From 6de6529c950d0ff68a5f50979ab3c5e86d11dff8 Mon Sep 17 00:00:00 2001 From: ulfl Date: Tue, 7 Sep 2004 16:19:56 +0000 Subject: First working implementation of "Decode As" for DCE-RPC interface bindings. Ethereal needs to capture the DCE-RPC bind sequence, to get a relationsship between the interface UUID and the current conversation. If this binding wasn't captured, one can use "Decode As" and choose the interface from a list corresponding to a specific conversation. Currently "only" implemented for connectionoriented (TCP) DCE-RPC, but connectionless is a work in progress. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11924 f5534014-38df-0310-8fa8-9805f1628bb7 --- gtk/Makefile.am | 1 + gtk/Makefile.common | 1 + gtk/decode_as_dcerpc.c | 451 +++++++++++++++++++++++++++++++++++++++++++++++++ gtk/decode_as_dcerpc.h | 156 +++++++++++++++++ gtk/decode_as_dlg.c | 329 ++++++++++-------------------------- gtk/decode_as_dlg.h | 4 + gtk/main.c | 2 + 7 files changed, 705 insertions(+), 239 deletions(-) create mode 100644 gtk/decode_as_dcerpc.c create mode 100644 gtk/decode_as_dcerpc.h (limited to 'gtk') diff --git a/gtk/Makefile.am b/gtk/Makefile.am index 5573528845..a298915af8 100644 --- a/gtk/Makefile.am +++ b/gtk/Makefile.am @@ -43,6 +43,7 @@ noinst_HEADERS = \ compat_macros.h \ conversations_table.h \ decode_as_dlg.h \ + decode_as_dcerpc.h \ dfilter_expr_dlg.h \ dlg_utils.h \ file_dlg.h \ diff --git a/gtk/Makefile.common b/gtk/Makefile.common index abf60cd82e..6bc2a1d8cc 100644 --- a/gtk/Makefile.common +++ b/gtk/Makefile.common @@ -40,6 +40,7 @@ ETHEREAL_GTK_SRC = \ column_prefs.c \ conversations_table.c \ decode_as_dlg.c \ + decode_as_dcerpc.c \ dfilter_expr_dlg.c \ dlg_utils.c \ ethereal-tap-register.c \ diff --git a/gtk/decode_as_dcerpc.c b/gtk/decode_as_dcerpc.c new file mode 100644 index 0000000000..2d7a4aa8cb --- /dev/null +++ b/gtk/decode_as_dcerpc.c @@ -0,0 +1,451 @@ +/* decode_as_dcerpc.c + * + * $Id: decode_as_dcerpc.c 11917 2004-09-06 19:56:36Z ulfl $ + * + * Routines to modify dcerpc bindings on the fly. + * + * Copyright 2004 Ulf Lamping + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include + +#include "decode_as_dlg.h" +#include "dlg_utils.h" +#include "globals.h" +#include "simple_dialog.h" +#include +#include "ipproto.h" +#include "ui_util.h" +#include +#include "compat_macros.h" +#include "decode_as_dcerpc.h" + +#include + + +/**************************************************/ +/* Typedefs & Enums */ +/**************************************************/ + +/* list of dcerpc "Decode As" bindings */ +GSList *decode_dcerpc_bindings = NULL; + +/**************************************************/ +/* Global Functions */ +/**************************************************/ + +/* inject one of our bindings into the dcerpc binding table */ +static void +decode_dcerpc_inject_binding(gpointer data, gpointer user_data) +{ + dcerpc_add_conv_to_bind_table((decode_dcerpc_bind_values_t *) data); +} + + +/* inject all of our bindings into the dcerpc binding table */ +static void +decode_dcerpc_inject_bindings(gpointer data) { + g_slist_foreach(decode_dcerpc_bindings, decode_dcerpc_inject_binding, NULL /* user_data */); +} + + +/* init this file */ +void +decode_dcerpc_init(void) { + GHook* hook_init_proto; + + + /* add a hook function to the dcerpc init_protocols hook */ + hook_init_proto = g_hook_alloc(&dcerpc_hooks_init_protos); + hook_init_proto->func = decode_dcerpc_inject_bindings; + g_hook_prepend(&dcerpc_hooks_init_protos, hook_init_proto); +} + + +/* clone a binding (uses g_malloc) */ +static decode_dcerpc_bind_values_t * +decode_dcerpc_binding_clone(decode_dcerpc_bind_values_t *binding_in) +{ + decode_dcerpc_bind_values_t *stored_binding; + + stored_binding = g_malloc(sizeof(decode_dcerpc_bind_values_t)); + *stored_binding = *binding_in; + COPY_ADDRESS(&stored_binding->addr_a, &binding_in->addr_a); + COPY_ADDRESS(&stored_binding->addr_b, &binding_in->addr_b); + stored_binding->ifname = g_string_new(binding_in->ifname->str); + + return stored_binding; +} + + +/* free a binding */ +void +decode_dcerpc_binding_free(void *binding_in) +{ + decode_dcerpc_bind_values_t *binding = binding_in; + + g_free((void *) binding->addr_a.data); + g_free((void *) binding->addr_b.data); + if(binding->ifname) + g_string_free(binding->ifname, TRUE); + g_free(binding); +} + + +/* compare two bindings (except the interface related things, e.g. uuid) */ +static gint +decode_dcerpc_binding_cmp(gconstpointer a, gconstpointer b) +{ + const decode_dcerpc_bind_values_t *binding_a = a; + const decode_dcerpc_bind_values_t *binding_b = b; + + + /* don't compare uuid and ver! */ + if( + ADDRESSES_EQUAL(&binding_a->addr_a, &binding_b->addr_a) && + ADDRESSES_EQUAL(&binding_a->addr_b, &binding_b->addr_b) && + binding_a->ptype == binding_b->ptype && + binding_a->port_a == binding_b->port_a && + binding_a->port_b == binding_b->port_b && + binding_a->ctx_id == binding_b->ctx_id && + binding_a->smb_fid == binding_b->smb_fid) + { + /* equal */ + return 0; + } + + /* unequal */ + return 1; +} + + +/**************************************************/ +/* Show Changed Bindings */ +/**************************************************/ + + +/* add a single binding to the Show list */ +static void +decode_dcerpc_add_show_list_single(gpointer data, gpointer user_data) +{ + gchar string1[20]; + + + decode_dcerpc_bind_values_t *binding = data; + + g_snprintf(string1, sizeof(string1), "ctx_id: %u", binding->ctx_id); + + decode_add_to_show_list ( + user_data, + "DCE-RPC", + string1, + "-", + binding->ifname->str); +} + + +/* add all bindings to the Show list */ +void +decode_dcerpc_add_show_list(gpointer user_data) +{ + g_slist_foreach(decode_dcerpc_bindings, decode_dcerpc_add_show_list_single, user_data); +} + + +/**************************************************/ +/* Modify the binding routines */ +/**************************************************/ + + +/* removes all bindings */ +void +decode_dcerpc_reset_all(void) +{ + decode_dcerpc_bind_values_t *binding; + + while(decode_dcerpc_bindings) { + binding = decode_dcerpc_bindings->data; + + decode_dcerpc_binding_free(binding); + decode_dcerpc_bindings = g_slist_remove( + decode_dcerpc_bindings, + decode_dcerpc_bindings->data); + } +} + + +/* remove a binding (looking the same way as the given one) */ +static void +decode_dcerpc_binding_reset( +gchar *table_name, +decode_dcerpc_bind_values_t *binding) +{ + GSList *le; + decode_dcerpc_bind_values_t *old_binding; + + + /* find the old binding (if it exists) */ + le = g_slist_find_custom(decode_dcerpc_bindings, + binding, + decode_dcerpc_binding_cmp); + if(le == NULL) + return; + + old_binding = le->data; + + decode_dcerpc_bindings = g_slist_remove(decode_dcerpc_bindings, le->data); + + g_free((void *) old_binding->addr_a.data); + g_free((void *) old_binding->addr_b.data); + g_string_free(old_binding->ifname, TRUE); + g_free(old_binding); +} + + +/* a binding has changed (remove a previously existing one) */ +static void +decode_dcerpc_binding_change( +gchar *table_name, +decode_dcerpc_bind_values_t *binding) +{ + + decode_dcerpc_bind_values_t *stored_binding; + + /* remove a probably existing old binding */ + decode_dcerpc_binding_reset(table_name, binding); + + /* clone the new binding and append it to the list */ + stored_binding = decode_dcerpc_binding_clone(binding); + decode_dcerpc_bindings = g_slist_append (decode_dcerpc_bindings, stored_binding); +} + + +/* a binding has changed (add/replace/remove it) */ +static void +decode_change_one_dcerpc_binding(gchar *table_name, decode_dcerpc_bind_values_t *binding, GtkWidget *list) +{ + dcerpc_uuid_key *key; + gchar *abbrev; +#if GTK_MAJOR_VERSION < 2 + gint row; +#else + GtkTreeSelection *selection; + GtkTreeModel *model; + GtkTreeIter iter; +#endif + +#if GTK_MAJOR_VERSION < 2 + if (!GTK_CLIST(list)->selection) + { + abbrev = NULL; + key = NULL; + } else { + row = GPOINTER_TO_INT(GTK_CLIST(list)->selection->data); + key = gtk_clist_get_row_data(GTK_CLIST(list), row); + gtk_clist_get_text(GTK_CLIST(list), row, E_LIST_S_PROTO_NAME, &abbrev); + } +#else + selection = gtk_tree_view_get_selection(GTK_TREE_VIEW(list)); + if (gtk_tree_selection_get_selected(selection, &model, &iter) == FALSE) + { + abbrev = NULL; + key = NULL; + } else { + gtk_tree_model_get(model, &iter, E_LIST_S_PROTO_NAME, &abbrev, + E_LIST_S_TABLE+1, &key, -1); + } +#endif + + if (abbrev != NULL && strcmp(abbrev, "(default)") == 0) { + decode_dcerpc_binding_reset(table_name, binding); + } else { + binding->ifname = g_string_new(abbrev); + binding->uuid = key->uuid; + binding->ver = key->ver; + decode_dcerpc_binding_change(table_name, binding); + } +#if GTK_MAJOR_VERSION >= 2 + if (abbrev != NULL) + g_free(abbrev); +#endif +} + + + +/**************************************************/ +/* Action routines for the "Decode As..." dialog */ +/* - called when the OK button pressed */ +/**************************************************/ + +/* + * This routine is called when the user clicks the "OK" button in the + * "Decode As..." dialog window and the DCE-RPC page is foremost. + * This routine takes care of making any changes requested to the DCE-RPC + * binding tables. + * + * @param notebook_pg A pointer to the "DCE-RPC" notebook page. + */ +static void +decode_dcerpc(GtkWidget *notebook_pg) +{ + GtkWidget *list; + gchar *table_name; + decode_dcerpc_bind_values_t *binding; + + + list = OBJECT_GET_DATA(notebook_pg, E_PAGE_LIST); + if (requested_action == E_DECODE_NO) +#if GTK_MAJOR_VERSION < 2 + gtk_clist_unselect_all(GTK_CLIST(list)); +#else + gtk_tree_selection_unselect_all(gtk_tree_view_get_selection(GTK_TREE_VIEW(list))); +#endif + + binding = OBJECT_GET_DATA(notebook_pg, E_PAGE_BINDING); + + /*table_name = OBJECT_GET_DATA(notebook_pg, E_PAGE_TABLE);*/ + table_name = "DCE-RPC"; + decode_change_one_dcerpc_binding(table_name, binding, list); +} + + +/**************************************************/ +/* Dialog setup */ +/**************************************************/ + + +/* add an interface to the list */ +static void +decode_dcerpc_add_to_list(gpointer key, gpointer value, gpointer user_data) +{ + dcerpc_uuid_key *k = key; + dcerpc_uuid_value *v = value; + + decode_add_to_list("DCE-RPC", v->name, key, user_data); +} + + +/* add all interfaces to the list */ +static GtkWidget * +decode_add_dcerpc_menu (GtkWidget *page, gchar *table_name) +{ + GtkWidget *scrolled_window; + GtkWidget *list; + + decode_list_menu_start(page, &list, &scrolled_window); + g_hash_table_foreach(dcerpc_uuids, decode_dcerpc_add_to_list, list); + decode_list_menu_finish(list); + return(scrolled_window); +} + + +/* add a DCE-RPC page to the notebook */ +GtkWidget * +decode_dcerpc_add_page (packet_info *pinfo) +{ + GtkWidget *page_hb, *info_vb, *label, *scrolled_window; + GString *gs = g_string_new(""); + GString *gs2 = g_string_new(""); + decode_dcerpc_bind_values_t *binding; + + + /* clone binding */ + binding = g_malloc(sizeof(decode_dcerpc_bind_values_t)); + COPY_ADDRESS(&binding->addr_a, &pinfo->src); + COPY_ADDRESS(&binding->addr_b, &pinfo->dst); + binding->ptype = pinfo->ptype; + binding->port_a = pinfo->srcport; + binding->port_b = pinfo->destport; + binding->ctx_id = pinfo->dcectxid; + binding->smb_fid = dcerpc_get_transport_salt(pinfo, pinfo->dcetransporttype); + binding->ifname = NULL; + /*binding->uuid = NULL;*/ + binding->ver = 0; + + /* create page content */ + page_hb = gtk_hbox_new(FALSE, 5); + OBJECT_SET_DATA(page_hb, E_PAGE_ACTION, decode_dcerpc); + OBJECT_SET_DATA(page_hb, E_PAGE_TABLE, "DCE-RPC"); + OBJECT_SET_DATA(page_hb, E_PAGE_TITLE, "DCE-RPC"); + OBJECT_SET_DATA(page_hb, E_PAGE_BINDING, binding); + + info_vb = gtk_vbox_new(FALSE, 5); + gtk_box_pack_start(GTK_BOX(page_hb), info_vb, TRUE, TRUE, 0); + + /* Always enabled */ + label = gtk_label_new("Replace binding between:"); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + switch(binding->ptype) { + case(PT_TCP): + g_string_printf(gs2, "TCP port"); + break; + case(PT_UDP): + g_string_printf(gs2, "UDP port"); + break; + default: + g_string_printf(gs2, "Unknown port type"); + } + + /* XXX - how to print the address binding->addr_a? */ + g_string_printf(gs, "Address: ToBeDone %s: %u", gs2->str, binding->port_a); + label = gtk_label_new(gs->str); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + label = gtk_label_new("&"); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + /* XXX - how to print the address binding->addr_b? */ + g_string_printf(gs, "Address: ToBeDone %s: %u", gs2->str, binding->port_b); + label = gtk_label_new(gs->str); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + label = gtk_label_new("&"); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + g_string_printf(gs, "Context ID: %u", binding->ctx_id); + label = gtk_label_new(gs->str); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + label = gtk_label_new("&"); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + gtk_widget_set_sensitive(label, binding->smb_fid); + + g_string_printf(gs, "SMB FID: %u", binding->smb_fid); + label = gtk_label_new(gs->str); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + gtk_widget_set_sensitive(label, binding->smb_fid); + + /* Conditionally enabled - only when decoding packets */ + label = gtk_label_new("with:"); + gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); + + decode_dimmable = g_slist_prepend(decode_dimmable, label); + scrolled_window = decode_add_dcerpc_menu(page_hb, "dcerpc" /*table_name*/); + gtk_box_pack_start(GTK_BOX(page_hb), scrolled_window, TRUE, TRUE, 0); + decode_dimmable = g_slist_prepend(decode_dimmable, scrolled_window); + + g_string_free(gs, TRUE); + + return(page_hb); +} + diff --git a/gtk/decode_as_dcerpc.h b/gtk/decode_as_dcerpc.h new file mode 100644 index 0000000000..8fe0553d2d --- /dev/null +++ b/gtk/decode_as_dcerpc.h @@ -0,0 +1,156 @@ +/* decode_as_dcerpc.h + * + * $Id: decode_as_dlg.h 11400 2004-07-18 00:24:25Z guy $ + * + * Routines to modify dcerpc bindings on the fly. + * Only internally used between decode_as_dlg and decode_as_dcerpc + * + * Copyright 2004 Ulf Lamping + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef __DECODE_AS_DCERPC_H__ +#define __DECODE_AS_DCERPC_H__ + +/** @file + * "Decode As" / "User Specified Decodes" dialog box. + * @ingroup dialog_group + */ + + +/* + * Columns for a "Select" list. + * Note that most of these columns aren't displayed; they're attached + * to the row of the table as additional information. + */ +#define E_LIST_S_PROTO_NAME 0 +#define E_LIST_S_TABLE 1 +/* The following is for debugging in decode_add_to_list */ +#define E_LIST_S_MAX E_LIST_S_TABLE +#define E_LIST_S_COLUMNS (E_LIST_S_MAX + 1) + +#define E_PAGE_LIST "notebook_page_list" +#define E_PAGE_TABLE "notebook_page_table_name" +#define E_PAGE_TITLE "notebook_page_title" +#define E_PAGE_VALUE "notebook_page_value" + +#define E_PAGE_ACTION "notebook_page_action" + +#define E_PAGE_DCERPC "notebook_page_dcerpc" /* dcerpc only */ +#define E_PAGE_BINDING "notebook_page_binding" /* dcerpc only */ + + +/* + * Enum used to track which radio button is currently selected in the + * dialog. These buttons are labeled "Decode" and "Do not decode". + */ +enum action_type { + /* The "Decode" button is currently selected. */ + E_DECODE_YES, + + /* The "Do not decode" button is currently selected. */ + E_DECODE_NO +}; + +extern enum action_type requested_action; + +/* + * A list of the dialog items that only have meaning when the user has + * selected the "Decode" radio button. When the "Do not decode" + * button is selected these items should be dimmed. + */ +extern GSList *decode_dimmable; + +/* init decode_dcerpc internals */ +extern void decode_dcerpc_init(void); + +/* remove all bindings */ +extern void decode_dcerpc_reset_all(void); + +extern void +decode_dcerpc_add_show_list(gpointer user_data); + +extern GtkWidget * +decode_dcerpc_add_page(packet_info *pinfo); + +extern void +decode_dcerpc_binding_free(void *binding); + + + +/** Add an item the the Show list. + */ +extern void +decode_add_to_show_list ( +gpointer list_data, +gchar *table_name, +gchar *selector_name, +gchar *initial_proto_name, +gchar *current_proto_name); + + +/* + * This routine creates one entry in the list of protocol dissector + * that can be used. It is called by the dissector_table_foreach_handle + * routine once for each entry in a dissector table's list of handles + * for dissectors that could be used in that table. It guarantees unique + * entries by iterating over the list of entries build up to this point, + * looking for a duplicate name. If there is no duplicate, then this + * entry is added to the list of possible dissectors. + * + * @param table_name The name of the dissector table currently + * being walked. + * + * @param value The dissector handle for this entry. This is an opaque + * pointer that can only be handed back to routines in the file packet.c + * + * @param user_data A data block passed into each instance of this + * routine. It contains information from the caller of the foreach + * routine, specifying information about the dissector table and where + * to store any information generated by this routine. + */ +extern void +decode_add_to_list (gchar *table_name, gchar *proto_name, gpointer value, gpointer user_data); + +/* + * This routine starts the creation of a List on a notebook page. It + * creates both a scrolled window and a list, adds the list to the + * window, and attaches the list as a data object on the page. + * + * @param page A pointer to the notebook page being created. + * + * @param list_p Will be filled in with the address of a newly + * created List. + * + * @param scrolled_win_p Will be filled in with the address of a newly + * created GtkScrolledWindow. + */ +extern void +decode_list_menu_start(GtkWidget *page, GtkWidget **list_p, + GtkWidget **scrolled_win_p); + +/* + * This routine finishes the creation of a List on a notebook page. + * It adds the default entry, sets the default entry as the + * highlighted entry, and sorts the List. + * + * @param list A pointer the the List to finish. + */ +extern void +decode_list_menu_finish(GtkWidget *list); + +#endif diff --git a/gtk/decode_as_dlg.c b/gtk/decode_as_dlg.c index 6c557a0e21..de001a7cb8 100644 --- a/gtk/decode_as_dlg.c +++ b/gtk/decode_as_dlg.c @@ -38,9 +38,7 @@ #include "ui_util.h" #include #include "compat_macros.h" - -/* XXX - well, this is an ugly hack ... */ -#include "../epan/dissectors/packet-dcerpc.h" +#include "decode_as_dcerpc.h" #undef DEBUG @@ -48,18 +46,6 @@ /* Typedefs & Enums */ /**************************************************/ -/* - * Enum used to track which radio button is currently selected in the - * dialog. These buttons are labeled "Decode" and "Do not decode". - */ -enum action_type { - /* The "Decode" button is currently selected. */ - E_DECODE_YES, - - /* The "Do not decode" button is currently selected. */ - E_DECODE_NO -}; - /* * Enum used to track which transport layer port menu item is * currently selected in the dialog. These items are labeled "source", @@ -81,31 +67,10 @@ enum srcdst_type { #define E_MENU_SRCDST "menu_src_dst" -#define E_PAGE_ACTION "notebook_page_action" #define E_PAGE_DPORT "dport" #define E_PAGE_SPORT "sport" #define E_PAGE_PPID "ppid" -#define E_PAGE_LIST "notebook_page_list" -#define E_PAGE_TABLE "notebook_page_table_name" -#define E_PAGE_TITLE "notebook_page_title" -#define E_PAGE_VALUE "notebook_page_value" - -#define E_PAGE_CONV "notebook_page_conv" /* dcerpc only */ -#define E_PAGE_CTX_ID "notebook_page_ctx_id" /* dcerpc only */ -#define E_PAGE_SMB_FID "notebook_page_smb_fid" /* dcerpc only */ - -/* - * Columns for a "Select" list. - * Note that most of these columns aren't displayed; they're attached - * to the row of the table as additional information. - */ -#define E_LIST_S_PROTO_NAME 0 -#define E_LIST_S_TABLE 1 -/* The following is for debugging in decode_add_to_list */ -#define E_LIST_S_MAX E_LIST_S_TABLE -#define E_LIST_S_COLUMNS (E_LIST_S_MAX + 1) - /* * Columns for a "Display" list */ @@ -142,7 +107,7 @@ static GtkWidget *decode_show_w = NULL; * selected the "Decode" radio button. When the "Do not decode" * button is selected these items should be dimmed. */ -static GSList *decode_dimmable = NULL; +GSList *decode_dimmable = NULL; /* * Remember the "action" radio button that is currently selected in @@ -150,10 +115,21 @@ static GSList *decode_dimmable = NULL; * modified in a callback routine, and read in the routine that * handles a click in the "OK" button for the dialog. */ -static enum action_type requested_action = -1; +enum action_type requested_action = -1; + /**************************************************/ -/* Resett Changed Dissectors */ +/* Global Functions */ +/**************************************************/ + +/* init this module */ +void decode_as_init(void) { + + decode_dcerpc_init(); +} + +/**************************************************/ +/* Reset Changed Dissectors */ /**************************************************/ /* @@ -240,6 +216,45 @@ decode_build_reset_list (gchar *table_name, ftenum_t selector_type, /* Show Changed Dissectors */ /**************************************************/ +void +decode_add_to_show_list ( +gpointer list_data, +gchar *table_name, +gchar *selector_name, +gchar *initial_proto_name, +gchar *current_proto_name) +{ + gchar *text[E_LIST_D_COLUMNS]; +#if GTK_MAJOR_VERSION < 2 + GtkCList *clist; + gint row; +#else + GtkListStore *store; + GtkTreeIter iter; +#endif + +#if GTK_MAJOR_VERSION < 2 + clist = (GtkCList *)list_data; +#else + store = (GtkListStore *)list_data; +#endif + + text[E_LIST_D_TABLE] = table_name; + text[E_LIST_D_SELECTOR] = selector_name; + text[E_LIST_D_INITIAL] = initial_proto_name; + text[E_LIST_D_CURRENT] = current_proto_name; +#if GTK_MAJOR_VERSION < 2 + row = gtk_clist_prepend(clist, text); +#else + gtk_list_store_append(store, &iter); + gtk_list_store_set(store, &iter, E_LIST_D_TABLE, text[E_LIST_D_TABLE], + E_LIST_D_SELECTOR, text[E_LIST_D_SELECTOR], + E_LIST_D_INITIAL, text[E_LIST_D_INITIAL], + E_LIST_D_CURRENT, text[E_LIST_D_CURRENT], -1); +#endif +} + + /* * This routine creates one entry in the list of protocol dissector * that have been changed. It is called by the g_hash_foreach routine @@ -263,25 +278,13 @@ static void decode_build_show_list (gchar *table_name, ftenum_t selector_type, gpointer key, gpointer value, gpointer user_data) { -#if GTK_MAJOR_VERSION < 2 - GtkCList *clist; - gint row; -#else - GtkListStore *store; - GtkTreeIter iter; -#endif dissector_handle_t current, initial; - gchar *current_proto_name, *initial_proto_name, *text[E_LIST_D_COLUMNS]; + gchar *current_proto_name, *initial_proto_name, *selector_name; gchar string1[20]; g_assert(user_data); g_assert(value); -#if GTK_MAJOR_VERSION < 2 - clist = (GtkCList *)user_data; -#else - store = (GtkListStore *)user_data; -#endif current = dtbl_entry_get_handle(value); if (current == NULL) current_proto_name = "(none)"; @@ -293,7 +296,6 @@ decode_build_show_list (gchar *table_name, ftenum_t selector_type, else initial_proto_name = dissector_handle_get_short_name(initial); - text[E_LIST_D_TABLE] = get_dissector_table_ui_name(table_name); switch (selector_type) { case FT_UINT8: @@ -335,29 +337,25 @@ decode_build_show_list (gchar *table_name, ftenum_t selector_type, g_snprintf(string1, sizeof(string1), "%#o", GPOINTER_TO_UINT(key)); break; } - text[E_LIST_D_SELECTOR] = string1; + selector_name = string1; break; case FT_STRING: case FT_STRINGZ: - text[E_LIST_D_SELECTOR] = key; + selector_name = key; break; default: g_assert_not_reached(); break; } - text[E_LIST_D_INITIAL] = initial_proto_name; - text[E_LIST_D_CURRENT] = current_proto_name; -#if GTK_MAJOR_VERSION < 2 - row = gtk_clist_prepend(clist, text); -#else - gtk_list_store_append(store, &iter); - gtk_list_store_set(store, &iter, E_LIST_D_TABLE, text[E_LIST_D_TABLE], - E_LIST_D_SELECTOR, text[E_LIST_D_SELECTOR], - E_LIST_D_INITIAL, text[E_LIST_D_INITIAL], - E_LIST_D_CURRENT, text[E_LIST_D_CURRENT], -1); -#endif + + decode_add_to_show_list ( + user_data, + get_dissector_table_ui_name(table_name), + selector_name, + initial_proto_name, + current_proto_name); } @@ -420,6 +418,8 @@ decode_show_clear_cb (GtkWidget *clear_bt _U_, gpointer parent_w) g_slist_free(dissector_reset_list); dissector_reset_list = NULL; + decode_dcerpc_reset_all(); + redissect_packets(&cfile); window_destroy(GTK_WIDGET(parent_w)); @@ -533,9 +533,11 @@ decode_show_cb (GtkWidget * w _U_, gpointer data _U_) #if GTK_MAJOR_VERSION < 2 dissector_all_tables_foreach_changed(decode_build_show_list, list); gtk_clist_sort(list); + decode_dcerpc_add_show_list(list); #else dissector_all_tables_foreach_changed(decode_build_show_list, store); g_object_unref(G_OBJECT(store)); + decode_dcerpc_add_show_list(store); #endif /* Put clist into a scrolled window */ @@ -656,71 +658,6 @@ decode_change_one_dissector(gchar *table_name, guint selector, GtkWidget *list) } -static void -decode_dcerpc_dissector_change(gchar *table_name, conversation_t *conv, guint16 ctx_id, guint16 smb_fid, dcerpc_uuid_key *key) -{ - - printf("cn_rqst: conv 0x%x ctx:%u smb:%u\n", conv, ctx_id, 0); - dcerpc_add_conv_to_bind_table(conv, - ctx_id, - smb_fid /*get_transport_salt(pinfo, pinfo->dcetransporttype)*/, - key->uuid, - key->ver); - - redissect_packets(&cfile); -} - - -static void -decode_change_one_dcerpc_dissector(gchar *table_name, conversation_t *conv, guint16 ctx_id, guint16 smb_fid, GtkWidget *list) -{ - dcerpc_uuid_key *key; - gchar *abbrev; -#if GTK_MAJOR_VERSION < 2 - gint row; -#else - GtkTreeSelection *selection; - GtkTreeModel *model; - GtkTreeIter iter; -#endif - -#if GTK_MAJOR_VERSION < 2 - if (!GTK_CLIST(list)->selection) - { - abbrev = NULL; - key = NULL; - } else { - row = GPOINTER_TO_INT(GTK_CLIST(list)->selection->data); - key = gtk_clist_get_row_data(GTK_CLIST(list), row); - gtk_clist_get_text(GTK_CLIST(list), row, E_LIST_S_PROTO_NAME, &abbrev); - } -#else - selection = gtk_tree_view_get_selection(GTK_TREE_VIEW(list)); - if (gtk_tree_selection_get_selected(selection, &model, &iter) == FALSE) - { - abbrev = NULL; - key = NULL; - } else { - gtk_tree_model_get(model, &iter, E_LIST_S_PROTO_NAME, &abbrev, - E_LIST_S_TABLE+1, &key, -1); - } -#endif - - if (abbrev != NULL && strcmp(abbrev, "(default)") == 0) { -/* dissector_reset(table_name, selector);*/ - /* XXX - what to do instead? */ - } else { -/* dissector_change(table_name, selector, handle);*/ - decode_dcerpc_dissector_change(table_name, conv, ctx_id, smb_fid, key); - } -#if GTK_MAJOR_VERSION >= 2 - if (abbrev != NULL) - g_free(abbrev); -#endif -} - - - /**************************************************/ /* Action routines for the "Decode As..." dialog */ /* - called when the OK button pressed */ @@ -865,41 +802,6 @@ decode_transport(GtkWidget *notebook_pg) } -/* - * This routine is called when the user clicks the "OK" button in the - * "Decode As..." dialog window and the DCE-RPC page is foremost. - * This routine takes care of making any changes requested to the DCE-RPC - * dissector tables. - * - * @param notebook_pg A pointer to the "transport" notebook page. - */ -static void -decode_dcerpc(GtkWidget *notebook_pg) -{ - GtkWidget *list; - gchar *table_name; - guint16 ctx_id; - guint16 smb_fid; - conversation_t *conv; - - - list = OBJECT_GET_DATA(notebook_pg, E_PAGE_LIST); - if (requested_action == E_DECODE_NO) -#if GTK_MAJOR_VERSION < 2 - gtk_clist_unselect_all(GTK_CLIST(list)); -#else - gtk_tree_selection_unselect_all(gtk_tree_view_get_selection(GTK_TREE_VIEW(list))); -#endif - - conv = OBJECT_GET_DATA(notebook_pg, E_PAGE_CONV); - ctx_id = GPOINTER_TO_UINT(OBJECT_GET_DATA(notebook_pg, E_PAGE_CTX_ID)); - smb_fid = GPOINTER_TO_UINT(OBJECT_GET_DATA(notebook_pg, E_PAGE_SMB_FID)); - - /*table_name = OBJECT_GET_DATA(notebook_pg, E_PAGE_TABLE);*/ - table_name = "DCE-RPC"; - decode_change_one_dcerpc_dissector(table_name, conv, ctx_id, smb_fid, list); -} - /**************************************************/ /* Signals from the "Decode As..." dialog */ /**************************************************/ @@ -923,6 +825,7 @@ decode_ok_cb (GtkWidget *ok_bt _U_, gpointer parent_w) GtkWidget *notebook, *notebook_pg; void (* func)(GtkWidget *); gint page_num; + void *binding; /* Call the right routine for the page that was currently in front. */ notebook = OBJECT_GET_DATA(parent_w, E_NOTEBOOK); @@ -933,6 +836,11 @@ decode_ok_cb (GtkWidget *ok_bt _U_, gpointer parent_w) func(notebook_pg); /* Now destroy the "Decode As" dialog. */ + notebook_pg = OBJECT_GET_DATA(parent_w, E_PAGE_DCERPC); + binding = OBJECT_GET_DATA(notebook_pg, E_PAGE_BINDING); + if(binding) { + decode_dcerpc_binding_free(binding); + } window_destroy(GTK_WIDGET(parent_w)); g_slist_free(decode_dimmable); decode_dimmable = NULL; @@ -981,6 +889,17 @@ decode_apply_cb (GtkWidget *apply_bt _U_, gpointer parent_w) static void decode_cancel_cb (GtkWidget *cancel_bt _U_, gpointer parent_w) { + GtkWidget *notebook_pg = NULL; + void *binding = NULL; + + + notebook_pg = OBJECT_GET_DATA(parent_w, E_PAGE_DCERPC); + if(notebook_pg) { + binding = OBJECT_GET_DATA(notebook_pg, E_PAGE_BINDING); + } + if(binding) { + decode_dcerpc_binding_free(binding); + } window_destroy(GTK_WIDGET(parent_w)); g_slist_free(decode_dimmable); decode_dimmable = NULL; @@ -1235,7 +1154,7 @@ lookup_handle(GtkTreeModel *model, GtkTreePath *path _U_, GtkTreeIter *iter, * routine, specifying information about the dissector table and where * to store any information generated by this routine. */ -static void +void decode_add_to_list (gchar *table_name, gchar *proto_name, gpointer value, gpointer user_data) { gchar *text[E_LIST_S_COLUMNS]; @@ -1314,7 +1233,7 @@ decode_proto_add_to_list (gchar *table_name, gpointer value, gpointer user_data) * @param scrolled_win_p Will be filled in with the address of a newly * created GtkScrolledWindow. */ -static void +void decode_list_menu_start(GtkWidget *page, GtkWidget **list_p, GtkWidget **scrolled_win_p) { @@ -1382,7 +1301,7 @@ decode_list_menu_start(GtkWidget *page, GtkWidget **list_p, * * @param list A pointer the the List to finish. */ -static void +void decode_list_menu_finish(GtkWidget *list) { gchar *text[E_LIST_S_COLUMNS]; @@ -1442,27 +1361,6 @@ decode_add_simple_menu (GtkWidget *page, gchar *table_name) } - -void decode_dcerpc_add_to_list(gpointer key, gpointer value, gpointer user_data) -{ - dcerpc_uuid_key *k = key; - dcerpc_uuid_value *v = value; - - decode_add_to_list("DCE-RPC", v->name, key, user_data); -} - -static GtkWidget * -decode_add_dcerpc_menu (GtkWidget *page, gchar *table_name) -{ - GtkWidget *scrolled_window; - GtkWidget *list; - - decode_list_menu_start(page, &list, &scrolled_window); - g_hash_table_foreach(dcerpc_uuids, decode_dcerpc_add_to_list, list); - decode_list_menu_finish(list); - return(scrolled_window); -} - /**************************************************/ /* Dialog setup */ /**************************************************/ @@ -1594,52 +1492,6 @@ decode_add_sctp_page (gchar *prompt, gchar *table_name) return(page); } -static GtkWidget * -decode_add_decrpc_page (packet_info *pinfo) -{ - GtkWidget *page_hb, *info_vb, *label, *scrolled_window/*, *optmenu*/; - gchar ls[100]; - conversation_t *conv; - - page_hb = gtk_hbox_new(FALSE, 5); - OBJECT_SET_DATA(page_hb, E_PAGE_ACTION, decode_dcerpc); - OBJECT_SET_DATA(page_hb, E_PAGE_TABLE, "DCE-RPC"); - OBJECT_SET_DATA(page_hb, E_PAGE_TITLE, "DCE-RPC"); - - - info_vb = gtk_vbox_new(FALSE, 5); - gtk_box_pack_start(GTK_BOX(page_hb), info_vb, TRUE, TRUE, 0); - - /* Always enabled */ - g_snprintf(ls, sizeof(ls), "Context ID: %u", pinfo->dcectxid); - label = gtk_label_new(ls); - gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); - - conv = find_conversation (&pinfo->src, &pinfo->dst, pinfo->ptype, - pinfo->srcport, pinfo->destport, 0); - - /* beware: if the capture file is closed, we have to remove all conversation - * "decode as" bindings, as the pinfo and conversations become invalid! */ - OBJECT_SET_DATA(page_hb, E_PAGE_CONV, conv); - OBJECT_SET_DATA(page_hb, E_PAGE_CTX_ID, GUINT_TO_POINTER(pinfo->dcectxid)); - OBJECT_SET_DATA(page_hb, E_PAGE_SMB_FID, GUINT_TO_POINTER(0 /*pinfo->dcecsmbfid*/)); - - g_snprintf(ls, sizeof(ls), "Between port: %u and %u", - pinfo->srcport, pinfo->destport); - label = gtk_label_new(ls); - gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0); - - - /* Conditionally enabled - only when decoding packets */ - label = gtk_label_new("as"); - gtk_box_pack_start(GTK_BOX(page_hb), label, TRUE, TRUE, 0); - decode_dimmable = g_slist_prepend(decode_dimmable, label); - scrolled_window = decode_add_dcerpc_menu(page_hb, "dcerpc" /*table_name*/); - gtk_box_pack_start(GTK_BOX(page_hb), scrolled_window, TRUE, TRUE, 0); - decode_dimmable = g_slist_prepend(decode_dimmable, scrolled_window); - - return(page_hb); -} /* * This routine indicates whether we'd actually have any pages in the @@ -1717,13 +1569,12 @@ decode_add_notebook (GtkWidget *format_hb) gtk_notebook_append_page(GTK_NOTEBOOK(notebook), page, label); } -/* if(cfile.edt->pi.dcetransporttype != -1) { - page = decode_add_decrpc_page(&cfile.edt->pi); + page = decode_dcerpc_add_page(&cfile.edt->pi); label = gtk_label_new("DCE-RPC"); gtk_notebook_append_page(GTK_NOTEBOOK(notebook), page, label); + OBJECT_SET_DATA(decode_w, E_PAGE_DCERPC, page); } -*/ /* Select the last added page (selects first by default) */ /* Notebook must be visible for set_page to work. */ diff --git a/gtk/decode_as_dlg.h b/gtk/decode_as_dlg.h index 57ceb84c7f..ecb3f520b7 100644 --- a/gtk/decode_as_dlg.h +++ b/gtk/decode_as_dlg.h @@ -31,6 +31,10 @@ * @ingroup dialog_group */ +/** Init the "Decode As" module + */ +void decode_as_init(void); + /** User requested the "Decode As" dialog box by menu or toolbar. * * @param widget parent widget (unused) diff --git a/gtk/main.c b/gtk/main.c index dc1b8a65de..47b8da0248 100644 --- a/gtk/main.c +++ b/gtk/main.c @@ -132,6 +132,7 @@ #include "follow_dlg.h" #include "font_utils.h" #include "about_dlg.h" +#include "decode_as_dlg.h" /* @@ -2419,6 +2420,7 @@ main(int argc, char *argv[]) colors_init(); colfilter_init(); + decode_as_init(); /* the window can be sized only, if it's not already shown, so do it now! */ main_load_window_geometry(top_level); -- cgit v1.2.3