From 704abdc0e505ce4dac40f5d6a45370949922c415 Mon Sep 17 00:00:00 2001
From: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>
Date: Fri, 25 Nov 2005 08:02:40 +0000
Subject: add some more infolevels

svn path=/trunk/; revision=16585
---
 epan/dissectors/packet-smb.c  | 40 ++++++++++++++++++++++--
 epan/dissectors/packet-smb.h  |  2 ++
 epan/dissectors/packet-smb2.c | 71 +++++++++++++++++++++++++------------------
 3 files changed, 81 insertions(+), 32 deletions(-)

diff --git a/epan/dissectors/packet-smb.c b/epan/dissectors/packet-smb.c
index 6141d2739a..c2bcd1cea6 100644
--- a/epan/dissectors/packet-smb.c
+++ b/epan/dissectors/packet-smb.c
@@ -620,6 +620,8 @@ static int hf_smb_unix_find_file_resumekey = -1;
 static int hf_smb_network_unknown = -1;
 static int hf_smb_disposition_delete_on_close = -1;
 static int hf_smb_mode = -1;
+static int hf_smb_attribute = -1;
+static int hf_smb_reparse_tag = -1;
 
 static gint ett_smb = -1;
 static gint ett_smb_hdr = -1;
@@ -10921,8 +10923,8 @@ dissect_4_2_16_13(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
 
 /* this dissects the SMB_QUERY_FILE_NETWORK_OPEN_INFO
 */
-static int
-dissect_smb_query_file_network_open_info(tvbuff_t *tvb, 
+int
+dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO(tvbuff_t *tvb, 
     packet_info *pinfo, proto_tree *tree,
     int offset, guint16 *bcp, gboolean *trunc)
 {
@@ -10956,6 +10958,27 @@ dissect_smb_query_file_network_open_info(tvbuff_t *tvb,
 	return offset;
 }
 
+/* this dissects the SMB_QUERY_FILE_NETWORK_OPEN_INFO
+*/
+int
+dissect_qfi_SMB_FILE_ATTRIBUTE_TAG_INFO(tvbuff_t *tvb, 
+    packet_info *pinfo, proto_tree *tree,
+    int offset, guint16 *bcp, gboolean *trunc)
+{
+	/* attribute */
+        CHECK_BYTE_COUNT_SUBR(4);
+	proto_tree_add_item(tree, hf_smb_attribute, tvb, offset, 4, TRUE);
+        COUNT_BYTES_SUBR(4);
+
+	/* reparse tag */
+        CHECK_BYTE_COUNT_SUBR(4);
+	proto_tree_add_item(tree, hf_smb_reparse_tag, tvb, offset, 4, TRUE);
+        COUNT_BYTES_SUBR(4);
+
+	*trunc = FALSE;
+	return offset;
+}
+
 /* this dissects the SMB_SET_FILE_DISPOSITION_INFO
    as described in 4.2.19.2
 */
@@ -11171,7 +11194,10 @@ dissect_qpi_loi_vals(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree,
 		    &trunc);
 		break;
         case 1034:     /* SMB_FILE_NETWORK_OPEN_INFO */
-                offset = dissect_smb_query_file_network_open_info(tvb, pinfo, tree, offset, bcp, &trunc);
+                offset = dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO(tvb, pinfo, tree, offset, bcp, &trunc);
+                break;
+        case 1035:     /* SMB_FILE_ATTRIBUTE_TAG_INFO */
+                offset = dissect_qfi_SMB_FILE_ATTRIBUTE_TAG_INFO(tvb, pinfo, tree, offset, bcp, &trunc);
                 break;
 	case 0x0200:	/* Query File Unix Basic*/
 		offset = dissect_4_2_16_12(tvb, pinfo, tree, offset, bcp, 
@@ -17653,6 +17679,14 @@ proto_register_smb(void)
           { "Mode", "smb.mode", FT_UINT32, BASE_HEX,
             NULL, 0, "", HFILL }},
 
+        { &hf_smb_attribute,
+          { "Attribute", "smb.attribute", FT_UINT32, BASE_HEX,
+            NULL, 0, "", HFILL }},
+
+        { &hf_smb_reparse_tag,
+          { "Reparse Tag", "smb.reparse_tag", FT_UINT32, BASE_HEX,
+            NULL, 0, "", HFILL }},
+
 	{ &hf_smb_disposition_delete_on_close,
 	  { "Delete on close", "smb.disposition.delete_on_close", FT_BOOLEAN, 8,
 		TFS(&tfs_disposition_delete_on_close), 0x01, "", HFILL }},
diff --git a/epan/dissectors/packet-smb.h b/epan/dissectors/packet-smb.h
index 1aac72b45e..401e642fdc 100644
--- a/epan/dissectors/packet-smb.h
+++ b/epan/dissectors/packet-smb.h
@@ -314,5 +314,7 @@ extern int dissect_qfi_SMB_FILE_POSITION_INFO(tvbuff_t *tvb, packet_info *pinfo,
 extern int dissect_qfi_SMB_FILE_MODE_INFO(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint16 *bcp, gboolean *trunc);
 extern int dissect_qfi_SMB_FILE_ALIGNMENT_INFO(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint16 *bcp, gboolean *trunc);
 extern int dissect_qfi_SMB_FILE_COMPRESSION_INFO(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint16 *bcp, gboolean *trunc);
+extern int dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint16 *bcp, gboolean *trunc);
+extern int dissect_qfi_SMB_FILE_ATTRIBUTE_TAG_INFO(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, guint16 *bcp, gboolean *trunc);
 
 #endif
diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c
index 51bd703c65..f097e936df 100644
--- a/epan/dissectors/packet-smb2.c
+++ b/epan/dissectors/packet-smb2.c
@@ -116,7 +116,8 @@ static int hf_smb2_file_info_12 = -1;
 static int hf_smb2_file_info_15 = -1;
 static int hf_smb2_file_info_16 = -1;
 static int hf_smb2_file_info_1c = -1;
-static int hf_smb2_file_info_22 = -1;
+static int hf_smb2_file_network_open_info = -1;
+static int hf_smb2_file_attribute_tag_info = -1;
 static int hf_smb2_fs_info_01 = -1;
 static int hf_smb2_fs_info_03 = -1;
 static int hf_smb2_fs_info_04 = -1;
@@ -176,7 +177,8 @@ static gint ett_smb2_file_info_12 = -1;
 static gint ett_smb2_file_info_15 = -1;
 static gint ett_smb2_file_info_16 = -1;
 static gint ett_smb2_file_info_1c = -1;
-static gint ett_smb2_file_info_22 = -1;
+static gint ett_smb2_file_network_open_info = -1;
+static gint ett_smb2_file_attribute_tag_info = -1;
 static gint ett_smb2_file_info_0a = -1;
 static gint ett_smb2_file_info_0d = -1;
 static gint ett_smb2_file_info_0f = -1;
@@ -222,7 +224,8 @@ static const value_string smb2_class_vals[] = {
 #define SMB2_FILE_INFO_15	0x15
 #define SMB2_FILE_INFO_16	0x16
 #define SMB2_FILE_INFO_1c	0x1c
-#define SMB2_FILE_INFO_22	0x22
+#define SMB2_FILE_NETWORK_OPEN_INFO	0x22
+#define SMB2_FILE_ATTRIBUTE_TAG_INFO	0x23
 
 #define SMB2_FS_INFO_01		0x01 
 #define SMB2_FS_INFO_03		0x03 
@@ -932,39 +935,41 @@ dissect_smb2_file_info_1c(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *par
 }
 
 static int
-dissect_smb2_file_info_22(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *parent_tree, int offset, smb2_info_t *si _U_)
+dissect_smb2_file_network_open_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *parent_tree, int offset, smb2_info_t *si _U_)
 {
 	proto_item *item=NULL;
 	proto_tree *tree=NULL;
+	guint16 bc;
+	gboolean trunc;
 
 	if(parent_tree){
-		item = proto_tree_add_item(parent_tree, hf_smb2_file_info_22, tvb, offset, -1, TRUE);
-		tree = proto_item_add_subtree(item, ett_smb2_file_info_22);
+		item = proto_tree_add_item(parent_tree, hf_smb2_file_network_open_info, tvb, offset, -1, TRUE);
+		tree = proto_item_add_subtree(item, ett_smb2_file_network_open_info);
 	}
 
-	/* create time */
-	offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_create_timestamp);
 
-	/* last access */
-	offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_access_timestamp);
+	bc=tvb_length_remaining(tvb, offset);
+	offset = dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO(tvb, pinfo, tree, offset, &bc, &trunc);
 
-	/* last write */
-	offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_write_timestamp);
+	return offset;
+}
 
-	/* last change */
-	offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_change_timestamp);
+static int
+dissect_smb2_file_attribute_tag_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *parent_tree, int offset, smb2_info_t *si _U_)
+{
+	proto_item *item=NULL;
+	proto_tree *tree=NULL;
+	guint16 bc;
+	gboolean trunc;
 
-	/* allocation size */
-	proto_tree_add_item(tree, hf_smb2_allocation_size, tvb, offset, 8, TRUE);
-	offset += 8;
+	if(parent_tree){
+		item = proto_tree_add_item(parent_tree, hf_smb2_file_attribute_tag_info, tvb, offset, -1, TRUE);
+		tree = proto_item_add_subtree(item, ett_smb2_file_attribute_tag_info);
+	}
 
-	/* end of file */
-	proto_tree_add_item(tree, hf_smb2_end_of_file, tvb, offset, 8, TRUE);
-	offset += 8;
 
-	/* some unknown bytes */
-	proto_tree_add_item(tree, hf_smb2_unknown, tvb, offset, 8, FALSE);
-	offset += 8;
+	bc=tvb_length_remaining(tvb, offset);
+	offset = dissect_qfi_SMB_FILE_ATTRIBUTE_TAG_INFO(tvb, pinfo, tree, offset, &bc, &trunc);
 
 	return offset;
 }
@@ -1724,8 +1729,11 @@ dissect_smb2_infolevel(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree,
 		case SMB2_FILE_INFO_1c:
 			dissect_smb2_file_info_1c(tvb, pinfo, tree, offset, si);
 			break;
-		case SMB2_FILE_INFO_22:
-			dissect_smb2_file_info_22(tvb, pinfo, tree, offset, si);
+		case SMB2_FILE_NETWORK_OPEN_INFO:
+			dissect_smb2_file_network_open_info(tvb, pinfo, tree, offset, si);
+			break;
+		case SMB2_FILE_ATTRIBUTE_TAG_INFO:
+			dissect_smb2_file_attribute_tag_info(tvb, pinfo, tree, offset, si);
 			break;
 		default:
 			/* we dont handle this infolevel yet */
@@ -3499,9 +3507,13 @@ proto_register_smb2(void)
 		{ "SMB2_FILE_EA_INFO", "smb2.smb2_file_ea_info", FT_NONE, BASE_NONE,
 		NULL, 0, "SMB2_FILE_EA_INFO structure", HFILL }},
 
-	{ &hf_smb2_file_info_22,
-		{ "SMB2_FILE_INFO_22", "smb2.smb2_file_info_22", FT_NONE, BASE_NONE,
-		NULL, 0, "SMB2_FILE_INFO_22 structure", HFILL }},
+	{ &hf_smb2_file_network_open_info,
+		{ "SMB2_FILE_NETWORK_OPEN_INFO", "smb2.smb2_file_network_open_info", FT_NONE, BASE_NONE,
+		NULL, 0, "SMB2_FILE_NETWORK_OPEN_INFO structure", HFILL }},
+
+	{ &hf_smb2_file_attribute_tag_info,
+		{ "SMB2_FILE_ATTRIBUTE_TAG_INFO", "smb2.smb2_file_attribute_tag_info", FT_NONE, BASE_NONE,
+		NULL, 0, "SMB2_FILE_ATTRIBUTE_TAG_INFO structure", HFILL }},
 
 	{ &hf_smb2_file_info_0d,
 		{ "SMB2_FILE_INFO_0d", "smb2.smb2_file_info_0d", FT_NONE, BASE_NONE,
@@ -3695,7 +3707,8 @@ proto_register_smb2(void)
 		&ett_smb2_file_info_15,
 		&ett_smb2_file_info_16,
 		&ett_smb2_file_info_1c,
-		&ett_smb2_file_info_22,
+		&ett_smb2_file_network_open_info,
+		&ett_smb2_file_attribute_tag_info,
 		&ett_smb2_fs_info_01,
 		&ett_smb2_fs_info_03,
 		&ett_smb2_fs_info_04,
-- 
cgit v1.2.3