class UDS_SDTPR(Packet):
name = 'SecuredDataTransmissionPositiveResponse'
fields_desc = [StrField('securityDataResponseRecord', B"")]
class UDS_RDBPIPR(Packet):
name = 'ReadDataByPeriodicIdentifierPositiveResponse'
fields_desc = [
ByteField('periodicDataIdentifier', 0),
StrField('dataRecord', None, fmt="B")
]
class SAPMS(Packet):
"""SAP Message Server packet
This packet is used for the Message Server protocol.
"""
name = "SAP Message Server"
fields_desc = [
StrFixedLenField("eyecatcher", "**MESSAGE**\x00", 12),
ByteField("version", 0x04),
ByteEnumKeysField("errorno", 0x00, ms_errorno_values),
StrFixedLenField("toname", "-" + " " * 39, 40),
FlagsField("msgtype", 0, 8, ["DIA", "UPD", "ENQ", "BTC", "SPO", "UP2", "ATP", "ICM"]),
ByteField("reserved", 0x00),
ByteEnumKeysField("domain", 0x00, ms_domain_values),
ByteField("reserved", 0x00),
StrFixedLenField("key", "\x00" * 8, 8),
ByteEnumKeysField("flag", 0x01, ms_flag_values),
ByteEnumKeysField("iflag", 0x01, ms_iflag_values),
StrFixedLenField("fromname", "-" + " " * 39, 40),
ShortField("padd", 0x0000),
# OpCode fields
ConditionalField(ByteEnumKeysField("opcode", 0x00, ms_opcode_values), lambda pkt:pkt.iflag in [0x00, 0x01]),
ConditionalField(ByteEnumKeysField("opcode_error", 0x00, ms_opcode_error_values), lambda pkt:pkt.iflag in [0x00, 0x01]),
ConditionalField(ByteField("opcode_version", 0x01), lambda pkt:pkt.iflag in [0x00, 0x01]),
ConditionalField(ByteField("opcode_charset", 0x03), lambda pkt:pkt.iflag in [0x00, 0x01]),
ConditionalField(StrField("opcode_value", ""), lambda pkt:pkt.iflag in [0x00, 0x01] and pkt.opcode not in [0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x11, 0x1c, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2f, 0x43, 0x44, 0x45, 0x46, 0x47, 0x4a]),
# Adm OpCode fields
ConditionalField(StrFixedLenField("adm_eyecatcher", "AD-EYECATCH\x00", 12), lambda pkt:pkt.iflag == 0x05),
ConditionalField(ByteField("adm_version", 0x01), lambda pkt:pkt.iflag == 0x05),
ConditionalField(ByteEnumKeysField("adm_type", 0x01, ms_adm_type_values), lambda pkt:pkt.iflag == 0x05),
ConditionalField(IntToStrField("adm_recsize", 104, 11), lambda pkt:pkt.iflag == 0x05),
ConditionalField(IntToStrField("adm_recno", 1, 11), lambda pkt:pkt.iflag == 0x05),
ConditionalField(PacketListField("adm_records", None, SAPMSAdmRecord), lambda pkt:pkt.iflag == 0x05),
# Server List fields
ConditionalField(PacketListField("clients", None, SAPMSClient1), lambda pkt:pkt.opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x01),
ConditionalField(PacketListField("clients", None, SAPMSClient2), lambda pkt:pkt.opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x02),
ConditionalField(PacketListField("clients", None, SAPMSClient3), lambda pkt:pkt.opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x03),
ConditionalField(PacketListField("clients", None, SAPMSClient4), lambda pkt:pkt.opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x04),
# Change IP fields
ConditionalField(IPField("change_ip_addressv4", "0.0.0.0"), lambda pkt:pkt.opcode == 0x06),
ConditionalField(IP6Field("change_ip_addressv6", "::"), lambda pkt:pkt.opcode == 0x06 and pkt.opcode_version == 0x02),
# Get/Set Text fields
ConditionalField(StrFixedLenField("text_name", "", 40), lambda pkt:pkt.opcode in [0x22, 0x23]),
ConditionalField(FieldLenField("text_length", None, length_of="text_value", fmt="!I"), lambda pkt:pkt.opcode in [0x22, 0x23]),
ConditionalField(StrFixedLenField("text_value", "", length_from=lambda pkt:pkt.text_length or 80), lambda pkt:pkt.opcode in [0x22, 0x23]),
# Counter fields
ConditionalField(PacketField("counter", None, SAPMSCounter), lambda pkt:pkt.opcode in [0x24, 0x25, 0x26, 0x27, 0x28, 0x29]),
ConditionalField(PacketListField("counters", None, SAPMSCounter), lambda pkt:pkt.opcode in [0x2a]),
# Security Key 1 fields
ConditionalField(StrFixedLenField("security_name", None, 40), lambda pkt:pkt.opcode in [0x07, 0x08]),
ConditionalField(StrFixedLenField("security_key", None, 256), lambda pkt:pkt.opcode in [0x07, 0x08]),
# Security Key 2 fields
ConditionalField(IPField("security2_addressv4", "0.0.0.0"), lambda pkt:pkt.opcode == 0x09),
ConditionalField(ShortField("security2_port", 0), lambda pkt:pkt.opcode == 0x09),
ConditionalField(StrFixedLenField("security2_key", None, 256), lambda pkt:pkt.opcode == 0x09),
ConditionalField(IP6Field("security2_addressv6", "::"), lambda pkt:pkt.opcode == 0x09),
# Hardware ID field
ConditionalField(StrNullFixedLenField("hwid", "", length=99), lambda pkt:pkt.opcode == 0x0a),
# Statistics
ConditionalField(PacketField("stats", None, SAPMSStat3), lambda pkt:pkt.opcode == 0x11 and pkt.flag == 0x03),
# Codepage
ConditionalField(IntField("codepage", 0), lambda pkt:pkt.opcode == 0x1c and pkt.flag == 0x03),
# Dump Info Request fields
ConditionalField(ByteField("dump_dest", 0x02), lambda pkt:pkt.opcode == 0x1E and pkt.flag == 0x02),
ConditionalField(StrFixedLenField("dump_filler", "\x00\x00\x00", 3), lambda pkt:pkt.opcode == 0x1E and pkt.flag == 0x02),
ConditionalField(ShortField("dump_index", 0x00), lambda pkt:pkt.opcode == 0x1E and pkt.flag == 0x02),
ConditionalField(ShortEnumKeysField("dump_command", 0x01, ms_dump_command_values), lambda pkt:pkt.opcode == 0x1E and pkt.flag == 0x02),
ConditionalField(StrFixedLenField("dump_name", "\x00" * 40, 40), lambda pkt:pkt.opcode == 0x1E and pkt.flag == 0x02),
# File Reload fields
ConditionalField(ByteEnumKeysField("file_reload", 0, ms_file_reload_values), lambda pkt:pkt.opcode == 0x1f),
ConditionalField(StrFixedLenField("file_filler", "\x00\x00\x00", 3), lambda pkt:pkt.opcode == 0x1f),
# Get/Set/Del Logon fields
ConditionalField(PacketField("logon", None, SAPMSLogon), lambda pkt:pkt.opcode in [0x2b, 0x2c, 0x2d]),
# Server Disconnect/Shutdown fields
ConditionalField(PacketField("shutdown_client", None, SAPMSClient3), lambda pkt:pkt.opcode in [0x2e, 0x2f, 0x30, 0x4a]),
ConditionalField(FieldLenField("shutdown_reason_length", None, length_of="shutdown_reason", fmt="!H"), lambda pkt:pkt.opcode in [0x2e, 0x2f, 0x30, 0x4a]),
ConditionalField(StrLenField("shutdown_reason", "", length_from=lambda pkt:pkt.shutdown_reason_length), lambda pkt:pkt.opcode in [0x2e, 0x2f, 0x30, 0x4a]),
# Get/Set Property fields
ConditionalField(PacketField("property", None, SAPMSProperty), lambda pkt:pkt.opcode in [0x43, 0x44, 0x45]),
# IP/Port to name fields
ConditionalField(IPField("ip_to_name_address4", "0.0.0.0"), lambda pkt:pkt.opcode == 0x46 and pkt.opcode_version == 0x01),
ConditionalField(IP6Field("ip_to_name_address6", "::"), lambda pkt:pkt.opcode == 0x46 and pkt.opcode_version == 0x02),
ConditionalField(ShortField("ip_to_name_port", 0), lambda pkt:pkt.opcode == 0x46),
ConditionalField(FieldLenField("ip_to_name_length", None, length_of="ip_to_name", fmt="!I"), lambda pkt:pkt.opcode == 0x46),
ConditionalField(StrLenField("ip_to_name", "", length_from=lambda pkt:pkt.logonname_length), lambda pkt:pkt.opcode == 0x46),
# Check ACL fields
ConditionalField(ShortField("error_code", 0), lambda pkt:pkt.opcode == 0x47),
ConditionalField(StrFixedLenField("acl", "", 46), lambda pkt:pkt.opcode == 0x47),
]
class SomeClass(Packet):
fields_desc = [StrField("text", None)]
class SAPRouter(Packet):
"""SAP Router packet
This packet is used for general SAP Router packets. There are (at least)
five types of SAP Router packets:
1. Route packets. For requesting the routing of a connection to a
remote hosts. The packet contains some general information and a
connection string with a list of routing hops (:class:`SAPRouterRouteHop`).
2. Administration packets. This packet is used for the SAP Router to
send administrative commands. It's suppose to be used only from the
hosts running the SAP Router or when an specific route is included in
the routing table. Generally administration packets are not accepted
from the external binding.
3. Error Information packets. Packets sent when an error occurred.
4. Control Message packets. Used to perform some control activities,
like retrieving the current SAPRouter version or to perform the SNC
handshake. They have the same structure that error information
packets.
5. Route accepted packet. Used to acknowledge a route request
("NI_PONG").
Routed packets and some responses doesn't fill in these five packet
types. For identifying those cases, you should check the type using the
function :class:`router_is_known_type`.
NI Versions found (unconfirmed):
- 30: Release 40C
- 36: Release <6.20
- 38: Release 7.00/7.10
- 39: Release 7.11
- 40: Release 7.20/7.21
"""
# Constants for router types
SAPROUTER_ROUTE = "NI_ROUTE"
""" :cvar: Constant for route packets
:type: C{string} """
SAPROUTER_ADMIN = "ROUTER_ADM"
""" :cvar: Constant for administration packets
:type: C{string} """
SAPROUTER_ERROR = "NI_RTERR"
""" :cvar: Constant for error information packets
:type: C{string} """
SAPROUTER_CONTROL = "NI_RTERR"
""" :cvar: Constant for control messages packets
:type: C{string} """
SAPROUTER_PONG = "NI_PONG"
""" :cvar: Constant for route accepted packets
:type: C{string} """
router_type_values = [
SAPROUTER_ADMIN,
SAPROUTER_ERROR,
SAPROUTER_CONTROL,
SAPROUTER_ROUTE,
SAPROUTER_PONG,
]
""" :cvar: List of known packet types
:type: ``list`` of C{string} """
name = "SAP Router"
fields_desc = [
# General fields present in all SAP Router packets
StrNullField("type", SAPROUTER_ROUTE),
ConditionalField(
ByteField("version", 0x02),
lambda pkt: router_is_known_type(pkt) and not router_is_pong(pkt)),
# Route packets
ConditionalField(ByteField("route_ni_version", 0x28), router_is_route),
ConditionalField(ByteField("route_entries", 0), router_is_route),
ConditionalField(
ByteEnumKeysField("route_talk_mode", 0,
router_ni_talk_mode_values), router_is_route),
ConditionalField(ShortField("route_padd", 0), router_is_route),
ConditionalField(ByteField("route_rest_nodes", 0), router_is_route),
ConditionalField(
FieldLenField("route_length", 0, length_of="route_string",
fmt="I"), router_is_route),
ConditionalField(IntField("route_offset", 0), router_is_route),
ConditionalField(
PacketListField("route_string",
None,
SAPRouterRouteHop,
length_from=lambda pkt: pkt.route_length),
router_is_route),
# Admin packets
ConditionalField(
ByteEnumKeysField("adm_command", 0x02, router_adm_commands),
router_is_admin),
ConditionalField(
ShortField("adm_unused", 0x00), lambda pkt: router_is_admin(pkt)
and pkt.adm_command not in [10, 11, 12, 13]),
# Info Request fields
ConditionalField(
StrNullFixedLenField("adm_password", "", 19),
lambda pkt: router_is_admin(pkt) and pkt.adm_command in [2]),
# Cancel Route fields
ConditionalField(
FieldLenField("adm_client_count",
None,
count_of="adm_client_ids",
fmt="H"),
lambda pkt: router_is_admin(pkt) and pkt.adm_command in [6]),
ConditionalField(
FieldListField("adm_client_ids", [0x00],
IntField("", 0),
count_from=lambda pkt: pkt.adm_client_count),
lambda pkt: router_is_admin(pkt) and pkt.adm_command in [6]),
# Trace Connection fields
ConditionalField(
FieldLenField("adm_client_count",
None,
count_of="adm_client_ids",
fmt="I"),
lambda pkt: router_is_admin(pkt) and pkt.adm_command in [12, 13]),
ConditionalField(
FieldListField("adm_client_ids", [0x00],
IntField("", 0),
count_from=lambda pkt: pkt.adm_client_count),
lambda pkt: router_is_admin(pkt) and pkt.adm_command in [12, 13]),
# Set/Clear Peer Trace fields # TODO: Check whether this field should be a IPv6 address or another proper field
ConditionalField(
StrFixedLenField("adm_address_mask", "", 32),
lambda pkt: router_is_admin(pkt) and pkt.adm_command in [10, 11]),
# Error Information/Control Messages fields
ConditionalField(
ByteEnumKeysField("opcode", 0, router_control_opcodes),
lambda pkt: router_is_error(pkt) or router_is_control(pkt)),
ConditionalField(
ByteField("opcode_padd", 0),
lambda pkt: router_is_error(pkt) or router_is_control(pkt)),
ConditionalField(
SignedIntEnumField("return_code", 0, router_return_codes),
lambda pkt: router_is_error(pkt) or router_is_control(pkt)),
# Error Information fields
ConditionalField(
FieldLenField("err_text_length",
None,
length_of="err_text_value",
fmt="!I"),
lambda pkt: router_is_error(pkt) and pkt.opcode == 0),
ConditionalField(
PacketField("err_text_value", SAPRouterError(), SAPRouterError),
lambda pkt: router_is_error(pkt) and pkt.opcode == 0),
ConditionalField(IntField("err_text_unknown", 0),
lambda pkt: router_is_error(pkt) and pkt.opcode == 0),
# Control Message fields
ConditionalField(
IntField("control_text_length", 0),
lambda pkt: router_is_control(pkt) and pkt.opcode != 0),
ConditionalField(
StrField("control_text_value", "*ERR"),
lambda pkt: router_is_control(pkt) and pkt.opcode != 0),
# SNC Frame fields
ConditionalField(
PacketField("snc_frame", None, SAPSNCFrame),
lambda pkt: router_is_control(pkt) and pkt.opcode in [70, 71])
]
class NetflowRecordV9(Packet):
name = "Netflow DataFlowset Record V9"
fields_desc = [StrField("fieldValue", "")]
def default_payload_class(self, p):
return conf.padding_layer
class ATT_Find_By_Type_Value_Response(Packet):
name = "Find By Type Value Response"
fields_desc = [
StrField("handles", ""),
]
class HTTPRequest(Packet):
name = "HTTP Request"
http_methods = "^(OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT)"
fields_desc = [
StrField("Method", None, fmt="H"),
StrField("Path", None, fmt="H"),
StrField("Http-Version", None, fmt="H"),
StrField("Host", None, fmt="H"),
StrField("User-Agent", None, fmt="H"),
StrField("Accept", None, fmt="H"),
StrField("Accept-Language", None, fmt="H"),
StrField("Accept-Encoding", None, fmt="H"),
StrField("Accept-Charset", None, fmt="H"),
StrField("Referer", None, fmt="H"),
StrField("Authorization", None, fmt="H"),
StrField("Expect", None, fmt="H"),
StrField("From", None, fmt="H"),
StrField("If-Match", None, fmt="H"),
StrField("If-Modified-Since", None, fmt="H"),
StrField("If-None-Match", None, fmt="H"),
StrField("If-Range", None, fmt="H"),
StrField("If-Unmodified-Since", None, fmt="H"),
StrField("Max-Forwards", None, fmt="H"),
StrField("Proxy-Authorization", None, fmt="H"),
StrField("Range", None, fmt="H"),
StrField("TE", None, fmt="H"),
StrField("Cache-Control", None, fmt="H"),
StrField("Connection", None, fmt="H"),
StrField("Date", None, fmt="H"),
StrField("Pragma", None, fmt="H"),
StrField("Trailer", None, fmt="H"),
StrField("Transfer-Encoding", None, fmt="H"),
StrField("Upgrade", None, fmt="H"),
StrField("Via", None, fmt="H"),
StrField("Warning", None, fmt="H"),
StrField("Keep-Alive", None, fmt="H"),
StrField("Allow", None, fmt="H"),
StrField("Content-Encoding", None, fmt="H"),
StrField("Content-Language", None, fmt="H"),
StrField("Content-Length", None, fmt="H"),
StrField("Content-Location", None, fmt="H"),
StrField("Content-MD5", None, fmt="H"),
StrField("Content-Range", None, fmt="H"),
StrField("Content-Type", None, fmt="H"),
StrField("Expires", None, fmt="H"),
StrField("Last-Modified", None, fmt="H"),
StrField("Cookie", None, fmt="H"),
StrField("Headers", None, fmt="H"),
# Deprecated
StrField("Additional-Headers", None, fmt="H")
]
def do_dissect(self, s):
''' From the HTTP packet string, populate the scapy object '''
first_line, body = _dissect_headers(self, s)
Method, Path, HTTPVersion = re.split("\s+", first_line)
self.setfieldval('Method', Method)
self.setfieldval('Path', Path)
self.setfieldval('Http-Version', HTTPVersion)
return body
def self_build(self, field_pos_list=None):
''' Generate the HTTP packet string (the oppposite of do_dissect) '''
return _self_build(self, field_pos_list)
class UDS_RTEPR(Packet):
name = 'RequestTransferExitPositiveResponse'
fields_desc = [StrField('transferResponseParameterRecord', b"", fmt="B")]
def answers(self, other):
return isinstance(other, UDS_RTE)
class ATT_Find_Information_Response(Packet):
name = "Find Information Response"
fields_desc = [XByteField("format", 1), StrField("data", "")]
class UDS_RTE(Packet):
name = 'RequestTransferExit'
fields_desc = [StrField('transferRequestParameterRecord', b"", fmt="B")]
class UDS_TD(Packet):
name = 'TransferData'
fields_desc = [
ByteField('blockSequenceCounter', 0),
StrField('transferRequestParameterRecord', b"", fmt="B")
]
class UDS_RMBAPR(Packet):
name = 'ReadMemoryByAddressPositiveResponse'
fields_desc = [StrField('dataRecord', b"", fmt="B")]
def answers(self, other):
return isinstance(other, UDS_RMBA)
def __init__(self, name, countfld, passon=1):
StrField.__init__(self, name, None)
self.countfld = countfld
self.passon = passon
class ATT_Read_By_Type_Response(Packet):
name = "Read By Type Response"
# fields_desc = [ FieldLenField("len", None, length_of="data", fmt="B"),
# StrLenField("data", "", length_from=lambda pkt:pkt.len), ] # noqa: E501
fields_desc = [StrField("data", "")]
class UDS_SDTPR(Packet):
name = 'SecuredDataTransmissionPositiveResponse'
fields_desc = [StrField('securityDataResponseRecord', b"")]
def answers(self, other):
return isinstance(other, UDS_SDT)
class ATT_Read_Response(Packet):
name = "Read Response"
fields_desc = [
StrField("value", ""),
]
class HTTPResponse(Packet):
name = "HTTP Response"
fields_desc = [
StrField("Status-Line", None, fmt="H"),
StrField("Accept-Ranges", None, fmt="H"),
StrField("Age", None, fmt="H"),
StrField("E-Tag", None, fmt="H"),
StrField("Location", None, fmt="H"),
StrField("Proxy-Authenticate", None, fmt="H"),
StrField("Retry-After", None, fmt="H"),
StrField("Server", None, fmt="H"),
StrField("Vary", None, fmt="H"),
StrField("WWW-Authenticate", None, fmt="H"),
StrField("Cache-Control", None, fmt="H"),
StrField("Connection", None, fmt="H"),
StrField("Date", None, fmt="H"),
StrField("Pragma", None, fmt="H"),
StrField("Trailer", None, fmt="H"),
StrField("Transfer-Encoding", None, fmt="H"),
StrField("Upgrade", None, fmt="H"),
StrField("Via", None, fmt="H"),
StrField("Warning", None, fmt="H"),
StrField("Keep-Alive", None, fmt="H"),
StrField("Allow", None, fmt="H"),
StrField("Content-Encoding", None, fmt="H"),
StrField("Content-Language", None, fmt="H"),
StrField("Content-Length", None, fmt="H"),
StrField("Content-Location", None, fmt="H"),
StrField("Content-MD5", None, fmt="H"),
StrField("Content-Range", None, fmt="H"),
StrField("Content-Type", None, fmt="H"),
StrField("Expires", None, fmt="H"),
StrField("Last-Modified", None, fmt="H"),
StrField("Headers", None, fmt="H"),
# Deprecated
StrField("Additional-Headers", None, fmt="H")
]
# 解析包的内容
def do_dissect(self, s):
''' From the HTTP packet string, populate the scapy object '''
first_line, body = _dissect_headers(self, s)
self.setfieldval('Status-Line', first_line)
return body
def self_build(self, field_pos_list=None):
''' From the HTTP packet string, populate the scapy object '''
return _self_build(self, field_pos_list)
class ATT_Read_By_Group_Type_Response(Packet):
name = "Read By Group Type Response"
fields_desc = [
XByteField("length", 0),
StrField("data", ""),
]
def __init__(self, name, countfld, passon=1):
StrField.__init__(self, name, None)
self.countfld = countfld
self.passon = passon
class ATT_Write_Command(Packet):
name = "Write Request"
fields_desc = [
XLEShortField("gatt_handle", 0),
StrField("data", ""),
]
def __init__(self, name, default, encoding="utf-16", padd="\x0c",
fmt="H", remain=0):
StrField.__init__(self, name, default, fmt, remain)
self.encoding = encoding
self.padd = padd
class ATT_Handle_Value_Notification(Packet):
name = "Handle Value Notification"
fields_desc = [
XLEShortField("handle", 0),
StrField("value", ""),
]
class HTTPv1(Packet):
name = "HTTPv1"
fields_desc = [StrField("HTTP-payload", None, fmt="H")]
class ATT_PrepareWriteReq(Packet):
fields_desc = [
XLEShortField("handle", 0),
LEShortField("offset", 0),
StrField("value", "")
]
class UDS_SDT(Packet):
name = 'SecuredDataTransmission'
fields_desc = [StrField('securityDataRequestRecord', B"")]
class ATT_ReadBlobResp(Packet):
fields_desc = [StrField("value", "")]
class UDS_RMBAPR(Packet):
name = 'ReadMemoryByAddressPositiveResponse'
fields_desc = [StrField('dataRecord', None, fmt="B")]
def __init__(self, name, default):
self.real_name = name
name = _strip_header_name(name)
StrField.__init__(self, name, default, fmt="H")
def __init__(self, name, default, length=None, length_from=None):
StrField.__init__(self, name, default)
self.length_from = length_from
if length is not None:
self.length_from = lambda pkt, length=length: length
class SAPDiagDyntAtomItem(PacketNoPadded):
name = "SAP Diag Dynt Atom item"
fields_desc = [
ShortField("atom_length", 0),
ByteField("dlg_flag_1", 0),
ByteField("dlg_flag_2", 0),
ByteEnumKeysField("etype", 0, diag_atom_etypes),
ByteField("area", 0),
ByteField("block", 0),
ByteField("group", 0),
ShortField("row", 0),
ShortField("col", 0),
# Attr flags
BitField("attr_DIAG_BSD_COMBOSTYLE", 0, 1), # 80
BitField("attr_DIAG_BSD_YES3D", 0, 1), # 40
BitField("attr_DIAG_BSD_PROPFONT", 0, 1), # 20
BitField("attr_DIAG_BSD_MATCHCODE", 0, 1), # 10
BitField("attr_DIAG_BSD_JUSTRIGHT", 0, 1), # 08
BitField("attr_DIAG_BSD_INTENSIFY", 0, 1), # 04
BitField("attr_DIAG_BSD_INVISIBLE", 0, 1), # 02
BitField("attr_DIAG_BSD_PROTECTED", 0, 1), # 01
# DIAG_DGOTYP_FNAME
ConditionalField(
StrLenField("name_text",
"",
length_from=lambda pkt: pkt.atom_length - 13),
lambda pkt: pkt.etype == 114),
# DIAG_DGOTYP_PUSHBUTTON_2 */
ConditionalField(ByteField("pushbutton_v_length", 0),
lambda pkt: pkt.etype in [115]),
ConditionalField(ByteField("pushbutton_v_height", 0),
lambda pkt: pkt.etype in [115]),
ConditionalField(ShortField("pushbutton_function_code_offset", 0),
lambda pkt: pkt.etype in [115]),
ConditionalField(ShortField("pushbutton_text_offset", 0),
lambda pkt: pkt.etype in [115]),
ConditionalField(StrField("pushbutton_text", ""),
lambda pkt: pkt.etype in [115]),
ConditionalField(StrField("pushbutton_function_code", ""),
lambda pkt: pkt.etype in [115]),
# DIAG_DGOTYP_TABSTRIP_BUTTON
ConditionalField(ByteField("tabstripbutton_v_length", 0),
lambda pkt: pkt.etype in [116]),
ConditionalField(ByteField("tabstripbutton_v_height", 0),
lambda pkt: pkt.etype in [116]),
ConditionalField(ByteField("tabstripbutton_page_id", 0),
lambda pkt: pkt.etype in [116]),
ConditionalField(ShortField("tabstripbutton_function_code_offset", 0),
lambda pkt: pkt.etype in [116]),
ConditionalField(ShortField("tabstripbutton_text_offset", 0),
lambda pkt: pkt.etype in [116]),
ConditionalField(ShortField("tabstripbutton_id_offset", 0),
lambda pkt: pkt.etype in [116]),
ConditionalField(StrNullField("tabstripbutton_text", ""),
lambda pkt: pkt.etype in [116]),
ConditionalField(StrNullField("tabstripbutton_function_code", ""),
lambda pkt: pkt.etype in [116]),
ConditionalField(StrNullField("tabstripbutton_id", ""),
lambda pkt: pkt.etype in [116]),
# DIAG_DGOTYP_XMLPROP
ConditionalField(
StrLenField("xmlprop_text",
"",
length_from=lambda pkt: pkt.atom_length - 13),
lambda pkt: pkt.etype == 120),
# DIAG_DGOTYP_EFIELD_1 or DIAG_DGOTYP_OFIELD_1 or DIAG_DGOTYP_KEYWORD_1
ConditionalField(ByteField("field1_flag1", 0),
lambda pkt: pkt.etype in [121, 122, 123]),
ConditionalField(
FieldLenField("field1_dlen",
None,
fmt="B",
length_of="field1_text"),
lambda pkt: pkt.etype in [121, 122, 123]),
ConditionalField(ByteField("field1_mlen", 0),
lambda pkt: pkt.etype in [121, 122, 123]),
ConditionalField(ShortField("field1_maxnrchars", 0),
lambda pkt: pkt.etype in [121, 122, 123]),
ConditionalField(
StrLenField("field1_text",
"",
length_from=lambda pkt: pkt.field1_dlen),
lambda pkt: pkt.etype in [121, 122, 123]),
# DIAG_DGOTYP_FRAME_1
ConditionalField(ShortField("frame_drows", 0),
lambda pkt: pkt.etype in [127]),
ConditionalField(ShortField("frame_dcols", 0),
lambda pkt: pkt.etype in [127]),
ConditionalField(
StrLenField("frame_text",
"",
length_from=lambda pkt: pkt.atom_length - 17),
lambda pkt: pkt.etype in [127]),
# DIAG_DGOTYP_RADIOBUTTON_3
ConditionalField(ByteField("radiobutton_button", 0),
lambda pkt: pkt.etype in [129]),
ConditionalField(ShortField("radiobutton_visible_label_length", 0),
lambda pkt: pkt.etype in [129]),
ConditionalField(ShortField("radiobutton_event_id_off", 0),
lambda pkt: pkt.etype in [129]),
ConditionalField(ByteField("radiobutton_event_id_len", 0),
lambda pkt: pkt.etype in [129]),
ConditionalField(ShortField("radiobutton_text_off", 0),
lambda pkt: pkt.etype in [129]),
ConditionalField(ShortField("radiobutton_text_length", 0),
lambda pkt: pkt.etype in [129]),
ConditionalField(
StrLenField("radiobutton_text",
"",
length_from=lambda pkt: pkt.radiobutton_event_id_len +
pkt.radiobutton_text_length),
lambda pkt: pkt.etype in [129]),
# DIAG_DGOTYP_EFIELD_2 or DIAG_DGOTYP_OFIELD_2 or DIAG_DGOTYP_KEYWORD_2
ConditionalField(ShortField("field2_flag1", 0),
lambda pkt: pkt.etype in [130, 131, 132]),
ConditionalField(
FieldLenField("field2_dlen",
None,
fmt="B",
length_of="field2_text"),
lambda pkt: pkt.etype in [130, 131, 132]),
ConditionalField(ByteField("field2_mlen", 0),
lambda pkt: pkt.etype in [130, 131, 132]),
ConditionalField(ShortField("field2_maxnrchars", 0),
lambda pkt: pkt.etype in [130, 131, 132]),
ConditionalField(
StrLenField("field2_text",
"",
length_from=lambda pkt: pkt.field2_dlen),
lambda pkt: pkt.etype in [130, 131, 132]),
# Remaining types
ConditionalField(
StrLenField("value",
"",
length_from=lambda pkt: pkt.atom_length - 13),
lambda pkt: pkt.etype not in
[114, 115, 116, 120, 121, 122, 123, 127, 129, 130, 131, 132]),
]
def post_build(self, p, pay):
if pay is None:
pay = ''
# Update the atom_length field (first 2 bytes) with the packet length
p = pack("!H", len(p)) + p[2:]
return p + pay
def __init__(self, name, default, encoding="utf-16", padd="\x0c",
fmt="H", remain=0):
StrField.__init__(self, name, default, fmt, remain)
self.encoding = encoding
self.padd = padd
def __init__(self, name, default, length=None, length_from=None):
StrField.__init__(self, name, default)
self.length_from = length_from
if length is not None:
self.length_from = lambda pkt, length=length: length
