Last active
September 3, 2015 18:19
-
-
Save leedm777/1f0fc3857e5fa7dc0f82 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit 4619cb09a91249b20c207e67587165ce99349883 | |
| Author: David M. Lee <[email protected]> | |
| Date: Tue Sep 1 16:31:00 2015 -0500 | |
| TURN decoders | |
| Adds decoders for DTLS, RTP and TFTP to further decode the protocols | |
| under it. Patch from [email protected]. | |
| diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c | |
| index 2748aa4..5e7fcc6 100644 | |
| --- a/epan/dissectors/packet-dtls.c | |
| +++ b/epan/dissectors/packet-dtls.c | |
| @@ -1972,6 +1972,7 @@ proto_reg_handoff_dtls(void) | |
| if (initialized == FALSE) { | |
| heur_dissector_add("udp", dissect_dtls_heur, "DTLS over UDP", "dtls_udp", proto_dtls, HEURISTIC_ENABLE); | |
| + heur_dissector_add("stun", dissect_dtls_heur, "DTLS over STUN", "dtls_stun", proto_dtls, HEURISTIC_ENABLE); | |
| dissector_add_uint("sctp.ppi", DIAMETER_DTLS_PROTOCOL_ID, find_dissector("dtls")); | |
| } | |
| diff --git a/epan/dissectors/packet-rtp.c b/epan/dissectors/packet-rtp.c | |
| index 905fdbf..ebed107 100644 | |
| --- a/epan/dissectors/packet-rtp.c | |
| +++ b/epan/dissectors/packet-rtp.c | |
| @@ -153,6 +153,7 @@ static dissector_handle_t classicstun_heur_handle; | |
| static dissector_handle_t stun_heur_handle; | |
| static dissector_handle_t t38_handle; | |
| static dissector_handle_t zrtp_handle; | |
| +static dissector_handle_t dtls_heur_handle; | |
| static dissector_handle_t sprt_handle; | |
| static dissector_handle_t v150fw_handle; | |
| @@ -280,6 +281,7 @@ static int hf_rtp_ext_rfc5285_data = -1; | |
| #define RTP0_CLASSICSTUN 2 | |
| #define RTP0_T38 3 | |
| #define RTP0_SPRT 4 | |
| +#define RTP0_WEBRTC 5 | |
| static const enum_val_t rtp_version0_types[] = { | |
| { "invalid", "Invalid or ZRTP packets", RTP0_INVALID }, | |
| @@ -287,6 +289,7 @@ static const enum_val_t rtp_version0_types[] = { | |
| { "classicstun", "CLASSIC-STUN packets", RTP0_CLASSICSTUN }, | |
| { "t38", "T.38 packets", RTP0_T38 }, | |
| { "sprt", "SPRT packets", RTP0_SPRT }, | |
| + { "webrtc", "webrtc packets", RTP0_WEBRTC }, | |
| { NULL, NULL, 0 } | |
| }; | |
| static gint global_rtp_version0_type = 0; | |
| @@ -1357,6 +1360,13 @@ dissect_rtp_heur_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi | |
| call_dissector_only(sprt_handle, tvb, pinfo, tree, NULL); | |
| return TRUE; | |
| + case RTP0_WEBRTC: | |
| + if (octet1 < 2) { | |
| + return call_dissector_only(stun_heur_handle, tvb, pinfo, tree, NULL); | |
| + } else if ((octet1 < 64) && (octet1 > 19)) { | |
| + return call_dissector_only(dtls_heur_handle, tvb, pinfo, tree, NULL); | |
| + } | |
| + break; | |
| case RTP0_INVALID: | |
| default: | |
| @@ -1369,7 +1379,7 @@ dissect_rtp_heur_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi | |
| } | |
| /* Was it sent to an even-numbered port? */ | |
| - if (check_destport && ((pinfo->destport % 2) != 0)) { | |
| + if (0 && check_destport && ((pinfo->destport % 2) != 0)) { | |
| return FALSE; | |
| } | |
| @@ -1991,6 +2001,13 @@ dissect_rtp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_ | |
| call_dissector(sprt_handle, tvb, pinfo, tree); | |
| return tvb_captured_length(tvb); | |
| + case RTP0_WEBRTC: | |
| + if (octet1 < 2) { | |
| + return call_dissector_only(stun_heur_handle, tvb, pinfo, tree, NULL); | |
| + } else if ((octet1 < 64) && (octet1 > 19)) { | |
| + return call_dissector_only(dtls_heur_handle, tvb, pinfo, tree, NULL); | |
| + } | |
| + break; | |
| case RTP0_INVALID: | |
| if (!(tvb_memeql(tvb, 4, "ZRTP", 4))) | |
| { | |
| @@ -3746,9 +3763,11 @@ proto_reg_handoff_rtp(void) | |
| stun_handle = find_dissector("stun-udp"); | |
| classicstun_handle = find_dissector("classicstun"); | |
| classicstun_heur_handle = find_dissector("classicstun-heur"); | |
| + dtls_heur_handle = find_dissector("dtls-heur"); | |
| stun_heur_handle = find_dissector("stun-heur"); | |
| t38_handle = find_dissector("t38_udp"); | |
| zrtp_handle = find_dissector("zrtp"); | |
| + dtls_heur_handle = find_dissector("dtls"); | |
| sprt_handle = find_dissector("sprt"); | |
| v150fw_handle = find_dissector("v150fw"); | |
| diff --git a/epan/dissectors/packet-tftp.c b/epan/dissectors/packet-tftp.c | |
| index feb3205..b1cc876 100644 | |
| --- a/epan/dissectors/packet-tftp.c | |
| +++ b/epan/dissectors/packet-tftp.c | |
| @@ -453,6 +453,7 @@ static void dissect_tftp_message(tftp_conv_info_t *tftp_info, | |
| static gboolean | |
| dissect_embeddedtftp_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) | |
| { | |
| + return FALSE; | |
| /* Used to dissect TFTP packets where one can not assume | |
| that the TFTP is the only protocol used by that port, and | |
| that TFTP may not be carried by UDP */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment