Fix AppNeta Extended Headers on ICMP/ICMPv6 packets

Author: fklassen

CMakeLists.txt

@@ -53,7 +53,7 @@ set(PROJECT_MAJOR_VERSION 4)
 set(PROJECT_MINOR_VERSION 6)
 set(PROJECT_PATCH_VERSION 2)
 set(PROJECT_BUILD_VERSION ${GIT_REVISION})
-set(PROJECT_VERSION_EXTENSION ".appneta.67")
+set(PROJECT_VERSION_EXTENSION ".appneta.68")
 
 if(DEFINED ENV{WIRESHARK_VERSION_EXTRA})
 	set(PROJECT_VERSION_EXTENSION "$ENV{WIRESHARK_VERSION_EXTRA}")

README.appneta.md

@@ -124,26 +124,26 @@ Build
 
   ```shell
   pushd run
-  hdiutil convert Wireshark\ 4.6.2.appneta.67\ Arm\ 64.dmg -format UDRW -o Wireshark\ 4.6.2.appneta.67\ Arm\ 64-rw.dmg
-  hdiutil resize -size 500M  Wireshark\ 4.6.2.appneta.67\ Arm\ 64-rw.dmg
-  hdiutil attach Wireshark\ 4.6.2.appneta.67\ Arm\ 64-rw.dmg
-  rm -rf /Volumes/Wireshark\ 4.6.2.appneta.67/Wireshark.app
-  tar xvf Wireshark.app.tar.xz -C /Volumes/Wireshark\ 4.6.2.appneta.67
+  hdiutil convert Wireshark\ 4.6.2.appneta.68\ Arm\ 64.dmg -format UDRW -o Wireshark\ 4.6.2.appneta.68\ Arm\ 64-rw.dmg
+  hdiutil resize -size 500M  Wireshark\ 4.6.2.appneta.68\ Arm\ 64-rw.dmg
+  hdiutil attach Wireshark\ 4.6.2.appneta.68\ Arm\ 64-rw.dmg
+  rm -rf /Volumes/Wireshark\ 4.6.2.appneta.68/Wireshark.app
+  tar xvf Wireshark.app.tar.xz -C /Volumes/Wireshark\ 4.6.2.appneta.68
   ```
 
   * At this point you will use Finder to unmount the `.dmg` bundle
   * Now convert R/W bundle to R/O
 
   ```shell
-  hdiutil convert Wireshark\ 4.6.2.appneta.67\ Arm\ 64-rw.dmg -format UDRO -o ~/data/Wireshark\ 4.6.2.appneta.67\ Arm\ 64.dmg
+  hdiutil convert Wireshark\ 4.6.2.appneta.68\ Arm\ 64-rw.dmg -format UDRO -o ~/data/Wireshark\ 4.6.2.appneta.68\ Arm\ 64.dmg
   popd
   ```
 
 * Code sign the new bundle
 
   ```shell
   codesign --sign "Apple Development: Fred Klassen (VRZWY3PKS3)" --prefix "org.broadcom.appneta" \
-    --entitlements ../packaging/macosx/entitlements.plist --timestamp --verbose -f ~/data/Wireshark\ 4.6.2.appneta.67\ Arm\ 64.dmg
+    --entitlements ../packaging/macosx/entitlements.plist --timestamp --verbose -f ~/data/Wireshark\ 4.6.2.appneta.68\ Arm\ 64.dmg
   ```
 
 * Test the new installer program
@@ -232,15 +232,15 @@ Build packages (from wireshark directory)
     export DH_QUIET=1
     export MAKEFLAGS=--silent
     dpkg-buildpackage -b -us -uc -jauto
-    WS_VERSION=4.6.2.appneta.67   # << update this
+    WS_VERSION=4.6.2.appneta.68   # << update this
     sudo mkdir -p /root/wireshark-${WS_VERSION}_repo
     sudo mv ../*.deb ../*.buildinfo ../*.changes \
       /root/wireshark-${WS_VERSION}_repo
 
 Once packages are made:
 
     sudo -i
-    WS_VERSION=4.6.2.appneta.67
+    WS_VERSION=4.6.2.appneta.68
     cd /root/wireshark-${WS_VERSION}_repo
     apt-ftparchive packages . > Packages
     cd ..
@@ -261,7 +261,7 @@ Verify that the correct version of wireshark will be installed
 
     apt show wireshark 2> /dev/null | head -n2
     Package: wireshark
-    Version: 4.6.2.appneta.67
+    Version: 4.6.2.appneta.68
 
 Do the install
 

epan/dissectors/packet-appneta.c

@@ -636,45 +636,32 @@ add_subtree(tvbuff_t *tvb, int *offset, proto_tree *current_tree,
  * the header; otherwise add items to the dissector tree.
  */
 static int
-dissect_responder_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_resp_tree, void *data)
+dissect_responder_headers_parse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_resp_tree, int offset, int currentHeader, appneta_pkt_type_t appneta_pkt_type)
 {
-    int      currentHeader, nextHeader;
-    uint8_t  headerLength = 0, mode = 0;
-    uint8_t  flags  = 0;
-    int      offset = 0;
-    uint32_t id, flow, major, minor, revision, build, first_id = 0,
-                                                      burst_hold_time, i, depth;
-    uint32_t cb_in_count  = 0,
-             cb_in_gap    = 0,
-             cb_out_count = 0,
-             cb_out_gap   = 0,
-             cb_in_flags  = 0;
-    uint16_t           port, portend, weight, burstsize = 0;
-    proto_tree        *current_tree = NULL, *field_tree = NULL;
-    proto_item        *tf = NULL;
-    tvbuff_t          *next_tvb;
-    gboolean           save_in_error_pkt;
-    int                remaining        = tvb_captured_length_remaining(tvb, 0);
-    appneta_pkt_type_t appneta_pkt_type = APPNETA_PACKET_TYPE_UNDEFINED;
-    uint32_t           pass             = 0;
-
-    if (data && strcmp((const char *)data, "ani-payload") == 0) {
-        currentHeader    = HDR_SIGNATURE;
-        appneta_pkt_type = APPNETA_PACKET_TYPE_PATH;
-    } else if (data && strcmp((const char *)data, "ani-reply-payload") == 0) {
-        currentHeader    = HDR_SIGNATURE;
-        appneta_pkt_type = APPNETA_PACKET_TYPE_PATH_REPLY;
-    } else {
-        currentHeader = HDR_SEQUENCE;
-    }
+    int      remaining = tvb_captured_length_remaining(tvb, 0);
+    uint32_t pass      = 0;
 
     while (currentHeader != HDR_LAST && currentHeader < HDR_INVALID) {
-        current_tree = appneta_resp_tree;
-        nextHeader   = tvb_get_uint8(tvb, offset);
-        headerLength = tvb_get_uint8(tvb, offset + 1);
+        proto_tree *current_tree = appneta_resp_tree;
+        int         nextHeader   = tvb_get_uint8(tvb, offset);
+        int         headerLength = tvb_get_uint8(tvb, offset + 1);
+        uint8_t     mode         = 0;
+        uint8_t     flags        = 0;
+        uint32_t    id, flow, major, minor, revision, build, first_id = 0,
+                                                          burst_hold_time, i, depth;
+        uint32_t cb_in_count  = 0,
+                 cb_in_gap    = 0,
+                 cb_out_count = 0,
+                 cb_out_gap   = 0,
+                 cb_in_flags  = 0;
+        uint16_t    port, portend, weight, burst_size = 0;
+        proto_tree *field_tree = NULL;
+        proto_item *tf         = NULL;
+        tvbuff_t   *next_tvb;
+        bool        save_in_error_pkt;
 
         if (offset > remaining || pass++ > 50) {
-            g_print("dissect_responder_header: opps: offset=%d remaining=%d pass=%d\n",
+            g_print("dissect_responder_headers_parse: opps: offset=%d remaining=%d pass=%d\n",
                     offset, remaining, pass);
             return 0;
         }
@@ -816,7 +803,7 @@ dissect_responder_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_
                 current_tree = add_subtree(tvb, &offset, current_tree, currentHeader, headerLength,
                         "Command Info Header");
                 first_id     = tvb_get_ntohl(tvb, offset);
-                burstsize    = tvb_get_ntohs(tvb, offset + 4);
+                burst_size   = tvb_get_ntohs(tvb, offset + 4);
                 proto_tree_add_item(current_tree, hf_appneta_resp_first_id, tvb, offset, 4, ENC_NA);
                 proto_tree_add_item(current_tree, hf_appneta_resp_burst_size, tvb, offset + 4, 2, ENC_NA);
                 if (headerLength > 8) {
@@ -861,7 +848,7 @@ dissect_responder_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_
                 } else if (mode == 0x85) {
                     col_append_fstr(pinfo->cinfo, COL_INFO, " Burst Load (Primer)");
                 }
-                col_append_fstr(pinfo->cinfo, COL_INFO, " First ID=%d Packets=%d", first_id, burstsize);
+                col_append_fstr(pinfo->cinfo, COL_INFO, " First ID=%d Packets=%d", first_id, burst_size);
                 break;
             case HDR_OUTBOUNDARRIVAL:
                 current_tree = add_subtree(tvb, &offset, current_tree, currentHeader, headerLength,
@@ -946,8 +933,8 @@ dissect_responder_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_
                         "Inbound Packet Attributes");
                 proto_tree_add_item(current_tree, hf_appneta_resp_inboundpacketcount, tvb, offset, 2, ENC_NA);
                 proto_tree_add_item(current_tree, hf_appneta_resp_inboundpacketsize, tvb, offset + 2, 2, ENC_NA);
-                burstsize = tvb_get_ntohs(tvb, offset);
-                col_append_fstr(pinfo->cinfo, COL_INFO, "/%d (out/in)", burstsize);
+                burst_size = tvb_get_ntohs(tvb, offset);
+                col_append_fstr(pinfo->cinfo, COL_INFO, "/%d (out/in)", burst_size);
                 break;
             case HDR_H323PORT:
                 current_tree = add_subtree(tvb, &offset, current_tree, currentHeader, headerLength,
@@ -1231,15 +1218,34 @@ dissect_responder_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_
     return offset;
 }
 
+static int
+dissect_responder_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *appneta_resp_tree, void *data)
+{
+    appneta_pkt_type_t appneta_pkt_type = APPNETA_PACKET_TYPE_UNDEFINED;
+    int                currentHeader;
+
+    if (data && strcmp((const char *)data, "ani-payload") == 0) {
+        currentHeader    = HDR_SIGNATURE;
+        appneta_pkt_type = APPNETA_PACKET_TYPE_PATH;
+    } else if (data && strcmp((const char *)data, "ani-reply-payload") == 0) {
+        currentHeader    = HDR_SIGNATURE;
+        appneta_pkt_type = APPNETA_PACKET_TYPE_PATH_REPLY;
+    } else {
+        currentHeader = HDR_SEQUENCE;
+    }
+
+    return dissect_responder_headers_parse(tvb, pinfo, appneta_resp_tree, 0, currentHeader, appneta_pkt_type);
+}
+
 /*******************************************************************
  * Code to dissect the packets targeting a Responder
  */
 static int
 dissect_appneta_responder(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
 {
-    unsigned int offset            = 0;
-    proto_item  *ti                = NULL;
-    proto_tree  *appneta_resp_tree = NULL;
+    uint32_t    offset            = 0;
+    proto_item *ti                = NULL;
+    proto_tree *appneta_resp_tree = NULL;
 
     /* determine how many bytes of the packet will be processed */
     offset = dissect_rtp_header(tvb, pinfo, offset, NULL, TRUE);
@@ -1248,9 +1254,6 @@ dissect_appneta_responder(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, v
     if (!offset || tvb_captured_length(tvb) < offset)
         return 0;
 
-    /* Make entry in Protocol column */
-    col_set_str(pinfo->cinfo, COL_PROTOCOL, "AppNetaResponder");
-
     /* Indicate the number of bytes that will be processed */
     ti = proto_tree_add_item(tree, proto_appneta_resp, tvb, 0, offset, ENC_NA);
 
@@ -1268,6 +1271,9 @@ dissect_appneta_responder(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, v
     if (!offset)
         return 0;
 
+    /* Make entry in Protocol column */
+    col_append_sep_fstr(pinfo->cinfo, COL_PROTOCOL, NULL, "AppNetaResp");
+
     return call_dissector(appneta_payload_handle, tvb_new_subset_remaining(tvb, offset), pinfo, tree);
 }
 
@@ -1339,16 +1345,16 @@ dissect_appneta_payload(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi
     } else if (bytes >= path_payload_min_size &&
                (!memcmp(cp, APPNETA_PAYLOAD_SIGNATURE, sizeof(APPNETA_PAYLOAD_SIGNATURE)) || !memcmp(cp, APPNETA_REPLY_PAYLOAD_SIGNATURE, sizeof(APPNETA_REPLY_PAYLOAD_SIGNATURE)))) {
         /* path packet */
-        uint32_t    iht_value = 0;
-        const char *reply_str;
-        char       *type_str;
+        uint32_t           iht_value = 0;
+        const char        *reply_str;
+        appneta_pkt_type_t appneta_pkt_type;
 
         if (!memcmp(cp, APPNETA_REPLY_PAYLOAD_SIGNATURE, sizeof(APPNETA_REPLY_PAYLOAD_SIGNATURE))) {
-            reply_str = "Reply ";
-            type_str  = "appneta-reply-payload";
+            reply_str        = "Reply ";
+            appneta_pkt_type = APPNETA_PACKET_TYPE_PATH_REPLY;
         } else {
-            reply_str = "";
-            type_str  = "appneta-payload";
+            reply_str        = "";
+            appneta_pkt_type = APPNETA_PACKET_TYPE_PATH;
         }
 
         offset                = sizeof(APPNETA_PAYLOAD_SIGNATURE);
@@ -1407,38 +1413,37 @@ dissect_appneta_payload(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi
 
         if (ext) {
             /* Extended headers*/
+            // proto_tree *appneta_resp_tree = NULL;
+
             ++offset;
-            col_append_fstr(pinfo->cinfo, COL_INFO, " Extended %spayload", reply_str);
-            if (!appneta_responder_handle)
-                appneta_responder_handle = find_dissector("appneta_responder");
+            if (bytes >= ecb_payload_min_size && tvb_captured_length_remaining(tvb, offset) > 0) {
+                int currentHeader = tvb_get_uint8(tvb, offset);
+                /* Get a pointer to our subtree */
+                // appneta_resp_tree = proto_item_add_subtree(ti, ett_appneta_resp);
+                offset = dissect_responder_headers_parse(tvb, pinfo, data_tree, offset, currentHeader, appneta_pkt_type);
+                if (!offset)
+                    return 0;
+            }
+        } else {
+            /* Path */
+            proto_tree_add_uint(data_tree, hf_payload_path_burst_length, tvb, offset, 3, burst_length);
+            proto_item_append_text(ti, " (%u bytes)", burst_length);
 
-            if (appneta_responder_handle && bytes >= ecb_payload_min_size &&
-                    tvb_captured_length_remaining(tvb, offset) > 0)
-                call_dissector_with_data(appneta_responder_handle,
-                        tvb_new_subset_remaining(tvb, offset),
-                        pinfo, data_tree, type_str);
+            if (iht) {
+                proto_tree_add_uint(data_tree, hf_payload_path_iht_value, tvb, offset + 3, 4, iht_value);
+                proto_item_append_text(ti, " (iht=%u nsec)", iht_value);
+                offset += 4;
+            }
 
-            return tvb_captured_length(tvb);
-        }
+            col_append_fstr(pinfo->cinfo, COL_INFO, " Path %spayload:", reply_str);
+            col_append_fstr(pinfo->cinfo, COL_INFO, " first=%u last=%u", first, last);
 
-        /* Path */
-        proto_tree_add_uint(data_tree, hf_payload_path_burst_length, tvb, offset, 3, burst_length);
-        proto_item_append_text(ti, " (%u bytes)", burst_length);
+            if (iht)
+                col_append_fstr(pinfo->cinfo, COL_INFO, " iht=%u nsec", iht_value);
 
-        if (iht) {
-            proto_tree_add_uint(data_tree, hf_payload_path_iht_value, tvb, offset + 3, 4, iht_value);
-            proto_item_append_text(ti, " (iht=%u nsec)", iht_value);
-            offset += 4;
+            col_append_fstr(pinfo->cinfo, COL_INFO, " burst=%u", burst_length);
+            offset += sizeof(uint32_t) - 1;
         }
-
-        col_append_fstr(pinfo->cinfo, COL_INFO, " Path %spayload:", reply_str);
-        col_append_fstr(pinfo->cinfo, COL_INFO, " first=%u last=%u", first, last);
-
-        if (iht)
-            col_append_fstr(pinfo->cinfo, COL_INFO, " iht=%u nsec", iht_value);
-
-        col_append_fstr(pinfo->cinfo, COL_INFO, " burst=%u", burst_length);
-        offset += sizeof(uint32_t) - 1;
     } else {
         return 0;
     }
@@ -1713,7 +1718,7 @@ register_appneta_responder(void)
 
     /* Register the protocol name and description */
     proto_appneta_resp = proto_register_protocol("AppNeta Responder",
-            "AppNetaResponder", "appneta_resp");
+            "AppNetaResp", "appneta_resp");
 
     /* Required function calls to register the header fields and subtrees used */
     proto_register_field_array(proto_appneta_resp, hf, array_length(hf));

packaging/debian/changelog

@@ -1,4 +1,4 @@
-wireshark (4.6.2.appneta.67) UNRELEASED; urgency=low
+wireshark (4.6.2.appneta.68) UNRELEASED; urgency=low
 
   * Self-made package