1 diff -urN wireshark-0.99.7.orig/epan/dissectors/Makefile.common wireshark-0.99.7/epan/dissectors/Makefile.common
2 --- wireshark-0.99.7.orig/epan/dissectors/Makefile.common 2007-12-20 21:19:06.000000000 +0100
3 +++ wireshark-0.99.7/epan/dissectors/Makefile.common 2007-12-20 21:20:59.000000000 +0100
7 packet-diffserv-mpls-common.c \
12 diff -urN wireshark-0.99.7.orig/epan/dissectors/Makefile.in wireshark-0.99.7/epan/dissectors/Makefile.in
13 --- wireshark-0.99.7.orig/epan/dissectors/Makefile.in 2007-12-20 21:19:06.000000000 +0100
14 +++ wireshark-0.99.7/epan/dissectors/Makefile.in 2007-12-20 21:34:21.000000000 +0100
16 libcleandissectors_la-packet-h264.lo \
17 libcleandissectors_la-packet-hci_h4.lo \
18 libcleandissectors_la-packet-hclnfsd.lo \
19 + libcleandissectors_la-packet-hip.lo \
20 libcleandissectors_la-packet-homeplug.lo \
21 libcleandissectors_la-packet-hpext.lo \
22 libcleandissectors_la-packet-hpsw.lo \
32 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-h264.Plo@am__quote@
33 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-hci_h4.Plo@am__quote@
34 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-hclnfsd.Plo@am__quote@
35 +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-hip.Plo@am__quote@
36 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-homeplug.Plo@am__quote@
37 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-hpext.Plo@am__quote@
38 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcleandissectors_la-packet-hpsw.Plo@am__quote@
39 @@ -4828,6 +4831,13 @@
40 @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
41 @am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcleandissectors_la_CFLAGS) $(CFLAGS) -c -o libcleandissectors_la-packet-hclnfsd.lo `test -f 'packet-hclnfsd.c' || echo '$(srcdir)/'`packet-hclnfsd.c
43 +libcleandissectors_la-packet-hip.lo: packet-hip.c
44 +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcleandissectors_la_CFLAGS) $(CFLAGS) -MT libcleandissectors_la-packet-hip.lo -MD -MP -MF $(DEPDIR)/libcleandissectors_la-packet-hip.Tpo -c -o libcleandissectors_la-packet-hip.lo `test -f 'packet-hip.c' || echo '$(srcdir)/'`packet-hip.c
45 +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/libcleandissectors_la-packet-hip.Tpo $(DEPDIR)/libcleandissectors_la-packet-hip.Plo
46 +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='packet-hip.c' object='libcleandissectors_la-packet-hip.lo' libtool=yes @AMDEPBACKSLASH@
47 +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
48 +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcleandissectors_la_CFLAGS) $(CFLAGS) -c -o libcleandissectors_la-packet-hip.lo `test -f 'packet-hip.c' || echo '$(srcdir)/'`packet-hip.c
50 libcleandissectors_la-packet-homeplug.lo: packet-homeplug.c
51 @am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcleandissectors_la_CFLAGS) $(CFLAGS) -MT libcleandissectors_la-packet-homeplug.lo -MD -MP -MF $(DEPDIR)/libcleandissectors_la-packet-homeplug.Tpo -c -o libcleandissectors_la-packet-homeplug.lo `test -f 'packet-homeplug.c' || echo '$(srcdir)/'`packet-homeplug.c
52 @am__fastdepCC_TRUE@ mv -f $(DEPDIR)/libcleandissectors_la-packet-homeplug.Tpo $(DEPDIR)/libcleandissectors_la-packet-homeplug.Plo
53 diff -urN wireshark-0.99.7.orig/epan/dissectors/packet-hip.c wireshark-0.99.7/epan/dissectors/packet-hip.c
54 --- wireshark-0.99.7.orig/epan/dissectors/packet-hip.c 1970-01-01 01:00:00.000000000 +0100
55 +++ wireshark-0.99.7/epan/dissectors/packet-hip.c 2007-12-20 21:37:45.000000000 +0100
58 + * Routines for HIP packet disassembly
60 + * 03/2006 draft-ietf-hip-base-05, -esp-02, -mm-03, -registration-01, -rvs-04
61 + * 07/2005 draft-ietf-hip-base-03, -esp-00, and -mm-02
62 + * 03/2005 draft-ietf-hip-base-01
63 + * 11/2004 RSA and draft-ietf-hip-mm-00
64 + * 09/2004 draft-nikander-hip-mm-02
65 + * 07/2004 draft-ietf-hip-base-00
69 + * Jeff Ahrenholz <jeffrey.m.ahrenholz@boeing.com>
70 + * Thomas Henderson <thomas.r.henderson@boeing.com>
72 + * Packet dissector for Host Identity Protocol (HIP) packets.
73 + * This tool displays the TLV structure, verifies checksums,
74 + * and shows NULL encrypted parameters, but will not verify
75 + * signatures or decode encrypted parameters.
79 + * Ethereal - Network traffic analyzer
80 + * By Gerald Combs <gerald@ethereal.com>
81 + * Copyright 1998 Gerald Combs
83 + * This program is free software; you can redistribute it and/or
84 + * modify it under the terms of the GNU General Public License
85 + * as published by the Free Software Foundation; either version 2
86 + * of the License, or (at your option) any later version.
88 + * This program is distributed in the hope that it will be useful,
89 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
90 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
91 + * GNU General Public License for more details.
93 + * You should have received a copy of the GNU General Public License
94 + * along with this program; if not, write to the Free Software
95 + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
107 +#include <epan/packet.h>
108 +#include <epan/addr_resolv.h>
109 +#include "ipproto.h"
110 +#include "in_cksum.h"
114 +#include "packet-ip.h"
115 +#include <epan/conversation.h>
117 +static int proto_hip = -1;
118 +static int hf_hip_proto = -1;
119 +static int hf_hip_hdr_len = -1;
120 +static int hf_hip_packet_type = -1;
121 +static int hf_hip_version = -1;
122 +static int hf_hip_res = -1;
123 +static int hf_hip_controls = -1;
124 +static int hf_hip_controls_cert = -1;
125 +static int hf_hip_controls_anon = -1;
126 +static int hf_hip_checksum = -1;
127 +static int hf_hip_hit_sndr = -1;
128 +static int hf_hip_hit_rcvr = -1;
130 +static int hf_hip_type = -1;
131 +static int hf_hip_tlv_ei_res = -1;
132 +static int hf_hip_tlv_ei_keyidx = -1;
133 +static int hf_hip_tlv_ei_oldspi = -1;
134 +static int hf_hip_tlv_ei_newspi = -1;
135 +static int hf_hip_tlv_r1_res = -1;
136 +static int hf_hip_tlv_r1count = -1;
137 +static int hf_hip_tlv_puzzle_k = -1;
138 +static int hf_hip_tlv_puzzle_life = -1;
139 +static int hf_hip_tlv_puzzle_o = -1;
140 +static int hf_hip_tlv_puzzle_i = -1;
141 +static int hf_hip_tlv_puzzle_j = -1;
142 +static int hf_hip_tlv_seq_updid = -1;
143 +static int hf_hip_tlv_ack_updid = -1;
144 +static int hf_hip_tlv_dh_group_id = -1;
145 +static int hf_hip_tlv_dh_pub = -1;
146 +static int hf_hip_tlv_trans_id = -1;
147 +static int hf_hip_tlv_esp_reserved = -1;
148 +static int hf_hip_tlv_host_id_len = -1;
149 +static int hf_hip_tlv_host_di_type = -1;
150 +static int hf_hip_tlv_host_di_len = -1;
151 +static int hf_hip_tlv_host_id_hdr = -1;
152 +static int hf_hip_tlv_host_id_hdr_flags = -1;
153 +static int hf_hip_tlv_host_id_hdr_proto = -1;
154 +static int hf_hip_tlv_host_id_hdr_alg = -1;
155 +static int hf_hip_tlv_host_id_t = -1;
156 +static int hf_hip_tlv_host_id_q = -1;
157 +static int hf_hip_tlv_host_id_p = -1;
158 +static int hf_hip_tlv_host_id_g = -1;
159 +static int hf_hip_tlv_host_id_y = -1;
160 +static int hf_hip_tlv_host_id_e_len = -1;
161 +static int hf_hip_tlv_host_id_e = -1;
162 +static int hf_hip_tlv_host_id_n = -1;
163 +static int hf_hip_tlv_cert_count = -1;
164 +static int hf_hip_tlv_cert_id = -1;
165 +static int hf_hip_tlv_cert_type = -1;
166 +static int hf_hip_tlv_certificate = -1;
167 +static int hf_hip_tlv_notify_res = -1;
168 +static int hf_hip_tlv_notify_type = -1;
169 +static int hf_hip_tlv_notify_data = -1;
170 +static int hf_hip_tlv_opaque_data = -1;
171 +static int hf_hip_tlv_reg_ltmin = -1;
172 +static int hf_hip_tlv_reg_ltmax = -1;
173 +static int hf_hip_tlv_reg_lt = -1;
174 +static int hf_hip_tlv_reg_type = -1;
175 +static int hf_hip_tlv_reg_failtype = -1;
176 +static int hf_hip_tlv_hmac = -1;
177 +static int hf_hip_tlv_sig_alg = -1;
178 +static int hf_hip_tlv_sig = -1;
179 +static int hf_hip_tlv_id = -1;
180 +static int hf_hip_tlv_enc_reserved = -1;
181 +static int hf_hip_tlv_enc_iv = -1;
182 +static int hf_hip_tlv_locator_traffic_type = -1;
183 +static int hf_hip_tlv_locator_type = -1;
184 +static int hf_hip_tlv_locator_len = -1;
185 +static int hf_hip_tlv_locator_reserved = -1;
186 +static int hf_hip_tlv_locator_lifetime = -1;
187 +static int hip_transform = 0;
189 +static gint ett_hip = -1;
190 +static gint ett_hip_controls = -1;
191 +static gint ett_hip_tlv = -1;
192 +static gint ett_hip_tlv_data = -1;
193 +static gint ett_hip_tlv_host_id_hdr = -1;
195 +/* Place HIP summary in protocol tree */
196 +static gboolean hip_summary_in_tree = TRUE;
198 +/* This minimal structure used to get at the Type field*/
200 + guint16 nextpluslen; /* Next header, plus length */
201 + guint8 hiptype; /* Type (what we are after) */
202 + guint8 hipreserved; /* Reserved (what we are after) */
203 + /*variable size*/ /* (IV and) Payload data */
206 +/* 128-bit Host Identity Tag */
207 +#define HIT_BITSIZE 128
208 +typedef unsigned char hip_hit [HIT_BITSIZE/8];
210 +#define HI_ALG_DSA 3
211 +#define HI_ALG_RSA 5
213 +/* HIP packet types */
219 + CER, /* 5 - removed from draft-ietf-hip-base-03 */
220 + BOS=11, /* 11 - removed from draft-ietf-hip-base-01 */
221 + UPDATE=16, /* 16 */
222 + NOTIFY=17, /* 17 */
224 + CLOSE_ACK=19, /* 19 */
227 +/* HIP TLV parameters */
228 +/* 03/2006 draft-ietf-hip-base-05, -esp-02, -mm-03, -registration-01, -rvs-04 */
229 +#define PARAM_ESP_INFO 65
230 +#define PARAM_R1_COUNTER 128
231 +#define PARAM_LOCATOR 193
232 +#define PARAM_PUZZLE 257
233 +#define PARAM_SOLUTION 321
234 +#define PARAM_SEQ 385
235 +#define PARAM_ACK 449
236 +#define PARAM_DIFFIE_HELLMAN 513
237 +#define PARAM_HIP_TRANSFORM 577
238 +#define PARAM_ENCRYPTED 641
239 +#define PARAM_HOST_ID 705
240 +#define PARAM_CERT 768
241 +#define PARAM_NOTIFY 832
242 +#define PARAM_ECHO_REQUEST 897
243 +#define PARAM_REG_INFO 930
244 +#define PARAM_REG_REQUEST 932
245 +#define PARAM_REG_RESPONSE 934
246 +#define PARAM_REG_FAILED 936
247 +#define PARAM_ECHO_RESPONSE 961
248 +#define PARAM_ESP_TRANSFORM 4095
249 +#define PARAM_TRANSFORM_LOW 2048 /* defines range for transforms */
250 +#define PARAM_TRANSFORM_HIGH 4095
251 +#define PARAM_HMAC 61505
252 +#define PARAM_HMAC_2 61569
253 +#define PARAM_HIP_SIGNATURE_2 61633
254 +#define PARAM_HIP_SIGNATURE 61697
255 +#define PARAM_ECHO_REQUEST_NOSIG 63661
256 +#define PARAM_ECHO_RESPONSE_NOSIG 63425
257 +#define PARAM_FROM 65498
258 +#define PARAM_RVS_HMAC 65500
259 +#define PARAM_VIA_RVS 65502
260 +#define PARAM_CRITICAL_BIT 0x0001
262 +#define HIP_CONTROL_C_MASK 0x0002
263 +#define HIP_CONTROL_A_MASK 0x0001
265 +#define HI_HDR_FLAGS_MASK 0xFFFF0000
266 +#define HI_HDR_PROTO_MASK 0x0000FF00
267 +#define HI_HDR_ALG_MASK 0x000000FF
269 +const value_string hi_hdr_flags_vals[] = {
270 + { 0x0200, "key is associated with a user" },
271 + { 0x0201, "zone key" },
272 + { 0x0202, "key is associated with non-zone entity" },
276 +const value_string hi_hdr_proto_vals[] = {
277 + { 0x01, "key is used for TLS" },
278 + { 0x02, "key is used for email" },
279 + { 0x03, "key is used for DNS security" },
280 + { 0x04, "key is used for Oakley/IPSEC" },
281 + { 0xFF, "key is valid for any protocol" },
285 +const value_string hi_hdr_alg_vals[] = {
286 + { 0x00, "reserved" },
287 + { 0x01, "RSA/MD5" },
288 + { 0x02, "Diffie-Hellman" },
290 + { 0x04, "elliptic curve crypto" },
292 + { 0xFF, "reserved" },
295 +const value_string notify_vals[] = {
296 + { 1, "Unsupported critical parameter type" },
297 + { 7, "Invalid syntax" },
298 + { 14, "No Diffie-Hellman proposal chosen" },
299 + { 15, "Invalid Diffie-Hellman chosen" },
300 + { 16, "No HIP proposal chosen" },
301 + { 17, "Invalid HIP transform chosen" },
302 + { 18, "No ESP proposal chosen" },
303 + { 19, "Invalid ESP transform chosen" },
304 + { 24, "Authentication failed" },
305 + { 26, "Checksum failed" },
306 + { 28, "HMAC failed" },
307 + { 32, "Encryption failed" },
308 + { 40, "Invalid HIT" },
309 + { 42, "Blocked by policy" },
310 + { 44, "Server busy please retry" },
311 + { 46, "I2 acknowledgement" },
315 +typedef struct _hiphdr {
316 + guint8 proto; /* payload protocol */
317 + guint8 hdr_len; /* header length */
318 + guint8 packet_type; /* packet type */
319 + guint8 res:4,version:4; /* version, reserved */
320 + guint16 checksum; /* checksum */
321 + guint16 control; /* control */
322 + hip_hit hit_sndr; /* Sender's Host Identity Tag */
323 + hip_hit hit_rcvr; /* Receiver's Host Identity Tag*/
324 + /* HIP parameters ... */
327 +typedef struct _tlv_head
335 +char * hip_param(int n);
336 +char *dh_group_id_label(int groupid);
337 +char *transform_id_label(int transform);
338 +char *sig_alg_label(int alg);
339 +int dissect_hip_tlv(tvbuff_t *tvb, int offset, proto_item *ti, int type, int tlv_len);
341 +static dissector_handle_t data_handle;
343 +/**** end defs from hip.h ****/
346 + * Dissect the HIP packet
349 +dissect_hip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
351 + proto_tree *hip_tree, *hip_tlv_tree=NULL;
352 + proto_item *ti, *ti_tlv;
355 + int length, offset = 0;
356 + guint16 control_h, checksum_h, computed_checksum;
357 + guint16 tlv_type_h, tlv_length_h; /* For storing in host order */
358 + vec_t cksum_vec[4];
362 + * load the top pane info. This should be overwritten by
363 + * the next protocol in the stack
365 + if (check_col(pinfo->cinfo, COL_PROTOCOL))
366 + col_set_str(pinfo->cinfo, COL_PROTOCOL, "HIP");
367 + if (check_col(pinfo->cinfo, COL_INFO))
368 + col_clear(pinfo->cinfo, COL_INFO);
370 + /* Convert control and checksum to host order */
372 + tvb_memcpy(tvb, (guint8 *)&hiph, 0, sizeof(hiphdr));
373 + control_h = g_ntohs(hiph.control);
374 + checksum_h = g_ntohs(hiph.checksum);
376 + if (check_col(pinfo->cinfo, COL_INFO)) {
377 + switch (hiph.packet_type) {
379 + col_add_fstr(pinfo->cinfo, COL_INFO,
380 + "HIP I1 (HIP Initiator Packet)");
383 + col_add_fstr(pinfo->cinfo, COL_INFO,
384 + "HIP R1 (HIP Responder Packet)");
387 + col_add_fstr(pinfo->cinfo, COL_INFO,
388 + "HIP I2 (Second HIP Initiator Packet)");
391 + col_add_fstr(pinfo->cinfo, COL_INFO,
392 + "HIP R2 (Second HIP Responder Packet)");
395 + col_add_fstr(pinfo->cinfo, COL_INFO,
396 + "HIP UPDATE (HIP Update Packet)");
399 + col_add_fstr(pinfo->cinfo, COL_INFO,
400 + "HIP CER (HIP Certificate Packet)");
403 + col_add_fstr(pinfo->cinfo, COL_INFO,
404 + "HIP BOS (HIP Bootstrap Packet)");
407 + col_add_fstr(pinfo->cinfo, COL_INFO,
408 + "HIP NOTIFY (HIP Notification Packet)");
411 + col_add_fstr(pinfo->cinfo, COL_INFO,
412 + "HIP CLOSE (HIP Close Packet)");
415 + col_add_fstr(pinfo->cinfo, COL_INFO,
416 + "HIP CLOSE_ACK (HIP Close Acknowledgement Packet)");
419 + col_add_fstr(pinfo->cinfo, COL_INFO, "HIP Unknown type");
425 + * populate a tree in the second pane with the status of the link layer
429 + if (hip_summary_in_tree) {
430 + ti = proto_tree_add_protocol_format(tree, proto_hip, tvb, 0, -1, "Host Identity Protocol");
432 + ti = proto_tree_add_item(tree, proto_hip, tvb, 0, -1, FALSE);
435 + hip_tree = proto_item_add_subtree(ti, ett_hip);
436 + proto_tree_add_uint(hip_tree, hf_hip_proto, tvb, offset, 1, hiph.proto);
437 + proto_tree_add_uint(hip_tree, hf_hip_hdr_len, tvb, offset+1, 1, hiph.hdr_len);
438 + proto_tree_add_uint(hip_tree, hf_hip_packet_type, tvb, offset+2, 1, hiph.packet_type);
439 + proto_tree_add_uint_format(hip_tree, hf_hip_version, tvb, offset+3, 1, hiph.version,
440 + "Version: %u, Reserved: %u", hiph.version, hiph.res);
441 + ti = proto_tree_add_uint(hip_tree, hf_hip_controls, tvb, offset+4, 2, control_h);
442 + if (ti) { /* HIP Controls subtree*/
443 + ti = proto_item_add_subtree(ti, ett_hip_controls);
444 + proto_tree_add_boolean(ti, hf_hip_controls_cert, tvb, offset+5,1, control_h);
445 + proto_tree_add_boolean(ti, hf_hip_controls_anon, tvb, offset+5,1, control_h);
449 + /* Checksum - this is the same algorithm from UDP, ICMPv6 */
450 + if (!pinfo->fragmented) {
451 + /* IPv4 or IPv6 addresses */
452 + cksum_vec[0].ptr = pinfo->src.data;
453 + cksum_vec[0].len = pinfo->src.len;
454 + cksum_vec[1].ptr = pinfo->dst.data;
455 + cksum_vec[1].len = pinfo->dst.len;
456 + /* the rest of the pseudo-header */
457 + if (pinfo->src.type == AT_IPv6) {
458 + cksum_vec[2].ptr = (const guint8 *)&phdr;
459 + phdr[0] = g_htonl(tvb_reported_length(tvb));
460 + phdr[1] = g_htonl(IP_PROTO_HIP);
461 + cksum_vec[2].len = 8;
463 + cksum_vec[2].ptr = (const guint8 *)&phdr;
464 + phdr[0] = g_htonl((IP_PROTO_HIP<<16)+tvb_reported_length(tvb));
465 + cksum_vec[2].len = 4;
467 + /* pointer to the HIP header (packet data) */
468 + cksum_vec[3].len = tvb_reported_length(tvb);
469 + cksum_vec[3].ptr = tvb_get_ptr(tvb, 0, cksum_vec[3].len);
470 + computed_checksum = in_cksum(cksum_vec, 4);
471 + if (computed_checksum == 0) {
472 + proto_tree_add_uint_format(hip_tree, hf_hip_checksum, tvb,
473 + offset+6, 2, checksum_h, "Checksum: 0x%04x (correct)",
476 + proto_tree_add_uint_format(hip_tree, hf_hip_checksum, tvb,
477 + offset+6, 2, checksum_h,
478 + "Checksum: 0x%04x (incorrect, should be 0x%04x)",
480 + in_cksum_shouldbe(checksum_h, computed_checksum));
483 + proto_tree_add_uint_format(hip_tree, hf_hip_checksum, tvb,
484 + offset+6, 2, checksum_h,"Checksum: 0x%04x (unverified)",
488 + proto_tree_add_bytes(hip_tree, hf_hip_hit_sndr, tvb, offset, sizeof(hip_hit), hiph.hit_sndr);
489 + offset += sizeof(hip_hit);
490 + proto_tree_add_bytes(hip_tree, hf_hip_hit_rcvr, tvb, offset, sizeof(hip_hit), hiph.hit_rcvr);
491 + offset += sizeof(hip_hit);
493 + length = (hiph.hdr_len+1)*8;
494 + /* Begin TLV parsing */
495 + if (offset < length) {
496 + ti_tlv = proto_tree_add_text(hip_tree, tvb, offset, tvb_length(tvb), "HIP Parameters");
497 + hip_tlv_tree = proto_item_add_subtree(ti_tlv, ett_hip_tlv);
499 + /* Parse type and length in TLV */
500 + while (offset < length)
502 + tvb_memcpy(tvb, (guint8 *)&tlv, offset, sizeof(tlv_head));
503 + tlv_type_h = g_ntohs(tlv.type);
504 + tlv_length_h = g_ntohs(tlv.length);
505 + ti_tlv = proto_tree_add_uint_format(hip_tlv_tree, hf_hip_type, tvb,
506 + offset, 4+tlv_length_h, tlv.type, "%s (type=%u, length=%u)",
507 + hip_param(tlv_type_h), tlv_type_h, tlv_length_h);
510 + dissect_hip_tlv(tvb, offset, ti_tlv, tlv_type_h, tlv_length_h);
512 + offset += 11 + tlv_length_h - (tlv_length_h + 3) % 8;
519 +proto_register_hip(void)
521 +/* Most of this stuff is unused */
522 + module_t *hip_module;
523 + static hf_register_info hf[] = {
525 + { "Payload Protocol", "hip.proto", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
528 + { "Header Length", "hip.hdr_len", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
530 + { &hf_hip_packet_type,
531 + { "Packet Type", "hip.packet_type", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
534 + { "Version", "hip.version", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
537 + { "Reserved", "hip.res", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
539 + { &hf_hip_controls,
540 + { "HIP Controls", "hip.controls", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
542 + { &hf_hip_controls_cert,
543 + { "Certificate (One or more CER packets follows)", "hip.controls.c", FT_BOOLEAN, 16, NULL, HIP_CONTROL_C_MASK, "", HFILL }},
545 + { &hf_hip_controls_anon,
546 + { "Anonymous (Sender's HI is anonymous)", "hip.controls.a", FT_BOOLEAN, 16, NULL, HIP_CONTROL_A_MASK, "", HFILL }},
548 + { &hf_hip_checksum,
549 + { "Checksum", "hip.checksum", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
551 + { &hf_hip_hit_sndr,
552 + { "Sender's HIT", "hip.hit_sndr", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
554 + { &hf_hip_hit_rcvr,
555 + { "Receiver's HIT", "hip.hit_rcvr", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
558 + { "Type", "hip.type", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
560 + { &hf_hip_tlv_r1_res,
561 + { "Reserved", "hip.tlv.r1_res", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
563 + { &hf_hip_tlv_r1count,
564 + { "R1 Counter", "hip.tlv.r1count", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
566 + { &hf_hip_tlv_puzzle_k,
567 + { "Puzzle Difficulty K","hip.tlv_puzzle_k", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
569 + { &hf_hip_tlv_puzzle_life,
570 + { "Puzzle Lifetime","hip.tlv_puzzle_life", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
572 + { &hf_hip_tlv_puzzle_o,
573 + { "Opaque Data","hip.tlv_puzzle_o", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
575 + { &hf_hip_tlv_puzzle_i,
576 + { "Puzzle Random I", "hip.tlv.puzzle_i", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
578 + { &hf_hip_tlv_puzzle_j,
579 + { "Puzzle Solution J", "hip.tlv_puzzle_j", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
581 + { &hf_hip_tlv_ei_res,
582 + { "Reserved", "hip.tlv_ei_res", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
584 + { &hf_hip_tlv_ei_keyidx,
585 + { "Keymat Index", "hip.tlv_ei_keyidx", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
587 + { &hf_hip_tlv_ei_oldspi,
588 + { "Old SPI", "hip.tlv_ei_oldspi", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
590 + { &hf_hip_tlv_ei_newspi,
591 + { "New SPI", "hip.tlv_ei_newspi", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
593 + { &hf_hip_tlv_seq_updid,
594 + { "Update ID", "hip.tlv_seq_updid", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
596 + { &hf_hip_tlv_ack_updid,
597 + { "ACKed Peer Update ID", "hip.tlv_ack_updid", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
599 + { &hf_hip_tlv_dh_group_id,
600 + { "Group ID", "hip.tlv.dh_group_id", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
602 + { &hf_hip_tlv_dh_pub,
603 + { "Public Value", "hip.tlv.dh_pub", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
605 + { &hf_hip_tlv_trans_id,
606 + { "Transform ID", "hip.tlv.trans_id", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
608 + { &hf_hip_tlv_esp_reserved,
609 + { "Reserved", "hip.tlv.esp_reserved", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
611 + { &hf_hip_tlv_host_id_len,
612 + { "Host Identity Length","hip.tlv.host_id_len", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
614 + { &hf_hip_tlv_host_di_type,
615 + { "Domain Identifier Type","hip.tlv.host_di_type", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
617 + { &hf_hip_tlv_host_di_len,
618 + { "Domain Identifier Length","hip.tlv.host_di_len", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
620 + { &hf_hip_tlv_host_id_hdr,
621 + { "Host Identity flags","hip.tlv.host_id_hdr", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
623 + { &hf_hip_tlv_host_id_hdr_flags,
624 + { "Flags","hip.tlv.host_id_hdr_flags", FT_UINT32, BASE_HEX, VALS(hi_hdr_flags_vals), HI_HDR_FLAGS_MASK, "", HFILL }},
626 + { &hf_hip_tlv_host_id_hdr_proto,
627 + { "Protocol","hip.tlv.host_id_hdr_flags", FT_UINT32, BASE_HEX, VALS(hi_hdr_proto_vals), HI_HDR_PROTO_MASK, "", HFILL }},
629 + { &hf_hip_tlv_host_id_hdr_alg,
630 + { "Algorithm","hip.tlv.host_id_hdr_alg", FT_UINT32, BASE_HEX, VALS(hi_hdr_alg_vals), HI_HDR_ALG_MASK, "", HFILL }},
632 + { &hf_hip_tlv_host_id_t,
633 + { "Host Identity T","hip.tlv.host_id_t", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
635 + { &hf_hip_tlv_host_id_q,
636 + { "Host Identity Q","hip.tlv.host_id_q", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
638 + { &hf_hip_tlv_host_id_p,
639 + { "Host Identity P","hip.tlv.host_id_p", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
641 + { &hf_hip_tlv_host_id_g,
642 + { "Host Identity G","hip.tlv.host_id_g", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
644 + { &hf_hip_tlv_host_id_y,
645 + { "Host Identity Y (public value)", "hip.tlv.host_id_y", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
647 + { &hf_hip_tlv_host_id_e_len,
648 + { "RSA Host Identity e_len (exponent length)",
649 + "hip.tlv.host_id_e_len", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
651 + { &hf_hip_tlv_host_id_e,
652 + { "RSA Host Identity e (exponent)", "hip.tlv.host_id_e", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
654 + { &hf_hip_tlv_host_id_n,
655 + { "RSA Host Identity n (public modulus)", "hip.tlv.host_id_n", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
657 + { &hf_hip_tlv_cert_count,
658 + { "Cert count","hip.tlv.cert_count", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
660 + { &hf_hip_tlv_cert_id,
661 + { "Cert ID","hip.tlv.cert_id", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
663 + { &hf_hip_tlv_cert_type,
664 + { "Cert type","hip.tlv.cert_type", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
666 + { &hf_hip_tlv_certificate,
667 + { "Certificate","hip.tlv.certificate", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
669 + { &hf_hip_tlv_notify_res,
670 + { "Reserved","hip.tlv.notify_res", FT_UINT16, BASE_HEX, NULL, 0x0, "", HFILL }},
672 + { &hf_hip_tlv_notify_type,
673 + { "Notify Message Type","hip.tlv.notify_type", FT_UINT16, BASE_DEC, VALS(notify_vals), 0xFFFF, "", HFILL }},
675 + { &hf_hip_tlv_notify_data,
676 + { "Notification Data","hip.tlv.notify_data", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
678 + { &hf_hip_tlv_opaque_data,
679 + { "Opaque Data","hip.tlv.opaque_data", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
681 + { &hf_hip_tlv_reg_ltmin,
682 + { "Minimum Registration Lifetime","hip.tlv.reg_ltmin", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
684 + { &hf_hip_tlv_reg_ltmax,
685 + { "Maximum Registration Lifetime","hip.tlv.reg_ltmax", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
687 + { &hf_hip_tlv_reg_lt,
688 + { "Registration Lifetime","hip.tlv.reg_lt", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
690 + { &hf_hip_tlv_reg_type,
691 + { "Registration Type","hip.tlv.reg_type", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
693 + { &hf_hip_tlv_reg_failtype,
694 + { "Registration Failure Type","hip.tlv.reg_failtype", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
696 + { &hf_hip_tlv_hmac,
697 + { "HMAC","hip.tlv.hmac", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
699 + { &hf_hip_tlv_sig_alg,
700 + { "Signature Algorithm","hip.tlv.sig_alg", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
703 + { "Signature", "hip.tlv.sig", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
706 + { "ID", "hip.tlv.id", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
708 + { &hf_hip_tlv_enc_reserved,
709 + { "Reserved", "hip.tlv.enc_reserved", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
711 + { &hf_hip_tlv_enc_iv,
712 + { "IV", "hip.tlv.enc_iv", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
714 + { &hf_hip_tlv_locator_traffic_type,
715 + { "Traffic Type", "hip.tlv.locator_traffic_type", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
717 + { &hf_hip_tlv_locator_type,
718 + { "Locator Type", "hip.tlv.locator_type", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
720 + { &hf_hip_tlv_locator_len,
721 + { "Locator Length", "hip.tlv.locator_len", FT_UINT8, BASE_DEC, NULL, 0x0, "", HFILL }},
723 + { &hf_hip_tlv_locator_reserved,
724 + { "Reserved | P bit", "hip.tlv.locator_reserved", FT_UINT8, BASE_HEX, NULL, 0x0, "", HFILL }},
726 + { &hf_hip_tlv_locator_lifetime,
727 + { "Locator Lifetime", "hip.tlv.locator_lifetime", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
730 + static gint *ett[] = {
735 + &ett_hip_tlv_host_id_hdr,
738 + proto_hip = proto_register_protocol("Host Identity Protocol",
741 + proto_register_field_array(proto_hip, hf, array_length(hf));
742 + proto_register_subtree_array(ett, array_length(ett));
744 + /* Register configuration preferences */
745 + hip_module = prefs_register_protocol(proto_hip, NULL);
746 + prefs_register_bool_preference(hip_module, "summary_in_tree",
747 + "Show HIP summary in protocol tree",
748 + "Whether the HIP summary line should be shown in the protocol tree",
749 + &hip_summary_in_tree);
753 +proto_reg_handoff_hip(void)
755 + dissector_handle_t hip_handle;
757 + hip_handle = create_dissector_handle(dissect_hip, proto_hip);
758 + dissector_add("ip.proto", IP_PROTO_HIP, hip_handle);
759 + data_handle = find_dissector("data");
762 +char * hip_param(int n)
768 + //case 0: /* sometimes extra padding */
771 + case PARAM_ESP_INFO:
772 + sprintf(s, "ESP INFO");
774 + case PARAM_R1_COUNTER:
775 + sprintf(s, "R1 COUNTER");
777 + case PARAM_LOCATOR:
778 + sprintf(s, "LOCATOR");
781 + sprintf(s, "PUZZLE");
783 + case PARAM_SOLUTION:
784 + sprintf(s, "SOLUTION");
792 + case PARAM_DIFFIE_HELLMAN:
793 + sprintf(s, "DIFFIE_HELLMAN");
795 + case PARAM_HIP_TRANSFORM:
796 + sprintf(s, "HIP_TRANSFORM");
798 + case PARAM_ENCRYPTED:
799 + sprintf(s, "ENCRYPTED");
801 + case PARAM_HOST_ID:
802 + sprintf(s, "HOST_ID");
805 + sprintf(s, "CERT");
808 + sprintf(s, "NOTIFY");
810 + case PARAM_ECHO_REQUEST:
811 + sprintf(s, "ECHO_REQUEST");
813 + case PARAM_ECHO_RESPONSE:
814 + sprintf(s, "ECHO_RESPONSE");
816 + case PARAM_ESP_TRANSFORM:
817 + sprintf(s, "ESP_TRANSFORM");
820 + sprintf(s, "HMAC");
823 + sprintf(s, "HMAC_2");
825 + case PARAM_HIP_SIGNATURE_2:
826 + sprintf(s, "HIP_SIGNATURE_2");
828 + case PARAM_HIP_SIGNATURE:
829 + sprintf(s, "HIP_SIGNATURE");
831 + case PARAM_ECHO_REQUEST_NOSIG:
832 + sprintf(s, "ECHO_REQUEST (No sig.)");
834 + case PARAM_ECHO_RESPONSE_NOSIG:
835 + sprintf(s, "ECHO_RESPONSE (No sig.)");
838 + sprintf(s, "?UNKNOWN?");
845 +char *dh_group_id_label(int groupid)
851 + sprintf(s, "Reserved");
854 + sprintf(s, "384-bit group");
857 + sprintf(s, "OAKLEY well-known group 1");
860 + sprintf(s, "1536-bit MODP group");
863 + sprintf(s, "3072-bit MODP group");
866 + sprintf(s, "6144-bit MODP group");
869 + sprintf(s, "8192-bit MODP group");
872 + sprintf(s, "UNKNOWN?");
879 +char *transform_id_label(int transform)
885 + sprintf(s, "Reserved");
888 + sprintf(s, "AES-CBC with HMAC-SHA1");
891 + sprintf(s, "3DES-CBC with HMAC-SHA1");
894 + sprintf(s, "3DES-CBC with HMAC-MD5");
897 + sprintf(s, "BLOWFISH-CBC with HMAC-SHA1");
900 + sprintf(s, "NULL with HMAC-SHA1");
903 + sprintf(s, "NULL with HMAC-MD5");
906 + sprintf(s, "UNKNOWN?");
913 +char *sig_alg_label(int alg)
919 + sprintf(s, "Reserved");
928 + sprintf(s, "UNKNOWN?");
936 +int dissect_hip_tlv(tvbuff_t *tvb, int offset, proto_item *ti, int type, int tlv_len)
938 + proto_tree *t=NULL;
939 + proto_item *ti_tlv;
941 + guint8 n, algorithm, reg_type;
942 + guint16 trans, hi_len, di_len, di_type, e_len;
943 + guint32 reserved, hi_hdr;
944 + int newoffset, newlen, hi_t;
948 + case PARAM_ESP_INFO:
949 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
950 + proto_tree_add_uint(t, hf_hip_tlv_ei_res, tvb, offset+4, 2,
951 + tvb_get_ntohs(tvb, offset+4));
952 + proto_tree_add_uint(t, hf_hip_tlv_ei_keyidx, tvb, offset+6, 2,
953 + tvb_get_ntohs(tvb, offset+6));
954 + proto_tree_add_uint(t, hf_hip_tlv_ei_oldspi, tvb, offset+8, 4,
955 + tvb_get_ntohl(tvb, offset+8));
956 + proto_tree_add_uint(t, hf_hip_tlv_ei_newspi, tvb, offset+12, 4,
957 + tvb_get_ntohl(tvb, offset+12));
959 + case PARAM_R1_COUNTER:
960 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
961 + proto_tree_add_uint(t, hf_hip_tlv_r1_res, tvb, offset+4, 4,
962 + tvb_get_ntohl(tvb, offset+4));
963 + tvb_memcpy(tvb, (guint8*)data, offset+8, 8);
964 + proto_tree_add_bytes(t, hf_hip_tlv_r1count, tvb, offset+8, 8, data);
966 + case PARAM_LOCATOR:
967 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
969 + newoffset = offset + 4;
970 + while (tlv_len > 0) {
971 + proto_tree_add_uint(t, hf_hip_tlv_locator_traffic_type, tvb,
972 + newoffset, 1, tvb_get_guint8(tvb, newoffset));
974 + proto_tree_add_uint(t, hf_hip_tlv_locator_type, tvb,
975 + newoffset, 1, tvb_get_guint8(tvb, newoffset));
977 + proto_tree_add_uint(t, hf_hip_tlv_locator_len, tvb,
978 + newoffset, 1, tvb_get_guint8(tvb, newoffset));
980 + reserved = tvb_get_guint8(tvb, newoffset);
981 + proto_tree_add_uint_format(t, hf_hip_tlv_locator_reserved, tvb,
982 + newoffset, 1, reserved, "Reserved: 0x%x %s", reserved,
983 + (reserved >> 31) ? "(Preferred)" : "");
985 + proto_tree_add_uint(t, hf_hip_tlv_locator_lifetime, tvb,
986 + newoffset, 4, tvb_get_ntohl(tvb, newoffset));
988 + proto_tree_add_text(t, tvb, newoffset, 16, "Address: %s",
989 + ip6_to_str((const struct e_in6_addr*)
990 + tvb_get_ptr(tvb, newoffset, 16)));
996 + case PARAM_SOLUTION:
997 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
998 + proto_tree_add_uint(t, hf_hip_tlv_puzzle_k, tvb, offset+4, 1,
999 + tvb_get_guint8(tvb, offset+4));
1000 + proto_tree_add_uint(t, hf_hip_tlv_puzzle_life, tvb, offset+5, 1,
1001 + tvb_get_guint8(tvb, offset+5));
1002 + proto_tree_add_uint(t, hf_hip_tlv_puzzle_o, tvb,offset+6, 2,
1003 + tvb_get_ntohs(tvb, offset+6));
1004 + tvb_memcpy(tvb, (guint8*)data, offset+8, 8);
1005 + proto_tree_add_bytes(t, hf_hip_tlv_puzzle_i, tvb,offset+8, 8, data);
1006 + if (type == PARAM_SOLUTION) { /* solution also contains J */
1007 + tvb_memcpy(tvb, (guint8*)data, offset+16, 8);
1008 + proto_tree_add_bytes(t, hf_hip_tlv_puzzle_j, tvb, offset+16, 8,
1012 + case PARAM_SEQ: /* SEQ */
1013 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1014 + proto_tree_add_uint(t, hf_hip_tlv_seq_updid, tvb, offset+4, 4,
1015 + tvb_get_ntohl(tvb, offset+4));
1017 + case PARAM_ACK: /* ACK */
1018 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1019 + newoffset = offset + 4;
1020 + while (tlv_len > 0) {
1021 + proto_tree_add_uint(t, hf_hip_tlv_ack_updid, tvb, newoffset, 4, tvb_get_ntohl(tvb, newoffset));
1026 + case PARAM_DIFFIE_HELLMAN: /* DIFFIE_HELLMAN */
1027 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1028 + n = tvb_get_guint8(tvb, offset+4);
1029 + proto_tree_add_uint_format(t, hf_hip_tlv_dh_group_id, tvb, offset+4,
1030 + 1, n, "%u (%s)", n, dh_group_id_label(n));
1031 + tvb_memcpy(tvb, (guint8*)data, offset+5, tlv_len-1);
1032 + proto_tree_add_bytes(t, hf_hip_tlv_dh_pub, tvb, offset+5, tlv_len-1,
1035 + case PARAM_ESP_TRANSFORM: /* ESP_TRANSFORM */
1036 + case PARAM_HIP_TRANSFORM: /* HIP_TRANSFORM */
1037 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1038 + /* ESP transform may have E bit*/
1039 + if (type == PARAM_ESP_TRANSFORM) {
1040 + proto_tree_add_uint(t, hf_hip_tlv_esp_reserved, tvb,
1041 + offset+4, 2, tvb_get_ntohs(tvb, offset+4));
1042 + newoffset = offset + 6;
1045 + newoffset = offset + 4;
1046 + /* check for NULL as only HIP transform */
1048 + hip_transform = tvb_get_ntohs(tvb, newoffset);
1050 + hip_transform = 0;
1052 + while (tlv_len > 0) {
1053 + trans = tvb_get_ntohs(tvb, newoffset);
1054 + proto_tree_add_uint_format(t, hf_hip_tlv_trans_id, tvb,
1055 + newoffset, 2, trans, "%u (%s)", trans,
1056 + transform_id_label(trans));
1057 + tlv_len -= 2; /* two bytes per transform id */
1061 + case PARAM_ENCRYPTED: /* ENCRYPTED */
1062 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1063 + proto_tree_add_uint(t, hf_hip_tlv_enc_reserved, tvb, offset+4, 4,
1064 + tvb_get_ntohl(tvb, offset+4));
1065 + if (hip_transform == 5) { /* null encryption, no IV */
1067 + t = proto_item_add_subtree(t, ett_hip_tlv_data);
1068 + } else { /* encrypted data */
1069 + tvb_memcpy(tvb, (guint8*)data, offset+8, 8);
1070 + proto_tree_add_bytes(t, hf_hip_tlv_enc_iv,tvb,offset+8,8,data);
1071 + proto_tree_add_text(t, tvb, offset+16, tlv_len-12,
1072 + "Encrypted Data (%u bytes)", tlv_len-12);
1075 + case PARAM_HOST_ID: /* HOST_ID */
1076 + if (type != PARAM_ENCRYPTED)
1077 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1078 + /* hi_length, fqdn_length */
1079 + hi_len = tvb_get_ntohs(tvb, offset+4);
1080 + di_len = tvb_get_ntohs(tvb, offset+6);
1081 + di_type = (di_len >> 12) & 0x000F; /* get 4 bits for DI type */
1082 + di_len = di_len & 0x0FFF; /* 12 bits for DI length */
1083 + proto_tree_add_uint(t, hf_hip_tlv_host_id_len, tvb, offset+4, 2,
1085 + proto_tree_add_uint(t, hf_hip_tlv_host_di_type, tvb, offset+6, 1,
1087 + proto_tree_add_uint(t, hf_hip_tlv_host_di_len, tvb, offset+6, 2,
1089 + /* hi_hdr - first 4 bytes are 0200ff03 (RFC 2535)
1091 + * protocol 1 octet
1092 + * algorithm 1 octet (DSA or RSA)
1094 + hi_hdr = tvb_get_ntohl(tvb, offset+8);
1095 + ti_tlv = proto_tree_add_uint(t, hf_hip_tlv_host_id_hdr, tvb, offset+8, 4, hi_hdr);
1097 + ti_tlv = proto_item_add_subtree(ti_tlv,ett_hip_tlv_host_id_hdr);
1098 + proto_tree_add_uint(ti_tlv, hf_hip_tlv_host_id_hdr_flags, tvb, offset+8,2, hi_hdr);
1099 + proto_tree_add_uint(ti_tlv, hf_hip_tlv_host_id_hdr_proto, tvb, offset+10,1, hi_hdr);
1100 + proto_tree_add_uint(ti_tlv, hf_hip_tlv_host_id_hdr_alg, tvb, offset+11,1, hi_hdr);
1102 + algorithm = tvb_get_guint8(tvb, offset+11);
1103 + switch (algorithm) {
1108 + * P 64 + T*8 octets
1109 + * G 64 + T*8 octets
1110 + * Y 64 + T*8 octets
1113 + proto_tree_add_uint(t, hf_hip_tlv_host_id_t, tvb, offset+12, 1,
1114 + tvb_get_guint8(tvb, offset+12));
1115 + hi_t = tvb_get_guint8(tvb, offset+12);
1116 + tvb_memcpy(tvb, (guint8*)data, offset+13, 20);
1117 + proto_tree_add_bytes(t, hf_hip_tlv_host_id_q, tvb, offset+13,
1119 + newoffset = offset + 33;
1120 + if (hi_t > 56) /* max 4096 bits */
1122 + newlen = 64 + (hi_t * 8);
1123 + tvb_memcpy(tvb, (guint8*)data, newoffset, newlen);
1124 + proto_tree_add_bytes(t, hf_hip_tlv_host_id_p, tvb, newoffset,
1126 + newoffset += newlen;
1127 + tvb_memcpy(tvb, (guint8*)data, newoffset, newlen);
1128 + proto_tree_add_bytes(t, hf_hip_tlv_host_id_g, tvb, newoffset,
1130 + newoffset += newlen;
1131 + tvb_memcpy(tvb, (guint8*)data, newoffset, newlen);
1132 + proto_tree_add_bytes(t, hf_hip_tlv_host_id_y, tvb, newoffset,
1137 + * e_len 1 or 3 octets
1138 + * e specified by e_len
1139 + * n variable length public modulus
1141 + e_len = tvb_get_guint8(tvb, offset+12);
1142 + newoffset = offset+13;
1143 + hi_len -= 5; /* subtract RDATA + e_len */
1144 + if (e_len == 0) { /* e_len is 0 followed by 16-bit value */
1145 + e_len = tvb_get_ntohs(tvb, offset+13);
1149 + if (e_len > 512) { /* per, RFC 3110 < 4096 bits */
1150 + proto_tree_add_text(t, tvb, offset+13, 2,
1151 + "<< e_len too large >>");
1154 + proto_tree_add_uint(t, hf_hip_tlv_host_id_e_len, tvb, offset+12,
1155 + (e_len > 255) ? 3:1, e_len);
1156 + proto_tree_add_bytes(t, hf_hip_tlv_host_id_e, tvb, newoffset,
1157 + e_len, tvb_get_ptr(tvb, newoffset, e_len));
1158 + newoffset += e_len;
1160 + if ((hi_len > 512) || (hi_len < 0)) {
1161 + proto_tree_add_text(t, tvb, newoffset, 1,
1162 + "<< Invalid HI length >>");
1165 + /* RSA public modulus n */
1166 + proto_tree_add_bytes(t, hf_hip_tlv_host_id_n, tvb, newoffset,
1167 + hi_len, tvb_get_ptr(tvb,newoffset,hi_len));
1170 + proto_tree_add_text(t, tvb, offset+11, 1,
1171 + "Unknown algorithm type (%d).\n", algorithm);
1178 + if (di_len > sizeof(data))
1179 + di_len = sizeof(data) - 1;
1180 + memset(data,0,sizeof(data)); /* this null-terminates the string */
1181 + tvb_memcpy(tvb, (guint8*)data, offset+16+hi_len, di_len);
1182 + if (di_type == 1) {
1183 + proto_tree_add_text(t, tvb, offset+16+hi_len, di_len,
1184 + "FQDN: %s", data);
1185 + } else if (di_type == 2) {
1186 + proto_tree_add_text(t, tvb, offset+16+hi_len, di_len,
1190 + case PARAM_CERT: /* CERT */
1191 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1192 + proto_tree_add_uint(t, hf_hip_tlv_cert_count, tvb, offset+4, 1,
1193 + tvb_get_guint8(tvb, offset+4));
1194 + proto_tree_add_uint(t, hf_hip_tlv_cert_id, tvb, offset+5, 1,
1195 + tvb_get_guint8(tvb, offset+5));
1196 + proto_tree_add_uint(t, hf_hip_tlv_cert_type, tvb, offset+6, 1,
1197 + tvb_get_guint8(tvb, offset+6));
1198 + tvb_memcpy(tvb, (guint8*)data, offset+7, tlv_len-3);
1199 + proto_tree_add_bytes(t, hf_hip_tlv_certificate, tvb, offset+7,
1202 + case PARAM_NOTIFY: /* NOTIFY */
1203 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1204 + proto_tree_add_uint(t, hf_hip_tlv_notify_res, tvb, offset+4, 2,
1205 + tvb_get_ntohs(tvb, offset+4));
1206 + proto_tree_add_uint(t, hf_hip_tlv_notify_type, tvb, offset+6, 2,
1207 + tvb_get_ntohs(tvb, offset+6));
1208 + tvb_memcpy(tvb, (guint8*)data, offset+8, tlv_len-4);
1209 + proto_tree_add_bytes(t, hf_hip_tlv_notify_data, tvb, offset+8,
1213 + case PARAM_ECHO_REQUEST: /* ECHO REQUEST */
1214 + case PARAM_ECHO_RESPONSE: /* ECHO RESPONSE */
1215 + case PARAM_ECHO_REQUEST_NOSIG: /* ECHO REQUEST */
1216 + case PARAM_ECHO_RESPONSE_NOSIG: /* ECHO RESPONSE */
1217 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1218 + tvb_memcpy(tvb, (guint8*)data, offset+4, tlv_len);
1219 + proto_tree_add_bytes(t, hf_hip_tlv_opaque_data, tvb, offset+4,
1222 + case PARAM_REG_INFO:
1223 + case PARAM_REG_REQUEST:
1224 + case PARAM_REG_RESPONSE:
1225 + case PARAM_REG_FAILED:
1226 + /* min lt, max lt | lifetime | failuretype */
1227 + if (type == PARAM_REG_INFO) { /* min lt, max lt */
1228 + proto_tree_add_uint(t, hf_hip_tlv_reg_ltmin, tvb, offset+4,
1229 + 1, tvb_get_guint8(tvb, offset+4));
1230 + proto_tree_add_uint(t, hf_hip_tlv_reg_ltmax, tvb, offset+5,
1231 + 1, tvb_get_guint8(tvb, offset+5));
1233 + } else if (type == PARAM_REG_FAILED) { /* failure type */
1234 + proto_tree_add_uint(t, hf_hip_tlv_reg_failtype, tvb, offset+4,
1235 + 1, tvb_get_guint8(tvb, offset+4));
1237 + } else { /* lifetime */
1238 + proto_tree_add_uint(t, hf_hip_tlv_reg_lt, tvb, offset+4,
1239 + 1, tvb_get_guint8(tvb, offset+4));
1242 + /* reg type 1 ... n, padding */
1243 + while (tlv_len > 0) {
1244 + reg_type = tvb_get_guint8(tvb, newoffset);
1245 + proto_tree_add_uint(t, hf_hip_tlv_reg_type, tvb, newoffset, 1,
1247 + tlv_len--; /* one byte per registration type */
1251 + case PARAM_RVS_HMAC: /* RVS HMAC */
1252 + case PARAM_HMAC: /* HMAC */
1253 + case PARAM_HMAC_2: /* HMAC */
1254 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1255 + tvb_memcpy(tvb, (guint8*)data, offset+4, tlv_len);
1256 + proto_tree_add_bytes(t, hf_hip_tlv_hmac, tvb, offset+4,
1259 + case PARAM_HIP_SIGNATURE_2: /* HIP_SIGNATURE_2 */
1260 + case PARAM_HIP_SIGNATURE: /* HIP_SIGNATURE */
1261 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1262 + n = tvb_get_guint8(tvb, offset+4);
1263 + proto_tree_add_uint_format(t, hf_hip_tlv_sig_alg, tvb, offset+4, 1,
1264 + n, "%u (%s)", n, sig_alg_label(n));
1265 + tvb_memcpy(tvb, (guint8*)data, offset+5, tlv_len-1);
1266 + proto_tree_add_bytes(t, hf_hip_tlv_sig, tvb, offset+5, tlv_len-1,
1270 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1271 + proto_tree_add_text(t, tvb, offset+4, 16, "Address: %s",
1272 + ip6_to_str((const struct e_in6_addr*)
1273 + tvb_get_ptr(tvb, offset+4, 16)));
1275 + case PARAM_VIA_RVS:
1276 + t = proto_item_add_subtree(ti, ett_hip_tlv_data);
1277 + newoffset = offset + 4;
1278 + while (tlv_len > 0) {
1279 + proto_tree_add_text(t, tvb, newoffset, 16, "RVS Address: %s",
1280 + ip6_to_str((const struct e_in6_addr*)
1281 + tvb_get_ptr(tvb, newoffset, 16)));
1292 diff -urN wireshark-0.99.7.orig/epan/dissectors/register.c wireshark-0.99.7/epan/dissectors/register.c
1293 --- wireshark-0.99.7.orig/epan/dissectors/register.c 2007-12-20 21:19:06.000000000 +0100
1294 +++ wireshark-0.99.7/epan/dissectors/register.c 2007-12-20 21:15:05.000000000 +0100
1296 {extern void proto_register_fp (void); if(cb) (*cb)(RA_REGISTER, "proto_register_fp", client_data); proto_register_fp ();}
1297 {extern void proto_register_fr (void); if(cb) (*cb)(RA_REGISTER, "proto_register_fr", client_data); proto_register_fr ();}
1298 {extern void proto_register_fractalgeneratorprotocol (void); if(cb) (*cb)(RA_REGISTER, "proto_register_fractalgeneratorprotocol", client_data); proto_register_fractalgeneratorprotocol ();}
1299 + {extern void proto_register_hip (void); proto_register_hip ();}
1300 {extern void proto_register_frame (void); if(cb) (*cb)(RA_REGISTER, "proto_register_frame", client_data); proto_register_frame ();}
1301 {extern void proto_register_ftam (void); if(cb) (*cb)(RA_REGISTER, "proto_register_ftam", client_data); proto_register_ftam ();}
1302 {extern void proto_register_ftp (void); if(cb) (*cb)(RA_REGISTER, "proto_register_ftp", client_data); proto_register_ftp ();}
1304 {extern void proto_reg_handoff_dcerpc_frsapi (void); if(cb) (*cb)(RA_HANDOFF, "proto_reg_handoff_dcerpc_frsapi", client_data); proto_reg_handoff_dcerpc_frsapi ();}
1305 {extern void proto_reg_handoff_dcerpc_frsrpc (void); if(cb) (*cb)(RA_HANDOFF, "proto_reg_handoff_dcerpc_frsrpc", client_data); proto_reg_handoff_dcerpc_frsrpc ();}
1306 {extern void proto_reg_handoff_dcerpc_initshutdown (void); if(cb) (*cb)(RA_HANDOFF, "proto_reg_handoff_dcerpc_initshutdown", client_data); proto_reg_handoff_dcerpc_initshutdown ();}
1307 + {extern void proto_reg_handoff_hip (void); proto_reg_handoff_hip ();}
1308 {extern void proto_reg_handoff_dcerpc_lsa (void); if(cb) (*cb)(RA_HANDOFF, "proto_reg_handoff_dcerpc_lsa", client_data); proto_reg_handoff_dcerpc_lsa ();}
1309 {extern void proto_reg_handoff_dcerpc_mapi (void); if(cb) (*cb)(RA_HANDOFF, "proto_reg_handoff_dcerpc_mapi", client_data); proto_reg_handoff_dcerpc_mapi ();}
1310 {extern void proto_reg_handoff_dcerpc_messenger (void); if(cb) (*cb)(RA_HANDOFF, "proto_reg_handoff_dcerpc_messenger", client_data); proto_reg_handoff_dcerpc_messenger ();}
1311 diff -urN wireshark-0.99.7.orig/epan/ipproto.h wireshark-0.99.7/epan/ipproto.h
1312 --- wireshark-0.99.7.orig/epan/ipproto.h 2007-12-20 21:19:06.000000000 +0100
1313 +++ wireshark-0.99.7/epan/ipproto.h 2007-12-20 21:41:08.000000000 +0100
1315 #define IP_PROTO_MPLS_IN_IP 137 /* MPLS in IP - RFC4023 */
1316 #define IP_PROTO_AX4000 173 /* AX/4000 Testblock - non IANA */
1317 #define IP_PROTO_NCS_HEARTBEAT 224 /* Novell NCS Heartbeat - http://support.novell.com/cgi-bin/search/searchtid.cgi?/10071158.htm */
1318 +#define IP_PROTO_HIP 253 /* Host Identity Protocol */
1320 extern const char *ipprotostr(int proto);
1322 diff -urN wireshark-0.99.7.orig/epan/prefs.c wireshark-0.99.7/epan/prefs.c
1323 --- wireshark-0.99.7.orig/epan/prefs.c 2007-12-20 21:19:06.000000000 +0100
1324 +++ wireshark-0.99.7/epan/prefs.c 2007-12-20 21:42:40.000000000 +0100
1325 @@ -2172,6 +2172,10 @@
1326 /* Handle old names for UDP preferences. */
1327 if (strcmp(dotp, "udp_summary_in_tree") == 0)
1328 pref = find_preference(module, "summary_in_tree");
1329 + } else if (strcmp(module->name, "hip") == 0) {
1330 + /* Handle old names for HIP preferences. */
1331 + if (strcmp(dotp, "hip_summary_in_tree") == 0)
1332 + pref = find_preference(module, "summary_in_tree");
1333 } else if (strcmp(module->name, "ndps") == 0) {
1334 /* Handle old names for NDPS preferences. */
1335 if (strcmp(dotp, "desegment_ndps") == 0)