-
-
Save leedm777/2446d487dc69590c7441 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit 793757a680ed1c817319e6b6271ae22326e5a653 | |
| Author: David M. Lee <[email protected]> | |
| Date: Tue Sep 1 16:31:00 2015 -0500 | |
| TURN decoders | |
| Adds decoders for DTLS, RTP and TFTP to further decode the protocols | |
| under it. Patch from [email protected]. | |
| diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c | |
| index 3be4587..f9c643f 100644 | |
| --- a/epan/dissectors/packet-dtls.c | |
| +++ b/epan/dissectors/packet-dtls.c | |
| @@ -2664,6 +2664,7 @@ proto_reg_handoff_dtls(void) | |
| if (initialized == FALSE) { | |
| heur_dissector_add("udp", dissect_dtls_heur, proto_dtls); | |
| + heur_dissector_add("stun", dissect_dtls_heur, proto_dtls); | |
| dissector_add_uint("sctp.ppi", DIAMETER_DTLS_PROTOCOL_ID, find_dissector("dtls")); | |
| } | |
| diff --git a/epan/dissectors/packet-rtp.c b/epan/dissectors/packet-rtp.c | |
| index 76e1ed6..fc7f719 100644 | |
| --- a/epan/dissectors/packet-rtp.c | |
| +++ b/epan/dissectors/packet-rtp.c | |
| @@ -155,6 +155,7 @@ static dissector_handle_t classicstun_heur_handle; | |
| static dissector_handle_t stun_heur_handle; | |
| static dissector_handle_t t38_handle; | |
| static dissector_handle_t zrtp_handle; | |
| +static dissector_handle_t dtls_heur_handle; | |
| static dissector_handle_t sprt_handle; | |
| static dissector_handle_t v150fw_handle; | |
| @@ -278,6 +279,7 @@ static int hf_rtp_ext_rfc5285_data = -1; | |
| #define RTP0_CLASSICSTUN 2 | |
| #define RTP0_T38 3 | |
| #define RTP0_SPRT 4 | |
| +#define RTP0_WEBRTC 5 | |
| static const enum_val_t rtp_version0_types[] = { | |
| { "invalid", "Invalid or ZRTP packets", RTP0_INVALID }, | |
| @@ -285,6 +287,7 @@ static const enum_val_t rtp_version0_types[] = { | |
| { "classicstun", "CLASSIC-STUN packets", RTP0_CLASSICSTUN }, | |
| { "t38", "T.38 packets", RTP0_T38 }, | |
| { "sprt", "SPRT packets", RTP0_SPRT }, | |
| + { "webrtc", "webrtc packets", RTP0_WEBRTC }, | |
| { NULL, NULL, 0 } | |
| }; | |
| static gint global_rtp_version0_type = 0; | |
| @@ -1360,6 +1363,13 @@ dissect_rtp_heur_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi | |
| call_dissector_only(sprt_handle, tvb, pinfo, tree, NULL); | |
| return TRUE; | |
| + case RTP0_WEBRTC: | |
| + if (octet1 < 2) { | |
| + return call_dissector_only(stun_heur_handle, tvb, pinfo, tree, NULL); | |
| + } else if ((octet1 < 64) && (octet1 > 19)) { | |
| + return call_dissector_only(dtls_heur_handle, tvb, pinfo, tree, NULL); | |
| + } | |
| + break; | |
| case RTP0_INVALID: | |
| default: | |
| @@ -1372,7 +1382,7 @@ dissect_rtp_heur_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi | |
| } | |
| /* Was it sent to an even-numbered port? */ | |
| - if (check_destport && ((pinfo->destport % 2) != 0)) { | |
| + if (0 && check_destport && ((pinfo->destport % 2) != 0)) { | |
| return FALSE; | |
| } | |
| @@ -1964,6 +1974,13 @@ dissect_rtp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_ | |
| call_dissector(sprt_handle, tvb, pinfo, tree); | |
| return tvb_captured_length(tvb); | |
| + case RTP0_WEBRTC: | |
| + if (octet1 < 2) { | |
| + return call_dissector_only(stun_heur_handle, tvb, pinfo, tree, NULL); | |
| + } else if ((octet1 < 64) && (octet1 > 19)) { | |
| + return call_dissector_only(dtls_heur_handle, tvb, pinfo, tree, NULL); | |
| + } | |
| + break; | |
| case RTP0_INVALID: | |
| if (!(tvb_memeql(tvb, 4, "ZRTP", 4))) | |
| { | |
| @@ -3694,9 +3711,11 @@ proto_reg_handoff_rtp(void) | |
| stun_handle = find_dissector("stun-udp"); | |
| classicstun_handle = find_dissector("classicstun"); | |
| classicstun_heur_handle = find_dissector("classicstun-heur"); | |
| + dtls_heur_handle = find_dissector("dtls-heur"); | |
| stun_heur_handle = find_dissector("stun-heur"); | |
| t38_handle = find_dissector("t38"); | |
| zrtp_handle = find_dissector("zrtp"); | |
| + dtls_heur_handle = find_dissector("dtls"); | |
| sprt_handle = find_dissector("sprt"); | |
| v150fw_handle = find_dissector("v150fw"); | |
| diff --git a/epan/dissectors/packet-tftp.c b/epan/dissectors/packet-tftp.c | |
| index 4e3eee1..d090d41 100644 | |
| --- a/epan/dissectors/packet-tftp.c | |
| +++ b/epan/dissectors/packet-tftp.c | |
| @@ -325,6 +325,7 @@ static void dissect_tftp_message(tftp_conv_info_t *tftp_info, | |
| static gboolean | |
| dissect_embeddedtftp_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) | |
| { | |
| + return FALSE; | |
| /* Used to dissect TFTP packets where one can not assume | |
| that the TFTP is the only protocol used by that port, and | |
| that TFTP may not be carried by UDP */ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit 793757a680ed1c817319e6b6271ae22326e5a653 | |
| Author: David M. Lee <[email protected]> | |
| Date: Tue Sep 1 16:31:00 2015 -0500 | |
| TURN decoders | |
| Adds decoders for DTLS, RTP and TFTP to further decode the protocols | |
| under it. Patch from [email protected]. | |
| diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c | |
| index 3be4587..f9c643f 100644 | |
| --- a/epan/dissectors/packet-dtls.c | |
| +++ b/epan/dissectors/packet-dtls.c | |
| @@ -2664,6 +2664,7 @@ proto_reg_handoff_dtls(void) | |
| if (initialized == FALSE) { | |
| heur_dissector_add("udp", dissect_dtls_heur, proto_dtls); | |
| + heur_dissector_add("stun", dissect_dtls_heur, proto_dtls); | |
| dissector_add_uint("sctp.ppi", DIAMETER_DTLS_PROTOCOL_ID, find_dissector("dtls")); | |
| } | |
| diff --git a/epan/dissectors/packet-rtp.c b/epan/dissectors/packet-rtp.c | |
| index 76e1ed6..fc7f719 100644 | |
| --- a/epan/dissectors/packet-rtp.c | |
| +++ b/epan/dissectors/packet-rtp.c | |
| @@ -155,6 +155,7 @@ static dissector_handle_t classicstun_heur_handle; | |
| static dissector_handle_t stun_heur_handle; | |
| static dissector_handle_t t38_handle; | |
| static dissector_handle_t zrtp_handle; | |
| +static dissector_handle_t dtls_heur_handle; | |
| static dissector_handle_t sprt_handle; | |
| static dissector_handle_t v150fw_handle; | |
| @@ -278,6 +279,7 @@ static int hf_rtp_ext_rfc5285_data = -1; | |
| #define RTP0_CLASSICSTUN 2 | |
| #define RTP0_T38 3 | |
| #define RTP0_SPRT 4 | |
| +#define RTP0_WEBRTC 5 | |
| static const enum_val_t rtp_version0_types[] = { | |
| { "invalid", "Invalid or ZRTP packets", RTP0_INVALID }, | |
| @@ -285,6 +287,7 @@ static const enum_val_t rtp_version0_types[] = { | |
| { "classicstun", "CLASSIC-STUN packets", RTP0_CLASSICSTUN }, | |
| { "t38", "T.38 packets", RTP0_T38 }, | |
| { "sprt", "SPRT packets", RTP0_SPRT }, | |
| + { "webrtc", "webrtc packets", RTP0_WEBRTC }, | |
| { NULL, NULL, 0 } | |
| }; | |
| static gint global_rtp_version0_type = 0; | |
| @@ -1360,6 +1363,13 @@ dissect_rtp_heur_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi | |
| call_dissector_only(sprt_handle, tvb, pinfo, tree, NULL); | |
| return TRUE; | |
| + case RTP0_WEBRTC: | |
| + if (octet1 < 2) { | |
| + return call_dissector_only(stun_heur_handle, tvb, pinfo, tree, NULL); | |
| + } else if ((octet1 < 64) && (octet1 > 19)) { | |
| + return call_dissector_only(dtls_heur_handle, tvb, pinfo, tree, NULL); | |
| + } | |
| + break; | |
| case RTP0_INVALID: | |
| default: | |
| @@ -1372,7 +1382,7 @@ dissect_rtp_heur_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi | |
| } | |
| /* Was it sent to an even-numbered port? */ | |
| - if (check_destport && ((pinfo->destport % 2) != 0)) { | |
| + if (0 && check_destport && ((pinfo->destport % 2) != 0)) { | |
| return FALSE; | |
| } | |
| @@ -1964,6 +1974,13 @@ dissect_rtp( tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_ | |
| call_dissector(sprt_handle, tvb, pinfo, tree); | |
| return tvb_captured_length(tvb); | |
| + case RTP0_WEBRTC: | |
| + if (octet1 < 2) { | |
| + return call_dissector_only(stun_heur_handle, tvb, pinfo, tree, NULL); | |
| + } else if ((octet1 < 64) && (octet1 > 19)) { | |
| + return call_dissector_only(dtls_heur_handle, tvb, pinfo, tree, NULL); | |
| + } | |
| + break; | |
| case RTP0_INVALID: | |
| if (!(tvb_memeql(tvb, 4, "ZRTP", 4))) | |
| { | |
| @@ -3694,9 +3711,11 @@ proto_reg_handoff_rtp(void) | |
| stun_handle = find_dissector("stun-udp"); | |
| classicstun_handle = find_dissector("classicstun"); | |
| classicstun_heur_handle = find_dissector("classicstun-heur"); | |
| + dtls_heur_handle = find_dissector("dtls-heur"); | |
| stun_heur_handle = find_dissector("stun-heur"); | |
| t38_handle = find_dissector("t38"); | |
| zrtp_handle = find_dissector("zrtp"); | |
| + dtls_heur_handle = find_dissector("dtls"); | |
| sprt_handle = find_dissector("sprt"); | |
| v150fw_handle = find_dissector("v150fw"); | |
| diff --git a/epan/dissectors/packet-tftp.c b/epan/dissectors/packet-tftp.c | |
| index 4e3eee1..d090d41 100644 | |
| --- a/epan/dissectors/packet-tftp.c | |
| +++ b/epan/dissectors/packet-tftp.c | |
| @@ -325,6 +325,7 @@ static void dissect_tftp_message(tftp_conv_info_t *tftp_info, | |
| static gboolean | |
| dissect_embeddedtftp_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) | |
| { | |
| + return FALSE; | |
| /* Used to dissect TFTP packets where one can not assume | |
| that the TFTP is the only protocol used by that port, and | |
| that TFTP may not be carried by UDP */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment