1 /* packet-vnc.c
2 * Routines for VNC dissection (Virtual Network Computing)
3 * Copyright 2005, Ulf Lamping <ulf.lamping@web.de>
4 * Copyright 2006-2007, Stephen Fisher (see AUTHORS file)
5 *
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
9 *
10 * SPDX-License-Identifier: GPL-2.0-or-later
11 */
12
13 /* Dissection of the VNC (Virtual Network Computing) network traffic.
14 *
15 * All versions of RealVNC and TightVNC are supported.
16 * Note: The addition of TightVNC support is not yet complete.
17 *
18 * Several VNC implementations available, see:
19 * http://www.realvnc.com/
20 * http://www.tightvnc.com/
21 * http://ultravnc.sourceforge.net/
22 * [Fedora TigerVNC]
23 * ...
24 *
25 * The protocol itself is known as RFB - Remote Frame Buffer Protocol.
26 *
27 * This code is based on the protocol specification:
28 * http://www.realvnc.com/docs/rfbproto.pdf
29 * and the RealVNC free edition & TightVNC source code
30 * Note: rfbproto.rst [ https://github.com/svn2github/tigervnc/blob/master/rfbproto/rfbproto.rst ]
31 * seems to have additional information over rfbproto.pdf.
32 */
33
34 /* XXX:
35 * This dissector adds items to the protocol tree before completing re-assembly
36 * of a VNC PDU which extends over more than one TCP segment.
37 * This is not correct. As noted in Bug #5366 (and elsewhere), the correct method
38 * is that:
39 * "one must walk over all the message first, to determine its exact length
40 * (one of the characteristics of the protocol, hard to determine prior to
41 * going over the message what its final size would be)".
42 *
43 * The original method of reassembly:
44 * When more data is needed to continue dissecting a PDU, repeatedly request
45 * a few additional bytes (for one or a few more fields of the PDU).
46 * This resulted in 'one-pass' tshark dissection redissecting
47 * the PDU repeatedly many, many times with each time dissecting
48 * the PDU with one or a few more additional fields.
49 * This generated *lots* of (repeated) output since a reassembled
50 * VNC PDU can contain many fields (each of short length).
51 * It also resulted in the fragment table containing many, many small fragments
52 * for VNC PDUS containing many small fields.
53 *
54 * The current reassembly method:
55 * Use DESEGMENT_ONE_MORE_SEGMENT when requesting additional data for a PDU.
56 * This significantly reduces the amount of repeated data in a dissection,
57 * but will still result in "partial" repeated dissection output in some cases.
58 */
59
60 /* (Somewhat random notes while reviewing the code):
61 Check types, etc against IANA list
62 Optimize: Do col_set(..., COL_INFO) once (after fetching message type & before dispatching ?)
63 Dispatch via a message table (instead of using a switch(...)
64 Worry about globals (vnc_bytes_per_pixel & nc_depth): "Global so they keep their value between packets"
65 Msg type 150: client-server: enable/disable (1+9 bytes); server-client: endofContinousUpdates(1+0 bytes) ?
66 */
67
68 #include "config.h"
69
70 #include <epan/packet.h>
71 #include <epan/conversation.h>
72 #include <epan/prefs.h>
73 #include <epan/expert.h>
74 #include <epan/proto_data.h>
75 #include "packet-x11.h" /* This contains the extern for the X11 value_string_ext
76 * "x11_keysym_vals_source_ext" that VNC uses. */
77
78 void proto_register_vnc(void);
79
80 typedef enum {
81 VNC_SECURITY_TYPE_INVALID = 0,
82 VNC_SECURITY_TYPE_NONE = 1,
83 VNC_SECURITY_TYPE_VNC = 2,
84 VNC_SECURITY_TYPE_RA2 = 5,
85 VNC_SECURITY_TYPE_RA2ne = 6,
86 VNC_SECURITY_TYPE_TIGHT = 16,
87 VNC_SECURITY_TYPE_ULTRA = 17,
88 VNC_SECURITY_TYPE_TLS = 18,
89 VNC_SECURITY_TYPE_VENCRYPT = 19,
90 VNC_SECURITY_TYPE_GTK_VNC_SASL = 20,
91 VNC_SECURITY_TYPE_MD5_HASH_AUTH = 21,
92 VNC_SECURITY_TYPE_XVP = 22,
93 VNC_SECURITY_TYPE_ARD = 30,
94 VNC_TIGHT_AUTH_TGHT_ULGNAUTH = 119,
95 VNC_TIGHT_AUTH_TGHT_XTRNAUTH = 130,
96 VNC_VENCRYPT_AUTH_PLAIN = 256,
97 VNC_VENCRYPT_AUTH_TLSNONE = 257,
98 VNC_VENCRYPT_AUTH_TLSVNC = 258,
99 VNC_VENCRYPT_AUTH_TLSPLAIN = 259,
100 VNC_VENCRYPT_AUTH_X509_NONE = 260,
101 VNC_VENCRYPT_AUTH_X509_VNC = 261,
102 VNC_VENCRYPT_AUTH_X509_PLAIN = 262,
103 VNC_VENCRYPT_AUTH_TLSSASL = 263,
104 VNC_VENCRYPT_AUTH_X509_SASL = 264
105 } vnc_security_types_e;
106
107 static const value_string vnc_security_types_vs[] = {
108 { VNC_SECURITY_TYPE_INVALID, "Invalid" },
109 { VNC_SECURITY_TYPE_NONE, "None" },
110 { VNC_SECURITY_TYPE_VNC, "VNC" },
111 { VNC_SECURITY_TYPE_RA2, "RA2" },
112 { VNC_SECURITY_TYPE_RA2ne, "RA2ne" },
113 { VNC_SECURITY_TYPE_TIGHT, "Tight" },
114 { VNC_SECURITY_TYPE_ULTRA, "Ultra" },
115 { VNC_SECURITY_TYPE_TLS, "TLS" },
116 { VNC_SECURITY_TYPE_VENCRYPT, "VeNCrypt" },
117 { VNC_SECURITY_TYPE_GTK_VNC_SASL, "GTK-VNC SASL" },
118 { VNC_SECURITY_TYPE_ARD, "Apple Remote Desktop" },
119 { 0, NULL }
120 };
121
122 static const value_string vnc_vencrypt_auth_types_vs[] = {
123 { VNC_SECURITY_TYPE_NONE, "None" },
124 { VNC_SECURITY_TYPE_VNC, "VNC" },
125 { VNC_VENCRYPT_AUTH_PLAIN, "Plain" },
126 { VNC_VENCRYPT_AUTH_TLSNONE, "TLS None" },
127 { VNC_VENCRYPT_AUTH_TLSVNC, "TLS VNC" },
128 { VNC_VENCRYPT_AUTH_TLSPLAIN, "TLS Plain" },
129 { VNC_VENCRYPT_AUTH_X509_NONE, "X.509 None" },
130 { VNC_VENCRYPT_AUTH_X509_VNC, "X.509 VNC" },
131 { VNC_VENCRYPT_AUTH_X509_PLAIN, "X.509 Plain" },
132 { VNC_VENCRYPT_AUTH_TLSSASL, "TLS SASL" },
133 { VNC_VENCRYPT_AUTH_X509_SASL, "X.509 SASL" },
134 { 0, NULL }
135 };
136
137 static const true_false_string auth_result_tfs = {
138 "Failed",
139 "OK"
140 };
141
142 static const value_string yes_no_vs[] = {
143 { 0, "No" },
144 { 1, "Yes" },
145 { 0, NULL }
146 };
147
148 typedef enum {
149 /* Required */
150 VNC_CLIENT_MESSAGE_TYPE_SET_PIXEL_FORMAT = 0,
151 VNC_CLIENT_MESSAGE_TYPE_SET_ENCODINGS = 2,
152 VNC_CLIENT_MESSAGE_TYPE_FRAMEBUF_UPDATE_REQ = 3,
153 VNC_CLIENT_MESSAGE_TYPE_KEY_EVENT = 4,
154 VNC_CLIENT_MESSAGE_TYPE_POINTER_EVENT = 5,
155 VNC_CLIENT_MESSAGE_TYPE_CLIENT_CUT_TEXT = 6,
156 /* Optional */
157 VNC_CLIENT_MESSAGE_TYPE_MIRRORLINK = 128,
158 VNC_CLIENT_MESSAGE_TYPE_ENABLE_CONTINUOUS_UPDATES = 150, /* TightVNC */
159 VNC_CLIENT_MESSAGE_TYPE_FENCE = 248, /* TigerVNC */
160 VNC_CLIENT_MESSAGE_TYPE_XVP = 250,
161 VNC_CLIENT_MESSAGE_TYPE_SETR_DESKTOP_SIZE = 251,
162 VNC_CLIENT_MESSAGE_TYPE_TIGHT = 252,
163 VNC_CLIENT_MESSAGE_TYPE_GII = 253,
164 VNC_CLIENT_MESSAGE_TYPE_QEMU = 255
165 } vnc_client_message_types_e;
166
167 static const value_string vnc_client_message_types_vs[] = {
168 /* Required */
169 { VNC_CLIENT_MESSAGE_TYPE_SET_PIXEL_FORMAT, "Set Pixel Format" },
170 { VNC_CLIENT_MESSAGE_TYPE_SET_ENCODINGS, "Set Encodings" },
171 { VNC_CLIENT_MESSAGE_TYPE_FRAMEBUF_UPDATE_REQ, "Framebuffer Update Request" },
172 { VNC_CLIENT_MESSAGE_TYPE_KEY_EVENT, "Key Event" },
173 { VNC_CLIENT_MESSAGE_TYPE_POINTER_EVENT, "Pointer Event" },
174 { VNC_CLIENT_MESSAGE_TYPE_CLIENT_CUT_TEXT, "Cut Text" },
175 /* Optional */
176 { VNC_CLIENT_MESSAGE_TYPE_MIRRORLINK, "MirrorLink" },
177 { VNC_CLIENT_MESSAGE_TYPE_ENABLE_CONTINUOUS_UPDATES, "Enable Continuous Updates" },
178 { VNC_CLIENT_MESSAGE_TYPE_FENCE, "Fence" },
179 { VNC_CLIENT_MESSAGE_TYPE_XVP, "Xvp" },
180 { VNC_CLIENT_MESSAGE_TYPE_SETR_DESKTOP_SIZE, "Setr Desktop Size" },
181 { VNC_CLIENT_MESSAGE_TYPE_TIGHT, "Tight" },
182 { VNC_CLIENT_MESSAGE_TYPE_GII, "Gii" },
183 { VNC_CLIENT_MESSAGE_TYPE_QEMU, "Qemu" },
184 { 0, NULL }
185 };
186
187 typedef enum {
188 VNC_SERVER_MESSAGE_TYPE_FRAMEBUFFER_UPDATE = 0,
189 VNC_SERVER_MESSAGE_TYPE_SET_COLORMAP_ENTRIES = 1,
190 VNC_SERVER_MESSAGE_TYPE_RING_BELL = 2,
191 VNC_SERVER_MESSAGE_TYPE_CUT_TEXT = 3,
192 VNC_SERVER_MESSAGE_TYPE_MIRRORLINK = 128,
193 VNC_SERVER_MESSAGE_TYPE_END_CONTINUOUS_UPDATES = 150, /* TightVNC */
194 VNC_SERVER_MESSAGE_TYPE_FENCE = 248, /* TigerVNC */
195 VNC_SERVER_MESSAGE_TYPE_XVP = 250,
196 VNC_SERVER_MESSAGE_TYPE_TIGHT = 252,
197 VNC_SERVER_MESSAGE_TYPE_GII = 253,
198 VNC_SERVER_MESSAGE_TYPE_QEMU = 255
199 } vnc_server_message_types_e;
200
201 static const value_string vnc_server_message_types_vs[] = {
202 { VNC_SERVER_MESSAGE_TYPE_FRAMEBUFFER_UPDATE, "Framebuffer Update" },
203 { VNC_SERVER_MESSAGE_TYPE_SET_COLORMAP_ENTRIES, "Set Colormap Entries" },
204 { VNC_SERVER_MESSAGE_TYPE_RING_BELL, "Ring Bell" },
205 { VNC_SERVER_MESSAGE_TYPE_CUT_TEXT, "Cut Text" },
206 { VNC_SERVER_MESSAGE_TYPE_MIRRORLINK, "MirrorLink" },
207 { VNC_SERVER_MESSAGE_TYPE_END_CONTINUOUS_UPDATES, "End Continuous Updates" },
208 { VNC_SERVER_MESSAGE_TYPE_FENCE, "Fence" },
209 { VNC_SERVER_MESSAGE_TYPE_XVP, "Xvp" },
210 { VNC_SERVER_MESSAGE_TYPE_TIGHT, "Tight" },
211 { VNC_SERVER_MESSAGE_TYPE_GII, "Gii" },
212 { VNC_SERVER_MESSAGE_TYPE_QEMU, "Qemu" },
213 { 0, NULL }
214 };
215
216
217 #define VNC_ENCODING_TYPE_DESKTOP_SIZE 0xFFFFFF21
218 #define VNC_ENCODING_TYPE_LAST_RECT 0xFFFFFF20
219 #define VNC_ENCODING_TYPE_POINTER_POS 0xFFFFFF18
220 #define VNC_ENCODING_TYPE_RICH_CURSOR 0xFFFFFF11
221 #define VNC_ENCODING_TYPE_X_CURSOR 0xFFFFFF10
222 #define VNC_ENCODING_TYPE_RAW 0
223 #define VNC_ENCODING_TYPE_COPY_RECT 1
224 #define VNC_ENCODING_TYPE_RRE 2
225 #define VNC_ENCODING_TYPE_CORRE 4
226 #define VNC_ENCODING_TYPE_HEXTILE 5
227 #define VNC_ENCODING_TYPE_ZLIB 6
228 #define VNC_ENCODING_TYPE_TIGHT 7
229 #define VNC_ENCODING_TYPE_ZLIBHEX 8
230 #define VNC_ENCODING_TYPE_ULTRA 9
231 #define VNC_ENCODING_TYPE_TRLE 15
232 #define VNC_ENCODING_TYPE_RLE 16
233 #define VNC_ENCODING_TYPE_HITACHI_ZYWRLE 17
234 #define VNC_ENCODING_TYPE_JPEG_0 -32
235 #define VNC_ENCODING_TYPE_JPEG_1 -31
236 #define VNC_ENCODING_TYPE_JPEG_2 -30
237 #define VNC_ENCODING_TYPE_JPEG_3 -29
238 #define VNC_ENCODING_TYPE_JPEG_4 -28
239 #define VNC_ENCODING_TYPE_JPEG_5 -27
240 #define VNC_ENCODING_TYPE_JPEG_6 -26
241 #define VNC_ENCODING_TYPE_JPEG_7 -25
242 #define VNC_ENCODING_TYPE_JPEG_8 -24
243 #define VNC_ENCODING_TYPE_JPEG_9 -23
244 #define VNC_ENCODING_TYPE_COMPRESSION_0 0xFFFFFF00
245 #define VNC_ENCODING_TYPE_COMPRESSION_1 0xFFFFFF01
246 #define VNC_ENCODING_TYPE_COMPRESSION_2 0xFFFFFF02
247 #define VNC_ENCODING_TYPE_COMPRESSION_3 0xFFFFFF03
248 #define VNC_ENCODING_TYPE_COMPRESSION_4 0xFFFFFF04
249 #define VNC_ENCODING_TYPE_COMPRESSION_5 0xFFFFFF05
250 #define VNC_ENCODING_TYPE_COMPRESSION_6 0xFFFFFF06
251 #define VNC_ENCODING_TYPE_COMPRESSION_7 0xFFFFFF07
252 #define VNC_ENCODING_TYPE_COMPRESSION_8 0xFFFFFF08
253 #define VNC_ENCODING_TYPE_COMPRESSION_9 0xFFFFFF09
254 #define VNC_ENCODING_TYPE_WMVi 0x574D5669
255 #define VNC_ENCODING_TYPE_CACHE 0xFFFF0000
256 #define VNC_ENCODING_TYPE_CACHE_ENABLE 0xFFFF0001
257 #define VNC_ENCODING_TYPE_XOR_ZLIB 0xFFFF0002
258 #define VNC_ENCODING_TYPE_XOR_MONO_ZLIB 0xFFFF0003
259 #define VNC_ENCODING_TYPE_XOR_MULTI_ZLIB 0xFFFF0004
260 #define VNC_ENCODING_TYPE_SOLID_COLOR 0xFFFF0005
261 #define VNC_ENCODING_TYPE_XOR_ENABLE 0xFFFF0006
262 #define VNC_ENCODING_TYPE_CACHE_ZIP 0xFFFF0007
263 #define VNC_ENCODING_TYPE_SOL_MONO_ZIP 0xFFFF0008
264 #define VNC_ENCODING_TYPE_ULTRA_ZIP 0xFFFF0009
265 #define VNC_ENCODING_TYPE_SERVER_STATE 0xFFFF8000
266 #define VNC_ENCODING_TYPE_ENABLE_KEEP_ALIVE 0xFFFF8001
267 #define VNC_ENCODING_TYPE_FTP_PROTO_VER 0xFFFF8002
268 #define VNC_ENCODING_TYPE_POINTER_CHANGE -257
269 #define VNC_ENCODING_TYPE_EXT_KEY_EVENT -258
270 #define VNC_ENCODING_TYPE_AUDIO 259
271 #define VNC_ENCODING_TYPE_DESKTOP_NAME -307
272 #define VNC_ENCODING_TYPE_EXTENDED_DESK_SIZE -308
273 #define VNC_ENCODING_TYPE_KEYBOARD_LED_STATE 0XFFFE0000
274 #define VNC_ENCODING_TYPE_SUPPORTED_MESSAGES 0XFFFE0001
275 #define VNC_ENCODING_TYPE_SUPPORTED_ENCODINGS 0XFFFE0002
276 #define VNC_ENCODING_TYPE_SERVER_IDENTITY 0XFFFE0003
277 #define VNC_ENCODING_TYPE_MIRRORLINK 0xFFFFFDF5
278 #define VNC_ENCODING_TYPE_CONTEXT_INFORMATION 0xFFFFFDF4
279 #define VNC_ENCODING_TYPE_SLRLE 0xFFFFFDF3
280 #define VNC_ENCODING_TYPE_TRANSFORM 0xFFFFFDF2
281 #define VNC_ENCODING_TYPE_HSML 0xFFFFFDF1
282 #define VNC_ENCODING_TYPE_H264 0X48323634
283
284 static const value_string encoding_types_vs[] = {
285 { VNC_ENCODING_TYPE_DESKTOP_SIZE, "DesktopSize (pseudo)" },
286 { VNC_ENCODING_TYPE_LAST_RECT, "LastRect (pseudo)" },
287 { VNC_ENCODING_TYPE_POINTER_POS, "Pointer pos (pseudo)" },
288 { VNC_ENCODING_TYPE_RICH_CURSOR, "Rich Cursor (pseudo)" },
289 { VNC_ENCODING_TYPE_X_CURSOR, "X Cursor (pseudo)" },
290 { VNC_ENCODING_TYPE_RAW, "Raw" },
291 { VNC_ENCODING_TYPE_COPY_RECT, "CopyRect" },
292 { VNC_ENCODING_TYPE_RRE, "RRE" },
293 { VNC_ENCODING_TYPE_CORRE, "CoRRE" },
294 { VNC_ENCODING_TYPE_HEXTILE, "Hextile" },
295 { VNC_ENCODING_TYPE_ZLIB, "Zlib" },
296 { VNC_ENCODING_TYPE_TIGHT, "Tight" },
297 { VNC_ENCODING_TYPE_ZLIBHEX, "ZlibHex" },
298 { VNC_ENCODING_TYPE_ULTRA, "Ultra" },
299 { VNC_ENCODING_TYPE_RLE, "ZRLE" },
300 { VNC_ENCODING_TYPE_HITACHI_ZYWRLE, "Hitachi ZYWRLE" },
301 { VNC_ENCODING_TYPE_JPEG_0, "JPEG quality level 0" },
302 { VNC_ENCODING_TYPE_JPEG_1, "JPEG quality level 1" },
303 { VNC_ENCODING_TYPE_JPEG_2, "JPEG quality level 2" },
304 { VNC_ENCODING_TYPE_JPEG_3, "JPEG quality level 3" },
305 { VNC_ENCODING_TYPE_JPEG_4, "JPEG quality level 4" },
306 { VNC_ENCODING_TYPE_JPEG_5, "JPEG quality level 5" },
307 { VNC_ENCODING_TYPE_JPEG_6, "JPEG quality level 6" },
308 { VNC_ENCODING_TYPE_JPEG_7, "JPEG quality level 7" },
309 { VNC_ENCODING_TYPE_JPEG_8, "JPEG quality level 8" },
310 { VNC_ENCODING_TYPE_JPEG_9, "JPEG quality level 9" },
311 { VNC_ENCODING_TYPE_COMPRESSION_0, "Compression level 0" },
312 { VNC_ENCODING_TYPE_COMPRESSION_1, "Compression level 1" },
313 { VNC_ENCODING_TYPE_COMPRESSION_2, "Compression level 2" },
314 { VNC_ENCODING_TYPE_COMPRESSION_3, "Compression level 3" },
315 { VNC_ENCODING_TYPE_COMPRESSION_4, "Compression level 4" },
316 { VNC_ENCODING_TYPE_COMPRESSION_5, "Compression level 5" },
317 { VNC_ENCODING_TYPE_COMPRESSION_6, "Compression level 6" },
318 { VNC_ENCODING_TYPE_COMPRESSION_7, "Compression level 7" },
319 { VNC_ENCODING_TYPE_COMPRESSION_8, "Compression level 8" },
320 { VNC_ENCODING_TYPE_COMPRESSION_9, "Compression level 9" },
321 /* FIXME understand for real what the below mean. Taken from Ultra VNC source code */
322 /* { VNC_ENCODING_TYPE_CACHE, */
323 { VNC_ENCODING_TYPE_CACHE_ENABLE, "Enable Caching"},
324 /* { VNC_ENCODING_TYPE_XOR_ZLIB,
325 { VNC_ENCODING_TYPE_XOR_MONO_ZLIB,
326 { VNC_ENCODING_TYPE_XOR_MULTI_ZLIB,
327 { VNC_ENCODING_TYPE_SOLID_COLOR,
328 { VNC_ENCODING_TYPE_XOR_ENABLE,
329 { VNC_ENCODING_TYPE_CACHE_ZIP,
330 { VNC_ENCODING_TYPE_SOL_MONO_ZIP,
331 { VNC_ENCODING_TYPE_ULTRA_ZIP,
332 */ { VNC_ENCODING_TYPE_SERVER_STATE, "Server State" },
333 { VNC_ENCODING_TYPE_ENABLE_KEEP_ALIVE, "Enable Keep Alive" },
334 { VNC_ENCODING_TYPE_FTP_PROTO_VER, "FTP protocol version" },
335 { VNC_ENCODING_TYPE_EXTENDED_DESK_SIZE, "Extended Desktop Size"},
336 { VNC_ENCODING_TYPE_DESKTOP_NAME, "Desktop Name" },
337 { VNC_ENCODING_TYPE_KEYBOARD_LED_STATE, "Keyboard LED State" },
338 { VNC_ENCODING_TYPE_SUPPORTED_MESSAGES, "Supported Messages" },
339 { VNC_ENCODING_TYPE_SUPPORTED_ENCODINGS, "Supported Encodings" },
340 { VNC_ENCODING_TYPE_SERVER_IDENTITY, "Server Identity" },
341 { VNC_ENCODING_TYPE_MIRRORLINK, "MirrorLink" },
342 { VNC_ENCODING_TYPE_CONTEXT_INFORMATION, "Context Information" },
343 { VNC_ENCODING_TYPE_SLRLE, "SLRLE" },
344 { VNC_ENCODING_TYPE_TRANSFORM, "Transform" },
345 { VNC_ENCODING_TYPE_HSML, "HSML" },
346 { VNC_ENCODING_TYPE_H264, "H264" },
347 { 0, NULL }
348 };
349
350 /* Rectangle types for Tight encoding. These come in the "control byte" at the
351 * start of a rectangle's payload. Note that these are with respect to the most
352 * significant bits 4-7 of the control byte, so you must shift it to the right 4
353 * bits before comparing against these values.
354 */
355 #define TIGHT_RECT_FILL 0x08
356 #define TIGHT_RECT_JPEG 0x09
357 #define TIGHT_RECT_MAX_VALUE 0x09
358
359 #define TIGHT_RECT_EXPLICIT_FILTER_FLAG 0x04
360
361 /* Filter types for Basic encoding of Tight rectangles */
362 #define TIGHT_RECT_FILTER_COPY 0x00
363 #define TIGHT_RECT_FILTER_PALETTE 0x01
364 #define TIGHT_RECT_FILTER_GRADIENT 0x02
365
366 /* Minimum number of bytes to compress for Tight encoding */
367 #define TIGHT_MIN_BYTES_TO_COMPRESS 12
368
369 static const value_string tight_filter_ids_vs[] = {
370 { TIGHT_RECT_FILTER_COPY, "Copy" },
371 { TIGHT_RECT_FILTER_PALETTE, "Palette" },
372 { TIGHT_RECT_FILTER_GRADIENT, "Gradient" },
373 { 0, NULL }
374 };
375
376 /* MirrorLink messages */
377 typedef enum {
378 VNC_ML_EXT_BYE_BYE = 0,
379 VNC_ML_EXT_SERVER_DISPLAY_CONFIGURATION = 1,
380 VNC_ML_EXT_CLIENT_DISPLAY_CONFIGURATION = 2,
381 VNC_ML_EXT_SERVER_EVENT_CONFIGURATION = 3,
382 VNC_ML_EXT_CLIENT_EVENT_CONFIGURATION = 4,
383 VNC_ML_EXT_EVENT_MAPPING = 5,
384 VNC_ML_EXT_EVENT_MAPPING_REQUEST = 6,
385 VNC_ML_EXT_KEY_EVENT_LISTING = 7,
386 VNC_ML_EXT_KEY_EVENT_LISTING_REQUEST = 8,
387 VNC_ML_EXT_VIRTUAL_KEYBOARD = 9,
388 VNC_ML_EXT_VIRTUAL_KEYBOARD_REQUEST = 10,
389 VNC_ML_EXT_DEVICE_STATUS = 11,
390 VNC_ML_EXT_DEVICE_STATUS_REQUEST = 12,
391 VNC_ML_EXT_CONTENT_ATTESTATION = 13,
392 VNC_ML_EXT_CONTENT_ATTESTATION_REQUEST = 14,
393 VNC_ML_EXT_FB_BLOCKING_NOTIFICATION = 16,
394 VNC_ML_EXT_AUDIO_BLOCKING_NOTIFICATION = 18,
395 VNC_ML_EXT_TOUCH_EVENT = 20,
396 VNC_ML_EXT_FB_ALTERNATIVE_TEXT = 21,
397 VNC_ML_EXT_FB_ALTERNATIVE_TEXT_REQUEST = 22
398 } vnc_mirrorlink_ext_types_e;
399
400 static const value_string vnc_mirrorlink_types_vs[] = {
401 { VNC_ML_EXT_BYE_BYE, "ByeBye" },
402 { VNC_ML_EXT_SERVER_DISPLAY_CONFIGURATION, "Server Display Configuration" },
403 { VNC_ML_EXT_CLIENT_DISPLAY_CONFIGURATION, "Client Display Configuration" },
404 { VNC_ML_EXT_SERVER_EVENT_CONFIGURATION, "Server Event Configuration" },
405 { VNC_ML_EXT_CLIENT_EVENT_CONFIGURATION, "Client Event Configuration" },
406 { VNC_ML_EXT_EVENT_MAPPING, "Event Mapping" },
407 { VNC_ML_EXT_EVENT_MAPPING_REQUEST, "Event Mapping Request" },
408 { VNC_ML_EXT_KEY_EVENT_LISTING, "Key Event Listing" },
409 { VNC_ML_EXT_KEY_EVENT_LISTING_REQUEST, "Key Event Listing Request" },
410 { VNC_ML_EXT_VIRTUAL_KEYBOARD, "Virtual Keyboard Trigger" },
411 { VNC_ML_EXT_VIRTUAL_KEYBOARD_REQUEST, "Virtual Keyboard Trigger Request" },
412 { VNC_ML_EXT_DEVICE_STATUS, "Device Status" },
413 { VNC_ML_EXT_DEVICE_STATUS_REQUEST, "Device Status Request" },
414 { VNC_ML_EXT_CONTENT_ATTESTATION, "Content Attestation" },
415 { VNC_ML_EXT_CONTENT_ATTESTATION_REQUEST, "Content Attestation Request" },
416 { VNC_ML_EXT_FB_BLOCKING_NOTIFICATION, "Framebuffer Blocking Notification" },
417 { VNC_ML_EXT_AUDIO_BLOCKING_NOTIFICATION, "Audio Blocking Notification" },
418 { VNC_ML_EXT_TOUCH_EVENT, "Touch Event" },
419 { VNC_ML_EXT_FB_ALTERNATIVE_TEXT, "Framebuffer Alternative Text" },
420 { VNC_ML_EXT_FB_ALTERNATIVE_TEXT_REQUEST, "Framebuffer Alternative Text Request" },
421 { 0, NULL }
422 };
423
424 /* Slice types for H.264 encoding */
425 typedef enum {
426 VNC_H264_SLICE_TYPE_P = 0,
427 VNC_H264_SLICE_TYPE_B = 1,
428 VNC_H264_SLICE_TYPE_I = 2
429 } vnc_h264_slice_types_e;
430
431 static const value_string vnc_h264_slice_types_vs[] = {
432 { VNC_H264_SLICE_TYPE_P, "Predicted" },
433 { VNC_H264_SLICE_TYPE_B, "Bi-predicted" },
434 { VNC_H264_SLICE_TYPE_I, "Intra coded" },
435 { 0, NULL }
436 };
437
438
439 typedef enum {
440 VNC_SESSION_STATE_SERVER_VERSION,
441 VNC_SESSION_STATE_CLIENT_VERSION,
442
443 VNC_SESSION_STATE_SECURITY,
444 VNC_SESSION_STATE_SECURITY_TYPES,
445
446 VNC_SESSION_STATE_TIGHT_TUNNELING_CAPABILITIES,
447 VNC_SESSION_STATE_TIGHT_TUNNEL_TYPE_REPLY,
448 VNC_SESSION_STATE_TIGHT_AUTH_CAPABILITIES,
449 VNC_SESSION_STATE_TIGHT_AUTH_TYPE_REPLY,
450 VNC_SESSION_STATE_TIGHT_UNKNOWN_PACKET3,
451
452 VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE,
453 VNC_SESSION_STATE_VNC_AUTHENTICATION_RESPONSE,
454
455 VNC_SESSION_STATE_ARD_AUTHENTICATION_CHALLENGE,
456 VNC_SESSION_STATE_ARD_AUTHENTICATION_RESPONSE,
457
458 VNC_SESSION_STATE_SECURITY_RESULT,
459
460 VNC_SESSION_STATE_VENCRYPT_SERVER_VERSION,
461 VNC_SESSION_STATE_VENCRYPT_CLIENT_VERSION,
462 VNC_SESSION_STATE_VENCRYPT_AUTH_CAPABILITIES,
463 VNC_SESSION_STATE_VENCRYPT_AUTH_TYPE_REPLY,
464 VNC_SESSION_STATE_VENCRYPT_AUTH_ACK,
465
466 VNC_SESSION_STATE_CLIENT_INIT,
467 VNC_SESSION_STATE_SERVER_INIT,
468
469 VNC_SESSION_STATE_TIGHT_INTERACTION_CAPS,
470
471 VNC_SESSION_STATE_NORMAL_TRAFFIC
472 } vnc_session_state_e;
473
474 #define VNC_FENCE_BLOCK_BEFORE 0x00000001
475 #define VNC_FENCE_BLOCK_AFTER 0x00000002
476 #define VNC_FENCE_SYNC_NEXT 0x00000004
477 #define VNC_FENCE_REQUEST 0x80000000
478
479 /* This structure will be tied to each conversation. */
480 typedef struct {
481 gdouble server_proto_ver, client_proto_ver;
482 vnc_session_state_e vnc_next_state;
483 guint32 server_port;
484 /* These are specific to TightVNC */
485 gint num_server_message_types;
486 gint num_client_message_types;
487 gint num_encoding_types;
488 guint8 security_type_selected;
489 gboolean tight_enabled;
490 /* This is specific to Apple Remote Desktop */
491 guint16 ard_key_length;
492 } vnc_conversation_t;
493
494 /* This structure will be tied to each packet */
495 typedef struct {
496 vnc_session_state_e state;
497 gint preferred_encoding;
498 guint8 bytes_per_pixel;
499 guint8 depth;
500 } vnc_packet_t;
501
502 void proto_reg_handoff_vnc(void);
503
504 static gboolean vnc_startup_messages(tvbuff_t *tvb, packet_info *pinfo,
505 gint offset, proto_tree *tree,
506 vnc_conversation_t *per_conversation_info);
507 static void vnc_client_to_server(tvbuff_t *tvb, packet_info *pinfo,
508 gint *offset, proto_tree *tree);
509 static void vnc_server_to_client(tvbuff_t *tvb, packet_info *pinfo,
510 gint *offset, proto_tree *tree);
511 static void vnc_client_set_pixel_format(tvbuff_t *tvb, packet_info *pinfo,
512 gint *offset, proto_tree *tree);
513 static void vnc_client_set_encodings(tvbuff_t *tvb, packet_info *pinfo,
514 gint *offset, proto_tree *tree);
515 static void vnc_client_framebuffer_update_request(tvbuff_t *tvb,
516 packet_info *pinfo,
517 gint *offset,
518 proto_tree *tree);
519 static void vnc_client_key_event(tvbuff_t *tvb, packet_info *pinfo,
520 gint *offset, proto_tree *tree);
521 static void vnc_client_pointer_event(tvbuff_t *tvb, packet_info *pinfo,
522 gint *offset, proto_tree *tree);
523 static void vnc_client_cut_text(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
524 proto_tree *tree);
525
526 static guint vnc_server_framebuffer_update(tvbuff_t *tvb, packet_info *pinfo,
527 gint *offset, proto_tree *tree);
528 static guint vnc_raw_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
529 proto_tree *tree, const guint16 width, const guint16 height);
530 static guint vnc_copyrect_encoding(tvbuff_t *tvb, packet_info *pinfo,
531 gint *offset, proto_tree *tree,
532 const guint16 width, const guint16 height);
533 static guint vnc_rre_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
534 proto_tree *tree, const guint16 width, const guint16 height);
535 static guint vnc_hextile_encoding(tvbuff_t *tvb, packet_info *pinfo,
536 gint *offset, proto_tree *tree,
537 const guint16 width, const guint16 height);
538 static guint vnc_zrle_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
539 proto_tree *tree, const guint16 width, const guint16 height);
540 static guint vnc_tight_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
541 proto_tree *tree, const guint16 width, const guint16 height);
542 static guint vnc_rich_cursor_encoding(tvbuff_t *tvb, packet_info *pinfo,
543 gint *offset, proto_tree *tree, const guint16 width,
544 const guint16 height);
545 static guint vnc_x_cursor_encoding(tvbuff_t *tvb, packet_info *pinfo,
546 gint *offset, proto_tree *tree, const guint16 width,
547 const guint16 height);
548 static guint vnc_server_set_colormap_entries(tvbuff_t *tvb, packet_info *pinfo,
549 gint *offset, proto_tree *tree);
550 static void vnc_server_ring_bell(tvbuff_t *tvb, packet_info *pinfo,
551 gint *offset, proto_tree *tree);
552 static guint vnc_server_cut_text(tvbuff_t *tvb, packet_info *pinfo,
553 gint *offset, proto_tree *tree);
554 static void vnc_set_bytes_per_pixel(packet_info *pinfo, const guint8 bytes_per_pixel);
555 static void vnc_set_depth(packet_info *pinfo, const guint8 depth);
556 static guint8 vnc_get_bytes_per_pixel(packet_info *pinfo);
557 static guint8 vnc_get_depth(packet_info *pinfo);
558 static guint32 vnc_extended_desktop_size(tvbuff_t *tvb, gint *offset, proto_tree *tree);
559
560 static guint vnc_supported_messages(tvbuff_t *tvb, gint *offset,
561 proto_tree *tree, const guint16 width);
562 static guint vnc_supported_encodings(tvbuff_t *tvb, gint *offset,
563 proto_tree *tree, const guint16 width,
564 const guint16 height);
565 static guint vnc_server_identity(tvbuff_t *tvb, gint *offset,
566 proto_tree *tree, const guint16 width);
567
568 static guint vnc_fence(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
569 proto_tree *tree);
570 static guint vnc_mirrorlink(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
571 proto_tree *tree);
572 static guint vnc_context_information(tvbuff_t *tvb, gint *offset,
573 proto_tree *tree);
574 static guint vnc_slrle_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
575 proto_tree *tree, const guint16 height);
576
577 static guint vnc_h264_encoding(tvbuff_t *tvb, gint *offset, proto_tree *tree);
578
579 #define VNC_BYTES_NEEDED(a) \
580 if((a) > (guint)tvb_reported_length_remaining(tvb, *offset)) \
581 return (a);
582
583 /* Initialize the protocol and registered fields */
584 static int proto_vnc = -1; /* Protocol subtree */
585 static int hf_vnc_padding = -1;
586 static int hf_vnc_server_proto_ver = -1;
587 static int hf_vnc_client_proto_ver = -1;
588 static int hf_vnc_num_security_types = -1;
589 static int hf_vnc_security_type = -1;
590 static int hf_vnc_server_security_type = -1;
591 static int hf_vnc_client_security_type = -1;
592 static int hf_vnc_auth_challenge = -1;
593 static int hf_vnc_auth_response = -1;
594 static int hf_vnc_auth_result = -1;
595 static int hf_vnc_auth_error = -1;
596 static int hf_vnc_auth_error_length = -1;
597
598 static int hf_vnc_ard_auth_generator = -1;
599 static int hf_vnc_ard_auth_key_len = -1;
600 static int hf_vnc_ard_auth_modulus = -1;
601 static int hf_vnc_ard_auth_server_key = -1;
602 static int hf_vnc_ard_auth_credentials = -1;
603 static int hf_vnc_ard_auth_client_key = -1;
604
605 static int hf_vnc_share_desktop_flag = -1;
606 static int hf_vnc_width = -1;
607 static int hf_vnc_height = -1;
608 static int hf_vnc_server_bits_per_pixel = -1;
609 static int hf_vnc_server_depth = -1;
610 static int hf_vnc_server_big_endian_flag = -1;
611 static int hf_vnc_server_true_color_flag = -1;
612 static int hf_vnc_server_red_max = -1;
613 static int hf_vnc_server_green_max = -1;
614 static int hf_vnc_server_blue_max = -1;
615 static int hf_vnc_server_red_shift = -1;
616 static int hf_vnc_server_green_shift = -1;
617 static int hf_vnc_server_blue_shift = -1;
618 static int hf_vnc_desktop_name = -1;
619 static int hf_vnc_desktop_name_len = -1;
620 static int hf_vnc_desktop_screen_num = -1;
621 static int hf_vnc_desktop_screen_id = -1;
622 static int hf_vnc_desktop_screen_x = -1;
623 static int hf_vnc_desktop_screen_y = -1;
624 static int hf_vnc_desktop_screen_width = -1;
625 static int hf_vnc_desktop_screen_height = -1;
626 static int hf_vnc_desktop_screen_flags = -1;
627 static int hf_vnc_num_server_message_types = -1;
628 static int hf_vnc_num_client_message_types = -1;
629 static int hf_vnc_num_encoding_types = -1;
630
631 /********** Client Message Types **********/
632
633 static int hf_vnc_client_message_type = -1; /* A subtree under VNC */
634 static int hf_vnc_client_bits_per_pixel = -1;
635 static int hf_vnc_client_depth = -1;
636 static int hf_vnc_client_big_endian_flag = -1;
637 static int hf_vnc_client_true_color_flag = -1;
638 static int hf_vnc_client_red_max = -1;
639 static int hf_vnc_client_green_max = -1;
640 static int hf_vnc_client_blue_max = -1;
641 static int hf_vnc_client_red_shift = -1;
642 static int hf_vnc_client_green_shift = -1;
643 static int hf_vnc_client_blue_shift = -1;
644
645 /* Client Key Event */
646 static int hf_vnc_key_down = -1;
647 static int hf_vnc_key = -1;
648
649 /* Client Pointer Event */
650 static int hf_vnc_button_1_pos = -1;
651 static int hf_vnc_button_2_pos = -1;
652 static int hf_vnc_button_3_pos = -1;
653 static int hf_vnc_button_4_pos = -1;
654 static int hf_vnc_button_5_pos = -1;
655 static int hf_vnc_button_6_pos = -1;
656 static int hf_vnc_button_7_pos = -1;
657 static int hf_vnc_button_8_pos = -1;
658 static int hf_vnc_pointer_x_pos = -1;
659 static int hf_vnc_pointer_y_pos = -1;
660
661 /* Client Framebuffer Update Request */
662 static int hf_vnc_update_req_incremental = -1;
663 static int hf_vnc_update_req_x_pos = -1;
664 static int hf_vnc_update_req_y_pos = -1;
665 static int hf_vnc_update_req_width = -1;
666 static int hf_vnc_update_req_height = -1;
667
668 /* Client Set Encodings */
669 static int hf_vnc_encoding_num = -1;
670 static int hf_vnc_client_set_encodings_encoding_type = -1;
671
672 /* Client Cut Text */
673 static int hf_vnc_client_cut_text_len = -1;
674 static int hf_vnc_client_cut_text = -1;
675
676 /********** Server Message Types **********/
677
678 static int hf_vnc_server_message_type = -1; /* Subtree */
679
680 /* Tunneling capabilities (TightVNC extension) */
681 static int hf_vnc_tight_num_tunnel_types = -1;
682 static int hf_vnc_tight_tunnel_type_code = -1;
683 static int hf_vnc_tight_tunnel_type_vendor = -1;
684 static int hf_vnc_tight_tunnel_type_signature = -1;
685
686 /* Authentication capabilities (TightVNC extension) */
687 static int hf_vnc_tight_num_auth_types = -1;
688 static int hf_vnc_tight_auth_code = -1;
689 /* TightVNC capabilities */
690 static int hf_vnc_tight_server_message_type = -1;
691 static int hf_vnc_tight_server_vendor = -1;
692 static int hf_vnc_tight_signature = -1;
693 static int hf_vnc_tight_server_name = -1;
694
695 static int hf_vnc_tight_client_message_type = -1;
696 static int hf_vnc_tight_client_vendor = -1;
697 static int hf_vnc_tight_client_name = -1;
698
699 static int hf_vnc_tight_encoding_type = -1;
700 static int hf_vnc_tight_encoding_vendor = -1;
701 static int hf_vnc_tight_encoding_name = -1;
702
703 /* VeNCrypt capabilities */
704 static int hf_vnc_vencrypt_server_major_ver = -1;
705 static int hf_vnc_vencrypt_server_minor_ver = -1;
706 static int hf_vnc_vencrypt_client_major_ver = -1;
707 static int hf_vnc_vencrypt_client_minor_ver = -1;
708 static int hf_vnc_vencrypt_version_ack = -1;
709 static int hf_vnc_vencrypt_num_auth_types = -1;
710 static int hf_vnc_vencrypt_auth_type = -1;
711 static int hf_vnc_vencrypt_auth_type_ack = -1;
712
713 /* Tight compression parameters */
714 static int hf_vnc_tight_reset_stream0 = -1;
715 static int hf_vnc_tight_reset_stream1 = -1;
716 static int hf_vnc_tight_reset_stream2 = -1;
717 static int hf_vnc_tight_reset_stream3 = -1;
718
719 static int hf_vnc_tight_rect_type = -1;
720
721 static int hf_vnc_tight_image_len = -1;
722 static int hf_vnc_tight_image_data = -1;
723
724 static int hf_vnc_tight_fill_color = -1;
725
726 static int hf_vnc_tight_filter_flag = -1;
727 static int hf_vnc_tight_filter_id = -1;
728
729 static int hf_vnc_tight_palette_num_colors = -1;
730 static int hf_vnc_tight_palette_data = -1;
731
732 /* Server Framebuffer Update */
733 static int hf_vnc_rectangle_num = -1;
734 static int hf_vnc_fb_update_x_pos = -1;
735 static int hf_vnc_fb_update_y_pos = -1;
736 static int hf_vnc_fb_update_width = -1;
737 static int hf_vnc_fb_update_height = -1;
738 static int hf_vnc_fb_update_encoding_type = -1;
739
740 /* Raw Encoding */
741 static int hf_vnc_raw_pixel_data = -1;
742
743 /* CopyRect Encoding */
744 static int hf_vnc_copyrect_src_x_pos = -1;
745 static int hf_vnc_copyrect_src_y_pos = -1;
746
747 /* RRE Encoding */
748 static int hf_vnc_rre_num_subrects = -1;
749 static int hf_vnc_rre_bg_pixel = -1;
750
751 static int hf_vnc_rre_subrect_pixel = -1;
752 static int hf_vnc_rre_subrect_x_pos = -1;
753 static int hf_vnc_rre_subrect_y_pos = -1;
754 static int hf_vnc_rre_subrect_width = -1;
755 static int hf_vnc_rre_subrect_height = -1;
756
757 /* Hextile Encoding */
758 static int hf_vnc_hextile_subencoding_mask = -1;
759 static int hf_vnc_hextile_raw = -1;
760 static int hf_vnc_hextile_raw_value = -1;
761 static int hf_vnc_hextile_bg = -1;
762 static int hf_vnc_hextile_bg_value = -1;
763 static int hf_vnc_hextile_fg = -1;
764 static int hf_vnc_hextile_fg_value = -1;
765 static int hf_vnc_hextile_anysubrects = -1;
766 static int hf_vnc_hextile_num_subrects = -1;
767 static int hf_vnc_hextile_subrectscolored = -1;
768 static int hf_vnc_hextile_subrect_pixel_value = -1;
769 static int hf_vnc_hextile_subrect_x_pos = -1;
770 static int hf_vnc_hextile_subrect_y_pos = -1;
771 static int hf_vnc_hextile_subrect_width = -1;
772 static int hf_vnc_hextile_subrect_height = -1;
773
774 /* ZRLE Encoding */
775 static int hf_vnc_zrle_len = -1;
776 static int hf_vnc_zrle_subencoding = -1;
777 static int hf_vnc_zrle_rle = -1;
778 static int hf_vnc_zrle_palette_size = -1;
779 static int hf_vnc_zrle_data = -1;
780 static int hf_vnc_zrle_raw = -1;
781 static int hf_vnc_zrle_palette = -1;
782
783 /* Cursor Encoding */
784 static int hf_vnc_cursor_x_fore_back = -1;
785 static int hf_vnc_cursor_encoding_pixels = -1;
786 static int hf_vnc_cursor_encoding_bitmask = -1;
787
788 /* Server Set Colormap Entries */
789 static int hf_vnc_color_groups = -1;
790 static int hf_vnc_colormap_first_color = -1;
791 static int hf_vnc_colormap_num_colors = -1;
792 static int hf_vnc_colormap_red = -1;
793 static int hf_vnc_colormap_green = -1;
794 static int hf_vnc_colormap_blue = -1;
795
796 /* Server Cut Text */
797 static int hf_vnc_server_cut_text_len = -1;
798 static int hf_vnc_server_cut_text = -1;
799
800 /* LibVNCServer additions */
801 static int hf_vnc_supported_messages_client2server = -1;
802 static int hf_vnc_supported_messages_server2client = -1;
803 static int hf_vnc_num_supported_encodings = -1;
804 static int hf_vnc_supported_encodings = -1;
805 static int hf_vnc_server_identity = -1;
806
807 /* MirrorLink */
808 static int hf_vnc_mirrorlink_type = -1;
809 static int hf_vnc_mirrorlink_length = -1;
810 static int hf_vnc_mirrorlink_version_major = -1;
811 static int hf_vnc_mirrorlink_version_minor = -1;
812 static int hf_vnc_mirrorlink_framebuffer_configuration = -1;
813 static int hf_vnc_mirrorlink_pixel_width = -1;
814 static int hf_vnc_mirrorlink_pixel_height = -1;
815 static int hf_vnc_mirrorlink_pixel_format = -1;
816 static int hf_vnc_mirrorlink_display_width = -1;
817 static int hf_vnc_mirrorlink_display_height = -1;
818 static int hf_vnc_mirrorlink_display_distance = -1;
819 static int hf_vnc_mirrorlink_keyboard_language = -1;
820 static int hf_vnc_mirrorlink_keyboard_country = -1;
821 static int hf_vnc_mirrorlink_ui_language = -1;
822 static int hf_vnc_mirrorlink_ui_country = -1;
823 static int hf_vnc_mirrorlink_knob_keys = -1;
824 static int hf_vnc_mirrorlink_device_keys = -1;
825 static int hf_vnc_mirrorlink_multimedia_keys = -1;
826 static int hf_vnc_mirrorlink_key_related = -1;
827 static int hf_vnc_mirrorlink_pointer_related = -1;
828 static int hf_vnc_mirrorlink_key_symbol_value_client = -1;
829 static int hf_vnc_mirrorlink_key_symbol_value_server = -1;
830 static int hf_vnc_mirrorlink_key_configuration = -1;
831 static int hf_vnc_mirrorlink_key_num_events = -1;
832 static int hf_vnc_mirrorlink_key_event_counter = -1;
833 static int hf_vnc_mirrorlink_key_symbol_value = -1;
834 static int hf_vnc_mirrorlink_key_request_configuration = -1;
835 static int hf_vnc_mirrorlink_keyboard_configuration = -1;
836 static int hf_vnc_mirrorlink_cursor_x = -1;
837 static int hf_vnc_mirrorlink_cursor_y = -1;
838 static int hf_vnc_mirrorlink_text_x = -1;
839 static int hf_vnc_mirrorlink_text_y = -1;
840 static int hf_vnc_mirrorlink_text_width = -1;
841 static int hf_vnc_mirrorlink_text_height = -1;
842 static int hf_vnc_mirrorlink_keyboard_request_configuration = -1;
843 static int hf_vnc_mirrorlink_device_status = -1;
844 static int hf_vnc_mirrorlink_app_id = -1;
845 static int hf_vnc_mirrorlink_fb_block_x = -1;
846 static int hf_vnc_mirrorlink_fb_block_y = -1;
847 static int hf_vnc_mirrorlink_fb_block_width = -1;
848 static int hf_vnc_mirrorlink_fb_block_height = -1;
849 static int hf_vnc_mirrorlink_fb_block_reason = -1;
850 static int hf_vnc_mirrorlink_audio_block_reason = -1;
851 static int hf_vnc_mirrorlink_touch_num_events = -1;
852 static int hf_vnc_mirrorlink_touch_x = -1;
853 static int hf_vnc_mirrorlink_touch_y = -1;
854 static int hf_vnc_mirrorlink_touch_id = -1;
855 static int hf_vnc_mirrorlink_touch_pressure = -1;
856 static int hf_vnc_mirrorlink_text = -1;
857 static int hf_vnc_mirrorlink_text_length = -1;
858 static int hf_vnc_mirrorlink_text_max_length = -1;
859 static int hf_vnc_mirrorlink_unknown = -1;
860
861 /* Fence */
862 static int hf_vnc_fence_flags = -1;
863 static int hf_vnc_fence_request = -1;
864 static int hf_vnc_fence_sync_next = -1;
865 static int hf_vnc_fence_block_after = -1;
866 static int hf_vnc_fence_block_before = -1;
867 static int hf_vnc_fence_payload_length = -1;
868 static int hf_vnc_fence_payload = -1;
869
870 static int * const vnc_fence_flags[] = {
871 &hf_vnc_fence_request,
872 &hf_vnc_fence_sync_next,
873 &hf_vnc_fence_block_after,
874 &hf_vnc_fence_block_before,
875 NULL
876 };
877
878 /* Context Information */
879 static int hf_vnc_context_information_app_id = -1;
880 static int hf_vnc_context_information_app_category = -1;
881 static int hf_vnc_context_information_app_trust_level = -1;
882 static int hf_vnc_context_information_content_category = -1;
883 static int hf_vnc_context_information_content_rules = -1;
884 static int hf_vnc_context_information_content_trust_level = -1;
885
886 /* Scan Line based Run-Length Encoding */
887 static int hf_vnc_slrle_run_num = -1;
888 static int hf_vnc_slrle_run_data = -1;
889
890 /* H.264 Encoding */
891 static int hf_vnc_h264_slice_type = -1;
892 static int hf_vnc_h264_nbytes = -1;
893 static int hf_vnc_h264_width = -1;
894 static int hf_vnc_h264_height = -1;
895 static int hf_vnc_h264_data = -1;
896
897 /********** End of Server Message Types **********/
898
899 static gboolean vnc_preference_desegment = TRUE;
900
901 /* Initialize the subtree pointers */
902 static gint ett_vnc = -1;
903 static gint ett_vnc_client_message_type = -1;
904 static gint ett_vnc_server_message_type = -1;
905 static gint ett_vnc_rect = -1;
906 static gint ett_vnc_encoding_type = -1;
907 static gint ett_vnc_rre_subrect = -1;
908 static gint ett_vnc_hextile_subencoding_mask = -1;
909 static gint ett_vnc_hextile_num_subrects = -1;
910 static gint ett_vnc_hextile_subrect = -1;
911 static gint ett_vnc_hextile_tile = -1;
912 static gint ett_vnc_zrle_subencoding = -1;
913 static gint ett_vnc_colormap_num_groups = -1;
914 static gint ett_vnc_colormap_color_group = -1;
915 static gint ett_vnc_desktop_screen = -1;
916 static gint ett_vnc_key_events = -1;
917 static gint ett_vnc_touch_events = -1;
918 static gint ett_vnc_slrle_subline = -1;
919 static gint ett_vnc_fence_flags = -1;
920
921 static expert_field ei_vnc_possible_gtk_vnc_bug = EI_INIT;
922 static expert_field ei_vnc_auth_code_mismatch = EI_INIT;
923 static expert_field ei_vnc_unknown_tight_vnc_auth = EI_INIT;
924 static expert_field ei_vnc_too_many_rectangles = EI_INIT;
925 static expert_field ei_vnc_too_many_sub_rectangles = EI_INIT;
926 static expert_field ei_vnc_invalid_encoding = EI_INIT;
927 static expert_field ei_vnc_too_many_colors = EI_INIT;
928 static expert_field ei_vnc_too_many_cut_text = EI_INIT;
929 static expert_field ei_vnc_zrle_failed = EI_INIT;
930 static expert_field ei_vnc_unknown_tight = EI_INIT;
931 static expert_field ei_vnc_reassemble = EI_INIT;
932
933 /* Global so they keep their value between packets */
934 guint8 vnc_bytes_per_pixel;
935 guint8 vnc_depth;
936
937 #define VNC_PORT_RANGE "5500-5501,5900-5901" /* Not IANA registered */
938
939 static range_t *vnc_tcp_range = NULL;
940 static dissector_handle_t vnc_handle;
941 static dissector_handle_t tls_handle;
942
943 /* Code to dissect the packets */
944 static int
dissect_vnc(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,void * data _U_)945 dissect_vnc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
946 {
947 gboolean ret;
948 gint offset = 0;
949
950 /* Set up structures needed to add the protocol subtree and manage it */
951 proto_item *ti;
952 proto_tree *vnc_tree;
953
954 conversation_t *conversation;
955 vnc_conversation_t *per_conversation_info;
956
957 conversation = find_or_create_conversation(pinfo);
958
959 /* Retrieve information from conversation, or add it if it isn't
960 * there yet */
961 per_conversation_info = (vnc_conversation_t *)conversation_get_proto_data(conversation, proto_vnc);
962 if(!per_conversation_info) {
963 per_conversation_info = wmem_new(wmem_file_scope(), vnc_conversation_t);
964
965 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SERVER_VERSION;
966 per_conversation_info->security_type_selected = VNC_SECURITY_TYPE_INVALID;
967 per_conversation_info->tight_enabled = FALSE;
968
969 conversation_add_proto_data(conversation, proto_vnc, per_conversation_info);
970 }
971
972
973 /* Make entries in Protocol column and Info column on summary display */
974 col_set_str(pinfo->cinfo, COL_PROTOCOL, "VNC");
975
976 /* First, clear the info column */
977 col_clear(pinfo->cinfo, COL_INFO);
978
979 /* create display subtree for the protocol */
980 ti = proto_tree_add_item(tree, proto_vnc, tvb, 0, -1, ENC_NA);
981 vnc_tree = proto_item_add_subtree(ti, ett_vnc);
982
983 /* Dissect any remaining session startup messages */
984 ret = vnc_startup_messages(tvb, pinfo, offset, vnc_tree,
985 per_conversation_info);
986
987 vnc_set_bytes_per_pixel(pinfo, vnc_bytes_per_pixel);
988 vnc_set_depth(pinfo, vnc_depth);
989
990 if (ret) {
991 return tvb_captured_length(tvb); /* We're in a "startup" state; Cannot yet do "normal" processing */
992 }
993
994 if (per_conversation_info->security_type_selected == VNC_SECURITY_TYPE_VENCRYPT) {
995 call_dissector_with_data(tls_handle, tvb, pinfo, vnc_tree, GUINT_TO_POINTER(offset));
996 return tvb_captured_length(tvb);
997 }
998
999 if(value_is_in_range(vnc_tcp_range, pinfo->destport) || per_conversation_info->server_port == pinfo->destport) {
1000 vnc_client_to_server(tvb, pinfo, &offset, vnc_tree);
1001 }
1002 else {
1003 vnc_server_to_client(tvb, pinfo, &offset, vnc_tree);
1004 }
1005 return tvb_captured_length(tvb);
1006 }
1007
1008 /* Returns the new offset after processing the 4-byte vendor string */
1009 static gint
process_vendor(proto_tree * tree,gint hfindex,tvbuff_t * tvb,gint offset)1010 process_vendor(proto_tree *tree, gint hfindex, tvbuff_t *tvb, gint offset)
1011 {
1012 const guint8 *vendor;
1013 proto_item *ti;
1014
1015 if (tree) {
1016 ti = proto_tree_add_item_ret_string(tree, hfindex, tvb, offset, 4, ENC_ASCII|ENC_NA, wmem_packet_scope(), &vendor);
1017
1018 if(g_ascii_strcasecmp(vendor, "STDV") == 0)
1019 proto_item_append_text(ti, " (Standard VNC vendor)");
1020 else if(g_ascii_strcasecmp(vendor, "TRDV") == 0)
1021 proto_item_append_text(ti, " (Tridia VNC vendor)");
1022 else if(g_ascii_strcasecmp(vendor, "TGHT") == 0)
1023 proto_item_append_text(ti, " (Tight VNC vendor)");
1024 }
1025
1026 offset += 4;
1027 return offset;
1028 }
1029
1030 /* Returns the new offset after processing the specified number of capabilities */
1031 static gint
process_tight_capabilities(proto_tree * tree,gint type_index,gint vendor_index,gint name_index,tvbuff_t * tvb,gint offset,const gint num_capabilities)1032 process_tight_capabilities(proto_tree *tree,
1033 gint type_index, gint vendor_index, gint name_index,
1034 tvbuff_t *tvb, gint offset, const gint num_capabilities)
1035 {
1036 gint i;
1037 /* See vnc_unixsrc/include/rfbproto.h:rfbCapabilityInfo */
1038
1039 for (i = 0; i < num_capabilities; i++) {
1040
1041 proto_tree_add_item(tree, type_index, tvb, offset, 4, ENC_BIG_ENDIAN);
1042 offset += 4;
1043
1044 offset = process_vendor(tree, vendor_index, tvb, offset);
1045
1046 proto_tree_add_item(tree, name_index, tvb, offset, 8, ENC_ASCII|ENC_NA);
1047 offset += 8;
1048 }
1049
1050 return offset;
1051 }
1052
1053 /* Returns true if this looks like a client or server version packet: 12 bytes, in the format "RFB xxx.yyy\n" .
1054 * Will check for the 12 bytes exact length, the 'RFB ' string and that it ends with a '\n'.
1055 * The exact 'xxx.yyy' is checked later, by trying to convert it to a double using g_ascii_strtod.
1056 * pinfo and tree are NULL when using this function to check the heuristics for dissection. If we're
1057 * checking the heuristics, we don't need to add expert_info, we just reject that packet as not
1058 * being a VNC packet.
1059 */
1060 static gboolean
vnc_is_client_or_server_version_message(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree)1061 vnc_is_client_or_server_version_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1062 {
1063 if(tvb_captured_length(tvb) != 12) {
1064 return FALSE;
1065 }
1066
1067 if(tvb_strncaseeql(tvb, 0, "RFB ", 4) != 0) {
1068 return FALSE;
1069 }
1070
1071 /* 0x2e = '.' 0xa = '\n' */
1072 if (tvb_get_guint8(tvb, 7) != 0x2e) {
1073 return FALSE;
1074 }
1075
1076 if (tvb_get_guint8(tvb,11) != 0xa) {
1077 if (tvb_get_guint8(tvb,11) == 0) {
1078 /* Per bug 5469, It appears that any VNC clients using gtk-vnc before [1] was
1079 * fixed will exhibit the described protocol violation that prevents wireshark
1080 * from dissecting the session.
1081 *
1082 * [1] http://git.gnome.org/browse/gtk-vnc/commit/?id=bc9e2b19167686dd381a0508af1a5113675d08a2
1083 */
1084 if ((pinfo != NULL) && (tree != NULL)) {
1085 proto_tree_add_expert(tree, pinfo, &ei_vnc_possible_gtk_vnc_bug, tvb, -1, 0);
1086 }
1087
1088 return TRUE;
1089 }
1090
1091 return FALSE;
1092 }
1093
1094 return TRUE;
1095 }
1096
test_vnc_protocol(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,void * data _U_)1097 static gboolean test_vnc_protocol(tvbuff_t *tvb, packet_info *pinfo,
1098 proto_tree *tree, void *data _U_)
1099 {
1100 conversation_t *conversation;
1101
1102 if (vnc_is_client_or_server_version_message(tvb, NULL, NULL)) {
1103 conversation = conversation_new(pinfo->num, &pinfo->src,
1104 &pinfo->dst, conversation_pt_to_endpoint_type(pinfo->ptype),
1105 pinfo->srcport,
1106 pinfo->destport, 0);
1107 conversation_set_dissector(conversation, vnc_handle);
1108 dissect_vnc(tvb, pinfo, tree, data);
1109 return TRUE;
1110 }
1111 return FALSE;
1112 }
1113
1114 /* Returns true if additional session startup messages follow */
1115 static gboolean
vnc_startup_messages(tvbuff_t * tvb,packet_info * pinfo,gint offset,proto_tree * tree,vnc_conversation_t * per_conversation_info)1116 vnc_startup_messages(tvbuff_t *tvb, packet_info *pinfo, gint offset,
1117 proto_tree *tree, vnc_conversation_t
1118 *per_conversation_info)
1119 {
1120 guint8 num_security_types;
1121 guint32 desktop_name_len, auth_result, text_len, auth_code;
1122 vnc_packet_t *per_packet_info;
1123 gint num_tunnel_types;
1124 gint num_auth_types;
1125 proto_item* auth_item;
1126
1127 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
1128
1129 if(!per_packet_info) {
1130 per_packet_info = wmem_new(wmem_file_scope(), vnc_packet_t);
1131
1132 per_packet_info->state = per_conversation_info->vnc_next_state;
1133 per_packet_info->preferred_encoding = -1;
1134
1135 p_add_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0, per_packet_info);
1136 }
1137
1138 /* Packet dissection follows */
1139 switch(per_packet_info->state) {
1140
1141 case VNC_SESSION_STATE_SERVER_VERSION :
1142 if (!vnc_is_client_or_server_version_message(tvb, pinfo, tree))
1143 return TRUE; /* we still hope to get a SERVER_VERSION message some day. Do not proceed yet */
1144
1145 proto_tree_add_item(tree, hf_vnc_server_proto_ver, tvb, 4,
1146 7, ENC_ASCII|ENC_NA);
1147 per_conversation_info->server_proto_ver =
1148 g_ascii_strtod((char *)tvb_get_string_enc(wmem_packet_scope(), tvb, 4, 7, ENC_ASCII), NULL);
1149 per_conversation_info->server_port = pinfo->srcport;
1150
1151 col_add_fstr(pinfo->cinfo, COL_INFO,
1152 "Server protocol version: %s",
1153 tvb_format_text(pinfo->pool, tvb, 4, 7));
1154
1155 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_CLIENT_VERSION;
1156 break;
1157
1158 case VNC_SESSION_STATE_CLIENT_VERSION :
1159 if (!vnc_is_client_or_server_version_message(tvb, pinfo, tree))
1160 return TRUE; /* we still hope to get a CLIENT_VERSION message some day. Do not proceed yet */
1161
1162 proto_tree_add_item(tree, hf_vnc_client_proto_ver, tvb,
1163 4, 7, ENC_ASCII|ENC_NA);
1164 per_conversation_info->client_proto_ver =
1165 g_ascii_strtod((char *)tvb_get_string_enc(wmem_packet_scope(), tvb, 4, 7, ENC_ASCII), NULL);
1166
1167 col_add_fstr(pinfo->cinfo, COL_INFO,
1168 "Client protocol version: %s",
1169 tvb_format_text(pinfo->pool, tvb, 4, 7));
1170
1171 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SECURITY;
1172 break;
1173
1174 case VNC_SESSION_STATE_SECURITY :
1175 col_set_str(pinfo->cinfo, COL_INFO, "Security types supported");
1176
1177 /* We're checking against the client protocol version because
1178 * the client is the final decider on which version to use
1179 * after the server offers the highest version it supports. */
1180
1181 if(per_conversation_info->client_proto_ver >= 3.007) {
1182 num_security_types = tvb_get_guint8(tvb, offset);
1183 if (tree) {
1184 proto_tree_add_item(tree,
1185 hf_vnc_num_security_types,
1186 tvb, offset, 1, ENC_BIG_ENDIAN);
1187
1188 for(offset = 1; offset <= num_security_types; offset++){
1189 proto_tree_add_item(tree,
1190 hf_vnc_security_type, tvb,
1191 offset, 1, ENC_BIG_ENDIAN);
1192 }
1193 }
1194 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SECURITY_TYPES;
1195 } else {
1196 /* Version < 3.007: The server decides the
1197 * authentication type for us to use */
1198 proto_tree_add_item(tree, hf_vnc_server_security_type,
1199 tvb, offset, 4, ENC_BIG_ENDIAN);
1200 /* The cast below is possible since in older versions of the protocol the only possible values are 0,1,2 */
1201 per_conversation_info->security_type_selected = (guint8)tvb_get_ntohl(tvb, offset);
1202 switch(per_conversation_info->security_type_selected) {
1203
1204 case VNC_SECURITY_TYPE_INVALID:
1205 /* TODO: In this case (INVALID) the connection has failed */
1206 /* and there should be an error string describing the error */
1207 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SECURITY_TYPES;
1208 break;
1209
1210 case VNC_SECURITY_TYPE_NONE:
1211 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_CLIENT_INIT;
1212 break;
1213
1214 case VNC_SECURITY_TYPE_VNC:
1215 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE;
1216 break;
1217
1218 case VNC_SECURITY_TYPE_ARD:
1219 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_ARD_AUTHENTICATION_CHALLENGE;
1220 break;
1221
1222 default:
1223 /* Security type not supported by this dissector */
1224 break;
1225 }
1226 }
1227
1228 break;
1229
1230 case VNC_SESSION_STATE_SECURITY_TYPES :
1231 proto_tree_add_item(tree, hf_vnc_client_security_type, tvb, offset, 1, ENC_BIG_ENDIAN);
1232 per_conversation_info->security_type_selected =
1233 tvb_get_guint8(tvb, offset);
1234 col_add_fstr(pinfo->cinfo, COL_INFO, "Security type %s (%d) selected by client",
1235 val_to_str_const(per_conversation_info->security_type_selected, vnc_security_types_vs, "Unknown"),
1236 per_conversation_info->security_type_selected);
1237
1238 switch(per_conversation_info->security_type_selected) {
1239
1240 case VNC_SECURITY_TYPE_NONE :
1241 if(per_conversation_info->client_proto_ver >= 3.008)
1242 per_conversation_info->vnc_next_state =
1243 VNC_SESSION_STATE_SECURITY_RESULT;
1244 else
1245 per_conversation_info->vnc_next_state =
1246 VNC_SESSION_STATE_CLIENT_INIT;
1247
1248 break;
1249
1250 case VNC_SECURITY_TYPE_VNC :
1251 per_conversation_info->vnc_next_state =
1252 VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE;
1253 break;
1254
1255 case VNC_SECURITY_TYPE_TIGHT :
1256 per_conversation_info->vnc_next_state =
1257 VNC_SESSION_STATE_TIGHT_TUNNELING_CAPABILITIES;
1258 per_conversation_info->tight_enabled = TRUE;
1259 break;
1260
1261 case VNC_SECURITY_TYPE_ARD:
1262 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_ARD_AUTHENTICATION_CHALLENGE;
1263 break;
1264
1265 case VNC_SECURITY_TYPE_VENCRYPT:
1266 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VENCRYPT_SERVER_VERSION;
1267 break;
1268 default :
1269 /* Security type not supported by this dissector */
1270 break;
1271 }
1272
1273 break;
1274
1275 case VNC_SESSION_STATE_TIGHT_TUNNELING_CAPABILITIES :
1276 {
1277 gint i;
1278
1279 col_set_str(pinfo->cinfo, COL_INFO, "TightVNC tunneling capabilities supported");
1280
1281 proto_tree_add_item(tree, hf_vnc_tight_num_tunnel_types, tvb, offset, 4, ENC_BIG_ENDIAN);
1282 num_tunnel_types = tvb_get_ntohl(tvb, offset);
1283
1284 offset += 4;
1285
1286 for(i = 0; i < num_tunnel_types; i++) {
1287 /* TightVNC and Xvnc don't support any tunnel capabilities yet, but each capability
1288 * is 16 bytes, so skip them.
1289 */
1290
1291 proto_tree_add_item(tree, hf_vnc_tight_tunnel_type_code, tvb, offset, 4, ENC_BIG_ENDIAN);
1292 proto_tree_add_item(tree, hf_vnc_tight_tunnel_type_vendor, tvb, offset + 4, 4, ENC_ASCII|ENC_NA);
1293 proto_tree_add_item(tree, hf_vnc_tight_tunnel_type_signature, tvb, offset + 8, 8, ENC_ASCII|ENC_NA);
1294 offset += 16;
1295 }
1296
1297 if (num_tunnel_types == 0)
1298 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_AUTH_CAPABILITIES;
1299 else
1300 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_TUNNEL_TYPE_REPLY;
1301 break;
1302 }
1303 case VNC_SESSION_STATE_TIGHT_TUNNEL_TYPE_REPLY:
1304 /* Neither TightVNC nor Xvnc implement this; they just have a placeholder that emits an error
1305 * message and closes the connection (xserver/hw/vnc/auth.c:rfbProcessClientTunnelingType).
1306 * We should actually never get here...
1307 */
1308 break;
1309
1310 case VNC_SESSION_STATE_TIGHT_AUTH_CAPABILITIES:
1311 {
1312 const guint8 *vendor, *signature;
1313
1314 col_set_str(pinfo->cinfo, COL_INFO, "TightVNC authentication capabilities supported");
1315
1316 proto_tree_add_item(tree, hf_vnc_tight_num_auth_types, tvb, offset, 4, ENC_BIG_ENDIAN);
1317 num_auth_types = tvb_get_ntohl(tvb, offset);
1318 offset += 4;
1319
1320 auth_code = tvb_get_ntohl(tvb, offset);
1321 auth_item = proto_tree_add_item(tree, hf_vnc_tight_auth_code, tvb, offset, 4, ENC_BIG_ENDIAN);
1322 offset += 4;
1323 vendor = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, 4, ENC_ASCII);
1324 process_vendor(tree, hf_vnc_tight_server_vendor, tvb, offset);
1325 offset += 4;
1326 proto_tree_add_item_ret_string(tree, hf_vnc_tight_signature, tvb, offset, 8, ENC_ASCII|ENC_NA, wmem_packet_scope(), &signature);
1327
1328 switch(auth_code) {
1329 case VNC_SECURITY_TYPE_NONE:
1330 if ((g_ascii_strcasecmp(vendor, "STDV") != 0) || (g_ascii_strcasecmp(signature, "NOAUTH__") != 0)) {
1331 expert_add_info(pinfo, auth_item, &ei_vnc_auth_code_mismatch);
1332 }
1333 break;
1334 case VNC_SECURITY_TYPE_VNC:
1335 if ((g_ascii_strcasecmp(vendor, "STDV") != 0) || (g_ascii_strcasecmp(signature, "VNCAUTH_") != 0)) {
1336 expert_add_info(pinfo, auth_item, &ei_vnc_auth_code_mismatch);
1337 }
1338 break;
1339 case VNC_SECURITY_TYPE_VENCRYPT:
1340 if ((g_ascii_strcasecmp(vendor, "VENC") != 0) || (g_ascii_strcasecmp(signature, "VENCRYPT") != 0)) {
1341 expert_add_info(pinfo, auth_item, &ei_vnc_auth_code_mismatch);
1342 }
1343 break;
1344 case VNC_SECURITY_TYPE_GTK_VNC_SASL:
1345 if ((g_ascii_strcasecmp(vendor, "GTKV") != 0) || (g_ascii_strcasecmp(signature, "SASL____") != 0)) {
1346 expert_add_info(pinfo, auth_item, &ei_vnc_auth_code_mismatch);
1347 }
1348 break;
1349 case VNC_TIGHT_AUTH_TGHT_ULGNAUTH:
1350 if ((g_ascii_strcasecmp(vendor, "TGHT") != 0) || (g_ascii_strcasecmp(signature, "ULGNAUTH") != 0)) {
1351 expert_add_info(pinfo, auth_item, &ei_vnc_auth_code_mismatch);
1352 }
1353 break;
1354 case VNC_TIGHT_AUTH_TGHT_XTRNAUTH:
1355 if ((g_ascii_strcasecmp(vendor, "TGHT") != 0) || (g_ascii_strcasecmp(signature, "XTRNAUTH") != 0)) {
1356 expert_add_info(pinfo, auth_item, &ei_vnc_auth_code_mismatch);
1357 }
1358 break;
1359 default:
1360 expert_add_info(pinfo, auth_item, &ei_vnc_unknown_tight_vnc_auth);
1361 break;
1362 }
1363
1364 if (num_auth_types == 0)
1365 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_CLIENT_INIT;
1366 else
1367 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_AUTH_TYPE_REPLY;
1368 break;
1369 }
1370 case VNC_SESSION_STATE_TIGHT_AUTH_TYPE_REPLY:
1371 col_set_str(pinfo->cinfo, COL_INFO, "TightVNC authentication type selected by client");
1372 auth_code = tvb_get_ntohl(tvb, offset);
1373 auth_item = proto_tree_add_item(tree, hf_vnc_tight_auth_code, tvb, offset, 4, ENC_BIG_ENDIAN);
1374
1375 switch(auth_code) {
1376 case VNC_SECURITY_TYPE_NONE:
1377 per_conversation_info->security_type_selected = VNC_SECURITY_TYPE_NONE;
1378 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_CLIENT_INIT;
1379 break;
1380 case VNC_SECURITY_TYPE_VNC:
1381 per_conversation_info->security_type_selected = VNC_SECURITY_TYPE_VNC;
1382 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE;
1383 break;
1384 case VNC_SECURITY_TYPE_GTK_VNC_SASL:
1385 per_conversation_info->security_type_selected = VNC_SECURITY_TYPE_GTK_VNC_SASL;
1386 /* TODO: dissection not implemented yet */
1387 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_UNKNOWN_PACKET3;
1388 break;
1389 case VNC_TIGHT_AUTH_TGHT_ULGNAUTH:
1390 per_conversation_info->security_type_selected = VNC_TIGHT_AUTH_TGHT_ULGNAUTH;
1391 /* TODO: dissection not implemented yet */
1392 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_UNKNOWN_PACKET3;
1393 break;
1394 case VNC_TIGHT_AUTH_TGHT_XTRNAUTH:
1395 per_conversation_info->security_type_selected = VNC_TIGHT_AUTH_TGHT_XTRNAUTH;
1396 /* TODO: dissection not implemented yet */
1397 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_UNKNOWN_PACKET3;
1398 break;
1399 default:
1400 expert_add_info(pinfo, auth_item, &ei_vnc_unknown_tight_vnc_auth);
1401 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_TIGHT_UNKNOWN_PACKET3;
1402 break;
1403 }
1404
1405 break;
1406
1407 case VNC_SESSION_STATE_TIGHT_UNKNOWN_PACKET3 :
1408 col_set_str(pinfo->cinfo, COL_INFO, "Unknown packet (TightVNC)");
1409
1410 proto_tree_add_expert(tree, pinfo, &ei_vnc_unknown_tight, tvb, offset, -1);
1411
1412 per_conversation_info->vnc_next_state =
1413 VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE;
1414
1415 break;
1416
1417 case VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE :
1418 col_set_str(pinfo->cinfo, COL_INFO, "Authentication challenge from server");
1419
1420 proto_tree_add_item(tree, hf_vnc_auth_challenge, tvb,
1421 offset, 16, ENC_NA);
1422
1423 per_conversation_info->vnc_next_state =
1424 VNC_SESSION_STATE_VNC_AUTHENTICATION_RESPONSE;
1425 break;
1426
1427 case VNC_SESSION_STATE_VNC_AUTHENTICATION_RESPONSE :
1428 col_set_str(pinfo->cinfo, COL_INFO, "Authentication response from client");
1429
1430 proto_tree_add_item(tree, hf_vnc_auth_response, tvb,
1431 offset, 16, ENC_NA);
1432
1433 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SECURITY_RESULT;
1434 break;
1435
1436 case VNC_SESSION_STATE_ARD_AUTHENTICATION_CHALLENGE :
1437 {
1438 gint key_len;
1439
1440 col_set_str(pinfo->cinfo, COL_INFO, "ARD authentication challenge");
1441
1442 proto_tree_add_item(tree, hf_vnc_ard_auth_generator, tvb,
1443 offset, 2, ENC_BIG_ENDIAN);
1444 proto_tree_add_item(tree, hf_vnc_ard_auth_key_len, tvb,
1445 offset + 2, 2, ENC_BIG_ENDIAN);
1446
1447 key_len = tvb_get_ntohs(tvb, offset + 2);
1448
1449 offset += 4;
1450
1451 proto_tree_add_item(tree, hf_vnc_ard_auth_modulus, tvb,
1452 offset, key_len, ENC_NA);
1453 proto_tree_add_item(tree, hf_vnc_ard_auth_server_key, tvb,
1454 offset + key_len, key_len, ENC_NA);
1455
1456 per_conversation_info->ard_key_length = key_len;
1457 per_conversation_info->vnc_next_state =
1458 VNC_SESSION_STATE_ARD_AUTHENTICATION_RESPONSE;
1459 }
1460 break;
1461
1462 case VNC_SESSION_STATE_ARD_AUTHENTICATION_RESPONSE :
1463 col_set_str(pinfo->cinfo, COL_INFO, "ARD authentication response");
1464
1465 proto_tree_add_item(tree, hf_vnc_ard_auth_credentials, tvb,
1466 offset, 128, ENC_NA);
1467 proto_tree_add_item(tree, hf_vnc_ard_auth_client_key, tvb,
1468 offset + 128, per_conversation_info->ard_key_length, ENC_NA);
1469
1470 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SECURITY_RESULT;
1471 break;
1472
1473 case VNC_SESSION_STATE_SECURITY_RESULT :
1474 col_set_str(pinfo->cinfo, COL_INFO, "Authentication result");
1475
1476 proto_tree_add_item(tree, hf_vnc_auth_result, tvb, offset,
1477 4, ENC_BIG_ENDIAN);
1478 auth_result = tvb_get_ntohl(tvb, offset);
1479 offset += 4;
1480
1481 switch(auth_result) {
1482
1483 case 0 : /* OK */
1484 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_CLIENT_INIT;
1485 break;
1486
1487 case 1 : /* Failed */
1488 if(per_conversation_info->client_proto_ver >= 3.008) {
1489 text_len = tvb_get_ntohl(tvb, offset);
1490 proto_tree_add_item(tree, hf_vnc_auth_error_length, tvb, offset, 4, ENC_BIG_ENDIAN);
1491 offset += 4;
1492
1493 proto_tree_add_item(tree, hf_vnc_auth_error, tvb,
1494 offset, text_len, ENC_ASCII|ENC_NA);
1495 }
1496
1497 return TRUE; /* All versions: Do not continue
1498 processing VNC packets as connection
1499 will be closed after this packet. */
1500
1501 break;
1502 }
1503
1504 break;
1505 case VNC_SESSION_STATE_VENCRYPT_SERVER_VERSION:
1506 {
1507 proto_tree_add_item(tree, hf_vnc_vencrypt_server_major_ver, tvb, offset, 1, ENC_BIG_ENDIAN);
1508 gint major = tvb_get_guint8(tvb, offset++);
1509 proto_tree_add_item(tree, hf_vnc_vencrypt_server_minor_ver, tvb, offset, 1, ENC_BIG_ENDIAN);
1510 gint minor = tvb_get_guint8(tvb, offset++);
1511 col_add_fstr(pinfo->cinfo, COL_INFO, "VeNCrypt server version %d.%d", major, minor);
1512 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VENCRYPT_CLIENT_VERSION;
1513 break;
1514 }
1515 case VNC_SESSION_STATE_VENCRYPT_CLIENT_VERSION:
1516 {
1517 proto_tree_add_item(tree, hf_vnc_vencrypt_client_major_ver, tvb, offset, 1, ENC_BIG_ENDIAN);
1518 gint major = tvb_get_guint8(tvb, offset++);
1519 proto_tree_add_item(tree, hf_vnc_vencrypt_client_minor_ver, tvb, offset, 1, ENC_BIG_ENDIAN);
1520 gint minor = tvb_get_guint8(tvb, offset++);
1521 col_add_fstr(pinfo->cinfo, COL_INFO, "VeNCrypt client version %d.%d", major, minor);
1522 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VENCRYPT_AUTH_CAPABILITIES;
1523 break;
1524 }
1525 case VNC_SESSION_STATE_VENCRYPT_AUTH_CAPABILITIES:
1526 {
1527 gint i;
1528 col_set_str(pinfo->cinfo, COL_INFO, "VeNCrypt authentication types supported");
1529 proto_tree_add_item(tree, hf_vnc_vencrypt_version_ack, tvb, offset, 1, ENC_BIG_ENDIAN);
1530 offset += 1;
1531 proto_tree_add_item(tree, hf_vnc_vencrypt_num_auth_types, tvb, offset, 1, ENC_BIG_ENDIAN);
1532 num_tunnel_types = tvb_get_guint8(tvb, offset);
1533 offset += 1;
1534
1535 for(i = 0; i < num_tunnel_types; i++) {
1536 proto_tree_add_item(tree, hf_vnc_vencrypt_auth_type, tvb, offset, 4, ENC_BIG_ENDIAN);
1537 offset += 4;
1538 }
1539
1540 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VENCRYPT_AUTH_TYPE_REPLY;
1541 break;
1542 }
1543 case VNC_SESSION_STATE_VENCRYPT_AUTH_TYPE_REPLY:
1544 {
1545 guint32 authtype = tvb_get_ntohl(tvb, offset);
1546 col_add_fstr(pinfo->cinfo, COL_INFO, "VeNCrypt authentication type %s (%d) selected by client",
1547 val_to_str_const(authtype, vnc_vencrypt_auth_types_vs, "Unknown"),
1548 authtype);
1549 proto_tree_add_item(tree, hf_vnc_vencrypt_auth_type, tvb, offset, 4, ENC_BIG_ENDIAN);
1550 /* offset+=4; */
1551 if (authtype == VNC_SECURITY_TYPE_NONE) {
1552 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_CLIENT_INIT;
1553 per_conversation_info->security_type_selected = VNC_SECURITY_TYPE_NONE;
1554 } else if (authtype == VNC_SECURITY_TYPE_VNC) {
1555 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VNC_AUTHENTICATION_CHALLENGE;
1556 per_conversation_info->security_type_selected = VNC_SECURITY_TYPE_VNC;
1557 } else {
1558 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_VENCRYPT_AUTH_ACK;
1559 }
1560 break;
1561 }
1562 case VNC_SESSION_STATE_VENCRYPT_AUTH_ACK:
1563 col_set_str(pinfo->cinfo, COL_INFO, "VeNCrypt server ack");
1564 proto_tree_add_item(tree, hf_vnc_vencrypt_auth_type_ack, tvb, offset, 1, ENC_BIG_ENDIAN);
1565 tls_handle = find_dissector("tls");
1566 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_NORMAL_TRAFFIC;
1567 break;
1568
1569 case VNC_SESSION_STATE_CLIENT_INIT :
1570 col_set_str(pinfo->cinfo, COL_INFO, "Share desktop flag");
1571
1572 proto_tree_add_item(tree, hf_vnc_share_desktop_flag, tvb,
1573 offset, 1, ENC_BIG_ENDIAN);
1574
1575 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_SERVER_INIT;
1576
1577 break;
1578
1579 case VNC_SESSION_STATE_SERVER_INIT :
1580 col_set_str(pinfo->cinfo, COL_INFO, "Server framebuffer parameters");
1581
1582 proto_tree_add_item(tree, hf_vnc_width, tvb, offset, 2,
1583 ENC_BIG_ENDIAN);
1584 offset += 2;
1585
1586 proto_tree_add_item(tree, hf_vnc_height, tvb, offset, 2,
1587 ENC_BIG_ENDIAN);
1588 offset += 2;
1589
1590 proto_tree_add_item(tree, hf_vnc_server_bits_per_pixel,
1591 tvb, offset, 1, ENC_BIG_ENDIAN);
1592 vnc_bytes_per_pixel = tvb_get_guint8(tvb, offset)/8;
1593 vnc_set_bytes_per_pixel(pinfo, vnc_bytes_per_pixel);
1594 offset += 1;
1595
1596 proto_tree_add_item(tree, hf_vnc_server_depth, tvb, offset,
1597 1, ENC_BIG_ENDIAN);
1598 offset += 1;
1599
1600 proto_tree_add_item(tree, hf_vnc_server_big_endian_flag,
1601 tvb, offset, 1, ENC_BIG_ENDIAN);
1602 offset += 1;
1603
1604 proto_tree_add_item(tree, hf_vnc_server_true_color_flag,
1605 tvb, offset, 1, ENC_BIG_ENDIAN);
1606 offset += 1;
1607
1608 proto_tree_add_item(tree, hf_vnc_server_red_max,
1609 tvb, offset, 2, ENC_BIG_ENDIAN);
1610 offset += 2;
1611
1612 proto_tree_add_item(tree, hf_vnc_server_green_max,
1613 tvb, offset, 2, ENC_BIG_ENDIAN);
1614 offset += 2;
1615
1616 proto_tree_add_item(tree, hf_vnc_server_blue_max,
1617 tvb, offset, 2, ENC_BIG_ENDIAN);
1618 offset += 2;
1619
1620 proto_tree_add_item(tree, hf_vnc_server_red_shift,
1621 tvb, offset, 1, ENC_BIG_ENDIAN);
1622 offset += 1;
1623
1624 proto_tree_add_item(tree, hf_vnc_server_green_shift,
1625 tvb, offset, 1, ENC_BIG_ENDIAN);
1626 offset += 1;
1627
1628 proto_tree_add_item(tree, hf_vnc_server_blue_shift,
1629 tvb, offset, 1, ENC_BIG_ENDIAN);
1630 offset += 1;
1631
1632 proto_tree_add_item(tree, hf_vnc_padding,
1633 tvb, offset, 3, ENC_NA);
1634 offset += 3; /* Skip over 3 bytes of padding */
1635
1636 if(tvb_reported_length_remaining(tvb, offset) > 4) {
1637 /* Sometimes the desktop name & length is skipped */
1638 proto_tree_add_item(tree, hf_vnc_desktop_name_len,
1639 tvb, offset, 4, ENC_BIG_ENDIAN);
1640 desktop_name_len = tvb_get_ntohl(tvb, offset);
1641 offset += 4;
1642
1643 proto_tree_add_item(tree, hf_vnc_desktop_name,
1644 tvb, offset, desktop_name_len,
1645 ENC_ASCII|ENC_NA);
1646 }
1647
1648 if(per_conversation_info->tight_enabled == TRUE)
1649 per_conversation_info->vnc_next_state =
1650 VNC_SESSION_STATE_TIGHT_INTERACTION_CAPS;
1651 else
1652 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_NORMAL_TRAFFIC;
1653 break;
1654
1655 case VNC_SESSION_STATE_TIGHT_INTERACTION_CAPS :
1656 col_set_str(pinfo->cinfo, COL_INFO, "TightVNC Interaction Capabilities");
1657
1658 proto_tree_add_item(tree, hf_vnc_num_server_message_types,
1659 tvb, offset, 2, ENC_BIG_ENDIAN);
1660 per_conversation_info->num_server_message_types = tvb_get_ntohs(tvb, offset);
1661 offset += 2;
1662
1663 proto_tree_add_item(tree, hf_vnc_num_client_message_types,
1664 tvb, offset, 2, ENC_BIG_ENDIAN);
1665 per_conversation_info->num_client_message_types = tvb_get_ntohs(tvb, offset);
1666 offset += 2;
1667
1668 proto_tree_add_item(tree, hf_vnc_num_encoding_types,
1669 tvb, offset, 2, ENC_BIG_ENDIAN);
1670 per_conversation_info->num_encoding_types = tvb_get_ntohs(tvb, offset);
1671 offset += 2;
1672
1673 proto_tree_add_item(tree, hf_vnc_padding, tvb, offset, 2, ENC_NA);
1674 offset += 2;
1675
1676 offset = process_tight_capabilities(tree,
1677 hf_vnc_tight_server_message_type,
1678 hf_vnc_tight_server_vendor,
1679 hf_vnc_tight_server_name,
1680 tvb, offset, per_conversation_info->num_server_message_types);
1681 offset = process_tight_capabilities(tree,
1682 hf_vnc_tight_client_message_type,
1683 hf_vnc_tight_client_vendor,
1684 hf_vnc_tight_client_name,
1685 tvb, offset, per_conversation_info->num_client_message_types);
1686 process_tight_capabilities(tree,
1687 hf_vnc_tight_encoding_type,
1688 hf_vnc_tight_encoding_vendor,
1689 hf_vnc_tight_encoding_name,
1690 tvb, offset, per_conversation_info->num_encoding_types);
1691
1692 per_conversation_info->vnc_next_state = VNC_SESSION_STATE_NORMAL_TRAFFIC;
1693 break;
1694
1695 case VNC_SESSION_STATE_NORMAL_TRAFFIC :
1696 return FALSE;
1697 }
1698
1699 return TRUE;
1700 }
1701
1702
1703 static void
vnc_client_to_server(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)1704 vnc_client_to_server(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
1705 proto_tree *tree)
1706 {
1707 guint8 message_type;
1708
1709 proto_item *ti;
1710 proto_tree *vnc_client_message_type_tree;
1711
1712 message_type = tvb_get_guint8(tvb, *offset);
1713
1714 ti = proto_tree_add_item(tree, hf_vnc_client_message_type, tvb,
1715 *offset, 1, ENC_BIG_ENDIAN);
1716
1717 vnc_client_message_type_tree =
1718 proto_item_add_subtree(ti, ett_vnc_client_message_type);
1719
1720 *offset += 1;
1721
1722 switch(message_type) {
1723
1724 case VNC_CLIENT_MESSAGE_TYPE_SET_PIXEL_FORMAT :
1725 vnc_client_set_pixel_format(tvb, pinfo, offset,
1726 vnc_client_message_type_tree);
1727 break;
1728
1729 case VNC_CLIENT_MESSAGE_TYPE_SET_ENCODINGS :
1730 vnc_client_set_encodings(tvb, pinfo, offset,
1731 vnc_client_message_type_tree);
1732 break;
1733
1734 case VNC_CLIENT_MESSAGE_TYPE_FRAMEBUF_UPDATE_REQ :
1735 vnc_client_framebuffer_update_request(tvb, pinfo, offset,
1736 vnc_client_message_type_tree);
1737 break;
1738
1739 case VNC_CLIENT_MESSAGE_TYPE_KEY_EVENT :
1740 vnc_client_key_event(tvb, pinfo, offset,
1741 vnc_client_message_type_tree);
1742 break;
1743
1744 case VNC_CLIENT_MESSAGE_TYPE_POINTER_EVENT:
1745 vnc_client_pointer_event(tvb, pinfo, offset,
1746 vnc_client_message_type_tree);
1747 break;
1748
1749 case VNC_CLIENT_MESSAGE_TYPE_CLIENT_CUT_TEXT :
1750 vnc_client_cut_text(tvb, pinfo, offset,
1751 vnc_client_message_type_tree);
1752 break;
1753
1754 case VNC_CLIENT_MESSAGE_TYPE_MIRRORLINK :
1755 vnc_mirrorlink(tvb, pinfo, offset,
1756 vnc_client_message_type_tree);
1757 break;
1758
1759 case VNC_CLIENT_MESSAGE_TYPE_ENABLE_CONTINUOUS_UPDATES :
1760 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Client Enable Continuous Updates");
1761 *offset += 9;
1762 break;
1763
1764 case VNC_CLIENT_MESSAGE_TYPE_FENCE :
1765 vnc_fence(tvb, pinfo, offset,
1766 vnc_client_message_type_tree);
1767 break;
1768
1769 default :
1770 col_append_sep_fstr(pinfo->cinfo, COL_INFO, "; ",
1771 "Unknown client message type (%u)",
1772 message_type);
1773 break;
1774 }
1775 }
1776
1777 static void
vnc_server_to_client(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)1778 vnc_server_to_client(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
1779 proto_tree *tree)
1780 {
1781 gint start_offset;
1782 guint8 message_type;
1783 gint bytes_needed = 0;
1784
1785 proto_item *ti;
1786 proto_tree *vnc_server_message_type_tree;
1787
1788 again:
1789 start_offset = *offset;
1790
1791 message_type = tvb_get_guint8(tvb, *offset);
1792
1793 ti = proto_tree_add_item(tree, hf_vnc_server_message_type, tvb,
1794 *offset, 1, ENC_BIG_ENDIAN);
1795 vnc_server_message_type_tree =
1796 proto_item_add_subtree(ti, ett_vnc_server_message_type);
1797
1798 *offset += 1;
1799
1800 switch(message_type) {
1801
1802 case VNC_SERVER_MESSAGE_TYPE_FRAMEBUFFER_UPDATE :
1803 bytes_needed =
1804 vnc_server_framebuffer_update(tvb, pinfo, offset,
1805 vnc_server_message_type_tree);
1806 break;
1807
1808 case VNC_SERVER_MESSAGE_TYPE_SET_COLORMAP_ENTRIES :
1809 bytes_needed = vnc_server_set_colormap_entries(tvb, pinfo, offset, vnc_server_message_type_tree);
1810 break;
1811
1812 case VNC_SERVER_MESSAGE_TYPE_RING_BELL :
1813 vnc_server_ring_bell(tvb, pinfo, offset,
1814 vnc_server_message_type_tree);
1815 break;
1816
1817 case VNC_SERVER_MESSAGE_TYPE_CUT_TEXT :
1818 bytes_needed = vnc_server_cut_text(tvb, pinfo, offset,
1819 vnc_server_message_type_tree);
1820 break;
1821
1822 case VNC_SERVER_MESSAGE_TYPE_MIRRORLINK :
1823 bytes_needed = vnc_mirrorlink(tvb, pinfo, offset,
1824 vnc_server_message_type_tree);
1825 break;
1826
1827 case VNC_SERVER_MESSAGE_TYPE_END_CONTINUOUS_UPDATES :
1828 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Server End Continuous Updates");
1829 *offset += 1;
1830 break;
1831
1832 case VNC_SERVER_MESSAGE_TYPE_FENCE :
1833 bytes_needed = vnc_fence(tvb, pinfo, offset,
1834 vnc_server_message_type_tree);
1835 break;
1836
1837 default :
1838 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ",
1839 "Unknown server message type");
1840 *offset = tvb_reported_length(tvb); /* Swallow the rest of the segment */
1841 break;
1842 }
1843
1844 if(bytes_needed > 0 && vnc_preference_desegment && pinfo->can_desegment) {
1845 proto_tree_add_expert(vnc_server_message_type_tree, pinfo, &ei_vnc_reassemble, tvb, start_offset, -1);
1846 pinfo->desegment_offset = start_offset;
1847 pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT;
1848 return;
1849 }
1850
1851 if ((unsigned)*offset < tvb_reported_length(tvb)) {
1852 goto again;
1853 }
1854 }
1855
1856
1857 static void
vnc_client_set_pixel_format(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)1858 vnc_client_set_pixel_format(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
1859 proto_tree *tree)
1860 {
1861 col_set_str(pinfo->cinfo, COL_INFO, "Client set pixel format");
1862
1863 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 3, ENC_NA);
1864 *offset += 3; /* Skip over 3 bytes of padding */
1865
1866 proto_tree_add_item(tree, hf_vnc_client_bits_per_pixel, tvb, *offset,
1867 1, ENC_BIG_ENDIAN);
1868 vnc_bytes_per_pixel = tvb_get_guint8(tvb, *offset)/8;
1869 vnc_set_bytes_per_pixel(pinfo, vnc_bytes_per_pixel);
1870 *offset += 1;
1871
1872 proto_tree_add_item(tree, hf_vnc_client_depth, tvb, *offset,
1873 1, ENC_BIG_ENDIAN);
1874 vnc_depth = tvb_get_guint8(tvb, *offset);
1875 vnc_set_depth(pinfo, vnc_depth);
1876 *offset += 1;
1877
1878 proto_tree_add_item(tree, hf_vnc_client_big_endian_flag, tvb, *offset,
1879 1, ENC_BIG_ENDIAN);
1880 *offset += 1;
1881
1882 proto_tree_add_item(tree, hf_vnc_client_true_color_flag, tvb, *offset,
1883 1, ENC_BIG_ENDIAN);
1884 *offset += 1;
1885
1886 proto_tree_add_item(tree, hf_vnc_client_red_max, tvb, *offset,
1887 2, ENC_BIG_ENDIAN);
1888 *offset += 2;
1889
1890 proto_tree_add_item(tree, hf_vnc_client_green_max, tvb, *offset,
1891 2, ENC_BIG_ENDIAN);
1892 *offset += 2;
1893
1894 proto_tree_add_item(tree, hf_vnc_client_blue_max, tvb, *offset,
1895 2, ENC_BIG_ENDIAN);
1896 *offset += 2;
1897
1898 proto_tree_add_item(tree, hf_vnc_client_red_shift, tvb, *offset,
1899 1, ENC_BIG_ENDIAN);
1900 *offset += 1;
1901
1902 proto_tree_add_item(tree, hf_vnc_client_green_shift, tvb, *offset,
1903 1, ENC_BIG_ENDIAN);
1904 *offset += 1;
1905
1906 proto_tree_add_item(tree, hf_vnc_client_blue_shift, tvb, *offset,
1907 1, ENC_BIG_ENDIAN);
1908 *offset += 1;
1909
1910 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 3, ENC_NA);
1911 *offset += 3; /* Skip over 3 bytes of padding */
1912 }
1913
1914
1915 static void
vnc_client_set_encodings(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)1916 vnc_client_set_encodings(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
1917 proto_tree *tree)
1918 {
1919 guint16 number_of_encodings;
1920 guint counter;
1921 vnc_packet_t *per_packet_info;
1922
1923 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
1924 /* Our calling function should have set the packet's proto data already */
1925 DISSECTOR_ASSERT(per_packet_info != NULL);
1926
1927 col_set_str(pinfo->cinfo, COL_INFO, "Client set encodings");
1928
1929 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 1, ENC_NA);
1930 *offset += 1; /* Skip over 1 byte of padding */
1931
1932 number_of_encodings = tvb_get_ntohs(tvb, *offset);
1933 proto_tree_add_item(tree, hf_vnc_encoding_num, tvb, *offset, 2, ENC_BIG_ENDIAN);
1934 *offset += 2;
1935
1936 per_packet_info->preferred_encoding = -1;
1937
1938 for(counter = 0; counter < number_of_encodings; counter++) {
1939 proto_tree_add_item(tree,
1940 hf_vnc_client_set_encodings_encoding_type,
1941 tvb, *offset, 4, ENC_BIG_ENDIAN);
1942
1943 /* Remember the first real encoding as the preferred encoding,
1944 * per xserver/hw/vnc/rfbserver.c:rfbProcessClientNormalMessage().
1945 * Otherwise, use RAW as the preferred encoding.
1946 */
1947 if (per_packet_info->preferred_encoding == -1) {
1948 int encoding;
1949
1950 encoding = tvb_get_ntohl(tvb, *offset);
1951
1952 switch(encoding) {
1953 case VNC_ENCODING_TYPE_RAW:
1954 case VNC_ENCODING_TYPE_RRE:
1955 case VNC_ENCODING_TYPE_CORRE:
1956 case VNC_ENCODING_TYPE_HEXTILE:
1957 case VNC_ENCODING_TYPE_ZLIB:
1958 case VNC_ENCODING_TYPE_TIGHT:
1959 per_packet_info->preferred_encoding = encoding;
1960 break;
1961 }
1962 }
1963
1964 *offset += 4;
1965 }
1966
1967 if (per_packet_info->preferred_encoding == -1)
1968 per_packet_info->preferred_encoding = VNC_ENCODING_TYPE_RAW;
1969 }
1970
1971
1972 static void
vnc_client_framebuffer_update_request(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)1973 vnc_client_framebuffer_update_request(tvbuff_t *tvb, packet_info *pinfo,
1974 gint *offset, proto_tree *tree)
1975 {
1976 col_set_str(pinfo->cinfo, COL_INFO, "Client framebuffer update request");
1977
1978 proto_tree_add_item(tree, hf_vnc_update_req_incremental,
1979 tvb, *offset, 1, ENC_BIG_ENDIAN);
1980 *offset += 1;
1981
1982 proto_tree_add_item(tree, hf_vnc_update_req_x_pos,
1983 tvb, *offset, 2, ENC_BIG_ENDIAN);
1984 *offset += 2;
1985
1986 proto_tree_add_item(tree, hf_vnc_update_req_y_pos,
1987 tvb, *offset, 2, ENC_BIG_ENDIAN);
1988 *offset += 2;
1989
1990 proto_tree_add_item(tree, hf_vnc_update_req_width, tvb,
1991 *offset, 2, ENC_BIG_ENDIAN);
1992 *offset += 2;
1993
1994 proto_tree_add_item(tree, hf_vnc_update_req_height, tvb,
1995 *offset, 2, ENC_BIG_ENDIAN);
1996 *offset += 2;
1997 }
1998
1999
2000 static void
vnc_client_key_event(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)2001 vnc_client_key_event(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2002 proto_tree *tree)
2003 {
2004 col_set_str(pinfo->cinfo, COL_INFO, "Client key event");
2005
2006 proto_tree_add_item(tree, hf_vnc_key_down, tvb, *offset, 1, ENC_BIG_ENDIAN);
2007 *offset += 1;
2008
2009 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 2, ENC_NA);
2010 *offset += 2; /* Skip over 2 bytes of padding */
2011
2012 proto_tree_add_item(tree, hf_vnc_key, tvb, *offset, 4, ENC_BIG_ENDIAN);
2013 *offset += 4;
2014 }
2015
2016
2017 static void
vnc_client_pointer_event(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)2018 vnc_client_pointer_event(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2019 proto_tree *tree)
2020 {
2021 col_set_str(pinfo->cinfo, COL_INFO, "Client pointer event");
2022
2023 proto_tree_add_item(tree, hf_vnc_button_1_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2024 proto_tree_add_item(tree, hf_vnc_button_2_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2025 proto_tree_add_item(tree, hf_vnc_button_3_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2026 proto_tree_add_item(tree, hf_vnc_button_4_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2027 proto_tree_add_item(tree, hf_vnc_button_5_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2028 proto_tree_add_item(tree, hf_vnc_button_6_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2029 proto_tree_add_item(tree, hf_vnc_button_7_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2030 proto_tree_add_item(tree, hf_vnc_button_8_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2031 *offset += 1;
2032
2033 proto_tree_add_item(tree, hf_vnc_pointer_x_pos, tvb, *offset, 2, ENC_BIG_ENDIAN);
2034 *offset += 2;
2035
2036 proto_tree_add_item(tree, hf_vnc_pointer_y_pos, tvb, *offset, 2, ENC_BIG_ENDIAN);
2037 *offset += 2;
2038 }
2039
2040
2041 static void
vnc_client_cut_text(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)2042 vnc_client_cut_text(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2043 proto_tree *tree)
2044 {
2045 guint32 text_len;
2046
2047 col_set_str(pinfo->cinfo, COL_INFO, "Client cut text");
2048
2049 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 3, ENC_NA);
2050 *offset += 3; /* Skip over 3 bytes of padding */
2051
2052 text_len = tvb_get_ntohl(tvb, *offset);
2053 proto_tree_add_item(tree, hf_vnc_client_cut_text_len, tvb, *offset, 4,
2054 ENC_BIG_ENDIAN);
2055 *offset += 4;
2056
2057 proto_tree_add_item(tree, hf_vnc_client_cut_text, tvb, *offset,
2058 text_len, ENC_ASCII|ENC_NA);
2059 *offset += text_len;
2060
2061 }
2062
2063
2064 static guint
vnc_server_framebuffer_update(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)2065 vnc_server_framebuffer_update(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2066 proto_tree *tree)
2067 {
2068 guint ii;
2069 guint num_rects;
2070 guint16 width, height;
2071 guint bytes_needed = 0;
2072 guint32 encoding_type;
2073 proto_item *ti, *ti_x, *ti_y, *ti_width, *ti_height;
2074 proto_tree *vnc_rect_tree, *vnc_encoding_type_tree;
2075
2076 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Server framebuffer update");
2077
2078 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 1, ENC_NA);
2079 *offset += 1;
2080
2081 num_rects = tvb_get_ntohs(tvb, *offset);
2082 ti = proto_tree_add_item(tree, hf_vnc_rectangle_num, tvb, *offset, 2, ENC_BIG_ENDIAN);
2083
2084 /* In some cases, TIGHT encoding ignores the "number of rectangles" field; */
2085 /* VNC_ENCODING_TYPE_LAST_RECT is used to indicate the end of the rectangle list. */
2086 /* (It appears that TIGHT encoding uses 0xFFFF for the num_rects field when the */
2087 /* field is not being used). For now: we'll assume that a value 0f 0xFFFF means */
2088 /* that the field is not being used. */
2089 if (num_rects == 0xFFFF) {
2090 proto_item_append_text(ti, " [TIGHT encoding assumed (field is not used)]");
2091 }
2092 if ((num_rects != 0xFFFF) && (num_rects > 5000)) {
2093 expert_add_info_format(pinfo, ti, &ei_vnc_too_many_rectangles,
2094 "Too many rectangles (%d), aborting dissection", num_rects);
2095 return(0);
2096 }
2097
2098 *offset += 2;
2099
2100 for(ii = 0; ii < num_rects; ii++) {
2101 if (ii > 5000) {
2102 expert_add_info_format(pinfo, ti, &ei_vnc_too_many_rectangles,
2103 "Too many rectangles (%d), aborting dissection", ii);
2104 return(0);
2105 }
2106 VNC_BYTES_NEEDED(12);
2107
2108 vnc_rect_tree = proto_tree_add_subtree_format(tree, tvb, *offset, 12,
2109 ett_vnc_rect, NULL, "Rectangle #%d", ii+1);
2110
2111
2112 ti_x = proto_tree_add_item(vnc_rect_tree, hf_vnc_fb_update_x_pos,
2113 tvb, *offset, 2, ENC_BIG_ENDIAN);
2114 *offset += 2;
2115
2116 ti_y = proto_tree_add_item(vnc_rect_tree, hf_vnc_fb_update_y_pos,
2117 tvb, *offset, 2, ENC_BIG_ENDIAN);
2118 *offset += 2;
2119
2120 ti_width = proto_tree_add_item(vnc_rect_tree, hf_vnc_fb_update_width,
2121 tvb, *offset, 2, ENC_BIG_ENDIAN);
2122 width = tvb_get_ntohs(tvb, *offset);
2123 *offset += 2;
2124
2125 ti_height = proto_tree_add_item(vnc_rect_tree, hf_vnc_fb_update_height,
2126 tvb, *offset, 2, ENC_BIG_ENDIAN);
2127 height = tvb_get_ntohs(tvb, *offset);
2128 *offset += 2;
2129
2130 ti = proto_tree_add_item(vnc_rect_tree,
2131 hf_vnc_fb_update_encoding_type,
2132 tvb, *offset, 4, ENC_BIG_ENDIAN);
2133
2134 encoding_type = tvb_get_ntohl(tvb, *offset);
2135 *offset += 4;
2136
2137 if (encoding_type == VNC_ENCODING_TYPE_LAST_RECT)
2138 break; /* exit the loop */
2139
2140 vnc_encoding_type_tree =
2141 proto_item_add_subtree(ti, ett_vnc_encoding_type);
2142
2143 switch(encoding_type) {
2144
2145 case VNC_ENCODING_TYPE_RAW:
2146 bytes_needed = vnc_raw_encoding(tvb, pinfo, offset,
2147 vnc_encoding_type_tree,
2148 width, height);
2149 break;
2150
2151 case VNC_ENCODING_TYPE_COPY_RECT:
2152 bytes_needed =
2153 vnc_copyrect_encoding(tvb, pinfo, offset,
2154 vnc_encoding_type_tree,
2155 width, height);
2156 break;
2157
2158 case VNC_ENCODING_TYPE_RRE:
2159 bytes_needed =
2160 vnc_rre_encoding(tvb, pinfo, offset,
2161 vnc_encoding_type_tree,
2162 width, height);
2163 break;
2164
2165 case VNC_ENCODING_TYPE_HEXTILE:
2166 bytes_needed =
2167 vnc_hextile_encoding(tvb, pinfo, offset,
2168 vnc_encoding_type_tree,
2169 width, height);
2170 break;
2171
2172 case VNC_ENCODING_TYPE_RLE:
2173 bytes_needed =
2174 vnc_zrle_encoding(tvb, pinfo, offset,
2175 vnc_encoding_type_tree,
2176 width, height);
2177 break;
2178
2179 case VNC_ENCODING_TYPE_TIGHT:
2180 bytes_needed =
2181 vnc_tight_encoding(tvb, pinfo, offset,
2182 vnc_encoding_type_tree,
2183 width, height);
2184 break;
2185
2186 case VNC_ENCODING_TYPE_RICH_CURSOR:
2187 case VNC_ENCODING_TYPE_X_CURSOR:
2188 proto_item_append_text (ti_x, " (hotspot X)");
2189 proto_item_append_text (ti_y, " (hotspot Y)");
2190 proto_item_append_text (ti_width, " (cursor width)");
2191 proto_item_append_text (ti_height, " (cursor height)");
2192
2193 if (encoding_type == VNC_ENCODING_TYPE_RICH_CURSOR)
2194 bytes_needed = vnc_rich_cursor_encoding(tvb, pinfo, offset, vnc_encoding_type_tree, width, height);
2195 else
2196 bytes_needed = vnc_x_cursor_encoding(tvb, pinfo, offset, vnc_encoding_type_tree, width, height);
2197
2198 break;
2199
2200 case VNC_ENCODING_TYPE_POINTER_POS:
2201 proto_item_append_text (ti_x, " (pointer X)");
2202 proto_item_append_text (ti_y, " (pointer Y)");
2203 proto_item_append_text (ti_width, " (unused)");
2204 proto_item_append_text (ti_height, " (unused)");
2205 bytes_needed = 0;
2206 break;
2207
2208 case VNC_ENCODING_TYPE_DESKTOP_SIZE:
2209
2210 /* There is no payload for this message type */
2211
2212 bytes_needed = 0;
2213 break;
2214
2215 case VNC_ENCODING_TYPE_EXTENDED_DESK_SIZE :
2216 bytes_needed = vnc_extended_desktop_size(tvb, offset, vnc_encoding_type_tree);
2217 break;
2218
2219 case VNC_ENCODING_TYPE_KEYBOARD_LED_STATE :
2220
2221 /* There is no payload for this message type */
2222
2223 bytes_needed = 0;
2224 break;
2225
2226 case VNC_ENCODING_TYPE_SUPPORTED_MESSAGES :
2227 bytes_needed = vnc_supported_messages(tvb, offset,
2228 vnc_encoding_type_tree,
2229 width);
2230 break;
2231
2232 case VNC_ENCODING_TYPE_SUPPORTED_ENCODINGS :
2233 bytes_needed = vnc_supported_encodings(tvb, offset,
2234 vnc_encoding_type_tree,
2235 width, height);
2236 break;
2237
2238 case VNC_ENCODING_TYPE_SERVER_IDENTITY :
2239 bytes_needed = vnc_server_identity(tvb, offset,
2240 vnc_encoding_type_tree,
2241 width);
2242 break;
2243
2244 case VNC_ENCODING_TYPE_CONTEXT_INFORMATION :
2245 bytes_needed = vnc_context_information(tvb, offset,
2246 vnc_encoding_type_tree);
2247 break;
2248
2249 case VNC_ENCODING_TYPE_SLRLE :
2250 bytes_needed = vnc_slrle_encoding(tvb, pinfo, offset,
2251 vnc_encoding_type_tree,
2252 height);
2253 break;
2254
2255 case VNC_ENCODING_TYPE_H264 :
2256 bytes_needed = vnc_h264_encoding(tvb, offset,
2257 vnc_encoding_type_tree);
2258 break;
2259
2260 }
2261
2262 /* Check if the routines above requested more bytes to
2263 * be desegmented. */
2264 if(bytes_needed > 0)
2265 return bytes_needed;
2266 }
2267
2268 return 0;
2269 }
2270
2271 static guint32
vnc_extended_desktop_size(tvbuff_t * tvb,gint * offset,proto_tree * tree)2272 vnc_extended_desktop_size(tvbuff_t *tvb, gint *offset, proto_tree *tree)
2273 {
2274
2275 guint8 i, num_of_screens;
2276 proto_tree *screen_tree;
2277
2278 num_of_screens = tvb_get_guint8(tvb, *offset);
2279 proto_tree_add_item(tree, hf_vnc_desktop_screen_num, tvb, *offset, 1, ENC_BIG_ENDIAN);
2280 *offset += 1;
2281 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 3, ENC_NA);
2282
2283 VNC_BYTES_NEEDED((guint32)(3 + (num_of_screens * 16)));
2284 *offset += 3;
2285 for(i = 0; i < num_of_screens; i++) {
2286 screen_tree = proto_tree_add_subtree_format(tree, tvb, *offset, 16, ett_vnc_desktop_screen, NULL, "Screen #%u", i+1);
2287
2288 proto_tree_add_item(screen_tree, hf_vnc_desktop_screen_id, tvb, *offset, 4, ENC_BIG_ENDIAN);
2289 *offset += 4;
2290 proto_tree_add_item(screen_tree, hf_vnc_desktop_screen_x, tvb, *offset, 2, ENC_BIG_ENDIAN);
2291 *offset += 2;
2292 proto_tree_add_item(screen_tree, hf_vnc_desktop_screen_y, tvb, *offset, 2, ENC_BIG_ENDIAN);
2293 *offset += 2;
2294 proto_tree_add_item(screen_tree, hf_vnc_desktop_screen_width, tvb, *offset, 2, ENC_BIG_ENDIAN);
2295 *offset += 2;
2296 proto_tree_add_item(screen_tree, hf_vnc_desktop_screen_height, tvb, *offset, 2, ENC_BIG_ENDIAN);
2297 *offset += 2;
2298 proto_tree_add_item(screen_tree, hf_vnc_desktop_screen_flags, tvb, *offset, 4, ENC_BIG_ENDIAN);
2299 *offset += 4;
2300 }
2301
2302 return 0;
2303 }
2304
2305 static guint
vnc_raw_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 width,const guint16 height)2306 vnc_raw_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2307 proto_tree *tree, const guint16 width, const guint16 height)
2308 {
2309 guint8 bytes_per_pixel = vnc_get_bytes_per_pixel(pinfo);
2310 guint length;
2311
2312 length = width * height * bytes_per_pixel;
2313 VNC_BYTES_NEEDED(length);
2314
2315 proto_tree_add_item(tree, hf_vnc_raw_pixel_data, tvb, *offset,
2316 length, ENC_NA);
2317 *offset += length;
2318
2319 return 0; /* bytes_needed */
2320 }
2321
2322
2323 static guint
vnc_copyrect_encoding(tvbuff_t * tvb,packet_info * pinfo _U_,gint * offset,proto_tree * tree,const guint16 width _U_,const guint16 height _U_)2324 vnc_copyrect_encoding(tvbuff_t *tvb, packet_info *pinfo _U_, gint *offset,
2325 proto_tree *tree, const guint16 width _U_, const guint16 height _U_)
2326 {
2327 proto_tree_add_item(tree, hf_vnc_copyrect_src_x_pos, tvb, *offset,
2328 2, ENC_BIG_ENDIAN);
2329 *offset += 2;
2330
2331 proto_tree_add_item(tree, hf_vnc_copyrect_src_y_pos, tvb, *offset,
2332 2, ENC_BIG_ENDIAN);
2333 *offset += 2;
2334
2335 return 0; /* bytes_needed */
2336 }
2337
2338
2339 static guint
vnc_rre_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 width _U_,const guint16 height _U_)2340 vnc_rre_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2341 proto_tree *tree, const guint16 width _U_, const guint16 height _U_)
2342 {
2343 guint8 bytes_per_pixel = vnc_get_bytes_per_pixel(pinfo);
2344 guint32 num_subrects, i;
2345 guint bytes_needed;
2346 proto_item *ti;
2347 proto_tree *subrect_tree;
2348
2349 VNC_BYTES_NEEDED(4);
2350 ti = proto_tree_add_item(tree, hf_vnc_rre_num_subrects, tvb, *offset,
2351 4, ENC_BIG_ENDIAN);
2352 num_subrects = tvb_get_ntohl(tvb, *offset);
2353 *offset += 4;
2354
2355 if (num_subrects > 10000) {
2356 expert_add_info_format(pinfo, ti, &ei_vnc_too_many_sub_rectangles,
2357 "Too many sub-rectangles (%d), aborting dissection", num_subrects);
2358 return(0);
2359 }
2360
2361 *offset += 2;
2362 VNC_BYTES_NEEDED(bytes_per_pixel);
2363 proto_tree_add_item(tree, hf_vnc_rre_bg_pixel, tvb, *offset,
2364 bytes_per_pixel, ENC_NA);
2365 *offset += bytes_per_pixel;
2366
2367 /* We know we need (at least) all these bytes, so ask for them now
2368 * (instead of a few at a time...).
2369 */
2370 bytes_needed = bytes_per_pixel + 8;
2371 VNC_BYTES_NEEDED(bytes_needed * num_subrects);
2372 for(i = 0; i < num_subrects; i++) {
2373
2374 subrect_tree = proto_tree_add_subtree_format(tree, tvb, *offset, bytes_per_pixel +
2375 8, ett_vnc_rre_subrect, NULL, "Subrectangle #%d", i+1);
2376
2377 proto_tree_add_item(subrect_tree, hf_vnc_rre_subrect_pixel,
2378 tvb, *offset, bytes_per_pixel, ENC_NA);
2379 *offset += bytes_per_pixel;
2380
2381 proto_tree_add_item(subrect_tree, hf_vnc_rre_subrect_x_pos,
2382 tvb, *offset, 2, ENC_BIG_ENDIAN);
2383 *offset += 2;
2384
2385 proto_tree_add_item(subrect_tree, hf_vnc_rre_subrect_y_pos,
2386 tvb, *offset, 2, ENC_BIG_ENDIAN);
2387 *offset += 2;
2388
2389 proto_tree_add_item(subrect_tree, hf_vnc_rre_subrect_width,
2390 tvb, *offset, 2, ENC_BIG_ENDIAN);
2391 *offset += 2;
2392
2393 proto_tree_add_item(subrect_tree, hf_vnc_rre_subrect_height,
2394 tvb, *offset, 2, ENC_BIG_ENDIAN);
2395 *offset += 2;
2396 }
2397
2398 return 0; /* bytes_needed */
2399 }
2400
2401
2402 static guint
vnc_hextile_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 width,const guint16 height)2403 vnc_hextile_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2404 proto_tree *tree, const guint16 width, const guint16 height)
2405 {
2406 guint8 bytes_per_pixel = vnc_get_bytes_per_pixel(pinfo);
2407 guint8 i, subencoding_mask, num_subrects, subrect_len, tile_height, tile_width;
2408 guint32 raw_length;
2409 proto_tree *tile_tree, *subencoding_mask_tree, *subrect_tree, *num_subrects_tree;
2410 proto_item *ti;
2411 guint16 current_height = 0, current_width;
2412
2413 while(current_height != height) {
2414 if (current_height + 16 > height)
2415 tile_height = height - current_height;
2416 else
2417 tile_height = 16;
2418 current_height += tile_height;
2419 current_width = 0;
2420 while(current_width != width) {
2421 if (current_width + 16 > width)
2422 tile_width = width - current_width;
2423 else
2424 tile_width = 16;
2425
2426 current_width += tile_width;
2427
2428 VNC_BYTES_NEEDED(1);
2429 subencoding_mask = tvb_get_guint8(tvb, *offset);
2430
2431 tile_tree = proto_tree_add_subtree_format(tree, tvb, *offset, 1, ett_vnc_hextile_tile, NULL,
2432 "Tile {%d:%d}, sub encoding mask %u", current_width, current_height, subencoding_mask);
2433
2434 ti = proto_tree_add_item(tile_tree, hf_vnc_hextile_subencoding_mask, tvb,
2435 *offset, 1, ENC_BIG_ENDIAN);
2436
2437 subencoding_mask_tree =
2438 proto_item_add_subtree(ti, ett_vnc_hextile_subencoding_mask);
2439
2440 proto_tree_add_item(subencoding_mask_tree,
2441 hf_vnc_hextile_raw, tvb, *offset, 1,
2442 ENC_BIG_ENDIAN);
2443 proto_tree_add_item(subencoding_mask_tree,
2444 hf_vnc_hextile_bg, tvb, *offset, 1,
2445 ENC_BIG_ENDIAN);
2446 proto_tree_add_item(subencoding_mask_tree,
2447 hf_vnc_hextile_fg, tvb, *offset, 1,
2448 ENC_BIG_ENDIAN);
2449 proto_tree_add_item(subencoding_mask_tree,
2450 hf_vnc_hextile_anysubrects, tvb, *offset, 1,
2451 ENC_BIG_ENDIAN);
2452 proto_tree_add_item(subencoding_mask_tree,
2453 hf_vnc_hextile_subrectscolored, tvb, *offset, 1,
2454 ENC_BIG_ENDIAN);
2455 *offset += 1;
2456
2457 if(subencoding_mask & 0x1) { /* Raw */
2458 raw_length = tile_width * tile_height * bytes_per_pixel;
2459
2460 VNC_BYTES_NEEDED(raw_length);
2461 proto_tree_add_item(tile_tree, hf_vnc_hextile_raw_value, tvb,
2462 *offset, raw_length, ENC_NA);
2463 *offset += raw_length;
2464 } else {
2465 if(subencoding_mask & 0x2) { /* Background Specified */
2466 VNC_BYTES_NEEDED(bytes_per_pixel);
2467 proto_tree_add_item(tile_tree, hf_vnc_hextile_bg_value,
2468 tvb, *offset, bytes_per_pixel,
2469 ENC_NA);
2470 *offset += bytes_per_pixel;
2471 }
2472
2473 if(subencoding_mask & 0x4) { /* Foreground Specified */
2474 VNC_BYTES_NEEDED(bytes_per_pixel);
2475 proto_tree_add_item(tile_tree, hf_vnc_hextile_fg_value,
2476 tvb, *offset, bytes_per_pixel,
2477 ENC_NA);
2478 *offset += bytes_per_pixel;
2479 }
2480
2481 if(subencoding_mask & 0x8) { /* Any Subrects */
2482 VNC_BYTES_NEEDED(3); /* 1 byte for number of subrects field, +2 at least for 1 subrect */
2483 ti = proto_tree_add_item(tile_tree,
2484 hf_vnc_hextile_num_subrects,
2485 tvb, *offset, 1,
2486 ENC_BIG_ENDIAN);
2487 num_subrects = tvb_get_guint8(tvb, *offset);
2488 *offset += 1;
2489
2490 if(subencoding_mask & 0x10)
2491 subrect_len = bytes_per_pixel + 2;
2492 else
2493 subrect_len = 2;
2494 VNC_BYTES_NEEDED((guint)(subrect_len * num_subrects));
2495
2496 num_subrects_tree =
2497 proto_item_add_subtree(ti, ett_vnc_hextile_num_subrects);
2498
2499 for(i = 0; i < num_subrects; i++) {
2500 subrect_tree = proto_tree_add_subtree_format(num_subrects_tree, tvb,
2501 *offset, subrect_len, ett_vnc_hextile_subrect, NULL,
2502 "Subrectangle #%d", i+1);
2503
2504 if(subencoding_mask & 0x10) {
2505 /* Subrects Colored */
2506 proto_tree_add_item(subrect_tree, hf_vnc_hextile_subrect_pixel_value, tvb, *offset, bytes_per_pixel, ENC_NA);
2507
2508 *offset += bytes_per_pixel;
2509 }
2510
2511 proto_tree_add_item(subrect_tree,
2512 hf_vnc_hextile_subrect_x_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2513
2514 proto_tree_add_item(subrect_tree, hf_vnc_hextile_subrect_y_pos, tvb, *offset, 1, ENC_BIG_ENDIAN);
2515
2516 *offset += 1;
2517
2518 proto_tree_add_item(subrect_tree, hf_vnc_hextile_subrect_width, tvb, *offset, 1, ENC_BIG_ENDIAN);
2519
2520 proto_tree_add_item(subrect_tree, hf_vnc_hextile_subrect_height, tvb, *offset, 1, ENC_BIG_ENDIAN);
2521
2522 *offset += 1;
2523 }
2524 }
2525 }
2526 }
2527 }
2528 return 0; /* bytes_needed */
2529 }
2530
2531 static guint
vnc_supported_messages(tvbuff_t * tvb,gint * offset,proto_tree * tree,const guint16 width)2532 vnc_supported_messages(tvbuff_t *tvb, gint *offset, proto_tree *tree,
2533 const guint16 width)
2534 {
2535 VNC_BYTES_NEEDED(width);
2536 if (width >= 64) {
2537 proto_tree_add_item(tree,
2538 hf_vnc_supported_messages_client2server,
2539 tvb, *offset, 32, ENC_NA);
2540 *offset += 32;
2541 proto_tree_add_item(tree,
2542 hf_vnc_supported_messages_server2client,
2543 tvb, *offset, 32, ENC_NA);
2544 *offset += 32;
2545 *offset += width - 64;
2546 } else {
2547 *offset += width;
2548 }
2549
2550 return 0; /* bytes_needed */
2551 }
2552
2553 static guint
vnc_supported_encodings(tvbuff_t * tvb,gint * offset,proto_tree * tree,const guint16 width,const guint16 height)2554 vnc_supported_encodings(tvbuff_t *tvb, gint *offset, proto_tree *tree,
2555 const guint16 width, const guint16 height)
2556 {
2557 guint16 i = width;
2558
2559 proto_tree_add_uint(tree, hf_vnc_num_supported_encodings, tvb, *offset, 0, height);
2560
2561 VNC_BYTES_NEEDED(width);
2562 for (; i >= 4; i -= 4) {
2563 proto_tree_add_item(tree, hf_vnc_supported_encodings,
2564 tvb, *offset, 4, ENC_BIG_ENDIAN);
2565 *offset += 4;
2566 }
2567 *offset += i;
2568
2569 return 0; /* bytes_needed */
2570 }
2571
2572 static guint
vnc_server_identity(tvbuff_t * tvb,gint * offset,proto_tree * tree,const guint16 width)2573 vnc_server_identity(tvbuff_t *tvb, gint *offset, proto_tree *tree,
2574 const guint16 width)
2575 {
2576 VNC_BYTES_NEEDED(width);
2577 proto_tree_add_item(tree, hf_vnc_server_identity,
2578 tvb, *offset, width, ENC_ASCII|ENC_NA);
2579 *offset += width;
2580
2581 return 0; /* bytes_needed */
2582 }
2583
2584 static guint
vnc_mirrorlink(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)2585 vnc_mirrorlink(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2586 proto_tree *tree)
2587 {
2588 guint8 type;
2589 guint16 length;
2590 guint16 num, i;
2591 gint end;
2592 proto_tree *sub_tree;
2593
2594 /* Header */
2595 VNC_BYTES_NEEDED(3);
2596
2597 type = tvb_get_guint8(tvb, *offset);
2598 proto_tree_add_item(tree, hf_vnc_mirrorlink_type,
2599 tvb, *offset, 1, ENC_BIG_ENDIAN);
2600 *offset += 1;
2601
2602 length = tvb_get_ntohs(tvb, *offset);
2603 proto_tree_add_item(tree, hf_vnc_mirrorlink_length,
2604 tvb, *offset, 2, ENC_BIG_ENDIAN);
2605 *offset += 2;
2606
2607 col_add_fstr(pinfo->cinfo, COL_INFO, "MirrorLink (%s)",
2608 val_to_str_const(type, vnc_mirrorlink_types_vs,
2609 "Unknown"));
2610
2611 /* Payload */
2612 end = *offset + length;
2613
2614 switch(type) {
2615
2616 case VNC_ML_EXT_BYE_BYE :
2617 break;
2618
2619 case VNC_ML_EXT_SERVER_DISPLAY_CONFIGURATION :
2620 VNC_BYTES_NEEDED(12);
2621 proto_tree_add_item(tree, hf_vnc_mirrorlink_version_major,
2622 tvb, *offset, 1, ENC_BIG_ENDIAN);
2623 *offset += 1;
2624 proto_tree_add_item(tree, hf_vnc_mirrorlink_version_minor,
2625 tvb, *offset, 1, ENC_BIG_ENDIAN);
2626 *offset += 1;
2627 proto_tree_add_item(tree,
2628 hf_vnc_mirrorlink_framebuffer_configuration,
2629 tvb, *offset, 2, ENC_BIG_ENDIAN);
2630 *offset += 2;
2631 proto_tree_add_item(tree, hf_vnc_mirrorlink_pixel_width,
2632 tvb, *offset, 2, ENC_BIG_ENDIAN);
2633 *offset += 2;
2634 proto_tree_add_item(tree, hf_vnc_mirrorlink_pixel_height,
2635 tvb, *offset, 2, ENC_BIG_ENDIAN);
2636 *offset += 2;
2637 proto_tree_add_item(tree, hf_vnc_mirrorlink_pixel_format,
2638 tvb, *offset, 4, ENC_BIG_ENDIAN);
2639 *offset += 4;
2640 break;
2641
2642 case VNC_ML_EXT_CLIENT_DISPLAY_CONFIGURATION :
2643 VNC_BYTES_NEEDED(14);
2644 proto_tree_add_item(tree, hf_vnc_mirrorlink_version_major,
2645 tvb, *offset, 1, ENC_BIG_ENDIAN);
2646 *offset += 1;
2647 proto_tree_add_item(tree, hf_vnc_mirrorlink_version_minor,
2648 tvb, *offset, 1, ENC_BIG_ENDIAN);
2649 *offset += 1;
2650 proto_tree_add_item(tree,
2651 hf_vnc_mirrorlink_framebuffer_configuration,
2652 tvb, *offset, 2, ENC_BIG_ENDIAN);
2653 *offset += 2;
2654 proto_tree_add_item(tree, hf_vnc_mirrorlink_pixel_width,
2655 tvb, *offset, 2, ENC_BIG_ENDIAN);
2656 *offset += 2;
2657 proto_tree_add_item(tree, hf_vnc_mirrorlink_pixel_height,
2658 tvb, *offset, 2, ENC_BIG_ENDIAN);
2659 *offset += 2;
2660 proto_tree_add_item(tree, hf_vnc_mirrorlink_display_width,
2661 tvb, *offset, 2, ENC_BIG_ENDIAN);
2662 *offset += 2;
2663 proto_tree_add_item(tree, hf_vnc_mirrorlink_display_height,
2664 tvb, *offset, 2, ENC_BIG_ENDIAN);
2665 *offset += 2;
2666 proto_tree_add_item(tree, hf_vnc_mirrorlink_display_distance,
2667 tvb, *offset, 2, ENC_BIG_ENDIAN);
2668 *offset += 2;
2669 break;
2670
2671 case VNC_ML_EXT_SERVER_EVENT_CONFIGURATION :
2672 case VNC_ML_EXT_CLIENT_EVENT_CONFIGURATION :
2673 VNC_BYTES_NEEDED(28);
2674 proto_tree_add_item(tree, hf_vnc_mirrorlink_keyboard_language,
2675 tvb, *offset, 2, ENC_ASCII|ENC_NA);
2676 *offset += 2;
2677 proto_tree_add_item(tree, hf_vnc_mirrorlink_keyboard_country,
2678 tvb, *offset, 2, ENC_ASCII|ENC_NA);
2679 *offset += 2;
2680 proto_tree_add_item(tree, hf_vnc_mirrorlink_ui_language,
2681 tvb, *offset, 2, ENC_ASCII|ENC_NA);
2682 *offset += 2;
2683 proto_tree_add_item(tree, hf_vnc_mirrorlink_ui_country,
2684 tvb, *offset, 2, ENC_ASCII|ENC_NA);
2685 *offset += 2;
2686 proto_tree_add_item(tree, hf_vnc_mirrorlink_knob_keys,
2687 tvb, *offset, 4, ENC_BIG_ENDIAN);
2688 *offset += 4;
2689 proto_tree_add_item(tree, hf_vnc_mirrorlink_device_keys,
2690 tvb, *offset, 4, ENC_BIG_ENDIAN);
2691 *offset += 4;
2692 proto_tree_add_item(tree, hf_vnc_mirrorlink_multimedia_keys,
2693 tvb, *offset, 4, ENC_BIG_ENDIAN);
2694 *offset += 4;
2695 proto_tree_add_item(tree, hf_vnc_mirrorlink_key_related,
2696 tvb, *offset, 4, ENC_BIG_ENDIAN);
2697 *offset += 4;
2698 proto_tree_add_item(tree, hf_vnc_mirrorlink_pointer_related,
2699 tvb, *offset, 4, ENC_BIG_ENDIAN);
2700 *offset += 4;
2701 break;
2702
2703 case VNC_ML_EXT_EVENT_MAPPING :
2704 case VNC_ML_EXT_EVENT_MAPPING_REQUEST :
2705 VNC_BYTES_NEEDED(8);
2706 proto_tree_add_item(tree,
2707 hf_vnc_mirrorlink_key_symbol_value_client,
2708 tvb, *offset, 4, ENC_BIG_ENDIAN);
2709 *offset += 4;
2710 proto_tree_add_item(tree,
2711 hf_vnc_mirrorlink_key_symbol_value_server,
2712 tvb, *offset, 4, ENC_BIG_ENDIAN);
2713 *offset += 4;
2714 break;
2715
2716 case VNC_ML_EXT_KEY_EVENT_LISTING :
2717 VNC_BYTES_NEEDED(4);
2718 proto_tree_add_item(tree, hf_vnc_mirrorlink_key_configuration,
2719 tvb, *offset, 1, ENC_BIG_ENDIAN);
2720 *offset += 1;
2721 num = tvb_get_guint8(tvb, *offset);
2722 proto_tree_add_item(tree, hf_vnc_mirrorlink_key_num_events,
2723 tvb, *offset, 1, ENC_BIG_ENDIAN);
2724 *offset += 1;
2725 proto_tree_add_item(tree, hf_vnc_mirrorlink_key_event_counter,
2726 tvb, *offset, 2, ENC_BIG_ENDIAN);
2727 *offset += 2;
2728 VNC_BYTES_NEEDED((guint)(4 * num));
2729 sub_tree = proto_tree_add_subtree(tree, tvb, *offset, 4 * num,
2730 ett_vnc_key_events, NULL, "Key Event List");
2731 for (; num > 0; num--) {
2732 proto_tree_add_item(sub_tree,
2733 hf_vnc_mirrorlink_key_symbol_value,
2734 tvb, *offset, 4, ENC_BIG_ENDIAN);
2735 *offset += 4 ;
2736 }
2737 break;
2738
2739 case VNC_ML_EXT_KEY_EVENT_LISTING_REQUEST :
2740 VNC_BYTES_NEEDED(4);
2741 proto_tree_add_item(tree,
2742 hf_vnc_mirrorlink_key_request_configuration,
2743 tvb, *offset, 4, ENC_BIG_ENDIAN);
2744 *offset += 4;
2745 break;
2746
2747 case VNC_ML_EXT_VIRTUAL_KEYBOARD :
2748 VNC_BYTES_NEEDED(16);
2749 proto_tree_add_item(tree,
2750 hf_vnc_mirrorlink_keyboard_configuration,
2751 tvb, *offset, 4, ENC_BIG_ENDIAN);
2752 *offset += 4;
2753 proto_tree_add_item(tree, hf_vnc_mirrorlink_cursor_x,
2754 tvb, *offset, 2, ENC_BIG_ENDIAN);
2755 *offset += 2;
2756 proto_tree_add_item(tree, hf_vnc_mirrorlink_cursor_y,
2757 tvb, *offset, 2, ENC_BIG_ENDIAN);
2758 *offset += 2;
2759 proto_tree_add_item(tree, hf_vnc_mirrorlink_text_x,
2760 tvb, *offset, 2, ENC_BIG_ENDIAN);
2761 *offset += 2;
2762 proto_tree_add_item(tree, hf_vnc_mirrorlink_text_y,
2763 tvb, *offset, 2, ENC_BIG_ENDIAN);
2764 *offset += 2;
2765 proto_tree_add_item(tree, hf_vnc_mirrorlink_text_width,
2766 tvb, *offset, 2, ENC_BIG_ENDIAN);
2767 *offset += 2;
2768 proto_tree_add_item(tree, hf_vnc_mirrorlink_text_height,
2769 tvb, *offset, 2, ENC_BIG_ENDIAN);
2770 *offset += 2;
2771 break;
2772
2773 case VNC_ML_EXT_VIRTUAL_KEYBOARD_REQUEST :
2774 VNC_BYTES_NEEDED(4);
2775 proto_tree_add_item(tree,
2776 hf_vnc_mirrorlink_keyboard_request_configuration,
2777 tvb, *offset, 4, ENC_BIG_ENDIAN);
2778 *offset += 4;
2779 break;
2780
2781 case VNC_ML_EXT_DEVICE_STATUS :
2782 case VNC_ML_EXT_DEVICE_STATUS_REQUEST :
2783 VNC_BYTES_NEEDED(4);
2784 proto_tree_add_item(tree, hf_vnc_mirrorlink_device_status,
2785 tvb, *offset, 4, ENC_BIG_ENDIAN);
2786 *offset += 4;
2787 break;
2788 /*
2789 case VNC_ML_EXT_CONTENT_ATTESTATION :
2790 break;
2791
2792 case VNC_ML_EXT_CONTENT_ATTESTATION_REQUEST :
2793 break;
2794 */
2795 case VNC_ML_EXT_FB_BLOCKING_NOTIFICATION :
2796 VNC_BYTES_NEEDED(14);
2797 proto_tree_add_item(tree, hf_vnc_mirrorlink_fb_block_x,
2798 tvb, *offset, 2, ENC_BIG_ENDIAN);
2799 *offset += 2;
2800 proto_tree_add_item(tree, hf_vnc_mirrorlink_fb_block_y,
2801 tvb, *offset, 2, ENC_BIG_ENDIAN);
2802 *offset += 2;
2803 proto_tree_add_item(tree, hf_vnc_mirrorlink_fb_block_width,
2804 tvb, *offset, 2, ENC_BIG_ENDIAN);
2805 *offset += 2;
2806 proto_tree_add_item(tree, hf_vnc_mirrorlink_fb_block_height,
2807 tvb, *offset, 2, ENC_BIG_ENDIAN);
2808 *offset += 2;
2809 proto_tree_add_item(tree, hf_vnc_mirrorlink_app_id,
2810 tvb, *offset, 4, ENC_BIG_ENDIAN);
2811 *offset += 4;
2812 proto_tree_add_item(tree, hf_vnc_mirrorlink_fb_block_reason,
2813 tvb, *offset, 2, ENC_BIG_ENDIAN);
2814 *offset += 2;
2815 break;
2816
2817 case VNC_ML_EXT_AUDIO_BLOCKING_NOTIFICATION :
2818 VNC_BYTES_NEEDED(6);
2819 proto_tree_add_item(tree, hf_vnc_mirrorlink_app_id,
2820 tvb, *offset, 4, ENC_BIG_ENDIAN);
2821 *offset += 4;
2822 proto_tree_add_item(tree, hf_vnc_mirrorlink_audio_block_reason,
2823 tvb, *offset, 2, ENC_BIG_ENDIAN);
2824 *offset += 2;
2825 break;
2826
2827 case VNC_ML_EXT_TOUCH_EVENT :
2828 VNC_BYTES_NEEDED(1);
2829 num = tvb_get_guint8(tvb, *offset);
2830 proto_tree_add_item(tree, hf_vnc_mirrorlink_touch_num_events,
2831 tvb, *offset, 1, ENC_BIG_ENDIAN);
2832 *offset += 1;
2833 VNC_BYTES_NEEDED((guint)(6 * num));
2834 /*sub_tree = proto_item_add_subtree(tree, ett_vnc_touch_events);*/
2835 for (i = 0; i < num; i++) {
2836 sub_tree = proto_tree_add_subtree_format(tree, tvb, *offset, 6,
2837 ett_vnc_touch_events, NULL, "Touch Event #%d", i + 1);
2838
2839 proto_tree_add_item(sub_tree, hf_vnc_mirrorlink_touch_x,
2840 tvb, *offset, 2, ENC_BIG_ENDIAN);
2841 *offset += 2;
2842 proto_tree_add_item(sub_tree, hf_vnc_mirrorlink_touch_y,
2843 tvb, *offset, 2, ENC_BIG_ENDIAN);
2844 *offset += 2;
2845 proto_tree_add_item(sub_tree,
2846 hf_vnc_mirrorlink_touch_id,
2847 tvb, *offset, 1, ENC_BIG_ENDIAN);
2848 *offset += 1;
2849 proto_tree_add_item(sub_tree,
2850 hf_vnc_mirrorlink_touch_pressure,
2851 tvb, *offset, 1, ENC_BIG_ENDIAN);
2852 *offset += 1;
2853 }
2854 break;
2855
2856 case VNC_ML_EXT_FB_ALTERNATIVE_TEXT :
2857 VNC_BYTES_NEEDED(6);
2858 proto_tree_add_item(tree, hf_vnc_mirrorlink_app_id,
2859 tvb, *offset, 4, ENC_BIG_ENDIAN);
2860 *offset += 4;
2861 num = tvb_get_ntohs(tvb, *offset);
2862 proto_tree_add_item(tree, hf_vnc_mirrorlink_text_length,
2863 tvb, *offset, 2, ENC_BIG_ENDIAN);
2864 *offset += 2;
2865 VNC_BYTES_NEEDED(num);
2866 proto_tree_add_item(tree, hf_vnc_mirrorlink_text,
2867 tvb, *offset, num, ENC_ASCII|ENC_NA);
2868 *offset += num;
2869 break;
2870
2871 case VNC_ML_EXT_FB_ALTERNATIVE_TEXT_REQUEST :
2872 VNC_BYTES_NEEDED(2);
2873 proto_tree_add_item(tree, hf_vnc_mirrorlink_text_max_length,
2874 tvb, *offset, 2, ENC_BIG_ENDIAN);
2875 *offset += 2;
2876 break;
2877
2878 }
2879
2880 if (end > *offset) {
2881 length = end - *offset;
2882 VNC_BYTES_NEEDED(length);
2883 proto_tree_add_item(tree, hf_vnc_mirrorlink_unknown,
2884 tvb, *offset, length, ENC_NA);
2885 *offset = end;
2886 }
2887
2888 return 0; /* bytes_needed */
2889 }
2890
2891 static guint
vnc_fence(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)2892 vnc_fence(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2893 proto_tree *tree)
2894 {
2895 guint payload_length;
2896
2897 VNC_BYTES_NEEDED(8);
2898
2899 payload_length = tvb_get_guint8(tvb, *offset+7);
2900 VNC_BYTES_NEEDED((8+payload_length));
2901
2902 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Fence");
2903
2904 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 3, ENC_NA);
2905 *offset += 3; /* skip padding */
2906
2907 proto_tree_add_bitmask(tree, tvb, *offset, hf_vnc_fence_flags,
2908 ett_vnc_fence_flags, vnc_fence_flags, ENC_BIG_ENDIAN);
2909
2910 *offset += 4;
2911
2912 proto_tree_add_item(tree, hf_vnc_fence_payload_length,
2913 tvb, *offset, 1, ENC_BIG_ENDIAN);
2914
2915 *offset += 1;
2916
2917 if (payload_length > 0) {
2918 proto_tree_add_item(tree, hf_vnc_fence_payload,
2919 tvb, *offset, payload_length, ENC_NA);
2920 *offset += payload_length;
2921 }
2922 return 0;
2923 }
2924
2925 static guint
vnc_context_information(tvbuff_t * tvb,gint * offset,proto_tree * tree)2926 vnc_context_information(tvbuff_t *tvb, gint *offset, proto_tree *tree)
2927 {
2928 VNC_BYTES_NEEDED(20);
2929
2930 proto_tree_add_item(tree, hf_vnc_context_information_app_id,
2931 tvb, *offset, 4, ENC_BIG_ENDIAN);
2932 *offset += 4;
2933
2934 proto_tree_add_item(tree, hf_vnc_context_information_app_trust_level,
2935 tvb, *offset, 2, ENC_BIG_ENDIAN);
2936 *offset += 2;
2937
2938 proto_tree_add_item(tree,
2939 hf_vnc_context_information_content_trust_level,
2940 tvb, *offset, 2, ENC_BIG_ENDIAN);
2941 *offset += 2;
2942
2943 proto_tree_add_item(tree, hf_vnc_context_information_app_category,
2944 tvb, *offset, 4, ENC_BIG_ENDIAN);
2945 *offset += 4;
2946
2947 proto_tree_add_item(tree, hf_vnc_context_information_content_category,
2948 tvb, *offset, 4, ENC_BIG_ENDIAN);
2949 *offset += 4;
2950
2951 proto_tree_add_item(tree, hf_vnc_context_information_content_rules,
2952 tvb, *offset, 4, ENC_BIG_ENDIAN);
2953 *offset += 4;
2954
2955 return 0; /* bytes_needed */
2956 }
2957
2958 static guint
vnc_slrle_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 height)2959 vnc_slrle_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
2960 proto_tree *tree, const guint16 height)
2961 {
2962 guint8 depth = vnc_get_depth(pinfo);
2963 guint8 depth_mod = depth % 8;
2964 guint8 bytes_per_run;
2965 guint16 num_runs, i;
2966 guint length;
2967 proto_tree *sub_tree;
2968
2969 if (depth_mod <= 4)
2970 bytes_per_run = ( 8 - depth_mod + depth) / 8;
2971 else
2972 bytes_per_run = (16 - depth_mod + depth) / 8;
2973
2974 for (i = 0; i < height; i++) {
2975 VNC_BYTES_NEEDED(2);
2976 num_runs = tvb_get_ntohs(tvb, *offset);
2977
2978 length = num_runs * bytes_per_run;
2979
2980 sub_tree = proto_tree_add_subtree_format(tree, tvb, *offset, 2 + length,
2981 ett_vnc_slrle_subline, NULL, "Scanline #%d", i+1);
2982
2983 proto_tree_add_item(sub_tree, hf_vnc_slrle_run_num,
2984 tvb, *offset, 2, ENC_BIG_ENDIAN);
2985 *offset += 2;
2986
2987 VNC_BYTES_NEEDED(length);
2988 proto_tree_add_item(sub_tree, hf_vnc_slrle_run_data,
2989 tvb, *offset, length, ENC_NA);
2990 *offset += length;
2991 }
2992
2993 return 0; /* bytes_needed */
2994 }
2995
2996 static guint
vnc_h264_encoding(tvbuff_t * tvb,gint * offset,proto_tree * tree)2997 vnc_h264_encoding(tvbuff_t *tvb, gint *offset, proto_tree *tree)
2998 {
2999 guint32 nbytes;
3000
3001 VNC_BYTES_NEEDED(16);
3002
3003 nbytes = tvb_get_ntohl(tvb, *offset);
3004 proto_tree_add_item(tree, hf_vnc_h264_nbytes,
3005 tvb, *offset, 4, ENC_BIG_ENDIAN);
3006 *offset += 4;
3007
3008 /*0 == P-Frame; 1 == B-Frame; 2 == I-Frame*/
3009 proto_tree_add_item(tree, hf_vnc_h264_slice_type,
3010 tvb, *offset, 4, ENC_BIG_ENDIAN);
3011 *offset += 4;
3012
3013 proto_tree_add_item(tree, hf_vnc_h264_width,
3014 tvb, *offset, 4, ENC_BIG_ENDIAN);
3015 *offset += 4;
3016
3017 proto_tree_add_item(tree, hf_vnc_h264_height,
3018 tvb, *offset, 4, ENC_BIG_ENDIAN);
3019 *offset += 4;
3020
3021 VNC_BYTES_NEEDED(nbytes);
3022 proto_tree_add_item(tree, hf_vnc_h264_data,
3023 tvb, *offset, nbytes, ENC_NA);
3024 *offset += nbytes;
3025
3026 return 0; /* bytes_needed */
3027 }
3028
3029 #ifdef HAVE_ZLIB
3030 static guint
vnc_zrle_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 width,const guint16 height)3031 vnc_zrle_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
3032 proto_tree *tree, const guint16 width, const guint16 height)
3033 #else
3034 static guint
3035 vnc_zrle_encoding(tvbuff_t *tvb, packet_info *pinfo _U_, gint *offset,
3036 proto_tree *tree, const guint16 width _U_, const guint16 height _U_)
3037 #endif
3038 {
3039 guint32 data_len;
3040 #ifdef HAVE_ZLIB
3041 guint8 palette_size;
3042 guint8 bytes_per_cpixel = vnc_get_bytes_per_pixel(pinfo);
3043 gint uncomp_offset = 0;
3044 guint length;
3045 gint subencoding_type;
3046 tvbuff_t *uncomp_tvb;
3047 proto_tree *zrle_subencoding_tree;
3048 proto_item *ti;
3049 #endif
3050
3051 VNC_BYTES_NEEDED(4);
3052 proto_tree_add_item(tree, hf_vnc_zrle_len, tvb, *offset,
3053 4, ENC_BIG_ENDIAN);
3054 data_len = tvb_get_ntohl(tvb, *offset);
3055
3056 *offset += 4;
3057
3058 VNC_BYTES_NEEDED(data_len);
3059
3060 proto_tree_add_item(tree, hf_vnc_zrle_data, tvb, *offset,
3061 data_len, ENC_NA);
3062
3063 #ifdef HAVE_ZLIB
3064 uncomp_tvb = tvb_child_uncompress(tvb, tvb, *offset, data_len);
3065
3066 if(uncomp_tvb != NULL) {
3067 add_new_data_source(pinfo, uncomp_tvb,
3068 "Uncompressed ZRLE data");
3069
3070 ti = proto_tree_add_item(tree, hf_vnc_zrle_subencoding,
3071 uncomp_tvb, uncomp_offset, 1, ENC_BIG_ENDIAN);
3072 zrle_subencoding_tree =
3073 proto_item_add_subtree(ti, ett_vnc_zrle_subencoding);
3074
3075 proto_tree_add_item(zrle_subencoding_tree, hf_vnc_zrle_rle,
3076 uncomp_tvb, uncomp_offset, 1, ENC_BIG_ENDIAN);
3077
3078 proto_tree_add_item(zrle_subencoding_tree,
3079 hf_vnc_zrle_palette_size, uncomp_tvb,
3080 uncomp_offset, 1, ENC_BIG_ENDIAN);
3081
3082 subencoding_type = tvb_get_guint8(uncomp_tvb, uncomp_offset);
3083 palette_size = subencoding_type & 0x7F;
3084
3085 uncomp_offset += 1;
3086
3087 if(subencoding_type == 0) { /* Raw */
3088 length = width * height * bytes_per_cpixel;
3089 VNC_BYTES_NEEDED(length);
3090
3091 /* XXX - not working yet! */
3092
3093 proto_tree_add_item(zrle_subencoding_tree,
3094 hf_vnc_zrle_raw, uncomp_tvb,
3095 uncomp_offset, length, ENC_NA);
3096
3097 } else if(subencoding_type >= 130 && subencoding_type <= 255) {
3098 length = palette_size * bytes_per_cpixel;
3099 VNC_BYTES_NEEDED(length);
3100
3101 proto_tree_add_item(zrle_subencoding_tree,
3102 hf_vnc_zrle_palette, uncomp_tvb,
3103 uncomp_offset, length, ENC_NA);
3104
3105 /* XXX - Not complete! */
3106 }
3107
3108 } else {
3109 proto_tree_add_expert(tree, pinfo, &ei_vnc_zrle_failed, tvb, *offset, data_len);
3110 }
3111 #endif /* HAVE_ZLIB */
3112
3113 *offset += data_len;
3114
3115 return 0; /* bytes_needed */
3116 }
3117
3118
3119 static guint
read_compact_len(tvbuff_t * tvb,gint * offset,gint * length,gint * value_length)3120 read_compact_len(tvbuff_t *tvb, gint *offset, gint *length, gint *value_length)
3121 {
3122 gint b;
3123
3124 VNC_BYTES_NEEDED(1);
3125
3126 *value_length = 0;
3127
3128 b = tvb_get_guint8(tvb, *offset);
3129 *offset += 1;
3130 *value_length += 1;
3131
3132 *length = b & 0x7f;
3133 if ((b & 0x80) != 0) {
3134 VNC_BYTES_NEEDED(1);
3135
3136 b = tvb_get_guint8(tvb, *offset);
3137 *offset += 1;
3138 *value_length += 1;
3139
3140 *length |= (b & 0x7f) << 7;
3141
3142 if ((b & 0x80) != 0) {
3143 VNC_BYTES_NEEDED (1);
3144
3145 b = tvb_get_guint8(tvb, *offset);
3146 *offset += 1;
3147 *value_length += 1;
3148
3149 *length |= (b & 0xff) << 14;
3150 }
3151 }
3152
3153 return 0;
3154 }
3155
3156
3157 static guint
process_compact_length_and_image_data(tvbuff_t * tvb,gint * offset,proto_tree * tree)3158 process_compact_length_and_image_data(tvbuff_t *tvb, gint *offset, proto_tree *tree)
3159 {
3160 guint bytes_needed;
3161 guint length, value_length;
3162
3163 bytes_needed = read_compact_len (tvb, offset, &length, &value_length);
3164 if (bytes_needed != 0)
3165 return bytes_needed;
3166
3167 proto_tree_add_uint(tree, hf_vnc_tight_image_len, tvb, *offset - value_length, value_length, length);
3168
3169 VNC_BYTES_NEEDED(length);
3170 proto_tree_add_item(tree, hf_vnc_tight_image_data, tvb, *offset, length, ENC_NA);
3171 *offset += length;
3172
3173 return 0; /* bytes_needed */
3174 }
3175
3176
3177 static guint
process_tight_rect_filter_palette(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,gint * bits_per_pixel)3178 process_tight_rect_filter_palette(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
3179 proto_tree *tree, gint *bits_per_pixel)
3180 {
3181 vnc_packet_t *per_packet_info;
3182 gint num_colors;
3183 guint palette_bytes;
3184
3185 /* See TightVNC's vnc_unixsrc/vncviewer/tight.c:InitFilterPaletteBPP() */
3186
3187 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
3188 /* Our calling function should have set the packet's proto data already */
3189 DISSECTOR_ASSERT(per_packet_info != NULL);
3190
3191 VNC_BYTES_NEEDED(1);
3192 proto_tree_add_item(tree, hf_vnc_tight_palette_num_colors, tvb, *offset, 1, ENC_BIG_ENDIAN);
3193 num_colors = tvb_get_guint8(tvb, *offset);
3194 *offset += 1;
3195
3196 num_colors++;
3197 if (num_colors < 2)
3198 return 0;
3199
3200 if (per_packet_info->depth == 24)
3201 palette_bytes = num_colors * 3;
3202 else
3203 palette_bytes = num_colors * per_packet_info->depth / 8;
3204
3205 VNC_BYTES_NEEDED(palette_bytes);
3206 proto_tree_add_item(tree, hf_vnc_tight_palette_data, tvb, *offset, palette_bytes, ENC_NA);
3207 *offset += palette_bytes;
3208
3209 /* This is the number of bits per pixel *in the image data*, not the actual client depth */
3210 if (num_colors == 2)
3211 *bits_per_pixel = 1;
3212 else
3213 *bits_per_pixel = 8;
3214
3215 return 0;
3216 }
3217
3218 static guint
vnc_tight_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 width _U_,const guint16 height _U_)3219 vnc_tight_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
3220 proto_tree *tree, const guint16 width _U_, const guint16 height _U_)
3221 {
3222 vnc_packet_t *per_packet_info;
3223 guint8 comp_ctl;
3224 proto_item *compression_type_ti;
3225 gint bit_offset;
3226 gint bytes_needed = -1;
3227
3228 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
3229 /* Our calling function should have set the packet's proto data already */
3230 DISSECTOR_ASSERT(per_packet_info != NULL);
3231
3232 /* See xserver/hw/vnc/rfbproto.h and grep for "Tight Encoding." for the following layout */
3233
3234 VNC_BYTES_NEEDED(1);
3235
3236 /* least significant bits 0-3 are "reset compression stream N" */
3237 bit_offset = *offset * 8;
3238 proto_tree_add_bits_item(tree, hf_vnc_tight_reset_stream0, tvb, bit_offset + 7, 1, ENC_BIG_ENDIAN);
3239 proto_tree_add_bits_item(tree, hf_vnc_tight_reset_stream1, tvb, bit_offset + 6, 1, ENC_BIG_ENDIAN);
3240 proto_tree_add_bits_item(tree, hf_vnc_tight_reset_stream2, tvb, bit_offset + 5, 1, ENC_BIG_ENDIAN);
3241 proto_tree_add_bits_item(tree, hf_vnc_tight_reset_stream3, tvb, bit_offset + 4, 1, ENC_BIG_ENDIAN);
3242
3243 /* most significant bits 4-7 are "compression type" */
3244 compression_type_ti = proto_tree_add_bits_item(tree, hf_vnc_tight_rect_type, tvb, bit_offset + 0, 4, ENC_BIG_ENDIAN);
3245
3246 comp_ctl = tvb_get_guint8(tvb, *offset);
3247 *offset += 1;
3248
3249 comp_ctl >>= 4; /* skip over the "reset compression" bits from above */
3250
3251 /* compression format */
3252
3253 if (comp_ctl == TIGHT_RECT_FILL) {
3254 /* "fill" encoding (solid rectangle) */
3255
3256 proto_item_append_text(compression_type_ti, " (fill encoding - solid rectangle)");
3257
3258 if (per_packet_info->depth == 24) {
3259 VNC_BYTES_NEEDED(3);
3260 proto_tree_add_item(tree, hf_vnc_tight_fill_color, tvb, *offset, 3, ENC_NA);
3261 *offset += 3;
3262 } else {
3263 VNC_BYTES_NEEDED(per_packet_info->bytes_per_pixel);
3264 proto_tree_add_item(tree, hf_vnc_tight_fill_color, tvb, *offset, per_packet_info->bytes_per_pixel, ENC_NA);
3265 *offset += per_packet_info->bytes_per_pixel;
3266 }
3267
3268 bytes_needed = 0;
3269 } else if (comp_ctl == TIGHT_RECT_JPEG) {
3270 /* jpeg encoding */
3271
3272 proto_item_append_text(compression_type_ti, " (JPEG encoding)");
3273 bytes_needed = process_compact_length_and_image_data(tvb, offset, tree);
3274 if (bytes_needed != 0)
3275 return bytes_needed;
3276 } else if (comp_ctl > TIGHT_RECT_MAX_VALUE) {
3277 /* invalid encoding */
3278
3279 expert_add_info(pinfo, compression_type_ti, &ei_vnc_invalid_encoding);
3280 } else {
3281 guint row_size;
3282 gint bits_per_pixel;
3283
3284 /* basic encoding */
3285
3286 proto_item_append_text(compression_type_ti, " (basic encoding)");
3287
3288 proto_tree_add_bits_item(tree, hf_vnc_tight_filter_flag, tvb, bit_offset + 1, 1, ENC_BIG_ENDIAN);
3289
3290 bits_per_pixel = per_packet_info->depth;
3291
3292 if ((comp_ctl & TIGHT_RECT_EXPLICIT_FILTER_FLAG) != 0) {
3293 guint8 filter_id;
3294
3295 /* explicit filter */
3296
3297 VNC_BYTES_NEEDED(1);
3298 proto_tree_add_item(tree, hf_vnc_tight_filter_id, tvb, *offset, 1, ENC_BIG_ENDIAN);
3299 filter_id = tvb_get_guint8(tvb, *offset);
3300 *offset += 1;
3301
3302 switch (filter_id) {
3303 case TIGHT_RECT_FILTER_COPY:
3304 /* nothing to do */
3305 break;
3306
3307 case TIGHT_RECT_FILTER_PALETTE:
3308 bytes_needed = process_tight_rect_filter_palette(tvb, pinfo, offset, tree, &bits_per_pixel);
3309 if (bytes_needed != 0)
3310 return bytes_needed;
3311
3312 break;
3313
3314 case TIGHT_RECT_FILTER_GRADIENT:
3315 /* nothing to do */
3316 break;
3317 }
3318 } else {
3319 /* this is the same case as TIGHT_RECT_FILTER_COPY, so there's nothing special to do */
3320 }
3321
3322 row_size = ((guint) width * bits_per_pixel + 7) / 8;
3323 if (row_size * height < TIGHT_MIN_BYTES_TO_COMPRESS) {
3324 guint num_bytes;
3325
3326 /* The data is not compressed; just skip over it */
3327
3328 num_bytes = row_size * height;
3329 VNC_BYTES_NEEDED(num_bytes);
3330 proto_tree_add_item(tree, hf_vnc_tight_image_data, tvb, *offset, num_bytes, ENC_NA);
3331 *offset += num_bytes;
3332
3333 bytes_needed = 0;
3334 } else {
3335 /* The data is compressed; read its length and data */
3336 bytes_needed = process_compact_length_and_image_data(tvb, offset, tree);
3337 if (bytes_needed != 0)
3338 return bytes_needed;
3339 }
3340 }
3341
3342 DISSECTOR_ASSERT(bytes_needed != -1);
3343
3344 return bytes_needed;
3345 }
3346
3347
3348 static guint
decode_cursor(tvbuff_t * tvb,gint * offset,proto_tree * tree,guint pixels_bytes,guint mask_bytes)3349 decode_cursor(tvbuff_t *tvb, gint *offset, proto_tree *tree,
3350 guint pixels_bytes, guint mask_bytes)
3351 {
3352 guint total_bytes;
3353
3354 total_bytes = pixels_bytes + mask_bytes;
3355 VNC_BYTES_NEEDED (total_bytes);
3356
3357 proto_tree_add_item(tree, hf_vnc_cursor_encoding_pixels, tvb, *offset,
3358 pixels_bytes, ENC_NA);
3359 *offset += pixels_bytes;
3360
3361 proto_tree_add_item(tree, hf_vnc_cursor_encoding_bitmask, tvb, *offset,
3362 mask_bytes, ENC_NA);
3363 *offset += mask_bytes;
3364
3365 return 0; /* bytes_needed */
3366 }
3367
3368
3369 static guint
vnc_rich_cursor_encoding(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree,const guint16 width,const guint16 height)3370 vnc_rich_cursor_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
3371 proto_tree *tree, const guint16 width, const guint16 height)
3372 {
3373 guint8 bytes_per_pixel = vnc_get_bytes_per_pixel(pinfo);
3374 guint pixels_bytes, mask_bytes;
3375
3376 pixels_bytes = width * height * bytes_per_pixel;
3377 mask_bytes = ((width + 7) / 8) * height;
3378
3379 return decode_cursor(tvb, offset, tree,
3380 pixels_bytes, mask_bytes);
3381 }
3382
3383
3384 static guint
vnc_x_cursor_encoding(tvbuff_t * tvb,packet_info * pinfo _U_,gint * offset,proto_tree * tree,const guint16 width,const guint16 height)3385 vnc_x_cursor_encoding(tvbuff_t *tvb, packet_info *pinfo _U_, gint *offset,
3386 proto_tree *tree, const guint16 width, const guint16 height)
3387 {
3388 gint bitmap_row_bytes = (width + 7) / 8;
3389 gint mask_bytes = bitmap_row_bytes * height;
3390
3391 VNC_BYTES_NEEDED (6);
3392 proto_tree_add_item(tree, hf_vnc_cursor_x_fore_back, tvb, *offset, 6, ENC_NA);
3393 *offset += 6;
3394
3395 /* The length of the pixel data is the same as the length of the mask data (X cursors are strictly black/white) */
3396 return decode_cursor(tvb, offset, tree,
3397 mask_bytes, mask_bytes);
3398 }
3399
3400
3401 static guint
vnc_server_set_colormap_entries(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)3402 vnc_server_set_colormap_entries(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
3403 proto_tree *tree)
3404 {
3405 guint16 number_of_colors;
3406 guint counter, bytes_needed;
3407 proto_item *ti;
3408 proto_tree *vnc_colormap_num_groups, *vnc_colormap_color_group;
3409
3410 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Server set colormap entries");
3411
3412 number_of_colors = tvb_get_ntohs(tvb, 4);
3413
3414 VNC_BYTES_NEEDED(3);
3415 proto_tree_add_item(tree, hf_vnc_padding, tvb, *offset, 1, ENC_NA);
3416 *offset += 1; /* Skip over 1 byte of padding */
3417
3418 proto_tree_add_item(tree, hf_vnc_colormap_first_color,
3419 tvb, *offset, 2, ENC_BIG_ENDIAN);
3420 *offset += 2;
3421
3422 /* XXX - this is 3 bytes into the tvb, but number_of_colors is set off
3423 * of 4 bytes in... Bug???
3424 */
3425 ti = proto_tree_add_item(tree, hf_vnc_colormap_num_colors, tvb,
3426 *offset, 2, ENC_BIG_ENDIAN);
3427
3428 if (number_of_colors > 10000) {
3429 expert_add_info_format(pinfo, ti, &ei_vnc_too_many_colors,"Too many colors (%d), aborting dissection",
3430 number_of_colors);
3431 return(0);
3432 }
3433
3434 bytes_needed = (number_of_colors * 6) + 5;
3435 VNC_BYTES_NEEDED(bytes_needed);
3436
3437 *offset += 2;
3438
3439 ti = proto_tree_add_item(tree, hf_vnc_color_groups, tvb,
3440 *offset, number_of_colors * 6, ENC_NA);
3441 vnc_colormap_num_groups =
3442 proto_item_add_subtree(ti, ett_vnc_colormap_num_groups);
3443
3444 for(counter = 0; counter < number_of_colors; counter++) {
3445 vnc_colormap_color_group = proto_tree_add_subtree_format(vnc_colormap_num_groups, tvb,
3446 *offset, 6, ett_vnc_colormap_color_group, NULL,
3447 "Color group #%d", counter+1);
3448
3449 proto_tree_add_item(vnc_colormap_color_group,
3450 hf_vnc_colormap_red, tvb,
3451 *offset, 2, ENC_BIG_ENDIAN);
3452 *offset += 2;
3453
3454 proto_tree_add_item(vnc_colormap_color_group,
3455 hf_vnc_colormap_green, tvb,
3456 *offset, 2, ENC_BIG_ENDIAN);
3457 *offset += 2;
3458
3459 proto_tree_add_item(vnc_colormap_color_group,
3460 hf_vnc_colormap_blue, tvb,
3461 *offset, 2, ENC_BIG_ENDIAN);
3462 *offset += 2;
3463 }
3464 return 0;
3465 }
3466
3467
3468 static void
vnc_server_ring_bell(tvbuff_t * tvb _U_,packet_info * pinfo,gint * offset _U_,proto_tree * tree _U_)3469 vnc_server_ring_bell(tvbuff_t *tvb _U_, packet_info *pinfo, gint *offset _U_,
3470 proto_tree *tree _U_)
3471 {
3472 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Server ring bell on client");
3473 /* This message type has no payload... */
3474 }
3475
3476
3477 static guint
vnc_server_cut_text(tvbuff_t * tvb,packet_info * pinfo,gint * offset,proto_tree * tree)3478 vnc_server_cut_text(tvbuff_t *tvb, packet_info *pinfo, gint *offset,
3479 proto_tree *tree)
3480 {
3481 guint32 text_len;
3482 proto_item *pi;
3483
3484 col_append_sep_str(pinfo->cinfo, COL_INFO, "; ", "Server cut text");
3485
3486 text_len = tvb_get_ntohl(tvb, *offset);
3487 pi = proto_tree_add_item(tree, hf_vnc_server_cut_text_len, tvb, *offset, 4,
3488 ENC_BIG_ENDIAN);
3489 *offset += 4;
3490
3491 if (text_len > 100000) {
3492 expert_add_info_format(pinfo, pi, &ei_vnc_too_many_cut_text,
3493 "Too much cut text (%d), aborting dissection", text_len);
3494 return(0);
3495 }
3496
3497 VNC_BYTES_NEEDED(text_len);
3498
3499 proto_tree_add_item(tree, hf_vnc_server_cut_text, tvb, *offset,
3500 text_len, ENC_ASCII|ENC_NA);
3501 *offset += text_len;
3502
3503 return *offset;
3504 }
3505
3506
3507 static void
vnc_set_bytes_per_pixel(packet_info * pinfo,const guint8 bytes_per_pixel)3508 vnc_set_bytes_per_pixel(packet_info *pinfo, const guint8 bytes_per_pixel)
3509 {
3510 vnc_packet_t *per_packet_info;
3511
3512 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
3513 /* Our calling function should have set the packet's proto data already */
3514 DISSECTOR_ASSERT(per_packet_info != NULL);
3515
3516 per_packet_info->bytes_per_pixel = bytes_per_pixel;
3517 }
3518
3519
3520 static void
vnc_set_depth(packet_info * pinfo,const guint8 depth)3521 vnc_set_depth(packet_info *pinfo, const guint8 depth)
3522 {
3523 vnc_packet_t *per_packet_info;
3524
3525 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
3526 /* Our calling function should have set the packet's proto data already */
3527 DISSECTOR_ASSERT(per_packet_info != NULL);
3528
3529 per_packet_info->depth = depth;
3530 }
3531
3532
3533 static guint8
vnc_get_bytes_per_pixel(packet_info * pinfo)3534 vnc_get_bytes_per_pixel(packet_info *pinfo)
3535 {
3536 vnc_packet_t *per_packet_info;
3537
3538 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
3539 /* Our calling function should have set the packet's proto data already */
3540 DISSECTOR_ASSERT(per_packet_info != NULL);
3541
3542 return per_packet_info->bytes_per_pixel;
3543 }
3544
3545
3546 static guint8
vnc_get_depth(packet_info * pinfo)3547 vnc_get_depth(packet_info *pinfo)
3548 {
3549 vnc_packet_t *per_packet_info;
3550
3551 per_packet_info = (vnc_packet_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_vnc, 0);
3552 /* Our calling function should have set the packet's proto data already */
3553 DISSECTOR_ASSERT(per_packet_info != NULL);
3554
3555 return per_packet_info->depth;
3556 }
3557
3558 /* Preference callbacks */
3559 static void
apply_vnc_prefs(void)3560 apply_vnc_prefs(void) {
3561 vnc_tcp_range = prefs_get_range_value("vnc", "tcp.port");
3562 }
3563
3564 /* Register the protocol with Wireshark */
3565 void
proto_register_vnc(void)3566 proto_register_vnc(void)
3567 {
3568 module_t *vnc_module; /* To handle our preferences */
3569 expert_module_t* expert_vnc;
3570
3571 /* Setup list of header fields */
3572 static hf_register_info hf[] = {
3573 { &hf_vnc_padding,
3574 { "Padding", "vnc.padding",
3575 FT_NONE, BASE_NONE, NULL, 0x0,
3576 "Unused space", HFILL }
3577 },
3578
3579 { &hf_vnc_server_proto_ver,
3580 { "Server protocol version", "vnc.server_proto_ver",
3581 FT_STRING, BASE_NONE, NULL, 0x0,
3582 "VNC protocol version on server", HFILL }
3583 },
3584 { &hf_vnc_client_proto_ver,
3585 { "Client protocol version", "vnc.client_proto_ver",
3586 FT_STRING, BASE_NONE, NULL, 0x0,
3587 "VNC protocol version on client", HFILL }
3588 },
3589 { &hf_vnc_num_security_types,
3590 { "Number of security types", "vnc.num_security_types",
3591 FT_UINT8, BASE_DEC, NULL, 0x0,
3592 "Number of security (authentication) types supported by the server", HFILL }
3593 },
3594 { &hf_vnc_security_type,
3595 { "Security type", "vnc.security_type",
3596 FT_UINT8, BASE_DEC, VALS(vnc_security_types_vs), 0x0,
3597 "Security types offered by the server (VNC versions => 3.007", HFILL }
3598 },
3599 { &hf_vnc_server_security_type,
3600 { "Security type", "vnc.server_security_type",
3601 FT_UINT32, BASE_DEC, VALS(vnc_security_types_vs), 0x0,
3602 "Security type mandated by the server", HFILL }
3603 },
3604 { &hf_vnc_client_security_type,
3605 { "Security type selected", "vnc.client_security_type",
3606 FT_UINT8, BASE_DEC, VALS(vnc_security_types_vs), 0x0,
3607 "Security type selected by the client", HFILL }
3608 },
3609 { &hf_vnc_tight_num_tunnel_types,
3610 { "Number of supported tunnel types", "vnc.num_tunnel_types",
3611 FT_UINT32, BASE_DEC, NULL, 0x0,
3612 "Number of tunnel types for TightVNC", HFILL }
3613 },
3614 { &hf_vnc_tight_tunnel_type_code,
3615 { "Tunnel type code", "vnc.tunnel_type_code",
3616 FT_UINT32, BASE_DEC, NULL, 0x0,
3617 "Tunnel type code specific to TightVNC", HFILL }
3618 },
3619 { &hf_vnc_tight_tunnel_type_vendor,
3620 { "Tunnel type vendor", "vnc.tunnel_type_vendor",
3621 FT_STRING, STR_ASCII, NULL, 0x0,
3622 "Tunnel type vendor specific to TightVNC", HFILL }
3623 },
3624 { &hf_vnc_tight_tunnel_type_signature,
3625 { "Tunnel type signature", "vnc.tunnel_type_signature",
3626 FT_STRING, STR_ASCII, NULL, 0x0,
3627 "Tunnel type signature specific to TightVNC", HFILL }
3628 },
3629 { &hf_vnc_tight_num_auth_types,
3630 { "Number of supported authentication types", "vnc.num_auth_types",
3631 FT_UINT32, BASE_DEC, NULL, 0x0,
3632 "Authentication types specific to TightVNC", HFILL }
3633 },
3634 { &hf_vnc_tight_auth_code,
3635 { "Authentication code", "vnc.tight_auth_code",
3636 FT_UINT32, BASE_DEC, VALS(vnc_security_types_vs), 0x0,
3637 "Authentication code specific to TightVNC", HFILL }
3638 },
3639 { &hf_vnc_tight_server_message_type,
3640 { "Server message type (TightVNC)", "vnc.tight_server_message_type",
3641 FT_INT32, BASE_DEC, NULL, 0x0,
3642 "Server message type specific to TightVNC", HFILL }
3643 },
3644 { &hf_vnc_tight_server_vendor,
3645 { "Server vendor code", "vnc.server_vendor",
3646 FT_STRING, BASE_NONE, NULL, 0x0,
3647 "Server vendor code specific to TightVNC", HFILL }
3648 },
3649 { &hf_vnc_tight_signature,
3650 { "Signature", "vnc.signature",
3651 FT_STRING, BASE_NONE, NULL, 0x0,
3652 NULL, HFILL }
3653 },
3654 { &hf_vnc_tight_server_name,
3655 { "Server name", "vnc.server_name",
3656 FT_STRING, BASE_NONE, NULL, 0x0,
3657 "Server name specific to TightVNC", HFILL }
3658 },
3659 { &hf_vnc_tight_client_message_type,
3660 { "Client message type (TightVNC)", "vnc.tight_client_message_type",
3661 FT_INT32, BASE_DEC, NULL, 0x0,
3662 "Client message type specific to TightVNC", HFILL }
3663 },
3664 { &hf_vnc_tight_client_vendor,
3665 { "Client vendor code", "vnc.client_vendor",
3666 FT_STRING, BASE_NONE, NULL, 0x0,
3667 "Client vendor code specific to TightVNC", HFILL }
3668 },
3669 { &hf_vnc_tight_client_name,
3670 { "Client name", "vnc.client_name",
3671 FT_STRING, BASE_NONE, NULL, 0x0,
3672 "Client name specific to TightVNC", HFILL }
3673 },
3674 { &hf_vnc_tight_encoding_type,
3675 { "Encoding type", "vnc.encoding_type",
3676 FT_INT32, BASE_DEC, VALS(encoding_types_vs), 0x0,
3677 "Encoding type specific to TightVNC", HFILL }
3678 },
3679 { &hf_vnc_tight_encoding_vendor,
3680 { "Encoding vendor code", "vnc.encoding_vendor",
3681 FT_STRING, BASE_NONE, NULL, 0x0,
3682 "Encoding vendor code specific to TightVNC", HFILL }
3683 },
3684 { &hf_vnc_tight_encoding_name,
3685 { "Encoding name", "vnc.encoding_name",
3686 FT_STRING, BASE_NONE, NULL, 0x0,
3687 "Encoding name specific to TightVNC", HFILL }
3688 },
3689 { &hf_vnc_tight_reset_stream0,
3690 { "Reset compression stream 0", "vnc.tight_reset_stream0",
3691 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3692 "Tight compression, reset compression stream 0", HFILL }
3693 },
3694 { &hf_vnc_tight_reset_stream1,
3695 { "Reset compression stream 1", "vnc.tight_reset_stream1",
3696 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3697 "Tight compression, reset compression stream 1", HFILL }
3698 },
3699 { &hf_vnc_tight_reset_stream2,
3700 { "Reset compression stream 2", "vnc.tight_reset_stream2",
3701 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3702 "Tight compression, reset compression stream 2", HFILL }
3703 },
3704 { &hf_vnc_tight_reset_stream3,
3705 { "Reset compression stream 3", "vnc.tight_reset_stream3",
3706 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3707 "Tight compression, reset compression stream 3", HFILL }
3708 },
3709 { &hf_vnc_tight_rect_type,
3710 { "Rectangle type", "vnc.tight_rect_type",
3711 FT_UINT8, BASE_HEX, NULL, 0x0,
3712 "Tight compression, rectangle type", HFILL }
3713 },
3714 { &hf_vnc_tight_image_len,
3715 { "Image data length", "vnc.tight_image_len",
3716 FT_UINT32, BASE_DEC, NULL, 0x0,
3717 "Tight compression, length of image data", HFILL }
3718 },
3719 { &hf_vnc_tight_image_data,
3720 { "Image data", "vnc.tight_image_data",
3721 FT_BYTES, BASE_NONE, NULL, 0x0,
3722 "Tight compression, image data", HFILL }
3723 },
3724 { &hf_vnc_tight_fill_color,
3725 { "Fill color (RGB)", "vnc.tight_fill_color",
3726 FT_BYTES, BASE_NONE, NULL, 0x0,
3727 "Tight compression, fill color for solid rectangle", HFILL }
3728 },
3729 { &hf_vnc_tight_filter_flag,
3730 { "Explicit filter flag", "vnc.tight_filter_flag",
3731 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3732 "Tight compression, explicit filter flag", HFILL }
3733 },
3734 { &hf_vnc_tight_filter_id,
3735 { "Filter ID", "vnc.tight_filter_id",
3736 FT_UINT8, BASE_DEC, VALS(tight_filter_ids_vs), 0x0,
3737 "Tight compression, filter ID", HFILL }
3738 },
3739 { &hf_vnc_tight_palette_num_colors,
3740 { "Number of colors in palette", "vnc.tight_palette_num_colors",
3741 FT_UINT8, BASE_DEC, NULL, 0x0,
3742 "Tight compression, number of colors in rectangle's palette", HFILL }
3743 },
3744 { &hf_vnc_tight_palette_data,
3745 { "Palette data", "vnc.tight_palette_data",
3746 FT_BYTES, BASE_NONE, NULL, 0x0,
3747 "Tight compression, palette data for a rectangle", HFILL }
3748 },
3749 { &hf_vnc_auth_challenge,
3750 { "Authentication challenge", "vnc.auth_challenge",
3751 FT_BYTES, BASE_NONE, NULL, 0x0,
3752 "Random authentication challenge from server to client", HFILL }
3753 },
3754 { &hf_vnc_auth_response,
3755 { "Authentication response", "vnc.auth_response",
3756 FT_BYTES, BASE_NONE, NULL, 0x0,
3757 "Client's encrypted response to the server's authentication challenge", HFILL }
3758 },
3759 { &hf_vnc_auth_result,
3760 { "Authentication result", "vnc.auth_result",
3761 FT_BOOLEAN, 32, TFS(&auth_result_tfs), 0x1,
3762 NULL, HFILL }
3763 },
3764 { &hf_vnc_auth_error_length,
3765 { "Length of authentication error", "vnc.auth_error_len",
3766 FT_UINT32, BASE_DEC, NULL, 0x0,
3767 "Authentication error length (present only if the authentication result is fail", HFILL }
3768 },
3769 { &hf_vnc_auth_error,
3770 { "Authentication error", "vnc.auth_error",
3771 FT_STRING, BASE_NONE, NULL, 0x0,
3772 "Authentication error (present only if the authentication result is fail", HFILL }
3773 },
3774 { &hf_vnc_ard_auth_generator,
3775 { "Generator", "vnc.ard_auth_generator",
3776 FT_UINT16, BASE_DEC, NULL, 0x0,
3777 "Generator for Diffie-Hellman key exchange", HFILL }
3778 },
3779 { &hf_vnc_ard_auth_key_len,
3780 { "Key length", "vnc.ard_auth_key_len",
3781 FT_UINT16, BASE_DEC, NULL, 0x0,
3782 "Diffie-Hellman key length", HFILL }
3783 },
3784 { &hf_vnc_ard_auth_modulus,
3785 { "Prime modulus", "vnc.ard_auth_modulus",
3786 FT_BYTES, BASE_NONE, NULL, 0x0,
3787 "Prime modulus for Diffie-Hellman key exchange", HFILL }
3788 },
3789 { &hf_vnc_ard_auth_server_key,
3790 { "Server public key", "vnc.ard_auth_server_key",
3791 FT_BYTES, BASE_NONE, NULL, 0x0,
3792 "Server's public Diffie-Hellman key", HFILL }
3793 },
3794 { &hf_vnc_ard_auth_credentials,
3795 { "Encrypted credentials", "vnc.ard_auth_credentials",
3796 FT_BYTES, BASE_NONE, NULL, 0x0,
3797 "Encrypted client username and password", HFILL }
3798 },
3799 { &hf_vnc_ard_auth_client_key,
3800 { "Client public key", "vnc.ard_auth_client_key",
3801 FT_BYTES, BASE_NONE, NULL, 0x0,
3802 "Client's public Diffie-Hellman key", HFILL }
3803 },
3804 { &hf_vnc_vencrypt_server_major_ver,
3805 { "VeNCrypt server major version", "vnc.vencrypt_server_major_ver",
3806 FT_UINT8, BASE_DEC, NULL, 0x0,
3807 NULL, HFILL }
3808 },
3809 { &hf_vnc_vencrypt_server_minor_ver,
3810 { "VeNCrypt server minor version", "vnc.vencrypt_server_minor_ver",
3811 FT_UINT8, BASE_DEC, NULL, 0x0,
3812 NULL, HFILL }
3813 },
3814 { &hf_vnc_vencrypt_client_major_ver,
3815 { "VeNCrypt client major version", "vnc.vencrypt_client_major_ver",
3816 FT_UINT8, BASE_DEC, NULL, 0x0,
3817 NULL, HFILL }
3818 },
3819 { &hf_vnc_vencrypt_client_minor_ver,
3820 { "VeNCrypt client minor version", "vnc.vencrypt_client_minor_ver",
3821 FT_UINT8, BASE_DEC, NULL, 0x0,
3822 NULL, HFILL }
3823 },
3824 { &hf_vnc_vencrypt_version_ack,
3825 { "VeNCrypt version ack", "vnc.vencrypt_version_ack",
3826 FT_BOOLEAN, 8, TFS(&tfs_error_ok), 0xFF,
3827 NULL, HFILL }
3828 },
3829 { &hf_vnc_vencrypt_auth_type,
3830 { "VeNCrypt authentication type", "vnc.vencrypt_auth_type",
3831 FT_UINT32, BASE_DEC, VALS(vnc_vencrypt_auth_types_vs), 0x0,
3832 "Authentication type specific to VeNCrypt", HFILL }
3833 },
3834 { &hf_vnc_vencrypt_num_auth_types,
3835 { "VeNCrypt Number of supported authentication types", "vnc.vencrypt_num_auth_types",
3836 FT_UINT32, BASE_DEC, NULL, 0x0,
3837 NULL, HFILL }
3838 },
3839 { &hf_vnc_vencrypt_auth_type_ack,
3840 { "VeNCrypt Authorization type ack", "vnc.vencrypt_auth_type_ack",
3841 FT_BOOLEAN, 8, TFS(&tfs_ok_error), 0xFF,
3842 NULL, HFILL }
3843 },
3844 { &hf_vnc_share_desktop_flag,
3845 { "Share desktop flag", "vnc.share_desktop_flag",
3846 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3847 "Client's desire to share the server's desktop with other clients", HFILL }
3848 },
3849 { &hf_vnc_width,
3850 { "Framebuffer width", "vnc.width",
3851 FT_UINT16, BASE_DEC, NULL, 0x0,
3852 "Width of the framebuffer (screen) in pixels", HFILL }
3853 },
3854 { &hf_vnc_height,
3855 { "Framebuffer height", "vnc.height",
3856 FT_UINT16, BASE_DEC, NULL, 0x0,
3857 "Height of the framebuffer (screen) in pixels", HFILL }
3858 },
3859 { &hf_vnc_server_bits_per_pixel,
3860 { "Bits per pixel", "vnc.server_bits_per_pixel",
3861 FT_UINT8, BASE_DEC, NULL, 0x0,
3862 "Number of bits used by server for each pixel value on the wire from the server", HFILL }
3863 },
3864 { &hf_vnc_server_depth,
3865 { "Depth", "vnc.server_depth",
3866 FT_UINT8, BASE_DEC, NULL, 0x0,
3867 "Number of useful bits in the pixel value on server", HFILL }
3868 },
3869 { &hf_vnc_server_big_endian_flag,
3870 { "Big endian flag", "vnc.server_big_endian_flag",
3871 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3872 "True if multi-byte pixels are interpreted as big endian by server", HFILL }
3873 },
3874 { &hf_vnc_server_true_color_flag,
3875 { "True color flag", "vnc.server_true_color_flag",
3876 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3877 "If true, then the next six items specify how to extract the red, green and blue intensities from the pixel value on the server.", HFILL }
3878 },
3879 { &hf_vnc_server_red_max,
3880 { "Red maximum", "vnc.server_red_max",
3881 FT_UINT16, BASE_DEC, NULL, 0x0,
3882 "Maximum red value on server as n: 2^n - 1", HFILL }
3883 },
3884 { &hf_vnc_server_green_max,
3885 { "Green maximum", "vnc.server_green_max",
3886 FT_UINT16, BASE_DEC, NULL, 0x0,
3887 "Maximum green value on server as n: 2^n - 1", HFILL }
3888 },
3889 { &hf_vnc_server_blue_max,
3890 { "Blue maximum", "vnc.server_blue_max",
3891 FT_UINT16, BASE_DEC, NULL, 0x0,
3892 "Maximum blue value on server as n: 2^n - 1", HFILL }
3893 },
3894 { &hf_vnc_server_red_shift,
3895 { "Red shift", "vnc.server_red_shift",
3896 FT_UINT8, BASE_DEC, NULL, 0x0,
3897 "Number of shifts needed to get the red value in a pixel to the least significant bit on the server", HFILL }
3898 },
3899 { &hf_vnc_server_green_shift,
3900 { "Green shift", "vnc.server_green_shift",
3901 FT_UINT8, BASE_DEC, NULL, 0x0,
3902 "Number of shifts needed to get the green value in a pixel to the least significant bit on the server", HFILL }
3903 },
3904 { &hf_vnc_server_blue_shift,
3905 { "Blue shift", "vnc.server_blue_shift",
3906 FT_UINT8, BASE_DEC, NULL, 0x0,
3907 "Number of shifts needed to get the blue value in a pixel to the least significant bit on the server", HFILL }
3908 },
3909 { &hf_vnc_desktop_name_len,
3910 { "Desktop name length", "vnc.desktop_name_len",
3911 FT_UINT32, BASE_DEC, NULL, 0x0,
3912 "Length of desktop name in bytes", HFILL }
3913 },
3914 { &hf_vnc_desktop_screen_num,
3915 { "Number of screens", "vnc.screen_num",
3916 FT_UINT8, BASE_DEC, NULL, 0x0,
3917 NULL, HFILL }
3918 },
3919 { &hf_vnc_desktop_screen_id,
3920 { "Screen ID", "vnc.screen_id",
3921 FT_UINT32, BASE_DEC, NULL, 0x0,
3922 "ID of screen", HFILL }
3923 },
3924 { &hf_vnc_desktop_screen_x,
3925 { "Screen X position", "vnc.screen_x",
3926 FT_UINT16, BASE_DEC, NULL, 0x0,
3927 "X coordinate of screen", HFILL }
3928 },
3929 { &hf_vnc_desktop_screen_y,
3930 { "Screen Y position", "vnc.screen_y",
3931 FT_UINT16, BASE_DEC, NULL, 0x0,
3932 "Y coordinate of screen", HFILL }
3933 },
3934 { &hf_vnc_desktop_screen_width,
3935 { "Screen width", "vnc.screen_width",
3936 FT_UINT16, BASE_DEC, NULL, 0x0,
3937 "Width of screen", HFILL }
3938 },
3939 { &hf_vnc_desktop_screen_height,
3940 { "Screen height", "vnc.screen_height",
3941 FT_UINT16, BASE_DEC, NULL, 0x0,
3942 "Height of screen", HFILL }
3943 },
3944 { &hf_vnc_desktop_screen_flags,
3945 { "Screen flags", "vnc.screen_flags",
3946 FT_UINT32, BASE_DEC, NULL, 0x0,
3947 "Flags of screen", HFILL }
3948 },
3949 { &hf_vnc_desktop_name,
3950 { "Desktop name", "vnc.desktop_name",
3951 FT_STRING, BASE_NONE, NULL, 0x0,
3952 "Name of the VNC desktop on the server", HFILL }
3953 },
3954 { &hf_vnc_num_server_message_types,
3955 { "Server message types", "vnc.num_server_message_types",
3956 FT_UINT16, BASE_DEC, NULL, 0x0,
3957 "Unknown", HFILL } /* XXX - Needs description */
3958 },
3959 { &hf_vnc_num_client_message_types,
3960 { "Client message types", "vnc.num_client_message_types",
3961 FT_UINT16, BASE_DEC, NULL, 0x0,
3962 "Unknown", HFILL } /* XXX - Needs description */
3963 },
3964 { &hf_vnc_num_encoding_types,
3965 { "Encoding types", "vnc.num_encoding_types",
3966 FT_UINT16, BASE_DEC, NULL, 0x0,
3967 "Unknown", HFILL } /* XXX - Needs description */
3968 },
3969 { &hf_vnc_client_message_type,
3970 { "Client Message Type", "vnc.client_message_type",
3971 FT_UINT8, BASE_DEC, VALS(vnc_client_message_types_vs), 0x0,
3972 "Message type from client", HFILL }
3973 },
3974 { &hf_vnc_client_bits_per_pixel,
3975 { "Bits per pixel", "vnc.client_bits_per_pixel",
3976 FT_UINT8, BASE_DEC, NULL, 0x0,
3977 "Number of bits used by server for each pixel value on the wire from the client", HFILL }
3978 },
3979 { &hf_vnc_client_depth,
3980 { "Depth", "vnc.client_depth",
3981 FT_UINT8, BASE_DEC, NULL, 0x0,
3982 "Number of useful bits in the pixel value on client", HFILL }
3983 },
3984 { &hf_vnc_client_big_endian_flag,
3985 { "Big endian flag", "vnc.client_big_endian_flag",
3986 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3987 "True if multi-byte pixels are interpreted as big endian by client", HFILL }
3988 },
3989 { &hf_vnc_client_true_color_flag,
3990 { "True color flag", "vnc.client_true_color_flag",
3991 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
3992 "If true, then the next six items specify how to extract the red, green and blue intensities from the pixel value on the client.", HFILL }
3993 },
3994 { &hf_vnc_client_red_max,
3995 { "Red maximum", "vnc.client_red_max",
3996 FT_UINT16, BASE_DEC, NULL, 0x0,
3997 "Maximum red value on client as n: 2^n - 1", HFILL }
3998 },
3999 { &hf_vnc_client_green_max,
4000 { "Green maximum", "vnc.client_green_max",
4001 FT_UINT16, BASE_DEC, NULL, 0x0,
4002 "Maximum green value on client as n: 2^n - 1", HFILL }
4003 },
4004 { &hf_vnc_client_blue_max,
4005 { "Blue maximum", "vnc.client_blue_max",
4006 FT_UINT16, BASE_DEC, NULL, 0x0,
4007 "Maximum blue value on client as n: 2^n - 1", HFILL }
4008 },
4009 { &hf_vnc_client_red_shift,
4010 { "Red shift", "vnc.client_red_shift",
4011 FT_UINT8, BASE_DEC, NULL, 0x0,
4012 "Number of shifts needed to get the red value in a pixel to the least significant bit on the client", HFILL }
4013 },
4014 { &hf_vnc_client_green_shift,
4015 { "Green shift", "vnc.client_green_shift",
4016 FT_UINT8, BASE_DEC, NULL, 0x0,
4017 "Number of shifts needed to get the green value in a pixel to the least significant bit on the client", HFILL }
4018 },
4019 { &hf_vnc_client_blue_shift,
4020 { "Blue shift", "vnc.client_blue_shift",
4021 FT_UINT8, BASE_DEC, NULL, 0x0,
4022 "Number of shifts needed to get the blue value in a pixel to the least significant bit on the client", HFILL }
4023 },
4024
4025 /* Client Key Event */
4026 { &hf_vnc_key_down,
4027 { "Key down", "vnc.key_down",
4028 FT_BOOLEAN, BASE_NONE, TFS(&tfs_yes_no), 0x0,
4029 "Specifies whether the key is being pressed or not", HFILL }
4030 },
4031 { &hf_vnc_key,
4032 { "Key", "vnc.key",
4033 FT_UINT32, BASE_HEX | BASE_EXT_STRING, &x11_keysym_vals_source_ext, 0x0, /* keysym_vals_source_exr is from packet-x11.c */
4034 "Key being pressed/depressed", HFILL }
4035 },
4036
4037 /* Client Pointer Event */
4038 { &hf_vnc_button_1_pos,
4039 { "Mouse button #1 position", "vnc.button_1_pos",
4040 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x1,
4041 "Whether mouse button #1 is being pressed or not", HFILL }
4042 },
4043 { &hf_vnc_button_2_pos,
4044 { "Mouse button #2 position", "vnc.button_2_pos",
4045 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x2,
4046 "Whether mouse button #2 is being pressed or not", HFILL }
4047 },
4048 { &hf_vnc_button_3_pos,
4049 { "Mouse button #3 position", "vnc.button_3_pos",
4050 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x4,
4051 "Whether mouse button #3 is being pressed or not", HFILL }
4052 },
4053 { &hf_vnc_button_4_pos,
4054 { "Mouse button #4 position", "vnc.button_4_pos",
4055 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x8,
4056 "Whether mouse button #4 is being pressed or not", HFILL }
4057 },
4058 { &hf_vnc_button_5_pos,
4059 { "Mouse button #5 position", "vnc.button_5_pos",
4060 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x10,
4061 "Whether mouse button #5 is being pressed or not", HFILL }
4062 },
4063 { &hf_vnc_button_6_pos,
4064 { "Mouse button #6 position", "vnc.button_6_pos",
4065 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x20,
4066 "Whether mouse button #6 is being pressed or not", HFILL }
4067 },
4068 { &hf_vnc_button_7_pos,
4069 { "Mouse button #7 position", "vnc.button_7_pos",
4070 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x40,
4071 "Whether mouse button #7 is being pressed or not", HFILL }
4072 },
4073 { &hf_vnc_button_8_pos,
4074 { "Mouse button #8 position", "vnc.button_8_pos",
4075 FT_BOOLEAN, 8, TFS(&tfs_pressed_not_pressed), 0x80,
4076 "Whether mouse button #8 is being pressed or not", HFILL }
4077 },
4078 { &hf_vnc_pointer_x_pos,
4079 { "X position", "vnc.pointer_x_pos",
4080 FT_UINT16, BASE_DEC, NULL, 0x0,
4081 "Position of mouse cursor on the x-axis", HFILL }
4082 },
4083 { &hf_vnc_pointer_y_pos,
4084 { "Y position", "vnc.pointer_y_pos",
4085 FT_UINT16, BASE_DEC, NULL, 0x0,
4086 "Position of mouse cursor on the y-axis", HFILL }
4087 },
4088 { &hf_vnc_encoding_num,
4089 { "Number of encodings", "vnc.client_set_encodings_num",
4090 FT_UINT16, BASE_DEC, NULL, 0x0,
4091 "Number of encodings used to send pixel data from server to client", HFILL }
4092 },
4093 { &hf_vnc_client_set_encodings_encoding_type,
4094 { "Encoding type", "vnc.client_set_encodings_encoding_type",
4095 FT_INT32, BASE_DEC, VALS(encoding_types_vs), 0x0,
4096 "Type of encoding used to send pixel data from server to client", HFILL }
4097 },
4098
4099 /* Client Framebuffer Update Request */
4100 { &hf_vnc_update_req_incremental,
4101 { "Incremental update", "vnc.update_req_incremental",
4102 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
4103 "Specifies if the client wants an incremental update instead of a full one", HFILL }
4104 },
4105 { &hf_vnc_update_req_x_pos,
4106 { "X position", "vnc.update_req_x_pos",
4107 FT_UINT16, BASE_DEC, NULL, 0x0,
4108 "X position of framebuffer (screen) update requested", HFILL }
4109 },
4110 { &hf_vnc_update_req_y_pos,
4111 { "Y position", "vnc.update_req_y_pos",
4112 FT_UINT16, BASE_DEC, NULL, 0x0,
4113 "Y position of framebuffer (screen) update request", HFILL }
4114 },
4115 { &hf_vnc_update_req_width,
4116 { "Width", "vnc.update_req_width",
4117 FT_UINT16, BASE_DEC, NULL, 0x0,
4118 "Width of framebuffer (screen) update request", HFILL }
4119 },
4120 { &hf_vnc_update_req_height,
4121 { "Height", "vnc.update_req_height",
4122 FT_UINT16, BASE_DEC, NULL, 0x0,
4123 "Height of framebuffer (screen) update request", HFILL }
4124 },
4125 { &hf_vnc_client_cut_text_len,
4126 { "Length", "vnc.client_cut_text_len",
4127 FT_UINT32, BASE_DEC, NULL, 0x0,
4128 "Length of client's copy/cut text (clipboard) string in bytes", HFILL }
4129 },
4130 { &hf_vnc_client_cut_text,
4131 { "Text", "vnc.client_cut_text",
4132 FT_STRING, BASE_NONE, NULL, 0x0,
4133 "Text string in the client's copy/cut text (clipboard)", HFILL }
4134 },
4135
4136
4137 /********** Server Message Types **********/
4138 { &hf_vnc_server_message_type,
4139 { "Server Message Type", "vnc.server_message_type",
4140 FT_UINT8, BASE_DEC, VALS(vnc_server_message_types_vs), 0x0,
4141 "Message type from server", HFILL }
4142 },
4143
4144 { &hf_vnc_rectangle_num,
4145 { "Number of rectangles", "vnc.fb_update_num_rects",
4146 FT_UINT16, BASE_DEC, NULL, 0x0,
4147 "Number of rectangles of this server framebuffer update", HFILL }
4148 },
4149
4150 { &hf_vnc_fb_update_x_pos,
4151 { "X position", "vnc.fb_update_x_pos",
4152 FT_UINT16, BASE_DEC, NULL, 0x0,
4153 "X position of this server framebuffer update", HFILL }
4154 },
4155
4156 { &hf_vnc_fb_update_y_pos,
4157 { "Y position", "vnc.fb_update_y_pos",
4158 FT_UINT16, BASE_DEC, NULL, 0x0,
4159 "Y position of this server framebuffer update", HFILL }
4160 },
4161
4162 { &hf_vnc_fb_update_width,
4163 { "Width", "vnc.fb_update_width",
4164 FT_UINT16, BASE_DEC, NULL, 0x0,
4165 "Width of this server framebuffer update", HFILL }
4166 },
4167
4168 { &hf_vnc_fb_update_height,
4169 { "Height", "vnc.fb_update_height",
4170 FT_UINT16, BASE_DEC, NULL, 0x0,
4171 "Height of this server framebuffer update", HFILL }
4172 },
4173
4174 { &hf_vnc_fb_update_encoding_type,
4175 { "Encoding type", "vnc.fb_update_encoding_type",
4176 FT_INT32, BASE_DEC, VALS(encoding_types_vs), 0x0,
4177 "Encoding type of this server framebuffer update", HFILL }
4178 },
4179
4180 /* Cursor encoding */
4181 { &hf_vnc_cursor_x_fore_back,
4182 { "X Cursor foreground RGB / background RGB", "vnc.cursor_x_fore_back",
4183 FT_BYTES, BASE_NONE, NULL, 0x0,
4184 "RGB values for the X cursor's foreground and background", HFILL }
4185 },
4186
4187 { &hf_vnc_cursor_encoding_pixels,
4188 { "Cursor encoding pixels", "vnc.cursor_encoding_pixels",
4189 FT_BYTES, BASE_NONE, NULL, 0x0,
4190 "Cursor encoding pixel data", HFILL }
4191 },
4192
4193 { &hf_vnc_cursor_encoding_bitmask,
4194 { "Cursor encoding bitmask", "vnc.cursor_encoding_bitmask",
4195 FT_BYTES, BASE_NONE, NULL, 0x0,
4196 "Cursor encoding pixel bitmask", HFILL }
4197 },
4198
4199 /* Raw Encoding */
4200 { &hf_vnc_raw_pixel_data,
4201 { "Pixel data", "vnc.raw_pixel_data",
4202 FT_BYTES, BASE_NONE, NULL, 0x0,
4203 "Raw pixel data.", HFILL }
4204 },
4205
4206 /* CopyRect Encoding*/
4207 { &hf_vnc_copyrect_src_x_pos,
4208 { "Source x position", "vnc.copyrect_src_x_pos",
4209 FT_UINT16, BASE_DEC, NULL, 0x0,
4210 "X position of the rectangle to copy from", HFILL }
4211 },
4212
4213 { &hf_vnc_copyrect_src_y_pos,
4214 { "Source y position", "vnc.copyrect_src_y_pos",
4215 FT_UINT16, BASE_DEC, NULL, 0x0,
4216 "Y position of the rectangle to copy from", HFILL }
4217 },
4218
4219 /* RRE Encoding */
4220 { &hf_vnc_rre_num_subrects,
4221 { "Number of subrectangles", "vnc.rre_num_subrects",
4222 FT_UINT32, BASE_DEC, NULL, 0x0,
4223 "Number of subrectangles contained in this encoding type", HFILL }
4224 },
4225
4226 { &hf_vnc_rre_bg_pixel,
4227 { "Background pixel value", "vnc.rre_bg_pixel",
4228 FT_BYTES, BASE_NONE, NULL, 0x0,
4229 NULL, HFILL }
4230 },
4231
4232 { &hf_vnc_rre_subrect_pixel,
4233 { "Pixel value", "vnc.rre_subrect_pixel",
4234 FT_BYTES, BASE_NONE, NULL, 0x0,
4235 "Subrectangle pixel value", HFILL }
4236 },
4237
4238 { &hf_vnc_rre_subrect_x_pos,
4239 { "X position", "vnc.rre_subrect_x_pos",
4240 FT_UINT16, BASE_DEC, NULL, 0x0,
4241 "Position of this subrectangle on the x axis", HFILL }
4242 },
4243
4244 { &hf_vnc_rre_subrect_y_pos,
4245 { "Y position", "vnc.rre_subrect_y_pos",
4246 FT_UINT16, BASE_DEC, NULL, 0x0,
4247 "Position of this subrectangle on the y axis", HFILL }
4248 },
4249
4250 { &hf_vnc_rre_subrect_width,
4251 { "Width", "vnc.rre_subrect_width",
4252 FT_UINT16, BASE_DEC, NULL, 0x0,
4253 "Width of this subrectangle", HFILL }
4254 },
4255
4256 { &hf_vnc_rre_subrect_height,
4257 { "Height", "vnc.rre_subrect_height",
4258 FT_UINT16, BASE_DEC, NULL, 0x0,
4259 "Height of this subrectangle", HFILL }
4260 },
4261
4262
4263 /* Hextile Encoding */
4264 { &hf_vnc_hextile_subencoding_mask,
4265 { "Subencoding type", "vnc.hextile_subencoding",
4266 FT_UINT8, BASE_DEC, NULL, 0x0,
4267 "Hextile subencoding type.", HFILL }
4268 },
4269
4270 { &hf_vnc_hextile_raw,
4271 { "Raw", "vnc.hextile_raw",
4272 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x1,
4273 "Raw subencoding is used in this tile", HFILL }
4274 },
4275
4276 { &hf_vnc_hextile_raw_value,
4277 { "Raw pixel values", "vnc.hextile_raw_value",
4278 FT_BYTES, BASE_NONE, NULL, 0x0,
4279 "Raw subencoding pixel values", HFILL }
4280 },
4281
4282 { &hf_vnc_hextile_bg,
4283 { "Background Specified", "vnc.hextile_bg",
4284 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x2,
4285 "Background Specified subencoding is used in this tile", HFILL }
4286 },
4287
4288 { &hf_vnc_hextile_bg_value,
4289 { "Background pixel value", "vnc.hextile_bg_value",
4290 FT_BYTES, BASE_NONE, NULL, 0x0,
4291 "Background color for this tile", HFILL }
4292 },
4293
4294 { &hf_vnc_hextile_fg,
4295 { "Foreground Specified", "vnc.hextile_fg",
4296 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x4,
4297 "Foreground Specified subencoding is used in this tile", HFILL }
4298 },
4299
4300 { &hf_vnc_hextile_fg_value,
4301 { "Foreground pixel value", "vnc.hextile_fg_value",
4302 FT_BYTES, BASE_NONE, NULL, 0x0,
4303 "Foreground color for this tile", HFILL }
4304 },
4305
4306 { &hf_vnc_hextile_anysubrects,
4307 { "Any Subrects", "vnc.hextile_anysubrects",
4308 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x8,
4309 "Any subrects subencoding is used in this tile", HFILL }
4310 },
4311
4312 { &hf_vnc_hextile_num_subrects,
4313 { "Number of subrectangles", "vnc.hextile_num_subrects",
4314 FT_UINT8, BASE_DEC, NULL, 0x0,
4315 "Number of subrectangles that follow", HFILL }
4316 },
4317
4318 { &hf_vnc_hextile_subrectscolored,
4319 { "Subrects Colored", "vnc.hextile_subrectscolored",
4320 FT_BOOLEAN, 8, TFS(&tfs_yes_no), 0x10,
4321 "Subrects colored subencoding is used in this tile", HFILL }
4322 },
4323
4324 { &hf_vnc_hextile_subrect_pixel_value,
4325 { "Pixel value", "vnc.hextile_subrect_pixel_value",
4326 FT_BYTES, BASE_NONE, NULL, 0x0,
4327 "Pixel value of this subrectangle", HFILL }
4328 },
4329
4330 { &hf_vnc_hextile_subrect_x_pos,
4331 { "X position", "vnc.hextile_subrect_x_pos",
4332 FT_UINT8, BASE_DEC, NULL, 0xF0, /* Top 4 bits */
4333 "X position of this subrectangle", HFILL }
4334 },
4335
4336 { &hf_vnc_hextile_subrect_y_pos,
4337 { "Y position", "vnc.hextile_subrect_y_pos",
4338 FT_UINT8, BASE_DEC, NULL, 0xF, /* Bottom 4 bits */
4339 "Y position of this subrectangle", HFILL }
4340 },
4341
4342 { &hf_vnc_hextile_subrect_width,
4343 { "Width", "vnc.hextile_subrect_width",
4344 FT_UINT8, BASE_DEC, NULL, 0xF0, /* Top 4 bits */
4345 "Subrectangle width minus one", HFILL }
4346 },
4347
4348 { &hf_vnc_hextile_subrect_height,
4349 { "Height", "vnc.hextile_subrect_height",
4350 FT_UINT8, BASE_DEC, NULL, 0xF, /* Bottom 4 bits */
4351 "Subrectangle height minus one", HFILL }
4352 },
4353
4354
4355 /* ZRLE Encoding */
4356 { &hf_vnc_zrle_len,
4357 { "ZRLE compressed length", "vnc.zrle_len",
4358 FT_UINT32, BASE_DEC, NULL, 0x0,
4359 "Length of compressed ZRLE data that follows", HFILL }
4360 },
4361
4362 { &hf_vnc_zrle_subencoding,
4363 { "Subencoding type", "vnc.zrle_subencoding",
4364 FT_UINT8, BASE_DEC, NULL, 0x0,
4365 "Subencoding type byte", HFILL }
4366 },
4367
4368 { &hf_vnc_zrle_rle,
4369 { "RLE", "vnc.zrle_rle",
4370 FT_UINT8, BASE_DEC, VALS(yes_no_vs), 0x80, /* Upper bit */
4371 "Specifies that data is run-length encoded", HFILL }
4372 },
4373
4374 { &hf_vnc_zrle_palette_size,
4375 { "Palette size", "vnc.zrle_palette_size",
4376 FT_UINT8, BASE_DEC, NULL, 0x7F, /* Lower 7 bits */
4377 NULL, HFILL }
4378 },
4379
4380 { &hf_vnc_zrle_data,
4381 { "ZRLE compressed data", "vnc.zrle_data",
4382 FT_BYTES, BASE_NONE, NULL, 0x0,
4383 "Compressed ZRLE data. Compiling with zlib support will uncompress and dissect this data", HFILL }
4384 },
4385
4386 { &hf_vnc_zrle_raw,
4387 { "Pixel values", "vnc.zrle_raw",
4388 FT_BYTES, BASE_NONE, NULL, 0x0,
4389 "Raw pixel values for this tile", HFILL }
4390 },
4391
4392 { &hf_vnc_zrle_palette,
4393 { "Palette", "vnc.zrle_palette",
4394 FT_BYTES, BASE_NONE, NULL, 0x0,
4395 "Palette pixel values", HFILL }
4396 },
4397
4398 /* Server Set Colormap Entries */
4399 { &hf_vnc_colormap_first_color,
4400 { "First color", "vnc.colormap_first_color",
4401 FT_UINT16, BASE_DEC, NULL, 0x0,
4402 "First color that should be mapped to given RGB intensities", HFILL }
4403 },
4404
4405 { &hf_vnc_color_groups,
4406 { "Color groups", "vnc.color_groups",
4407 FT_NONE, BASE_NONE, NULL, 0x0,
4408 NULL, HFILL }
4409 },
4410
4411 { &hf_vnc_colormap_num_colors,
4412 { "Number of color groups", "vnc.colormap_groups",
4413 FT_UINT16, BASE_DEC, NULL, 0x0,
4414 "Number of red/green/blue color groups", HFILL }
4415 },
4416 { &hf_vnc_colormap_red,
4417 { "Red", "vnc.colormap_red",
4418 FT_UINT16, BASE_DEC, NULL, 0x0,
4419 "Red intensity", HFILL }
4420 },
4421 { &hf_vnc_colormap_green,
4422 { "Green", "vnc.colormap_green",
4423 FT_UINT16, BASE_DEC, NULL, 0x0,
4424 "Green intensity", HFILL }
4425 },
4426 { &hf_vnc_colormap_blue,
4427 { "Blue", "vnc.colormap_blue",
4428 FT_UINT16, BASE_DEC, NULL, 0x0,
4429 "Blue intensity", HFILL }
4430 },
4431
4432 /* Server Cut Text */
4433 { &hf_vnc_server_cut_text_len,
4434 { "Length", "vnc.server_cut_text_len",
4435 FT_UINT32, BASE_DEC, NULL, 0x0,
4436 "Length of server's copy/cut text (clipboard) string in bytes", HFILL }
4437 },
4438 { &hf_vnc_server_cut_text,
4439 { "Text", "vnc.server_cut_text",
4440 FT_STRING, BASE_NONE, NULL, 0x0,
4441 "Text string in the server's copy/cut text (clipboard)", HFILL }
4442 },
4443
4444 /* LibVNCServer additions */
4445 { &hf_vnc_supported_messages_client2server,
4446 { "Client2server", "vnc.supported_messages_client2server",
4447 FT_BYTES, BASE_NONE, NULL, 0x0,
4448 "Supported client to server messages (bit flags)", HFILL }
4449 },
4450 { &hf_vnc_supported_messages_server2client,
4451 { "Server2client", "vnc.supported_messages_server2client",
4452 FT_BYTES, BASE_NONE, NULL, 0x0,
4453 "Supported server to client messages (bit flags)", HFILL }
4454 },
4455 { &hf_vnc_num_supported_encodings,
4456 { "Number of supported encodings", "vnc.num_supported_encodings",
4457 FT_UINT16, BASE_DEC, NULL, 0x0,
4458 NULL, HFILL }
4459 },
4460 { &hf_vnc_supported_encodings,
4461 { "Encoding", "vnc.supported_encodings",
4462 FT_UINT32, BASE_HEX, NULL, 0x0,
4463 "Supported encoding", HFILL }
4464 },
4465 { &hf_vnc_server_identity,
4466 { "Server Identity", "vnc.server_identity",
4467 FT_STRING, BASE_NONE, NULL, 0x0,
4468 "Server identity string", HFILL }
4469 },
4470
4471 /* MirrorLink */
4472 { &hf_vnc_mirrorlink_type,
4473 { "Type", "vnc.mirrorlink_type",
4474 FT_UINT8, BASE_DEC, VALS(vnc_mirrorlink_types_vs), 0x0,
4475 "MirrorLink extension message type", HFILL }
4476 },
4477 { &hf_vnc_mirrorlink_length,
4478 { "Length", "vnc.mirrorlink_length",
4479 FT_UINT16, BASE_DEC, NULL, 0x0,
4480 "Payload length", HFILL }
4481 },
4482 { &hf_vnc_mirrorlink_version_major,
4483 { "Major Version", "vnc.mirrorlink_version_major",
4484 FT_UINT8, BASE_DEC, NULL, 0x0,
4485 "MirrorLink major version", HFILL }
4486 },
4487 { &hf_vnc_mirrorlink_version_minor,
4488 { "Minor Version", "vnc.mirrorlink_version_minor",
4489 FT_UINT8, BASE_DEC, NULL, 0x0,
4490 "MirrorLink minor version", HFILL }
4491 },
4492 { &hf_vnc_mirrorlink_framebuffer_configuration,
4493 { "Configuration",
4494 "vnc.mirrorlink_framebuffer_configuration",
4495 FT_UINT16, BASE_HEX, NULL, 0x0,
4496 "Framebuffer configuration", HFILL }
4497 },
4498 { &hf_vnc_mirrorlink_pixel_width,
4499 { "Pixel Width", "vnc.mirrorlink_pixel_width",
4500 FT_UINT16, BASE_DEC, NULL, 0x0,
4501 "Display width [pixel]", HFILL }
4502 },
4503 { &hf_vnc_mirrorlink_pixel_height,
4504 { "Pixel Height", "vnc.mirrorlink_pixel_height",
4505 FT_UINT16, BASE_DEC, NULL, 0x0,
4506 "Display height [pixel]", HFILL }
4507 },
4508 { &hf_vnc_mirrorlink_pixel_format,
4509 { "Pixel Format", "vnc.mirrorlink_pixel_format",
4510 FT_UINT16, BASE_HEX, NULL, 0x0,
4511 "Pixel format support", HFILL }
4512 },
4513 { &hf_vnc_mirrorlink_display_width,
4514 { "Display Width", "vnc.mirrorlink_display_width",
4515 FT_UINT16, BASE_DEC, NULL, 0x0,
4516 "Display width [mm]", HFILL }
4517 },
4518 { &hf_vnc_mirrorlink_display_height,
4519 { "Display Height", "vnc.mirrorlink_display_height",
4520 FT_UINT16, BASE_DEC, NULL, 0x0,
4521 "Display height [mm]", HFILL }
4522 },
4523 { &hf_vnc_mirrorlink_display_distance,
4524 { "Display Distance", "vnc.mirrorlink_display_distance",
4525 FT_UINT16, BASE_DEC, NULL, 0x0,
4526 "Display distance [mm]", HFILL }
4527 },
4528 { &hf_vnc_mirrorlink_keyboard_language,
4529 { "Keyboard Language", "vnc.mirrorlink_keyboard_language",
4530 FT_STRING, BASE_NONE, NULL, 0x0,
4531 "Keyboard layout - Language code (according ISO 639-1)",
4532 HFILL }
4533 },
4534 { &hf_vnc_mirrorlink_keyboard_country,
4535 { "Keyboard Country", "vnc.mirrorlink_keyboard_country",
4536 FT_STRING, BASE_NONE, NULL, 0x0,
4537 "Keyboard layout - Country code (according ISO 3166-1 alpha-2)",
4538 HFILL }
4539 },
4540 { &hf_vnc_mirrorlink_ui_language,
4541 { "UI Language", "vnc.mirrorlink_ui_language",
4542 FT_STRING, BASE_NONE, NULL, 0x0,
4543 "UI language - Language code (according ISO 639-1)", HFILL }
4544 },
4545 { &hf_vnc_mirrorlink_ui_country,
4546 { "UI Country", "vnc.mirrorlink_ui_country",
4547 FT_STRING, BASE_NONE, NULL, 0x0,
4548 "UI language - Country code (according ISO 3166-1 alpha 2)",
4549 HFILL }
4550 },
4551 { &hf_vnc_mirrorlink_knob_keys,
4552 { "Knob Keys", "vnc.mirrorlink_knob_keys",
4553 FT_UINT32, BASE_HEX, NULL, 0x0,
4554 "Supported knob keys", HFILL }
4555 },
4556 { &hf_vnc_mirrorlink_device_keys,
4557 { "Device Keys", "vnc.mirrorlink_device_keys",
4558 FT_UINT32, BASE_HEX, NULL, 0x0,
4559 "Supported device keys", HFILL }
4560 },
4561 { &hf_vnc_mirrorlink_multimedia_keys,
4562 { "Multimedia Keys", "vnc.mirrorlink_multimedia_keys",
4563 FT_UINT32, BASE_HEX, NULL, 0x0,
4564 "Supported multimedia keys", HFILL }
4565 },
4566 { &hf_vnc_mirrorlink_key_related,
4567 { "Keyboard", "vnc.mirrorlink_key_related",
4568 FT_UINT32, BASE_HEX, NULL, 0x0,
4569 "Keyboard related", HFILL }
4570 },
4571 { &hf_vnc_mirrorlink_pointer_related,
4572 { "Pointer", "vnc.mirrorlink_pointer_related",
4573 FT_UINT32, BASE_HEX, NULL, 0x0,
4574 "Pointer related", HFILL }
4575 },
4576 { &hf_vnc_mirrorlink_key_symbol_value_client,
4577 { "Client KeySymValue",
4578 "vnc.mirrorlink_key_symbol_value_client",
4579 FT_UINT32, BASE_HEX, NULL, 0x0,
4580 "Client key symbol value", HFILL }
4581 },
4582 { &hf_vnc_mirrorlink_key_symbol_value_server,
4583 { "Server KeySymValue",
4584 "vnc.mirrorlink_key_symbol_value_server",
4585 FT_UINT32, BASE_HEX, NULL, 0x0,
4586 "Server key symbol value", HFILL }
4587 },
4588 { &hf_vnc_mirrorlink_key_configuration,
4589 { "Configuration", "vnc.mirrorlink_key_configuration",
4590 FT_UINT8, BASE_HEX, NULL, 0x0,
4591 "Key event listing configuration", HFILL }
4592 },
4593 { &hf_vnc_mirrorlink_key_num_events,
4594 { "Number of Key Events", "vnc.mirrorlink_key_num_events",
4595 FT_UINT8, BASE_DEC, NULL, 0x0,
4596 "Number of key events in list", HFILL }
4597 },
4598 { &hf_vnc_mirrorlink_key_event_counter,
4599 { "Key Event Counter", "vnc.mirrorlink_key_event_counter",
4600 FT_UINT16, BASE_DEC, NULL, 0x0,
4601 "Key event listing counter", HFILL }
4602 },
4603 { &hf_vnc_mirrorlink_key_symbol_value,
4604 { "KeySymValue",
4605 "vnc.mirrorlink_key_symbol_value",
4606 FT_UINT32, BASE_HEX, NULL, 0x0,
4607 "Key symbol value", HFILL }
4608 },
4609 { &hf_vnc_mirrorlink_key_request_configuration,
4610 { "Configuration", "vnc.mirrorlink_key_request_configuration",
4611 FT_UINT32, BASE_HEX, NULL, 0x0,
4612 "Key event listing request configuration", HFILL }
4613 },
4614 { &hf_vnc_mirrorlink_keyboard_configuration,
4615 { "Configuration", "vnc.mirrorlink_keyboard_configuration",
4616 FT_UINT32, BASE_HEX, NULL, 0x0,
4617 "Virtual keyboard configuration", HFILL }
4618 },
4619 { &hf_vnc_mirrorlink_cursor_x,
4620 { "Cursor X", "vnc.mirrorlink_cursor_x",
4621 FT_UINT16, BASE_DEC, NULL, 0x0,
4622 "Cursor - X position", HFILL }
4623 },
4624 { &hf_vnc_mirrorlink_cursor_y,
4625 { "Cursor Y", "vnc.mirrorlink_cursor_y",
4626 FT_UINT16, BASE_DEC, NULL, 0x0,
4627 "Cursor - Y position", HFILL }
4628 },
4629 { &hf_vnc_mirrorlink_text_x,
4630 { "Text X", "vnc.mirrorlink_text_x",
4631 FT_UINT16, BASE_DEC, NULL, 0x0,
4632 "Text input area - X position", HFILL }
4633 },
4634 { &hf_vnc_mirrorlink_text_y,
4635 { "Text Y", "vnc.mirrorlink_text_y",
4636 FT_UINT16, BASE_DEC, NULL, 0x0,
4637 "Text input area - Y position", HFILL }
4638 },
4639 { &hf_vnc_mirrorlink_text_width,
4640 { "Text Width", "vnc.mirrorlink_text_width",
4641 FT_UINT16, BASE_DEC, NULL, 0x0,
4642 "Text input area - Width", HFILL }
4643 },
4644 { &hf_vnc_mirrorlink_text_height,
4645 { "Text Height", "vnc.mirrorlink_text_height",
4646 FT_UINT16, BASE_DEC, NULL, 0x0,
4647 "Text input area - Height", HFILL }
4648 },
4649 { &hf_vnc_mirrorlink_keyboard_request_configuration,
4650 { "Configuration",
4651 "vnc.mirrorlink_keyboard_request_configuration",
4652 FT_UINT32, BASE_HEX, NULL, 0x0,
4653 "Virtual keyboard request configuration", HFILL }
4654 },
4655 { &hf_vnc_mirrorlink_device_status,
4656 { "Device Status", "vnc.mirrorlink_device_status",
4657 FT_UINT32, BASE_HEX, NULL, 0x0,
4658 "Status of Device Features", HFILL }
4659 },
4660 { &hf_vnc_mirrorlink_app_id,
4661 { "App Id", "vnc.mirrorlink_app_id",
4662 FT_UINT32, BASE_HEX, NULL, 0x0,
4663 "Unique application id", HFILL }
4664 },
4665 { &hf_vnc_mirrorlink_fb_block_x,
4666 { "Frambuffer X", "vnc.mirrorlink_fb_block_x",
4667 FT_UINT16, BASE_DEC, NULL, 0x0,
4668 "Frambuffer blocking - X position", HFILL }
4669 },
4670 { &hf_vnc_mirrorlink_fb_block_y,
4671 { "Frambuffer Y", "vnc.mirrorlink_fb_block_y",
4672 FT_UINT16, BASE_DEC, NULL, 0x0,
4673 "Frambuffer blocking - Y position", HFILL }
4674 },
4675 { &hf_vnc_mirrorlink_fb_block_width,
4676 { "Frambuffer Width", "vnc.mirrorlink_fb_block_width",
4677 FT_UINT16, BASE_DEC, NULL, 0x0,
4678 "Frambuffer blocking - Width", HFILL }
4679 },
4680 { &hf_vnc_mirrorlink_fb_block_height,
4681 { "Frambuffer Height", "vnc.mirrorlink_fb_block_height",
4682 FT_UINT16, BASE_DEC, NULL, 0x0,
4683 "Frambuffer blocking - Height", HFILL }
4684 },
4685 { &hf_vnc_mirrorlink_fb_block_reason,
4686 { "Reason", "vnc.mirrorlink_fb_block_reason",
4687 FT_UINT16, BASE_HEX, NULL, 0x0,
4688 "Reason for blocking", HFILL }
4689 },
4690 { &hf_vnc_mirrorlink_audio_block_reason,
4691 { "Reason", "vnc.mirrorlink_audio_block_reason",
4692 FT_UINT16, BASE_HEX, NULL, 0x0,
4693 "Reason for blocking", HFILL }
4694 },
4695 { &hf_vnc_mirrorlink_touch_num_events,
4696 { "Number of Touch Events", "vnc.mirrorlink_touch_num_events",
4697 FT_UINT8, BASE_DEC, NULL, 0x0,
4698 "Number of touch events in list", HFILL }
4699 },
4700 { &hf_vnc_mirrorlink_touch_x,
4701 { "Touch X", "vnc.mirrorlink_touch_x",
4702 FT_UINT16, BASE_DEC, NULL, 0x0,
4703 "Touch event - X position", HFILL }
4704 },
4705 { &hf_vnc_mirrorlink_touch_y,
4706 { "Touch Y", "vnc.mirrorlink_touch_y",
4707 FT_UINT16, BASE_DEC, NULL, 0x0,
4708 "Touch event - Y position", HFILL }
4709 },
4710 { &hf_vnc_mirrorlink_touch_id,
4711 { "Touch Id", "vnc.mirrorlink_touch_id",
4712 FT_UINT8, BASE_DEC, NULL, 0x0,
4713 "Touch event - identifier", HFILL }
4714 },
4715 { &hf_vnc_mirrorlink_touch_pressure,
4716 { "Touch Pressure", "vnc.mirrorlink_touch_pressure",
4717 FT_UINT8, BASE_DEC, NULL, 0x0,
4718 "Touch event - pressure value", HFILL }
4719 },
4720 { &hf_vnc_mirrorlink_text,
4721 { "Text", "vnc.mirrorlink_text",
4722 FT_STRING, BASE_NONE, NULL, 0x0,
4723 "Textual information", HFILL }
4724 },
4725 { &hf_vnc_mirrorlink_text_length,
4726 { "Length", "vnc.mirrorlink_text_length",
4727 FT_UINT16, BASE_DEC, NULL, 0x0,
4728 "Length of textual information", HFILL }
4729 },
4730 { &hf_vnc_mirrorlink_text_max_length,
4731 { "Max Length", "vnc.mirrorlink_text_max_length",
4732 FT_UINT16, BASE_DEC, NULL, 0x0,
4733 "Maximum length of textual information", HFILL }
4734 },
4735 { &hf_vnc_mirrorlink_unknown,
4736 { "Unknown", "vnc.mirrorlink_unknown",
4737 FT_BYTES, BASE_NONE, NULL, 0x0,
4738 "Unknown data", HFILL }
4739 },
4740
4741 /* Fence */
4742 { &hf_vnc_fence_flags,
4743 {"Fence flags", "vnc.fence_flags", FT_UINT32, BASE_HEX,
4744 NULL, 0, NULL, HFILL}},
4745
4746 { &hf_vnc_fence_request,
4747 { "Fence_request", "vnc.fence_request",
4748 FT_BOOLEAN, 32, NULL, VNC_FENCE_REQUEST,
4749 NULL, HFILL }
4750 },
4751 { &hf_vnc_fence_sync_next,
4752 { "Fence_sync_next", "vnc.fence_sync_next",
4753 FT_BOOLEAN, 32, NULL, VNC_FENCE_SYNC_NEXT,
4754 NULL, HFILL }
4755 },
4756 { &hf_vnc_fence_block_after,
4757 { "Fence_block_after", "vnc.fence_block_after",
4758 FT_BOOLEAN, 32, NULL, VNC_FENCE_BLOCK_AFTER,
4759 NULL, HFILL }
4760 },
4761 { &hf_vnc_fence_block_before,
4762 { "Fence block_before", "vnc.fence_block_before",
4763 FT_BOOLEAN, 32, NULL, VNC_FENCE_BLOCK_BEFORE,
4764 NULL, HFILL }
4765 },
4766 { &hf_vnc_fence_payload_length,
4767 { "Fence payload length", "vnc.fence_payload_length",
4768 FT_UINT8, BASE_DEC, NULL, 0x0,
4769 NULL, HFILL }
4770 },
4771 { &hf_vnc_fence_payload,
4772 { "Fence payload", "vnc.fence_payload",
4773 FT_BYTES, BASE_NONE, NULL, 0x0,
4774 NULL, HFILL }
4775 },
4776
4777 /* Context Information */
4778 { &hf_vnc_context_information_app_id,
4779 { "App Id", "vnc.context_information_app_id",
4780 FT_UINT32, BASE_HEX, NULL, 0x0,
4781 "Unique application id", HFILL }
4782 },
4783 { &hf_vnc_context_information_app_trust_level,
4784 { "App Trust Level",
4785 "vnc.context_information_app_trust_level",
4786 FT_UINT16, BASE_HEX, NULL, 0x0,
4787 "Trust Level for Application Category", HFILL }
4788 },
4789 { &hf_vnc_context_information_content_trust_level,
4790 { "Content Trust Level",
4791 "vnc.context_information_content_trust_level",
4792 FT_UINT16, BASE_HEX, NULL, 0x0,
4793 "Trust Level for Content Category", HFILL }
4794 },
4795 { &hf_vnc_context_information_app_category,
4796 { "App Category", "vnc.context_information_app_category",
4797 FT_UINT32, BASE_HEX, NULL, 0x0,
4798 "Application Category", HFILL }
4799 },
4800 { &hf_vnc_context_information_content_category,
4801 { "Content Category",
4802 "vnc.context_information_content_category",
4803 FT_UINT32, BASE_HEX, NULL, 0x0,
4804 "Visual content category", HFILL }
4805 },
4806 { &hf_vnc_context_information_content_rules,
4807 { "Content Rules", "vnc.context_information_content_rules",
4808 FT_UINT32, BASE_HEX, NULL, 0x0,
4809 "Visual content rules", HFILL }
4810 },
4811
4812 /* Scan Line based Run-Length Encoding */
4813 { &hf_vnc_slrle_run_num,
4814 { "Number of Runs", "vnc.slrle_run_num",
4815 FT_UINT16, BASE_DEC, NULL, 0x0,
4816 "Number of Runs within Line", HFILL }
4817 },
4818 { &hf_vnc_slrle_run_data,
4819 { "Raw RLE data", "vnc.slrle_run_data",
4820 FT_BYTES, BASE_NONE, NULL, 0x0,
4821 "Raw Run-Length encoded data within Line", HFILL }
4822 },
4823
4824 /* H.264 Encoding */
4825 { &hf_vnc_h264_slice_type,
4826 { "Slice Type", "vnc.h264_slice_type",
4827 FT_UINT32, BASE_DEC, VALS(vnc_h264_slice_types_vs), 0x0,
4828 "Frame slice type", HFILL }
4829 },
4830 { &hf_vnc_h264_nbytes,
4831 { "Number of Bytes", "vnc.h264_nbytes",
4832 FT_UINT32, BASE_DEC, NULL, 0x0,
4833 "Number of bytes within frame", HFILL }
4834 },
4835 { &hf_vnc_h264_width,
4836 { "Width", "vnc.h264_width",
4837 FT_UINT32, BASE_DEC, NULL, 0x0,
4838 "Frame Width", HFILL }
4839 },
4840 { &hf_vnc_h264_height,
4841 { "Height", "vnc.h264_height",
4842 FT_UINT32, BASE_DEC, NULL, 0x0,
4843 "Frame Height", HFILL }
4844 },
4845 { &hf_vnc_h264_data,
4846 { "Data", "vnc.h264_data",
4847 FT_BYTES, BASE_NONE, NULL, 0x0,
4848 "Frame H.264 data", HFILL }
4849 },
4850
4851 };
4852
4853 /* Setup protocol subtree arrays */
4854 static gint *ett[] = {
4855 &ett_vnc,
4856 &ett_vnc_client_message_type,
4857 &ett_vnc_server_message_type,
4858 &ett_vnc_rect,
4859 &ett_vnc_encoding_type,
4860 &ett_vnc_rre_subrect,
4861 &ett_vnc_hextile_subencoding_mask,
4862 &ett_vnc_hextile_num_subrects,
4863 &ett_vnc_hextile_subrect,
4864 &ett_vnc_hextile_tile,
4865 &ett_vnc_zrle_subencoding,
4866 &ett_vnc_colormap_num_groups,
4867 &ett_vnc_desktop_screen,
4868 &ett_vnc_colormap_color_group,
4869 &ett_vnc_key_events,
4870 &ett_vnc_touch_events,
4871 &ett_vnc_slrle_subline,
4872 &ett_vnc_fence_flags
4873 };
4874
4875 static ei_register_info ei[] = {
4876 { &ei_vnc_possible_gtk_vnc_bug, { "vnc.possible_gtk_vnc_bug", PI_MALFORMED, PI_ERROR, "NULL found in greeting. client -> server greeting must be 12 bytes (possible gtk-vnc bug)", EXPFILL }},
4877 { &ei_vnc_auth_code_mismatch, { "vnc.auth_code_mismatch", PI_PROTOCOL, PI_WARN, "Authentication code does not match vendor or signature", EXPFILL }},
4878 { &ei_vnc_unknown_tight_vnc_auth, { "vnc.unknown_tight_vnc_auth", PI_PROTOCOL, PI_ERROR, "Unknown TIGHT VNC authentication", EXPFILL }},
4879 { &ei_vnc_too_many_rectangles, { "vnc.too_many_rectangles", PI_MALFORMED, PI_ERROR, "Too many rectangles, aborting dissection", EXPFILL }},
4880 { &ei_vnc_too_many_sub_rectangles, { "vnc.too_many_sub_rectangles", PI_MALFORMED, PI_ERROR, "Too many sub-rectangles, aborting dissection", EXPFILL }},
4881 { &ei_vnc_invalid_encoding, { "vnc.invalid_encoding", PI_MALFORMED, PI_ERROR, "Invalid encoding", EXPFILL }},
4882 { &ei_vnc_too_many_colors, { "vnc.too_many_colors", PI_MALFORMED, PI_ERROR, "Too many colors, aborting dissection", EXPFILL }},
4883 { &ei_vnc_too_many_cut_text, { "vnc.too_many_cut_text", PI_MALFORMED, PI_ERROR, "Too much cut text, aborting dissection", EXPFILL }},
4884 { &ei_vnc_zrle_failed, { "vnc.zrle_failed", PI_UNDECODED, PI_ERROR, "Decompression of ZRLE data failed", EXPFILL }},
4885 { &ei_vnc_unknown_tight, { "vnc.unknown_tight_packet", PI_UNDECODED, PI_WARN, "Unknown packet (TightVNC)", EXPFILL }},
4886 { &ei_vnc_reassemble, { "vnc.reassemble", PI_REASSEMBLE, PI_CHAT, "See further on for dissection of the complete (reassembled) PDU", EXPFILL }},
4887 };
4888
4889 /* Register the protocol name and description */
4890 proto_vnc = proto_register_protocol("Virtual Network Computing", "VNC", "vnc");
4891
4892 /* Required function calls to register the header fields and subtrees */
4893 proto_register_field_array(proto_vnc, hf, array_length(hf));
4894 proto_register_subtree_array(ett, array_length(ett));
4895 expert_vnc = expert_register_protocol(proto_vnc);
4896 expert_register_field_array(expert_vnc, ei, array_length(ei));
4897
4898 /* Register our preferences module */
4899 vnc_module = prefs_register_protocol(proto_vnc, apply_vnc_prefs);
4900
4901 prefs_register_bool_preference(vnc_module, "desegment",
4902 "Reassemble VNC messages spanning multiple TCP segments.",
4903 "Whether the VNC dissector should reassemble messages spanning "
4904 "multiple TCP segments. To use this option, you must also enable "
4905 "\"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
4906 &vnc_preference_desegment);
4907 }
4908
4909 void
proto_reg_handoff_vnc(void)4910 proto_reg_handoff_vnc(void)
4911 {
4912 vnc_handle = create_dissector_handle(dissect_vnc, proto_vnc);
4913
4914 dissector_add_uint_range_with_preference("tcp.port", VNC_PORT_RANGE, vnc_handle);
4915 heur_dissector_add("tcp", test_vnc_protocol, "VNC over TCP", "vnc_tcp", proto_vnc, HEURISTIC_ENABLE);
4916 /* We don't register a port for the VNC HTTP server because
4917 * that simply provides a java program for download via the
4918 * HTTP protocol. The java program then connects to a standard
4919 * VNC port. */
4920 }
4921
4922 /*
4923 * Editor modelines - https://www.wireshark.org/tools/modelines.html
4924 *
4925 * Local variables:
4926 * c-basic-offset: 8
4927 * tab-width: 8
4928 * indent-tabs-mode: t
4929 * End:
4930 *
4931 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
4932 * :indentSize=8:tabSize=8:noTabs=false:
4933 */
4934