diff options
| author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2006-02-07 21:30:21 +0000 |
|---|---|---|
| committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2006-02-07 21:30:21 +0000 |
| commit | 3cb23ec4f80d5eae31c3331863ea0213967cfdb6 (patch) | |
| tree | 04a3858600eecc2cd2bed55b8208b6520bec9a6b /epan/dissectors/packet-smb2.c | |
| parent | 250a7011441254ebc376da932064760e0e5e890a (diff) | |
smb2 signing
add dissection of the "Signature present" bit
and the 16 byte signature field in the header
svn path=/trunk/; revision=17206
Diffstat (limited to 'epan/dissectors/packet-smb2.c')
| -rw-r--r-- | epan/dissectors/packet-smb2.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c index 98b55220f2..a1ef90d633 100644 --- a/epan/dissectors/packet-smb2.c +++ b/epan/dissectors/packet-smb2.c @@ -64,6 +64,7 @@ static int hf_smb2_tid = -1; static int hf_smb2_uid = -1; static int hf_smb2_flags_response = -1; static int hf_smb2_flags_pid_valid = -1; +static int hf_smb2_flags_signature = -1; static int hf_smb2_response_buffer_offset = -1; static int hf_smb2_security_blob_offset = -1; static int hf_smb2_security_blob_len = -1; @@ -184,6 +185,7 @@ static int hf_smb2_host_name = -1; static int hf_smb2_auth_frame = -1; static int hf_smb2_tcon_frame = -1; static int hf_smb2_share_type = -1; +static int hf_smb2_signature = -1; static gint ett_smb2 = -1; static gint ett_smb2_olb = -1; @@ -670,6 +672,11 @@ static const true_false_string tfs_flags_pid_valid = { "The pid field if NOT valid" }; +static const true_false_string tfs_flags_signature = { + "This pdu is SIGNED", + "This pdu is NOT signed" +}; + static const value_string compression_format_vals[] = { { 0, "COMPRESSION_FORMAT_NONE" }, { 1, "COMPRESSION_FORMAT_DEFAULT" }, @@ -4166,6 +4173,7 @@ dissect_smb2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) "Flags: 0x%08x", si->flags); flags_tree = proto_item_add_subtree(flags_item, ett_smb2_flags); } + proto_tree_add_boolean(flags_tree, hf_smb2_flags_signature, tvb, offset, 4, si->flags); proto_tree_add_boolean(flags_tree, hf_smb2_flags_pid_valid, tvb, offset, 4, si->flags); proto_tree_add_boolean(flags_tree, hf_smb2_flags_response, tvb, offset, 4, si->flags); @@ -4189,13 +4197,9 @@ dissect_smb2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree) /* Tree ID and User ID */ offset = dissect_smb2_tid_uid(pinfo, header_tree, tvb, offset, si); - /* some unknown bytes */ - proto_tree_add_item(header_tree, hf_smb2_unknown, tvb, offset, 4, FALSE); - offset += 4; - - /* some unknown bytes */ - proto_tree_add_item(header_tree, hf_smb2_unknown, tvb, offset, 12, FALSE); - offset += 12; + /* Signature */ + proto_tree_add_item(header_tree, hf_smb2_signature, tvb, offset, 16, FALSE); + offset += 16; proto_item_set_len(header_item, offset-old_offset); @@ -4383,6 +4387,9 @@ proto_register_smb2(void) { &hf_smb2_flags_pid_valid, { "PID Valid", "smb2.flags.pid_valid", FT_BOOLEAN, 32, TFS(&tfs_flags_pid_valid), SMB2_FLAGS_PID_VALID, "Whether the PID field is valid or not", HFILL }}, + { &hf_smb2_flags_signature, + { "Signing", "smb2.flags.signature", FT_BOOLEAN, 32, + TFS(&tfs_flags_signature), SMB2_FLAGS_SIGNATURE, "Whether the pdu is signed or not", HFILL }}, { &hf_smb2_tree, { "Tree", "smb2.tree", FT_STRING, BASE_NONE, NULL, 0, "Name of the Tree/Share", HFILL }}, @@ -4814,6 +4821,10 @@ proto_register_smb2(void) { "Host", "smb2.host", FT_STRING, BASE_NONE, NULL, 0, "Host Name", HFILL }}, + { &hf_smb2_signature, + { "Signature", "smb2.signature", FT_BYTES, BASE_HEX, + NULL, 0, "Signature", HFILL }}, + { &hf_smb2_unknown, { "unknown", "smb2.unknown", FT_BYTES, BASE_HEX, NULL, 0, "Unknown bytes", HFILL }}, |