 69eb75f..610cea7 100644
@ -82,10 +117,10 @@ index 937f522..73217d7 100644
packet-rudp.c \
diff --git a/epan/dissectors/packet-rtpproxy.c b/epan/dissectors/packet-rtpproxy.c
new file mode 100644
index 0000000..7148d58
index 0000000..f606abb
--- /dev/null
+++ b/epan/dissectors/packet-rtpproxy.c
@@ -0,0 +1,808 @@
@@ -0,0 +1,959 @@
+/* packet-rtpproxy.c
+ * RTPproxy command protocol dissector
+ * Copyright 2013, Peter Lemenkov <lemenkov@gmail.com>
@ -118,8 +153,11 @@ index 0000000..7148d58
+
+#include "config.h"
+
+#include <ctype.h>
+
+#include <epan/packet.h>
+#include <epan/prefs.h>
+#include <epan/conversation.h>
+
+static int proto_rtpproxy = -1;
+
@ -148,6 +186,35 @@ index 0000000..7148d58
+static int hf_rtpproxy_version_request = -1;
+static int hf_rtpproxy_version_supported = -1;
+
+/* Request/response tracking */
+static int hf_rtpproxy_request_in = -1;
+static int hf_rtpproxy_response_in = -1;
+static int hf_rtpproxy_response_time = -1;
+
+typedef struct _rtpproxy_info {
+ guint32 req_frame;
+ guint32 resp_frame;
+ nstime_t req_time;
+} rtpproxy_info_t;
+
+typedef struct _rtpproxy_conv_info {
+ emem_tree_t *trans;
+} rtpproxy_conv_info_t;
+
+
+static const string_string versiontypenames[] = {
+ { "20040107", "Basic RTP proxy functionality" },
+ { "20050322", "Support for multiple RTP streams and MOH" },
+ { "20060704", "Support for extra parameter in the V command" },
+ { "20071116", "Support for RTP re-packetization" },
+ { "20071218", "Support for forking (copying) RTP stream" },
+ { "20080403", "Support for RTP statistics querying" },
+ { "20081102", "Support for setting codecs in the update/lookup command" },
+ { "20081224", "Support for session timeout notifications" },
+ { "20090810", "Support for automatic bridging" },
+ { 0, NULL }
+};
+
+static const value_string commandtypenames[] = {
+ { 'V', "Handshake/Ping" },
+ { 'v', "Handshake/Ping" },
@ -180,10 +247,21 @@ index 0000000..7148d58
+ { 0, NULL }
+};
+
+static const value_string errortypenames[] = {
+ { '1', "Syntax" }, /* E1 */
+ { '7', "Software" }, /* E7 */
+ { '8', "Not Found" }, /* E8 */
+static const string_string errortypenames[] = {
+ { "E0", "Syntax error" },
+ { "E1", "Syntax error" },
+ { "E2", "Syntax error" },
+ { "E3", "Unknown command" },
+ { "E4", "Syntax error" },
+ { "E5", "Out of memory" },
+ { "E6", "<no description>" },
+ { "E7", "Software error (can't create listener)" },
+ { "E8", "Not Found" },
+ { "E10", "Software error (can't create listener)" },
+ { "E11", "Out of memory" },
+ { "E12", "Out of memory" },
+ { "E13", "Out of memory" },
+ { "E14", "Out of memory" },
+ { 0, NULL }
+};
+
@ -238,17 +316,67 @@ index 0000000..7148d58
+ return (end == realsize ? -1 : (gint)end);
+}
+
+static void
+dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+void
+rtpproxy_add_tid(gboolean is_request, tvbuff_t *tvb, packet_info *pinfo, proto_tree *rtpproxy_tree, rtpproxy_conv_info_t *rtpproxy_conv, gchar* cookie)
+{
+ rtpproxy_info_t *rtpproxy_info;
+ proto_item *pi;
+
+ if (!PINFO_FD_VISITED(pinfo)) {
+ if (is_request){
+ rtpproxy_info = se_new(rtpproxy_info_t);
+ rtpproxy_info->req_frame = PINFO_FD_NUM(pinfo);
+ rtpproxy_info->resp_frame = 0;
+ rtpproxy_info->req_time = pinfo->fd->abs_ts;
+ se_tree_insert_string(rtpproxy_conv->trans, cookie, rtpproxy_info, 0);
+ } else {
+ rtpproxy_info = (rtpproxy_info_t *)se_tree_lookup_string(rtpproxy_conv->trans, cookie, 0);
+ if (rtpproxy_info) {
+ rtpproxy_info->resp_frame = PINFO_FD_NUM(pinfo);
+ }
+ }
+ } else {
+ rtpproxy_info = (rtpproxy_info_t *)se_tree_lookup_string(rtpproxy_conv->trans, cookie, 0);
+ if (rtpproxy_info && (is_request ? rtpproxy_info->resp_frame : rtpproxy_info->req_frame)) {
+ nstime_t ns;
+
+ pi = proto_tree_add_uint(rtpproxy_tree, is_request ? hf_rtpproxy_response_in : hf_rtpproxy_request_in, tvb, 0, 0, is_request ? rtpproxy_info->resp_frame : rtpproxy_info->req_frame);
+ PROTO_ITEM_SET_GENERATED(pi);
+
+ /* If reply then calculate response time */
+ if (!is_request){
+ nstime_delta(&ns, &pinfo->fd->abs_ts, &rtpproxy_info->req_time);
+ pi = proto_tree_add_time(rtpproxy_tree, hf_rtpproxy_response_time, tvb, 0, 0, &ns);
+ PROTO_ITEM_SET_GENERATED(pi);
+ }
+ }
+ }
+}
+
+static int
+dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
+{
+ gboolean has_lf = FALSE;
+ guint offset = 0;
+ gint offset = 0;
+ gint new_offset = 0;
+ guint tmp;
+ guint realsize = 0;
+ gint realsize = 0;
+ guint8* rawstr;
+ guint8* tmpstr;
+ proto_item *ti;
+ proto_tree *rtpproxy_tree;
+ conversation_t *conversation;
+ rtpproxy_conv_info_t *rtpproxy_conv;
+ gchar* cookie = NULL;
+
+ /* If it does not start with a printable character it's not RTPProxy */
+ if(!isprint(tvb_get_guint8(tvb, 0)))
+ return 0;
+
+ /* Extract Cookie */
+ offset = tvb_find_guint8(tvb, offset, -1, ' ');
+ if(offset == -1)
+ return 0;
+
+ /* Clear out stuff in the info column - we''l set it later */
+ col_clear(pinfo->cinfo, COL_INFO);
@ -256,9 +384,8 @@ index 0000000..7148d58
+ ti = proto_tree_add_item(tree, proto_rtpproxy, tvb, 0, -1, ENC_NA);
+ rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy);
+
+ /* Extract Cookie */
+ offset = tvb_find_guint8(tvb, offset, -1, ' ');
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_cookie, tvb, 0, offset, ENC_ASCII | ENC_NA);
+ cookie = tvb_get_ephemeral_string(tvb, 0, offset);
+
+ /* Skip whitespace */
+ offset = tvb_skip_wsp(tvb, offset+1, -1);
@ -276,6 +403,15 @@ index 0000000..7148d58
+ else
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTPproxy (no LF)");
+
+ /* Try to create conversation */
+ conversation = find_or_create_conversation(pinfo);
+ rtpproxy_conv = (rtpproxy_conv_info_t *)conversation_get_proto_data(conversation, proto_rtpproxy);
+ if (!rtpproxy_conv) {
+ rtpproxy_conv = se_new(rtpproxy_conv_info_t);
+ rtpproxy_conv->trans = se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "rtpproxy transactions");;
+ conversation_add_proto_data(conversation, proto_rtpproxy, rtpproxy_conv);
+ }
+
+ /* Get payload string */
+ rawstr = tvb_get_ephemeral_string(tvb, offset, realsize - offset);
+
@ -286,12 +422,13 @@ index 0000000..7148d58
+ case 's':
+ /* A specific case - long statistics answer */
+ /* %COOKIE% sessions created %NUM0% active sessions: %NUM1% */
+ rtpproxy_add_tid(FALSE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
+ if ('e' == tvb_get_guint8(tvb, offset+1)){
+ col_add_fstr(pinfo->cinfo, COL_INFO, "Reply: %s", rawstr);
+ ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_reply, tvb, offset, -1, ENC_NA);
+
+ rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_reply);
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_status, tvb, offset, realsize - offset, ENC_NA);
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_status, tvb, offset, realsize - offset, ENC_ASCII | ENC_NA);
+ break;
+ }
+ case 'i':
@ -304,15 +441,18 @@ index 0000000..7148d58
+ case 'r':
+ case 'c':
+ case 'q':
+ rtpproxy_add_tid(TRUE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
+ col_add_fstr(pinfo->cinfo, COL_INFO, "Request: %s", rawstr);
+ ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_request, tvb, offset, -1, ENC_NA);
+ rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_request);
+
+ /* A specific case - version request */
+ if ((tmp == 'v') && (offset + strlen("VF YYYMMDD") + 1 == realsize)){
+ if ((tmp == 'v') && (offset + (gint)strlen("VF YYYMMDD") + 1 == realsize)){
+ /* Skip whitespace */
+ new_offset = tvb_skip_wsp(tvb, offset + ((guint)strlen("VF") + 1), -1);
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_version_request, tvb, new_offset, (gint)strlen("YYYYMMDD"), ENC_ASCII | ENC_NA);
+ ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_version_request, tvb, new_offset, (gint)strlen("YYYYMMDD"), ENC_ASCII | ENC_NA);
+ tmpstr = tvb_get_ephemeral_string(tvb, new_offset, (gint)strlen("YYYYMMDD"));
+ proto_item_append_text(ti, " (%s)", str_to_str(tmpstr, versiontypenames, "Unknown"));
+ break;
+ }
+
@ -329,9 +469,9 @@ index 0000000..7148d58
+
+ /* Extract parameters */
+ /* Parameters should be right after the command and before EOL (in case of Info command) or before whitespace */
+ new_offset = (tmp == 'i' ? (gint)(realsize - 1 > offset ? offset + strlen("Ib") : offset + strlen("I")) : tvb_find_guint8(tvb, offset, -1, ' '));
+ new_offset = (tmp == 'i' ? (realsize - 1 > offset ? offset + (gint)strlen("Ib") : offset + (gint)strlen("I")) : tvb_find_guint8(tvb, offset, -1, ' '));
+
+ if (new_offset != (gint)offset + 1){
+ if (new_offset != offset + 1){
+ rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_command);
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_command_parameters, tvb, offset+1, new_offset - (offset+1), ENC_ASCII | ENC_NA);
+ rtpproxy_tree = proto_item_get_parent(ti);
@ -408,7 +548,7 @@ index 0000000..7148d58
+ /* Extract Notification address */
+ if (tmp == 'u'){
+ new_offset = tvb_find_guint8(tvb, offset, -1, ' ');
+ ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_notify, tvb, offset, realsize - offset, ENC_NA);
+ ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_notify, tvb, offset, realsize - offset, ENC_ASCII | ENC_NA);
+ proto_item_set_text(ti, "Notify");
+ rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_notify);
+ if(new_offset == -1){
@ -446,6 +586,7 @@ index 0000000..7148d58
+ case '7':
+ case '8':
+ case '9':
+ rtpproxy_add_tid(FALSE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
+ if (tmp == 'e')
+ col_add_fstr(pinfo->cinfo, COL_INFO, "Error reply: %s", rawstr);
+ else
@ -455,25 +596,28 @@ index 0000000..7148d58
+ rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_reply);
+
+ if (tmp == 'e'){
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_error, tvb, offset+1, 1, ENC_ASCII | ENC_NA);
+ tmp = tvb_find_line_end(tvb, offset, -1, &new_offset, FALSE);
+ tmpstr = tvb_get_ephemeral_string(tvb, offset, tmp);
+ ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_error, tvb, offset, (gint)strlen(tmpstr), ENC_ASCII | ENC_NA);
+ proto_item_append_text(ti, " (%s)", str_to_str(tmpstr, errortypenames, "Unknown"));
+ break;
+ }
+
+ if (tmp == 'a'){
+ /* A specific case - short statistics answer */
+ /* %COOKIE% active sessions: %NUM1% */
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_status, tvb, offset, realsize - offset, ENC_NA);
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_status, tvb, offset, realsize - offset, ENC_ASCII | ENC_NA);
+ break;
+ }
+ if ((tmp == '0')&& ((tvb_reported_length(tvb) == offset+1)||(tvb_reported_length(tvb) == offset+2))){
+ if ((tmp == '0')&& ((tvb_reported_length(tvb) == (guint)(offset+1))||(tvb_reported_length(tvb) == (guint)(offset+2)))){
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_ok, tvb, offset, 1, ENC_ASCII | ENC_NA);
+ break;
+ }
+ if ((tmp == '1') && ((tvb_reported_length(tvb) == offset+1)||(tvb_reported_length(tvb) == offset+2))){
+ if ((tmp == '1') && ((tvb_reported_length(tvb) == (guint)(offset+1))||(tvb_reported_length(tvb) == (guint)(offset+2)))){
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_ok, tvb, offset, 1, ENC_ASCII | ENC_NA);
+ break;
+ }
+ if (tvb_reported_length(tvb) == offset+9){
+ if (tvb_reported_length(tvb) == (guint)(offset+9)){
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_version_supported, tvb, offset, 8, ENC_ASCII | ENC_NA);
+ break;
+ }
@ -496,6 +640,8 @@ index 0000000..7148d58
+ }
+ if (has_lf)
+ proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_lf, tvb, realsize, 1, ENC_NA);
+
+ return tvb_length(tvb);
+}
+
+void
@ -548,9 +694,9 @@ index 0000000..7148d58
+ {
+ "Error",
+ "rtpproxy.error",
+ FT_UINT8,
+ BASE_DEC,
+ VALS(errortypenames),
+ FT_STRING,
+ BASE_NONE,
+ NULL,
+ 0x0,
+ NULL,
+ HFILL
@ -816,6 +962,46 @@ index 0000000..7148d58
+ HFILL
+ }
+ },
+ {
+ &hf_rtpproxy_request_in,
+ {
+ "Request In",
+ "rtpproxy.request_in",
+ FT_FRAMENUM,
+ BASE_NONE,
+ NULL,
+ 0x0,
+ NULL,
+ HFILL
+ }
+
+ },
+ {
+ &hf_rtpproxy_response_in,
+ {
+ "Response In",
+ "rtpproxy.response_in",
+ FT_FRAMENUM,
+ BASE_NONE,
+ NULL,
+ 0x0,
+ NULL,
+ HFILL
+ }
+ },
+ {
+ &hf_rtpproxy_response_time,
+ {
+ "Response Time",
+ "rtpproxy.response_time",
+ FT_RELATIVE_TIME,
+ BASE_NONE,
+ NULL,
+ 0x0,
+ "The time between the Request and the Reply",
+ HFILL
+ }
+ }
+ };
+
+ /* Setup protocol subtree array */
@ -862,8 +1048,8 @@ index 0000000..7148d58
+ static dissector_handle_t rtpproxy_tcp_handle, rtpproxy_udp_handle;
+
+ if(!rtpproxy_initialized){
+ rtpproxy_tcp_handle = create_dissector_handle(dissect_rtpproxy, proto_rtpproxy);
+ rtpproxy_udp_handle = create_dissector_handle(dissect_rtpproxy, proto_rtpproxy);
+ rtpproxy_tcp_handle = new_create_dissector_handle(dissect_rtpproxy, proto_rtpproxy);
+ rtpproxy_udp_handle = new_create_dissector_handle(dissect_rtpproxy, proto_rtpproxy);
+ rtpproxy_initialized = TRUE;
+ }
+
@ -894,6 +1080,3 @@ index 0000000..7148d58
+ * vi: set shiftwidth=8 tabstop=8 noexpandtab:
+ * :indentSize=8:tabSize=8:noTabs=false:
+ */
--
1.8.3.1

View File

@ -1,7 +1,7 @@
From 9bad0b9e84deabc2b65cee6a650b68866d7d70f3 Mon Sep 17 00:00:00 2001
From 1904600d69fb059c768170d12d636137f3b19de0 Mon Sep 17 00:00:00 2001
From: Anders Broman <anders.broman@ericsson.com>
Date: Thu, 11 Jul 2013 21:13:27 +0000
Subject: [PATCH 07/13] The beginning of an openflow dissector.
Subject: [PATCH] The beginning of an openflow dissector.
svn path=/trunk/; revision=50513
@ -51,12 +51,6 @@ svn path=/trunk/; revision=51737
Fix "malformed packet" and tidy up a bit.
svn path=/trunk/; revision=51740
---
epan/CMakeLists.txt | 1 +
epan/dissectors/Makefile.common | 1 +
epan/dissectors/packet-openflow.c | 1430 +++++++++++++++++++++++++++++++++++++
3 files changed, 1432 insertions(+)
create mode 100644 epan/dissectors/packet-openflow.c
diff --git a/epan/CMakeLists.txt b/epan/CMakeLists.txt
index 610cea7..83e975d 100644
@ -1518,6 +1512,3 @@ index 0000000..cc71824
+ * vi: set shiftwidth=4 tabstop=8 expandtab:
+ * :indentSize=4:tabSize=8:noTabs=true:
+ */
--
1.8.3.1

View File

@ -1,13 +1,9 @@
From b30893997caf826b0ebdc7e0cb6d5e1f89bbd08e Mon Sep 17 00:00:00 2001
From 37c27f6c58004b8682bcc3bb10c2cc13cd81a653 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Radek=20Vok=C3=A1l?= <rvokal@fedoraproject.org>
Date: Mon, 21 Dec 2009 11:19:39 +0000
Subject: [PATCH 08/13] adds autoconf macro file
Subject: [PATCH] adds autoconf macro file
updated autoconf macros and pkgconfig file in wireshark-devel to reflect current config.h Resolves: #746655
---
wireshark-autoconf.m4 | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 101 insertions(+)
create mode 100644 wireshark-autoconf.m4
diff --git a/wireshark-autoconf.m4 b/wireshark-autoconf.m4
new file mode 100644
@ -116,6 +112,3 @@ index 0000000..d8015d8
+ AC_SUBST(WIRESHARK_LIBS)
+ AC_SUBST(WIRESHARK_VERSION)
+])
--
1.8.3.1

View File

@ -1,12 +1,9 @@
From 8e0c0df6291f9e8948d6653230bdc59692803890 Mon Sep 17 00:00:00 2001
From 1022a03e6f71efdff1b91c87b2426a229a24791d Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <lemenkov@gmail.com>
Date: Fri, 13 Sep 2013 14:36:55 +0400
Subject: [PATCH 09/13] Restore Fedora-specific groups
Subject: [PATCH] Restore Fedora-specific groups
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
---
wireshark.desktop | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/wireshark.desktop b/wireshark.desktop
index b0fe1ae..d275887 100644
@ -18,6 +15,3 @@ index b0fe1ae..d275887 100644
# http://standards.freedesktop.org/menu-spec/1.0/
-Categories=System;Monitor;GTK;
+Categories=Application;Network;GTK;
--
1.8.3.1

View File

@ -1,14 +1,8 @@
From a5f6e0766675cf2e6f7104a04d9d73eca2c6796d Mon Sep 17 00:00:00 2001
From 5fcb09305500b72fa2cb584c4ef8ab0e3a08c22c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Radek=20Vok=C3=A1l?= <rvokal@fedoraproject.org>
Date: Thu, 17 Dec 2009 09:17:07 +0000
Subject: [PATCH 10/13] Add pkgconfig entry
Subject: [PATCH] Add pkgconfig entry
---
Makefile.am | 3 +++
configure.ac | 1 +
wireshark.pc.in | 11 +++++++++++
3 files changed, 15 insertions(+)
create mode 100644 wireshark.pc.in
diff --git a/Makefile.am b/Makefile.am
index eb735a5..2844c90 100644
@ -53,6 +47,3 @@ index 0000000..2e2fcdc
+Requires: glib-2.0 gmodule-2.0
+Libs: -L@libdir@ -lwireshark -lwiretap
+Cflags: -DWS_VAR_IMPORT=extern -DHAVE_STDARG_H -DWS_MSVC_NORETURN= -I@includedir@/wireshark -I@includedir@/wireshark/epan
--
1.8.3.1

View File

@ -1,15 +1,8 @@
From 44ac61f5942aa0a58f6a85781666b178244e89cd Mon Sep 17 00:00:00 2001
From 019eea6cacbf7f01290ac6b42c1609c573ba0a33 Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <lemenkov@gmail.com>
Date: Fri, 13 Sep 2013 15:25:12 +0400
Subject: [PATCH 11/13] Install autoconf-related file
Subject: [PATCH] Install autoconf-related file
---
Makefile.am | 3 ++
wireshark-autoconf.m4 | 101 --------------------------------------------------
wireshark.m4 | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 104 insertions(+), 101 deletions(-)
delete mode 100644 wireshark-autoconf.m4
create mode 100644 wireshark.m4
diff --git a/Makefile.am b/Makefile.am
index 2844c90..3053bda 100644
@ -239,6 +232,3 @@ index 0000000..d8015d8
+ AC_SUBST(WIRESHARK_LIBS)
+ AC_SUBST(WIRESHARK_VERSION)
+])
--
1.8.3.1

View File

@ -1,18 +1,8 @@
From aaf8ad314b952c61c9b569ac22c2765f5e6653d7 Mon Sep 17 00:00:00 2001
From 0ecd119162d513c50e37206846f4238257fde247 Mon Sep 17 00:00:00 2001
From: Peter Hatina <phatina@redhat.com>
Date: Tue, 24 Sep 2013 10:55:09 +0200
Subject: [PATCH 12/13] move default temporary directory to /var/tmp
Subject: [PATCH] move default temporary directory to /var/tmp
---
epan/filesystem.c | 4 ++-
tempfile.c | 7 ++---
ui/gtk/proto_help.c | 4 ++-
wsutil/Makefile.common | 6 +++--
wsutil/wstmpdir.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++
wsutil/wstmpdir.h | 39 ++++++++++++++++++++++++++++
6 files changed, 123 insertions(+), 7 deletions(-)
create mode 100644 wsutil/wstmpdir.c
create mode 100644 wsutil/wstmpdir.h
diff --git a/epan/filesystem.c b/epan/filesystem.c
index 053711d..adf3b91 100644
@ -239,6 +229,3 @@ index 0000000..021b615
+#endif // __cplusplus
+
+#endif // __WS_TMP_DIR_H__
--
1.8.3.1

View File

@ -1,178 +0,0 @@
From ce5c6e5de39f4af8b76dad77d2c237064e0930eb Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <lemenkov@gmail.com>
Date: Tue, 1 Oct 2013 13:35:57 +0400
Subject: [PATCH 13/13] Added basic conversation support
Loosely based on a work done by Pascal Quantin <pascal.quantin@gmail.com> (see
svn rev. 52306).
This was backported from master. See this link for the original patch:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9211
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
---
epan/dissectors/packet-rtpproxy.c | 84 +++++++++++++++++++++++++++++++++++++++
1 file changed, 84 insertions(+)
diff --git a/epan/dissectors/packet-rtpproxy.c b/epan/dissectors/packet-rtpproxy.c
index 7148d58..9f271b1 100644
--- a/epan/dissectors/packet-rtpproxy.c
+++ b/epan/dissectors/packet-rtpproxy.c
@@ -32,6 +32,7 @@
#include <epan/packet.h>
#include <epan/prefs.h>
+#include <epan/conversation.h>
static int proto_rtpproxy = -1;
@@ -60,6 +61,19 @@ static int hf_rtpproxy_reply = -1;
static int hf_rtpproxy_version_request = -1;
static int hf_rtpproxy_version_supported = -1;
+/* Request/response tracking */
+static int hf_rtpproxy_request_in = -1;
+static int hf_rtpproxy_response_in = -1;
+
+typedef struct _rtpproxy_info {
+ guint32 req_frame;
+ guint32 resp_frame;
+} rtpproxy_info_t;
+
+typedef struct _rtpproxy_conv_info {
+ emem_tree_t *trans;
+} rtpproxy_conv_info_t;
+
static const value_string commandtypenames[] = {
{ 'V', "Handshake/Ping" },
{ 'v', "Handshake/Ping" },
@@ -150,6 +164,33 @@ rtpptoxy_add_tag(proto_tree *rtpproxy_tree, tvbuff_t *tvb, guint begin, guint re
return (end == realsize ? -1 : (gint)end);
}
+void
+rtpproxy_add_tid(gboolean is_request, tvbuff_t *tvb, packet_info *pinfo, proto_tree *rtpproxy_tree, rtpproxy_conv_info_t *rtpproxy_conv, gchar* cookie)
+{
+ rtpproxy_info_t *rtpproxy_info;
+ proto_item *pi;
+
+ if (!PINFO_FD_VISITED(pinfo)) {
+ if (is_request){
+ rtpproxy_info = se_new(rtpproxy_info_t);
+ rtpproxy_info->req_frame = PINFO_FD_NUM(pinfo);
+ rtpproxy_info->resp_frame = 0;
+ se_tree_insert_string(rtpproxy_conv->trans, cookie, rtpproxy_info, 0);
+ } else {
+ rtpproxy_info = (rtpproxy_info_t *)se_tree_lookup_string(rtpproxy_conv->trans, cookie, 0);
+ if (rtpproxy_info) {
+ rtpproxy_info->resp_frame = PINFO_FD_NUM(pinfo);
+ }
+ }
+ } else {
+ rtpproxy_info = (rtpproxy_info_t *)se_tree_lookup_string(rtpproxy_conv->trans, cookie, 0);
+ if (rtpproxy_info && (is_request ? rtpproxy_info->resp_frame : rtpproxy_info->req_frame)) {
+ pi = proto_tree_add_uint(rtpproxy_tree, is_request ? hf_rtpproxy_response_in : hf_rtpproxy_request_in, tvb, 0, 0, is_request ? rtpproxy_info->resp_frame : rtpproxy_info->req_frame);
+ PROTO_ITEM_SET_GENERATED(pi);
+ }
+ }
+}
+
static void
dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
@@ -161,6 +202,9 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
guint8* rawstr;
proto_item *ti;
proto_tree *rtpproxy_tree;
+ conversation_t *conversation;
+ rtpproxy_conv_info_t *rtpproxy_conv;
+ gchar* cookie = NULL;
/* Clear out stuff in the info column - we''l set it later */
col_clear(pinfo->cinfo, COL_INFO);
@@ -171,6 +215,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/* Extract Cookie */
offset = tvb_find_guint8(tvb, offset, -1, ' ');
proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_cookie, tvb, 0, offset, ENC_ASCII | ENC_NA);
+ cookie = tvb_get_ephemeral_string(tvb, 0, offset);
/* Skip whitespace */
offset = tvb_skip_wsp(tvb, offset+1, -1);
@@ -188,6 +233,15 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
else
col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTPproxy (no LF)");
+ /* Try to create conversation */
+ conversation = find_or_create_conversation(pinfo);
+ rtpproxy_conv = (rtpproxy_conv_info_t *)conversation_get_proto_data(conversation, proto_rtpproxy);
+ if (!rtpproxy_conv) {
+ rtpproxy_conv = se_new(rtpproxy_conv_info_t);
+ rtpproxy_conv->trans = se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "rtpproxy transactions");;
+ conversation_add_proto_data(conversation, proto_rtpproxy, rtpproxy_conv);
+ }
+
/* Get payload string */
rawstr = tvb_get_ephemeral_string(tvb, offset, realsize - offset);
@@ -198,6 +252,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
case 's':
/* A specific case - long statistics answer */
/* %COOKIE% sessions created %NUM0% active sessions: %NUM1% */
+ rtpproxy_add_tid(FALSE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
if ('e' == tvb_get_guint8(tvb, offset+1)){
col_add_fstr(pinfo->cinfo, COL_INFO, "Reply: %s", rawstr);
ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_reply, tvb, offset, -1, ENC_NA);
@@ -216,6 +271,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
case 'r':
case 'c':
case 'q':
+ rtpproxy_add_tid(TRUE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
col_add_fstr(pinfo->cinfo, COL_INFO, "Request: %s", rawstr);
ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_request, tvb, offset, -1, ENC_NA);
rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_request);
@@ -358,6 +414,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
case '7':
case '8':
case '9':
+ rtpproxy_add_tid(FALSE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
if (tmp == 'e')
col_add_fstr(pinfo->cinfo, COL_INFO, "Error reply: %s", rawstr);
else
@@ -728,6 +785,33 @@ proto_register_rtpproxy(void)
HFILL
}
},
+ {
+ &hf_rtpproxy_request_in,
+ {
+ "Request In",
+ "rtpproxy.request_in",
+ FT_FRAMENUM,
+ BASE_NONE,
+ NULL,
+ 0x0,
+ NULL,
+ HFILL
+ }
+
+ },
+ {
+ &hf_rtpproxy_response_in,
+ {
+ "Response In",
+ "rtpproxy.response_in",
+ FT_FRAMENUM,
+ BASE_NONE,
+ NULL,
+ 0x0,
+ NULL,
+ HFILL
+ }
+ }
};
/* Setup protocol subtree array */
--
1.8.3.1

View File

@ -0,0 +1,129 @@
From a507e19a98210dd7347acd0ffad901c915d09751 Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <lemenkov@gmail.com>
Date: Thu, 7 Nov 2013 22:12:37 +0400
Subject: [PATCH] Initial version of RT(C)P dissector hinting
Backported from patch sent upstream:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9397
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
diff --git a/epan/dissectors/packet-rtpproxy.c b/epan/dissectors/packet-rtpproxy.c
index f606abb..7920e87 100644
--- a/epan/dissectors/packet-rtpproxy.c
+++ b/epan/dissectors/packet-rtpproxy.c
@@ -31,11 +31,24 @@
#include "config.h"
#include <ctype.h>
+#include <glib.h>
+#include <epan/address.h>
#include <epan/packet.h>
#include <epan/prefs.h>
#include <epan/conversation.h>
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+#ifdef NEED_INET_V6DEFS_H
+# include "wsutil/inet_v6defs.h"
+#endif
+
+/* For setting up RTP/RTCP dissectors based on the RTPproxy's answers */
+#include "packet-rtp.h"
+#include "packet-rtcp.h"
+
static int proto_rtpproxy = -1;
static int hf_rtpproxy_cookie = -1;
@@ -74,6 +87,9 @@ typedef struct _rtpproxy_info {
nstime_t req_time;
} rtpproxy_info_t;
+static dissector_handle_t rtp_handle;
+static dissector_handle_t rtcp_handle;
+
typedef struct _rtpproxy_conv_info {
emem_tree_t *trans;
} rtpproxy_conv_info_t;
@@ -158,6 +174,7 @@ static gint ett_rtpproxy_reply = -1;
static guint rtpproxy_tcp_port = 22222;
static guint rtpproxy_udp_port = 22222;
+static gboolean rtpproxy_establish_conversation = TRUE;
void proto_reg_handoff_rtpproxy(void);
@@ -245,6 +262,10 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data
conversation_t *conversation;
rtpproxy_conv_info_t *rtpproxy_conv;
gchar* cookie = NULL;
+ /* For RT(C)P setup */
+ address addr;
+ guint16 port;
+ guint32 ipaddr[4];
/* If it does not start with a printable character it's not RTPProxy */
if(!isprint(tvb_get_guint8(tvb, 0)))
@@ -501,16 +522,36 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data
/* Extract Port */
new_offset = tvb_find_guint8(tvb, offset, -1, ' ');
+ /* Convert port to unsigned 16-bit number */
+ port = (guint16) g_ascii_strtoull((gchar*)tvb_get_ephemeral_string(tvb, offset, new_offset - offset), NULL, 10);
proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_port, tvb, offset, new_offset - offset, ENC_ASCII | ENC_NA);
/* Skip whitespace */
offset = tvb_skip_wsp(tvb, new_offset+1, -1);
/* Extract IP */
tmp = tvb_find_line_end(tvb, offset, -1, &new_offset, FALSE);
- if (tvb_find_guint8(tvb, offset, -1, ':') == -1)
+ if (tvb_find_guint8(tvb, offset, -1, ':') == -1){
+ inet_pton(AF_INET, (char*)tvb_get_ephemeral_string(tvb, offset, tmp), &ipaddr);
+ addr.type = AT_IPv4;
+ addr.len = 4;
+ addr.data = se_memdup(&ipaddr, 4);
proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_ipv4, tvb, offset, tmp, ENC_ASCII | ENC_NA);
- else
+ }
+ else{
+ inet_pton(AF_INET6, (char*)tvb_get_ephemeral_string(tvb, offset, tmp), &ipaddr);
+ addr.type = AT_IPv6;
+ addr.len = 16;
+ addr.data = se_memdup(&ipaddr, 16);
proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_ipv6, tvb, offset, tmp, ENC_ASCII | ENC_NA);
+ }
+
+ if (rtp_handle) {
+ /* FIXME tell is is't a video stream, and setup codec mapping */
+ rtp_add_address(pinfo, &addr, port, 0, "RTPproxy", pinfo->fd->num, 0, NULL);
+ }
+ if (rtcp_handle) {
+ rtcp_add_address(pinfo, &addr, port+1, 0, "RTPproxy", pinfo->fd->num);
+ }
break;
default:
break;
@@ -912,6 +953,11 @@ proto_register_rtpproxy(void)
"RTPproxy UDP Port", /* Descr */
10,
&rtpproxy_udp_port);
+ prefs_register_bool_preference(rtpproxy_module, "establish_conversation",
+ "Establish Media Conversation",
+ "Specifies that RTP/RTCP/T.38/MSRP/etc streams are decoded based "
+ "upon port numbers found in RTPproxy answers",
+ &rtpproxy_establish_conversation);
}
void
@@ -943,6 +989,9 @@ proto_reg_handoff_rtpproxy(void)
if(rtpproxy_udp_port != 0 && old_rtpproxy_udp_port != rtpproxy_udp_port)
dissector_add_uint("udp.port", rtpproxy_udp_port, rtpproxy_udp_handle);
old_rtpproxy_udp_port = rtpproxy_udp_port;
+
+ rtp_handle = find_dissector("rtp");
+ rtcp_handle = find_dissector("rtcp");
}
/*

View File

@ -21,7 +21,7 @@
Summary: Network traffic analyzer
Name: wireshark
Version: 1.10.3
Release: 3%{?dist}
Release: 4%{?dist}
License: GPL+
Group: Applications/Internet
Source0: http://wireshark.org/download/src/%{name}-%{version}.tar.bz2
@ -48,8 +48,8 @@ Patch11: wireshark-0011-Install-autoconf-related-file.patch
# Fedora-specific
Patch12: wireshark-0012-move-default-temporary-directory-to-var-tmp.patch
# Backported to 1.10.x from the patch from this ticket:
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9211
Patch13: wireshark-0013-Added-basic-conversation-support.patch
# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9397
Patch13: wireshark-0013-Initial-version-of-RT-C-P-dissector-hinting.patch
Url: http://www.wireshark.org/
BuildRequires: libpcap-devel >= 0.9
@ -156,7 +156,7 @@ and plugins.
%patch10 -p1 -b .add_pkgconfig
%patch11 -p1 -b .install_autoconf
%patch12 -p1 -b .tmp_dir
%patch13 -p1 -b .rtpproxy_conversations
%patch13 -p1 -b .rtpproxy_hinting
%build
%ifarch s390 s390x sparcv9 sparc64
@ -351,6 +351,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%{_datadir}/aclocal/*
%changelog
* Wed Nov 13 2013 Peter Lemenkov <lemenkov@gmail.com> - 1.10.3-4
- Updated RTPproxy dissector
* Thu Nov 07 2013 Peter Hatina <phatina@redhat.com> - 1.10.3-3
- fix subpackage requires