diff options
| author | Guy Harris <guy@alum.mit.edu> | 2001-03-18 03:23:30 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2001-03-18 03:23:30 +0000 |
| commit | b8289288e85f21c738cf00d27d0f5a33062dbcab (patch) | |
| tree | b2412a5008626726a43a9a06f3508ce140d9c90e | |
| parent | 8e268424e1a1542c9d2e355c874c61912fb166c1 (diff) | |
Correctly handle Interim responses to TRANSACTION requests.
Move the declaration of routines exported from "packet-smb-mailslot.c"
into a "packet-smb-mailslot.h" header file, and have modules that import
those routines include "packet-smb-mailslot.h" rather than declaring the
routines themselves; do the same for routines exported from
"packet-smb-pipe.c". Make routines not exported static, and make
routines that return a true/false return value "gboolean" rather than
"guint32".
svn path=/trunk/; revision=3146
| -rw-r--r-- | Makefile.am | 4 | ||||
| -rw-r--r-- | packet-smb-mailslot.c | 32 | ||||
| -rw-r--r-- | packet-smb-mailslot.h | 30 | ||||
| -rw-r--r-- | packet-smb-pipe.c | 99 | ||||
| -rw-r--r-- | packet-smb-pipe.h | 37 | ||||
| -rw-r--r-- | packet-smb.c | 56 |
6 files changed, 207 insertions, 51 deletions
diff --git a/Makefile.am b/Makefile.am index 7d5a82e02a..3ff1e4e699 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Ethereal # -# $Id: Makefile.am,v 1.291 2001/03/18 02:13:32 guy Exp $ +# $Id: Makefile.am,v 1.292 2001/03/18 03:23:30 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs <gerald@zing.org> @@ -293,6 +293,8 @@ noinst_HEADERS = \ packet-sll.h \ packet-smb.h \ packet-smb-common.h \ + packet-smb-mailslot.h \ + packet-smb-pipe.h \ packet-sna.h \ packet-snmp.h \ packet-sscop.h \ diff --git a/packet-smb-mailslot.c b/packet-smb-mailslot.c index 46396cb496..c0a96adca9 100644 --- a/packet-smb-mailslot.c +++ b/packet-smb-mailslot.c @@ -1,8 +1,8 @@ /* packet-smb-mailslot.c - * Routines for smb mailslot packet dissection + * Routines for SMB mailslot packet dissection * Copyright 2000, Jeffrey C. Foster <jfoste@woodward.com> * - * $Id: packet-smb-mailslot.c,v 1.9 2001/01/03 06:55:32 guy Exp $ + * $Id: packet-smb-mailslot.c,v 1.10 2001/03/18 03:23:30 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -27,6 +27,8 @@ #include "packet-smb-common.h" +#include "packet-smb-mailslot.h" +#include "packet-smb-pipe.h" static int proto_smb_msp = -1; @@ -42,12 +44,6 @@ dissect_mailslot_browse(const u_char *pd, int offset, frame_data *fd, int DataOffset, int DataCount); extern guint32 -dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, - proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, - int SMB_offset, int errcode, int dirn, const u_char *command, - int DataOffset, int DataCount, int ParameterOffset, int ParameterCount); - -extern guint32 dissect_smb_ntlogon(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, const u_char *command, @@ -62,7 +58,7 @@ dissect_smb_logon(const u_char *pd, int offset, frame_data *fd, -guint32 +gboolean dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, const u_char *command, @@ -78,17 +74,23 @@ dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd, const char *StrPtr; if (!proto_is_protocol_enabled(proto_smb_msp)) - return 0; + return FALSE; + if (check_col(fd, COL_PROTOCOL)) + col_set_str(fd, COL_PROTOCOL, "SMB Mailslot"); + + if (DataOffset < 0) { + /* Interim reply */ + col_set_str(fd, COL_INFO, "Interim reply"); + return TRUE; + } + /* do the Op code field */ Temp16 = GSHORT(pd, offset); /* get Op code */ - if (check_col(fd, COL_PROTOCOL)) - col_set_str(fd, COL_PROTOCOL, "SMB Mailslot"); - if (check_col(fd, COL_INFO)) - col_add_fstr(fd, COL_INFO, "%s", + col_set_str(fd, COL_INFO, ( Temp16 == 1 ? "Write Mail slot" : "Unknown")); @@ -169,7 +171,7 @@ dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd, command, DataOffset, DataCount); } - return 1; + return TRUE; } diff --git a/packet-smb-mailslot.h b/packet-smb-mailslot.h new file mode 100644 index 0000000000..e22dd17405 --- /dev/null +++ b/packet-smb-mailslot.h @@ -0,0 +1,30 @@ +/* packet-smb-mailslot.h + * Declaration of routines for SMB mailslot packet dissection + * Copyright 2000, Jeffrey C. Foster <jfoste@woodward.com> + * + * $Id: packet-smb-mailslot.h,v 1.1 2001/03/18 03:23:30 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@zing.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +gboolean +dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd, + proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, + int SMB_offset, int errcode, int dirn, const u_char *command, + int DataOffset, int DataCount, int ParameterOffset, int ParameterCount); diff --git a/packet-smb-pipe.c b/packet-smb-pipe.c index 733555583c..1596b148e3 100644 --- a/packet-smb-pipe.c +++ b/packet-smb-pipe.c @@ -1,8 +1,8 @@ /* packet-smb-pipe.c - * Routines for smb packet dissection + * Routines for SMB named pipe packet dissection * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> * - * $Id: packet-smb-pipe.c,v 1.15 2001/01/03 06:55:32 guy Exp $ + * $Id: packet-smb-pipe.c,v 1.16 2001/03/18 03:23:30 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -48,6 +48,7 @@ #include "smb.h" #include "alignment.h" #include "strutil.h" +#include "packet-smb-pipe.h" static int proto_smb_lanman = -1; @@ -129,7 +130,7 @@ struct lanman_desc lmd[] = { {-1, NULL, NULL,NULL, NULL, NULL} }; -struct lanman_desc * +static struct lanman_desc * find_lanman(int lanman_num) { int i = 0; @@ -156,7 +157,8 @@ find_lanman(int lanman_num) #define NETSHAREENUM 0x00 /* 00 */ #define NETSERVERENUM2 0x68 /* 104 */ -void dissect_server_flags(proto_tree *tree, int offset, int length, int flags) +static void +dissect_server_flags(proto_tree *tree, int offset, int length, int flags) { proto_tree_add_text(tree, NullTVB, offset, length, "%s", decode_boolean_bitfield(flags, 0x0001, length*8, "Workstation", "Not Workstation")); @@ -217,8 +219,10 @@ static int pd_p_current = 0, pd_d_current = 0, in_params = 0, need_data = 0; static int lm_ent_count = 0, lm_act_count = 0; /* Initialize the various data structure */ -void -dissect_transact_engine_init(const u_char *pd, const char *param_desc, const char *data_desc, int SMB_offset, int ParameterOffset, int ParameterCount, int DataOffset, int DataCount) +static void +dissect_transact_engine_init(const u_char *pd, const char *param_desc, + const char *data_desc, int SMB_offset, int ParameterOffset, + int ParameterCount, int DataOffset, int DataCount) { d_count = DataCount; @@ -264,7 +268,7 @@ int get_act_count() } -int get_byte_count(const u_char *p_data) +static int get_byte_count(const u_char *p_data) { int count = 0, off = 0; @@ -283,7 +287,8 @@ int get_byte_count(const u_char *p_data) /* We pull out the next item in the appropriate place and display it */ /* We display the parameters first, then the data, then any auxilliary data */ -int dissect_transact_next(const u_char *pd, char *Name, int dirn, proto_tree *tree) +static int +dissect_transact_next(const u_char *pd, char *Name, int dirn, proto_tree *tree) { /* guint8 BParam; */ guint16 WParam = 0; @@ -553,7 +558,7 @@ static const value_string share_type_vals[] = { {0, NULL} }; -guint32 +gboolean dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, @@ -574,7 +579,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, guint32 string_offset; if (check_col(fd, COL_PROTOCOL)) - col_add_fstr(fd, COL_PROTOCOL, "LANMAN"); + col_set_str(fd, COL_PROTOCOL, "LANMAN"); if (dirn == 1) { /* The request side */ @@ -588,7 +593,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "NetShareEnum Request"); + col_set_str(fd, COL_INFO, "NetShareEnum Request"); } @@ -661,7 +666,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "NetServerEnum2 %s", dirn ? "Request" : "Response"); + col_set_str(fd, COL_INFO, "NetServerEnum2 Request"); } @@ -744,7 +749,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, loc_offset += 4; - return 1; + return TRUE; break; default: /* Just try to handle what is there ... */ @@ -827,6 +832,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, } } else { /* Dirn == 0, response */ + gboolean is_interim_response; guint16 Status; guint16 Convert; guint16 EntCount; @@ -847,7 +853,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, if (si.request_val -> trans_response_seen == 1) { if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "Transact Continuation"); + col_set_str(fd, COL_INFO, "Transact Continuation"); } if (tree) { @@ -860,20 +866,34 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, } - return 1; + return TRUE; } si.request_val -> trans_response_seen = 1; + is_interim_response = (DataOffset < 0); + switch (FunctionCode) { case NETSHAREENUM: + if (is_interim_response) { + + if (check_col(fd, COL_INFO)) { + + col_set_str(fd, COL_INFO, "NetShareEnum Interim Response"); + + } + + return TRUE; + + } + if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "NetShareEnum Response"); + col_set_str(fd, COL_INFO, "NetShareEnum Response"); } @@ -996,9 +1016,21 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, case NETSERVERENUM2: + if (is_interim_response) { + + if (check_col(fd, COL_INFO)) { + + col_set_str(fd, COL_INFO, "NetShareEnum2 Interim Response"); + + } + + return TRUE; + + } + if (check_col(fd, COL_INFO)) { - col_add_fstr(fd, COL_INFO, "NetServerEnum2 %s", dirn ? "Request" : "Response"); + col_set_str(fd, COL_INFO, "NetServerEnum2 Response"); } @@ -1155,6 +1187,22 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, lanman = find_lanman(si.request_val -> last_lanman_cmd); + if (is_interim_response) { + + if (check_col(fd, COL_INFO)) { + + if (lanman) { + col_add_fstr(fd, COL_INFO, "%s Interim Response", lanman -> lanman_name); + } + else { + col_add_fstr(fd, COL_INFO, "Unknown LANMAN Interim Response: %u", FunctionCode); + } + } + + return TRUE; + + } + if (check_col(fd, COL_INFO)) { if (lanman) { @@ -1213,31 +1261,34 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, } - return 1; + return TRUE; break; } } - return 0; + return FALSE; } -guint32 +gboolean dissect_pipe_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, const u_char *command, int DataOffset, int DataCount, int ParameterOffset, int ParameterCount) { if (!proto_is_protocol_enabled(proto_smb_lanman)) - return 0; + return FALSE; - if (command != NULL && strcmp(command, "LANMAN") == 0) { /* Try to decode a LANMAN */ + if (command != NULL && strcmp(command, "LANMAN") == 0) { + /* Try to decode a LANMAN */ - return dissect_pipe_lanman(pd, offset, fd, parent, tree, si, max_data, SMB_offset, errcode, dirn, command, DataOffset, DataCount, ParameterOffset, ParameterCount); + return dissect_pipe_lanman(pd, offset, fd, parent, tree, si, max_data, + SMB_offset, errcode, dirn, command, DataOffset, + DataCount, ParameterOffset, ParameterCount); } - return 0; + return FALSE; } diff --git a/packet-smb-pipe.h b/packet-smb-pipe.h new file mode 100644 index 0000000000..5b7f00d9c3 --- /dev/null +++ b/packet-smb-pipe.h @@ -0,0 +1,37 @@ +/* packet-smb-pipe.h + * Declarations of routines for SMB named pipe packet dissection + * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> + * + * $Id: packet-smb-pipe.h,v 1.1 2001/03/18 03:23:30 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@zing.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +gboolean +dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd, + proto_tree *parent, proto_tree *tree, struct smb_info si, + int max_data, int SMB_offset, int errcode, int dirn, + const u_char *command, int DataOffset, int DataCount, + int ParameterOffset, int ParameterCount); + +gboolean +dissect_pipe_smb(const u_char *pd, int offset, frame_data *fd, + proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, + int SMB_offset, int errcode, int dirn, const u_char *command, + int DataOffset, int DataCount, int ParameterOffset, int ParameterCount); diff --git a/packet-smb.c b/packet-smb.c index c20ad9190e..c0923e9d01 100644 --- a/packet-smb.c +++ b/packet-smb.c @@ -2,7 +2,7 @@ * Routines for smb packet dissection * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> * - * $Id: packet-smb.c,v 1.79 2001/01/29 08:14:41 sharpe Exp $ + * $Id: packet-smb.c,v 1.80 2001/03/18 03:23:30 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@zing.org> @@ -49,10 +49,8 @@ #include "alignment.h" #include "strutil.h" -guint32 dissect_mailslot_smb(const u_char *, int, frame_data *, proto_tree *, proto_tree *, struct smb_info, int, int, int, int, const u_char *, int, int, int, int); - -guint32 dissect_pipe_smb(const u_char *, int, frame_data *, proto_tree *, proto_tree *, struct smb_info, int, int, int, int, const u_char *, int, int, int, int); - +#include "packet-smb-mailslot.h" +#include "packet-smb-pipe.h" static int proto_smb = -1; @@ -9038,7 +9036,7 @@ dissect_transact2_smb(const u_char *pd, int offset, frame_data *fd, proto_tree * proto_tree_add_text(Flags_tree, NullTVB, offset, 2, "%s", decode_boolean_bitfield(Flags, 0x02, 16, "One way transaction", "Two way transaction")); -} + } offset += 2; /* Skip Flags */ @@ -9504,8 +9502,12 @@ dissect_transact2_smb(const u_char *pd, int offset, frame_data *fd, proto_tree * } -void -dissect_transact_params(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, int DataOffset, int DataCount, int ParameterOffset, int ParameterCount, int SetupAreaOffset, int SetupCount, const char *TransactName) +static void +dissect_transact_params(const u_char *pd, int offset, frame_data *fd, + proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, + int SMB_offset, int errcode, int dirn, int DataOffset, int DataCount, + int ParameterOffset, int ParameterCount, int SetupAreaOffset, + int SetupCount, const char *TransactName) { char *TransactNameCopy; char *trans_type = NULL, *trans_cmd, *loc_of_slash = NULL; @@ -9535,9 +9537,14 @@ dissect_transact_params(const u_char *pd, int offset, frame_data *fd, proto_tree if ((trans_cmd == NULL) || (((trans_type == NULL || strcmp(trans_type, "MAILSLOT") != 0) || - !dissect_mailslot_smb(pd, SetupAreaOffset, fd, parent, tree, si, max_data, SMB_offset, errcode, dirn, trans_cmd, SMB_offset + DataOffset, DataCount, SMB_offset + ParameterOffset, ParameterCount)) && + !dissect_mailslot_smb(pd, SetupAreaOffset, fd, parent, tree, si, + max_data, SMB_offset, errcode, dirn, trans_cmd, + SMB_offset + DataOffset, DataCount, + SMB_offset + ParameterOffset, ParameterCount)) && ((trans_type == NULL || strcmp(trans_type, "PIPE") != 0) || - !dissect_pipe_smb(pd, offset, fd, parent, tree, si, max_data, SMB_offset, errcode, dirn, trans_cmd, DataOffset, DataCount, ParameterOffset, ParameterCount)))) { + !dissect_pipe_smb(pd, offset, fd, parent, tree, si, max_data, + SMB_offset, errcode, dirn, trans_cmd, DataOffset, + DataCount, ParameterOffset, ParameterCount)))) { if (ParameterCount > 0) { @@ -9764,7 +9771,7 @@ dissect_transact_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *p proto_tree_add_text(Flags_tree, NullTVB, offset, 2, "%s", decode_boolean_bitfield(Flags, 0x02, 16, "One way transaction", "Two way transaction")); -} + } offset += 2; /* Skip Flags */ @@ -9982,6 +9989,33 @@ dissect_transact_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *p offset += 1; /* Skip Word Count (WCT) */ + if (WordCount == 0) { + + /* Interim response. + XXX - should we tag it as such? */ + + /* Build display for: Byte Count (BCC) */ + + ByteCount = GSHORT(pd, offset); + + if (tree) { + + proto_tree_add_text(tree, NullTVB, offset, 2, "Byte Count (BCC): %u", ByteCount); + + } + + offset += 2; /* Skip Byte Count (BCC) */ + + /* Dissect the interim response by showing the type of request to + which it's a reply. */ + dissect_transact_params(pd, offset, fd, parent, tree, si, max_data, + SMB_offset, errcode, dirn, -1, -1, -1, -1, -1, -1, + si.request_val -> last_transact_command); + + return; + + } + /* Build display for: Total Parameter Count */ TotalParameterCount = GSHORT(pd, offset); |