Age | Commit message (Collapse) | Author | Files | Lines |
|
Also adjust the smb2_info_t structure that handles the value.
Bug: 12915
Change-Id: Ia314b8dc840b9d26d2c1d185f06ef93f242a3a7b
Reviewed-on: https://code.wireshark.org/review/19019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
According to spec,
https://msdn.microsoft.com/en-us/library/cc246499.aspx
share_type uses 1 byte.
But, current implementation allocates 2 bytes for it.
Change-Id: Ibf55c49168a417c16bde57aad368a1265040afae
Reviewed-on: https://code.wireshark.org/review/16695
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I69c949821395e3272cbb5bc7c7a142b5482f9d52
Reviewed-on: https://code.wireshark.org/review/14219
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
Change-Id: I6bae88395f46de0bc4c790ca41914c75e6c98793
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11359
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This can we used as salt for dcerpc connections over smb2.
The key is that we identify an open by the combination
of session_id, tree_id, persistent file_id and volative file_id.
As some broken implementations make the file_ids only unique
per tree connect.
Change-Id: I85cab68503560840a98d2d8d6c21b447b4242e3c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11358
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This changeset is a forward port of Gregors ms-wsp branch from his
repo http://repo.or.cz/w/wireshark-wip.git. Most of the messages of
the MS-WSP protocol are implemented here and as such consists of the
majority of the changes for the dissector.
In addition to the forward porting Gregors work I added some extra bits
1) cater for SMB2 Read Response and Write Request msgs that can also
contain MSWSP messages
2) update property specifications with info extracted from MS-WSP protocol
doc
3) store some basic data about previously seen messages that are needed
for dissecting CPMGetRows request
4) expand/update dissect_CPMSetBindings & parse_CTableColumn routines
5) parse and store CTableColumn & CPMSetBindingsIn structures in conversation
related data for use later.
6) fully dissect/parse SeekDesciption of CPMGetRowsOut
7) dissect CPMGetRows out message specifically the Rows & Columns
8) flesh out the boolean properties of uBooleanOptions field
9) flesh out various other dissectors:
CPMRatioFinished
CPMRestartPosition
CPMCompareBmkIn/CPMCompareBmkOut
CPMGetApproximatePosition
CPMGetSendNotifyOut
FindIndicesIn/Out
FetchValue
Bug: 11321
Change-Id: I68b5c2f3e63874c1dbb271feab89b2b8aa65ac39
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9440
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
https://www.wireshark.org/lists/wireshark-dev/201307/msg00250.html :
r51066 should have also updated the hf_ variable name, comments, and a couple
of data structures.
(I don't know this protocol so these changes are basically a half-educated
global search-n-replace.)
svn path=/trunk/; revision=51080
|
|
remove C++ incompatibilities
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416
svn path=/trunk/; revision=48355
|
|
NEW FEATURE IMPLEMENTED: SMB2 SUPPORT FOR EXPORT->OBJECTS->SMB
Added functionality:
- SMB2 support for Export->Objects->SMB
- support for SMB_COM_CREATE, SMB_COM_OPEN, SMB_COM_READ and SMB_COM_WRITE commands
- Ability to choose between File Id and full file name as identifier for file re-building. Implemented as an option under Edit->Preferences->Protocols->SMB and Edit->Preferences->Protocols->SMB2.
Other minor changes and fixes:
- Full filename in file
- Inclusion of IP of SMB server when treeid name (i.e. hostname) is not known
- UTF-8 filenames encoding before passing them to Export Object Window
- Re-written insert_chunk function of export_object_smb.c to make it easier to debug
- Fixed of an error in insert_chunk function of export_object_smb.c (the verification of next free_chunk was always skipped after deleting one free_chunk).
- Removed duplicated code by inserting the function feed_eo_smb in packet-smb.c and packet-smb2.c
- Changed the label of Export->Objects->SMB menu into Export->Objects->SMB/SMB2
svn path=/trunk/; revision=48210
|
|
Also remove old WS_VAR_IMPORT define and related Makefile magic
everywhere in the project.
svn path=/trunk/; revision=47992
|
|
This patches add some missing things for SMB2/3 and support for decryption
of SMB3 traffic
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7645
From me: Change an initializer from C99 to C89 style (since the
Microsoft compiler doesn't support C99).
svn path=/trunk/; revision=44542
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
From Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=42768
|
|
svn path=/trunk/; revision=34692
|
|
svn path=/trunk/; revision=24321
|
|
opcua: warning: function declaration isn't a prototype
rest: comma at end of enumerator
svn path=/trunk/; revision=21885
|
|
svn path=/trunk/; revision=21794
|
|
patch to find and enhancement of extra_info handling
svn path=/trunk/; revision=21793
|
|
ioctl data that already exists for smb2
svn path=/trunk/; revision=21713
|
|
function code) instead of a structure
extend the nt trans structure to contain a ioctl function code for smb1
svn path=/trunk/; revision=21712
|
|
the one in smb2 instead since the smb2 one is more developed.
svn path=/trunk/; revision=21711
|
|
definition in the Catapult DCT2000 code.
svn path=/trunk/; revision=18524
|
|
svn path=/trunk/; revision=18196
|
|
dissect smb2 break responses used by a server to break an oplock
these unsolicited responses are sent with a commandseqnum of -1 so mark these in the header as unsolicited as well
svn path=/trunk/; revision=17820
|
|
add dissection of the "Signature present" bit
and the 16 byte signature field in the header
svn path=/trunk/; revision=17206
|
|
svn path=/trunk/; revision=17202
|
|
If the P bit is NOT set, then flag the PID field as "(not valid)"
Sicne the TID might be undefined/0 in the response to a "pending" read
we cant use that solely to determine if a read was for a named/pipe (==dcerpc)
Assume that only NamedPipe reads can be STATUS_PENDING and thus have the P bit set and assume it IS dcerpc if the P bit is set.
svn path=/trunk/; revision=17197
|
|
update to tid and uid tracking
svn path=/trunk/; revision=16893
|
|
authenticate.
If known put the account name, domain name, host name and which frame the suer authenticated in in an expansion below UID in the SMB2 header
svn path=/trunk/; revision=16723
|
|
bytes in smb for objectid)
svn path=/trunk/; revision=16682
|
|
later in the ioctl_data dissector
svn path=/trunk/; revision=16634
|
|
it does not yet multiplex between different files but it is better than nothing
svn path=/trunk/; revision=16484
|
|
stronger for determining what might and what might not be a pipe
add TID tracking. for all TreeConnect requests/resposnes seen, store the name->tid mapping and other metadata.
as a freebee the disswection of the tid in the ehader is aware of this table so when a tid value is dissected in the header and we known the name for this tid then put it in an expansion below the tid.
svn path=/trunk/; revision=16483
|
|
we can regenerate from the header
we need to remember between request/response
we need on a per conersation bases
to reduce the amount of data we store in the per req/resp pair since there will be many of them and we want that struct as small as possible.
svn path=/trunk/; revision=16482
|
|
svn path=/trunk/; revision=16478
|
|
we will do service-response-time statistics before other inferior products have even noticed a new protocol is in town.
svn path=/trunk/; revision=16463
|