Age | Commit message (Collapse) | Author | Files | Lines |
|
list of packets corresponding to a reassembled pdu
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6807 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6752 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6737 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6674 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
information at
http://www.freetds.org/tds.html
and the way the packets seem to work (the description of TDS "PDUs"
actually appears to be a description of items in a TDS server reply PDU,
and I rather strongly suspect that you do *not* have multiple TDS PDUs
in a NETLIB packet), as well as to note that Microsoft Network Monitor
2.x appears to dissect some additional stuff.
Note that if I'm correct we can do desegmentation of NETLIB packets and
reassembly of TDS PDUs rather than the current somewhat clumsy handling
of packets split across segment boundaries.
Put the hf_netlib_xxx variables in the order in which they appear in the
NETLIB header, give hf_netlib_type the "packet_type_names" value_string
table as its value_string table, and actually use it when putting the
NETLIB type field into the protocol tree.
Clear out "nl_data" at the beginning of "dissect_netlib()", as there are
code paths where it does not get set. (That's a bit of a hack to try to
clean up a crashing bug - but I can't reproduce the crash on my home
FreeBSD PC, so I don't know whether it fixed the problem or not. If I'm
correct about the way the packets seem to work, the problem can probably
be fixed quite cleanly by tossing out the current split-packet handling
in favor of the reassembly described above.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6669 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
unsigned, and set their size to match the protocol data assigned to
them. Make sure the number of columns read doesn't exceed MAX_COLUMNS.
Explicitly check for integer values > 0. Switch from using memcpy with
tvb_get_ptr to tvb_memcpy. Make indentation consistent.
Add TDS support to randpkt. Most of the generated packets won't pass
the heuristic checks, but enough should make it through to adequately
test the dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6653 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6351 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6117 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
and where the PDU header has a length field that is the length of the
entire PDU, including the header, thou shalt not try to loop doing that
if thou findest a packet with a length of zero, lest thou spin in an
infinite loop.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6031 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
following changes:
- Inserted packet-tds.h This is personal taste because of the many
files in the toplevel directory. Whoever works on this next is
free of course to separate it back out again.
- Removed unused includes sys/types.h, snprintf.h, netinet/in.h
- #if-0 unused function
- Removed duplicate define
- Declared all unused parameters as such
- Changed a // comment into /* */
- ifdef-DEBUG a printf statement
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6025 f5534014-38df-0310-8fa8-9805f1628bb7
|