1 /* packet-mqtt.c
2 * Routines for MQTT Protocol dissection
3 *
4 * MQTT v5.0 support sponsored by 1byt3 <customers at 1byt3.com>
5 *
6 * By Lakshmi Narayana Madala <madalanarayana@outlook.com>
7 * Stig Bjorlykke <stig@bjorlykke.org>
8 *
9 * Wireshark - Network traffic analyzer
10 * By Gerald Combs <gerald@wireshark.org>
11 * Copyright 1998 Gerald Combs
12 *
13 * SPDX-License-Identifier: GPL-2.0-or-later
14 */
15
16 /*
17 * Protocol description:
18 *
19 * MQTT is a Client Server publish/subscribe messaging transport
20 * protocol. The protocol runs over TCP/IP, or over other network
21 * protocols that provide ordered, lossless, bi-directional
22 * connections.
23 *
24 * MQTT v3.1 specification:
25 * http://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt-v3r1.html
26 *
27 * MQTT v3.1.1 specification:
28 * http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/
29 *
30 * MQTT v5.0 specification:
31 * http://docs.oasis-open.org/mqtt/mqtt/v5.0/
32 *
33 */
34
35 #include "config.h"
36 #include <epan/expert.h>
37 #include <epan/packet.h>
38 #include <epan/strutil.h>
39 #include <epan/uat.h>
40 #include "packet-tcp.h"
41 #include "packet-tls.h"
42
43 #define MQTT_DEFAULT_PORT 1883 /* IANA registered under service name as mqtt */
44 #define MQTT_SSL_DEFAULT_PORT 8883 /* IANA registered under service name secure-mqtt */
45
46 /* MQTT Protocol Versions */
47 #define MQTT_PROTO_V31 3
48 #define MQTT_PROTO_V311 4
49 #define MQTT_PROTO_V50 5
50
51 #define MQTT_HDR_SIZE_BEFORE_LEN 1
52
53 /* MQTT Message Types */
54 #define MQTT_RESERVED 0
55 #define MQTT_CONNECT 1
56 #define MQTT_CONNACK 2
57 #define MQTT_PUBLISH 3
58 #define MQTT_PUBACK 4
59 #define MQTT_PUBREC 5
60 #define MQTT_PUBREL 6
61 #define MQTT_PUBCOMP 7
62 #define MQTT_SUBSCRIBE 8
63 #define MQTT_SUBACK 9
64 #define MQTT_UNSUBSCRIBE 10
65 #define MQTT_UNSUBACK 11
66 #define MQTT_PINGREQ 12
67 #define MQTT_PINGRESP 13
68 #define MQTT_DISCONNECT 14
69 #define MQTT_AUTH 15
70 #define MQTT_RESERVED_16 16
71
72 /* Flag Values to extract fields */
73 #define MQTT_MASK_MSG_TYPE 0xF0
74 #define MQTT_MASK_HDR_RESERVED 0x0F
75 #define MQTT_MASK_HDR_DUP_RESERVED 0x07
76 #define MQTT_MASK_QOS 0x06
77 #define MQTT_MASK_DUP_FLAG 0x08
78 #define MQTT_MASK_RETAIN 0x01
79
80 /* MQTT v5.0 Flag Values for the Subscription Options @ Subscribe Packet */
81 #define MQTT_MASK_SUBS_QOS 0x03
82 #define MQTT_MASK_SUBS_NL 0x04
83 #define MQTT_MASK_SUBS_RAP 0x08
84 #define MQTT_MASK_SUBS_RETAIN 0x30
85 #define MQTT_MASK_SUBS_RESERVED 0xC0
86
87 void proto_register_mqtt(void);
88 void proto_reg_handoff_mqtt(void);
89
90 static dissector_table_t media_type_dissector_table;
91
92 static const value_string mqtt_protocol_version_vals[] = {
93 { MQTT_PROTO_V31, "MQTT v3.1" },
94 { MQTT_PROTO_V311, "MQTT v3.1.1" },
95 { MQTT_PROTO_V50, "MQTT v5.0" },
96 { 0, NULL }
97 };
98
99 static const enum_val_t mqtt_protocol_version_enumvals[] = {
100 { "none", "None", 0 },
101 { "v31", "MQTT v3.1", MQTT_PROTO_V31 },
102 { "v311", "MQTT v3.1.1", MQTT_PROTO_V311 },
103 { "v50", "MQTT v5.0", MQTT_PROTO_V50 },
104 { NULL, NULL, 0 }
105 };
106
107 static const value_string mqtt_msgtype_vals[] = {
108 { MQTT_RESERVED, "Reserved" },
109 { MQTT_CONNECT, "Connect Command" },
110 { MQTT_CONNACK, "Connect Ack" },
111 { MQTT_PUBLISH, "Publish Message" },
112 { MQTT_PUBACK, "Publish Ack" },
113 { MQTT_PUBREC, "Publish Received" },
114 { MQTT_PUBREL, "Publish Release" },
115 { MQTT_PUBCOMP, "Publish Complete" },
116 { MQTT_SUBSCRIBE, "Subscribe Request" },
117 { MQTT_SUBACK, "Subscribe Ack" },
118 { MQTT_UNSUBSCRIBE, "Unsubscribe Request" },
119 { MQTT_UNSUBACK, "Unsubscribe Ack" },
120 { MQTT_PINGREQ, "Ping Request" },
121 { MQTT_PINGRESP, "Ping Response" },
122 { MQTT_DISCONNECT, "Disconnect Req" },
123 { MQTT_AUTH, "Authentication Exchange" },
124 { MQTT_RESERVED_16, "Reserved" },
125 { 0, NULL }
126 };
127 static value_string_ext mqtt_msgtype_vals_ext = VALUE_STRING_EXT_INIT(mqtt_msgtype_vals);
128
129 #define MQTT_QOS_ATMOST_ONCE 0
130 #define MQTT_QOS_ATLEAST_ONCE 1
131 #define MQTT_QOS_EXACTLY_ONCE 2
132 #define MQTT_QOS_RESERVED 3
133
134 static const value_string mqtt_qos_vals[] = {
135 { MQTT_QOS_ATMOST_ONCE, "At most once delivery (Fire and Forget)" },
136 { MQTT_QOS_ATLEAST_ONCE, "At least once delivery (Acknowledged deliver)" },
137 { MQTT_QOS_EXACTLY_ONCE, "Exactly once delivery (Assured Delivery)" },
138 { MQTT_QOS_RESERVED, "Reserved" },
139 { 0, NULL }
140 };
141
142 #define MQTT_SUBACK_FAILURE 128
143
144 static const value_string mqtt_subqos_vals[] = {
145 { MQTT_QOS_ATMOST_ONCE, "At most once delivery (Fire and Forget)" },
146 { MQTT_QOS_ATLEAST_ONCE, "At least once delivery (Acknowledged deliver)" },
147 { MQTT_QOS_EXACTLY_ONCE, "Exactly once delivery (Assured Delivery)" },
148 { MQTT_QOS_RESERVED, "Reserved" },
149 { MQTT_SUBACK_FAILURE, "Failure" },
150 { 0, NULL }
151 };
152
153 #define MQTT_CON_ACCEPTED 0
154 #define MQTT_CON_REFUSED_VERSION_MISMATCH 1
155 #define MQTT_CON_REFUSED_ID_REJECTED 2
156 #define MQTT_CON_REFUSED_SERVER_UNAVAILABLE 3
157 #define MQTT_CON_REFUSED_BAD_USER_PASSWD 4
158 #define MQTT_CON_REFUSED_UNAUTHORIZED 5
159
160 static const value_string mqtt_conack_vals[] = {
161 { MQTT_CON_ACCEPTED, "Connection Accepted" },
162 { MQTT_CON_REFUSED_VERSION_MISMATCH, "Connection Refused: unacceptable protocol version" },
163 { MQTT_CON_REFUSED_ID_REJECTED, "Connection Refused: identifier rejected" },
164 { MQTT_CON_REFUSED_SERVER_UNAVAILABLE, "Connection Refused: server unavailable" },
165 { MQTT_CON_REFUSED_BAD_USER_PASSWD, "Connection Refused: bad user name or password" },
166 { MQTT_CON_REFUSED_UNAUTHORIZED, "Connection Refused: not authorized" },
167 { 0, NULL }
168 };
169
170 #define MQTT_CONMASK_USER 0x80
171 #define MQTT_CONMASK_PASSWD 0x40
172 #define MQTT_CONMASK_RETAIN 0x20
173 #define MQTT_CONMASK_QOS 0x18
174 #define MQTT_CONMASK_WILLFLAG 0x04
175 #define MQTT_CONMASK_CLEANSESS 0x02
176 #define MQTT_CONMASK_RESERVED 0x01
177
178 #define MQTT_CONACKMASK_RESERVED 0xFE
179 #define MQTT_CONACKMASK_SP 0x01
180
181 /* The protocol version is present in the CONNECT message. */
182 typedef struct {
183 guint8 runtime_proto_version;
184 wmem_map_t *topic_alias_map;
185 } mqtt_conv_t;
186
187 typedef struct _mqtt_message_decode_t {
188 guint match_criteria;
189 char *topic_pattern;
190 GRegex *topic_regex;
191 guint msg_decoding;
192 char *payload_proto_name;
193 dissector_handle_t payload_proto;
194 } mqtt_message_decode_t;
195
196 typedef struct _mqtt_properties_t {
197 const guint8 *content_type;
198 guint32 topic_alias;
199 } mqtt_properties_t;
200
201 #define MATCH_CRITERIA_EQUAL 0
202 #define MATCH_CRITERIA_CONTAINS 1
203 #define MATCH_CRITERIA_STARTS_WITH 2
204 #define MATCH_CRITERIA_ENDS_WITH 3
205 #define MATCH_CRITERIA_REGEX 4
206
207 static const value_string match_criteria[] = {
208 { MATCH_CRITERIA_EQUAL, "Equal to" },
209 { MATCH_CRITERIA_CONTAINS, "Contains" },
210 { MATCH_CRITERIA_STARTS_WITH, "Starts with" },
211 { MATCH_CRITERIA_ENDS_WITH, "Ends with" },
212 { MATCH_CRITERIA_REGEX, "Regular Expression" },
213 { 0, NULL }
214 };
215
216 #define MSG_DECODING_NONE 0
217 #define MSG_DECODING_COMPRESSED 1
218
219 static const value_string msg_decoding[] = {
220 { MSG_DECODING_NONE, "none" },
221 { MSG_DECODING_COMPRESSED, "compressed" },
222 { 0, NULL }
223 };
224
225 #define PROP_PAYLOAD_FORMAT_INDICATOR 0x01
226 #define PROP_PUBLICATION_EXPIRY_INTERVAL 0x02
227 #define PROP_CONTENT_TYPE 0x03
228 #define PROP_RESPONSE_TOPIC 0x08
229 #define PROP_CORRELATION_DATA 0x09
230 #define PROP_SUBSCRIPTION_IDENTIFIER 0x0B
231 #define PROP_SESSION_EXPIRY_INTERVAL 0x11
232 #define PROP_ASSIGNED_CLIENT_IDENTIFIER 0x12
233 #define PROP_SERVER_KEEP_ALIVE 0x13
234 #define PROP_AUTH_METHOD 0x15
235 #define PROP_AUTH_DATA 0x16
236 #define PROP_REQUEST_PROBLEM_INFORMATION 0x17
237 #define PROP_WILL_DELAY_INTERVAL 0x18
238 #define PROP_REQUEST_RESPONSE_INFORMATION 0x19
239 #define PROP_RESPONSE_INFORMATION 0x1A
240 #define PROP_SERVER_REFERENCE 0x1C
241 #define PROP_REASON_STRING 0x1F
242 #define PROP_RECEIVE_MAXIMUM 0x21
243 #define PROP_TOPIC_ALIAS_MAXIMUM 0x22
244 #define PROP_TOPIC_ALIAS 0x23
245 #define PROP_MAXIMUM_QOS 0x24
246 #define PROP_RETAIN_AVAILABLE 0x25
247 #define PROP_USER_PROPERTY 0x26
248 #define PROP_MAXIMUM_PACKET_SIZE 0x27
249 #define PROP_WILDCARD_SUBSCRIPTION_AVAILABLE 0x28
250 #define PROP_SUBSCRIPTION_IDENTIFIER_AVAILABLE 0x29
251 #define PROP_SHARED_SUBSCRIPTION_AVAILABLE 0x2A
252
253 static const value_string mqtt_property_vals[] = {
254 { PROP_PAYLOAD_FORMAT_INDICATOR, "Payload Format Indicator" },
255 { PROP_PUBLICATION_EXPIRY_INTERVAL, "Publication Expiry Interval" },
256 { PROP_CONTENT_TYPE, "Content Type" },
257 { PROP_RESPONSE_TOPIC, "Response Topic" },
258 { PROP_CORRELATION_DATA, "Correlation Data" },
259 { PROP_SUBSCRIPTION_IDENTIFIER, "Subscription Identifier" },
260 { PROP_SESSION_EXPIRY_INTERVAL, "Session Expiry Interval" },
261 { PROP_ASSIGNED_CLIENT_IDENTIFIER, "Assigned Client Identifier" },
262 { PROP_SERVER_KEEP_ALIVE, "Server Keep Alive" },
263 { PROP_AUTH_METHOD, "Authentication Method" },
264 { PROP_AUTH_DATA, "Authentication Data" },
265 { PROP_REQUEST_PROBLEM_INFORMATION, "Request Problem Information" },
266 { PROP_WILL_DELAY_INTERVAL, "Will Delay Interval" },
267 { PROP_REQUEST_RESPONSE_INFORMATION, "Request Response Information" },
268 { PROP_RESPONSE_INFORMATION, "Response Information" },
269 { PROP_SERVER_REFERENCE, "Server Reference" },
270 { PROP_REASON_STRING, "Reason String" },
271 { PROP_RECEIVE_MAXIMUM, "Receive Maximum" },
272 { PROP_TOPIC_ALIAS_MAXIMUM, "Topic Alias Maximum" },
273 { PROP_TOPIC_ALIAS, "Topic Alias" },
274 { PROP_MAXIMUM_QOS, "Maximum QoS" },
275 { PROP_RETAIN_AVAILABLE, "Retain Available" },
276 { PROP_USER_PROPERTY, "User Property" },
277 { PROP_MAXIMUM_PACKET_SIZE, "Maximum Packet Size" },
278 { PROP_WILDCARD_SUBSCRIPTION_AVAILABLE, "Wildcard Subscription Available" },
279 { PROP_SUBSCRIPTION_IDENTIFIER_AVAILABLE, "Subscription Identifier Available" },
280 { PROP_SHARED_SUBSCRIPTION_AVAILABLE, "Shared Subscription Available" },
281 { 0, NULL }
282 };
283
284 /* MQTT v5.0 Subscription Options, Retain Handling option */
285 #define SUBSCRIPTION_RETAIN_SEND 0x00
286 #define SUBSCRIPTION_RETAIN_SEND_DONT_EXIST 0x01
287 #define SUBSCRIPTION_RETAIN_DONT_SEND 0x02
288 #define SUBSCRIPTION_RETAIN_RESERVED 0x03
289
290 static const value_string mqtt_subscription_retain_handling[] = {
291 { SUBSCRIPTION_RETAIN_SEND, "Send msgs at subscription time" },
292 { SUBSCRIPTION_RETAIN_SEND_DONT_EXIST, "Send msgs if subscription does not exist" },
293 { SUBSCRIPTION_RETAIN_DONT_SEND, "Do not send msgs at subscription time" },
294 { SUBSCRIPTION_RETAIN_RESERVED, "Reserved" },
295 { 0, NULL }
296 };
297
298 /* MQTT v5.0 Reason Codes */
299 #define RC_SUCCESS 0x00
300 #define RC_NORMAL_DISCONNECTION 0x00
301 #define RC_GRANTED_QOS0 0x00
302 #define RC_GRANTED_QOS1 0x01
303 #define RC_GRANTED_QOS2 0x02
304 #define RC_DISCONNECT_WILL 0x04
305 #define RC_NO_MATCHING_SUBSCRIBERS 0x10
306 #define RC_NO_SUBSCRIPTION_EXISTED 0x11
307 #define RC_CONTINUE_AUTHENTICATION 0x18
308 #define RC_RE_AUTHENTICATE 0x19
309 #define RC_UNSPECIFIED_ERROR 0x80
310 #define RC_MALFORMED_PACKET 0x81
311 #define RC_PROTOCOL_ERROR 0x82
312 #define RC_IMPLEMENTATION_SPECIFIC_ERROR 0x83
313 #define RC_UNSUPPORTED_PROTOCOL_VERSION 0x84
314 #define RC_CLIENT_IDENTIFIER_NOT_VALID 0x85
315 #define RC_BAD_USER_NAME_OR_PASSWORD 0x86
316 #define RC_NOT_AUTHORIZED 0x87
317 #define RC_SERVER_UNAVAILABLE 0x88
318 #define RC_SERVER_BUSY 0x89
319 #define RC_BANNED 0x8A
320 #define RC_SERVER_SHUTTING_DOWN 0x8B
321 #define RC_BAD_AUTHENTICATION_METHOD 0x8C
322 #define RC_KEEP_ALIVE_TIMEOUT 0x8D
323 #define RC_SESSION_TAKEN_OVER 0x8E
324 #define RC_TOPIC_FILTER_INVALID 0x8F
325 #define RC_TOPIC_NAME_INVALID 0x90
326 #define RC_PACKET_IDENTIFIER_IN_USE 0x91
327 #define RC_PACKET_IDENTIFIER_NOT_FOUND 0x92
328 #define RC_RECEIVE_MAXIMUM_EXCEEDED 0x93
329 #define RC_TOPIC_ALIAS_INVALID 0x94
330 #define RC_PACKET_TOO_LARGE 0x95
331 #define RC_MESSAGE_RATE_TOO_HIGH 0x96
332 #define RC_QUOTA_EXCEEDED 0x97
333 #define RC_ADMINISTRATIVE_ACTION 0x98
334 #define RC_PAYLOAD_FORMAT_INVALID 0x99
335 #define RC_RETAIN_NOT_SUPPORTED 0x9A
336 #define RC_QOS_NOT_SUPPORTED 0x9B
337 #define RC_USE_ANOTHER_SERVER 0x9C
338 #define RC_SERVER_MOVED 0x9D
339 #define RC_SHARED_SUBSCRIPTION_NOT_SUPPORTED 0x9E
340 #define RC_CONNECTION_RATE_EXCEEDED 0x9F
341 #define RC_MAXIMUM_CONNECT_TIME 0xA0
342 #define RC_SUBSCRIPTION_IDENTIFIERS_NOT_SUPPORTED 0xA1
343 #define RC_WILDCARD_SUBSCRIPTION_NOT_SUPPORTED 0xA2
344
345 #define RC_SUCCESS_STR "Success"
346 #define RC_NORMAL_DISCONNECTION_STR "Normal disconnection"
347 #define RC_GRANTED_QOS0_STR "Granted QoS 0"
348 #define RC_GRANTED_QOS1_STR "Granted QoS 1"
349 #define RC_GRANTED_QOS2_STR "Granted QoS 2"
350 #define RC_DISCONNECT_WILL_STR "Disconnect with Will Message"
351 #define RC_NO_MATCHING_SUBSCRIBERS_STR "No matching subscribers"
352 #define RC_NO_SUBSCRIPTION_EXISTED_STR "No subscription existed"
353 #define RC_CONTINUE_AUTHENTICATION_STR "Continue authentication"
354 #define RC_RE_AUTHENTICATE_STR "Re-authenticate"
355 #define RC_UNSPECIFIED_ERROR_STR "Unspecified error"
356 #define RC_MALFORMED_PACKET_STR "Malformed Packet"
357 #define RC_PROTOCOL_ERROR_STR "Protocol Error"
358 #define RC_IMPLEMENTATION_SPECIFIC_ERROR_STR "Implementation specific error"
359 #define RC_UNSUPPORTED_PROTOCOL_VERSION_STR "Unsupported Protocol Version"
360 #define RC_CLIENT_IDENTIFIER_NOT_VALID_STR "Client Identifier not valid"
361 #define RC_BAD_USER_NAME_OR_PASSWORD_STR "Bad User Name or Password"
362 #define RC_NOT_AUTHORIZED_STR "Not authorized"
363 #define RC_SERVER_UNAVAILABLE_STR "Server unavailable"
364 #define RC_SERVER_BUSY_STR "Server busy"
365 #define RC_BANNED_STR "Banned"
366 #define RC_SERVER_SHUTTING_DOWN_STR "Server shutting down"
367 #define RC_BAD_AUTHENTICATION_METHOD_STR "Bad authentication method"
368 #define RC_KEEP_ALIVE_TIMEOUT_STR "Keep Alive timeout"
369 #define RC_SESSION_TAKEN_OVER_STR "Session taken over"
370 #define RC_TOPIC_FILTER_INVALID_STR "Topic Filter invalid"
371 #define RC_TOPIC_NAME_INVALID_STR "Topic Name invalid"
372 #define RC_PACKET_IDENTIFIER_IN_USE_STR "Packet Identifier in use"
373 #define RC_PACKET_IDENTIFIER_NOT_FOUND_STR "Packet Identifier not found"
374 #define RC_RECEIVE_MAXIMUM_EXCEEDED_STR "Receive Maximum exceeded"
375 #define RC_TOPIC_ALIAS_INVALID_STR "Topic Alias invalid"
376 #define RC_PACKET_TOO_LARGE_STR "Packet too large"
377 #define RC_MESSAGE_RATE_TOO_HIGH_STR "Message rate too high"
378 #define RC_QUOTA_EXCEEDED_STR "Quota exceeded"
379 #define RC_ADMINISTRATIVE_ACTION_STR "Administrative action"
380 #define RC_PAYLOAD_FORMAT_INVALID_STR "Payload format invalid"
381 #define RC_RETAIN_NOT_SUPPORTED_STR "Retain not supported"
382 #define RC_QOS_NOT_SUPPORTED_STR "QoS not supported"
383 #define RC_USE_ANOTHER_SERVER_STR "Use another server"
384 #define RC_SERVER_MOVED_STR "Server moved"
385 #define RC_SHARED_SUBSCRIPTION_NOT_SUPPORTED_STR "Shared Subscription not supported"
386 #define RC_CONNECTION_RATE_EXCEEDED_STR "Connection rate exceeded"
387 #define RC_MAXIMUM_CONNECT_TIME_STR "Maximum connect time"
388 #define RC_SUBSCRIPTION_IDENTIFIERS_NOT_SUPPORTED_STR "Subscription Identifiers not supported"
389 #define RC_WILDCARD_SUBSCRIPTION_NOT_SUPPORTED_STR "Wildcard Subscription not supported"
390
391 static const value_string mqtt_reason_code_connack_vals[] = {
392 { RC_SUCCESS, RC_SUCCESS_STR },
393 { RC_UNSPECIFIED_ERROR, RC_UNSPECIFIED_ERROR_STR },
394 { RC_MALFORMED_PACKET, RC_MALFORMED_PACKET_STR },
395 { RC_PROTOCOL_ERROR, RC_PROTOCOL_ERROR_STR },
396 { RC_IMPLEMENTATION_SPECIFIC_ERROR, RC_IMPLEMENTATION_SPECIFIC_ERROR_STR },
397 { RC_UNSUPPORTED_PROTOCOL_VERSION, RC_UNSUPPORTED_PROTOCOL_VERSION_STR },
398 { RC_CLIENT_IDENTIFIER_NOT_VALID, RC_CLIENT_IDENTIFIER_NOT_VALID_STR },
399 { RC_BAD_USER_NAME_OR_PASSWORD, RC_BAD_USER_NAME_OR_PASSWORD_STR },
400 { RC_NOT_AUTHORIZED, RC_NOT_AUTHORIZED_STR },
401 { RC_SERVER_UNAVAILABLE, RC_SERVER_UNAVAILABLE_STR },
402 { RC_SERVER_BUSY, RC_SERVER_BUSY_STR },
403 { RC_BANNED, RC_BANNED_STR },
404 { RC_BAD_AUTHENTICATION_METHOD, RC_BAD_AUTHENTICATION_METHOD_STR },
405 { RC_TOPIC_NAME_INVALID, RC_TOPIC_NAME_INVALID_STR },
406 { RC_PACKET_TOO_LARGE, RC_PACKET_TOO_LARGE_STR },
407 { RC_QUOTA_EXCEEDED, RC_QUOTA_EXCEEDED_STR },
408 { RC_RETAIN_NOT_SUPPORTED, RC_RETAIN_NOT_SUPPORTED_STR },
409 { RC_QOS_NOT_SUPPORTED, RC_QOS_NOT_SUPPORTED_STR },
410 { RC_USE_ANOTHER_SERVER, RC_USE_ANOTHER_SERVER_STR },
411 { RC_SERVER_MOVED, RC_SERVER_MOVED_STR },
412 { RC_CONNECTION_RATE_EXCEEDED, RC_CONNECTION_RATE_EXCEEDED_STR },
413 { 0, NULL }
414 };
415
416 static const value_string mqtt_reason_code_puback_vals[] = {
417 { RC_SUCCESS, RC_SUCCESS_STR },
418 { RC_NO_MATCHING_SUBSCRIBERS, RC_NO_MATCHING_SUBSCRIBERS_STR },
419 { RC_UNSPECIFIED_ERROR, RC_UNSPECIFIED_ERROR_STR },
420 { RC_IMPLEMENTATION_SPECIFIC_ERROR, RC_IMPLEMENTATION_SPECIFIC_ERROR_STR },
421 { RC_NOT_AUTHORIZED, RC_NOT_AUTHORIZED_STR },
422 { RC_TOPIC_NAME_INVALID, RC_TOPIC_NAME_INVALID_STR },
423 { RC_PACKET_IDENTIFIER_IN_USE, RC_PACKET_IDENTIFIER_IN_USE_STR },
424 { RC_QUOTA_EXCEEDED, RC_QUOTA_EXCEEDED_STR },
425 { RC_PAYLOAD_FORMAT_INVALID, RC_PAYLOAD_FORMAT_INVALID_STR },
426 { 0, NULL }
427 };
428
429 static const value_string mqtt_reason_code_pubrel_vals[] = {
430 { RC_SUCCESS, RC_SUCCESS_STR },
431 { RC_PACKET_IDENTIFIER_NOT_FOUND, RC_PACKET_IDENTIFIER_NOT_FOUND_STR },
432 { 0, NULL }
433 };
434
435 static const value_string mqtt_reason_code_suback_vals[] = {
436 { RC_GRANTED_QOS0, RC_GRANTED_QOS0_STR },
437 { RC_GRANTED_QOS1, RC_GRANTED_QOS1_STR },
438 { RC_GRANTED_QOS2, RC_GRANTED_QOS2_STR },
439 { RC_UNSPECIFIED_ERROR, RC_UNSPECIFIED_ERROR_STR },
440 { RC_IMPLEMENTATION_SPECIFIC_ERROR, RC_IMPLEMENTATION_SPECIFIC_ERROR_STR },
441 { RC_NOT_AUTHORIZED, RC_NOT_AUTHORIZED_STR },
442 { RC_TOPIC_FILTER_INVALID, RC_TOPIC_FILTER_INVALID_STR },
443 { RC_PACKET_IDENTIFIER_IN_USE, RC_PACKET_IDENTIFIER_IN_USE_STR },
444 { RC_QUOTA_EXCEEDED, RC_QUOTA_EXCEEDED_STR },
445 { RC_SHARED_SUBSCRIPTION_NOT_SUPPORTED, RC_SHARED_SUBSCRIPTION_NOT_SUPPORTED_STR },
446 { RC_SUBSCRIPTION_IDENTIFIERS_NOT_SUPPORTED, RC_SUBSCRIPTION_IDENTIFIERS_NOT_SUPPORTED_STR },
447 { RC_WILDCARD_SUBSCRIPTION_NOT_SUPPORTED, RC_WILDCARD_SUBSCRIPTION_NOT_SUPPORTED_STR },
448 { 0, NULL }
449 };
450
451 static const value_string mqtt_reason_code_unsuback_vals[] = {
452 { RC_SUCCESS, RC_SUCCESS_STR },
453 { RC_NO_SUBSCRIPTION_EXISTED, RC_NO_SUBSCRIPTION_EXISTED_STR },
454 { RC_IMPLEMENTATION_SPECIFIC_ERROR, RC_IMPLEMENTATION_SPECIFIC_ERROR_STR },
455 { RC_NOT_AUTHORIZED, RC_NOT_AUTHORIZED_STR },
456 { RC_TOPIC_FILTER_INVALID, RC_TOPIC_FILTER_INVALID_STR },
457 { RC_PACKET_IDENTIFIER_IN_USE, RC_PACKET_IDENTIFIER_IN_USE_STR },
458 { 0, NULL }
459 };
460
461 static const value_string mqtt_reason_code_disconnect_vals[] = {
462 { RC_NORMAL_DISCONNECTION, RC_NORMAL_DISCONNECTION_STR },
463 { RC_DISCONNECT_WILL, RC_DISCONNECT_WILL_STR },
464 { RC_UNSPECIFIED_ERROR, RC_UNSPECIFIED_ERROR_STR },
465 { RC_MALFORMED_PACKET, RC_MALFORMED_PACKET_STR },
466 { RC_PROTOCOL_ERROR, RC_PROTOCOL_ERROR_STR },
467 { RC_IMPLEMENTATION_SPECIFIC_ERROR, RC_IMPLEMENTATION_SPECIFIC_ERROR_STR },
468 { RC_NOT_AUTHORIZED, RC_NOT_AUTHORIZED_STR },
469 { RC_SERVER_BUSY, RC_SERVER_BUSY_STR },
470 { RC_SERVER_SHUTTING_DOWN, RC_SERVER_SHUTTING_DOWN_STR },
471 /* Bad authentication method: check Table 2.6 and Table 3.13 */
472 { RC_BAD_AUTHENTICATION_METHOD, RC_BAD_AUTHENTICATION_METHOD_STR },
473 { RC_KEEP_ALIVE_TIMEOUT, RC_KEEP_ALIVE_TIMEOUT_STR },
474 { RC_SESSION_TAKEN_OVER, RC_SESSION_TAKEN_OVER_STR },
475 { RC_TOPIC_FILTER_INVALID, RC_TOPIC_FILTER_INVALID_STR },
476 { RC_TOPIC_NAME_INVALID, RC_TOPIC_NAME_INVALID_STR },
477 { RC_RECEIVE_MAXIMUM_EXCEEDED, RC_RECEIVE_MAXIMUM_EXCEEDED_STR },
478 { RC_TOPIC_ALIAS_INVALID, RC_TOPIC_ALIAS_INVALID_STR },
479 { RC_PACKET_TOO_LARGE, RC_PACKET_TOO_LARGE_STR },
480 { RC_MESSAGE_RATE_TOO_HIGH, RC_MESSAGE_RATE_TOO_HIGH_STR },
481 { RC_QUOTA_EXCEEDED, RC_QUOTA_EXCEEDED_STR },
482 { RC_ADMINISTRATIVE_ACTION, RC_ADMINISTRATIVE_ACTION_STR },
483 { RC_PAYLOAD_FORMAT_INVALID, RC_PAYLOAD_FORMAT_INVALID_STR },
484 { RC_RETAIN_NOT_SUPPORTED, RC_RETAIN_NOT_SUPPORTED_STR },
485 { RC_QOS_NOT_SUPPORTED, RC_QOS_NOT_SUPPORTED_STR },
486 { RC_USE_ANOTHER_SERVER, RC_USE_ANOTHER_SERVER_STR },
487 { RC_SERVER_MOVED, RC_SERVER_MOVED_STR },
488 { RC_SHARED_SUBSCRIPTION_NOT_SUPPORTED, RC_SHARED_SUBSCRIPTION_NOT_SUPPORTED_STR },
489 { RC_CONNECTION_RATE_EXCEEDED, RC_CONNECTION_RATE_EXCEEDED_STR },
490 { RC_MAXIMUM_CONNECT_TIME, RC_MAXIMUM_CONNECT_TIME_STR },
491 { RC_SUBSCRIPTION_IDENTIFIERS_NOT_SUPPORTED, RC_SUBSCRIPTION_IDENTIFIERS_NOT_SUPPORTED_STR },
492 { RC_WILDCARD_SUBSCRIPTION_NOT_SUPPORTED, RC_WILDCARD_SUBSCRIPTION_NOT_SUPPORTED_STR },
493 { 0, NULL }
494 };
495
496 static const value_string mqtt_reason_code_auth_vals[] = {
497 { RC_SUCCESS, RC_SUCCESS_STR },
498 { RC_CONTINUE_AUTHENTICATION, RC_CONTINUE_AUTHENTICATION_STR },
499 { RC_RE_AUTHENTICATE, RC_RE_AUTHENTICATE_STR },
500 { 0, NULL }
501 };
502
503 static mqtt_message_decode_t *mqtt_message_decodes;
504 static guint num_mqtt_message_decodes;
505 static gint default_protocol_version;
506
507 static dissector_handle_t mqtt_handle;
508
509 static heur_dissector_list_t mqtt_topic_subdissector;
510
511 /* Initialize the protocol and registered fields */
512 static int proto_mqtt = -1;
513
514 /* Message */
515 static int hf_mqtt_hdrflags = -1;
516 static int hf_mqtt_msg_len = -1;
517 static int hf_mqtt_msg_type = -1;
518 static int hf_mqtt_reserved = -1;
519 static int hf_mqtt_dup_flag = -1;
520 static int hf_mqtt_qos_level = -1;
521 static int hf_mqtt_retain = -1;
522 static int hf_mqtt_retain_reserved = -1;
523 static int hf_mqtt_conack_reserved = -1;
524 static int hf_mqtt_conack_flags = -1;
525 static int hf_mqtt_conackflag_reserved = -1;
526 static int hf_mqtt_conackflag_sp = -1;
527 static int hf_mqtt_conack_code = -1;
528 static int hf_mqtt_msgid = -1;
529 static int hf_mqtt_sub_qos = -1;
530 static int hf_mqtt_suback_qos = -1;
531 static int hf_mqtt_topic_len = -1;
532 static int hf_mqtt_topic = -1;
533 static int hf_mqtt_will_topic_len = -1;
534 static int hf_mqtt_will_topic = -1;
535 static int hf_mqtt_will_msg_len = -1;
536 static int hf_mqtt_will_msg = -1;
537 static int hf_mqtt_will_msg_text = -1;
538 static int hf_mqtt_username_len = -1;
539 static int hf_mqtt_username = -1;
540 static int hf_mqtt_passwd_len = -1;
541 static int hf_mqtt_passwd = -1;
542 static int hf_mqtt_pubmsg = -1;
543 static int hf_mqtt_pubmsg_text = -1;
544 static int hf_mqtt_pubmsg_decoded = -1;
545 static int hf_mqtt_proto_len = -1;
546 static int hf_mqtt_proto_name = -1;
547 static int hf_mqtt_client_id_len = -1;
548 static int hf_mqtt_client_id = -1;
549 static int hf_mqtt_proto_ver = -1;
550 static int hf_mqtt_conflags = -1;
551 static int hf_mqtt_conflag_user = -1;
552 static int hf_mqtt_conflag_passwd = -1;
553 static int hf_mqtt_conflag_will_retain = -1;
554 static int hf_mqtt_conflag_will_qos = -1;
555 static int hf_mqtt_conflag_will_flag = -1;
556 static int hf_mqtt_conflag_clean_sess = -1;
557 static int hf_mqtt_conflag_reserved = -1;
558 static int hf_mqtt_keep_alive = -1;
559 static int hf_mqtt_subscription_options = -1;
560
561 /* MQTT v5.0 Reason Codes */
562 static int hf_mqtt_reason_code_connack = -1;
563 static int hf_mqtt_reason_code_puback = -1;
564 static int hf_mqtt_reason_code_pubrec = -1;
565 static int hf_mqtt_reason_code_pubrel = -1;
566 static int hf_mqtt_reason_code_pubcomp = -1;
567 static int hf_mqtt_reason_code_suback = -1;
568 static int hf_mqtt_reason_code_unsuback = -1;
569 static int hf_mqtt_reason_code_disconnect = -1;
570 static int hf_mqtt_reason_code_auth = -1;
571
572 /* MQTT v5.0 Subscribe Options */
573 static int hf_mqtt_subscription_qos = -1;
574 static int hf_mqtt_subscription_nl = -1;
575 static int hf_mqtt_subscription_rap = -1;
576 static int hf_mqtt_subscription_retain = -1;
577 static int hf_mqtt_subscription_reserved = -1;
578
579 /* MQTT v5.0 Properties */
580 static int hf_mqtt_property_len = -1;
581 static int hf_mqtt_property = -1;
582 static int hf_mqtt_will_property = -1;
583 static int hf_mqtt_property_id = -1;
584 static int hf_mqtt_prop_num = -1;
585 static int hf_mqtt_prop_content_type = -1;
586 static int hf_mqtt_prop_max_qos = -1;
587 static int hf_mqtt_prop_topic_alias = -1;
588 static int hf_mqtt_prop_unknown = -1;
589 static int hf_mqtt_prop_string_len = -1;
590 static int hf_mqtt_prop_string = -1;
591 static int hf_mqtt_prop_key_len = -1;
592 static int hf_mqtt_prop_key = -1;
593 static int hf_mqtt_prop_value_len = -1;
594 static int hf_mqtt_prop_value = -1;
595
596 /* Initialize the subtree pointers */
597 static gint ett_mqtt_hdr = -1;
598 static gint ett_mqtt_msg = -1;
599 static gint ett_mqtt_hdr_flags = -1;
600 static gint ett_mqtt_con_flags = -1;
601 static gint ett_mqtt_conack_flags = -1;
602 static gint ett_mqtt_property = -1;
603 static gint ett_mqtt_subscription_flags = -1;
604
605 /* Initialize the expert fields */
606 static expert_field ei_illegal_length = EI_INIT;
607 static expert_field ei_unknown_version = EI_INIT;
608 static expert_field ei_unknown_topic_alias = EI_INIT;
609
610 /* Reassemble SMPP TCP segments */
611 static gboolean reassemble_mqtt_over_tcp = TRUE;
612
613 /* Show Publish Message as text */
614 static gboolean show_msg_as_text;
615
get_mqtt_pdu_len(packet_info * pinfo _U_,tvbuff_t * tvb,int offset,void * data _U_)616 static guint get_mqtt_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb,
617 int offset, void *data _U_)
618 {
619 guint64 msg_len;
620 guint len_offset;
621
622 len_offset = tvb_get_varint(tvb, (offset + MQTT_HDR_SIZE_BEFORE_LEN), FT_VARINT_MAX_LEN, &msg_len, ENC_VARINT_PROTOBUF);
623
624 /* Explicitly downcast the value, because the length can never be more than 4 bytes */
625 return (guint)(msg_len + len_offset + MQTT_HDR_SIZE_BEFORE_LEN);
626 }
627
mqtt_message_decode_copy_cb(void * dest,const void * orig,size_t len _U_)628 static void *mqtt_message_decode_copy_cb(void *dest, const void *orig, size_t len _U_)
629 {
630 const mqtt_message_decode_t *o = (const mqtt_message_decode_t *)orig;
631 mqtt_message_decode_t *d = (mqtt_message_decode_t *)dest;
632
633 d->match_criteria = o->match_criteria;
634 d->topic_pattern = g_strdup(o->topic_pattern);
635 d->msg_decoding = o->msg_decoding;
636 d->payload_proto_name = g_strdup(o->payload_proto_name);
637 d->payload_proto = o->payload_proto;
638
639 return d;
640 }
641
mqtt_message_decode_update_cb(void * record,char ** error)642 static gboolean mqtt_message_decode_update_cb(void *record, char **error)
643 {
644 mqtt_message_decode_t *u = (mqtt_message_decode_t *)record;
645
646 if (u->topic_pattern == NULL || strlen(u->topic_pattern) == 0)
647 {
648 *error = g_strdup("Missing topic pattern");
649 return FALSE;
650 }
651
652 if (u->payload_proto_name == NULL || strlen(u->payload_proto_name) == 0)
653 {
654 *error = g_strdup("Missing payload protocol");
655 return FALSE;
656 }
657
658 if (u->match_criteria == MATCH_CRITERIA_REGEX)
659 {
660 u->topic_regex = g_regex_new(u->topic_pattern, (GRegexCompileFlags) G_REGEX_OPTIMIZE, (GRegexMatchFlags) 0, NULL);
661 if (!u->topic_regex)
662 {
663 *error = g_strdup_printf("Invalid regex: %s", u->topic_pattern);
664 return FALSE;
665 }
666 }
667
668 return TRUE;
669 }
670
mqtt_message_decode_free_cb(void * record)671 static void mqtt_message_decode_free_cb(void *record)
672 {
673 mqtt_message_decode_t *u = (mqtt_message_decode_t *)record;
674
675 g_free(u->topic_pattern);
676 if (u->topic_regex)
677 {
678 g_regex_unref(u->topic_regex);
679 }
680 g_free(u->payload_proto_name);
681 }
682
683 UAT_VS_DEF(message_decode, match_criteria, mqtt_message_decode_t, guint, MATCH_CRITERIA_EQUAL, "Equal to")
UAT_CSTRING_CB_DEF(message_decode,topic_pattern,mqtt_message_decode_t)684 UAT_CSTRING_CB_DEF(message_decode, topic_pattern, mqtt_message_decode_t)
685 UAT_VS_DEF(message_decode, msg_decoding, mqtt_message_decode_t, guint, MSG_DECODING_NONE, "none")
686 UAT_PROTO_DEF(message_decode, payload_proto, payload_proto, payload_proto_name, mqtt_message_decode_t)
687
688 static gboolean mqtt_user_decode_message(proto_tree *tree, proto_tree *mqtt_tree, packet_info *pinfo, const guint8 *topic_str, tvbuff_t *msg_tvb)
689 {
690 mqtt_message_decode_t *message_decode_entry = NULL;
691 size_t topic_str_len = strlen(topic_str);
692 size_t topic_pattern_len;
693 gboolean match_found = FALSE;
694
695 if (topic_str_len == 0)
696 {
697 /* No topic to match */
698 return FALSE;
699 }
700
701 for (guint i = 0; i < num_mqtt_message_decodes && !match_found; i++)
702 {
703 message_decode_entry = &mqtt_message_decodes[i];
704 switch (message_decode_entry->match_criteria)
705 {
706 case MATCH_CRITERIA_EQUAL:
707 match_found = (strcmp(topic_str, message_decode_entry->topic_pattern) == 0);
708 break;
709 case MATCH_CRITERIA_CONTAINS:
710 match_found = (strstr(topic_str, message_decode_entry->topic_pattern) != NULL);
711 break;
712 case MATCH_CRITERIA_STARTS_WITH:
713 topic_pattern_len = strlen(message_decode_entry->topic_pattern);
714 match_found = ((topic_str_len >= topic_pattern_len) &&
715 (strncmp(topic_str, message_decode_entry->topic_pattern, topic_pattern_len) == 0));
716 break;
717 case MATCH_CRITERIA_ENDS_WITH:
718 topic_pattern_len = strlen(message_decode_entry->topic_pattern);
719 match_found = ((topic_str_len >= topic_pattern_len) &&
720 (strcmp(topic_str + (topic_str_len - topic_pattern_len), message_decode_entry->topic_pattern) == 0));
721 break;
722 case MATCH_CRITERIA_REGEX:
723 if (message_decode_entry->topic_regex)
724 {
725 GMatchInfo *match_info = NULL;
726 /* DISSECTOR_ASSERT(g_utf8_validate(topic_str, -1, NULL)); */
727 g_regex_match(message_decode_entry->topic_regex, topic_str, (GRegexMatchFlags) 0, &match_info);
728 match_found = g_match_info_matches(match_info);
729 g_match_info_free(match_info);
730 }
731 break;
732 default:
733 /* Unknown match criteria */
734 break;
735 }
736 }
737
738 if (match_found)
739 {
740 if (message_decode_entry->msg_decoding == MSG_DECODING_COMPRESSED)
741 {
742 msg_tvb = tvb_child_uncompress(msg_tvb, msg_tvb, 0, tvb_reported_length(msg_tvb));
743 if (msg_tvb)
744 {
745 add_new_data_source(pinfo, msg_tvb, "Uncompressed Message");
746 }
747 }
748
749 if (msg_tvb)
750 {
751 proto_item *ti = proto_tree_add_string(mqtt_tree, hf_mqtt_pubmsg_decoded, msg_tvb, 0, -1,
752 message_decode_entry->payload_proto_name);
753 proto_item_set_generated(ti);
754
755 call_dissector(message_decode_entry->payload_proto, msg_tvb, pinfo, tree);
756 }
757 }
758
759 return match_found;
760 }
761
dissect_string(tvbuff_t * tvb,proto_tree * tree,guint offset,int hf_len,int hf_value)762 static guint dissect_string(tvbuff_t *tvb, proto_tree *tree, guint offset, int hf_len, int hf_value)
763 {
764 guint32 prop_len;
765
766 proto_tree_add_item_ret_uint(tree, hf_len, tvb, offset, 2, ENC_BIG_ENDIAN, &prop_len);
767 proto_tree_add_item(tree, hf_value, tvb, offset + 2, prop_len, ENC_UTF_8|ENC_NA);
768
769 return 2 + prop_len;
770 }
771
772 /* MQTT v5.0: Reason Codes */
dissect_mqtt_reason_code(proto_tree * mqtt_tree,tvbuff_t * tvb,guint offset,guint8 mqtt_msg_type)773 static void dissect_mqtt_reason_code(proto_tree *mqtt_tree, tvbuff_t *tvb, guint offset, guint8 mqtt_msg_type)
774 {
775 static int * const hf_rcode[] = {
776 NULL, /* RESERVED */
777 NULL, /* CONNECT */
778 &hf_mqtt_reason_code_connack,
779 NULL, /* PUBLISH */
780 &hf_mqtt_reason_code_puback,
781 &hf_mqtt_reason_code_pubrec,
782 &hf_mqtt_reason_code_pubrel,
783 &hf_mqtt_reason_code_pubcomp,
784 NULL, /* SUBSCRIBE */
785 &hf_mqtt_reason_code_suback,
786 NULL, /* UNSUBSCRIBE */
787 &hf_mqtt_reason_code_unsuback,
788 NULL, /* PINGREQ */
789 NULL, /* PINGRESP */
790 &hf_mqtt_reason_code_disconnect,
791 &hf_mqtt_reason_code_auth
792 };
793
794 if (mqtt_msg_type < (sizeof hf_rcode / sizeof hf_rcode[0]))
795 {
796 const int *hfindex = hf_rcode[mqtt_msg_type];
797 if (hfindex)
798 {
799 proto_tree_add_item(mqtt_tree, *hfindex, tvb, offset, 1, ENC_BIG_ENDIAN);
800 }
801 }
802 }
803
804 /* MQTT v5.0: dissect the MQTT properties */
dissect_mqtt_properties(tvbuff_t * tvb,proto_tree * mqtt_tree,guint offset,int hf_property,mqtt_properties_t * mqtt_properties)805 static guint dissect_mqtt_properties(tvbuff_t *tvb, proto_tree *mqtt_tree, guint offset, int hf_property, mqtt_properties_t *mqtt_properties)
806 {
807 proto_tree *mqtt_prop_tree;
808 proto_item *ti;
809 guint64 vbi;
810
811 const guint mqtt_prop_offset = tvb_get_varint(tvb, offset, FT_VARINT_MAX_LEN, &vbi, ENC_VARINT_PROTOBUF);
812 /* Property Length field can be stored in uint32 */
813 const guint mqtt_prop_len = (gint)vbi;
814
815 /* Add the MQTT branch to the main tree */
816 /* hf_property is usually hf_mqtt_property, but can also be
817 * hf_mqtt_will_property when a Will is provided in a CONNECT packet */
818 ti = proto_tree_add_item(mqtt_tree, hf_property, tvb, offset, mqtt_prop_offset + mqtt_prop_len, ENC_NA);
819 mqtt_prop_tree = proto_item_add_subtree(ti, ett_mqtt_property);
820
821 proto_tree_add_item(mqtt_prop_tree, hf_mqtt_property_len, tvb, offset, mqtt_prop_offset, ENC_BIG_ENDIAN);
822 offset += mqtt_prop_offset;
823
824 const guint bytes_to_read = offset + mqtt_prop_len;
825 while (offset < bytes_to_read)
826 {
827 guint32 prop_id;
828 proto_tree_add_item_ret_uint(mqtt_prop_tree, hf_mqtt_property_id, tvb, offset, 1, ENC_BIG_ENDIAN, &prop_id);
829 offset += 1;
830
831 switch (prop_id)
832 {
833 case PROP_PAYLOAD_FORMAT_INDICATOR:
834 case PROP_REQUEST_PROBLEM_INFORMATION:
835 case PROP_REQUEST_RESPONSE_INFORMATION:
836 case PROP_RETAIN_AVAILABLE:
837 case PROP_WILDCARD_SUBSCRIPTION_AVAILABLE:
838 case PROP_SUBSCRIPTION_IDENTIFIER_AVAILABLE:
839 case PROP_SHARED_SUBSCRIPTION_AVAILABLE:
840 proto_tree_add_item(mqtt_prop_tree, hf_mqtt_prop_num, tvb, offset, 1, ENC_BIG_ENDIAN);
841 offset += 1;
842 break;
843
844 case PROP_MAXIMUM_QOS:
845 proto_tree_add_item(mqtt_prop_tree, hf_mqtt_prop_max_qos, tvb, offset, 1, ENC_BIG_ENDIAN);
846 offset += 1;
847 break;
848
849 case PROP_TOPIC_ALIAS:
850 proto_tree_add_item_ret_uint(mqtt_prop_tree, hf_mqtt_prop_topic_alias, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_properties->topic_alias);
851 offset += 2;
852 break;
853
854 case PROP_SERVER_KEEP_ALIVE:
855 case PROP_RECEIVE_MAXIMUM:
856 case PROP_TOPIC_ALIAS_MAXIMUM:
857 proto_tree_add_item(mqtt_prop_tree, hf_mqtt_prop_num, tvb, offset, 2, ENC_BIG_ENDIAN);
858 offset += 2;
859 break;
860
861 case PROP_PUBLICATION_EXPIRY_INTERVAL:
862 case PROP_SESSION_EXPIRY_INTERVAL:
863 case PROP_WILL_DELAY_INTERVAL:
864 case PROP_MAXIMUM_PACKET_SIZE:
865 proto_tree_add_item(mqtt_prop_tree, hf_mqtt_prop_num, tvb, offset, 4, ENC_BIG_ENDIAN);
866 offset += 4;
867 break;
868
869 case PROP_SUBSCRIPTION_IDENTIFIER:
870 {
871 gint vbi_len;
872 proto_tree_add_item_ret_length(mqtt_prop_tree, hf_mqtt_prop_num, tvb, offset, -1, ENC_LITTLE_ENDIAN|ENC_VARINT_PROTOBUF, &vbi_len);
873 offset += vbi_len;
874 break;
875 }
876
877 case PROP_CONTENT_TYPE:
878 {
879 gint length;
880 proto_tree_add_item_ret_string_and_length(mqtt_prop_tree, hf_mqtt_prop_content_type, tvb, offset, 2, ENC_UTF_8, wmem_packet_scope(), &mqtt_properties->content_type, &length);
881 offset += length;
882 break;
883 }
884
885 case PROP_RESPONSE_TOPIC:
886 case PROP_CORRELATION_DATA:
887 case PROP_ASSIGNED_CLIENT_IDENTIFIER:
888 case PROP_AUTH_METHOD:
889 case PROP_AUTH_DATA:
890 case PROP_RESPONSE_INFORMATION:
891 case PROP_SERVER_REFERENCE:
892 case PROP_REASON_STRING:
893 offset += dissect_string(tvb, mqtt_prop_tree, offset, hf_mqtt_prop_string_len, hf_mqtt_prop_string);
894 break;
895
896 case PROP_USER_PROPERTY:
897 offset += dissect_string(tvb, mqtt_prop_tree, offset, hf_mqtt_prop_key_len, hf_mqtt_prop_key);
898 offset += dissect_string(tvb, mqtt_prop_tree, offset, hf_mqtt_prop_value_len, hf_mqtt_prop_value);
899 break;
900
901 default:
902 proto_tree_add_item(mqtt_prop_tree, hf_mqtt_prop_unknown, tvb, offset, bytes_to_read - offset, ENC_UTF_8|ENC_NA);
903 offset += (bytes_to_read - offset);
904 break;
905 }
906 }
907
908 return mqtt_prop_offset + mqtt_prop_len;
909 }
910
911 /* Dissect the MQTT message */
dissect_mqtt(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,void * data _U_)912 static int dissect_mqtt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
913 {
914 guint8 mqtt_fixed_hdr;
915 guint8 mqtt_msg_type;
916 proto_item *ti;
917 const guint8 *topic_str = "";
918 proto_item *mqtt_ti;
919 proto_tree *mqtt_tree;
920 guint64 mqtt_con_flags;
921 guint64 msg_len = 0;
922 gint mqtt_msg_len = 0;
923 guint32 mqtt_str_len;
924 guint16 mqtt_len_offset;
925 gint mqtt_payload_len;
926 guint32 mqtt_msgid;
927 conversation_t *conv;
928 mqtt_conv_t *mqtt;
929 mqtt_properties_t mqtt_properties = { 0 };
930 mqtt_properties_t mqtt_will_properties = { 0 };
931 guint offset = 0;
932 gboolean msg_handled = FALSE;
933
934 static int * const publish_fields[] = {
935 &hf_mqtt_msg_type,
936 &hf_mqtt_dup_flag,
937 &hf_mqtt_qos_level,
938 &hf_mqtt_retain,
939 NULL
940 };
941
942 static int * const v31_pubrel_sub_unsub_fields[] = {
943 &hf_mqtt_msg_type,
944 &hf_mqtt_dup_flag,
945 &hf_mqtt_qos_level,
946 &hf_mqtt_retain_reserved,
947 NULL
948 };
949
950 static int * const other_fields[] = {
951 &hf_mqtt_msg_type,
952 &hf_mqtt_reserved,
953 NULL
954 };
955
956 static int * const connect_flags[] = {
957 &hf_mqtt_conflag_user,
958 &hf_mqtt_conflag_passwd,
959 &hf_mqtt_conflag_will_retain,
960 &hf_mqtt_conflag_will_qos,
961 &hf_mqtt_conflag_will_flag,
962 &hf_mqtt_conflag_clean_sess,
963 &hf_mqtt_conflag_reserved,
964 NULL
965 };
966
967 static int * const connack_flags[] = {
968 &hf_mqtt_conackflag_reserved,
969 &hf_mqtt_conackflag_sp,
970 NULL
971 };
972
973 static int * const v50_subscription_flags[] = {
974 &hf_mqtt_subscription_reserved,
975 &hf_mqtt_subscription_retain,
976 &hf_mqtt_subscription_rap,
977 &hf_mqtt_subscription_nl,
978 &hf_mqtt_subscription_qos,
979 NULL
980 };
981
982 /* Extract the message ID */
983 mqtt_fixed_hdr = tvb_get_guint8(tvb, offset);
984 mqtt_msg_type = mqtt_fixed_hdr >> 4;
985
986 col_set_str(pinfo->cinfo, COL_PROTOCOL, "MQTT");
987 col_append_sep_str(pinfo->cinfo, COL_INFO, ", ", val_to_str_ext(mqtt_msg_type, &mqtt_msgtype_vals_ext, "Unknown (0x%02x)"));
988
989 /* Add the MQTT branch to the main tree */
990 mqtt_ti = proto_tree_add_item(tree, proto_mqtt, tvb, 0, -1, ENC_NA);
991 mqtt_tree = proto_item_add_subtree(mqtt_ti, ett_mqtt_hdr);
992
993 conv = find_or_create_conversation(pinfo);
994 mqtt = (mqtt_conv_t *)conversation_get_proto_data(conv, proto_mqtt);
995 if (mqtt == NULL)
996 {
997 mqtt = wmem_new0(wmem_file_scope(), mqtt_conv_t);
998 mqtt->runtime_proto_version = default_protocol_version;
999 conversation_add_proto_data(conv, proto_mqtt, mqtt);
1000 mqtt->topic_alias_map = wmem_map_new(wmem_file_scope(), g_direct_hash, g_direct_equal);
1001 }
1002
1003 mqtt_len_offset = tvb_get_varint(tvb, (offset + MQTT_HDR_SIZE_BEFORE_LEN), FT_VARINT_MAX_LEN, &msg_len, ENC_VARINT_PROTOBUF);
1004
1005 /* Explicit downcast, typically maximum length of message could be 4 bytes */
1006 mqtt_msg_len = (gint) msg_len;
1007
1008 /* Add the type to the MQTT tree item */
1009 proto_item_append_text(mqtt_tree, ", %s", val_to_str_ext(mqtt_msg_type, &mqtt_msgtype_vals_ext, "Unknown (0x%02x)"));
1010
1011 if ((mqtt_msg_type != MQTT_CONNECT) && (mqtt->runtime_proto_version == 0))
1012 {
1013 expert_add_info(pinfo, mqtt_ti, &ei_unknown_version);
1014 }
1015
1016 if (mqtt_msg_type == MQTT_PUBLISH)
1017 {
1018 proto_tree_add_bitmask(mqtt_tree, tvb, offset, hf_mqtt_hdrflags, ett_mqtt_hdr_flags, publish_fields, ENC_BIG_ENDIAN);
1019 }
1020 else if (mqtt->runtime_proto_version == MQTT_PROTO_V31 &&
1021 (mqtt_msg_type == MQTT_PUBREL ||
1022 mqtt_msg_type == MQTT_SUBSCRIBE ||
1023 mqtt_msg_type == MQTT_UNSUBSCRIBE))
1024 {
1025 proto_tree_add_bitmask(mqtt_tree, tvb, offset, hf_mqtt_hdrflags, ett_mqtt_hdr_flags, v31_pubrel_sub_unsub_fields, ENC_BIG_ENDIAN);
1026 }
1027 else
1028 {
1029 proto_tree_add_bitmask(mqtt_tree, tvb, offset, hf_mqtt_hdrflags, ett_mqtt_hdr_flags, other_fields, ENC_BIG_ENDIAN);
1030 }
1031
1032 offset += 1;
1033
1034 /* Add the MQTT message length */
1035 proto_tree_add_uint64(mqtt_tree, hf_mqtt_msg_len, tvb, offset, mqtt_len_offset, msg_len);
1036 offset += mqtt_len_offset;
1037
1038 switch (mqtt_msg_type)
1039 {
1040 case MQTT_CONNECT:
1041 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_proto_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1042 offset += 2;
1043
1044 proto_tree_add_item(mqtt_tree, hf_mqtt_proto_name, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1045 offset += mqtt_str_len;
1046
1047 mqtt->runtime_proto_version = tvb_get_guint8(tvb, offset);
1048
1049 proto_tree_add_item(mqtt_tree, hf_mqtt_proto_ver, tvb, offset, 1, ENC_BIG_ENDIAN);
1050 offset += 1;
1051
1052 proto_tree_add_bitmask_ret_uint64(mqtt_tree, tvb, offset, hf_mqtt_conflags,
1053 ett_mqtt_con_flags, connect_flags, ENC_BIG_ENDIAN, &mqtt_con_flags);
1054 offset += 1;
1055
1056 proto_tree_add_item(mqtt_tree, hf_mqtt_keep_alive, tvb, offset, 2, ENC_BIG_ENDIAN);
1057 offset += 2;
1058
1059 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1060 {
1061 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1062 }
1063
1064 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_client_id_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1065 offset += 2;
1066
1067 proto_tree_add_item(mqtt_tree, hf_mqtt_client_id, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1068 offset += mqtt_str_len;
1069
1070 if (mqtt_con_flags & MQTT_CONMASK_WILLFLAG)
1071 {
1072 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1073 {
1074 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_will_property, &mqtt_will_properties);
1075 }
1076
1077 ti = proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_will_topic_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1078 offset += 2;
1079
1080 if (mqtt_str_len > 0)
1081 {
1082 proto_tree_add_item(mqtt_tree, hf_mqtt_will_topic, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1083 offset += mqtt_str_len;
1084 }
1085 else
1086 {
1087 expert_add_info(pinfo, ti, &ei_illegal_length);
1088 }
1089
1090 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_will_msg_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1091 offset += 2;
1092
1093 if (show_msg_as_text)
1094 {
1095 proto_tree_add_item(mqtt_tree, hf_mqtt_will_msg_text, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1096 }
1097 else
1098 {
1099 proto_tree_add_item(mqtt_tree, hf_mqtt_will_msg, tvb, offset, mqtt_str_len, ENC_NA);
1100 }
1101 offset += mqtt_str_len;
1102 }
1103
1104 if ((mqtt_con_flags & MQTT_CONMASK_USER) && (tvb_reported_length_remaining(tvb, offset) > 0))
1105 {
1106 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_username_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1107 offset += 2;
1108
1109 proto_tree_add_item(mqtt_tree, hf_mqtt_username, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1110 offset += mqtt_str_len;
1111 }
1112
1113 if ((mqtt_con_flags & MQTT_CONMASK_PASSWD) && (tvb_reported_length_remaining(tvb, offset) > 0))
1114 {
1115 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_passwd_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1116 offset += 2;
1117
1118 proto_tree_add_item(mqtt_tree, hf_mqtt_passwd, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1119 }
1120 break;
1121
1122 case MQTT_CONNACK:
1123 if (mqtt->runtime_proto_version == MQTT_PROTO_V31)
1124 {
1125 /* v3.1 Connection Ack only contains a reserved byte and the Return Code. */
1126 proto_tree_add_item(mqtt_tree, hf_mqtt_conack_reserved, tvb, offset, 1, ENC_BIG_ENDIAN);
1127 }
1128 else
1129 {
1130 /* v3.1.1 Conn Ack contains the Conn Ack Flags and the Return Code. */
1131 proto_tree_add_bitmask(mqtt_tree, tvb, offset, hf_mqtt_conack_flags,
1132 ett_mqtt_conack_flags, connack_flags, ENC_BIG_ENDIAN);
1133 }
1134 offset += 1;
1135
1136 if ((mqtt->runtime_proto_version == MQTT_PROTO_V31) ||
1137 (mqtt->runtime_proto_version == MQTT_PROTO_V311))
1138 {
1139 proto_tree_add_item(mqtt_tree, hf_mqtt_conack_code, tvb, offset, 1, ENC_BIG_ENDIAN);
1140 }
1141 else
1142 {
1143 dissect_mqtt_reason_code(mqtt_tree, tvb, offset, mqtt_msg_type);
1144 }
1145 offset += 1;
1146
1147 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1148 {
1149 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1150 }
1151 break;
1152
1153 case MQTT_PUBLISH:
1154 /* TopicName|MsgID|Message| */
1155 ti = proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_topic_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1156 offset += 2;
1157
1158 if (mqtt_str_len > 0)
1159 {
1160 /* 'topic_regex' requires topic_str to be valid UTF-8. */
1161 proto_tree_add_item_ret_string(mqtt_tree, hf_mqtt_topic, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA,
1162 wmem_packet_scope(), &topic_str);
1163 offset += mqtt_str_len;
1164 }
1165
1166 /* Message ID is included only when QoS > 0 */
1167 if (mqtt_fixed_hdr & MQTT_MASK_QOS)
1168 {
1169 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_msgid, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_msgid);
1170 offset += 2;
1171 col_append_fstr(pinfo->cinfo, COL_INFO, " (id=%u)", mqtt_msgid);
1172 }
1173
1174 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1175 {
1176 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1177
1178 if (mqtt_properties.topic_alias != 0)
1179 {
1180 if (!pinfo->fd->visited && mqtt_str_len > 0)
1181 {
1182 guint8 *topic = wmem_strdup(wmem_file_scope(), topic_str);
1183 wmem_map_insert(mqtt->topic_alias_map, GUINT_TO_POINTER(mqtt_properties.topic_alias), topic);
1184 }
1185 else
1186 {
1187 guint8 *topic = (guint8 *)wmem_map_lookup(mqtt->topic_alias_map, GUINT_TO_POINTER(mqtt_properties.topic_alias));
1188 if (topic != NULL)
1189 {
1190 topic_str = topic;
1191 }
1192
1193 ti = proto_tree_add_string(mqtt_tree, hf_mqtt_topic, tvb, offset, 0, topic_str);
1194 PROTO_ITEM_SET_GENERATED(ti);
1195
1196 if (topic == NULL)
1197 {
1198 expert_add_info(pinfo, ti, &ei_unknown_topic_alias);
1199 }
1200 }
1201 }
1202 }
1203
1204 if ((mqtt_str_len == 0) && (mqtt_properties.topic_alias == 0))
1205 {
1206 expert_add_info(pinfo, ti, &ei_illegal_length);
1207 }
1208
1209 col_append_fstr(pinfo->cinfo, COL_INFO, " [%s]", topic_str);
1210
1211 mqtt_payload_len = tvb_reported_length(tvb) - offset;
1212 if (show_msg_as_text)
1213 {
1214 proto_tree_add_item(mqtt_tree, hf_mqtt_pubmsg_text, tvb, offset, mqtt_payload_len, ENC_UTF_8|ENC_NA);
1215 }
1216 else
1217 {
1218 proto_tree_add_item(mqtt_tree, hf_mqtt_pubmsg, tvb, offset, mqtt_payload_len, ENC_NA);
1219 }
1220
1221 if (num_mqtt_message_decodes > 0)
1222 {
1223 tvbuff_t *msg_tvb = tvb_new_subset_length(tvb, offset, mqtt_payload_len);
1224 msg_handled = mqtt_user_decode_message(tree, mqtt_tree, pinfo, topic_str, msg_tvb);
1225 }
1226
1227 if (mqtt_properties.content_type)
1228 {
1229 tvbuff_t *msg_tvb = tvb_new_subset_length(tvb, offset, mqtt_payload_len);
1230 int bytes_read = dissector_try_string(media_type_dissector_table, mqtt_properties.content_type,
1231 msg_tvb, pinfo, tree, NULL);
1232
1233 msg_handled = msg_handled | (bytes_read != 0);
1234 }
1235
1236 /* No UAT or content property match, try the heuristic dissectors, pass the topic string as data */
1237 if (!msg_handled) {
1238 heur_dtbl_entry_t *hdtbl_entry;
1239 tvbuff_t *msg_tvb = tvb_new_subset_length(tvb, offset, mqtt_payload_len);
1240 gchar *sub_data = wmem_strdup(wmem_packet_scope(), (const gchar*)topic_str);
1241 dissector_try_heuristic(mqtt_topic_subdissector, msg_tvb, pinfo, tree, &hdtbl_entry, sub_data);
1242 }
1243 break;
1244
1245 case MQTT_SUBSCRIBE:
1246 /* After the Message Id field is found, the following fields must appear
1247 * at least once:
1248 * |TopicName|QoS|
1249 */
1250 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_msgid, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_msgid);
1251 offset += 2;
1252 col_append_fstr(pinfo->cinfo, COL_INFO, " (id=%u)", mqtt_msgid);
1253
1254 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1255 {
1256 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1257 }
1258
1259 while (offset < tvb_reported_length(tvb))
1260 {
1261 ti = proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_topic_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1262 offset += 2;
1263
1264 if (mqtt_str_len > 0)
1265 {
1266 proto_tree_add_item_ret_string(mqtt_tree, hf_mqtt_topic, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA,
1267 wmem_epan_scope(), &topic_str);
1268 offset += mqtt_str_len;
1269 }
1270 else
1271 {
1272 expert_add_info(pinfo, ti, &ei_illegal_length);
1273 }
1274
1275 col_append_fstr(pinfo->cinfo, COL_INFO, " [%s]", topic_str);
1276
1277 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1278 {
1279 proto_tree_add_bitmask(mqtt_tree, tvb, offset, hf_mqtt_subscription_options,
1280 ett_mqtt_subscription_flags, v50_subscription_flags, ENC_BIG_ENDIAN);
1281 }
1282 else
1283 {
1284 proto_tree_add_item(mqtt_tree, hf_mqtt_sub_qos, tvb, offset, 1, ENC_BIG_ENDIAN);
1285 }
1286 offset += 1;
1287 }
1288 break;
1289
1290 case MQTT_UNSUBSCRIBE:
1291 /* After the Message Id field is found, the following fields must appear
1292 * at least once:
1293 * |TopicName|
1294 */
1295 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_msgid, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_msgid);
1296 offset += 2;
1297 col_append_fstr(pinfo->cinfo, COL_INFO, " (id=%u)", mqtt_msgid);
1298
1299 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1300 {
1301 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1302 }
1303
1304 while (offset < tvb_reported_length(tvb))
1305 {
1306 ti = proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_topic_len, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_str_len);
1307 offset += 2;
1308
1309 if (mqtt_str_len > 0)
1310 {
1311 proto_tree_add_item(mqtt_tree, hf_mqtt_topic, tvb, offset, mqtt_str_len, ENC_UTF_8|ENC_NA);
1312 offset += mqtt_str_len;
1313 }
1314 else
1315 {
1316 expert_add_info(pinfo, ti, &ei_illegal_length);
1317 }
1318 }
1319 break;
1320
1321 case MQTT_SUBACK:
1322 /* The SUBACK message contains a list of granted QoS levels that come
1323 * after the Message Id field. The size of each QoS entry is 1 byte.
1324 */
1325 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_msgid, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_msgid);
1326 offset += 2;
1327 col_append_fstr(pinfo->cinfo, COL_INFO, " (id=%u)", mqtt_msgid);
1328
1329 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1330 {
1331 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1332 }
1333
1334 while (offset < tvb_reported_length(tvb))
1335 {
1336 if ((mqtt->runtime_proto_version == MQTT_PROTO_V31) ||
1337 (mqtt->runtime_proto_version == MQTT_PROTO_V311))
1338 {
1339 proto_tree_add_item(mqtt_tree, hf_mqtt_suback_qos, tvb, offset, 1, ENC_BIG_ENDIAN);
1340 }
1341 else
1342 {
1343 dissect_mqtt_reason_code(mqtt_tree, tvb, offset, mqtt_msg_type);
1344 }
1345 offset += 1;
1346 }
1347 break;
1348
1349 case MQTT_PUBACK:
1350 case MQTT_PUBREC:
1351 case MQTT_PUBREL:
1352 case MQTT_PUBCOMP:
1353 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_msgid, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_msgid);
1354 offset += 2;
1355 col_append_fstr(pinfo->cinfo, COL_INFO, " (id=%u)", mqtt_msgid);
1356
1357 /* MQTT v5.0: The Reason Code and Property Length can be omitted if the
1358 * Reason Code is 0x00 and there are no Properties.
1359 * In this case, the PUB* has a Remaining Length of 2.
1360 */
1361 if (mqtt->runtime_proto_version == MQTT_PROTO_V50 && mqtt_msg_len > 2)
1362 {
1363 dissect_mqtt_reason_code(mqtt_tree, tvb, offset, mqtt_msg_type);
1364 offset += 1;
1365
1366 /* If the Remaining Length is less than 4, the Property Length is not
1367 * present and has a value of 0.
1368 */
1369 if (mqtt_msg_len > 3)
1370 {
1371 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1372 }
1373 }
1374 break;
1375
1376 case MQTT_UNSUBACK:
1377 proto_tree_add_item_ret_uint(mqtt_tree, hf_mqtt_msgid, tvb, offset, 2, ENC_BIG_ENDIAN, &mqtt_msgid);
1378 offset += 2;
1379 col_append_fstr(pinfo->cinfo, COL_INFO, " (id=%u)", mqtt_msgid);
1380
1381 if (mqtt->runtime_proto_version == MQTT_PROTO_V50)
1382 {
1383 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1384
1385 while (offset < tvb_reported_length(tvb))
1386 {
1387 dissect_mqtt_reason_code(mqtt_tree, tvb, offset, mqtt_msg_type);
1388 offset += 1;
1389 }
1390 }
1391 break;
1392
1393 /* The following messages don't have variable header */
1394 case MQTT_PINGREQ:
1395 case MQTT_PINGRESP:
1396 break;
1397
1398 case MQTT_DISCONNECT:
1399 /* MQTT v5.0: Byte 1 in the Variable Header is the Disconnect Reason Code.
1400 * If the Remaining Length is less than 1 the value of 0x00
1401 * (Normal disconnection) is used.
1402 */
1403 /* FALLTHROUGH */
1404 case MQTT_AUTH:
1405 /* MQTT v5.0: The Reason Code and Property Length can be omitted if
1406 * the Reason Code is 0x00 (Success) and there are no Properties.
1407 * In this case the AUTH has a Remaining Length of 0.
1408 */
1409 if (mqtt->runtime_proto_version == MQTT_PROTO_V50 && mqtt_msg_len > 0)
1410 {
1411 dissect_mqtt_reason_code(mqtt_tree, tvb, offset, mqtt_msg_type);
1412 offset += 1;
1413
1414 /* 3.14.2.2 DISCONNECT Properties:
1415 * If the Remaining Length is less than 2, a value of 0 is used.
1416 * Let's assume that it also applies to AUTH, why? DISCONNECT and AUTH
1417 * share the same structure with no payload.
1418 */
1419 if (mqtt_msg_len >= 2)
1420 {
1421 offset += dissect_mqtt_properties(tvb, mqtt_tree, offset, hf_mqtt_property, &mqtt_properties);
1422 }
1423 }
1424 break;
1425 }
1426
1427 return offset;
1428 }
1429
1430 /**
1431 "The minimum size of MQTT Packet is 2 bytes(Ping Req, Ping Rsp,
1432 Disconnect), and the maximum size is 256MB. Hence minimum fixed
1433 length should be 2 bytes for tcp_dissect_pdu.
1434
1435 If the length filed is spread across two TCP segments, then we have a
1436 problem, because exception will be raised. So long as MQTT length
1437 field(although spread over 4 bytes) is present within single TCP
1438 segment we shouldn't have any issue by calling tcp_dissect_pdu with
1439 minimum length set to 2."
1440
1441 XXX: ToDo: Commit a fix for the case of the length field spread across TCP segments.
1442 **/
1443
dissect_mqtt_data(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,void * data)1444 static int dissect_mqtt_data(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
1445 {
1446 col_clear(pinfo->cinfo, COL_INFO);
1447
1448 tcp_dissect_pdus(tvb, pinfo, tree,
1449 reassemble_mqtt_over_tcp,
1450 2, /* Length can be determined within 5 bytes */
1451 get_mqtt_pdu_len,
1452 dissect_mqtt, data);
1453
1454 return tvb_captured_length(tvb);
1455 }
1456
1457 /*
1458 * Register the protocol with Wireshark
1459 */
proto_register_mqtt(void)1460 void proto_register_mqtt(void)
1461 {
1462 static hf_register_info hf_mqtt[] = {
1463 { &hf_mqtt_msg_len,
1464 { "Msg Len", "mqtt.len",
1465 FT_UINT64, BASE_DEC, NULL, 0,
1466 NULL, HFILL }},
1467 { &hf_mqtt_hdrflags,
1468 { "Header Flags", "mqtt.hdrflags",
1469 FT_UINT8, BASE_HEX, NULL, 0,
1470 NULL, HFILL }},
1471 { &hf_mqtt_msg_type,
1472 { "Message Type", "mqtt.msgtype",
1473 FT_UINT8, BASE_DEC | BASE_EXT_STRING, &mqtt_msgtype_vals_ext, MQTT_MASK_MSG_TYPE,
1474 NULL, HFILL }},
1475 { &hf_mqtt_reserved,
1476 { "Reserved", "mqtt.hdr_reserved",
1477 FT_UINT8, BASE_DEC, NULL, MQTT_MASK_HDR_RESERVED,
1478 "Fixed Header Reserved Field", HFILL }},
1479 { &hf_mqtt_retain_reserved,
1480 { "Reserved", "mqtt.retain_reserved",
1481 FT_UINT8, BASE_DEC, NULL, MQTT_MASK_RETAIN,
1482 "Fixed Header Reserved Field", HFILL }},
1483 { &hf_mqtt_dup_flag,
1484 { "DUP Flag", "mqtt.dupflag",
1485 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_MASK_DUP_FLAG,
1486 NULL, HFILL }},
1487 { &hf_mqtt_qos_level,
1488 { "QoS Level", "mqtt.qos",
1489 FT_UINT8, BASE_DEC, VALS(mqtt_qos_vals), MQTT_MASK_QOS,
1490 NULL, HFILL }},
1491 { &hf_mqtt_retain,
1492 { "Retain", "mqtt.retain",
1493 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_MASK_RETAIN,
1494 NULL, HFILL }},
1495 /* Conn-Ack */
1496 { &hf_mqtt_conack_reserved,
1497 { "Reserved", "mqtt.conack.flags.reserved",
1498 FT_BOOLEAN, 8, TFS(&tfs_set_notset), 0,
1499 NULL, HFILL }},
1500 { &hf_mqtt_conack_flags,
1501 { "Acknowledge Flags", "mqtt.conack.flags",
1502 FT_UINT8, BASE_HEX, NULL, 0,
1503 NULL, HFILL }},
1504 { &hf_mqtt_conackflag_reserved,
1505 { "Reserved", "mqtt.conack.flags.reserved",
1506 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONACKMASK_RESERVED,
1507 NULL, HFILL }},
1508 { &hf_mqtt_conackflag_sp,
1509 { "Session Present", "mqtt.conack.flags.sp",
1510 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONACKMASK_SP,
1511 "Session Present (version 3.1.1)", HFILL }},
1512 { &hf_mqtt_conack_code,
1513 { "Return Code", "mqtt.conack.val",
1514 FT_UINT8, BASE_DEC, VALS(mqtt_conack_vals), 0,
1515 NULL, HFILL }},
1516 /* Publish-Ack / Publish-Rec / Publish-Rel / Publish-Comp / Unsubscribe-Ack */
1517 { &hf_mqtt_msgid,
1518 { "Message Identifier", "mqtt.msgid",
1519 FT_UINT16, BASE_DEC, NULL, 0,
1520 NULL, HFILL }},
1521 { &hf_mqtt_sub_qos,
1522 { "Requested QoS", "mqtt.sub.qos",
1523 FT_UINT8, BASE_DEC, VALS(mqtt_qos_vals), 0,
1524 NULL, HFILL }},
1525 { &hf_mqtt_suback_qos,
1526 { "Granted QoS", "mqtt.suback.qos",
1527 FT_UINT8, BASE_DEC, VALS(mqtt_subqos_vals), 0,
1528 NULL, HFILL }},
1529 { &hf_mqtt_topic_len,
1530 { "Topic Length", "mqtt.topic_len",
1531 FT_UINT16, BASE_DEC, NULL, 0,
1532 NULL, HFILL }},
1533 { &hf_mqtt_topic,
1534 { "Topic", "mqtt.topic",
1535 FT_STRING, BASE_NONE, NULL, 0,
1536 NULL, HFILL }},
1537 { &hf_mqtt_will_topic_len,
1538 { "Will Topic Length", "mqtt.willtopic_len",
1539 FT_UINT16, BASE_DEC, NULL, 0,
1540 NULL, HFILL }},
1541 { &hf_mqtt_will_topic,
1542 { "Will Topic", "mqtt.willtopic",
1543 FT_STRING, BASE_NONE, NULL, 0,
1544 NULL, HFILL }},
1545 { &hf_mqtt_will_msg,
1546 { "Will Message", "mqtt.willmsg",
1547 FT_BYTES, BASE_NONE, NULL, 0,
1548 NULL, HFILL }},
1549 { &hf_mqtt_will_msg_text,
1550 { "Will Message", "mqtt.willmsg_text",
1551 FT_STRING, BASE_NONE, NULL, 0,
1552 NULL, HFILL }},
1553 { &hf_mqtt_will_msg_len,
1554 { "Will Message Length", "mqtt.willmsg_len",
1555 FT_UINT16, BASE_DEC, NULL, 0,
1556 NULL, HFILL }},
1557 { &hf_mqtt_username_len,
1558 { "User Name Length", "mqtt.username_len",
1559 FT_UINT16, BASE_DEC, NULL, 0,
1560 NULL, HFILL }},
1561 { &hf_mqtt_username,
1562 { "User Name", "mqtt.username",
1563 FT_STRING, BASE_NONE, NULL, 0,
1564 NULL, HFILL }},
1565 { &hf_mqtt_passwd_len,
1566 { "Password Length", "mqtt.passwd_len",
1567 FT_UINT16, BASE_DEC, NULL, 0,
1568 NULL, HFILL }},
1569 { &hf_mqtt_passwd,
1570 { "Password", "mqtt.passwd",
1571 FT_STRING, BASE_NONE, NULL, 0,
1572 NULL, HFILL }},
1573 { &hf_mqtt_pubmsg,
1574 { "Message", "mqtt.msg",
1575 FT_BYTES, BASE_NONE, NULL, 0,
1576 NULL, HFILL }},
1577 { &hf_mqtt_pubmsg_text,
1578 { "Message", "mqtt.msg_text",
1579 FT_STRING, BASE_NONE, NULL, 0,
1580 NULL, HFILL }},
1581 { &hf_mqtt_pubmsg_decoded,
1582 { "Message decoded as", "mqtt.msg_decoded_as",
1583 FT_STRING, BASE_NONE, NULL, 0,
1584 NULL, HFILL }},
1585 { &hf_mqtt_proto_len,
1586 { "Protocol Name Length", "mqtt.proto_len",
1587 FT_UINT16, BASE_DEC, NULL, 0,
1588 NULL, HFILL }},
1589 { &hf_mqtt_proto_name,
1590 { "Protocol Name", "mqtt.protoname",
1591 FT_STRING, BASE_NONE, NULL, 0,
1592 NULL, HFILL }},
1593 { &hf_mqtt_client_id_len,
1594 { "Client ID Length", "mqtt.clientid_len",
1595 FT_UINT16, BASE_DEC, NULL, 0,
1596 NULL, HFILL }},
1597 { &hf_mqtt_client_id,
1598 { "Client ID", "mqtt.clientid",
1599 FT_STRING, BASE_NONE, NULL, 0,
1600 NULL, HFILL }},
1601 { &hf_mqtt_proto_ver,
1602 { "Version", "mqtt.ver",
1603 FT_UINT8, BASE_DEC, VALS(mqtt_protocol_version_vals), 0,
1604 "MQTT version", HFILL }},
1605 /* Connect Flags */
1606 { &hf_mqtt_conflags,
1607 { "Connect Flags", "mqtt.conflags",
1608 FT_UINT8, BASE_HEX, NULL, 0,
1609 NULL, HFILL }},
1610 { &hf_mqtt_conflag_user,
1611 { "User Name Flag", "mqtt.conflag.uname",
1612 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONMASK_USER,
1613 NULL, HFILL }},
1614 { &hf_mqtt_conflag_passwd,
1615 { "Password Flag", "mqtt.conflag.passwd",
1616 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONMASK_PASSWD,
1617 NULL, HFILL }},
1618 { &hf_mqtt_conflag_will_retain,
1619 { "Will Retain", "mqtt.conflag.retain",
1620 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONMASK_RETAIN,
1621 NULL, HFILL }},
1622 { &hf_mqtt_conflag_will_qos,
1623 { "QoS Level", "mqtt.conflag.qos",
1624 FT_UINT8, BASE_DEC, VALS(mqtt_qos_vals), MQTT_CONMASK_QOS,
1625 NULL, HFILL }},
1626 { &hf_mqtt_conflag_will_flag,
1627 { "Will Flag", "mqtt.conflag.willflag",
1628 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONMASK_WILLFLAG,
1629 NULL, HFILL }},
1630 { &hf_mqtt_conflag_clean_sess,
1631 { "Clean Session Flag", "mqtt.conflag.cleansess",
1632 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONMASK_CLEANSESS,
1633 NULL, HFILL }},
1634 { &hf_mqtt_conflag_reserved,
1635 { "(Reserved)", "mqtt.conflag.reserved",
1636 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_CONMASK_RESERVED,
1637 NULL, HFILL }},
1638 { &hf_mqtt_keep_alive,
1639 { "Keep Alive", "mqtt.kalive",
1640 FT_UINT16, BASE_DEC, NULL, 0,
1641 NULL, HFILL }},
1642 { &hf_mqtt_subscription_options,
1643 { "Subscription Options", "mqtt.subscription_options",
1644 FT_UINT8, BASE_HEX, NULL, 0,
1645 NULL, HFILL }},
1646 { &hf_mqtt_subscription_qos,
1647 { "QoS", "mqtt.subscription_options_qos",
1648 FT_UINT8, BASE_DEC, VALS(mqtt_qos_vals), MQTT_MASK_SUBS_QOS,
1649 NULL, HFILL }},
1650 { &hf_mqtt_subscription_nl,
1651 { "No Local", "mqtt.subscription_options_nl",
1652 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_MASK_SUBS_NL,
1653 NULL, HFILL }},
1654 { &hf_mqtt_subscription_rap,
1655 { "Retain As Published", "mqtt.subscription_options_rap",
1656 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MQTT_MASK_SUBS_RAP,
1657 NULL, HFILL }},
1658 { &hf_mqtt_subscription_retain,
1659 { "Retain Handling", "mqtt.subscription_options_retain",
1660 FT_UINT8, BASE_DEC, VALS(mqtt_subscription_retain_handling), MQTT_MASK_SUBS_RETAIN,
1661 NULL, HFILL }},
1662 { &hf_mqtt_subscription_reserved,
1663 { "Reserved", "mqtt.subscription_options_reserved",
1664 FT_UINT8, BASE_HEX, NULL, MQTT_MASK_SUBS_RESERVED,
1665 NULL, HFILL }},
1666
1667 /* v5.0 Reason Codes */
1668 { &hf_mqtt_reason_code_connack,
1669 { "Reason Code", "mqtt.connack.reason_code",
1670 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_connack_vals), 0,
1671 "MQTT Reason Code", HFILL }},
1672 { &hf_mqtt_reason_code_puback,
1673 { "Reason Code", "mqtt.puback.reason_code",
1674 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_puback_vals), 0,
1675 "MQTT Reason Code", HFILL }},
1676 { &hf_mqtt_reason_code_pubrec,
1677 { "Reason Code", "mqtt.pubrec.reason_code",
1678 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_puback_vals), 0,
1679 "MQTT Reason Code", HFILL }},
1680 { &hf_mqtt_reason_code_pubrel,
1681 { "Reason Code", "mqtt.pubrel.reason_code",
1682 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_pubrel_vals), 0,
1683 "MQTT Reason Code", HFILL }},
1684 { &hf_mqtt_reason_code_pubcomp,
1685 { "Reason Code", "mqtt.pubcomp.reason_code",
1686 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_pubrel_vals), 0,
1687 "MQTT Reason Code", HFILL }},
1688 { &hf_mqtt_reason_code_suback,
1689 { "Reason Code", "mqtt.suback.reason_code",
1690 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_suback_vals), 0,
1691 "MQTT Reason Code", HFILL }},
1692 { &hf_mqtt_reason_code_unsuback,
1693 { "Reason Code", "mqtt.unsuback.reason_code",
1694 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_unsuback_vals), 0,
1695 "MQTT Reason Code", HFILL }},
1696 { &hf_mqtt_reason_code_disconnect,
1697 { "Reason Code", "mqtt.disconnect.reason_code",
1698 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_disconnect_vals), 0,
1699 "MQTT Reason Code", HFILL }},
1700 { &hf_mqtt_reason_code_auth,
1701 { "Reason Code", "mqtt.auth.reason_code",
1702 FT_UINT8, BASE_DEC, VALS(mqtt_reason_code_auth_vals), 0,
1703 "MQTT Reason Code", HFILL }},
1704
1705 /* Properties */
1706 { &hf_mqtt_property,
1707 { "Properties", "mqtt.properties",
1708 FT_NONE, BASE_NONE, NULL, 0,
1709 NULL, HFILL }},
1710 { &hf_mqtt_will_property,
1711 { "Will Properties", "mqtt.will_properties",
1712 FT_NONE, BASE_NONE, NULL, 0,
1713 NULL, HFILL }},
1714 { &hf_mqtt_property_len,
1715 { "Total Length", "mqtt.property_len",
1716 FT_UINT64, BASE_DEC, NULL, 0,
1717 NULL, HFILL }},
1718 { &hf_mqtt_property_id,
1719 { "ID", "mqtt.property_id",
1720 FT_UINT8, BASE_HEX, VALS(mqtt_property_vals), 0,
1721 "Property Id", HFILL }},
1722 { &hf_mqtt_prop_num,
1723 { "Value", "mqtt.prop_number",
1724 FT_UINT32, BASE_DEC, NULL, 0,
1725 NULL, HFILL }},
1726 { &hf_mqtt_prop_content_type,
1727 { "Content Type", "mqtt.property.content_type",
1728 FT_UINT_STRING, BASE_NONE, NULL, 0,
1729 NULL, HFILL }},
1730 { &hf_mqtt_prop_max_qos,
1731 { "QoS", "mqtt.property.max_qos",
1732 FT_UINT8, BASE_DEC, VALS(mqtt_qos_vals), 0,
1733 NULL, HFILL }},
1734 { &hf_mqtt_prop_topic_alias,
1735 { "Topic Alias", "mqtt.property.topic_alias",
1736 FT_UINT16, BASE_DEC, NULL, 0,
1737 NULL, HFILL }},
1738 { &hf_mqtt_prop_unknown,
1739 { "Unknown Property", "mqtt.prop_unknown",
1740 FT_STRING, BASE_NONE, NULL, 0,
1741 NULL, HFILL }},
1742 { &hf_mqtt_prop_string_len,
1743 { "Length", "mqtt.prop_string_len",
1744 FT_UINT32, BASE_DEC, NULL, 0,
1745 NULL, HFILL }},
1746 { &hf_mqtt_prop_string,
1747 { "Value", "mqtt.prop_string",
1748 FT_STRING, BASE_NONE, NULL, 0,
1749 NULL, HFILL }},
1750 { &hf_mqtt_prop_key_len,
1751 { "Key Length", "mqtt.prop_key_len",
1752 FT_UINT32, BASE_DEC, NULL, 0,
1753 NULL, HFILL }},
1754 { &hf_mqtt_prop_key,
1755 { "Key", "mqtt.prop_key",
1756 FT_STRING, BASE_NONE, NULL, 0,
1757 NULL, HFILL }},
1758 { &hf_mqtt_prop_value_len,
1759 { "Value Length", "mqtt.prop_value_len",
1760 FT_UINT32, BASE_DEC, NULL, 0,
1761 NULL, HFILL }},
1762 { &hf_mqtt_prop_value,
1763 { "Value", "mqtt.prop_value",
1764 FT_STRING, BASE_NONE, NULL, 0,
1765 NULL, HFILL }},
1766 };
1767
1768 /* Setup protocol subtree arrays */
1769 static gint* ett_mqtt[] = {
1770 &ett_mqtt_hdr,
1771 &ett_mqtt_msg,
1772 &ett_mqtt_hdr_flags,
1773 &ett_mqtt_con_flags,
1774 &ett_mqtt_conack_flags,
1775 &ett_mqtt_property,
1776 &ett_mqtt_subscription_flags,
1777 };
1778
1779 static ei_register_info ei[] = {
1780 { &ei_illegal_length,
1781 { "mqtt.illegal_topic_length", PI_PROTOCOL, PI_WARN, "Length cannot be 0", EXPFILL } },
1782 { &ei_unknown_version,
1783 { "mqtt.unknown_version", PI_PROTOCOL, PI_NOTE, "Unknown version (missing the CONNECT packet?)", EXPFILL } },
1784 { &ei_unknown_topic_alias,
1785 { "mqtt.unknown_topic_alias", PI_PROTOCOL, PI_NOTE, "Unknown topic alias", EXPFILL } }
1786 };
1787
1788 static uat_field_t mqtt_message_decode_flds[] = {
1789 UAT_FLD_VS(message_decode, match_criteria, "Match criteria", match_criteria, "Match criteria"),
1790 UAT_FLD_CSTRING(message_decode, topic_pattern, "Topic pattern", "Pattern to match for the topic"),
1791 UAT_FLD_VS(message_decode, msg_decoding, "Decoding", msg_decoding, "Decode message before dissecting as protocol"),
1792 UAT_FLD_PROTO(message_decode, payload_proto, "Payload protocol",
1793 "Protocol to be used for the message part of the matching topic"),
1794 UAT_END_FIELDS
1795 };
1796
1797 uat_t *message_uat = uat_new("Message Decoding",
1798 sizeof(mqtt_message_decode_t),
1799 "mqtt_message_decoding",
1800 TRUE,
1801 &mqtt_message_decodes,
1802 &num_mqtt_message_decodes,
1803 UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */
1804 "ChMQTTMessageDecoding",
1805 mqtt_message_decode_copy_cb,
1806 mqtt_message_decode_update_cb,
1807 mqtt_message_decode_free_cb,
1808 NULL,
1809 NULL,
1810 mqtt_message_decode_flds);
1811
1812 module_t *mqtt_module;
1813 expert_module_t* expert_mqtt;
1814
1815 /* Register protocol names and descriptions */
1816 proto_mqtt = proto_register_protocol("MQ Telemetry Transport Protocol", "MQTT", "mqtt");
1817
1818 /* Register the dissector */
1819 mqtt_handle = register_dissector("mqtt", dissect_mqtt_data, proto_mqtt);
1820
1821 proto_register_field_array(proto_mqtt, hf_mqtt, array_length(hf_mqtt));
1822 proto_register_subtree_array(ett_mqtt, array_length(ett_mqtt));
1823
1824 mqtt_topic_subdissector = register_heur_dissector_list("mqtt.topic", proto_mqtt);
1825
1826 expert_mqtt = expert_register_protocol(proto_mqtt);
1827 expert_register_field_array(expert_mqtt, ei, array_length(ei));
1828
1829 mqtt_module = prefs_register_protocol(proto_mqtt, NULL);
1830
1831 prefs_register_uat_preference(mqtt_module, "message_decode_table",
1832 "Message Decoding",
1833 "A table that enumerates custom message decodes to be used for a certain topic",
1834 message_uat);
1835
1836 prefs_register_enum_preference(mqtt_module, "default_version",
1837 "Default Version",
1838 "Select the MQTT version to use as protocol version if the CONNECT packet is not captured",
1839 &default_protocol_version, mqtt_protocol_version_enumvals, FALSE);
1840
1841 prefs_register_bool_preference(mqtt_module, "show_msg_as_text",
1842 "Show Message as text",
1843 "Show Publish Message as text",
1844 &show_msg_as_text);
1845
1846 }
1847
1848 /*
1849 * Dissector Handoff
1850 */
proto_reg_handoff_mqtt(void)1851 void proto_reg_handoff_mqtt(void)
1852 {
1853 dissector_add_uint_with_preference("tcp.port", MQTT_DEFAULT_PORT, mqtt_handle);
1854 ssl_dissector_add(MQTT_SSL_DEFAULT_PORT, mqtt_handle);
1855
1856 media_type_dissector_table = find_dissector_table("media_type");
1857 }
1858
1859 /*
1860 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1861 *
1862 * Local variables:
1863 * c-basic-offset: 2
1864 * tab-width: 8
1865 * indent-tabs-mode: nil
1866 * End:
1867 *
1868 * vi: set shiftwidth=2 tabstop=8 expandtab:
1869 * :indentSize=2:tabSize=8:noTabs=true:
1870 */
1871