diff options
Diffstat (limited to 'pidl/lib/Parse/Pidl/Wireshark')
-rw-r--r-- | pidl/lib/Parse/Pidl/Wireshark/Conformance.pm | 439 | ||||
-rw-r--r-- | pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 1141 |
2 files changed, 1580 insertions, 0 deletions
diff --git a/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm b/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm new file mode 100644 index 0000000000..5c37b4a0c4 --- /dev/null +++ b/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm @@ -0,0 +1,439 @@ +################################################### +# parse an Wireshark conformance file +# Copyright jelmer@samba.org 2005 +# released under the GNU GPL + +=pod + +=head1 NAME + +Parse::Pidl::Wireshark::Conformance - Conformance file parser for Wireshark + +=head1 DESCRIPTION + +This module supports parsing Wireshark conformance files (*.cnf). + +=head1 FILE FORMAT + +Pidl needs additional data for Wireshark output. This data is read from +so-called conformance files. This section describes the format of these +files. + +Conformance files are simple text files with a single command on each line. +Empty lines and lines starting with a '#' character are ignored. +Arguments to commands are seperated by spaces. + +The following commands are currently supported: + +=over 4 + +=item I<TYPE> name dissector ft_type base_type mask valsstring alignment + +Register new data type with specified name, what dissector function to call +and what properties to give header fields for elements of this type. + +=item I<NOEMIT> type + +Suppress emitting a dissect_type function for the specified type + +=item I<PARAM_VALUE> type param + +Set parameter to specify to dissector function for given type. + +=item I<HF_FIELD> hf title filter ft_type base_type valsstring mask description + +Generate a custom header field with specified properties. + +=item I<HF_RENAME> old_hf_name new_hf_name + +Force the use of new_hf_name when the parser generator was going to +use old_hf_name. + +This can be used in conjunction with HF_FIELD in order to make more than +one element use the same filter name. + +=item I<ETT_FIELD> ett + +Register a custom ett field + +=item I<STRIP_PREFIX> prefix + +Remove the specified prefix from all function names (if present). + +=item I<PROTOCOL> longname shortname filtername + +Change the short-, long- and filter-name for the current interface in +Wireshark. + +=item I<FIELD_DESCRIPTION> field desc + +Change description for the specified header field. `field' is the hf name of the field. + +=item I<IMPORT> dissector code... + +Code to insert when generating the specified dissector. @HF@ and +@PARAM@ will be substituted. + +=item I<INCLUDE> filename + +Include conformance data from the specified filename in the dissector. + +=item I<TFS> hf_name "true string" "false string" + +Override the text shown when a bitmap boolean value is enabled or disabled. + +=item I<MANUAL> fn_name + +Force pidl to not generate a particular function but allow the user +to write a function manually. This can be used to remove the function +for only one level for a particular element rather than all the functions and +ett/hf variables for a particular element as the NOEMIT command does. + +=back + +=head1 EXAMPLE + + INFO_KEY OpenKey.Ke + +=cut + +package Parse::Pidl::Wireshark::Conformance; + +require Exporter; +use vars qw($VERSION); +$VERSION = '0.01'; + +@ISA = qw(Exporter); +@EXPORT_OK = qw(ReadConformance ReadConformanceFH valid_ft_type valid_base_type); + +use strict; + +use Parse::Pidl qw(fatal warning error); +use Parse::Pidl::Util qw(has_property); + +sub handle_type($$$$$$$$$$) +{ + my ($pos,$data,$name,$dissectorname,$ft_type,$base_type,$mask,$valsstring,$alignment) = @_; + + unless(defined($alignment)) { + error($pos, "incomplete TYPE command"); + return; + } + + unless ($dissectorname =~ /.*dissect_.*/) { + warning($pos, "dissector name does not contain `dissect'"); + } + + unless(valid_ft_type($ft_type)) { + warning($pos, "invalid FT_TYPE `$ft_type'"); + } + + unless (valid_base_type($base_type)) { + warning($pos, "invalid BASE_TYPE `$base_type'"); + } + + $dissectorname =~ s/^\"(.*)\"$/$1/g; + + if (not ($dissectorname =~ /;$/)) { + warning($pos, "missing semicolon"); + } + + $data->{types}->{$name} = { + NAME => $name, + POS => $pos, + USED => 0, + DISSECTOR_NAME => $dissectorname, + FT_TYPE => $ft_type, + BASE_TYPE => $base_type, + MASK => $mask, + VALSSTRING => $valsstring, + ALIGNMENT => $alignment + }; +} + +sub handle_tfs($$$$$) +{ + my ($pos,$data,$hf,$trues,$falses) = @_; + + unless(defined($falses)) { + error($pos, "incomplete TFS command"); + return; + } + + $data->{tfs}->{$hf} = { + TRUE_STRING => $trues, + FALSE_STRING => $falses + }; +} + +sub handle_hf_rename($$$$) +{ + my ($pos,$data,$old,$new) = @_; + + unless(defined($new)) { + warning($pos, "incomplete HF_RENAME command"); + return; + } + + $data->{hf_renames}->{$old} = { + OLDNAME => $old, + NEWNAME => $new, + POS => $pos, + USED => 0 + }; +} + +sub handle_param_value($$$$) +{ + my ($pos,$data,$dissector_name,$value) = @_; + + unless(defined($value)) { + error($pos, "incomplete PARAM_VALUE command"); + return; + } + + $data->{dissectorparams}->{$dissector_name} = { + DISSECTOR => $dissector_name, + PARAM => $value, + POS => $pos, + USED => 0 + }; +} + +sub valid_base_type($) +{ + my $t = shift; + return 0 unless($t =~ /^BASE_.*/); + return 1; +} + +sub valid_ft_type($) +{ + my $t = shift; + return 0 unless($t =~ /^FT_.*/); + return 1; +} + +sub handle_hf_field($$$$$$$$$$) +{ + my ($pos,$data,$index,$name,$filter,$ft_type,$base_type,$valsstring,$mask,$blurb) = @_; + + unless(defined($blurb)) { + error($pos, "incomplete HF_FIELD command"); + return; + } + + unless(valid_ft_type($ft_type)) { + warning($pos, "invalid FT_TYPE `$ft_type'"); + } + + unless(valid_base_type($base_type)) { + warning($pos, "invalid BASE_TYPE `$base_type'"); + } + + $data->{header_fields}->{$index} = { + INDEX => $index, + POS => $pos, + USED => 0, + NAME => $name, + FILTER => $filter, + FT_TYPE => $ft_type, + BASE_TYPE => $base_type, + VALSSTRING => $valsstring, + MASK => $mask, + BLURB => $blurb + }; +} + +sub handle_strip_prefix($$$) +{ + my ($pos,$data,$x) = @_; + + push (@{$data->{strip_prefixes}}, $x); +} + +sub handle_noemit($$$) +{ + my ($pos,$data,$type) = @_; + + if (defined($type)) { + $data->{noemit}->{$type} = 1; + } else { + $data->{noemit_dissector} = 1; + } +} + +sub handle_manual($$$) +{ + my ($pos,$data,$fn) = @_; + + unless(defined($fn)) { + warning($pos, "incomplete MANUAL command"); + return; + } + + $data->{manual}->{$fn} = 1; +} + +sub handle_protocol($$$$$$) +{ + my ($pos, $data, $name, $longname, $shortname, $filtername) = @_; + + $data->{protocols}->{$name} = { + LONGNAME => $longname, + SHORTNAME => $shortname, + FILTERNAME => $filtername + }; +} + +sub handle_fielddescription($$$$) +{ + my ($pos,$data,$field,$desc) = @_; + + unless(defined($desc)) { + warning($pos, "incomplete FIELD_DESCRIPTION command"); + return; + } + + $data->{fielddescription}->{$field} = { + DESCRIPTION => $desc, + POS => $pos, + USED => 0 + }; +} + +sub handle_import +{ + my $pos = shift @_; + my $data = shift @_; + my $dissectorname = shift @_; + + unless(defined($dissectorname)) { + error($pos, "no dissectorname specified"); + return; + } + + $data->{imports}->{$dissectorname} = { + NAME => $dissectorname, + DATA => join(' ', @_), + USED => 0, + POS => $pos + }; +} + +sub handle_ett_field +{ + my $pos = shift @_; + my $data = shift @_; + my $ett = shift @_; + + unless(defined($ett)) { + error($pos, "incomplete ETT_FIELD command"); + return; + } + + push (@{$data->{ett}}, $ett); +} + +sub handle_include +{ + my $pos = shift @_; + my $data = shift @_; + my $fn = shift @_; + + unless(defined($fn)) { + error($pos, "incomplete INCLUDE command"); + return; + } + + ReadConformance($fn, $data); +} + +my %field_handlers = ( + TYPE => \&handle_type, + NOEMIT => \&handle_noemit, + MANUAL => \&handle_manual, + PARAM_VALUE => \&handle_param_value, + HF_FIELD => \&handle_hf_field, + HF_RENAME => \&handle_hf_rename, + ETT_FIELD => \&handle_ett_field, + TFS => \&handle_tfs, + STRIP_PREFIX => \&handle_strip_prefix, + PROTOCOL => \&handle_protocol, + FIELD_DESCRIPTION => \&handle_fielddescription, + IMPORT => \&handle_import, + INCLUDE => \&handle_include +); + +sub ReadConformance($$) +{ + my ($f,$data) = @_; + my $ret; + + open(IN,"<$f") or return undef; + + $ret = ReadConformanceFH(*IN, $data, $f); + + close(IN); + + return $ret; +} + +sub ReadConformanceFH($$$) +{ + my ($fh,$data,$f) = @_; + + my $incodeblock = 0; + + my $ln = 0; + + foreach (<$fh>) { + $ln++; + next if (/^#.*$/); + next if (/^$/); + + s/[\r\n]//g; + + if ($_ eq "CODE START") { + $incodeblock = 1; + next; + } elsif ($incodeblock and $_ eq "CODE END") { + $incodeblock = 0; + next; + } elsif ($incodeblock) { + if (exists $data->{override}) { + $data->{override}.="$_\n"; + } else { + $data->{override} = "$_\n"; + } + next; + } + + my @fields = /([^ "]+|"[^"]+")/g; + + my $cmd = $fields[0]; + + shift @fields; + + my $pos = { FILE => $f, LINE => $ln }; + + next unless(defined($cmd)); + + if (not defined($field_handlers{$cmd})) { + warning($pos, "Unknown command `$cmd'"); + next; + } + + $field_handlers{$cmd}($pos, $data, @fields); + } + + if ($incodeblock) { + warning({ FILE => $f, LINE => $ln }, + "Expecting CODE END"); + return undef; + } + + return 1; +} + +1; diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm new file mode 100644 index 0000000000..8846b740ab --- /dev/null +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -0,0 +1,1141 @@ +################################################## +# Samba4 NDR parser generator for IDL structures +# Copyright tridge@samba.org 2000-2003 +# Copyright tpot@samba.org 2001,2005 +# Copyright jelmer@samba.org 2004-2007 +# Portions based on idl2eth.c by Ronnie Sahlberg +# released under the GNU GPL + +=pod + +=head1 NAME + +Parse::Pidl::Wireshark::NDR - Parser generator for Wireshark + +=cut + +package Parse::Pidl::Wireshark::NDR; + +use Exporter; +@ISA = qw(Exporter); +@EXPORT_OK = qw(field2name %res PrintIdl StripPrefixes RegisterInterfaceHandoff register_hf_field CheckUsed ProcessImport ProcessInclude find_type DumpEttList DumpEttDeclaration DumpHfList DumpHfDeclaration DumpFunctionTable register_type register_ett); + +use strict; +use Parse::Pidl qw(error warning); +use Parse::Pidl::Typelist qw(getType); +use Parse::Pidl::Util qw(has_property property_matches make_str); +use Parse::Pidl::NDR qw(ContainsString GetNextLevel); +use Parse::Pidl::Dump qw(DumpType DumpFunction); +use Parse::Pidl::Wireshark::Conformance qw(ReadConformance); +use File::Basename; + +use vars qw($VERSION); +$VERSION = '0.01'; + +my %return_types = (); +my %dissector_used = (); + +my %ptrtype_mappings = ( + "unique" => "NDR_POINTER_UNIQUE", + "ref" => "NDR_POINTER_REF", + "ptr" => "NDR_POINTER_PTR" +); + +sub StripPrefixes($$) +{ + my ($s, $prefixes) = @_; + + foreach (@$prefixes) { + $s =~ s/^$_\_//g; + } + + return $s; +} + +# Convert a IDL structure field name (e.g access_mask) to a prettier +# string like 'Access Mask'. + +sub field2name($) +{ + my($field) = shift; + + $field =~ s/_/ /g; # Replace underscores with spaces + $field =~ s/(\w+)/\u\L$1/g; # Capitalise each word + + return $field; +} + +sub new($) +{ + my ($class) = @_; + my $self = {res => {hdr => "", def => "", code => ""}, tabs => "", cur_fn => undef, + hf_used => {}, ett => [], conformance => undef + + }; + bless($self, $class); +} + +sub pidl_fn_start($$) +{ + my ($self, $fn) = @_; + $self->{cur_fn} = $fn; +} +sub pidl_fn_end($$) +{ + my ($self, $fn) = @_; + die("Inconsistent state: $fn != $self->{cur_fn}") if ($fn ne $self->{cur_fn}); + $self->{cur_fn} = undef; +} + +sub pidl_code($$) +{ + my ($self, $d) = @_; + return if (defined($self->{cur_fn}) and defined($self->{conformance}->{manual}->{$self->{cur_fn}})); + + if ($d) { + $self->{res}->{code} .= $self->{tabs}; + $self->{res}->{code} .= $d; + } + $self->{res}->{code} .="\n"; +} + +sub pidl_hdr($$) { my ($self,$x) = @_; $self->{res}->{hdr} .= "$x\n"; } +sub pidl_def($$) { my ($self,$x) = @_; $self->{res}->{def} .= "$x\n"; } + +sub indent($) +{ + my ($self) = @_; + $self->{tabs} .= "\t"; +} + +sub deindent($) +{ + my ($self) = @_; + $self->{tabs} = substr($self->{tabs}, 0, -1); +} + +sub PrintIdl($$) +{ + my ($self, $idl) = @_; + + foreach (split /\n/, $idl) { + $self->pidl_code("/* IDL: $_ */"); + } + + $self->pidl_code(""); +} + +##################################################################### +# parse the interface definitions +sub Interface($$) +{ + my($self, $interface) = @_; + $self->Const($_,$interface->{NAME}) foreach (@{$interface->{CONSTS}}); + $self->Type($_, $_->{NAME}, $interface->{NAME}) foreach (@{$interface->{TYPES}}); + $self->Function($_,$interface->{NAME}) foreach (@{$interface->{FUNCTIONS}}); +} + +sub Enum($$$$) +{ + my ($self, $e,$name,$ifname) = @_; + my $valsstring = "$ifname\_$name\_vals"; + my $dissectorname = "$ifname\_dissect\_enum\_".StripPrefixes($name, $self->{conformance}->{strip_prefixes}); + + return if (defined($self->{conformance}->{noemit}->{StripPrefixes($name, $self->{conformance}->{strip_prefixes})})); + + foreach (@{$e->{ELEMENTS}}) { + if (/([^=]*)=(.*)/) { + $self->pidl_hdr("#define $1 ($2)"); + } + } + + $self->pidl_hdr("extern const value_string $valsstring\[];"); + $self->pidl_hdr("int $dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);"); + + $self->pidl_def("const value_string ".$valsstring."[] = {"); + foreach (@{$e->{ELEMENTS}}) { + next unless (/([^=]*)=(.*)/); + $self->pidl_def("\t{ $1, \"$1\" },"); + } + + $self->pidl_def("{ 0, NULL }"); + $self->pidl_def("};"); + + $self->pidl_fn_start($dissectorname); + $self->pidl_code("int"); + $self->pidl_code("$dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_)"); + $self->pidl_code("{"); + $self->indent; + $self->pidl_code("g$e->{BASE_TYPE} parameter=0;"); + $self->pidl_code("if(param){"); + $self->indent; + $self->pidl_code("parameter=(g$e->{BASE_TYPE})*param;"); + $self->deindent; + $self->pidl_code("}"); + $self->pidl_code("offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, tree, drep, hf_index, ¶meter);"); + $self->pidl_code("if(param){"); + $self->indent; + $self->pidl_code("*param=(guint32)parameter;"); + $self->deindent; + $self->pidl_code("}"); + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end($dissectorname); + + my $enum_size = $e->{BASE_TYPE}; + $enum_size =~ s/uint//g; + $self->register_type($name, "offset = $dissectorname(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_UINT$enum_size", "BASE_DEC", "0", "VALS($valsstring)", $enum_size / 8); +} + +sub Bitmap($$$$) +{ + my ($self,$e,$name,$ifname) = @_; + my $dissectorname = "$ifname\_dissect\_bitmap\_".StripPrefixes($name, $self->{conformance}->{strip_prefixes}); + + $self->register_ett("ett_$ifname\_$name"); + + $self->pidl_hdr("int $dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);"); + + $self->pidl_fn_start($dissectorname); + $self->pidl_code("int"); + $self->pidl_code("$dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_)"); + $self->pidl_code("{"); + $self->indent; + $self->pidl_code("proto_item *item = NULL;"); + $self->pidl_code("proto_tree *tree = NULL;"); + $self->pidl_code(""); + + $self->pidl_code("g$e->{BASE_TYPE} flags;"); + if ($e->{ALIGN} > 1) { + $self->pidl_code("ALIGN_TO_$e->{ALIGN}_BYTES;"); + } + + $self->pidl_code(""); + + $self->pidl_code("if (parent_tree) {"); + $self->indent; + $self->pidl_code("item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, $e->{ALIGN}, TRUE);"); + $self->pidl_code("tree = proto_item_add_subtree(item,ett_$ifname\_$name);"); + $self->deindent; + $self->pidl_code("}\n"); + + $self->pidl_code("offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, NULL, drep, -1, &flags);"); + + $self->pidl_code("proto_item_append_text(item, \": \");\n"); + $self->pidl_code("if (!flags)"); + $self->pidl_code("\tproto_item_append_text(item, \"(No values set)\");\n"); + + foreach (@{$e->{ELEMENTS}}) { + next unless (/([^ ]*) (.*)/); + my ($en,$ev) = ($1,$2); + my $hf_bitname = "hf_$ifname\_$name\_$en"; + my $filtername = "$ifname\.$name\.$en"; + + $self->{hf_used}->{$hf_bitname} = 1; + + $self->register_hf_field($hf_bitname, field2name($en), $filtername, "FT_BOOLEAN", $e->{ALIGN} * 8, "TFS(&$name\_$en\_tfs)", $ev, ""); + + $self->pidl_def("static const true_false_string $name\_$en\_tfs = {"); + if (defined($self->{conformance}->{tfs}->{$hf_bitname})) { + $self->pidl_def(" $self->{conformance}->{tfs}->{$hf_bitname}->{TRUE_STRING},"); + $self->pidl_def(" $self->{conformance}->{tfs}->{$hf_bitname}->{FALSE_STRING},"); + $self->{conformance}->{tfs}->{$hf_bitname}->{USED} = 1; + } else { + $self->pidl_def(" \"$en is SET\","); + $self->pidl_def(" \"$en is NOT SET\","); + } + $self->pidl_def("};"); + + $self->pidl_code("proto_tree_add_boolean(tree, $hf_bitname, tvb, offset-$e->{ALIGN}, $e->{ALIGN}, flags);"); + $self->pidl_code("if (flags&$ev){"); + $self->pidl_code("\tproto_item_append_text(item, \"$en\");"); + $self->pidl_code("\tif (flags & (~$ev))"); + $self->pidl_code("\t\tproto_item_append_text(item, \", \");"); + $self->pidl_code("}"); + $self->pidl_code("flags&=(~$ev);"); + $self->pidl_code(""); + } + + $self->pidl_code("if (flags) {"); + $self->pidl_code("\tproto_item_append_text(item, \"Unknown bitmap value 0x%x\", flags);"); + $self->pidl_code("}\n"); + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end($dissectorname); + + my $size = $e->{BASE_TYPE}; + $size =~ s/uint//g; + $self->register_type($name, "offset = $dissectorname(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_UINT$size", "BASE_HEX", "0", "NULL", $size/8); +} + +sub ElementLevel($$$$$$$) +{ + my ($self,$e,$l,$hf,$myname,$pn,$ifname) = @_; + + my $param = 0; + + if (defined($self->{conformance}->{dissectorparams}->{$myname})) { + $param = $self->{conformance}->{dissectorparams}->{$myname}->{PARAM}; + } + + if ($l->{TYPE} eq "POINTER") { + my $type; + if ($l->{LEVEL} eq "TOP") { + $type = "toplevel"; + } elsif ($l->{LEVEL} eq "EMBEDDED") { + $type = "embedded"; + } + $self->pidl_code("offset = dissect_ndr_$type\_pointer(tvb, offset, pinfo, tree, drep, $myname\_, $ptrtype_mappings{$l->{POINTER_TYPE}}, \"Pointer to ".field2name(StripPrefixes($e->{NAME}, $self->{conformance}->{strip_prefixes})) . " ($e->{TYPE})\",$hf);"); + } elsif ($l->{TYPE} eq "ARRAY") { + if ($l->{IS_INLINE}) { + error($e->{ORIGINAL}, "Inline arrays not supported"); + } elsif ($l->{IS_FIXED}) { + $self->pidl_code("int i;"); + $self->pidl_code("for (i = 0; i < $l->{SIZE_IS}; i++)"); + $self->pidl_code("\toffset = $myname\_(tvb, offset, pinfo, tree, drep);"); + } else { + my $type = ""; + $type .= "c" if ($l->{IS_CONFORMANT}); + $type .= "v" if ($l->{IS_VARYING}); + + unless ($l->{IS_ZERO_TERMINATED}) { + $self->pidl_code("offset = dissect_ndr_u" . $type . "array(tvb, offset, pinfo, tree, drep, $myname\_);"); + } else { + my $nl = GetNextLevel($e,$l); + $self->pidl_code("char *data;"); + $self->pidl_code(""); + $self->pidl_code("offset = dissect_ndr_$type" . "string(tvb, offset, pinfo, tree, drep, sizeof(g$nl->{DATA_TYPE}), $hf, FALSE, &data);"); + $self->pidl_code("proto_item_append_text(tree, \": %s\", data);"); + } + } + } elsif ($l->{TYPE} eq "DATA") { + if ($l->{DATA_TYPE} eq "string") { + my $bs = 2; # Byte size defaults to that of UCS2 + + + ($bs = 1) if (property_matches($e, "flag", ".*LIBNDR_FLAG_STR_ASCII.*")); + + if (property_matches($e, "flag", ".*LIBNDR_FLAG_STR_SIZE4.*") and property_matches($e, "flag", ".*LIBNDR_FLAG_STR_LEN4.*")) { + $self->pidl_code("char *data;\n"); + $self->pidl_code("offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, drep, $bs, $hf, FALSE, &data);"); + $self->pidl_code("proto_item_append_text(tree, \": %s\", data);"); + } elsif (property_matches($e, "flag", ".*LIBNDR_FLAG_STR_SIZE4.*")) { + $self->pidl_code("offset = dissect_ndr_vstring(tvb, offset, pinfo, tree, drep, $bs, $hf, FALSE, NULL);"); + } else { + warn("Unable to handle string with flags $e->{PROPERTIES}->{flag}"); + } + } else { + my $call; + + if ($self->{conformance}->{imports}->{$l->{DATA_TYPE}}) { + $call = $self->{conformance}->{imports}->{$l->{DATA_TYPE}}->{DATA}; + $self->{conformance}->{imports}->{$l->{DATA_TYPE}}->{USED} = 1; + } elsif (defined($self->{conformance}->{imports}->{"$pn.$e->{NAME}"})) { + $call = $self->{conformance}->{imports}->{"$pn.$e->{NAME}"}->{DATA}; + $self->{conformance}->{imports}->{"$pn.$e->{NAME}"}->{USED} = 1; + + } elsif (defined($self->{conformance}->{types}->{$l->{DATA_TYPE}})) { + $call= $self->{conformance}->{types}->{$l->{DATA_TYPE}}->{DISSECTOR_NAME}; + $self->{conformance}->{types}->{$l->{DATA_TYPE}}->{USED} = 1; + } else { + $self->pidl_code("offset = $ifname\_dissect_struct_" . $l->{DATA_TYPE} . "(tvb,offset,pinfo,tree,drep,$hf,$param);"); + + return; + } + + $call =~ s/\@HF\@/$hf/g; + $call =~ s/\@PARAM\@/$param/g; + $self->pidl_code($call); + } + } elsif ($_->{TYPE} eq "SUBCONTEXT") { + my $num_bits = ($l->{HEADER_SIZE}*8); + $self->pidl_code("guint$num_bits size;"); + $self->pidl_code("int start_offset = offset;"); + $self->pidl_code("tvbuff_t *subtvb;"); + $self->pidl_code("offset = dissect_ndr_uint$num_bits(tvb, offset, pinfo, tree, drep, $hf, &size);"); + $self->pidl_code("proto_tree_add_text(tree, tvb, start_offset, offset - start_offset + size, \"Subcontext size\");"); + + $self->pidl_code("subtvb = tvb_new_subset(tvb, offset, size, -1);"); + $self->pidl_code("$myname\_(subtvb, 0, pinfo, tree, drep);"); + } else { + die("Unknown type `$_->{TYPE}'"); + } +} + +sub Element($$$) +{ + my ($self,$e,$pn,$ifname) = @_; + + my $dissectorname = "$ifname\_dissect\_element\_".StripPrefixes($pn, $self->{conformance}->{strip_prefixes})."\_".StripPrefixes($e->{NAME}, $self->{conformance}->{strip_prefixes}); + + my $call_code = "offset = $dissectorname(tvb, offset, pinfo, tree, drep);"; + + my $type = $self->find_type($e->{TYPE}); + + if (not defined($type)) { + # default settings + $type = { + MASK => 0, + VALSSTRING => "NULL", + FT_TYPE => "FT_NONE", + BASE_TYPE => "BASE_HEX" + }; + } + + if (ContainsString($e)) { + $type = { + MASK => 0, + VALSSTRING => "NULL", + FT_TYPE => "FT_STRING", + BASE_TYPE => "BASE_DEC" + }; + } + + my $hf = $self->register_hf_field("hf_$ifname\_$pn\_$e->{NAME}", field2name($e->{NAME}), "$ifname.$pn.$e->{NAME}", $type->{FT_TYPE}, $type->{BASE_TYPE}, $type->{VALSSTRING}, $type->{MASK}, ""); + $self->{hf_used}->{$hf} = 1; + + my $eltname = StripPrefixes($pn, $self->{conformance}->{strip_prefixes}) . ".$e->{NAME}"; + if (defined($self->{conformance}->{noemit}->{$eltname})) { + return $call_code; + } + + my $add = ""; + + foreach (@{$e->{LEVELS}}) { + next if ($_->{TYPE} eq "SWITCH"); + $self->pidl_def("static int $dissectorname$add(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);"); + $self->pidl_fn_start("$dissectorname$add"); + $self->pidl_code("static int"); + $self->pidl_code("$dissectorname$add(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)"); + $self->pidl_code("{"); + $self->indent; + + $self->ElementLevel($e,$_,$hf,$dissectorname.$add,$pn,$ifname); + + $self->pidl_code(""); + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end("$dissectorname$add"); + $add.="_"; + last if ($_->{TYPE} eq "ARRAY" and $_->{IS_ZERO_TERMINATED}); + } + + return $call_code; +} + +sub Function($$$) +{ + my ($self, $fn,$ifname) = @_; + + my %dissectornames; + + foreach (@{$fn->{ELEMENTS}}) { + $dissectornames{$_->{NAME}} = $self->Element($_, $fn->{NAME}, $ifname) if not defined($dissectornames{$_->{NAME}}); + } + + my $fn_name = $_->{NAME}; + $fn_name =~ s/^${ifname}_//; + + $self->PrintIdl(DumpFunction($fn->{ORIGINAL})); + $self->pidl_fn_start("$ifname\_dissect\_$fn_name\_response"); + $self->pidl_code("static int"); + $self->pidl_code("$ifname\_dissect\_${fn_name}_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)"); + $self->pidl_code("{"); + $self->indent; + if ( not defined($fn->{RETURN_TYPE})) { + } elsif ($fn->{RETURN_TYPE} eq "NTSTATUS" or $fn->{RETURN_TYPE} eq "WERROR") + { + $self->pidl_code("guint32 status;\n"); + } elsif (my $type = getType($fn->{RETURN_TYPE})) { + if ($type->{DATA}->{TYPE} eq "ENUM") { + $self->pidl_code("g".Parse::Pidl::Typelist::enum_type_fn($type->{DATA}) . " status;\n"); + } elsif ($type->{DATA}->{TYPE} eq "SCALAR") { + $self->pidl_code("g$fn->{RETURN_TYPE} status;\n"); + } else { + error($fn, "return type `$fn->{RETURN_TYPE}' not yet supported"); + } + } else { + error($fn, "unknown return type `$fn->{RETURN_TYPE}'"); + } + + $self->pidl_code("pinfo->dcerpc_procedure_name=\"${fn_name}\";"); + foreach (@{$fn->{ELEMENTS}}) { + if (grep(/out/,@{$_->{DIRECTION}})) { + $self->pidl_code("$dissectornames{$_->{NAME}}"); + $self->pidl_code("offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);"); + $self->pidl_code(""); + } + } + + if (not defined($fn->{RETURN_TYPE})) { + } elsif ($fn->{RETURN_TYPE} eq "NTSTATUS") { + $self->pidl_code("offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep, hf\_$ifname\_status, &status);\n"); + $self->pidl_code("if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"); + $self->pidl_code("\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Error: %s\", val_to_str(status, NT_errors, \"Unknown NT status 0x%08x\"));\n"); + $return_types{$ifname}->{"status"} = ["NTSTATUS", "NT Error"]; + } elsif ($fn->{RETURN_TYPE} eq "WERROR") { + $self->pidl_code("offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf\_$ifname\_werror, &status);\n"); + $self->pidl_code("if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"); + $self->pidl_code("\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Error: %s\", val_to_str(status, WERR_errors, \"Unknown DOS error 0x%08x\"));\n"); + + $return_types{$ifname}->{"werror"} = ["WERROR", "Windows Error"]; + } elsif (my $type = getType($fn->{RETURN_TYPE})) { + if ($type->{DATA}->{TYPE} eq "ENUM") { + my $return_type = "g".Parse::Pidl::Typelist::enum_type_fn($type->{DATA}); + my $return_dissect = "dissect_ndr_" .Parse::Pidl::Typelist::enum_type_fn($type->{DATA}); + + $self->pidl_code("offset = $return_dissect(tvb, offset, pinfo, tree, drep, hf\_$ifname\_$fn->{RETURN_TYPE}_status, &status);"); + $self->pidl_code("if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"); + $self->pidl_code("\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Status: %s\", val_to_str(status, $ifname\_$fn->{RETURN_TYPE}\_vals, \"Unknown " . $fn->{RETURN_TYPE} . " error 0x%08x\"));\n"); + $return_types{$ifname}->{$fn->{RETURN_TYPE}."_status"} = [$fn->{RETURN_TYPE}, $fn->{RETURN_TYPE}]; + } elsif ($type->{DATA}->{TYPE} eq "SCALAR") { + $self->pidl_code("offset = dissect_ndr_$fn->{RETURN_TYPE}(tvb, offset, pinfo, tree, drep, hf\_$ifname\_$fn->{RETURN_TYPE}_status, &status);"); + $self->pidl_code("if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"); + $self->pidl_code("\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Status: %d\", status);\n"); + $return_types{$ifname}->{$fn->{RETURN_TYPE}."_status"} = [$fn->{RETURN_TYPE}, $fn->{RETURN_TYPE}]; + } + } + + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end("$ifname\_dissect\_$fn_name\_response"); + + $self->pidl_fn_start("$ifname\_dissect\_$fn_name\_request"); + $self->pidl_code("static int"); + $self->pidl_code("$ifname\_dissect\_${fn_name}_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)"); + $self->pidl_code("{"); + $self->indent; + $self->pidl_code("pinfo->dcerpc_procedure_name=\"${fn_name}\";"); + foreach (@{$fn->{ELEMENTS}}) { + if (grep(/in/,@{$_->{DIRECTION}})) { + $self->pidl_code("$dissectornames{$_->{NAME}}"); + $self->pidl_code("offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);"); + } + + } + + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end("$ifname\_dissect\_$fn_name\_request"); +} + +sub Struct($$$$) +{ + my ($self,$e,$name,$ifname) = @_; + my $dissectorname = "$ifname\_dissect\_struct\_".StripPrefixes($name, $self->{conformance}->{strip_prefixes}); + + return if (defined($self->{conformance}->{noemit}->{StripPrefixes($name, $self->{conformance}->{strip_prefixes})})); + + $self->register_ett("ett_$ifname\_$name"); + + my $res = ""; + ($res.="\t".$self->Element($_, $name, $ifname)."\n\n") foreach (@{$e->{ELEMENTS}}); + + $self->pidl_hdr("int $dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);"); + + $self->pidl_fn_start($dissectorname); + $self->pidl_code("int"); + $self->pidl_code("$dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_)"); + $self->pidl_code("{"); + $self->indent; + $self->pidl_code("proto_item *item = NULL;"); + $self->pidl_code("proto_tree *tree = NULL;"); + $self->pidl_code("int old_offset;"); + $self->pidl_code(""); + + if ($e->{ALIGN} > 1) { + $self->pidl_code("ALIGN_TO_$e->{ALIGN}_BYTES;"); + } + $self->pidl_code(""); + + $self->pidl_code("old_offset = offset;"); + $self->pidl_code(""); + $self->pidl_code("if (parent_tree) {"); + $self->indent; + $self->pidl_code("item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE);"); + $self->pidl_code("tree = proto_item_add_subtree(item, ett_$ifname\_$name);"); + $self->deindent; + $self->pidl_code("}"); + + $self->pidl_code("\n$res"); + + $self->pidl_code("proto_item_set_len(item, offset-old_offset);\n"); + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end($dissectorname); + + $self->register_type($name, "offset = $dissectorname(tvb,offset,pinfo,tree,drep,\@HF\@,\@PARAM\@);", "FT_NONE", "BASE_NONE", 0, "NULL", 0); +} + +sub Union($$$$) +{ + my ($self,$e,$name,$ifname) = @_; + + my $dissectorname = "$ifname\_dissect_".StripPrefixes($name, $self->{conformance}->{strip_prefixes}); + + return if (defined($self->{conformance}->{noemit}->{StripPrefixes($name, $self->{conformance}->{strip_prefixes})})); + + $self->register_ett("ett_$ifname\_$name"); + + my $res = ""; + foreach (@{$e->{ELEMENTS}}) { + $res.="\n\t\t$_->{CASE}:\n"; + if ($_->{TYPE} ne "EMPTY") { + $res.="\t\t\t".$self->Element($_, $name, $ifname)."\n"; + } + $res.="\t\tbreak;\n"; + } + + my $switch_type; + my $switch_dissect; + my $switch_dt = getType($e->{SWITCH_TYPE}); + if ($switch_dt->{DATA}->{TYPE} eq "ENUM") { + $switch_type = "g".Parse::Pidl::Typelist::enum_type_fn($switch_dt->{DATA}); + $switch_dissect = "dissect_ndr_" .Parse::Pidl::Typelist::enum_type_fn($switch_dt->{DATA}); + } elsif ($switch_dt->{DATA}->{TYPE} eq "SCALAR") { + $switch_type = "g$e->{SWITCH_TYPE}"; + $switch_dissect = "dissect_ndr_$e->{SWITCH_TYPE}"; + } + + $self->pidl_fn_start($dissectorname); + $self->pidl_code("static int"); + $self->pidl_code("$dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_)"); + $self->pidl_code("{"); + $self->indent; + $self->pidl_code("proto_item *item = NULL;"); + $self->pidl_code("proto_tree *tree = NULL;"); + $self->pidl_code("int old_offset;"); + $self->pidl_code("$switch_type level;"); + $self->pidl_code(""); + + $self->pidl_code("old_offset = offset;"); + $self->pidl_code("if (parent_tree) {"); + $self->indent; + $self->pidl_code("item = proto_tree_add_text(parent_tree, tvb, offset, -1, \"$name\");"); + $self->pidl_code("tree = proto_item_add_subtree(item, ett_$ifname\_$name);"); + $self->deindent; + $self->pidl_code("}"); + + $self->pidl_code(""); + + $self->pidl_code("offset = $switch_dissect(tvb, offset, pinfo, tree, drep, hf_index, &level);"); + + if ($e->{ALIGN} > 1) { + $self->pidl_code("ALIGN_TO_$e->{ALIGN}_BYTES;"); + $self->pidl_code(""); + } + + + $self->pidl_code("switch(level) {$res\t}"); + $self->pidl_code("proto_item_set_len(item, offset-old_offset);\n"); + $self->pidl_code("return offset;"); + $self->deindent; + $self->pidl_code("}"); + $self->pidl_fn_end($dissectorname); + + $self->register_type($name, "offset = $dissectorname(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_NONE", "BASE_NONE", 0, "NULL", 0); +} + +sub Const($$$) +{ + my ($self,$const,$ifname) = @_; + + if (!defined($const->{ARRAY_LEN}[0])) { + $self->pidl_hdr("#define $const->{NAME}\t( $const->{VALUE} )\n"); + } else { + $self->pidl_hdr("#define $const->{NAME}\t $const->{VALUE}\n"); + } +} + +sub Typedef($$$$) +{ + my ($self,$e,$name,$ifname) = @_; + + $self->Type($e->{DATA}, $name, $ifname); +} + +sub Type($$$$) +{ + my ($self, $e, $name, $ifname) = @_; + + $self->PrintIdl(DumpType($e->{ORIGINAL})); + + { + ENUM => \&Enum, + STRUCT => \&Struct, + UNION => \&Union, + BITMAP => \&Bitmap, + TYPEDEF => \&Typedef + }->{$e->{TYPE}}->($self, $e, $name, $ifname); +} + +sub RegisterInterface($$) +{ + my ($self, $x) = @_; + + $self->pidl_fn_start("proto_register_dcerpc_$x->{NAME}"); + $self->pidl_code("void proto_register_dcerpc_$x->{NAME}(void)"); + $self->pidl_code("{"); + $self->indent; + + $self->{res}->{code}.=$self->DumpHfList()."\n"; + $self->{res}->{code}.="\n".DumpEttList($self->{ett})."\n"; + + if (defined($x->{UUID})) { + # These can be changed to non-pidl_code names if the old dissectors + # in epan/dissctors are deleted. + + my $name = uc($x->{NAME}) . " (pidl)"; + my $short_name = uc($x->{NAME}); + my $filter_name = $x->{NAME}; + + if (has_property($x, "helpstring")) { + $name = $x->{PROPERTIES}->{helpstring}; + } + + if (defined($self->{conformance}->{protocols}->{$x->{NAME}})) { + $short_name = $self->{conformance}->{protocols}->{$x->{NAME}}->{SHORTNAME}; + $name = $self->{conformance}->{protocols}->{$x->{NAME}}->{LONGNAME}; + $filter_name = $self->{conformance}->{protocols}->{$x->{NAME}}->{FILTERNAME}; + } + + $self->pidl_code("proto_dcerpc_$x->{NAME} = proto_register_protocol(".make_str($name).", ".make_str($short_name).", ".make_str($filter_name).");"); + + $self->pidl_code("proto_register_field_array(proto_dcerpc_$x->{NAME}, hf, array_length (hf));"); + $self->pidl_code("proto_register_subtree_array(ett, array_length(ett));"); + } else { + $self->pidl_code("proto_dcerpc = proto_get_id_by_filter_name(\"dcerpc\");"); + $self->pidl_code("proto_register_field_array(proto_dcerpc, hf, array_length(hf));"); + $self->pidl_code("proto_register_subtree_array(ett, array_length(ett));"); + } + + $self->deindent; + $self->pidl_code("}\n"); + $self->pidl_fn_end("proto_register_dcerpc_$x->{NAME}"); +} + +sub RegisterInterfaceHandoff($$) +{ + my ($self,$x) = @_; + + if (defined($x->{UUID})) { + $self->pidl_fn_start("proto_reg_handoff_dcerpc_$x->{NAME}"); + $self->pidl_code("void proto_reg_handoff_dcerpc_$x->{NAME}(void)"); + $self->pidl_code("{"); + $self->indent; + $self->pidl_code("dcerpc_init_uuid(proto_dcerpc_$x->{NAME}, ett_dcerpc_$x->{NAME},"); + $self->pidl_code("\t&uuid_dcerpc_$x->{NAME}, ver_dcerpc_$x->{NAME},"); + $self->pidl_code("\t$x->{NAME}_dissectors, hf_$x->{NAME}_opnum);"); + $self->deindent; + $self->pidl_code("}"); + $self->pidl_fn_end("proto_reg_handoff_dcerpc_$x->{NAME}"); + + $self->{hf_used}->{"hf_$x->{NAME}_opnum"} = 1; + } +} + +sub ProcessInclude +{ + my $self = shift; + my @includes = @_; + foreach (@includes) { + $self->pidl_hdr("#include \"$_\""); + } + $self->pidl_hdr(""); +} + +sub ProcessImport +{ + my $self = shift; + my @imports = @_; + foreach (@imports) { + next if($_ eq "security"); + s/\.idl\"$//; + s/^\"//; + $self->pidl_hdr("#include \"packet-dcerpc-$_\.h\""); + } + $self->pidl_hdr(""); +} + +sub ProcessInterface($$) +{ + my ($self, $x) = @_; + + push(@{$self->{conformance}->{strip_prefixes}}, $x->{NAME}); + + my $define = "__PACKET_DCERPC_" . uc($_->{NAME}) . "_H"; + $self->pidl_hdr("#ifndef $define"); + $self->pidl_hdr("#define $define"); + $self->pidl_hdr(""); + + $self->pidl_def("static gint proto_dcerpc_$x->{NAME} = -1;"); + $self->register_ett("ett_dcerpc_$x->{NAME}"); + $self->register_hf_field("hf_$x->{NAME}_opnum", "Operation", "$x->{NAME}.opnum", "FT_UINT16", "BASE_DEC", "NULL", 0, ""); + + if (defined($x->{UUID})) { + my $if_uuid = $x->{UUID}; + + $self->pidl_def("/* Version information */\n\n"); + + $self->pidl_def("static e_uuid_t uuid_dcerpc_$x->{NAME} = {"); + $self->pidl_def("\t0x" . substr($if_uuid, 1, 8) + . ", 0x" . substr($if_uuid, 10, 4) + . ", 0x" . substr($if_uuid, 15, 4) . ","); + $self->pidl_def("\t{ 0x" . substr($if_uuid, 20, 2) + . ", 0x" . substr($if_uuid, 22, 2) + . ", 0x" . substr($if_uuid, 25, 2) + . ", 0x" . substr($if_uuid, 27, 2) + . ", 0x" . substr($if_uuid, 29, 2) + . ", 0x" . substr($if_uuid, 31, 2) + . ", 0x" . substr($if_uuid, 33, 2) + . ", 0x" . substr($if_uuid, 35, 2) . " }"); + $self->pidl_def("};"); + + my $maj = $x->{VERSION}; + $maj =~ s/\.(.*)$//g; + $self->pidl_def("static guint16 ver_dcerpc_$x->{NAME} = $maj;"); + $self->pidl_def(""); + } + + $return_types{$x->{NAME}} = {}; + + $self->Interface($x); + + $self->pidl_code("\n".DumpFunctionTable($x)); + + foreach (keys %{$return_types{$x->{NAME}}}) { + my ($type, $desc) = @{$return_types{$x->{NAME}}->{$_}}; + my $dt = $self->find_type($type); + $dt or die("Unable to find information about return type `$type'"); + $self->register_hf_field("hf_$x->{NAME}_$_", $desc, "$x->{NAME}.$_", $dt->{FT_TYPE}, "BASE_HEX", $dt->{VALSSTRING}, 0, ""); + $self->{hf_used}->{"hf_$x->{NAME}_$_"} = 1; + } + + $self->RegisterInterface($x); + $self->RegisterInterfaceHandoff($x); + + $self->pidl_hdr("#endif /* $define */"); +} + +sub find_type($$) +{ + my ($self, $n) = @_; + + return $self->{conformance}->{types}->{$n}; +} + +sub register_type($$$$$$$$) +{ + my ($self, $type,$call,$ft,$base,$mask,$vals,$length) = @_; + + return if (defined($self->{conformance}->{types}->{$type})); + + $self->{conformance}->{types}->{$type} = { + NAME => $type, + DISSECTOR_NAME => $call, + FT_TYPE => $ft, + BASE_TYPE => $base, + MASK => $mask, + VALSSTRING => $vals, + ALIGNMENT => $length + }; +} + +# Loads the default types +sub Initialize($$) +{ + my ($self, $cnf_file) = @_; + + $self->{conformance} = { + imports => {}, + header_fields=> {} + }; + + ReadConformance($cnf_file, $self->{conformance}) or print STDERR "warning: No conformance file `$cnf_file'\n"; + + foreach my $bytes (qw(1 2 4 8)) { + my $bits = $bytes * 8; + $self->register_type("uint$bits", "offset = PIDL_dissect_uint$bits(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_UINT$bits", "BASE_DEC", 0, "NULL", $bytes); + $self->register_type("int$bits", "offset = PIDL_dissect_uint$bits(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_INT$bits", "BASE_DEC", 0, "NULL", $bytes); + } + + $self->register_type("udlong", "offset = dissect_ndr_duint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);", "FT_UINT64", "BASE_DEC", 0, "NULL", 4); + $self->register_type("bool8", "offset = PIDL_dissect_uint8(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);","FT_INT8", "BASE_DEC", 0, "NULL", 1); + $self->register_type("char", "offset = PIDL_dissect_uint8(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);","FT_INT8", "BASE_DEC", 0, "NULL", 1); + $self->register_type("long", "offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);","FT_INT32", "BASE_DEC", 0, "NULL", 4); + $self->register_type("dlong", "offset = dissect_ndr_duint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_INT64", "BASE_DEC", 0, "NULL", 8); + $self->register_type("GUID", "offset = dissect_ndr_uuid_t(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_GUID", "BASE_NONE", 0, "NULL", 4); + $self->register_type("policy_handle", "offset = PIDL_dissect_policy_hnd(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);","FT_BYTES", "BASE_NONE", 0, "NULL", 4); + $self->register_type("NTTIME", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);","FT_ABSOLUTE_TIME", "BASE_NONE", 0, "NULL", 4); + $self->register_type("NTTIME_hyper", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);","FT_ABSOLUTE_TIME", "BASE_NONE", 0, "NULL", 4); + $self->register_type("time_t", "offset = dissect_ndr_time_t(tvb, offset, pinfo,tree, drep, \@HF\@, NULL);","FT_ABSOLUTE_TIME", "BASE_DEC", 0, "NULL", 4); + $self->register_type("NTTIME_1sec", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);", "FT_ABSOLUTE_TIME", "BASE_NONE", 0, "NULL", 4); + $self->register_type("SID", " + dcerpc_info *di = (dcerpc_info *)pinfo->private_data; + + di->hf_index = \@HF\@; + + offset = dissect_ndr_nt_SID_with_options(tvb, offset, pinfo, tree, drep, param); + ","FT_STRING", "BASE_DEC", 0, "NULL", 4); + $self->register_type("WERROR", + "offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);","FT_UINT32", "BASE_DEC", 0, "VALS(WERR_errors)", 4); + $self->register_type("NTSTATUS", + "offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);","FT_UINT32", "BASE_DEC", 0, "VALS(NT_errors)", 4); + +} + +##################################################################### +# Generate Wireshark parser and header code +sub Parse($$$$$) +{ + my($self,$ndr,$idl_file,$h_filename,$cnf_file) = @_; + + $self->Initialize($cnf_file); + + return (undef, undef) if defined($self->{conformance}->{noemit_dissector}); + + my $notice = +"/* DO NOT EDIT + This filter was automatically generated + from $idl_file and $cnf_file. + + Pidl is a perl based IDL compiler for DCE/RPC idl files. + It is maintained by the Samba team, not the Wireshark team. + Instructions on how to download and install Pidl can be + found at http://wiki.wireshark.org/Pidl +*/ + +"; + + $self->pidl_hdr($notice); + + $self->{res}->{headers} = "\n"; + $self->{res}->{headers} .= "#ifdef HAVE_CONFIG_H\n"; + $self->{res}->{headers} .= "#include \"config.h\"\n"; + $self->{res}->{headers} .= "#endif\n\n"; + + $self->{res}->{headers} .= "#ifdef _MSC_VER\n"; + $self->{res}->{headers} .= "#pragma warning(disable:4005)\n"; + $self->{res}->{headers} .= "#pragma warning(disable:4013)\n"; + $self->{res}->{headers} .= "#pragma warning(disable:4018)\n"; + $self->{res}->{headers} .= "#pragma warning(disable:4101)\n"; + $self->{res}->{headers} .= "#endif\n\n"; + + $self->{res}->{headers} .= "#include <glib.h>\n"; + $self->{res}->{headers} .= "#include <string.h>\n"; + $self->{res}->{headers} .= "#include <epan/packet.h>\n\n"; + + $self->{res}->{headers} .= "#include \"packet-dcerpc.h\"\n"; + $self->{res}->{headers} .= "#include \"packet-dcerpc-nt.h\"\n"; + $self->{res}->{headers} .= "#include \"packet-windows-common.h\"\n"; + + my $h_basename = basename($h_filename); + + $self->{res}->{headers} .= "#include \"$h_basename\"\n"; + $self->pidl_code(""); + + if (defined($self->{conformance}->{ett})) { + register_ett($self,$_) foreach(@{$self->{conformance}->{ett}}) + } + + # Wireshark protocol registration + + foreach (@$ndr) { + $self->ProcessInterface($_) if ($_->{TYPE} eq "INTERFACE"); + $self->ProcessImport(@{$_->{PATHS}}) if ($_->{TYPE} eq "IMPORT"); + $self->ProcessInclude(@{$_->{PATHS}}) if ($_->{TYPE} eq "INCLUDE"); + } + + $self->{res}->{ett} = DumpEttDeclaration($self->{ett}); + $self->{res}->{hf} = $self->DumpHfDeclaration(); + + my $parser = $notice; + $parser.= $self->{res}->{headers}; + $parser.=$self->{res}->{ett}; + $parser.=$self->{res}->{hf}; + $parser.=$self->{res}->{def}; + if (exists ($self->{conformance}->{override})) { + $parser.=$self->{conformance}->{override}; + } + $parser.=$self->{res}->{code}; + + my $header = "/* autogenerated by pidl */\n\n"; + $header.=$self->{res}->{hdr}; + + $self->CheckUsed($self->{conformance}); + + return ($parser,$header); +} + +############################################################################### +# ETT +############################################################################### + +sub register_ett($$) +{ + my ($self, $name) = @_; + + push (@{$self->{ett}}, $name); +} + +sub DumpEttList +{ + my ($ett) = @_; + my $res = "\tstatic gint *ett[] = {\n"; + foreach (@$ett) { + $res .= "\t\t&$_,\n"; + } + + return "$res\t};\n"; +} + +sub DumpEttDeclaration +{ + my ($ett) = @_; + my $res = "\n/* Ett declarations */\n"; + foreach (@$ett) { + $res .= "static gint $_ = -1;\n"; + } + + return "$res\n"; +} + +############################################################################### +# HF +############################################################################### + +sub register_hf_field($$$$$$$$$) +{ + my ($self,$index,$name,$filter_name,$ft_type,$base_type,$valsstring,$mask,$blurb) = @_; + + if (defined ($self->{conformance}->{hf_renames}->{$index})) { + $self->{conformance}->{hf_renames}->{$index}->{USED} = 1; + return $self->{conformance}->{hf_renames}->{$index}->{NEWNAME}; + } + + $self->{conformance}->{header_fields}->{$index} = { + INDEX => $index, + NAME => $name, + FILTER => $filter_name, + FT_TYPE => $ft_type, + BASE_TYPE => $base_type, + VALSSTRING => $valsstring, + MASK => $mask, + BLURB => $blurb + }; + + if ((not defined($blurb) or $blurb eq "") and + defined($self->{conformance}->{fielddescription}->{$index})) { + $self->{conformance}->{header_fields}->{$index}->{BLURB} = + $self->{conformance}->{fielddescription}->{$index}->{DESCRIPTION}; + $self->{conformance}->{fielddescription}->{$index}->{USED} = 1; + } + + return $index; +} + +sub DumpHfDeclaration($) +{ + my ($self) = @_; + my $res = ""; + + $res = "\n/* Header field declarations */\n"; + + foreach (keys %{$self->{conformance}->{header_fields}}) + { + $res .= "static gint $_ = -1;\n"; + } + + return "$res\n"; +} + +sub DumpHfList($) +{ + my ($self) = @_; + my $res = "\tstatic hf_register_info hf[] = {\n"; + + foreach (values %{$self->{conformance}->{header_fields}}) + { + $res .= "\t{ &$_->{INDEX}, + { ".make_str($_->{NAME}).", ".make_str($_->{FILTER}).", $_->{FT_TYPE}, $_->{BASE_TYPE}, $_->{VALSSTRING}, $_->{MASK}, ".make_str($_->{BLURB}).", HFILL }}, +"; + } + + return $res."\t};\n"; +} + + +############################################################################### +# Function table +############################################################################### + +sub DumpFunctionTable($) +{ + my $if = shift; + + my $res = "static dcerpc_sub_dissector $if->{NAME}\_dissectors[] = {\n"; + foreach (@{$if->{FUNCTIONS}}) { + my $fn_name = $_->{NAME}; + $fn_name =~ s/^$if->{NAME}_//; + $res.= "\t{ $_->{OPNUM}, \"$fn_name\",\n"; + $res.= "\t $if->{NAME}_dissect_${fn_name}_request, $if->{NAME}_dissect_${fn_name}_response},\n"; + } + + $res .= "\t{ 0, NULL, NULL, NULL }\n"; + + return "$res};\n"; +} + +sub CheckUsed($$) +{ + my ($self, $conformance) = @_; + foreach (values %{$conformance->{header_fields}}) { + if (not defined($self->{hf_used}->{$_->{INDEX}})) { + warning($_->{POS}, "hf field `$_->{INDEX}' not used"); + } + } + + foreach (values %{$conformance->{hf_renames}}) { + if (not $_->{USED}) { + warning($_->{POS}, "hf field `$_->{OLDNAME}' not used"); + } + } + + foreach (values %{$conformance->{dissectorparams}}) { + if (not $_->{USED}) { + warning($_->{POS}, "dissector param never used"); + } + } + + foreach (values %{$conformance->{imports}}) { + if (not $_->{USED}) { + warning($_->{POS}, "import never used"); + } + } + + foreach (values %{$conformance->{types}}) { + if (not $_->{USED} and defined($_->{POS})) { + warning($_->{POS}, "type never used"); + } + } + + foreach (values %{$conformance->{fielddescription}}) { + if (not $_->{USED}) { + warning($_->{POS}, "description never used"); + } + } + + foreach (values %{$conformance->{tfs}}) { + if (not $_->{USED}) { + warning($_->{POS}, "True/False description never used"); + } + } +} + +1; |