aboutsummaryrefslogtreecommitdiffstats
path: root/packet-smb.c
AgeCommit message (Collapse)AuthorFilesLines
2002-09-04Fix the handling of the NTLMSSP blobs in the case when the server asksRichard Sharpe1-3/+15
for RAW NTLMSSP, but the client actually sends SPNEGO encapsulated NTLMSSP. svn path=/trunk/; revision=6173
2002-08-31Further fixes. Properly account for the length of headers. Still some headersRichard Sharpe1-1/+4
that we do not account for properly, like Octet Strings. svn path=/trunk/; revision=6152
2002-08-31Properly handle raw ntlmssp ...Richard Sharpe1-20/+48
svn path=/trunk/; revision=6151
2002-08-31Handle the lack of a security blob in negprot response when raw NTLMSSP isRichard Sharpe1-2/+6
being used properly. svn path=/trunk/; revision=6149
2002-08-30Add support for raw NTLMSSP blobs when talking to XP etc ...Richard Sharpe1-2/+16
More to do yet though ... svn path=/trunk/; revision=6148
2002-08-29From Ulf Lamping: change some #define names to avoid name collisions onGuy Harris1-72/+72
Windows that cause compiler warnings. svn path=/trunk/; revision=6129
2002-08-29Guided by Guy and an examination of RFC2078 and RFC2478, I have added someRichard Sharpe1-2/+2
comments about what we need to do to get SPNEGO properly implemented. More work to do. svn path=/trunk/; revision=6121
2002-08-29Fix up dissect_file_attributesRichard Sharpe1-30/+51
svn path=/trunk/; revision=6119
2002-08-28Removed trailing whitespaces from .h and .c files using theJörg Mayer1-251/+251
winapi_cleanup tool written by Patrik Stridvall for the wine project. svn path=/trunk/; revision=6117
2002-08-25Expand on a note in a comment.Guy Harris1-2/+4
svn path=/trunk/; revision=6085
2002-08-22These guys got lost in a merge. Actually call the gssapi dissector fromTim Potter1-19/+65
the relevant parts of the SMB and DCERPC dissectors. svn path=/trunk/; revision=6066
2002-08-22First part of support for Thursby's Mac extenstions from CIFS2002.Richard Sharpe1-2/+189
svn path=/trunk/; revision=6058
2002-08-19Limit the parameter and data tvbuffs to the actual number of bytes ofGuy Harris1-6/+9
parameter and data, so the LANMAN RAP pipe dissector, for example, doesn't get confused and think there is an auxiliary data descriptor in the parameters when there isn't. Note that in at least one Negotiate Protocol reply it looks as if a Unicode domain name might've been aligned. svn path=/trunk/; revision=6017
2002-08-13Added server name to negprot reply and fixed a pointer deferral problem.Ronnie Sahlberg1-9/+27
svn path=/trunk/; revision=5980
2002-08-10From Devin Heitmueller: dissect NTLMSSP authentication messages, and handleGuy Harris1-244/+119
the flags field in NTLMSSP messages as a 32-bit field. Make "get_unicode_or_ascii_string()" take a "Unicode or not" flag rather than a "packet_info *" as an argument, make it not static, and move it to "packet-smb-common.c", so that it can be used by the SMB dissector and the NTLMSSP dissector. Also get rid of some _U_'s that are applied to arguments that are, in fact, used. svn path=/trunk/; revision=5976
2002-08-07Added DOS error 259 - no more items.Tim Potter1-1/+2
svn path=/trunk/; revision=5962
2002-08-06Typo fix.Guy Harris1-2/+2
svn path=/trunk/; revision=5959
2002-08-02Replace the types from sys/types.h and netinet/in.h by their glib.hJörg Mayer1-9/+1
equivalents for the toplevel directory. The removal of winsock2.h will hopefully not cause any problems under MSVC++, as those files using struct timeval still include wtap.h, which still includes winsock2.h. svn path=/trunk/; revision=5932
2002-07-27Changed the SMB dissector to put ALL command PDUs in one SMB in the summaryRonnie Sahlberg1-22/+30
line, separated by ; It only prints "Request"/"Response" for the first command to save space svn path=/trunk/; revision=5907
2002-07-27If conversations have already been created in lower layers, say TCP beforeRonnie Sahlberg1-8/+8
SMB sees the PDU, then SMB would forget to create the proper state variables and crash. SMB is changed to split the operation into 1, only create a conversation if it needs to. (as before) 2, detect if it needs to create the si.ct state variables independant of whether smb also created a conversation or not. Without this patch and with changes to say TCP to create conversations ethereal would crash at the first packet the SMB dissector would see. svn path=/trunk/; revision=5906
2002-07-20From Prabhakar Krishnan: add item to SMB protocol tree for time betweenGuy Harris1-5/+22
request and response. svn path=/trunk/; revision=5895
2002-07-13Fixed up some warnings.Tim Potter1-7/+14
svn path=/trunk/; revision=5862
2002-06-07Add "show_fragment_seq_tree()", which is like "show_fragment_tree()",Guy Harris1-1/+3
but for stuff reassembled with "fragment_add_seq()" or "fragment_add_seq_check()". Add a "fragment tag" string to the "fragment_items", so that packets with fragmentation errors can be properly flagged as having "Illegal fragments" or "Illegal segments" depending on the term used with the protocol in question. Make all the dissectors that can use "show_fragment_tree()" or "show_fragment_seq_tree()", and don't already use them, do so. svn path=/trunk/; revision=5644
2002-06-05Added show_fragment_tree() to reassemble. This function will do the commonRonnie Sahlberg1-29/+54
task of creating a fregment tree for the fragmented packets. Having this identical code to create this tree in every dissector that does PDU reassembly is a huge waste and duplication of code. Updated IP, SMB and DCERPC to use the new function. svn path=/trunk/; revision=5626
2002-06-04Get rid of the "data_src" member of the "frame_data" structure; put itGuy Harris1-3/+3
in the "packet_info" structure instead, as we don't need a pointer for every single frame in the capture file, just for each frame for which we currently have an open "epan_dissect_t". svn path=/trunk/; revision=5614
2002-06-02Another small DCERPC interface from the winsows world implemented. TAPI.Ronnie Sahlberg1-5/+5
svn path=/trunk/; revision=5608
2002-05-30SMB 0x31 is "Close And Tree Disconnect", not "Close And Tree Discover",Guy Harris1-3/+3
and it looks like "Close" (it's a close that also disconnects the tree used for the SMB). svn path=/trunk/; revision=5603
2002-05-29Display unsigned quantities with "%u".Guy Harris1-5/+5
svn path=/trunk/; revision=5592
2002-05-26Put back the stuff to dissect the last 2 bytes ofGuy Harris1-16/+157
TRANS2_SET_FILE_INFORMATION parameters as reserved. Change/add comments to reflect information from Microsoft Networks SMB File Sharing Protocol Extensions Version 3.0, Document Version 1.11, July 19, 1990. svn path=/trunk/; revision=5568
2002-05-26Fix "dissect_unknown()" to properly step through the word and byteGuy Harris1-3/+8
parameters. svn path=/trunk/; revision=5567
2002-05-26Put in some additional information from:Guy Harris1-82/+519
Microsoft Networks SMB File Sharing Protocol Extensions Version 2.0, Document Version 3.3, November 7, 1988; Microsoft Networks SMB File Sharing Protocol Extensions Version 3.0, Document Version 1.11, July 19, 1990. svn path=/trunk/; revision=5566
2002-05-25Add messaging SMBs.Guy Harris1-18/+268
Fix a typo. svn path=/trunk/; revision=5563
2002-05-23Additions to the MAPI dissector. Function 02 for MAPI.Ronnie Sahlberg1-1/+2
The function request/call are dissected but the main body of the function in/out parameters consists of a unidimensional conformant and varying array of bytes which content is encrypted/obfuscated. Whoever can tell me how to decrypt/unobfuscate these bytes will get a case of VB next time in Sydney. svn path=/trunk/; revision=5532
2002-05-16From Andrew Esh: support for additional interest levels inGuy Harris1-5/+70
TRANS2_QUERY_FS_INFORMATION, and fix handling of level 1022 to treat the file name as always being in Unicode. svn path=/trunk/; revision=5494
2002-05-15From Andrew Esh: support for interest level 1003 and 1007 inGuy Harris1-1/+41
TRANS2_QUERY_FS_INFORMATION. svn path=/trunk/; revision=5477
2002-05-10Update the URL and comment for the SNIA CIFS spec, now that it's final.Guy Harris1-3/+3
svn path=/trunk/; revision=5440
2002-05-08Added constant and value_string for invalid security descriptor ownerTim Potter1-1/+2
error. svn path=/trunk/; revision=5415
2002-04-30From Joerg Mayer: get rid of unused "pinfo" argument toGuy Harris1-35/+9
"dissect_nt_sec_desc()". Also, get rid of code to handle lengths of -1 in "dissect_nt_sec_desc()" - we never pass it a length of -1, as security descriptors aren't sent over the wire with NDR syntax. svn path=/trunk/; revision=5317
2002-04-30Get rid of some unused arguments, and mark some others as unused.Guy Harris1-324/+304
Remove the declaration of "dissect_nt_sid()" from "packet-dcerpc-samr.c"; get it by including "packet-smb-common.h", instead. svn path=/trunk/; revision=5313
2002-04-29There's no need to allocate and fill in an array of sub-authorities andGuy Harris1-27/+19
then later construct the sub-authority string from that array; we can just construct the string as we fetch the sub-authorities. Given that we're doing that, use the cleanup handler to free the string, so that we don't leak memory if we throw an exception when fetching the RID, for example. svn path=/trunk/; revision=5294
2002-04-29Removal (or, at least, #ifdeffing out) of unused variables andGuy Harris1-6/+6
functions, from David Frascone. svn path=/trunk/; revision=5288
2002-04-28Put in a note about the "primary domain" in the Negotiate ProtocolGuy Harris1-1/+7
response if the negotiated dialect is Windows for Workgroups 3.1a. svn path=/trunk/; revision=5264
2002-04-27Fix the test in "dissect_smb_datetime()" for "no date/time specified"Guy Harris1-7/+84
values. Note that in a Negotiate Protocol response, the primary domain won't be present if the negotiated dialect isn't "DOS LANMAN 2.1" or "LANMAN2.1". At least for Info Standard replies for Transaction2 Find First2 requests, if the request had the "return resume keys" flag set, the reply will have a resume key at the beginning of each entry. We assume that to be the case for Info Query EA Size and Info QUery EAs From List; it does *not* appear to be the case for Find File Directory Info, Find File Full Directory Info, or Find File Both Directory Info (they don't have it even if the flag is set, at least in the captures I've seen). The length of the name string in Find First2 entries doesn't include the terminating '\0'; count that as well. svn path=/trunk/; revision=5259
2002-04-24Sometimes there is some junk at the end of an ACE so use the size fieldTim Potter1-3/+9
within the ACE to work out where the end is. svn path=/trunk/; revision=5235
2002-04-24Added 'invalid security descriptor' error to list of dos errors.Tim Potter1-1/+2
svn path=/trunk/; revision=5234
2002-04-23Clean up the descriptions of reassembly preferences.Guy Harris1-3/+3
svn path=/trunk/; revision=5230
2002-04-22Support for NT Rename SMB, from Steven French.Guy Harris1-3/+82
svn path=/trunk/; revision=5217
2002-04-22Fix the return value of "dissect_nt_sec_desc()".Guy Harris1-3/+5
svn path=/trunk/; revision=5213
2002-04-22Correctly dissect LSA security descriptors, at least as they appearGuy Harris1-13/+33
inside a Netlogon security descriptor. Correctly dissect NT security descriptors as they appear inside an LSA security descriptor (at least as those appear inside a Netlogon security descriptor) - they get sent over the wire, apparently, as an opaque blob from the point of view of DCE RPC, at least from one capture I've seen, they do *not* get sent over the wire in DCE RPC NDR syntax. svn path=/trunk/; revision=5212
2002-04-17Bugfixes for LSA dissector and a small change to the security_descriptor ↵Ronnie Sahlberg1-8/+14
dissector in packet-smb.c so we can call it from DCERPC NDR encoded services. svn path=/trunk/; revision=5194
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-05 09:28:25 +0000