Bug Summary

File:builds/wireshark/wireshark/epan/dissectors/packet-tcpcl.c
Warning:line 1114, column 9
Value stored to 'frm' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name packet-tcpcl.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -fno-delete-null-pointer-checks -mframe-pointer=all -relaxed-aliasing -fmath-errno -ffp-contract=on -fno-rounding-math -ffloat16-excess-precision=fast -fbfloat16-excess-precision=fast -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/builds/wireshark/wireshark/build -fcoverage-compilation-dir=/builds/wireshark/wireshark/build -resource-dir /usr/lib/llvm-21/lib/clang/21 -isystem /usr/include/glib-2.0 -isystem /usr/lib/x86_64-linux-gnu/glib-2.0/include -isystem /builds/wireshark/wireshark/epan/dissectors -isystem /builds/wireshark/wireshark/build/epan/dissectors -isystem /usr/include/mit-krb5 -isystem /usr/include/libxml2 -isystem /builds/wireshark/wireshark/epan -D G_DISABLE_DEPRECATED -D G_DISABLE_SINGLE_INCLUDES -D WS_BUILD_DLL -D WS_DEBUG -D WS_DEBUG_UTF_8 -I /builds/wireshark/wireshark/build -I /builds/wireshark/wireshark -I /builds/wireshark/wireshark/include -D _GLIBCXX_ASSERTIONS -internal-isystem /usr/lib/llvm-21/lib/clang/21/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/builds/wireshark/wireshark/= -fmacro-prefix-map=/builds/wireshark/wireshark/build/= -fmacro-prefix-map=../= -Wno-format-nonliteral -std=gnu11 -ferror-limit 19 -fvisibility=hidden -fwrapv -fwrapv-pointer -fstrict-flex-arrays=3 -stack-protector 2 -fstack-clash-protection -fcf-protection=full -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fexceptions -fcolor-diagnostics -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /builds/wireshark/wireshark/sbout/2026-05-01-100329-3641-1 -x c /builds/wireshark/wireshark/epan/dissectors/packet-tcpcl.c
1/* packet-tcpcl.c
2 * References:
3 * RFC 7242: https://tools.ietf.org/html/rfc7242
4 * RFC 9174: https://www.rfc-editor.org/rfc/rfc9174.html
5 *
6 * TCPCLv4 portions copyright 2019-2021, Brian Sipos <brian.sipos@gmail.com>
7 * Copyright 2006-2007 The MITRE Corporation.
8 * All Rights Reserved.
9 * Approved for Public Release; Distribution Unlimited.
10 * Tracking Number 07-0090.
11 *
12 * The US Government will not be charged any license fee and/or royalties
13 * related to this software. Neither name of The MITRE Corporation; nor the
14 * names of its contributors may be used to endorse or promote products
15 * derived from this software without specific prior written permission.
16 *
17 * Wireshark - Network traffic analyzer
18 * By Gerald Combs <gerald@wireshark.org>
19 * Copyright 1998 Gerald Combs
20 *
21 * SPDX-License-Identifier: GPL-2.0-or-later
22 */
23
24/*
25 * Modifications were made to this file under designation MFS-33289-1 and
26 * are Copyright 2015 United States Government as represented by NASA
27 * Marshall Space Flight Center. All Rights Reserved.
28 *
29 * Released under the GNU GPL with NASA legal approval granted 2016-06-10.
30 *
31 * The subject software is provided "AS IS" WITHOUT ANY WARRANTY of any kind,
32 * either expressed, implied or statutory and this agreement does not,
33 * in any manner, constitute an endorsement by government agency of any
34 * results, designs or products resulting from use of the subject software.
35 * See the Agreement for the specific language governing permissions and
36 * limitations.
37 */
38
39#include "config.h"
40
41#include <inttypes.h>
42#include <epan/packet.h>
43#include <epan/reassemble.h>
44#include <epan/expert.h>
45#include <epan/tfs.h>
46#include <epan/tvbuff-int.h>
47#include <epan/exceptions.h>
48#include <wsutil/array.h>
49#include "packet-tls-utils.h"
50#include "packet-tcp.h"
51#include "packet-ber.h"
52#include "packet-bpv6.h"
53#include "packet-tcpcl.h"
54
55void proto_register_tcpcl(void);
56void proto_reg_handoff_tcpcl(void);
57
58/// Contact header magic bytes
59static const uint8_t magic[] = {'d', 't', 'n', '!'};
60/// Minimum size of contact header for any version
61static const unsigned minimum_chdr_size = 6;
62
63/// Options for missing contact header handling
64enum AllowContactHeaderMissing {
65 CHDRMSN_DISABLE,
66 CHDRMSN_V3FIRST,
67 CHDRMSN_V3ONLY,
68 CHDRMSN_V4FIRST,
69 CHDRMSN_V4ONLY,
70};
71
72static const enum_val_t chdr_missing_choices[] = {
73 {"disabled", "Disabled", CHDRMSN_DISABLE},
74 {"v4first", "Try TCPCLv4 first", CHDRMSN_V4FIRST},
75 {"v4only", "Only TCPCLv4", CHDRMSN_V4ONLY},
76 {"v3first", "Try TCPCLv3 first", CHDRMSN_V3FIRST},
77 {"v3only", "Only TCPCLv3", CHDRMSN_V3ONLY},
78 {NULL((void*)0), NULL((void*)0), 0},
79};
80
81static int proto_tcpcl;
82static int proto_tcpcl_exts;
83/// Protocol column name
84static const char *const proto_name_tcpcl = "TCPCL";
85
86static int tcpcl_chdr_missing = CHDRMSN_V4FIRST;
87static bool_Bool tcpcl_desegment_transfer = true1;
88static bool_Bool tcpcl_analyze_sequence = true1;
89static bool_Bool tcpcl_decode_bundle = true1;
90
91/* For Reassembling TCP Convergence Layer segments */
92static reassembly_table xfer_reassembly_table;
93
94/// Dissector handles
95static dissector_handle_t tcpcl_handle;
96static dissector_handle_t tls_handle;
97static dissector_handle_t bundle_handle;
98
99/// Extension sub-dissectors
100static dissector_table_t sess_ext_dissectors;
101static dissector_table_t xfer_ext_dissectors;
102
103static const value_string v3_message_type_vals[] = {
104 {((TCPCLV3_DATA_SEGMENT>>4) & 0x0F), "DATA_SEGMENT"},
105 {((TCPCLV3_ACK_SEGMENT>>4) & 0x0F), "ACK_SEGMENT"},
106 {((TCPCLV3_REFUSE_BUNDLE>>4) & 0x0F), "REFUSE_BUNDLE"},
107 {((TCPCLV3_KEEP_ALIVE>>4) & 0x0F), "KEEPALIVE"},
108 {((TCPCLV3_SHUTDOWN>>4) & 0x0F), "SHUTDOWN"},
109 {((TCPCLV3_LENGTH>>4) & 0x0F), "LENGTH"},
110 {0, NULL((void*)0)}
111};
112
113/* Refuse-Bundle Reason-Code Flags as per RFC-7242: Section-5.4 */
114static const value_string v3_refuse_reason_code[] = {
115 {TCPCLV3_REFUSE_REASON_UNKNOWN, "Reason for refusal is unknown"},
116 {TCPCLV3_REFUSE_REASON_RX_COMPLETE, "Complete Bundle Received"},
117 {TCPCLV3_REFUSE_REASON_RX_EXHAUSTED, "Receiver's resources exhausted"},
118 {TCPCLV3_REFUSE_REASON_RX_RETRANSMIT, "Receiver expects re-transmission of bundle"},
119 {0, NULL((void*)0)}
120};
121
122static const value_string v4_message_type_vals[]={
123 {TCPCLV4_MSGTYPE_SESS_INIT, "SESS_INIT"},
124 {TCPCLV4_MSGTYPE_SESS_TERM, "SESS_TERM"},
125 {TCPCLV4_MSGTYPE_MSG_REJECT, "MSG_REJECT"},
126 {TCPCLV4_MSGTYPE_KEEPALIVE, "KEEPALIVE"},
127 {TCPCLV4_MSGTYPE_XFER_SEGMENT, "XFER_SEGMENT"},
128 {TCPCLV4_MSGTYPE_XFER_ACK, "XFER_ACK"},
129 {TCPCLV4_MSGTYPE_XFER_REFUSE, "XFER_REFUSE"},
130 {0, NULL((void*)0)},
131};
132
133static const value_string v4_sess_term_reason_vals[]={
134 {0x00, "Unknown"},
135 {0x01, "Idle timeout"},
136 {0x02, "Version mismatch"},
137 {0x03, "Busy"},
138 {0x04, "Contact Failure"},
139 {0x05, "Resource Exhaustion"},
140 {0, NULL((void*)0)},
141};
142
143static const value_string v4_xfer_refuse_reason_vals[]={
144 {0x00, "Unknown"},
145 {0x01, "Completed"},
146 {0x02, "No Resources"},
147 {0x03, "Retransmit"},
148 {0x04, "Not Acceptable"},
149 {0x05, "Extension Failure"},
150 {0, NULL((void*)0)},
151};
152
153static const value_string v4_msg_reject_reason_vals[]={
154 {0x00, "reserved"},
155 {0x01, "Message Type Unknown"},
156 {0x02, "Message Unsupported"},
157 {0x03, "Message Unexpected"},
158 {0, NULL((void*)0)},
159};
160
161static int hf_chdr_tree;
162static int hf_chdr_magic;
163static int hf_chdr_version;
164static int hf_chdr_related;
165
166/* TCP Convergence Header Variables */
167static int hf_tcpclv3_mhdr;
168static int hf_tcpclv3_pkt_type;
169
170/* Refuse-Bundle reason code */
171static int hf_tcpclv3_refuse_reason_code;
172
173static int hf_tcpclv3_chdr_flags;
174static int hf_tcpclv3_chdr_keep_alive;
175static int hf_tcpclv3_chdr_flags_ack_req;
176static int hf_tcpclv3_chdr_flags_frag_enable;
177static int hf_tcpclv3_chdr_flags_nak;
178static int hf_tcpclv3_chdr_local_eid_length;
179static int hf_tcpclv3_chdr_local_eid;
180
181/* TCP Convergence Data Header Variables */
182static int hf_tcpclv3_data_procflags;
183static int hf_tcpclv3_data_procflags_start;
184static int hf_tcpclv3_data_procflags_end;
185static int hf_tcpclv3_xfer_id;
186static int hf_tcpclv3_data_segment_length;
187static int hf_tcpclv3_data_segment_data;
188
189/* TCP Convergence Ack Variables */
190static int hf_tcpclv3_ack_length;
191
192/* TCP Convergence Shutdown Header Variables */
193static int hf_tcpclv3_shutdown_flags;
194static int hf_tcpclv3_shutdown_flags_reason;
195static int hf_tcpclv3_shutdown_flags_delay;
196static int hf_tcpclv3_shutdown_reason;
197static int hf_tcpclv3_shutdown_delay;
198
199static int hf_tcpclv4_chdr_flags;
200static int hf_tcpclv4_chdr_flags_cantls;
201static int hf_tcpclv4_negotiate_use_tls;
202
203static int hf_tcpclv4_mhdr_tree;
204static int hf_tcpclv4_mhdr_type;
205static int hf_tcpclv4_sess_init_keepalive;
206static int hf_tcpclv4_sess_init_seg_mru;
207static int hf_tcpclv4_sess_init_xfer_mru;
208static int hf_tcpclv4_sess_init_nodeid_len;
209static int hf_tcpclv4_sess_init_nodeid_data;
210static int hf_tcpclv4_sess_init_extlist_len;
211static int hf_tcpclv4_sess_init_related;
212static int hf_tcpclv4_negotiate_keepalive;
213
214static int hf_tcpclv4_sess_term_flags;
215static int hf_tcpclv4_sess_term_flags_reply;
216static int hf_tcpclv4_sess_term_reason;
217static int hf_tcpclv4_sess_term_related;
218
219static int hf_tcpclv4_sessext_tree;
220static int hf_tcpclv4_sessext_flags;
221static int hf_tcpclv4_sessext_flags_crit;
222static int hf_tcpclv4_sessext_type;
223static int hf_tcpclv4_sessext_len;
224static int hf_tcpclv4_sessext_data;
225
226static int hf_tcpclv4_xferext_tree;
227static int hf_tcpclv4_xferext_flags;
228static int hf_tcpclv4_xferext_flags_crit;
229static int hf_tcpclv4_xferext_type;
230static int hf_tcpclv4_xferext_len;
231static int hf_tcpclv4_xferext_data;
232
233static int hf_tcpclv4_xfer_flags;
234static int hf_tcpclv4_xfer_flags_start;
235static int hf_tcpclv4_xfer_flags_end;
236static int hf_tcpclv4_xfer_id;
237static int hf_tcpclv4_xfer_total_len;
238static int hf_tcpclv4_xfer_segment_extlist_len;
239static int hf_tcpclv4_xfer_segment_data_len;
240static int hf_tcpclv4_xfer_segment_data;
241static int hf_tcpclv4_xfer_segment_seen_len;
242static int hf_tcpclv4_xfer_segment_related_start;
243static int hf_tcpclv4_xfer_segment_time_start;
244static int hf_tcpclv4_xfer_segment_related_ack;
245static int hf_tcpclv4_xfer_segment_time_diff;
246static int hf_tcpclv4_xfer_ack_ack_len;
247static int hf_tcpclv4_xfer_ack_related_start;
248static int hf_tcpclv4_xfer_ack_time_start;
249static int hf_tcpclv4_xfer_ack_related_seg;
250static int hf_tcpclv4_xfer_ack_time_diff;
251static int hf_tcpclv4_xfer_refuse_reason;
252static int hf_tcpclv4_xfer_refuse_related_seg;
253static int hf_tcpclv4_msg_reject_reason;
254static int hf_tcpclv4_msg_reject_head;
255
256static int hf_tcpclv4_xferext_transferlen_total_len;
257
258static int hf_othername_bundleeid;
259
260/*TCP Convergence Layer Reassembly boilerplate*/
261static int hf_xfer_fragments;
262static int hf_xfer_fragment;
263static int hf_xfer_fragment_overlap;
264static int hf_xfer_fragment_overlap_conflicts;
265static int hf_xfer_fragment_multiple_tails;
266static int hf_xfer_fragment_too_long_fragment;
267static int hf_xfer_fragment_error;
268static int hf_xfer_fragment_count;
269static int hf_xfer_reassembled_in;
270static int hf_xfer_reassembled_length;
271static int hf_xfer_reassembled_data;
272
273static hf_register_info hf_tcpcl[] = {
274 {&hf_chdr_tree, {"Contact Header", "tcpcl.contact_hdr", FT_NONE, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
275 {&hf_chdr_magic, {"Protocol Magic", "tcpcl.contact_hdr.magic", FT_BYTES, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
276 {&hf_chdr_version, {"Version", "tcpcl.contact_hdr.version", FT_UINT8, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
277 {&hf_chdr_related, {"Related Header", "tcpcl.contact_hdr.related", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
278
279 {&hf_tcpclv3_mhdr,
280 {"TCPCLv3 Message", "tcpcl.mhdr",
281 FT_NONE, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
282 },
283 {&hf_tcpclv3_pkt_type,
284 {"Message Type", "tcpcl.pkt_type",
285 FT_UINT8, BASE_DEC, VALS(v3_message_type_vals)((0 ? (const struct _value_string*)0 : ((v3_message_type_vals
)))), 0xF0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
286 },
287 {&hf_tcpclv3_refuse_reason_code,
288 {"Reason-Code", "tcpcl.refuse.reason_code",
289 FT_UINT8, BASE_DEC, VALS(v3_refuse_reason_code)((0 ? (const struct _value_string*)0 : ((v3_refuse_reason_code
)))), 0x0F, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
290 },
291 {&hf_tcpclv3_data_procflags,
292 {"Data Flags", "tcpcl.data.proc.flag",
293 FT_UINT8, BASE_HEX, NULL((void*)0), TCPCLV3_DATA_FLAGS, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
294 },
295 {&hf_tcpclv3_data_procflags_start,
296 {"Segment contains start of bundle", "tcpcl.data.proc.start",
297 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_DATA_START_FLAG, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
298 },
299 {&hf_tcpclv3_data_procflags_end,
300 {"Segment contains end of Bundle", "tcpcl.data.proc.end",
301 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_DATA_END_FLAG, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
302 },
303 {&hf_tcpclv3_xfer_id, {"Implied Transfer ID", "tcpcl.xfer_id", FT_UINT64, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
304 {&hf_tcpclv3_data_segment_length,
305 {"Segment Length", "tcpcl.data.length",
306 FT_UINT64, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
307 },
308 {&hf_tcpclv3_data_segment_data,
309 {"Segment Data", "tcpcl.data",
310 FT_BYTES, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
311 },
312 {&hf_tcpclv3_shutdown_flags,
313 {"TCP Convergence Shutdown Flags", "tcpcl.shutdown.flags",
314 FT_UINT8, BASE_HEX, NULL((void*)0), TCPCLV3_SHUTDOWN_FLAGS, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
315 },
316 {&hf_tcpclv3_shutdown_flags_reason,
317 {"Shutdown includes Reason Code", "tcpcl.shutdown.reason.flag",
318 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_SHUTDOWN_REASON, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
319 },
320 {&hf_tcpclv3_shutdown_flags_delay,
321 {"Shutdown includes Reconnection Delay", "tcpcl.shutdown.delay.flag",
322 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_SHUTDOWN_DELAY, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
323 },
324 {&hf_tcpclv3_shutdown_reason,
325 {"Shutdown Reason Code", "tcpcl.shutdown.reason",
326 FT_UINT8, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
327 },
328 {&hf_tcpclv3_shutdown_delay,
329 {"Shutdown Reconnection Delay", "tcpcl.shutdown.delay",
330 FT_UINT16, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
331 },
332 {&hf_tcpclv3_ack_length,
333 {"Ack Length", "tcpcl.ack.length",
334 FT_UINT64, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
335 },
336 {&hf_tcpclv3_chdr_flags,
337 {"Flags", "tcpcl.contact_hdr.flags",
338 FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
339 },
340 {&hf_tcpclv3_chdr_flags_ack_req,
341 {"Bundle Acks Requested", "tcpcl.contact_hdr.flags.ackreq",
342 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_BUNDLE_ACK_FLAG, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
343 },
344 {&hf_tcpclv3_chdr_flags_frag_enable,
345 {"Reactive Fragmentation Enabled", "tcpcl.contact_hdr.flags.fragen",
346 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_REACTIVE_FRAG_FLAG, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
347 },
348 {&hf_tcpclv3_chdr_flags_nak,
349 {"Support Negative Acknowledgements", "tcpcl.contact_hdr.flags.nak",
350 FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV3_CONNECTOR_RCVR_FLAG, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
351 },
352 {&hf_tcpclv3_chdr_keep_alive,
353 {"Keep Alive", "tcpcl.contact_hdr.keep_alive",
354 FT_UINT16, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_seconds)((0 ? (const struct unit_name_string*)0 : ((&units_seconds
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
355 },
356 {&hf_tcpclv3_chdr_local_eid,
357 {"Local EID", "tcpcl.contact_hdr.local_eid",
358 FT_STRING, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
359 },
360 {&hf_tcpclv3_chdr_local_eid_length,
361 {"Local EID Length", "tcpcl.contact_hdr.local_eid_length",
362 FT_UINT64, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}
363 },
364
365 {&hf_tcpclv4_chdr_flags, {"Contact Flags", "tcpcl.v4.chdr.flags", FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
366 {&hf_tcpclv4_chdr_flags_cantls, {"CAN_TLS", "tcpcl.v4.chdr.flags.can_tls", FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV4_CONTACT_FLAG_CANTLS, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
367 // Contact negotiation results
368 {&hf_tcpclv4_negotiate_use_tls, {"Negotiated Use TLS", "tcpcl.v4.negotiated.use_tls", FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
369
370 {&hf_tcpclv4_mhdr_tree, {"TCPCLv4 Message", "tcpcl.v4.mhdr", FT_NONE, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
371 {&hf_tcpclv4_mhdr_type, {"Message Type", "tcpcl.v4.mhdr.type", FT_UINT8, BASE_HEX, VALS(v4_message_type_vals)((0 ? (const struct _value_string*)0 : ((v4_message_type_vals
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
372
373 // Session extension fields
374 {&hf_tcpclv4_sessext_tree, {"Session Extension Item", "tcpcl.v4.sessext", FT_PROTOCOL, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
375 {&hf_tcpclv4_sessext_flags, {"Item Flags", "tcpcl.v4.sessext.flags", FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
376 {&hf_tcpclv4_sessext_flags_crit, {"CRITICAL", "tcpcl.v4.sessext.flags.critical", FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV4_EXTENSION_FLAG_CRITICAL, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
377 {&hf_tcpclv4_sessext_type, {"Item Type", "tcpcl.v4.sessext.type", FT_UINT16, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
378 {&hf_tcpclv4_sessext_len, {"Item Length", "tcpcl.v4.sessext.len", FT_UINT32, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
379 {&hf_tcpclv4_sessext_data, {"Type-Specific Data", "tcpcl.v4.sessext.data", FT_NONE, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
380
381 // Transfer extension fields
382 {&hf_tcpclv4_xferext_tree, {"Transfer Extension Item", "tcpcl.v4.xferext", FT_PROTOCOL, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
383 {&hf_tcpclv4_xferext_flags, {"Item Flags", "tcpcl.v4.xferext.flags", FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
384 {&hf_tcpclv4_xferext_flags_crit, {"CRITICAL", "tcpcl.v4.xferext.flags.critical", FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV4_EXTENSION_FLAG_CRITICAL, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
385 {&hf_tcpclv4_xferext_type, {"Item Type", "tcpcl.v4.xferext.type", FT_UINT16, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
386 {&hf_tcpclv4_xferext_len, {"Item Length", "tcpcl.v4.xferext.len", FT_UINT32, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
387 {&hf_tcpclv4_xferext_data, {"Type-Specific Data", "tcpcl.v4.xferext.data", FT_NONE, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
388
389 // SESS_INIT fields
390 {&hf_tcpclv4_sess_init_keepalive, {"Keepalive Interval", "tcpcl.v4.sess_init.keepalive", FT_UINT16, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_seconds)((0 ? (const struct unit_name_string*)0 : ((&units_seconds
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
391 {&hf_tcpclv4_sess_init_seg_mru, {"Segment MRU", "tcpcl.v4.sess_init.seg_mru", FT_UINT64, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
392 {&hf_tcpclv4_sess_init_xfer_mru, {"Transfer MRU", "tcpcl.v4.sess_init.xfer_mru", FT_UINT64, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
393 {&hf_tcpclv4_sess_init_nodeid_len, {"Node ID Length", "tcpcl.v4.sess_init.nodeid_len", FT_UINT16, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
394 {&hf_tcpclv4_sess_init_nodeid_data, {"Node ID Data (UTF8)", "tcpcl.v4.sess_init.nodeid_data", FT_STRING, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
395 {&hf_tcpclv4_sess_init_extlist_len, {"Extension Items Length", "tcpcl.v4.sess_init.extlist_len", FT_UINT32, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
396 {&hf_tcpclv4_sess_init_related, {"Related SESS_INIT", "tcpcl.v4.sess_init.related", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
397 // Session negotiation results
398 {&hf_tcpclv4_negotiate_keepalive, {"Negotiated Keepalive Interval", "tcpcl.v4.negotiated.keepalive", FT_UINT16, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_seconds)((0 ? (const struct unit_name_string*)0 : ((&units_seconds
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
399 // SESS_TERM fields
400 {&hf_tcpclv4_sess_term_flags, {"Flags", "tcpcl.v4.sess_term.flags", FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
401 {&hf_tcpclv4_sess_term_flags_reply, {"REPLY", "tcpcl.v4.sess_term.flags.reply", FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV4_SESS_TERM_FLAG_REPLY, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
402 {&hf_tcpclv4_sess_term_reason, {"Reason", "tcpcl.v4.ses_term.reason", FT_UINT8, BASE_DEC, VALS(v4_sess_term_reason_vals)((0 ? (const struct _value_string*)0 : ((v4_sess_term_reason_vals
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
403 {&hf_tcpclv4_sess_term_related, {"Related SESS_TERM", "tcpcl.v4.ses_term.related", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
404
405 // Common transfer fields
406 {&hf_tcpclv4_xfer_flags, {"Transfer Flags", "tcpcl.v4.xfer_flags", FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
407 {&hf_tcpclv4_xfer_flags_start, {"START", "tcpcl.v4.xfer_flags.start", FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV4_TRANSFER_FLAG_START, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
408 {&hf_tcpclv4_xfer_flags_end, {"END", "tcpcl.v4.xfer_flags.end", FT_BOOLEAN, 8, TFS(&tfs_set_notset)((0 ? (const struct true_false_string*)0 : ((&tfs_set_notset
)))), TCPCLV4_TRANSFER_FLAG_END, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
409 {&hf_tcpclv4_xfer_id, {"Transfer ID", "tcpcl.v4.xfer_id", FT_UINT64, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
410 {&hf_tcpclv4_xfer_total_len, {"Expected Total Length", "tcpcl.v4.xfer.total_len", FT_UINT64, BASE_DEC, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
411 // XFER_SEGMENT fields
412 {&hf_tcpclv4_xfer_segment_extlist_len, {"Extension Items Length", "tcpcl.v4.xfer_segment.extlist_len", FT_UINT32, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
413 {&hf_tcpclv4_xfer_segment_data_len, {"Segment Length", "tcpcl.v4.xfer_segment.data_len", FT_UINT64, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
414 {&hf_tcpclv4_xfer_segment_data, {"Segment Data", "tcpcl.v4.xfer_segment.data", FT_BYTES, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
415 {&hf_tcpclv4_xfer_segment_seen_len, {"Seen Length", "tcpcl.v4.xfer_segment.seen_len", FT_UINT64, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
416 {&hf_tcpclv4_xfer_segment_related_start, {"Related XFER_SEGMENT start", "tcpcl.v4.xfer_segment.related_start", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
417 {&hf_tcpclv4_xfer_segment_time_start, {"Time since transfer Start", "tcpcl.v4.xfer_segment.time_since_start", FT_RELATIVE_TIME, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
418 {&hf_tcpclv4_xfer_segment_related_ack, {"Related XFER_ACK", "tcpcl.v4.xfer_segment.related_ack", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
419 {&hf_tcpclv4_xfer_segment_time_diff, {"Acknowledgment Time", "tcpcl.v4.xfer_segment.time_diff", FT_RELATIVE_TIME, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
420 // XFER_ACK fields
421 {&hf_tcpclv4_xfer_ack_ack_len, {"Acknowledged Length", "tcpcl.v4.xfer_ack.ack_len", FT_UINT64, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
422 {&hf_tcpclv4_xfer_ack_related_start, {"Related XFER_SEGMENT start", "tcpcl.v4.xfer_ack.related_start", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
423 {&hf_tcpclv4_xfer_ack_time_start, {"Time since transfer Start", "tcpcl.v4.xfer_ack.time_since_start", FT_RELATIVE_TIME, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
424 {&hf_tcpclv4_xfer_ack_related_seg, {"Related XFER_SEGMENT", "tcpcl.v4.xfer_ack.related_seg", FT_FRAMENUM, BASE_NONE, FRAMENUM_TYPE(FT_FRAMENUM_ACK)((gpointer) (glong) (FT_FRAMENUM_ACK)), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
425 {&hf_tcpclv4_xfer_ack_time_diff, {"Acknowledgment Time", "tcpcl.v4.xfer_ack.time_diff", FT_RELATIVE_TIME, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
426 // XFER_REFUSE fields
427 {&hf_tcpclv4_xfer_refuse_reason, {"Reason", "tcpcl.v4.xfer_refuse.reason", FT_UINT8, BASE_DEC, VALS(v4_xfer_refuse_reason_vals)((0 ? (const struct _value_string*)0 : ((v4_xfer_refuse_reason_vals
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
428 {&hf_tcpclv4_xfer_refuse_related_seg, {"Related XFER_SEGMENT", "tcpcl.v4.xfer_refuse.related_seg", FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
429 // MSG_REJECT fields
430 {&hf_tcpclv4_msg_reject_reason, {"Reason", "tcpcl.v4.msg_reject.reason", FT_UINT8, BASE_DEC, VALS(v4_msg_reject_reason_vals)((0 ? (const struct _value_string*)0 : ((v4_msg_reject_reason_vals
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
431 {&hf_tcpclv4_msg_reject_head, {"Rejected Type", "tcpcl.v4.msg_reject.head", FT_UINT8, BASE_HEX, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
432
433 // Specific extensions
434 {&hf_tcpclv4_xferext_transferlen_total_len, {"Total Length", "tcpcl.v4.xferext.transfer_length.total_len", FT_UINT64, BASE_DEC|BASE_UNIT_STRING0x00001000, UNS(&units_octet_octets)((0 ? (const struct unit_name_string*)0 : ((&units_octet_octets
)))), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
435 // PKIX other name form
436 {&hf_othername_bundleeid, {"BundleEID", "tcpcl.v4.BundleEID", FT_STRING, BASE_NONE, NULL((void*)0), 0x0, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0)}},
437
438 {&hf_xfer_fragments,
439 {"Transfer fragments", "tcpcl.xfer.fragments",
440 FT_NONE, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
441 {&hf_xfer_fragment,
442 {"Transfer fragment", "tcpcl.xfer.fragment",
443 FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
444 {&hf_xfer_fragment_overlap,
445 {"Transfer fragment overlap", "tcpcl.xfer.fragment.overlap",
446 FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
447 {&hf_xfer_fragment_overlap_conflicts,
448 {"Transfer fragment overlapping with conflicting data",
449 "tcpcl.xfer.fragment.overlap.conflicts",
450 FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
451 {&hf_xfer_fragment_multiple_tails,
452 {"Message has multiple tail fragments",
453 "tcpcl.xfer.fragment.multiple_tails",
454 FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
455 {&hf_xfer_fragment_too_long_fragment,
456 {"Transfer fragment too long", "tcpcl.xfer.fragment.too_long_fragment",
457 FT_BOOLEAN, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
458 {&hf_xfer_fragment_error,
459 {"Transfer defragmentation error", "tcpcl.xfer.fragment.error",
460 FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
461 {&hf_xfer_fragment_count,
462 {"Transfer fragment count", "tcpcl.xfer.fragment.count",
463 FT_UINT32, BASE_DEC, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
464 {&hf_xfer_reassembled_in,
465 {"Reassembled in", "tcpcl.xfer.reassembled.in",
466 FT_FRAMENUM, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
467 {&hf_xfer_reassembled_length,
468 {"Reassembled length", "tcpcl.xfer.reassembled.length",
469 FT_UINT32, BASE_DEC, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
470 {&hf_xfer_reassembled_data,
471 {"Reassembled data", "tcpcl.xfer.reassembled.data",
472 FT_BYTES, BASE_NONE, NULL((void*)0), 0x00, NULL((void*)0), HFILL-1, 0, HF_REF_TYPE_NONE, -1, ((void*)0) } },
473
474};
475
476static int *const v3_chdr_flags[] = {
477 &hf_tcpclv3_chdr_flags_ack_req,
478 &hf_tcpclv3_chdr_flags_frag_enable,
479 &hf_tcpclv3_chdr_flags_nak,
480 NULL((void*)0)
481};
482
483static int *const v3_data_procflags[] = {
484 &hf_tcpclv3_data_procflags_start,
485 &hf_tcpclv3_data_procflags_end,
486 NULL((void*)0)
487};
488static int *const v4_chdr_flags[] = {
489 &hf_tcpclv4_chdr_flags_cantls,
490 NULL((void*)0)
491};
492static int *const v4_sess_term_flags[] = {
493 &hf_tcpclv4_sess_term_flags_reply,
494 NULL((void*)0)
495};
496static int *const v4_xfer_flags[] = {
497 &hf_tcpclv4_xfer_flags_start,
498 &hf_tcpclv4_xfer_flags_end,
499 NULL((void*)0)
500};
501static int *const v4_sessext_flags[] = {
502 &hf_tcpclv4_sessext_flags_crit,
503 NULL((void*)0)
504};
505static int *const v4_xferext_flags[] = {
506 &hf_tcpclv4_xferext_flags_crit,
507 NULL((void*)0)
508};
509
510/* Tree Node Variables */
511static int ett_proto_tcpcl;
512static int ett_chdr;
513static int ett_tcpclv3_chdr_flags;
514static int ett_tcpclv3_mhdr;
515static int ett_tcpclv3_data_procflags;
516static int ett_tcpclv3_shutdown_flags;
517static int ett_xfer_fragment;
518static int ett_xfer_fragments;
519static int ett_tcpclv4_chdr_flags;
520static int ett_tcpclv4_mhdr;
521static int ett_tcpclv4_sess_term_flags;
522static int ett_tcpclv4_xfer_flags;
523static int ett_tcpclv4_sessext;
524static int ett_tcpclv4_sessext_flags;
525static int ett_tcpclv4_sessext_data;
526static int ett_tcpclv4_xferext;
527static int ett_tcpclv4_xferext_flags;
528static int ett_tcpclv4_xferext_data;
529
530static int *ett[] = {
531 &ett_proto_tcpcl,
532 &ett_chdr,
533 &ett_tcpclv3_chdr_flags,
534 &ett_tcpclv3_mhdr,
535 &ett_tcpclv3_data_procflags,
536 &ett_tcpclv3_shutdown_flags,
537 &ett_tcpclv4_chdr_flags,
538 &ett_tcpclv4_mhdr,
539 &ett_tcpclv4_sess_term_flags,
540 &ett_tcpclv4_xfer_flags,
541 &ett_tcpclv4_sessext,
542 &ett_tcpclv4_sessext_flags,
543 &ett_tcpclv4_sessext_data,
544 &ett_tcpclv4_xferext,
545 &ett_tcpclv4_xferext_flags,
546 &ett_tcpclv4_xferext_data,
547 &ett_xfer_fragment,
548 &ett_xfer_fragments,
549};
550
551static expert_field ei_invalid_magic;
552static expert_field ei_invalid_version;
553static expert_field ei_mismatch_version;
554static expert_field ei_chdr_duplicate;
555static expert_field ei_length_clamped;
556static expert_field ei_chdr_missing;
557
558static expert_field ei_tcpclv3_eid_length;
559static expert_field ei_tcpclv3_invalid_msg_type;
560static expert_field ei_tcpclv3_data_flags;
561static expert_field ei_tcpclv3_segment_length;
562static expert_field ei_tcpclv3_ack_length;
563
564static expert_field ei_tcpclv4_invalid_msg_type;
565static expert_field ei_tcpclv4_invalid_sessext_type;
566static expert_field ei_tcpclv4_invalid_xferext_type;
567static expert_field ei_tcpclv4_extitem_critical;
568static expert_field ei_tcpclv4_sess_init_missing;
569static expert_field ei_tcpclv4_sess_init_duplicate;
570static expert_field ei_tcpclv4_sess_term_duplicate;
571static expert_field ei_tcpclv4_sess_term_reply_flag;
572static expert_field ei_tcpclv4_xfer_seg_over_seg_mru;
573static expert_field ei_tcpclv4_xfer_seg_missing_start;
574static expert_field ei_tcpclv4_xfer_seg_duplicate_start;
575static expert_field ei_tcpclv4_xfer_seg_missing_end;
576static expert_field ei_tcpclv4_xfer_seg_duplicate_end;
577static expert_field ei_tcpclv4_xfer_seg_no_relation;
578static expert_field ei_xfer_seg_over_total_len;
579static expert_field ei_xfer_mismatch_total_len;
580static expert_field ei_xfer_ack_mismatch_flags;
581static expert_field ei_xfer_ack_no_relation;
582static expert_field ei_tcpclv4_xfer_refuse_no_transfer;
583static expert_field ei_tcpclv4_xferload_over_xfer_mru;
584
585static ei_register_info ei_tcpcl[] = {
586 {&ei_invalid_magic, { "tcpcl.invalid_contact_magic", PI_PROTOCOL0x09000000, PI_ERROR0x00800000, "Magic string is invalid", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
587 {&ei_invalid_version, { "tcpcl.invalid_contact_version", PI_PROTOCOL0x09000000, PI_ERROR0x00800000, "Protocol version not handled", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
588 {&ei_mismatch_version, { "tcpcl.mismatch_contact_version", PI_PROTOCOL0x09000000, PI_ERROR0x00800000, "Protocol version mismatch", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
589 {&ei_chdr_duplicate, { "tcpcl.contact_duplicate", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Duplicate Contact Header", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
590 {&ei_length_clamped, { "tcpcl.length_clamped", PI_UNDECODED0x05000000, PI_ERROR0x00800000, "Length too large for Wireshark to handle", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
591 {&ei_chdr_missing, { "tcpcl.contact_missing", PI_ASSUMPTION0x0d000000, PI_NOTE0x00400000, "Contact Header is missing, TCPCL version is implied", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
592
593 {&ei_tcpclv3_eid_length, { "tcpcl.eid_length_invalid", PI_PROTOCOL0x09000000, PI_ERROR0x00800000, "Invalid EID Length", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}} }},
594 {&ei_tcpclv3_invalid_msg_type, { "tcpcl.unknown_message_type", PI_UNDECODED0x05000000, PI_ERROR0x00800000, "Message type is unknown", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
595 {&ei_tcpclv3_data_flags, { "tcpcl.data.flags.invalid", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Invalid TCP CL Data Segment Flags", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}} }},
596 {&ei_tcpclv3_segment_length, { "tcpcl.data.length.invalid", PI_PROTOCOL0x09000000, PI_ERROR0x00800000, "Invalid Data Length", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}} }},
597 {&ei_tcpclv3_ack_length, { "tcpcl.ack.length.error", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Ack Length: Error", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}} }},
598
599 {&ei_tcpclv4_invalid_msg_type, { "tcpcl.v4.unknown_message_type", PI_UNDECODED0x05000000, PI_ERROR0x00800000, "Message type is unknown", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
600 {&ei_tcpclv4_invalid_sessext_type, { "tcpcl.v4.unknown_sessext_type", PI_UNDECODED0x05000000, PI_WARN0x00600000, "Session Extension type is unknown", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
601 {&ei_tcpclv4_invalid_xferext_type, { "tcpcl.v4.unknown_xferext_type", PI_UNDECODED0x05000000, PI_WARN0x00600000, "Transfer Extension type is unknown", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
602 {&ei_tcpclv4_extitem_critical, { "tcpcl.v4.extitem_critical", PI_REQUEST_CODE0x04000000, PI_CHAT0x00200000, "Extension Item is critical", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
603 {&ei_tcpclv4_sess_init_missing, { "tcpcl.v4.sess_init_missing", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Expected SESS_INIT message first", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
604 {&ei_tcpclv4_sess_init_duplicate, { "tcpcl.v4.sess_init_duplicate", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Duplicate SESS_INIT message", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
605 {&ei_tcpclv4_sess_term_duplicate, { "tcpcl.v4.sess_term_duplicate", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Duplicate SESS_TERM message", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
606 {&ei_tcpclv4_sess_term_reply_flag, { "tcpcl.v4.sess_term_reply_flag", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Reply SESS_TERM missing flag", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
607 {&ei_tcpclv4_xfer_seg_over_seg_mru, { "tcpcl.v4.xfer_seg_over_seg_mru", PI_PROTOCOL0x09000000, PI_WARN0x00600000, "Segment data size larger than peer MRU", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
608 {&ei_tcpclv4_xfer_seg_missing_start, { "tcpcl.v4.xfer_seg_missing_start", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "First XFER_SEGMENT is missing START flag", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
609 {&ei_tcpclv4_xfer_seg_duplicate_start, { "tcpcl.v4.xfer_seg_duplicate_start", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Non-first XFER_SEGMENT has START flag", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
610 {&ei_tcpclv4_xfer_seg_missing_end, { "tcpcl.v4.xfer_seg_missing_end", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Last XFER_SEGMENT is missing END flag", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
611 {&ei_tcpclv4_xfer_seg_duplicate_end, { "tcpcl.v4.xfer_seg_duplicate_end", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Non-last XFER_SEGMENT has END flag", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
612 {&ei_tcpclv4_xfer_seg_no_relation, { "tcpcl.v4.xfer_seg_no_relation", PI_SEQUENCE0x02000000, PI_NOTE0x00400000, "XFER_SEGMENT has no related XFER_ACK", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
613 {&ei_tcpclv4_xfer_refuse_no_transfer, { "tcpcl.v4.xfer_refuse_no_transfer", PI_SEQUENCE0x02000000, PI_NOTE0x00400000, "XFER_REFUSE has no related XFER_SEGMENT(s)", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
614 {&ei_tcpclv4_xferload_over_xfer_mru, { "tcpcl.v4.xferload_over_xfer_mru", PI_SEQUENCE0x02000000, PI_NOTE0x00400000, "Transfer larger than peer MRU", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
615 {&ei_xfer_seg_over_total_len, { "tcpcl.xfer_seg_over_total_len", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "XFER_SEGMENT has accumulated length beyond the Transfer Length extension", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
616 {&ei_xfer_mismatch_total_len, { "tcpcl.xfer_mismatch_total_len", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "Transfer has total length different than the Transfer Length extension", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
617 {&ei_xfer_ack_mismatch_flags, { "tcpcl.xfer_ack_mismatch_flags", PI_SEQUENCE0x02000000, PI_ERROR0x00800000, "XFER_ACK does not have flags matching XFER_SEGMENT", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
618 {&ei_xfer_ack_no_relation, { "tcpcl.xfer_ack_no_relation", PI_SEQUENCE0x02000000, PI_NOTE0x00400000, "XFER_ACK has no related XFER_SEGMENT", EXPFILL0, ((void*)0), 0, ((void*)0), {0, {((void*)0), ((void*)0), FT_NONE
, BASE_NONE, ((void*)0), 0, ((void*)0), -1, 0, HF_REF_TYPE_NONE
, -1, ((void*)0)}}}},
619};
620
621static const fragment_items xfer_frag_items = {
622 /*Fragment subtrees*/
623 &ett_xfer_fragment,
624 &ett_xfer_fragments,
625 /*Fragment Fields*/
626 &hf_xfer_fragments,
627 &hf_xfer_fragment,
628 &hf_xfer_fragment_overlap,
629 &hf_xfer_fragment_overlap_conflicts,
630 &hf_xfer_fragment_multiple_tails,
631 &hf_xfer_fragment_too_long_fragment,
632 &hf_xfer_fragment_error,
633 &hf_xfer_fragment_count,
634 /*Reassembled in field*/
635 &hf_xfer_reassembled_in,
636 /*Reassembled length field*/
637 &hf_xfer_reassembled_length,
638 /* Reassembled data field */
639 &hf_xfer_reassembled_data,
640 /*Tag*/
641 "Transfer fragments"
642};
643
644static unsigned tvb_get_sdnv(tvbuff_t *tvb, unsigned offset, uint64_t *value) {
645 return tvb_get_varint(tvb, offset, FT_VARINT_MAX_LEN10, value, ENC_VARINT_SDNV0x00000010);
646}
647
648static void tcpcl_frame_loc_init(tcpcl_frame_loc_t *loc, const packet_info *pinfo, tvbuff_t *tvb, const int offset) {
649 loc->frame_num = pinfo->num;
650 // This is a messy way to determine the index,
651 // but no other public functions allow determining how two TVB are related
652 loc->src_ix = -1;
653 for(GSList *srcit = pinfo->data_src; srcit != NULL((void*)0); srcit = g_slist_next(srcit)((srcit) ? (((GSList *)(srcit))->next) : ((void*)0))) {
654 ++(loc->src_ix);
655 struct data_source *src = srcit->data;
656 if (get_data_source_tvb(src)->real_data == tvb->real_data) {
657 break;
658 }
659 }
660 loc->raw_offset = tvb_raw_offset(tvb) + offset;
661}
662
663/** Construct a new object on the file allocator.
664 */
665static tcpcl_frame_loc_t * tcpcl_frame_loc_new(wmem_allocator_t *alloc, const packet_info *pinfo, tvbuff_t *tvb, const int offset) {
666 tcpcl_frame_loc_t *obj = wmem_new(alloc, tcpcl_frame_loc_t)((tcpcl_frame_loc_t*)wmem_alloc((alloc), sizeof(tcpcl_frame_loc_t
)));
667 tcpcl_frame_loc_init(obj, pinfo, tvb, offset);
668 return obj;
669}
670
671/** Construct a new object on the file allocator.
672 */
673static tcpcl_frame_loc_t * tcpcl_frame_loc_clone(wmem_allocator_t *alloc, const tcpcl_frame_loc_t *loc) {
674 tcpcl_frame_loc_t *obj = wmem_new(alloc, tcpcl_frame_loc_t)((tcpcl_frame_loc_t*)wmem_alloc((alloc), sizeof(tcpcl_frame_loc_t
)));
675 *obj = *loc;
676 return obj;
677}
678
679#define tcpcl_frame_loc_freewmem_free wmem_free
680
681/** Function to match the GCompareDataFunc signature.
682 */
683static int tcpcl_frame_loc_compare(const void *a, const void *b, void *user_data _U___attribute__((unused))) {
684 const tcpcl_frame_loc_t *aloc = a;
685 const tcpcl_frame_loc_t *bloc = b;
686
687 if (aloc->frame_num < bloc->frame_num) {
688 return -1;
689 }
690 else if (aloc->frame_num > bloc->frame_num) {
691 return 1;
692 }
693
694 if (aloc->raw_offset < bloc->raw_offset) {
695 return -1;
696 }
697 else if (aloc->raw_offset > bloc->raw_offset) {
698 return 1;
699 }
700 return 0;
701}
702
703/** Function to match the GCompareFunc signature.
704 */
705static gboolean tcpcl_frame_loc_equal(const void *a, const void *b) {
706 const tcpcl_frame_loc_t *aobj = a;
707 const tcpcl_frame_loc_t *bobj = b;
708 return (
709 (aobj->frame_num == bobj->frame_num)
710 && (aobj->raw_offset == bobj->raw_offset)
711 );
712}
713
714/** Function to match the GHashFunc signature.
715 */
716static unsigned tcpcl_frame_loc_hash(const void *key) {
717 const tcpcl_frame_loc_t *obj = key;
718 return (
719 g_int_hash(&(obj->frame_num))
720 ^ g_int_hash(&(obj->raw_offset))
721 );
722}
723
724struct tcpcl_ack_meta;
725typedef struct tcpcl_ack_meta tcpcl_ack_meta_t;
726struct tcpcl_seg_meta;
727typedef struct tcpcl_seg_meta tcpcl_seg_meta_t;
728
729struct tcpcl_seg_meta {
730 /// Location associated with this metadata
731 tcpcl_frame_loc_t frame_loc;
732 /// Timestamp on the frame (end time if reassembled)
733 nstime_t frame_time;
734 /// Copy of message flags
735 uint8_t flags;
736 /// Total transfer length including this segment
737 uint64_t seen_len;
738
739 /// Potential related start segment
740 tcpcl_seg_meta_t *related_start;
741 /// Potential related XFER_ACK
742 tcpcl_ack_meta_t *related_ack;
743};
744
745static tcpcl_seg_meta_t * tcpcl_seg_meta_new(const packet_info *pinfo, const tcpcl_frame_loc_t *loc) {
746 tcpcl_seg_meta_t *obj = wmem_new(wmem_file_scope(), tcpcl_seg_meta_t)((tcpcl_seg_meta_t*)wmem_alloc((wmem_file_scope()), sizeof(tcpcl_seg_meta_t
)));
747 obj->frame_loc = *loc;
748 obj->frame_time = pinfo->abs_ts;
749 obj->flags = 0;
750 obj->seen_len = 0;
751 obj->related_start = NULL((void*)0);
752 obj->related_ack = NULL((void*)0);
753 return obj;
754}
755
756static void tcpcl_seg_meta_free(tcpcl_seg_meta_t *obj) {
757 wmem_free(wmem_file_scope(), obj);
758}
759
760/** Function to match the GCompareFunc signature.
761 */
762static int tcpcl_seg_meta_compare_loc(const void *a, const void *b) {
763 return tcpcl_frame_loc_compare(
764 &(((tcpcl_seg_meta_t *)a)->frame_loc),
765 &(((tcpcl_seg_meta_t *)b)->frame_loc),
766 NULL((void*)0)
767 );
768}
769
770struct tcpcl_ack_meta {
771 /// Location associated with this metadata
772 tcpcl_frame_loc_t frame_loc;
773 /// Timestamp on the frame (end time if reassembled)
774 nstime_t frame_time;
775 /// Copy of message flags
776 uint8_t flags;
777 /// Total acknowledged length including this ack
778 uint64_t seen_len;
779
780 /// Potential related start segment
781 tcpcl_seg_meta_t *related_start;
782 /// Potential related XFER_SEGMENT
783 tcpcl_seg_meta_t *related_seg;
784};
785
786static tcpcl_ack_meta_t * tcpcl_ack_meta_new(const packet_info *pinfo, const tcpcl_frame_loc_t *loc) {
787 tcpcl_ack_meta_t *obj = wmem_new(wmem_file_scope(), tcpcl_ack_meta_t)((tcpcl_ack_meta_t*)wmem_alloc((wmem_file_scope()), sizeof(tcpcl_ack_meta_t
)));
788 obj->frame_loc = *loc;
789 obj->frame_time = pinfo->abs_ts;
790 obj->flags = 0;
791 obj->seen_len = 0;
792 obj->related_start = NULL((void*)0);
793 obj->related_seg = NULL((void*)0);
794 return obj;
795}
796
797static void tcpcl_ack_meta_free(tcpcl_ack_meta_t *obj) {
798 wmem_free(wmem_file_scope(), obj);
799}
800
801/** Function to match the GCompareFunc signature.
802 */
803static int tcpcl_ack_meta_compare_loc(const void *a, const void *b) {
804 return tcpcl_frame_loc_compare(
805 &(((tcpcl_seg_meta_t *)a)->frame_loc),
806 &(((tcpcl_seg_meta_t *)b)->frame_loc),
807 NULL((void*)0)
808 );
809}
810
811static tcpcl_transfer_t * tcpcl_transfer_new(void) {
812 tcpcl_transfer_t *obj = wmem_new(wmem_file_scope(), tcpcl_transfer_t)((tcpcl_transfer_t*)wmem_alloc((wmem_file_scope()), sizeof(tcpcl_transfer_t
)));
813 obj->seg_list = wmem_list_new(wmem_file_scope());
814 obj->ack_list = wmem_list_new(wmem_file_scope());
815 obj->total_length = NULL((void*)0);
816 return obj;
817}
818
819static tcpcl_transfer_t * get_or_create_transfer_t(wmem_map_t *table, const uint64_t xfer_id) {
820 tcpcl_transfer_t *xfer = wmem_map_lookup(table, &xfer_id);
821 if (!xfer) {
822 uint64_t *key = wmem_new(wmem_file_scope(), uint64_t)((uint64_t*)wmem_alloc((wmem_file_scope()), sizeof(uint64_t))
);
823 *key = xfer_id;
824 xfer = tcpcl_transfer_new();
825 wmem_map_insert(table, key, xfer);
826 }
827 return xfer;
828}
829
830static tcpcl_peer_t * tcpcl_peer_new(void) {
831 tcpcl_peer_t *obj = wmem_new0(wmem_file_scope(), tcpcl_peer_t)((tcpcl_peer_t*)wmem_alloc0((wmem_file_scope()), sizeof(tcpcl_peer_t
)));
832 clear_address(&(obj->addr));
833 obj->frame_loc_to_transfer = wmem_map_new(wmem_file_scope(), tcpcl_frame_loc_hash, tcpcl_frame_loc_equal);
834 obj->transfers = wmem_map_new(wmem_file_scope(), g_int64_hash, g_int64_equal);
835 return obj;
836}
837
838static void tcpcl_peer_associate_transfer(tcpcl_peer_t *peer, const tcpcl_frame_loc_t *loc, const uint64_t xfer_id) {
839 void * *xfer = wmem_map_lookup(peer->frame_loc_to_transfer, loc);
840 if (!xfer) {
841 tcpcl_frame_loc_t *key = tcpcl_frame_loc_clone(wmem_file_scope(), loc);
842 uint64_t *val = wmem_new(wmem_file_scope(), uint64_t)((uint64_t*)wmem_alloc((wmem_file_scope()), sizeof(uint64_t))
);
843 *val = xfer_id;
844 wmem_map_insert(peer->frame_loc_to_transfer, key, val);
845 }
846}
847
848static tcpcl_conversation_t * tcpcl_conversation_new(void) {
849 tcpcl_conversation_t *obj = wmem_new0(wmem_file_scope(), tcpcl_conversation_t)((tcpcl_conversation_t*)wmem_alloc0((wmem_file_scope()), sizeof
(tcpcl_conversation_t)));
850 obj->active = tcpcl_peer_new();
851 obj->passive = tcpcl_peer_new();
852 return obj;
853}
854
855tcpcl_dissect_ctx_t * tcpcl_dissect_ctx_get(tvbuff_t *tvb, packet_info *pinfo, const int offset) {
856 conversation_t *convo = find_or_create_conversation(pinfo);
857 tcpcl_conversation_t *tcpcl_convo = (tcpcl_conversation_t *)conversation_get_proto_data(convo, proto_tcpcl);
858 if (!tcpcl_convo) {
859 return NULL((void*)0);
860 }
861 tcpcl_dissect_ctx_t *ctx = wmem_new0(pinfo->pool, tcpcl_dissect_ctx_t)((tcpcl_dissect_ctx_t*)wmem_alloc0((pinfo->pool), sizeof(tcpcl_dissect_ctx_t
)));
862 ctx->convo = tcpcl_convo;
863 ctx->cur_loc = tcpcl_frame_loc_new(pinfo->pool, pinfo, tvb, offset);
864
865 const bool_Bool src_is_active = (
866 addresses_equal(&(ctx->convo->active->addr), &(pinfo->src))
867 && (ctx->convo->active->port == pinfo->srcport)
868 );
869 if (src_is_active) {
870 ctx->tx_peer = ctx->convo->active;
871 ctx->rx_peer = ctx->convo->passive;
872 }
873 else {
874 ctx->tx_peer = ctx->convo->passive;
875 ctx->rx_peer = ctx->convo->active;
876 }
877
878 ctx->is_contact = (
879 !(ctx->tx_peer->chdr_missing)
880 && (
881 !(ctx->tx_peer->chdr_seen)
882 || tcpcl_frame_loc_equal(ctx->tx_peer->chdr_seen, ctx->cur_loc)
883 )
884 );
885
886 return ctx;
887}
888
889static void set_chdr_missing(tcpcl_peer_t *peer, uint8_t version) {
890 peer->chdr_missing = true1;
891 peer->version = version;
892 // assumed parameters
893 peer->segment_mru = UINT64_MAX(18446744073709551615UL);
894 peer->transfer_mru = UINT64_MAX(18446744073709551615UL);
895}
896
897
898static void try_negotiate(tcpcl_dissect_ctx_t *ctx, packet_info *pinfo) {
899 if (!(ctx->convo->contact_negotiated)
900 && (ctx->convo->active->chdr_seen)
901 && (ctx->convo->passive->chdr_seen)) {
902 ctx->convo->session_use_tls = (
903 ctx->convo->active->can_tls & ctx->convo->passive->can_tls
904 );
905 ctx->convo->contact_negotiated = true1;
906
907 if (ctx->convo->session_use_tls
908 && (!(ctx->convo->session_tls_start))) {
909 col_append_str(pinfo->cinfo, COL_INFO, " [STARTTLS]");
910 ctx->convo->session_tls_start = tcpcl_frame_loc_clone(wmem_file_scope(), ctx->cur_loc);
911 ssl_starttls_ack(tls_handle, pinfo, tcpcl_handle);
912 }
913 }
914
915 if (!(ctx->convo->sess_negotiated)
916 && (ctx->convo->active->sess_init_seen)
917 && (ctx->convo->passive->sess_init_seen)) {
918 ctx->convo->sess_keepalive = MIN((((ctx->convo->active->keepalive) < (ctx->convo
->passive->keepalive)) ? (ctx->convo->active->
keepalive) : (ctx->convo->passive->keepalive))
919 ctx->convo->active->keepalive,(((ctx->convo->active->keepalive) < (ctx->convo
->passive->keepalive)) ? (ctx->convo->active->
keepalive) : (ctx->convo->passive->keepalive))
920 ctx->convo->passive->keepalive(((ctx->convo->active->keepalive) < (ctx->convo
->passive->keepalive)) ? (ctx->convo->active->
keepalive) : (ctx->convo->passive->keepalive))
921 )(((ctx->convo->active->keepalive) < (ctx->convo
->passive->keepalive)) ? (ctx->convo->active->
keepalive) : (ctx->convo->passive->keepalive));
922 ctx->convo->sess_negotiated = true1;
923
924 }
925}
926
927typedef struct {
928 // key type for addresses_ports_reassembly_table_functions
929 void *addr_port;
930 // TCPCL ID
931 uint64_t xfer_id;
932} tcpcl_fragment_key_t;
933
934static unsigned fragment_key_hash(const void *ptr) {
935 const tcpcl_fragment_key_t *obj = (const tcpcl_fragment_key_t *)ptr;
936 return (
937 addresses_ports_reassembly_table_functions.hash_func(obj->addr_port)
938 ^ g_int64_hash(&(obj->xfer_id))
939 );
940}
941
942static gboolean fragment_key_equal(const void *ptrA, const void *ptrB) {
943 const tcpcl_fragment_key_t *objA = (const tcpcl_fragment_key_t *)ptrA;
944 const tcpcl_fragment_key_t *objB = (const tcpcl_fragment_key_t *)ptrB;
945 return (
946 addresses_ports_reassembly_table_functions.equal_func(objA->addr_port, objB->addr_port)
947 && (objA->xfer_id == objB->xfer_id)
948 );
949}
950
951static void *fragment_key_temporary(const packet_info *pinfo, const uint32_t id, const void *data) {
952 tcpcl_fragment_key_t *obj = g_slice_new(tcpcl_fragment_key_t)((tcpcl_fragment_key_t*) g_slice_alloc (sizeof (tcpcl_fragment_key_t
)));
953 obj->addr_port = addresses_ports_reassembly_table_functions.temporary_key_func(pinfo, id, NULL((void*)0));
954 obj->xfer_id = *((const uint64_t *)data);
955 return (void *)obj;
956}
957
958static void *fragment_key_persistent(const packet_info *pinfo, const uint32_t id, const void *data) {
959 tcpcl_fragment_key_t *obj = g_slice_new(tcpcl_fragment_key_t)((tcpcl_fragment_key_t*) g_slice_alloc (sizeof (tcpcl_fragment_key_t
)));
960 obj->addr_port = addresses_ports_reassembly_table_functions.persistent_key_func(pinfo, id, NULL((void*)0));
961 obj->xfer_id = *((const uint64_t *)data);
962 return (void *)obj;
963}
964
965static void fragment_key_free_temporary(void *ptr) {
966 tcpcl_fragment_key_t *obj = (tcpcl_fragment_key_t *)ptr;
967 if (obj) {
968 addresses_ports_reassembly_table_functions.free_temporary_key_func(obj->addr_port);
969 g_slice_free(tcpcl_fragment_key_t, obj)do { if (1) g_slice_free1 (sizeof (tcpcl_fragment_key_t), (obj
)); else (void) ((tcpcl_fragment_key_t*) 0 == (obj)); } while
(0);
970 }
971}
972
973static void fragment_key_free_persistent(void *ptr) {
974 tcpcl_fragment_key_t *obj = (tcpcl_fragment_key_t *)ptr;
975 if (obj) {
976 addresses_ports_reassembly_table_functions.free_persistent_key_func(obj->addr_port);
977 g_slice_free(tcpcl_fragment_key_t, obj)do { if (1) g_slice_free1 (sizeof (tcpcl_fragment_key_t), (obj
)); else (void) ((tcpcl_fragment_key_t*) 0 == (obj)); } while
(0);
978 }
979}
980
981static reassembly_table_functions xfer_reassembly_table_functions = {
982 fragment_key_hash,
983 fragment_key_equal,
984 fragment_key_temporary,
985 fragment_key_persistent,
986 fragment_key_free_temporary,
987 fragment_key_free_persistent
988};
989
990/** Record metadata about one segment in a transfer.
991 */
992static void transfer_add_segment(tcpcl_dissect_ctx_t *ctx, uint64_t xfer_id, uint8_t flags,
993 uint64_t data_len,
994 packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree_msg,
995 proto_item *item_msg, proto_item *item_flags) {
996 tcpcl_transfer_t *xfer = get_or_create_transfer_t(ctx->tx_peer->transfers, xfer_id);
997
998 uint8_t flag_start, flag_end;
999 if (ctx->tx_peer->version == 3) {
1000 flag_start = TCPCLV3_DATA_START_FLAG;
1001 flag_end = TCPCLV3_DATA_END_FLAG;
1002 }
1003 else {
1004 flag_start = TCPCLV4_TRANSFER_FLAG_START;
1005 flag_end = TCPCLV4_TRANSFER_FLAG_END;
1006 }
1007
1008 // Add or get the segment metadata
1009 tcpcl_seg_meta_t *seg_meta = tcpcl_seg_meta_new(pinfo, ctx->cur_loc);
1010 wmem_list_frame_t *frm = wmem_list_find_custom(xfer->seg_list, seg_meta, tcpcl_seg_meta_compare_loc);
1011 if (frm) {
1012 tcpcl_seg_meta_free(seg_meta);
1013 seg_meta = wmem_list_frame_data(frm);
1014 }
1015 else {
1016 frm = wmem_list_insert_sorted(xfer->seg_list, seg_meta, tcpcl_seg_meta_compare_loc);
1017 // Set for new item
1018 seg_meta->flags = flags;
1019 }
1020
1021 // mark start-of-transfer
1022 if (!(seg_meta->related_start)) {
1023 wmem_list_frame_t *frm_front = wmem_list_head(xfer->seg_list);
1024 tcpcl_seg_meta_t *seg_front = frm_front ? wmem_list_frame_data(frm_front) : NULL((void*)0);
1025 if (seg_front && (seg_front->flags & flag_start)) {
1026 seg_meta->related_start = seg_front;
1027 }
1028 }
1029
1030 // accumulate segment sizes
1031 uint64_t prev_seen_len;
1032 wmem_list_frame_t *frm_prev = wmem_list_frame_prev(frm);
1033 if (!frm_prev) {
1034 if (!(flags & flag_start)) {
1035 expert_add_info(pinfo, item_flags, &ei_tcpclv4_xfer_seg_missing_start);
1036 }
1037 prev_seen_len = 0;
1038 }
1039 else {
1040 const tcpcl_seg_meta_t *seg_prev = wmem_list_frame_data(frm_prev);
1041 if (flags & flag_start) {
1042 expert_add_info(pinfo, item_flags, &ei_tcpclv4_xfer_seg_duplicate_start);
1043 }
1044 prev_seen_len = seg_prev->seen_len;
1045 }
1046 wmem_list_frame_t *frm_next = wmem_list_frame_next(frm);
1047 if (!frm_next) {
1048 if (!(flags & flag_end)) {
1049 expert_add_info(pinfo, item_flags, &ei_tcpclv4_xfer_seg_missing_end);
1050 }
1051 }
1052 else {
1053 if (flags & flag_end) {
1054 expert_add_info(pinfo, item_flags, &ei_tcpclv4_xfer_seg_duplicate_end);
1055 }
1056 }
1057 seg_meta->seen_len = prev_seen_len + data_len;
1058
1059 proto_item *item_seen = proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_segment_seen_len, tvb, 0, 0, seg_meta->seen_len);
1060 proto_item_set_generated(item_seen);
1061 if (seg_meta->seen_len > ctx->rx_peer->transfer_mru) {
1062 expert_add_info(pinfo, item_seen, &ei_tcpclv4_xferload_over_xfer_mru);
1063 }
1064 if (xfer->total_length) {
1065 if (seg_meta->seen_len > *(xfer->total_length)) {
1066 expert_add_info(pinfo, item_seen, &ei_xfer_seg_over_total_len);
1067 }
1068 else if ((flags & flag_end)
1069 && (seg_meta->seen_len != *(xfer->total_length))) {
1070 expert_add_info(pinfo, item_seen, &ei_xfer_mismatch_total_len);
1071 }
1072 proto_item *item_total = proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_total_len, tvb, 0, 0, *(xfer->total_length));
1073 proto_item_set_generated(item_total);
1074 }
1075
1076 if (seg_meta->related_ack) {
1077 proto_item *item_rel = proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_segment_related_ack, tvb, 0, 0, seg_meta->related_ack->frame_loc.frame_num);
1078 proto_item_set_generated(item_rel);
1079
1080 nstime_t td;
1081 nstime_delta(&td, &(seg_meta->related_ack->frame_time), &(seg_meta->frame_time));
1082 proto_item *item_td = proto_tree_add_time(tree_msg, hf_tcpclv4_xfer_segment_time_diff, tvb, 0, 0, &td);
1083 proto_item_set_generated(item_td);
1084
1085 }
1086 else {
1087 expert_add_info(pinfo, item_msg, &ei_tcpclv4_xfer_seg_no_relation);
1088 }
1089 if (seg_meta->related_start && (seg_meta->related_start != seg_meta)) {
1090 proto_item *item_rel = proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_segment_related_start, tvb, 0, 0, seg_meta->related_start->frame_loc.frame_num);
1091 proto_item_set_generated(item_rel);
1092
1093 nstime_t td;
1094 nstime_delta(&td, &(seg_meta->frame_time), &(seg_meta->related_start->frame_time));
1095 proto_item *item_td = proto_tree_add_time(tree_msg, hf_tcpclv4_xfer_segment_time_start, tvb, 0, 0, &td);
1096 proto_item_set_generated(item_td);
1097 }
1098}
1099
1100static void transfer_add_ack(tcpcl_dissect_ctx_t *ctx, uint64_t xfer_id, uint8_t flags,
1101 uint64_t ack_len,
1102 packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree_msg,
1103 proto_item *item_msg, proto_item *item_flags) {
1104 tcpcl_transfer_t *xfer = get_or_create_transfer_t(ctx->rx_peer->transfers, xfer_id);
1105
1106 // Add or get the ack metadata
1107 tcpcl_ack_meta_t *ack_meta = tcpcl_ack_meta_new(pinfo, ctx->cur_loc);
1108 wmem_list_frame_t *frm = wmem_list_find_custom(xfer->ack_list, ack_meta, tcpcl_ack_meta_compare_loc);
1109 if (frm) {
1110 tcpcl_ack_meta_free(ack_meta);
1111 ack_meta = wmem_list_frame_data(frm);
1112 }
1113 else {
1114 frm = wmem_list_insert_sorted(xfer->ack_list, ack_meta, tcpcl_ack_meta_compare_loc);
Value stored to 'frm' is never read
1115 // Set for new item
1116 ack_meta->flags = flags;
1117 ack_meta->seen_len = ack_len;
1118 }
1119
1120 // mark start-of-transfer
1121 if (!(ack_meta->related_start)) {
1122 wmem_list_frame_t *frm_front = wmem_list_head(xfer->seg_list);
1123 tcpcl_seg_meta_t *seg_front = frm_front ? wmem_list_frame_data(frm_front) : NULL((void*)0);
1124 if (seg_front && (seg_front->flags & TCPCLV4_TRANSFER_FLAG_START)) {
1125 ack_meta->related_start = seg_front;
1126 }
1127 }
1128
1129 // Assemble both of the links here, as ACK will always follow segment
1130 if (!(ack_meta->related_seg)) {
1131 wmem_list_frame_t *seg_iter = wmem_list_head(xfer->seg_list);
1132 for (; seg_iter; seg_iter = wmem_list_frame_next(seg_iter)) {
1133 tcpcl_seg_meta_t *seg_meta = wmem_list_frame_data(seg_iter);
1134 if (seg_meta->seen_len == ack_meta->seen_len) {
1135 seg_meta->related_ack = ack_meta;
1136 ack_meta->related_seg = seg_meta;
1137 }
1138 }
1139 }
1140
1141 if (xfer->total_length) {
1142 proto_item *item_total = proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_total_len, tvb, 0, 0, *(xfer->total_length));
1143 proto_item_set_generated(item_total);
1144 }
1145 if (ack_meta->related_seg) {
1146 proto_item *item_rel = proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_ack_related_seg, tvb, 0, 0, ack_meta->related_seg->frame_loc.frame_num);
1147 proto_item_set_generated(item_rel);
1148
1149 nstime_t td;
1150 nstime_delta(&td, &(ack_meta->frame_time), &(ack_meta->related_seg->frame_time));
1151 proto_item *item_td = proto_tree_add_time(tree_msg, hf_tcpclv4_xfer_ack_time_diff, tvb, 0, 0, &td);
1152 proto_item_set_generated(item_td);
1153
1154 if (item_flags && (ack_meta->flags != ack_meta->related_seg->flags)) {
1155 expert_add_info(pinfo, item_flags, &ei_xfer_ack_mismatch_flags);
1156 }
1157 }
1158 else {
1159 expert_add_info(pinfo, item_msg, &ei_xfer_ack_no_relation);
1160 }
1161 if (ack_meta->related_start) {
1162 proto_item *item_rel = proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_ack_related_start, tvb, 0, 0, ack_meta->related_start->frame_loc.frame_num);
1163 proto_item_set_generated(item_rel);
1164
1165 nstime_t td;
1166 nstime_delta(&td, &(ack_meta->frame_time), &(ack_meta->related_start->frame_time));
1167 proto_item *item_td = proto_tree_add_time(tree_msg, hf_tcpclv4_xfer_ack_time_start, tvb, 0, 0, &td);
1168 proto_item_set_generated(item_td);
1169 }
1170}
1171
1172static void transfer_add_refuse(tcpcl_dissect_ctx_t *ctx, uint64_t xfer_id,
1173 packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree_msg,
1174 proto_item *item_msg) {
1175 const tcpcl_transfer_t *xfer = wmem_map_lookup(ctx->rx_peer->transfers, &xfer_id);
1176 const tcpcl_seg_meta_t *seg_last = NULL((void*)0);
1177 if (xfer) {
1178 wmem_list_frame_t *seg_iter = wmem_list_tail(xfer->seg_list);
1179 seg_iter = seg_iter ? wmem_list_frame_prev(seg_iter) : NULL((void*)0);
1180 seg_last = seg_iter ? wmem_list_frame_data(seg_iter) : NULL((void*)0);
1181 }
1182
1183 if (seg_last) {
1184 proto_item *item_rel = proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_refuse_related_seg, tvb, 0, 0, seg_last->frame_loc.frame_num);
1185 proto_item_set_generated(item_rel);
1186 }
1187 else {
1188 expert_add_info(pinfo, item_msg, &ei_tcpclv4_xfer_refuse_no_transfer);
1189 }
1190}
1191
1192static int get_clamped_length(uint64_t orig, packet_info *pinfo, proto_item *item) {
1193 int clamped;
1194 if (orig > INT_MAX2147483647) {
1195 clamped = INT_MAX2147483647;
1196 if (pinfo && item) {
1197 expert_add_info(pinfo, item, &ei_length_clamped);
1198 }
1199 }
1200 else {
1201 clamped = (int) orig;
1202 }
1203 return clamped;
1204}
1205
1206static unsigned
1207get_v3_msg_len(packet_info *pinfo _U___attribute__((unused)), tvbuff_t *tvb, int offset,
1208 tcpcl_dissect_ctx_t *ctx _U___attribute__((unused)))
1209{
1210 uint64_t len;
1211 unsigned bytecount;
1212 uint8_t conv_hdr = tvb_get_uint8(tvb, offset);
1213 offset += 1;
1214 unsigned msg_len = 1;
1215
1216 switch (conv_hdr & TCPCLV3_TYPE_MASK)
1217 {
1218 case TCPCLV3_DATA_SEGMENT: {
1219 /* get length from sdnv */
1220 bytecount = tvb_get_sdnv(tvb, offset, &len);
1221 if (bytecount == 0) {
1222 return 0;
1223 }
1224 const int len_clamp = get_clamped_length(len, NULL((void*)0), NULL((void*)0));
1225 msg_len += bytecount + (unsigned)len_clamp;
1226 break;
1227 }
1228 case TCPCLV3_ACK_SEGMENT:
1229 /* get length from sdnv */
1230 bytecount = tvb_get_sdnv(tvb, offset, &len);
1231 if (bytecount == 0) {
1232 return 0;
1233 }
1234 msg_len += bytecount;
1235 break;
1236
1237 case TCPCLV3_KEEP_ALIVE:
1238 case TCPCLV3_REFUSE_BUNDLE:
1239 /* always 1 byte */
1240 break;
1241 case TCPCLV3_SHUTDOWN:
1242 if (conv_hdr & TCPCLV3_SHUTDOWN_REASON) {
1243 msg_len += 1;
1244 }
1245 if (conv_hdr & TCPCLV3_SHUTDOWN_DELAY) {
1246 msg_len += 2;
1247 }
1248 break;
1249
1250 case TCPCLV3_LENGTH:
1251 /* get length from sdnv */
1252 bytecount = tvb_get_sdnv(tvb, offset, &len);
1253 if (bytecount == 0) {
1254 return 0;
1255 }
1256 msg_len += bytecount;
1257 break;
1258
1259 default:
1260 // no known message
1261 return 0;
1262 }
1263
1264 return msg_len;
1265}
1266
1267static int
1268dissect_v3_msg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
1269 tcpcl_dissect_ctx_t *ctx)
1270{
1271 uint8_t conv_hdr;
1272 const char *msgtype_name;
1273 uint8_t refuse_bundle_hdr;
1274 int offset = 0;
1275 int sdnv_length;
1276 uint64_t segment_length;
1277 proto_item *conv_item, *sub_item;
1278 proto_tree *conv_tree, *sub_tree;
1279 uint64_t *xfer_id = NULL((void*)0);
1280 proto_item *item_xfer_id = NULL((void*)0);
1281
1282 conv_item = proto_tree_add_item(tree, hf_tcpclv3_mhdr, tvb, 0, -1, ENC_NA0x00000000);
1283 conv_tree = proto_item_add_subtree(conv_item, ett_tcpclv3_mhdr);
1284
1285 conv_hdr = tvb_get_uint8(tvb, offset);
1286 proto_tree_add_item(conv_tree, hf_tcpclv3_pkt_type, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1287
1288 msgtype_name = val_to_str_const((conv_hdr>>4)&0xF, v3_message_type_vals, "Unknown");
1289 col_append_sep_str(pinfo->cinfo, COL_INFO, NULL((void*)0), msgtype_name);
1290 proto_item_append_text(proto_tree_get_parent(conv_tree), ": %s", msgtype_name);
1291
1292 switch (conv_hdr & TCPCLV3_TYPE_MASK) {
1293 case TCPCLV3_DATA_SEGMENT: {
1294 proto_item *item_flags;
1295
1296 item_flags = proto_tree_add_bitmask(
1297 conv_tree, tvb,
1298 offset, hf_tcpclv3_data_procflags,
1299 ett_tcpclv3_data_procflags, v3_data_procflags,
1300 ENC_BIG_ENDIAN0x00000000
1301 );
1302 offset += 1;
1303
1304 /* Only Start and End flags (bits 0 & 1) are valid in Data Segment */
1305 if ((conv_hdr & ~((uint8_t)TCPCLV3_TYPE_MASK | (uint8_t)TCPCLV3_DATA_FLAGS)) != 0) {
1306 expert_add_info(pinfo, item_flags, &ei_tcpclv3_data_flags);
1307 }
1308
1309 sub_item = proto_tree_add_item_ret_varint(conv_tree, hf_tcpclv3_data_segment_length, tvb, offset, -1, ENC_VARINT_SDNV0x00000010, &segment_length, &sdnv_length);
1310 if (sdnv_length == 0) {
1311 expert_add_info(pinfo, sub_item, &ei_tcpclv3_segment_length);
1312 return 0;
1313 }
1314 offset += sdnv_length;
1315 const int data_len_clamp = get_clamped_length(segment_length, pinfo, sub_item);
1316
1317 // implied transfer ID
1318 xfer_id = wmem_map_lookup(ctx->tx_peer->frame_loc_to_transfer, ctx->cur_loc);
1319 if (!xfer_id) {
1320 xfer_id = wmem_new(pinfo->pool, uint64_t)((uint64_t*)wmem_alloc((pinfo->pool), sizeof(uint64_t)));
1321 *xfer_id = wmem_map_size(ctx->tx_peer->transfers);
1322
1323 if (conv_hdr & TCPCLV3_DATA_START_FLAG) {
1324 *xfer_id += 1;
1325 get_or_create_transfer_t(ctx->tx_peer->transfers, *xfer_id);
1326 }
1327 tcpcl_peer_associate_transfer(ctx->tx_peer, ctx->cur_loc, *xfer_id);
1328 }
1329 item_xfer_id = proto_tree_add_uint64(conv_tree, hf_tcpclv3_xfer_id, tvb, 0, 0, *xfer_id);
1330 proto_item_set_generated(item_xfer_id);
1331
1332 proto_tree_add_item(conv_tree, hf_tcpclv3_data_segment_data, tvb, offset, data_len_clamp, ENC_NA0x00000000);
1333
1334 if (tcpcl_analyze_sequence) {
1335 transfer_add_segment(ctx, *xfer_id, (conv_hdr & TCPCLV3_DATA_FLAGS), segment_length, pinfo, tvb, conv_tree, conv_item, item_flags);
1336 }
1337
1338 if (tcpcl_desegment_transfer) {
1339 // Reassemble the segments
1340 fragment_head *frag_msg;
1341 frag_msg = fragment_add_seq_next(
1342 &xfer_reassembly_table,
1343 tvb, offset,
1344 pinfo, 0, xfer_id,
1345 data_len_clamp,
1346 !(conv_hdr & TCPCLV3_DATA_END_FLAG)
1347 );
1348 ctx->xferload = process_reassembled_data(
1349 tvb, offset, pinfo,
1350 "Reassembled Transfer",
1351 frag_msg,
1352 &xfer_frag_items,
1353 NULL((void*)0),
1354 proto_tree_get_parent_tree(tree)
1355 );
1356 }
1357 offset += data_len_clamp;
1358
1359 break;
1360 }
1361 case TCPCLV3_ACK_SEGMENT: {
1362 /*No valid flags*/
1363 offset += 1;
1364
1365 sub_item = proto_tree_add_item_ret_varint(conv_tree, hf_tcpclv3_ack_length, tvb, offset, -1, ENC_VARINT_SDNV0x00000010, &segment_length, &sdnv_length);
1366 if (sdnv_length == 0) {
1367 expert_add_info(pinfo, sub_item, &ei_tcpclv3_ack_length);
1368 } else {
1369 offset += sdnv_length;
1370 }
1371
1372 // implied transfer ID
1373 xfer_id = wmem_map_lookup(ctx->rx_peer->frame_loc_to_transfer, ctx->cur_loc);
1374 if (!xfer_id) {
1375 xfer_id = wmem_new(pinfo->pool, uint64_t)((uint64_t*)wmem_alloc((pinfo->pool), sizeof(uint64_t)));
1376 *xfer_id = wmem_map_size(ctx->rx_peer->transfers);
1377
1378 tcpcl_peer_associate_transfer(ctx->rx_peer, ctx->cur_loc, *xfer_id);
1379 }
1380 item_xfer_id = proto_tree_add_uint64(conv_tree, hf_tcpclv3_xfer_id, tvb, 0, 0, *xfer_id);
1381 proto_item_set_generated(item_xfer_id);
1382
1383 if (tcpcl_analyze_sequence) {
1384 transfer_add_ack(ctx, *xfer_id, 0, segment_length, pinfo, tvb, conv_tree, conv_item, NULL((void*)0));
1385 }
1386
1387 break;
1388 }
1389 case TCPCLV3_KEEP_ALIVE:
1390 /*No valid flags in Keep Alive*/
1391 offset += 1;
1392 break;
1393
1394 case TCPCLV3_SHUTDOWN:
1395 /* Add tree for Shutdown Flags */
1396 sub_item = proto_tree_add_item(conv_tree, hf_tcpclv3_shutdown_flags, tvb,
1397 offset, 1, ENC_BIG_ENDIAN0x00000000);
1398 sub_tree = proto_item_add_subtree(sub_item, ett_tcpclv3_shutdown_flags);
1399
1400 proto_tree_add_item(sub_tree, hf_tcpclv3_shutdown_flags_reason,
1401 tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1402 proto_tree_add_item(sub_tree, hf_tcpclv3_shutdown_flags_delay,
1403 tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1404
1405 offset += 1;
1406 if (conv_hdr & TCPCLV3_SHUTDOWN_REASON) {
1407 proto_tree_add_item(conv_tree,
1408 hf_tcpclv3_shutdown_reason, tvb,
1409 offset, 1, ENC_BIG_ENDIAN0x00000000);
1410 offset += 1;
1411 }
1412 if (conv_hdr & TCPCLV3_SHUTDOWN_DELAY) {
1413 proto_tree_add_item(conv_tree,
1414 hf_tcpclv3_shutdown_delay, tvb,
1415 offset, 2, ENC_BIG_ENDIAN0x00000000);
1416 offset += 1;
1417 }
1418 break;
1419 case TCPCLV3_REFUSE_BUNDLE:
1420 /*No valid flags*/
1421 offset += 1;
1422
1423 refuse_bundle_hdr = tvb_get_uint8(tvb, offset);
1424 proto_tree_add_item(conv_tree, hf_tcpclv3_refuse_reason_code, tvb, offset, 1, ENC_BIG_ENDIAN0x00000000);
1425 offset += 1;
1426 col_set_str(pinfo->cinfo, COL_INFO, val_to_str_const((refuse_bundle_hdr>>4)&0xF, v3_refuse_reason_code, "Unknown"));
1427
1428 // implied transfer ID
1429 xfer_id = wmem_map_lookup(ctx->rx_peer->frame_loc_to_transfer, ctx->cur_loc);
1430 if (!xfer_id) {
1431 xfer_id = wmem_new(pinfo->pool, uint64_t)((uint64_t*)wmem_alloc((pinfo->pool), sizeof(uint64_t)));
1432 *xfer_id = wmem_map_size(ctx->rx_peer->transfers);
1433
1434 tcpcl_peer_associate_transfer(ctx->rx_peer, ctx->cur_loc, *xfer_id);
1435 }
1436 item_xfer_id = proto_tree_add_uint64(conv_tree, hf_tcpclv3_xfer_id, tvb, 0, 0, *xfer_id);
1437 proto_item_set_generated(item_xfer_id);
1438
1439 if (tcpcl_analyze_sequence) {
1440 transfer_add_refuse(ctx, *xfer_id, pinfo, tvb, conv_tree, conv_item);
1441 }
1442
1443 break;
1444
1445 default:
1446 expert_add_info(pinfo, proto_tree_get_parent(conv_tree), &ei_tcpclv3_invalid_msg_type);
1447 break;
1448 }
1449
1450 return offset;
1451}
1452
1453static unsigned get_v4_msg_len(packet_info *pinfo _U___attribute__((unused)), tvbuff_t *tvb, int offset,
1454 tcpcl_dissect_ctx_t *ctx _U___attribute__((unused))) {
1455 const int init_offset = offset;
1456 uint8_t msgtype = tvb_get_uint8(tvb, offset);
1457 offset += 1;
1458 switch(msgtype) {
1459 case TCPCLV4_MSGTYPE_SESS_INIT: {
1460 if (tvb_reported_length_remaining(tvb, offset) < 2 + 8 + 8 + 2) {
1461 return 0;
1462 }
1463 offset += 2 + 8 + 8;
1464 uint16_t nodeid_len = tvb_get_uint16(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1465 offset += 2;
1466 if (tvb_reported_length_remaining(tvb, offset) < nodeid_len + 4U) {
1467 return 0;
1468 }
1469 offset += nodeid_len;
1470 uint32_t extlist_len = tvb_get_uint32(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1471 offset += 4;
1472 if (ckd_add(&offset, offset, extlist_len)__builtin_add_overflow((offset), (extlist_len), (&offset)
)) {
1473 THROW(ReportedBoundsError)except_throw(1, (3), ((void*)0));
1474 }
1475 break;
1476 }
1477 case TCPCLV4_MSGTYPE_SESS_TERM: {
1478 offset += 1 + 1;
1479 break;
1480 }
1481 case TCPCLV4_MSGTYPE_XFER_SEGMENT: {
1482 if (tvb_reported_length_remaining(tvb, offset) < 1) {
1483 return 0;
1484 }
1485 uint8_t flags = tvb_get_uint8(tvb, offset);
1486 offset += 1;
1487 offset += 8;
1488 if (flags & TCPCLV4_TRANSFER_FLAG_START) {
1489 if (tvb_reported_length_remaining(tvb, offset) < 4) {
1490 return 0;
1491 }
1492 uint32_t extlist_len = tvb_get_uint32(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1493 offset += 4;
1494 if ((unsigned)tvb_reported_length_remaining(tvb, offset) < extlist_len) {
1495 return 0;
1496 }
1497 offset += extlist_len;
1498 }
1499 if (tvb_reported_length_remaining(tvb, offset) < 8) {
1500 return 0;
1501 }
1502 uint64_t data_len = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1503 offset += 8;
1504 const int data_len_clamp = get_clamped_length(data_len, NULL((void*)0), NULL((void*)0));
1505 if (ckd_add(&offset, offset, data_len_clamp)__builtin_add_overflow((offset), (data_len_clamp), (&offset
))) {
1506 THROW(ReportedBoundsError)except_throw(1, (3), ((void*)0));
1507 }
1508 break;
1509 }
1510 case TCPCLV4_MSGTYPE_XFER_ACK: {
1511 offset += 1 + 8 + 8;
1512 break;
1513 }
1514 case TCPCLV4_MSGTYPE_XFER_REFUSE: {
1515 offset += 1 + 8;
1516 break;
1517 }
1518 case TCPCLV4_MSGTYPE_KEEPALIVE: {
1519 break;
1520 }
1521 case TCPCLV4_MSGTYPE_MSG_REJECT: {
1522 offset += 1 + 1;
1523 break;
1524 }
1525 default:
1526 // no known message
1527 return 0;
1528 }
1529 return offset - init_offset;
1530}
1531
1532static int
1533dissect_v4_msg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
1534 tcpcl_dissect_ctx_t *ctx _U___attribute__((unused))) {
1535 int offset = 0;
1536 // Length of non-protocol 'payload' data in this message
1537 int payload_len = 0;
1538
1539 uint8_t msgtype = 0;
1540 const char *msgtype_name = NULL((void*)0);
1541
1542 proto_item *item_msg = proto_tree_add_item(tree, hf_tcpclv4_mhdr_tree, tvb, offset, 0, ENC_NA0x00000000);
1543 proto_tree *tree_msg = proto_item_add_subtree(item_msg, ett_tcpclv4_mhdr);
1544
1545 msgtype = tvb_get_uint8(tvb, offset);
1546 proto_tree_add_uint(tree_msg, hf_tcpclv4_mhdr_type, tvb, offset, 1, msgtype);
1547 offset += 1;
1548 msgtype_name = val_to_str(pinfo->pool, msgtype, v4_message_type_vals, "type 0x%02" PRIx32"x");
1549 wmem_strbuf_t *suffix_text = wmem_strbuf_new(pinfo->pool, NULL((void*)0));
1550
1551 switch(msgtype) {
1552 case TCPCLV4_MSGTYPE_SESS_INIT: {
1553 uint16_t keepalive = tvb_get_uint16(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1554 proto_tree_add_uint(tree_msg, hf_tcpclv4_sess_init_keepalive, tvb, offset, 2, keepalive);
1555 offset += 2;
1556
1557 uint64_t seg_mru = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1558 proto_tree_add_uint64(tree_msg, hf_tcpclv4_sess_init_seg_mru, tvb, offset, 8, seg_mru);
1559 offset += 8;
1560
1561 uint64_t xfer_mru = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1562 proto_tree_add_uint64(tree_msg, hf_tcpclv4_sess_init_xfer_mru, tvb, offset, 8, xfer_mru);
1563 offset += 8;
1564
1565 uint16_t nodeid_len = tvb_get_uint16(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1566 proto_tree_add_uint(tree_msg, hf_tcpclv4_sess_init_nodeid_len, tvb, offset, 2, nodeid_len);
1567 offset += 2;
1568
1569 {
1570 uint8_t *nodeid_data = tvb_get_string_enc(pinfo->pool, tvb, offset, nodeid_len, ENC_UTF_80x00000002);
1571 proto_tree_add_string(tree_msg, hf_tcpclv4_sess_init_nodeid_data, tvb, offset, nodeid_len, (const char *)nodeid_data);
1572 }
1573 offset += nodeid_len;
1574
1575 uint32_t extlist_len = tvb_get_uint32(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1576 proto_tree_add_uint(tree_msg, hf_tcpclv4_sess_init_extlist_len, tvb, offset, 4, extlist_len);
1577 offset += 4;
1578
1579 int extlist_offset = 0;
1580 while (extlist_offset < (int)extlist_len) {
1581 int extitem_offset = 0;
1582 proto_item *item_ext = proto_tree_add_item(tree_msg, hf_tcpclv4_sessext_tree, tvb, offset + extlist_offset, 0, ENC_NA0x00000000);
1583 proto_tree *tree_ext = proto_item_add_subtree(item_ext, ett_tcpclv4_sessext);
1584
1585 uint8_t extitem_flags = tvb_get_uint8(tvb, offset + extlist_offset + extitem_offset);
1586 proto_tree_add_bitmask(tree_ext, tvb, offset + extlist_offset + extitem_offset, hf_tcpclv4_sessext_flags, ett_tcpclv4_sessext_flags, v4_sessext_flags, ENC_BIG_ENDIAN0x00000000);
1587 extitem_offset += 1;
1588 const bool_Bool is_critical = (extitem_flags & TCPCLV4_EXTENSION_FLAG_CRITICAL);
1589 if (is_critical) {
1590 expert_add_info(pinfo, item_ext, &ei_tcpclv4_extitem_critical);
1591 }
1592
1593 uint16_t extitem_type = tvb_get_uint16(tvb, offset + extlist_offset + extitem_offset, ENC_BIG_ENDIAN0x00000000);
1594 proto_item *item_type = proto_tree_add_uint(tree_ext, hf_tcpclv4_sessext_type, tvb, offset + extlist_offset + extitem_offset, 2, extitem_type);
1595 extitem_offset += 2;
1596
1597 dissector_handle_t subdis = dissector_get_uint_handle(xfer_ext_dissectors, extitem_type);
1598 const char *subname = dissector_handle_get_description(subdis);
1599 if (subdis) {
1600 proto_item_set_text(item_type, "Item Type: %s (0x%04" PRIx16"x" ")", subname, extitem_type);
1601 }
1602
1603 uint16_t extitem_len = tvb_get_uint16(tvb, offset + extlist_offset + extitem_offset, ENC_BIG_ENDIAN0x00000000);
1604 proto_tree_add_uint(tree_ext, hf_tcpclv4_sessext_len, tvb, offset + extlist_offset + extitem_offset, 2, extitem_len);
1605 extitem_offset += 2;
1606
1607 tvbuff_t *extitem_tvb = tvb_new_subset_length(tvb, offset + extlist_offset + extitem_offset, extitem_len);
1608 proto_item *item_extdata = proto_tree_add_item(tree_ext, hf_tcpclv4_sessext_data, extitem_tvb, 0, tvb_captured_length(extitem_tvb), ENC_NA0x00000000);
1609 proto_tree *tree_extdata = proto_item_add_subtree(item_extdata, ett_tcpclv4_sessext_data);
1610
1611 int sublen = 0;
1612 if (subdis) {
1613 sublen = call_dissector_only(subdis, extitem_tvb, pinfo, tree_extdata, NULL((void*)0));
1614 }
1615 if (sublen == 0) {
1616 expert_add_info(pinfo, item_type, &ei_tcpclv4_invalid_sessext_type);
1617 }
1618 extitem_offset += extitem_len;
1619
1620 proto_item_set_len(item_ext, extitem_offset);
1621 extlist_offset += extitem_offset;
1622
1623 if (subname) {
1624 proto_item_append_text(item_ext, ": %s", subname);
1625 }
1626 else {
1627 proto_item_append_text(item_ext, ": Type 0x%04" PRIx16"x", extitem_type);
1628 }
1629 if (is_critical) {
1630 proto_item_append_text(item_ext, ", CRITICAL");
1631 }
1632 }
1633 // advance regardless of any internal offset processing
1634 offset += extlist_len;
1635
1636 if (ctx->tx_peer->sess_init_seen) {
1637 if (tcpcl_analyze_sequence) {
1638 if (!tcpcl_frame_loc_equal(ctx->tx_peer->sess_init_seen, ctx->cur_loc)) {
1639 expert_add_info(pinfo, item_msg, &ei_tcpclv4_sess_init_duplicate);
1640 }
1641 }
1642 }
1643 else {
1644 ctx->tx_peer->sess_init_seen = tcpcl_frame_loc_clone(wmem_file_scope(), ctx->cur_loc);
1645 ctx->tx_peer->keepalive = keepalive;
1646 ctx->tx_peer->segment_mru = seg_mru;
1647 ctx->tx_peer->transfer_mru = xfer_mru;
1648 }
1649
1650 break;
1651 }
1652 case TCPCLV4_MSGTYPE_SESS_TERM: {
1653 uint8_t flags = tvb_get_uint8(tvb, offset);
1654 proto_tree_add_bitmask(tree_msg, tvb, offset, hf_tcpclv4_sess_term_flags, ett_tcpclv4_sess_term_flags, v4_sess_term_flags, ENC_BIG_ENDIAN0x00000000);
1655 offset += 1;
1656
1657 uint8_t reason = tvb_get_uint8(tvb, offset);
1658 proto_tree_add_uint(tree_msg, hf_tcpclv4_sess_term_reason, tvb, offset, 1, reason);
1659 offset += 1;
1660
1661 if (ctx->tx_peer->sess_term_seen) {
1662 if (tcpcl_analyze_sequence) {
1663 if (!tcpcl_frame_loc_equal(ctx->tx_peer->sess_term_seen, ctx->cur_loc)) {
1664 expert_add_info(pinfo, item_msg, &ei_tcpclv4_sess_term_duplicate);
1665 }
1666 }
1667 }
1668 else {
1669 ctx->tx_peer->sess_term_seen = tcpcl_frame_loc_clone(wmem_file_scope(), ctx->cur_loc);
1670 ctx->tx_peer->sess_term_reason = reason;
1671 }
1672
1673 if (tcpcl_analyze_sequence) {
1674 if (ctx->rx_peer->sess_term_seen) {
1675 proto_item *item_rel = proto_tree_add_uint(tree_msg, hf_tcpclv4_sess_term_related, tvb, 0, 0, ctx->rx_peer->sess_term_seen->frame_num);
1676 proto_item_set_generated(item_rel);
1677
1678 // Is this message after the other SESS_TERM?
1679 if (tcpcl_frame_loc_compare(ctx->tx_peer->sess_term_seen, ctx->rx_peer->sess_term_seen, NULL((void*)0)) > 0) {
1680 if (!(flags & TCPCLV4_SESS_TERM_FLAG_REPLY)) {
1681 expert_add_info(pinfo, item_msg, &ei_tcpclv4_sess_term_reply_flag);
1682 }
1683 }
1684 }
1685 }
1686
1687 break;
1688 }
1689 case TCPCLV4_MSGTYPE_XFER_SEGMENT:{
1690 uint8_t flags = tvb_get_uint8(tvb, offset);
1691 proto_item *item_flags = proto_tree_add_bitmask(tree_msg, tvb, offset, hf_tcpclv4_xfer_flags, ett_tcpclv4_xfer_flags, v4_xfer_flags, ENC_BIG_ENDIAN0x00000000);
1692 offset += 1;
1693
1694 uint64_t xfer_id = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1695 proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_id, tvb, offset, 8, xfer_id);
1696 offset += 8;
1697
1698 if (flags & TCPCLV4_TRANSFER_FLAG_START) {
1699 uint32_t extlist_len = tvb_get_uint32(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1700 proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_segment_extlist_len, tvb, offset, 4, extlist_len);
1701 offset += 4;
1702
1703 int extlist_offset = 0;
1704 while (extlist_offset < (int)extlist_len) {
1705 int extitem_offset = 0;
1706 proto_item *item_ext = proto_tree_add_item(tree_msg, hf_tcpclv4_xferext_tree, tvb, offset + extlist_offset, 0, ENC_NA0x00000000);
1707 proto_tree *tree_ext = proto_item_add_subtree(item_ext, ett_tcpclv4_xferext);
1708
1709 uint8_t extitem_flags = tvb_get_uint8(tvb, offset + extlist_offset + extitem_offset);
1710 proto_tree_add_bitmask(tree_ext, tvb, offset + extlist_offset + extitem_offset, hf_tcpclv4_xferext_flags, ett_tcpclv4_xferext_flags, v4_xferext_flags, ENC_BIG_ENDIAN0x00000000);
1711 extitem_offset += 1;
1712 const bool_Bool is_critical = (extitem_flags & TCPCLV4_EXTENSION_FLAG_CRITICAL);
1713 if (is_critical) {
1714 expert_add_info(pinfo, item_ext, &ei_tcpclv4_extitem_critical);
1715 }
1716
1717 uint16_t extitem_type = tvb_get_uint16(tvb, offset + extlist_offset + extitem_offset, ENC_BIG_ENDIAN0x00000000);
1718 proto_item *item_type = proto_tree_add_uint(tree_ext, hf_tcpclv4_xferext_type, tvb, offset + extlist_offset + extitem_offset, 2, extitem_type);
1719 extitem_offset += 2;
1720
1721 dissector_handle_t subdis = dissector_get_uint_handle(xfer_ext_dissectors, extitem_type);
1722 const char *subname = dissector_handle_get_description(subdis);
1723 if (subdis) {
1724 proto_item_set_text(item_type, "Item Type: %s (0x%04" PRIx16"x" ")", subname, extitem_type);
1725 }
1726
1727 uint16_t extitem_len = tvb_get_uint16(tvb, offset + extlist_offset + extitem_offset, ENC_BIG_ENDIAN0x00000000);
1728 proto_tree_add_uint(tree_ext, hf_tcpclv4_xferext_len, tvb, offset + extlist_offset + extitem_offset, 2, extitem_len);
1729 extitem_offset += 2;
1730
1731 tvbuff_t *extitem_tvb = tvb_new_subset_length(tvb, offset + extlist_offset + extitem_offset, extitem_len);
1732 proto_item *item_extdata = proto_tree_add_item(tree_ext, hf_tcpclv4_xferext_data, extitem_tvb, 0, tvb_captured_length(extitem_tvb), ENC_NA0x00000000);
1733 proto_tree *tree_extdata = proto_item_add_subtree(item_extdata, ett_tcpclv4_xferext_data);
1734
1735 tcpcl_frame_loc_t *extitem_loc = tcpcl_frame_loc_new(pinfo->pool, pinfo, extitem_tvb, 0);
1736 tcpcl_peer_associate_transfer(ctx->tx_peer, extitem_loc, xfer_id);
1737
1738 int sublen = 0;
1739 if (subdis) {
1740 sublen = call_dissector_only(subdis, extitem_tvb, pinfo, tree_extdata, NULL((void*)0));
1741 }
1742 if (sublen == 0) {
1743 expert_add_info(pinfo, item_type, &ei_tcpclv4_invalid_xferext_type);
1744 }
1745 extitem_offset += extitem_len;
1746
1747 proto_item_set_len(item_ext, extitem_offset);
1748 extlist_offset += extitem_offset;
1749
1750 if (subname) {
1751 proto_item_append_text(item_ext, ": %s", subname);
1752 }
1753 else {
1754 proto_item_append_text(item_ext, ": Type 0x%04" PRIx16"x", extitem_type);
1755 }
1756 if (is_critical) {
1757 proto_item_append_text(item_ext, ", CRITICAL");
1758 }
1759 }
1760 // advance regardless of any internal offset processing
1761 offset += extlist_len;
1762 }
1763
1764 uint64_t data_len = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1765 proto_item *item_len = proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_segment_data_len, tvb, offset, 8, data_len);
1766 offset += 8;
1767
1768 if (data_len > ctx->rx_peer->segment_mru) {
1769 expert_add_info(pinfo, item_len, &ei_tcpclv4_xfer_seg_over_seg_mru);
1770 }
1771 const int data_len_clamp = get_clamped_length(data_len, pinfo, item_len);
1772
1773 // Treat data as payload layer
1774 const int data_offset = offset;
1775 proto_tree_add_item(tree_msg, hf_tcpclv4_xfer_segment_data, tvb, offset, data_len_clamp, ENC_NA0x00000000);
1776 offset += data_len_clamp;
1777 payload_len = data_len_clamp;
1778
1779 wmem_strbuf_append_printf(suffix_text, ", Xfer ID: %" PRIi64"l" "i", xfer_id);
1780
1781 if (flags) {
1782 wmem_strbuf_append(suffix_text, ", Flags: ");
1783 bool_Bool sep = false0;
1784 if (flags & TCPCLV4_TRANSFER_FLAG_START) {
1785 wmem_strbuf_append(suffix_text, "START");
1786 sep = true1;
1787 }
1788 if (flags & TCPCLV4_TRANSFER_FLAG_END) {
1789 if (sep) {
1790 wmem_strbuf_append(suffix_text, "|");
1791 }
1792 wmem_strbuf_append(suffix_text, "END");
1793 }
1794 }
1795
1796 if (tcpcl_analyze_sequence) {
1797 transfer_add_segment(ctx, xfer_id, flags, data_len, pinfo, tvb, tree_msg, item_msg, item_flags);
1798 }
1799
1800 if (tcpcl_desegment_transfer) {
1801 // Reassemble the segments
1802 fragment_head *xferload_frag_msg = fragment_add_seq_next(
1803 &xfer_reassembly_table,
1804 tvb, data_offset,
1805 pinfo, 0, &xfer_id,
1806 data_len_clamp,
1807 !(flags & TCPCLV4_TRANSFER_FLAG_END)
1808 );
1809 ctx->xferload = process_reassembled_data(
1810 tvb, data_offset, pinfo,
1811 "Reassembled Transfer",
1812 xferload_frag_msg,
1813 &xfer_frag_items,
1814 NULL((void*)0),
1815 proto_tree_get_parent_tree(tree)
1816 );
1817 }
1818
1819 break;
1820 }
1821 case TCPCLV4_MSGTYPE_XFER_ACK:{
1822 uint8_t flags = tvb_get_uint8(tvb, offset);
1823 proto_item *item_flags = proto_tree_add_bitmask(tree_msg, tvb, offset, hf_tcpclv4_xfer_flags, ett_tcpclv4_xfer_flags, v4_xfer_flags, ENC_BIG_ENDIAN0x00000000);
1824 offset += 1;
1825
1826 uint64_t xfer_id = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1827 proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_id, tvb, offset, 8, xfer_id);
1828 offset += 8;
1829
1830 uint64_t ack_len = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1831 proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_ack_ack_len, tvb, offset, 8, ack_len);
1832 offset += 8;
1833
1834 wmem_strbuf_append_printf(suffix_text, ", Xfer ID: %" PRIi64"l" "i", xfer_id);
1835
1836 if (flags) {
1837 wmem_strbuf_append(suffix_text, ", Flags: ");
1838 bool_Bool sep = false0;
1839 if (flags & TCPCLV4_TRANSFER_FLAG_START) {
1840 wmem_strbuf_append(suffix_text, "START");
1841 sep = true1;
1842 }
1843 if (flags & TCPCLV4_TRANSFER_FLAG_END) {
1844 if (sep) {
1845 wmem_strbuf_append(suffix_text, "|");
1846 }
1847 wmem_strbuf_append(suffix_text, "END");
1848 }
1849 }
1850
1851 if (tcpcl_analyze_sequence) {
1852 transfer_add_ack(ctx, xfer_id, flags, ack_len, pinfo, tvb, tree_msg, item_msg, item_flags);
1853 }
1854
1855 break;
1856 }
1857 case TCPCLV4_MSGTYPE_XFER_REFUSE: {
1858 uint8_t reason = tvb_get_uint8(tvb, offset);
1859 proto_tree_add_uint(tree_msg, hf_tcpclv4_xfer_refuse_reason, tvb, offset, 1, reason);
1860 offset += 1;
1861
1862 uint64_t xfer_id = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
1863 proto_tree_add_uint64(tree_msg, hf_tcpclv4_xfer_id, tvb, offset, 8, xfer_id);
1864 offset += 8;
1865
1866 wmem_strbuf_append_printf(suffix_text, ", Xfer ID: %" PRIi64"l" "i", xfer_id);
1867
1868 if (tcpcl_analyze_sequence) {
1869 transfer_add_refuse(ctx, xfer_id, pinfo, tvb, tree_msg, item_msg);
1870 }
1871
1872 break;
1873 }
1874 case TCPCLV4_MSGTYPE_KEEPALIVE: {
1875 break;
1876 }
1877 case TCPCLV4_MSGTYPE_MSG_REJECT: {
1878 uint8_t reason = tvb_get_uint8(tvb, offset);
1879 proto_tree_add_uint(tree_msg, hf_tcpclv4_msg_reject_reason, tvb, offset, 1, reason);
1880 offset += 1;
1881
1882 uint8_t rej_head = tvb_get_uint8(tvb, offset);
1883 proto_tree_add_uint(tree_msg, hf_tcpclv4_msg_reject_head, tvb, offset, 1, rej_head);
1884 offset += 1;
1885
1886 break;
1887 }
1888 default:
1889 expert_add_info(pinfo, item_msg, &ei_tcpclv4_invalid_msg_type);
1890 break;
1891 }
1892
1893 proto_item_set_len(item_msg, offset - payload_len);
1894 proto_item_append_text(item_msg, ": %s%s", msgtype_name, wmem_strbuf_get_str(suffix_text));
1895 wmem_strbuf_finalize(suffix_text);
1896
1897 if (tcpcl_analyze_sequence) {
1898 if (!(ctx->tx_peer->chdr_missing)) {
1899 // assume the capture is somewhere in the middle
1900 if (!(ctx->tx_peer->sess_init_seen)) {
1901 expert_add_info(pinfo, item_msg, &ei_tcpclv4_sess_init_missing);
1902 }
1903 else {
1904 // This message is before SESS_INIT (but is not the SESS_INIT)
1905 const int cmp_sess_init = tcpcl_frame_loc_compare(ctx->cur_loc, ctx->tx_peer->sess_init_seen, NULL((void*)0));
1906 if (((msgtype == TCPCLV4_MSGTYPE_SESS_INIT) && (cmp_sess_init < 0))
1907 || ((msgtype != TCPCLV4_MSGTYPE_SESS_INIT) && (cmp_sess_init <= 0))) {
1908 expert_add_info(pinfo, item_msg, &ei_tcpclv4_sess_init_missing);
1909 }
1910 }
1911 }
1912 }
1913
1914 if (msgtype_name) {
1915 col_append_sep_str(pinfo->cinfo, COL_INFO, NULL((void*)0), msgtype_name);
1916 }
1917
1918 try_negotiate(ctx, pinfo);
1919 // Show negotiation results
1920 if (msgtype == TCPCLV4_MSGTYPE_SESS_INIT) {
1921 if (ctx->convo->sess_negotiated) {
1922 if (ctx->rx_peer->sess_init_seen){
1923 proto_item *item_nego = proto_tree_add_uint(tree_msg, hf_tcpclv4_sess_init_related, tvb, 0, 0, ctx->rx_peer->sess_init_seen->frame_num);
1924 proto_item_set_generated(item_nego);
1925 }
1926 {
1927 proto_item *item_nego = proto_tree_add_uint(tree_msg, hf_tcpclv4_negotiate_keepalive, tvb, 0, 0, ctx->convo->sess_keepalive);
1928 proto_item_set_generated(item_nego);
1929 }
1930 }
1931 }
1932
1933 return offset;
1934}
1935
1936/** Function to extract a message length, or zero if not valid.
1937 * This will call set_chdr_missing() if valid.
1938 */
1939typedef unsigned (*chdr_missing_check)(packet_info *, tvbuff_t *, int offset, tcpcl_dissect_ctx_t *);
1940
1941/** Inspect a single segment to determine if this looks like a TLS record set.
1942 */
1943static unsigned chdr_missing_tls(packet_info *pinfo, tvbuff_t *tvb, int offset,
1944 tcpcl_dissect_ctx_t *ctx) {
1945 if (ctx->convo->session_tls_start) {
1946 // already in a TLS context
1947 return 0;
1948 }
1949
1950 // similar heuristics to is_sslv3_or_tls() from packet-tls.c
1951 if (tvb_captured_length(tvb) < 5) {
1952 return 0;
1953 }
1954 uint8_t rectype = tvb_get_uint8(tvb, offset);
1955 uint16_t recvers = tvb_get_uint16(tvb, offset+1, ENC_BIG_ENDIAN0x00000000);
1956 uint16_t reclen = tvb_get_uint16(tvb, offset+1+2, ENC_BIG_ENDIAN0x00000000);
1957
1958 switch(rectype) {
1959 // These overlap with TCPCLV3_DATA_SEGMENT but have invalid flags
1960 // They are valid but unallocated v4 message type codes
1961 case SSL_ID_ALERT:
1962 case SSL_ID_HANDSHAKE:
1963 case SSL_ID_APP_DATA:
1964 case SSL_ID_HEARTBEAT:
1965 break;
1966 default:
1967 return 0;
1968 }
1969 if ((recvers & 0xFF00) != 0x0300) {
1970 return 0;
1971 }
1972 if (reclen == 0 || reclen >= TLS_MAX_RECORD_LENGTH0x4000 + 2048) {
1973 return 0;
1974 }
1975
1976 // post-STARTTLS
1977 ctx->convo->session_use_tls = true1;
1978 ctx->convo->session_tls_start = tcpcl_frame_loc_clone(wmem_file_scope(), ctx->cur_loc);
1979 ssl_starttls_post_ack(tls_handle, pinfo, tcpcl_handle);
1980
1981 return tvb_reported_length(tvb);
1982
1983}
1984
1985static unsigned chdr_missing_v3(packet_info *pinfo, tvbuff_t *tvb, int offset,
1986 tcpcl_dissect_ctx_t *ctx) {
1987 unsigned sublen = get_v3_msg_len(pinfo, tvb, offset, ctx);
1988 if (sublen > 0) {
1989 set_chdr_missing(ctx->tx_peer, 3);
1990 }
1991 return sublen;
1992}
1993
1994static unsigned chdr_missing_v4(packet_info *pinfo, tvbuff_t *tvb, int offset,
1995 tcpcl_dissect_ctx_t *ctx) {
1996 unsigned sublen = get_v4_msg_len(pinfo, tvb, offset, ctx);
1997 if (sublen > 0) {
1998 set_chdr_missing(ctx->tx_peer, 4);
1999 }
2000 return sublen;
2001}
2002
2003static const chdr_missing_check chdr_missing_v3first[] = {
2004 &chdr_missing_tls,
2005 &chdr_missing_v3,
2006 &chdr_missing_v4,
2007 NULL((void*)0)
2008};
2009static const chdr_missing_check chdr_missing_v3only[] = {
2010 &chdr_missing_v3,
2011 NULL((void*)0)
2012};
2013static const chdr_missing_check chdr_missing_v4first[] = {
2014 &chdr_missing_tls,
2015 &chdr_missing_v4,
2016 &chdr_missing_v3,
2017 NULL((void*)0)
2018};
2019static const chdr_missing_check chdr_missing_v4only[] = {
2020 &chdr_missing_v4,
2021 NULL((void*)0)
2022};
2023
2024static unsigned get_message_len(packet_info *pinfo, tvbuff_t *tvb, int ext_offset, void *data _U___attribute__((unused))) {
2025 tcpcl_dissect_ctx_t *ctx = tcpcl_dissect_ctx_get(tvb, pinfo, ext_offset);
2026 if (!ctx) {
2027 return 0;
2028 }
2029 const unsigned init_offset = ext_offset;
2030 unsigned offset = ext_offset;
2031
2032 if (ctx->is_contact) {
2033 if (tvb_memeql(tvb, offset, magic, sizeof(magic)) != 0) {
2034 // Optional heuristic dissection of a message
2035 const chdr_missing_check *checks = NULL((void*)0);
2036 switch (tcpcl_chdr_missing) {
2037 case CHDRMSN_V3FIRST:
2038 checks = chdr_missing_v3first;
2039 break;
2040 case CHDRMSN_V3ONLY:
2041 checks = chdr_missing_v3only;
2042 break;
2043 case CHDRMSN_V4FIRST:
2044 checks = chdr_missing_v4first;
2045 break;
2046 case CHDRMSN_V4ONLY:
2047 checks = chdr_missing_v4only;
2048 break;
2049 }
2050 if (checks) {
2051 for (const chdr_missing_check *chk = checks; *chk; ++chk) {
2052 unsigned sublen = (**chk)(pinfo, tvb, offset, ctx);
2053 if (sublen > 0) {
2054 return sublen;
2055 }
2056 }
2057 // no match
2058 return 0;
2059 }
2060 else {
2061 // require the contact header
2062 const unsigned available = tvb_captured_length(tvb) - offset;
2063 if (available < sizeof(magic) + 1) {
2064 return DESEGMENT_ONE_MORE_SEGMENT0x0fffffff;
2065 }
2066 // sufficient size available but no match
2067 return 0;
2068 }
2069 }
2070 offset += sizeof(magic);
2071
2072 uint8_t version = tvb_get_uint8(tvb, offset);
2073 offset += 1;
2074 if (version == 3) {
2075 offset += 3; // flags + keepalive
2076 uint64_t eid_len;
2077 const unsigned bytecount = tvb_get_sdnv(tvb, offset, &eid_len);
2078 const int len_clamp = get_clamped_length(eid_len, NULL((void*)0), NULL((void*)0));
2079 offset += bytecount + len_clamp;
2080 }
2081 else if (version == 4) {
2082 offset += 1; // flags
2083 }
2084 else {
2085 return 0;
2086 }
2087 }
2088 else {
2089 if (ctx->tx_peer->version == 3) {
2090 unsigned sublen = get_v3_msg_len(pinfo, tvb, offset, ctx);
2091 if (sublen == 0) {
2092 return 0;
2093 }
2094 offset += sublen;
2095 }
2096 else if (ctx->tx_peer->version == 4) {
2097 unsigned sublen = get_v4_msg_len(pinfo, tvb, offset, ctx);
2098 if (sublen == 0) {
2099 return 0;
2100 }
2101 offset += sublen;
2102 }
2103 else {
2104 return 0;
2105 }
2106 }
2107 const int needlen = offset - init_offset;
2108 return needlen;
2109}
2110
2111static int dissect_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U___attribute__((unused))) {
2112 bool_Bool is_new_item_tcpcl = false0;
2113 int offset = 0;
2114 tcpcl_dissect_ctx_t *ctx = tcpcl_dissect_ctx_get(tvb, pinfo, offset);
2115 if (!ctx) {
2116 return 0;
2117 }
2118
2119 {
2120 const char *proto_name = col_get_text(pinfo->cinfo, COL_PROTOCOL);
2121 if (g_strcmp0(proto_name, proto_name_tcpcl) != 0) {
2122 col_set_str(pinfo->cinfo, COL_PROTOCOL, proto_name_tcpcl);
2123 col_clear(pinfo->cinfo, COL_INFO);
2124 }
2125 }
2126
2127 // Don't add more than one TCPCL tree item
2128 proto_item *item_tcpcl;
2129 proto_tree *tree_tcpcl;
2130 if (tree && (tree->last_child)
2131 && (PITEM_HFINFO(tree->last_child)((tree->last_child)->hfinfo)->id == proto_tcpcl)) {
2132 item_tcpcl = tree->last_child;
2133 tree_tcpcl = proto_item_get_subtree(item_tcpcl);
2134 }
2135 else {
2136 item_tcpcl = proto_tree_add_item(tree, proto_tcpcl, tvb, 0, -1, ENC_NA0x00000000);
2137 tree_tcpcl = proto_item_add_subtree(item_tcpcl, ett_proto_tcpcl);
2138 is_new_item_tcpcl = true1;
2139 }
2140
2141 if (ctx->tx_peer->chdr_missing) {
2142 expert_add_info(pinfo, item_tcpcl, &ei_chdr_missing);
2143 }
2144 if (ctx->is_contact) {
2145 col_append_sep_str(pinfo->cinfo, COL_INFO, NULL((void*)0), "Contact Header");
2146
2147 proto_item *item_chdr = proto_tree_add_item(tree_tcpcl, hf_chdr_tree, tvb, offset, -1, ENC_NA0x00000000);
2148 proto_tree *tree_chdr = proto_item_add_subtree(item_chdr, ett_chdr);
2149
2150 proto_item *item_magic = proto_tree_add_item(tree_chdr, hf_chdr_magic, tvb, offset, sizeof(magic), ENC_NA0x00000000);
2151 if (tvb_memeql(tvb, offset, magic, sizeof(magic)) != 0) {
2152 expert_add_info(pinfo, item_magic, &ei_invalid_magic);
2153 return 0;
2154 }
2155 offset += sizeof(magic);
2156
2157 ctx->tx_peer->version = tvb_get_uint8(tvb, offset);
2158 proto_item *item_version = proto_tree_add_uint(tree_chdr, hf_chdr_version, tvb, offset, 1, ctx->tx_peer->version);
2159 offset += 1;
2160
2161 // Mark or check version match
2162 if (!ctx->convo->version) {
2163 ctx->convo->version = wmem_new(wmem_file_scope(), uint8_t)((uint8_t*)wmem_alloc((wmem_file_scope()), sizeof(uint8_t)));
2164 *(ctx->convo->version) = ctx->tx_peer->version;
2165 }
2166 else if (*(ctx->convo->version) != ctx->tx_peer->version) {
2167 expert_add_info(pinfo, item_version, &ei_mismatch_version);
2168 }
2169
2170 if ((ctx->tx_peer->version < 3) || (ctx->tx_peer->version > 4)) {
2171 expert_add_info(pinfo, item_version, &ei_invalid_version);
2172 return offset;
2173 }
2174
2175 if (ctx->tx_peer->version == 3) {
2176 /* Subtree to expand the bits in the Contact Header Flags */
2177 proto_tree_add_bitmask(tree_chdr, tvb, offset, hf_tcpclv3_chdr_flags, ett_tcpclv3_chdr_flags, v3_chdr_flags, ENC_BIG_ENDIAN0x00000000);
2178 offset++;
2179
2180 proto_tree_add_item(tree_chdr, hf_tcpclv3_chdr_keep_alive, tvb, offset, 2, ENC_BIG_ENDIAN0x00000000);
2181 offset += 2;
2182
2183 /*
2184 * New format Contact header has length field followed by EID.
2185 */
2186 uint64_t eid_length;
2187 int sdnv_length;
2188 proto_item *sub_item = proto_tree_add_item_ret_varint(tree_chdr, hf_tcpclv3_chdr_local_eid_length, tvb, offset, -1, ENC_VARINT_SDNV0x00000010, &eid_length, &sdnv_length);
2189 if (sdnv_length == 0) {
2190 expert_add_info(pinfo, sub_item, &ei_tcpclv3_eid_length);
2191 return 0;
2192 }
2193 offset += sdnv_length;
2194 const int eid_len_clamp = get_clamped_length(eid_length, pinfo, sub_item);
2195
2196 proto_tree_add_item(tree_chdr, hf_tcpclv3_chdr_local_eid, tvb, offset, eid_len_clamp, ENC_ASCII0x00000000);
2197 offset += eid_len_clamp;
2198
2199 // assumed parameters
2200 ctx->tx_peer->segment_mru = UINT64_MAX(18446744073709551615UL);
2201 ctx->tx_peer->transfer_mru = UINT64_MAX(18446744073709551615UL);
2202 }
2203 else if (ctx->tx_peer->version == 4) {
2204 uint8_t flags = tvb_get_uint8(tvb, offset);
2205 proto_tree_add_bitmask(tree_chdr, tvb, offset, hf_tcpclv4_chdr_flags, ett_tcpclv4_chdr_flags, v4_chdr_flags, ENC_BIG_ENDIAN0x00000000);
2206 offset += 1;
2207
2208 ctx->tx_peer->can_tls = (flags & TCPCLV4_CONTACT_FLAG_CANTLS);
2209 }
2210
2211 proto_item_set_len(item_chdr, offset);
2212
2213 if (ctx->tx_peer->chdr_seen) {
2214 if (tcpcl_analyze_sequence) {
2215 if (!tcpcl_frame_loc_equal(ctx->tx_peer->chdr_seen, ctx->cur_loc)) {
2216 expert_add_info(pinfo, item_chdr, &ei_chdr_duplicate);
2217 }
2218 }
2219 }
2220 else {
2221 ctx->tx_peer->chdr_seen = tcpcl_frame_loc_clone(wmem_file_scope(), ctx->cur_loc);
2222 }
2223
2224 try_negotiate(ctx, pinfo);
2225 // Show negotiation results
2226 if (ctx->convo->contact_negotiated) {
2227 if (ctx->rx_peer->chdr_seen) {
2228 proto_item *item_nego = proto_tree_add_uint(tree_chdr, hf_chdr_related, tvb, 0, 0, ctx->rx_peer->chdr_seen->frame_num);
2229 proto_item_set_generated(item_nego);
2230 }
2231 if (ctx->tx_peer->version == 4) {
2232 proto_item *item_nego = proto_tree_add_boolean(tree_chdr, hf_tcpclv4_negotiate_use_tls, tvb, 0, 0, ctx->convo->session_use_tls);
2233 proto_item_set_generated(item_nego);
2234 }
2235 }
2236 }
2237 else {
2238 if (ctx->tx_peer->version == 3) {
2239 offset += dissect_v3_msg(tvb, pinfo, tree_tcpcl, ctx);
2240 }
2241 else if (ctx->tx_peer->version == 4) {
2242 offset += dissect_v4_msg(tvb, pinfo, tree_tcpcl, ctx);
2243 }
2244 }
2245
2246 if (is_new_item_tcpcl) {
2247 proto_item_set_len(item_tcpcl, offset);
2248 proto_item_append_text(item_tcpcl, " Version %d", ctx->tx_peer->version);
2249 }
2250 else {
2251 const int item_len = proto_item_get_len(item_tcpcl);
2252 proto_item_set_len(item_tcpcl, item_len + offset);
2253 }
2254
2255 if (ctx->xferload) {
2256 col_append_str(pinfo->cinfo, COL_INFO, " [Bundle]");
2257
2258 if (tcpcl_decode_bundle) {
2259 if (bundle_handle) {
2260 call_dissector(
2261 bundle_handle,
2262 ctx->xferload,
2263 pinfo,
2264 tree
2265 );
2266 }
2267 }
2268 }
2269
2270 return offset;
2271}
2272
2273static int
2274dissect_tcpcl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U___attribute__((unused)))
2275{
2276 /* Retrieve information from conversation, or add it if it isn't
2277 * there yet */
2278 conversation_t *convo = find_or_create_conversation(pinfo);
2279 tcpcl_conversation_t *tcpcl_convo = (tcpcl_conversation_t *)conversation_get_proto_data(convo, proto_tcpcl);
2280 if (!tcpcl_convo) {
2281 tcpcl_convo = tcpcl_conversation_new();
2282 conversation_add_proto_data(convo, proto_tcpcl, tcpcl_convo);
2283 // Assume the first source (i.e. TCP initiator) is the active node
2284 copy_address_wmem(wmem_file_scope(), &(tcpcl_convo->active->addr), &(pinfo->src));
2285 tcpcl_convo->active->port = pinfo->srcport;
2286 copy_address_wmem(wmem_file_scope(), &(tcpcl_convo->passive->addr), &(pinfo->dst));
2287 tcpcl_convo->passive->port = pinfo->destport;
2288 }
2289
2290 tcp_dissect_pdus(tvb, pinfo, tree, true1, 1, get_message_len, dissect_message, NULL((void*)0));
2291
2292 const unsigned buflen = tvb_captured_length(tvb);
2293 return buflen;
2294}
2295
2296static bool_Bool
2297dissect_tcpcl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
2298{
2299 if (tvb_reported_length(tvb) < minimum_chdr_size) {
2300 return false0;
2301 }
2302 if (tvb_memeql(tvb, 0, magic, sizeof(magic)) != 0) {
2303 return false0;
2304 }
2305
2306 // treat the rest of the connection as TCPCL
2307 conversation_t *convo = find_or_create_conversation(pinfo);
2308 conversation_set_dissector(convo, tcpcl_handle);
2309
2310 dissect_tcpcl(tvb, pinfo, tree, data);
2311 return true1;
2312}
2313
2314static int dissect_xferext_transferlen(tvbuff_t *tvb, packet_info *pinfo _U___attribute__((unused)), proto_tree *tree, void *data _U___attribute__((unused))) {
2315 int offset = 0;
2316 tcpcl_dissect_ctx_t *ctx = tcpcl_dissect_ctx_get(tvb, pinfo, offset);
2317 if (!ctx) {
2318 return 0;
2319 }
2320
2321 uint64_t total_len = tvb_get_uint64(tvb, offset, ENC_BIG_ENDIAN0x00000000);
2322 proto_item *item_len = proto_tree_add_uint64(tree, hf_tcpclv4_xferext_transferlen_total_len, tvb, offset, 8, total_len);
2323 offset += 8;
2324 if (total_len > ctx->rx_peer->transfer_mru) {
2325 expert_add_info(pinfo, item_len, &ei_tcpclv4_xferload_over_xfer_mru);
2326 }
2327
2328 if (tcpcl_analyze_sequence) {
2329 uint64_t *xfer_id = wmem_map_lookup(ctx->tx_peer->frame_loc_to_transfer, ctx->cur_loc);
2330 if (xfer_id) {
2331 tcpcl_transfer_t *xfer = get_or_create_transfer_t(ctx->tx_peer->transfers, *xfer_id);
2332 xfer->total_length = wmem_new(wmem_file_scope(), uint64_t)((uint64_t*)wmem_alloc((wmem_file_scope()), sizeof(uint64_t))
);
2333 *(xfer->total_length) = total_len;
2334 }
2335 }
2336
2337 return offset;
2338}
2339
2340static int dissect_othername_bundleeid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U___attribute__((unused))) {
2341 int offset = 0;
2342 asn1_ctx_t actx;
2343 asn1_ctx_init(&actx, ASN1_ENC_BER, true1, pinfo);
2344 offset += dissect_ber_restricted_string(
2345 false0, BER_UNI_TAG_IA5String22,
2346 &actx, tree, tvb, offset, hf_othername_bundleeid, NULL((void*)0)
2347 );
2348 return offset;
2349}
2350
2351/// Re-initialize after a configuration change
2352static void reinit_tcpcl(void) {
2353}
2354
2355void
2356proto_register_tcpcl(void)
2357{
2358 expert_module_t *expert_tcpcl;
2359
2360 proto_tcpcl = proto_register_protocol("DTN TCP Convergence Layer Protocol", "TCPCL", "tcpcl");
2361
2362 proto_tcpcl_exts = proto_register_protocol_in_name_only(
2363 "TCPCL Extension Subdissectors",
2364 "TCPCL Extension Subdissectors",
2365 "tcpcl_exts",
2366 proto_tcpcl,
2367 FT_PROTOCOL
2368 );
2369
2370 proto_register_field_array(proto_tcpcl, hf_tcpcl, array_length(hf_tcpcl)(sizeof (hf_tcpcl) / sizeof (hf_tcpcl)[0]));
2371 proto_register_subtree_array(ett, array_length(ett)(sizeof (ett) / sizeof (ett)[0]));
2372 expert_tcpcl = expert_register_protocol(proto_tcpcl);
2373 expert_register_field_array(expert_tcpcl, ei_tcpcl, array_length(ei_tcpcl)(sizeof (ei_tcpcl) / sizeof (ei_tcpcl)[0]));
2374
2375 tcpcl_handle = register_dissector("tcpcl", dissect_tcpcl, proto_tcpcl);
2376 sess_ext_dissectors = register_dissector_table("tcpcl.v4.sess_ext", "TCPCLv4 Session Extension", proto_tcpcl, FT_UINT16, BASE_HEX);
2377 xfer_ext_dissectors = register_dissector_table("tcpcl.v4.xfer_ext", "TCPCLv4 Transfer Extension", proto_tcpcl, FT_UINT16, BASE_HEX);
2378
2379 module_t *module_tcpcl = prefs_register_protocol(proto_tcpcl, reinit_tcpcl);
2380 prefs_register_enum_preference(
2381 module_tcpcl,
2382 "allow_chdr_missing",
2383 "Allow missing Contact Header",
2384 "Whether the TCPCL dissector should use heuristic "
2385 "dissection of messages in the absence of a Contact Header "
2386 "(if the capture misses the start of session).",
2387 &tcpcl_chdr_missing,
2388 chdr_missing_choices,
2389 false0
2390 );
2391 prefs_register_bool_preference(
2392 module_tcpcl,
2393 "analyze_sequence",
2394 "Analyze message sequences",
2395 "Whether the TCPCL dissector should analyze the sequencing of "
2396 "the messages within each session.",
2397 &tcpcl_analyze_sequence
2398 );
2399 prefs_register_bool_preference(
2400 module_tcpcl,
2401 "desegment_transfer",
2402 "Reassemble the segments of each transfer",
2403 "Whether the TCPCL dissector should combine the sequential segments "
2404 "of a transfer into the full bundle being transferred."
2405 "To use this option, you must also enable "
2406 "\"Allow subdissectors to reassemble TCP streams\" "
2407 "in the TCP protocol settings.",
2408 &tcpcl_desegment_transfer
2409 );
2410 prefs_register_bool_preference(
2411 module_tcpcl,
2412 "decode_bundle",
2413 "Decode bundle data",
2414 "If enabled, the transfer bundle will be decoded.",
2415 &tcpcl_decode_bundle
2416 );
2417
2418 reassembly_table_register(
2419 &xfer_reassembly_table,
2420 &xfer_reassembly_table_functions
2421 );
2422
2423}
2424
2425void
2426proto_reg_handoff_tcpcl(void)
2427{
2428 tls_handle = find_dissector_add_dependency("tls", proto_tcpcl);
2429 bundle_handle = find_dissector("bundle");
2430
2431 dissector_add_uint_with_preference("tcp.port", BUNDLE_PORT4556, tcpcl_handle);
2432 heur_dissector_add("tcp", dissect_tcpcl_heur, "TCPCL over TCP", "tcpcl_tcp", proto_tcpcl, HEURISTIC_ENABLE);
2433
2434 /* Packaged extensions */
2435 {
2436 dissector_handle_t dis_h = create_dissector_handle_with_name_and_description(dissect_xferext_transferlen, proto_tcpcl_exts, NULL((void*)0), "Transfer Length");
2437 dissector_add_uint("tcpcl.v4.xfer_ext", TCPCLV4_XFEREXT_TRANSFER_LEN, dis_h);
2438 }
2439
2440 register_ber_oid_dissector("1.3.6.1.5.5.7.3.35", NULL((void*)0), proto_tcpcl_exts, "id-kp-bundleSecurity");
2441 register_ber_oid_dissector("1.3.6.1.5.5.7.8.11", dissect_othername_bundleeid, proto_tcpcl_exts, "id-on-bundleEID");
2442
2443 reinit_tcpcl();
2444}
2445
2446/*
2447 * Editor modelines - https://www.wireshark.org/tools/modelines.html
2448 *
2449 * Local variables:
2450 * c-basic-offset: 4
2451 * tab-width: 8
2452 * indent-tabs-mode: nil
2453 * End:
2454 *
2455 * vi: set shiftwidth=4 tabstop=8 expandtab:
2456 * :indentSize=4:tabSize=8:noTabs=true:
2457 */