| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10528 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"dissect_smb_logon()" always return TRUE, so just get rid of their
return value.
"call_dissector()" automatically calls the data dissector if the
protocol for the dissector being called is disabled, so we don't have to
check its result and call the data dissector if it returns 0.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9027 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Make "proto_is_protocol_enabled()" and "proto_get_protocol_short_name()"
take a "protocol_t *" as an argument, so they don't have to look up the
"protocol_t" - this will probably speed them up considerably, and
they're called on almost every dissector handoff.
Get rid of a number of "proto_is_protocol_enabled()" calls that aren't
necessary (dissectors called through handles, including those called
through dissector tables, or called as heuristic dissectors, aren't even
called if their protocol isn't enabled).
Change some direct dissector calls to go through handles.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8979 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6117 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5863 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
a tvbuff with the mailslot header.
Fix indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4715 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
items to the protocol tree; it's interpreted as "the rest of the data in
the tvbuff". This can be used if
1) the item covers the entire packet or the remaining payload in
the packet
or
2) the item's length won't be known until it's dissected, and
will be then set with "proto_item_set_len()" - if an
exception is thrown in the dissection, it means the item ran
*past* the end of the tvbuff, so saying it runs to the end of
the tvbuff is reasonable.
Convert a number of "proto_tree_add_XXX()" calls using
"tvb_length_remaining()", values derived from the result of
"tvb_length()", or 0 (in the case of items whose length is unknown) to
use -1 instead (using 0 means that if an exception is thrown, selecting
the item highlights nothing; using -1 means it highlights all the data
for that item that's available).
In some places where "tvb_length()" or "tvb_length_remaining()" was used
to determine how large a packet is, use "tvb_reported_length()" or
"tvb_reported_length_remaining()", instead - the first two calls
indicate how much captured data was in the packet, the latter two calls
indicate how large the packet actually was (and the fact that using the
latter could cause BoundsError exceptions to be thrown is a feature - if
such an exception is thrown, the frame really *was* short, and it should
be tagged as such).
Replace some "proto_tree_add_XXX()" calls with equivalent
"proto_tree_add_item()" calls.
Fix some indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4578 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4370 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"smb_saved_info_t" in the table of requests whose replies have been
found, don't look it up in the table of requests whose replies have not
been found - if the request in question has no reply in the capture,
that may find some later frame in the same conversation with the same
MID, and we don't need that information anyway - the only reason we
*need* that structure is to save information in it for use when
processing its reply, and we already did that the first time we
processed the request. (The information for the later frame may be bad,
e.g. having a null "extra_info" pointer, or having one that points to
information for another request.)
Arrange that we don't use the pointer to the "smb_saved_info_t" when
processing a request except to save information if the request hasn't
already been processed, as that pointer may not be valid if the request
has already been processed, as per the above.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4292 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add some checks for null tvbuff arguments.
When dissecting transaction setup, parameters, and data when we couldn't
dissect it as a pipe or mailslot transaction, use the reported length of
the supplied tvbuff, not the actual length, as the amount of data
present.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4291 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
tvbuff pointers.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4279 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4269 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
mailslot-based logon protocols just be regular register routines,
detected by the script that generates the "register.c" file, rather than
special stuff known to the SMB dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4222 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"dissect_pipe_smb()", a tvbuff containing the setup words and the
pipe/mailslot pathname, as those are arguably the part of the packet
that contains the "mailslot protocol" and the "pipe protocol", as
opposed to the protocol running atop mailslots or pipes.
Pass a setup tvbuff to "dissect_pipe_smb()" for it to pass on to the
MSRPC-over-named-pipe dissector, and have the setup tvbuff passed to it
and "dissect_mailslot_smb()" contain *only* the setup words; don't
extract anything other than the setup words from it.
Declare "register_proto_smb_mailslot()" in "packet-smb-mailslot.h"
rather than "packet-smb.c", and declare "register_proto_smb_pipe()" in
"packet-smb-pipe.h" rather than "packet-smb.c".
Add a protocol for MSRPC-over-named-pipes.
Move the stuff to handle the FID in the setup words of
MSRPC-over-named-pipe transactions out of the SMB Transaction dissector
into the MSRPC dissector. Add a routine to "packet-smb.c", callable
from outside "packet-smb.c", to put an "smb.fid" field into the protocol
tree, and to add ", FID: XXXX" to the Info column, for use by the
MSRPC-over-named-pipe dissector; use it in the SMB dissector as well, in
all the places where we put a FID into the protocol tree.
Move the stuff to check whether the LANMAN protocol is enabled, and to
set "pinfo->current_proto" to "LANMAN" if it is, into the LANMAN
API-over-named-pipe dissector out of the named pipe protocol dissector.
If we didn't dissect a Transaction request or reply as a named pipe or
mailslot message, put any setup words, parameters, and data it has into
the protocol tree as separate items.
Don't put a "Response in" item into the protocol tree for an NT Cancel
request, as there are no responses to NT Cancel requests.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4221 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
structure, so that it can be updated by subdissectors; this way the
updates affect the structure immediately, and don't get lost if the
subdissector later throws an exception.
Use "tvb_reported_length()" to check for an interim mailslot reply;
"tvb_length()" could give the wrong answer if a short snapshot length
was given in the capture.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4218 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"smb_saved_info_t". Put all the information needed to dissect NT
Transaction replies, Transaction2 replies, or Transaction replies into
separate data structures, allocated separately, and put a pointer to
that data structure in the "void *" in question.
Use the return value of "dissect_pipe_smb()" and
"dissect_mailslot_smb()" to control whether to display as data the stuff
those routines were asked to dissect.
If we've seen a request before, but its "smb_saved_info_t" isn't in the
"matched" hash table, look in the "unmatched" hash table - perhaps we
haven't seen the reply yet.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4216 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"Send buffer pointer" and "send buffer length" items appear not to be
sent over the wire.
Add support for Write And X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4204 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"private_data", to keep C++ compilers from getting heartburn.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4130 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
didn't dissect it as some other protocol.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3997 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
about, dump it as data.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3996 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3832 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that rather than passing another copy of that flag to dissectors of
particular messages.
Pass that structure to the pipe subdissector by making "pi.private"
point to it, rather than by passing it as an explicit argument.
Change more of the
if (dirn == 1) {
...
}
if (dirn == 0) {
...
}
stuff to
if (dirn == 1) {
...
} else {
...
}
and then, as per the first paragraph, check the "request" flag in the
"smb_info" structure rather than checking a "dirn" flag.
Set "last_transact2_command" to -1 in the "smb_request_val" structures
for TRANSACTION requests, as it doesn't apply to those requests.
As "dissect_transact_params()" doesn't do any work if the "TransactName"
argument is null, don't bother calling it for a reply if we don't have an
"smb_request_val" for the corresponding request, as that means we can't
find out the value to pass as the "TransactName" argument.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3822 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
an older version of the protocol than the one for packets sent to
\MAILSLOT\BROWSE), rather than being LANMAN pipe packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3803 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3706 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Fixed up some longstanding bugs (predating the tvbuffification)
discovered during regression testing of the tvbuffification.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3661 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
into a "packet-smb-browse.h" header file, and have modules that import
those routines include "packet-smb-browse.h" rather than declaring the
routines themselves; do the same for routines exported from
"packet-smb-logon.c".
Make routines and arrays not exported static, and make routines that
return a true/false return value "gboolean" rather than "guint32".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3147 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Move the declaration of routines exported from "packet-smb-mailslot.c"
into a "packet-smb-mailslot.h" header file, and have modules that import
those routines include "packet-smb-mailslot.h" rather than declaring the
routines themselves; do the same for routines exported from
"packet-smb-pipe.c". Make routines not exported static, and make
routines that return a true/false return value "gboolean" rather than
"guint32".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3146 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
protocols, in addition to adding structures to the list of filterable
fields. Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as
pinfo->current_proto;
the dialog box for constructing filters;
the preferences tab for the protocol;
and so on (although we're not yet using it in all those places).
Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.
Make some routines and variables that aren't exported static.
Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2810 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2699 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
can be put, and a pointer to the string for the column, which might or
might not point to that buffer.
Add a routine "col_set_str()", which sets the string for the column to
the string passed to it as an argument; it should only be handed a
static string (a string constant would be ideal). It doesn't do any
copying, so it's faster than "col_add_str()".
Make the routines that append to columns check whether the pointer to
the string for the column points to the buffer for the column and, if
not, copy the string for the column to the buffer for the column so that
you can append to it (so you can use "col_set_str()" and then use
"col_append_str()" or "col_append_fstr()").
Convert a bunch of "col_add_str()" calls that take a string constant as
an argument to "col_set_str()" calls.
Convert some "col_add_fstr()" calls that take a string constant as the
only argument - i.e., the format string doesn't have any "%" slots into
which to put strings for subsequent arguments to "col_set_str()" calls
(those calls are just like "col_add_str()" calls).
Replace an END_OF_FRAME reference in a tvbuffified dissector with a
"tvb_length(tvb)" call.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2670 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
the following:
It is now possible to enable/disable a particular protocol decoding
(i.e. the protocol dissector is void or not). When a protocol
is disabled, it is displayed as Data and of course, all linked
sub-protocols are disabled as well.
Disabling a protocol could be interesting:
- in case of buggy dissectors
- in case of wrong heuristics
- for performance reasons
- to decode the data as another protocol (TODO)
Currently (if I am not wrong), all dissectors but NFS can be disabled
(and dissectors that do not register protocols :-)
I do not like the way the RPC sub-dissectors are disabled (in the
sub-dissectors) since this could be done in the RPC dissector itself,
knowing the sub-protocol hfinfo entry (this is why, I've not modified
the NFS one yet).
Two functions are added in proto.c :
gboolean proto_is_protocol_enabled(int n);
void proto_set_decoding(int n, gboolean enabled);
and two MACROs which can be used in dissectors:
OLD_CHECK_DISPLAY_AS_DATA(index, pd, offset, fd, tree)
CHECK_DISPLAY_AS_DATA(index, tvb, pinfo, tree)
See also the XXX in proto_dlg.c and proto.c around the new functions.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2267 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
a particular type, rather than taking a varargs list, along the lines of
the "proto_tree_add_XXX_format()" routines.
Replace most calls to "proto_tree_add_item()" and
"proto_tree_add_item_hidden()" with calls to those routines.
Rename "proto_tree_add_item()" and "proto_tree_add_item_hidden()" to
"proto_tree_add_item_old()" and "proto_tree_add_item_hidden_old()", and
add new "proto_tree_add_item()" and "proto_tree_add_item_hidden()"
routines that don't take the item to be added as an argument - instead,
they fetch the argument from the packet whose tvbuff was handed to them,
from the offset handed to them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2031 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add exceptions routines.
Convert proto_tree_add_*() routines to require tvbuff_t* argument.
Convert all dissectors to pass NULL argument ("NullTVB" macro == NULL) as
the tvbuff_t* argument to proto_tree_add_*() routines.
dissect_packet() creates a tvbuff_t, wraps the next dissect call in
a TRY block, will print "Short Frame" on the proto_tree if a BoundsError
exception is caught.
The FDDI dissector is converted to use tvbuff's.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1939 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
filter expressions, and names in those expressions are currently
case-sensitive, and obliging people to type "Mailslot" to filter for
SMB mailslot packets is overkill.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1633 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1631 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"packet-smb.c" up into several files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@1629 f5534014-38df-0310-8fa8-9805f1628bb7
|
