3 files changed, 82 insertions, 49 deletions

diff --git a/Makefile.am b/Makefile.am
index 1ea914f554..7671fc8a84 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -45,6 +45,7 @@ ethereal_SOURCES = \
 	packet-ppp.c   \
 	packet-raw.c   \
 	packet-rip.c   \
+	packet-smb.c   \
 	packet-tcp.c   \
 	packet-telnet.c \
 	packet-tftp.c  \
diff --git a/packet-nbns.c b/packet-nbns.c
index 7909d71e5a..9f2d7ce49f 100644
--- a/packet-nbns.c
+++ b/packet-nbns.c
@@ -4,7 +4,7 @@
  * Gilbert Ramirez <gram@verdict.uthscsa.edu>
  * Much stuff added by Guy Harris <guy@netapp.com>
  *
- * $Id: packet-nbns.c,v 1.15 1999/04/30 03:16:02 guy Exp $
+ * $Id: packet-nbns.c,v 1.16 1999/05/09 04:16:35 sharpe Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -1152,10 +1152,13 @@ static const value_string error_codes[] = {
 
 /*
  * Dissect a single NBSS packet (there may be more than one in a given TCP
- * segment).
+ * segment). Hmmm, in my experience, I have never seen more than one NBSS
+ * in a single segment, since they mostly contain SMBs which are essentially
+ * a request response type protocol (RJS). Also, a single session message 
+ * may be split over multiple segments.
  */
 static int
-dissect_nbss_packet(const u_char *pd, int offset, proto_tree *tree, int max_data)
+dissect_nbss_packet(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int max_data)
 {
 	proto_tree	*nbss_tree;
 	proto_item	*ti;
@@ -1173,62 +1176,82 @@ dissect_nbss_packet(const u_char *pd, int offset, proto_tree *tree, int max_data
 	if (flags & NBSS_FLAGS_E)
 		length += 65536;
 
-	ti = proto_tree_add_item(tree, offset, length + 4,
-			"NetBIOS Session Service");
-	nbss_tree = proto_tree_new();
-	proto_item_add_subtree(ti, nbss_tree, ETT_NBSS);
+	if (tree) {
+	  ti = proto_tree_add_item(tree, offset, length + 4,
+				   "NetBIOS Session Service");
+	  nbss_tree = proto_tree_new();
+	  proto_item_add_subtree(ti, nbss_tree, ETT_NBSS);
+	  
+	  proto_tree_add_item(nbss_tree, offset, 1, "Message Type: %s",
+			      val_to_str(msg_type, message_types, "Unknown (%x)"));
+	}
 
-	proto_tree_add_item(nbss_tree, offset, 1, "Message Type: %s",
-	    val_to_str(msg_type, message_types, "Unknown"));
 	offset += 1;
 
-	tf = proto_tree_add_item(nbss_tree, offset, 1, "Flags: 0x%04x", flags);
-	field_tree = proto_tree_new();
-	proto_item_add_subtree(tf, field_tree, ETT_NBSS_FLAGS);
-	proto_tree_add_item(field_tree, offset, 1, "%s",
-	    decode_boolean_bitfield(flags, NBSS_FLAGS_E,
-	      8, "Add 65536 to length", "Add 0 to length"));
+	if (tree) {
+	  tf = proto_tree_add_item(nbss_tree, offset, 1, "Flags: 0x%04x", flags);
+	  field_tree = proto_tree_new();
+	  proto_item_add_subtree(tf, field_tree, ETT_NBSS_FLAGS);
+	  proto_tree_add_item(field_tree, offset, 1, "%s",
+			      decode_boolean_bitfield(flags, NBSS_FLAGS_E,
+						      8, "Add 65536 to length", "Add 0 to length"));
+	}
+
 	offset += 1;
 
-	proto_tree_add_item(nbss_tree, offset, 2, "Length: %u", length);
+	if (tree) {
+	  proto_tree_add_item(nbss_tree, offset, 2, "Length: %u", length);
+	}
+
 	offset += 2;
 
 	switch (msg_type) {
 
 	case SESSION_REQUEST:
-		len = get_nbns_name(&pd[offset], pd, offset, name);
-		proto_tree_add_item(nbss_tree, offset, len,
-		    "Called name: %s", name);
-		offset += len;
-
-		len = get_nbns_name(&pd[offset], pd, offset, name);
-		proto_tree_add_item(nbss_tree, offset, len,
-		    "Calling name: %s", name);
-		break;
+	  len = get_nbns_name(&pd[offset], pd, offset, name);
+	  if (tree)
+	    proto_tree_add_item(nbss_tree, offset, len,
+				"Called name: %s", name);
+	  offset += len;
+
+	  len = get_nbns_name(&pd[offset], pd, offset, name);
+	  
+	  if (tree)
+	    proto_tree_add_item(nbss_tree, offset, len,
+				"Calling name: %s", name);
+
+	  break;
 
 	case NEGATIVE_SESSION_RESPONSE:
-		proto_tree_add_item(nbss_tree, offset, 1,
-		    "Error code: %s",
-		    val_to_str(pd[offset], error_codes, "Unknown (%x)"));
-		break;
+	  if (tree) 
+	    proto_tree_add_item(nbss_tree, offset, 1,
+				"Error code: %s",
+				val_to_str(pd[offset], error_codes, "Unknown (%x)"));
+	  break;
 
 	case RETARGET_SESSION_RESPONSE:
-		proto_tree_add_item(nbss_tree, offset, 4,
-		    "Retarget IP address: %s",
-		    ip_to_str((guint8 *)&pd[offset]));
-		offset += 4;
+	  if (tree)
+	    proto_tree_add_item(nbss_tree, offset, 4,
+				"Retarget IP address: %s",
+				ip_to_str((guint8 *)&pd[offset]));
+	  
+	  offset += 4;
 
-		proto_tree_add_item(nbss_tree, offset, 2,
-		    "Retarget port: %u", pntohs(&pd[offset]));
-		break;
+	  if (tree)
+	    proto_tree_add_item(nbss_tree, offset, 2,
+				"Retarget port: %u", pntohs(&pd[offset]));
+
+	  break;
 
 	case SESSION_MESSAGE:
-		/*
-		 * Here we can pass the packet off to the next protocol.
-		 */
-		proto_tree_add_item(nbss_tree, offset, length,
-		    "Data (%u bytes)", length);
-		break;
+	  /*
+	   * Here we can pass the packet off to the next protocol.
+	   */
+
+	  dissect_smb(pd, offset, fd, tree, max_data - 4);
+
+	  break;
+
 	}
 	return length + 4;
 }
@@ -1254,11 +1277,10 @@ dissect_nbss(const u_char *pd, int offset, frame_data *fd, proto_tree *tree, int
 		    val_to_str(msg_type, message_types, "Unknown (%x)"));
 	}
 
-	if (tree) {
-		while (max_data > 0) {
-			len = dissect_nbss_packet(pd, offset, tree, max_data);
-			offset += len;
-			max_data -= len;
-		}
+	while (max_data > 0) { 
+	  len = dissect_nbss_packet(pd, offset, fd, tree, max_data);
+	  offset += len;
+	  max_data -= len;
 	}
+
 }
diff --git a/packet.h b/packet.h
index c422b2dc9f..d7af37e57d 100644
--- a/packet.h
+++ b/packet.h
@@ -1,7 +1,7 @@
 /* packet.h
  * Definitions for packet disassembly structures and routines
  *
- * $Id: packet.h,v 1.47 1999/04/30 03:16:03 guy Exp $
+ * $Id: packet.h,v 1.48 1999/05/09 04:16:36 sharpe Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@zing.org>
@@ -225,6 +225,11 @@ enum {
 	ETT_NNTP,
 	ETT_NBSS,
 	ETT_NBSS_FLAGS,
+	ETT_SMB,
+	ETT_SMB_FLAGS,
+	ETT_SMB_DIALECTS,
+	ETT_SMB_MODE,
+	ETT_SMB_CAPS,
 	NUM_TREE_TYPES	/* last item number plus one */
 };
 
@@ -266,10 +271,14 @@ gint       check_col(frame_data *, gint);
 #if __GNUC__ == 2
 void       col_add_fstr(frame_data *, gint, gchar *, ...)
     __attribute__((format (printf, 3, 4)));
+void       col_append_fstr(frame_data *, gint, gchar *, ...)
+    __attribute__((format (printf, 3, 4)));
 #else
 void       col_add_fstr(frame_data *, gint, gchar *, ...);
+void       col_append_fstr(frame_data *, gint, gchar *, ...);
 #endif
 void       col_add_str(frame_data *, gint, gchar *);
+void       col_append_str(frame_data *, gint, gchar *);
 
 /* Routines in packet.c */
 
@@ -376,6 +385,7 @@ void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *, int);
 void dissect_nbss(const u_char *, int, frame_data *, proto_tree *, int);
 void dissect_nntp(const u_char *, int, frame_data *, proto_tree *, int);
 void dissect_pop(const u_char *, int, frame_data *, proto_tree *, int);
+void dissect_smb(const u_char *, int, frame_data *, proto_tree *, int);
 void dissect_telnet(const u_char *, int, frame_data *, proto_tree *, int);
 
 void init_dissect_udp(void);