osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

First working implementation of "Decode As" for DCE-RPC interface bindings. Ethereal needs to capture the DCE-RPC bind sequence, to get a relationsship between the interface UUID and the current conversation. If this binding wasn't captured, one can use "Decode As" and choose the interface from a list corresponding to a specific conversation. Currently "only" implemented for connectionoriented (TCP) DCE-RPC, but connectionless is a work in progress. 

svn path=/trunk/; revision=11924
This commit is contained in:
Ulf Lamping 2004-09-07 16:19:56 +00:00
parent 0616413a60
commit 26afcbd9cc
10 changed files with 774 additions and 275 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
epan/dissectors/packet-dcerpc.c
View File

@ -433,7 +433,8 @@ static const fragment_items dcerpc_frag_items = {
"fragments"
};
/* list of hooks to be called when init_protocols is done */
GHookList dcerpc_hooks_init_protos;
#ifdef WIN32
int ResolveWin32UUID(e_uuid_t if_id, char *UUID_NAME, int UUID_NAME_MAX_LEN)
@ -2202,12 +2203,12 @@ dissect_dcerpc_cn_auth (tvbuff_t *tvb, int stub_offset, packet_info *pinfo,
* key as DCERPC over SMB allows several pipes over the same TCP/IP
* socket.
* We pass this function the transport type here to make sure we only look
* at this function iff it came across an SMB pipe.
* at this function if it came across an SMB pipe.
* Other transports might need to mix in their own extra multiplexing data
* as well in the future.
*/
static guint16 get_transport_salt (packet_info *pinfo, int transport_type)
guint16 dcerpc_get_transport_salt (packet_info *pinfo, int transport_type)
{
dcerpc_private_info *priv = (dcerpc_private_info *)pinfo->private_data;
@ -2351,7 +2352,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
key = g_mem_chunk_alloc (dcerpc_bind_key_chunk);
key->conv = conv;
key->ctx_id = ctx_id;
key->smb_fid = get_transport_salt(pinfo, transport_type);
key->smb_fid = dcerpc_get_transport_salt(pinfo, transport_type);
value = g_mem_chunk_alloc (dcerpc_bind_value_chunk);
value->uuid = if_id;
@ -2812,39 +2813,43 @@ end_cn_stub:
* we can invoke the proper sub-dissector for a given DCERPC
* conversation.
*
* @param conv Conversation, generally located by call to
* \ref find_conversation().
* @param ctx_id Context ID extracted from DCERPC packet which
* is part of target conversation.
* @param pinfo Packet info for packet containing ctx_id.
* @param uuid UUID to bind conversation to.
* @param ver UUID version, qualifier for UUID.
* @param binding all values needed to create and bind a new conversation
*
* @return Pointer to newly-added UUID/conversation binding.
*/
struct _dcerpc_bind_value *
dcerpc_add_conv_to_bind_table(conversation_t *conv,
guint16 ctx_id,
guint16 smb_fid,
e_uuid_t uuid,
guint16 ver)
dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding)
{
dcerpc_bind_value *bind_value;
dcerpc_bind_key *key;
conversation_t *conv;
conv = find_conversation (
&binding->addr_a,
&binding->addr_b,
binding->ptype,
binding->port_a,
binding->port_b,
0);
if (conv == NULL) {
/* oops, no conversation to add */
return NULL;
if (!conv) {
conv = conversation_new (
&binding->addr_a,
&binding->addr_b,
binding->ptype,
binding->port_a,
binding->port_b,
0);
}
bind_value = g_mem_chunk_alloc (dcerpc_bind_value_chunk);
bind_value->uuid = uuid;
bind_value->ver = ver;
bind_value->uuid = binding->uuid;
bind_value->ver = binding->ver;
key = g_mem_chunk_alloc(dcerpc_bind_key_chunk);
key->conv = conv;
key->ctx_id = ctx_id;
key->smb_fid = smb_fid;
key->ctx_id = binding->ctx_id;
key->smb_fid = binding->smb_fid;
/* add this entry to the bind table, first removing any
previous ones that are identical
@ -2943,7 +2948,7 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
bind_key.conv=conv;
bind_key.ctx_id=ctx_id;
bind_key.smb_fid=get_transport_salt(pinfo, transport_type);
bind_key.smb_fid=dcerpc_get_transport_salt(pinfo, transport_type);
if((bind_value=g_hash_table_lookup(dcerpc_binds, &bind_key)) ){
if(!(hdr->flags&PFC_FIRST_FRAG)){
@ -2952,7 +2957,7 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
call_key.conv=conv;
call_key.call_id=hdr->call_id;
call_key.smb_fid=get_transport_salt(pinfo, transport_type);
call_key.smb_fid=dcerpc_get_transport_salt(pinfo, transport_type);
if((call_value=g_hash_table_lookup(dcerpc_cn_calls, &call_key))){
new_matched_key = g_mem_chunk_alloc(dcerpc_matched_key_chunk);
*new_matched_key = matched_key;
@ -2971,7 +2976,7 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
call_key=g_mem_chunk_alloc (dcerpc_cn_call_key_chunk);
call_key->conv=conv;
call_key->call_id=hdr->call_id;
call_key->smb_fid=get_transport_salt(pinfo, transport_type);
call_key->smb_fid=dcerpc_get_transport_salt(pinfo, transport_type);
/* if there is already a matching call in the table
remove it so it is replaced with the new one */
@ -3006,7 +3011,7 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* handoff this call */
di->conv = conv;
di->call_id = hdr->call_id;
di->smb_fid = get_transport_salt(pinfo, transport_type);
di->smb_fid = dcerpc_get_transport_salt(pinfo, transport_type);
di->ptype = PDU_REQ;
di->call_data = value;
di->hf_index = -1;
@ -3086,7 +3091,7 @@ dissect_dcerpc_cn_resp (tvbuff_t *tvb, gint offset, packet_info *pinfo,
call_key.conv=conv;
call_key.call_id=hdr->call_id;
call_key.smb_fid=get_transport_salt(pinfo, transport_type);
call_key.smb_fid=dcerpc_get_transport_salt(pinfo, transport_type);
if((call_value=g_hash_table_lookup(dcerpc_cn_calls, &call_key))){
new_matched_key = g_mem_chunk_alloc(dcerpc_matched_key_chunk);
@ -3106,7 +3111,7 @@ dissect_dcerpc_cn_resp (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* handoff this call */
di->conv = conv;
di->call_id = hdr->call_id;
di->smb_fid = get_transport_salt(pinfo, transport_type);
di->smb_fid = dcerpc_get_transport_salt(pinfo, transport_type);
di->ptype = PDU_RESP;
di->call_data = value;
@ -3202,7 +3207,7 @@ dissect_dcerpc_cn_fault (tvbuff_t *tvb, gint offset, packet_info *pinfo,
call_key.conv=conv;
call_key.call_id=hdr->call_id;
call_key.smb_fid=get_transport_salt(pinfo, transport_type);
call_key.smb_fid=dcerpc_get_transport_salt(pinfo, transport_type);
if((call_value=g_hash_table_lookup(dcerpc_cn_calls, &call_key))){
new_matched_key = g_mem_chunk_alloc(dcerpc_matched_key_chunk);
@ -3224,7 +3229,7 @@ dissect_dcerpc_cn_fault (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* handoff this call */
di->conv = conv;
di->call_id = hdr->call_id;
di->smb_fid = get_transport_salt(pinfo, transport_type);
di->smb_fid = dcerpc_get_transport_salt(pinfo, transport_type);
di->ptype = PDU_FAULT;
di->call_data = value;
@ -4532,6 +4537,9 @@ dcerpc_init_protocol (void)
sizeof (dcerpc_matched_key),
200 * sizeof (dcerpc_matched_key),
G_ALLOC_ONLY);
/* call the registered hooks */
g_hook_list_invoke(&dcerpc_hooks_init_protos, FALSE /* not may_recurse */);
}
void
@ -4838,6 +4846,8 @@ proto_register_dcerpc (void)
register_init_routine(dcerpc_reassemble_init);
dcerpc_uuids = g_hash_table_new (dcerpc_uuid_hash, dcerpc_uuid_equal);
dcerpc_tap=register_tap("dcerpc");
g_hook_list_init(&dcerpc_hooks_init_protos, sizeof(GHook));
}
void

31
epan/dissectors/packet-dcerpc.h
View File

@ -266,6 +266,11 @@ typedef struct _dcerpc_info {
} dcerpc_info;
/* the init_protocol hooks. With MSVC and a
* libethereal.dll, we need a special declaration.
*/
ETH_VAR_IMPORT GHookList dcerpc_hooks_init_protos;
/* the registered subdissectors. With MSVC and a
* libethereal.dll, we need a special declaration.
*/
@ -311,13 +316,29 @@ typedef struct _dcerpc_auth_subdissector_fns {
void register_dcerpc_auth_subdissector(guint8 auth_level, guint8 auth_type,
dcerpc_auth_subdissector_fns *fns);
/* all values needed to (re-)build a dcerpc binding */
typedef struct decode_dcerpc_bind_values_s {
/* values of a typical conversation */
address addr_a;
address addr_b;
port_type ptype;
guint32 port_a;
guint32 port_b;
/* dcerpc conversation specific */
guint16 ctx_id;
guint16 smb_fid;
/* corresponding "interface" */
GString *ifname;
e_uuid_t uuid;
guint16 ver;
} decode_dcerpc_bind_values_t;
/* Helper for "decode as" dialog to set up a UUID/conversation binding. */
struct _dcerpc_bind_value *
dcerpc_add_conv_to_bind_table(conversation_t *conv,
guint16 ctx_id,
guint16 smb_fid,
e_uuid_t uuid,
guint16 ver);
dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding);
guint16
dcerpc_get_transport_salt (packet_info *pinfo, int transport_type);
/* Authentication services */

2
epan/libethereal.def
View File

@ -83,6 +83,8 @@ dcerpc_add_conv_to_bind_table
dcerpc_get_proto_hf_opnum
dcerpc_get_proto_name
dcerpc_get_proto_sub_dissector
dcerpc_get_transport_salt
dcerpc_hooks_init_protos DATA
dcerpc_uuids DATA
decode_boolean_bitfield
decode_enumerated_bitfield

1
gtk/Makefile.am
View File

@ -43,6 +43,7 @@ noinst_HEADERS = \
compat_macros.h \
conversations_table.h \
decode_as_dlg.h \
decode_as_dcerpc.h \
dfilter_expr_dlg.h \
dlg_utils.h \
file_dlg.h \

1
gtk/Makefile.common
View File

@ -40,6 +40,7 @@ ETHEREAL_GTK_SRC = \
column_prefs.c \
conversations_table.c \
decode_as_dlg.c \
decode_as_dcerpc.c \
dfilter_expr_dlg.c \
dlg_utils.c \
ethereal-tap-register.c \

451
gtk/decode_as_dcerpc.c Normal file
View File

@ -0,0 +1,451 @@
/* decode_as_dcerpc.c
*
* $Id: decode_as_dcerpc.c 11917 2004-09-06 19:56:36Z ulfl $
*
* Routines to modify dcerpc bindings on the fly.
*
* Copyright 2004 Ulf Lamping
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <gtk/gtk.h>
#include <string.h>
#include "decode_as_dlg.h"
#include "dlg_utils.h"
#include "globals.h"
#include "simple_dialog.h"
#include <epan/packet.h>
#include "ipproto.h"
#include "ui_util.h"
#include <epan/epan_dissect.h>
#include "compat_macros.h"
#include "decode_as_dcerpc.h"
#include <epan/dissectors/packet-dcerpc.h>
/**************************************************/
/* Typedefs & Enums */
/**************************************************/
/* list of dcerpc "Decode As" bindings */
GSList *decode_dcerpc_bindings = NULL;
/**************************************************/
/* Global Functions */
/**************************************************/
/* inject one of our bindings into the dcerpc binding table */
static void
decode_dcerpc_inject_binding(gpointer data, gpointer user_data)
{
dcerpc_add_conv_to_bind_table((decode_dcerpc_bind_values_t *) data);
}
/* inject all of our bindings into the dcerpc binding table */
static void
decode_dcerpc_inject_bindings(gpointer data) {
g_slist_foreach(decode_dcerpc_bindings, decode_dcerpc_inject_binding, NULL /* user_data */);
}
/* init this file */
void
decode_dcerpc_init(void) {
GHook* hook_init_proto;
/* add a hook function to the dcerpc init_protocols hook */
hook_init_proto = g_hook_alloc(&dcerpc_hooks_init_protos);
hook_init_proto->func = decode_dcerpc_inject_bindings;
g_hook_prepend(&dcerpc_hooks_init_protos, hook_init_proto);
}
/* clone a binding (uses g_malloc) */
static decode_dcerpc_bind_values_t *
decode_dcerpc_binding_clone(decode_dcerpc_bind_values_t *binding_in)
{
decode_dcerpc_bind_values_t *stored_binding;
stored_binding = g_malloc(sizeof(decode_dcerpc_bind_values_t));
*stored_binding = *binding_in;
COPY_ADDRESS(&stored_binding->addr_a, &binding_in->addr_a);
COPY_ADDRESS(&stored_binding->addr_b, &binding_in->addr_b);
stored_binding->ifname = g_string_new(binding_in->ifname->str);
return stored_binding;
}
/* free a binding */
void
decode_dcerpc_binding_free(void *binding_in)
{
decode_dcerpc_bind_values_t *binding = binding_in;
g_free((void *) binding->addr_a.data);
g_free((void *) binding->addr_b.data);
if(binding->ifname)
g_string_free(binding->ifname, TRUE);
g_free(binding);
}
/* compare two bindings (except the interface related things, e.g. uuid) */
static gint
decode_dcerpc_binding_cmp(gconstpointer a, gconstpointer b)
{
const decode_dcerpc_bind_values_t *binding_a = a;
const decode_dcerpc_bind_values_t *binding_b = b;
/* don't compare uuid and ver! */
if(
ADDRESSES_EQUAL(&binding_a->addr_a, &binding_b->addr_a) &&
ADDRESSES_EQUAL(&binding_a->addr_b, &binding_b->addr_b) &&
binding_a->ptype == binding_b->ptype &&
binding_a->port_a == binding_b->port_a &&
binding_a->port_b == binding_b->port_b &&
binding_a->ctx_id == binding_b->ctx_id &&
binding_a->smb_fid == binding_b->smb_fid)
{
/* equal */
return 0;
}
/* unequal */
return 1;
}
/**************************************************/
/* Show Changed Bindings */
/**************************************************/
/* add a single binding to the Show list */
static void
decode_dcerpc_add_show_list_single(gpointer data, gpointer user_data)
{
gchar string1[20];
decode_dcerpc_bind_values_t *binding = data;
g_snprintf(string1, sizeof(string1), "ctx_id: %u", binding->ctx_id);
decode_add_to_show_list (
user_data,
"DCE-RPC",
string1,
"-",
binding->ifname->str);
}
/* add all bindings to the Show list */
void
decode_dcerpc_add_show_list(gpointer user_data)
{
g_slist_foreach(decode_dcerpc_bindings, decode_dcerpc_add_show_list_single, user_data);
}
/**************************************************/
/* Modify the binding routines */
/**************************************************/
/* removes all bindings */
void
decode_dcerpc_reset_all(void)
{
decode_dcerpc_bind_values_t *binding;
while(decode_dcerpc_bindings) {
binding = decode_dcerpc_bindings->data;
decode_dcerpc_binding_free(binding);
decode_dcerpc_bindings = g_slist_remove(
decode_dcerpc_bindings,
decode_dcerpc_bindings->data);
}
}
/* remove a binding (looking the same way as the given one) */
static void
decode_dcerpc_binding_reset(
gchar *table_name,
decode_dcerpc_bind_values_t *binding)
{
GSList *le;
decode_dcerpc_bind_values_t *old_binding;
/* find the old binding (if it exists) */
le = g_slist_find_custom(decode_dcerpc_bindings,
binding,
decode_dcerpc_binding_cmp);
if(le == NULL)
return;
old_binding = le->data;
decode_dcerpc_bindings = g_slist_remove(decode_dcerpc_bindings, le->data);
g_free((void *) old_binding->addr_a.data);
g_free((void *) old_binding->addr_b.data);
g_string_free(old_binding->ifname, TRUE);
g_free(old_binding);
}
/* a binding has changed (remove a previously existing one) */
static void
decode_dcerpc_binding_change(
gchar *table_name,
decode_dcerpc_bind_values_t *binding)
{
decode_dcerpc_bind_values_t *stored_binding;
/* remove a probably existing old binding */
decode_dcerpc_binding_reset(table_name, binding);
/* clone the new binding and append it to the list */
stored_binding = decode_dcerpc_binding_clone(binding);
decode_dcerpc_bindings = g_slist_append (decode_dcerpc_bindings, stored_binding);
}
/* a binding has changed (add/replace/remove it) */
static void
decode_change_one_dcerpc_binding(gchar *table_name, decode_dcerpc_bind_values_t *binding, GtkWidget *list)
{
dcerpc_uuid_key *key;
gchar *abbrev;
#if GTK_MAJOR_VERSION < 2
gint row;
#else
GtkTreeSelection *selection;
GtkTreeModel *model;
GtkTreeIter iter;
#endif
#if GTK_MAJOR_VERSION < 2
if (!GTK_CLIST(list)->selection)
{
abbrev = NULL;
key = NULL;
} else {
row = GPOINTER_TO_INT(GTK_CLIST(list)->selection->data);
key = gtk_clist_get_row_data(GTK_CLIST(list), row);
gtk_clist_get_text(GTK_CLIST(list), row, E_LIST_S_PROTO_NAME, &abbrev);
}
#else
selection = gtk_tree_view_get_selection(GTK_TREE_VIEW(list));
if (gtk_tree_selection_get_selected(selection, &model, &iter) == FALSE)
{
abbrev = NULL;
key = NULL;
} else {
gtk_tree_model_get(model, &iter, E_LIST_S_PROTO_NAME, &abbrev,
E_LIST_S_TABLE+1, &key, -1);
}
#endif
if (abbrev != NULL && strcmp(abbrev, "(default)") == 0) {
decode_dcerpc_binding_reset(table_name, binding);
} else {
binding->ifname = g_string_new(abbrev);
binding->uuid = key->uuid;
binding->ver = key->ver;
decode_dcerpc_binding_change(table_name, binding);
}
#if GTK_MAJOR_VERSION >= 2
if (abbrev != NULL)
g_free(abbrev);
#endif
}
/**************************************************/
/* Action routines for the "Decode As..." dialog */
/* - called when the OK button pressed */
/**************************************************/
/*
* This routine is called when the user clicks the "OK" button in the
* "Decode As..." dialog window and the DCE-RPC page is foremost.
* This routine takes care of making any changes requested to the DCE-RPC
* binding tables.
*
* @param notebook_pg A pointer to the "DCE-RPC" notebook page.
*/
static void
decode_dcerpc(GtkWidget *notebook_pg)
{
GtkWidget *list;
gchar *table_name;
decode_dcerpc_bind_values_t *binding;
list = OBJECT_GET_DATA(notebook_pg, E_PAGE_LIST);
if (requested_action == E_DECODE_NO)
#if GTK_MAJOR_VERSION < 2
gtk_clist_unselect_all(GTK_CLIST(list));
#else
gtk_tree_selection_unselect_all(gtk_tree_view_get_selection(GTK_TREE_VIEW(list)));
#endif
binding = OBJECT_GET_DATA(notebook_pg, E_PAGE_BINDING);
/*table_name = OBJECT_GET_DATA(notebook_pg, E_PAGE_TABLE);*/
table_name = "DCE-RPC";
decode_change_one_dcerpc_binding(table_name, binding, list);
}
/**************************************************/
/* Dialog setup */
/**************************************************/
/* add an interface to the list */
static void
decode_dcerpc_add_to_list(gpointer key, gpointer value, gpointer user_data)
{
dcerpc_uuid_key *k = key;
dcerpc_uuid_value *v = value;
decode_add_to_list("DCE-RPC", v->name, key, user_data);
}
/* add all interfaces to the list */
static GtkWidget *
decode_add_dcerpc_menu (GtkWidget *page, gchar *table_name)
{
GtkWidget *scrolled_window;
GtkWidget *list;
decode_list_menu_start(page, &list, &scrolled_window);
g_hash_table_foreach(dcerpc_uuids, decode_dcerpc_add_to_list, list);
decode_list_menu_finish(list);
return(scrolled_window);
}
/* add a DCE-RPC page to the notebook */
GtkWidget *
decode_dcerpc_add_page (packet_info *pinfo)
{
GtkWidget *page_hb, *info_vb, *label, *scrolled_window;
GString *gs = g_string_new("");
GString *gs2 = g_string_new("");
decode_dcerpc_bind_values_t *binding;
/* clone binding */
binding = g_malloc(sizeof(decode_dcerpc_bind_values_t));
COPY_ADDRESS(&binding->addr_a, &pinfo->src);
COPY_ADDRESS(&binding->addr_b, &pinfo->dst);
binding->ptype = pinfo->ptype;
binding->port_a = pinfo->srcport;
binding->port_b = pinfo->destport;
binding->ctx_id = pinfo->dcectxid;
binding->smb_fid = dcerpc_get_transport_salt(pinfo, pinfo->dcetransporttype);
binding->ifname = NULL;
/*binding->uuid = NULL;*/
binding->ver = 0;
/* create page content */
page_hb = gtk_hbox_new(FALSE, 5);
OBJECT_SET_DATA(page_hb, E_PAGE_ACTION, decode_dcerpc);
OBJECT_SET_DATA(page_hb, E_PAGE_TABLE, "DCE-RPC");
OBJECT_SET_DATA(page_hb, E_PAGE_TITLE, "DCE-RPC");
OBJECT_SET_DATA(page_hb, E_PAGE_BINDING, binding);
info_vb = gtk_vbox_new(FALSE, 5);
gtk_box_pack_start(GTK_BOX(page_hb), info_vb, TRUE, TRUE, 0);
/* Always enabled */
label = gtk_label_new("Replace binding between:");
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
switch(binding->ptype) {
case(PT_TCP):
g_string_printf(gs2, "TCP port");
break;
case(PT_UDP):
g_string_printf(gs2, "UDP port");
break;
default:
g_string_printf(gs2, "Unknown port type");
}
/* XXX - how to print the address binding->addr_a? */
g_string_printf(gs, "Address: ToBeDone %s: %u", gs2->str, binding->port_a);
label = gtk_label_new(gs->str);
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
label = gtk_label_new("&");
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
/* XXX - how to print the address binding->addr_b? */
g_string_printf(gs, "Address: ToBeDone %s: %u", gs2->str, binding->port_b);
label = gtk_label_new(gs->str);
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
label = gtk_label_new("&");
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
g_string_printf(gs, "Context ID: %u", binding->ctx_id);
label = gtk_label_new(gs->str);
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
label = gtk_label_new("&");
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
gtk_widget_set_sensitive(label, binding->smb_fid);
g_string_printf(gs, "SMB FID: %u", binding->smb_fid);
label = gtk_label_new(gs->str);
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
gtk_widget_set_sensitive(label, binding->smb_fid);
/* Conditionally enabled - only when decoding packets */
label = gtk_label_new("with:");
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
decode_dimmable = g_slist_prepend(decode_dimmable, label);
scrolled_window = decode_add_dcerpc_menu(page_hb, "dcerpc" /*table_name*/);
gtk_box_pack_start(GTK_BOX(page_hb), scrolled_window, TRUE, TRUE, 0);
decode_dimmable = g_slist_prepend(decode_dimmable, scrolled_window);
g_string_free(gs, TRUE);
return(page_hb);
}

156
gtk/decode_as_dcerpc.h Normal file
View File

@ -0,0 +1,156 @@
/* decode_as_dcerpc.h
*
* $Id: decode_as_dlg.h 11400 2004-07-18 00:24:25Z guy $
*
* Routines to modify dcerpc bindings on the fly.
* Only internally used between decode_as_dlg and decode_as_dcerpc
*
* Copyright 2004 Ulf Lamping
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
#ifndef __DECODE_AS_DCERPC_H__
#define __DECODE_AS_DCERPC_H__
/** @file
* "Decode As" / "User Specified Decodes" dialog box.
* @ingroup dialog_group
*/
/*
* Columns for a "Select" list.
* Note that most of these columns aren't displayed; they're attached
* to the row of the table as additional information.
*/
#define E_LIST_S_PROTO_NAME 0
#define E_LIST_S_TABLE 1
/* The following is for debugging in decode_add_to_list */
#define E_LIST_S_MAX E_LIST_S_TABLE
#define E_LIST_S_COLUMNS (E_LIST_S_MAX + 1)
#define E_PAGE_LIST "notebook_page_list"
#define E_PAGE_TABLE "notebook_page_table_name"
#define E_PAGE_TITLE "notebook_page_title"
#define E_PAGE_VALUE "notebook_page_value"
#define E_PAGE_ACTION "notebook_page_action"
#define E_PAGE_DCERPC "notebook_page_dcerpc" /* dcerpc only */
#define E_PAGE_BINDING "notebook_page_binding" /* dcerpc only */
/*
* Enum used to track which radio button is currently selected in the
* dialog. These buttons are labeled "Decode" and "Do not decode".
*/
enum action_type {
/* The "Decode" button is currently selected. */
E_DECODE_YES,
/* The "Do not decode" button is currently selected. */
E_DECODE_NO
};
extern enum action_type requested_action;
/*
* A list of the dialog items that only have meaning when the user has
* selected the "Decode" radio button. When the "Do not decode"
* button is selected these items should be dimmed.
*/
extern GSList *decode_dimmable;
/* init decode_dcerpc internals */
extern void decode_dcerpc_init(void);
/* remove all bindings */
extern void decode_dcerpc_reset_all(void);
extern void
decode_dcerpc_add_show_list(gpointer user_data);
extern GtkWidget *
decode_dcerpc_add_page(packet_info *pinfo);
extern void
decode_dcerpc_binding_free(void *binding);
/** Add an item the the Show list.
*/
extern void
decode_add_to_show_list (
gpointer list_data,
gchar *table_name,
gchar *selector_name,
gchar *initial_proto_name,
gchar *current_proto_name);
/*
* This routine creates one entry in the list of protocol dissector
* that can be used. It is called by the dissector_table_foreach_handle
* routine once for each entry in a dissector table's list of handles
* for dissectors that could be used in that table. It guarantees unique
* entries by iterating over the list of entries build up to this point,
* looking for a duplicate name. If there is no duplicate, then this
* entry is added to the list of possible dissectors.
*
* @param table_name The name of the dissector table currently
* being walked.
*
* @param value The dissector handle for this entry. This is an opaque
* pointer that can only be handed back to routines in the file packet.c
*
* @param user_data A data block passed into each instance of this
* routine. It contains information from the caller of the foreach
* routine, specifying information about the dissector table and where
* to store any information generated by this routine.
*/
extern void
decode_add_to_list (gchar *table_name, gchar *proto_name, gpointer value, gpointer user_data);
/*
* This routine starts the creation of a List on a notebook page. It
* creates both a scrolled window and a list, adds the list to the
* window, and attaches the list as a data object on the page.
*
* @param page A pointer to the notebook page being created.
*
* @param list_p Will be filled in with the address of a newly
* created List.
*
* @param scrolled_win_p Will be filled in with the address of a newly
* created GtkScrolledWindow.
*/
extern void
decode_list_menu_start(GtkWidget *page, GtkWidget **list_p,
GtkWidget **scrolled_win_p);
/*
* This routine finishes the creation of a List on a notebook page.
* It adds the default entry, sets the default entry as the
* highlighted entry, and sorts the List.
*
* @param list A pointer the the List to finish.
*/
extern void
decode_list_menu_finish(GtkWidget *list);
#endif

329
gtk/decode_as_dlg.c
View File

@ -38,9 +38,7 @@
#include "ui_util.h"
#include <epan/epan_dissect.h>
#include "compat_macros.h"
/* XXX - well, this is an ugly hack ... */
#include "../epan/dissectors/packet-dcerpc.h"
#include "decode_as_dcerpc.h"
#undef DEBUG
@ -48,18 +46,6 @@
/* Typedefs & Enums */
/**************************************************/
/*
* Enum used to track which radio button is currently selected in the
* dialog. These buttons are labeled "Decode" and "Do not decode".
*/
enum action_type {
/* The "Decode" button is currently selected. */
E_DECODE_YES,
/* The "Do not decode" button is currently selected. */
E_DECODE_NO
};
/*
* Enum used to track which transport layer port menu item is
* currently selected in the dialog. These items are labeled "source",
@ -81,31 +67,10 @@ enum srcdst_type {
#define E_MENU_SRCDST "menu_src_dst"
#define E_PAGE_ACTION "notebook_page_action"
#define E_PAGE_DPORT "dport"
#define E_PAGE_SPORT "sport"
#define E_PAGE_PPID "ppid"
#define E_PAGE_LIST "notebook_page_list"
#define E_PAGE_TABLE "notebook_page_table_name"
#define E_PAGE_TITLE "notebook_page_title"
#define E_PAGE_VALUE "notebook_page_value"
#define E_PAGE_CONV "notebook_page_conv" /* dcerpc only */
#define E_PAGE_CTX_ID "notebook_page_ctx_id" /* dcerpc only */
#define E_PAGE_SMB_FID "notebook_page_smb_fid" /* dcerpc only */
/*
* Columns for a "Select" list.
* Note that most of these columns aren't displayed; they're attached
* to the row of the table as additional information.
*/
#define E_LIST_S_PROTO_NAME 0
#define E_LIST_S_TABLE 1
/* The following is for debugging in decode_add_to_list */
#define E_LIST_S_MAX E_LIST_S_TABLE
#define E_LIST_S_COLUMNS (E_LIST_S_MAX + 1)
/*
* Columns for a "Display" list
*/
@ -142,7 +107,7 @@ static GtkWidget *decode_show_w = NULL;
* selected the "Decode" radio button. When the "Do not decode"
* button is selected these items should be dimmed.
*/
static GSList *decode_dimmable = NULL;
GSList *decode_dimmable = NULL;
/*
* Remember the "action" radio button that is currently selected in
@ -150,10 +115,21 @@ static GSList *decode_dimmable = NULL;
* modified in a callback routine, and read in the routine that
* handles a click in the "OK" button for the dialog.
*/
static enum action_type requested_action = -1;
enum action_type requested_action = -1;
/**************************************************/
/* Resett Changed Dissectors */
/* Global Functions */
/**************************************************/
/* init this module */
void decode_as_init(void) {
decode_dcerpc_init();
}
/**************************************************/
/* Reset Changed Dissectors */
/**************************************************/
/*
@ -240,6 +216,45 @@ decode_build_reset_list (gchar *table_name, ftenum_t selector_type,
/* Show Changed Dissectors */
/**************************************************/
void
decode_add_to_show_list (
gpointer list_data,
gchar *table_name,
gchar *selector_name,
gchar *initial_proto_name,
gchar *current_proto_name)
{
gchar *text[E_LIST_D_COLUMNS];
#if GTK_MAJOR_VERSION < 2
GtkCList *clist;
gint row;
#else
GtkListStore *store;
GtkTreeIter iter;
#endif
#if GTK_MAJOR_VERSION < 2
clist = (GtkCList *)list_data;
#else
store = (GtkListStore *)list_data;
#endif
text[E_LIST_D_TABLE] = table_name;
text[E_LIST_D_SELECTOR] = selector_name;
text[E_LIST_D_INITIAL] = initial_proto_name;
text[E_LIST_D_CURRENT] = current_proto_name;
#if GTK_MAJOR_VERSION < 2
row = gtk_clist_prepend(clist, text);
#else
gtk_list_store_append(store, &iter);
gtk_list_store_set(store, &iter, E_LIST_D_TABLE, text[E_LIST_D_TABLE],
E_LIST_D_SELECTOR, text[E_LIST_D_SELECTOR],
E_LIST_D_INITIAL, text[E_LIST_D_INITIAL],
E_LIST_D_CURRENT, text[E_LIST_D_CURRENT], -1);
#endif
}
/*
* This routine creates one entry in the list of protocol dissector
* that have been changed. It is called by the g_hash_foreach routine
@ -263,25 +278,13 @@ static void
decode_build_show_list (gchar *table_name, ftenum_t selector_type,
gpointer key, gpointer value, gpointer user_data)
{
#if GTK_MAJOR_VERSION < 2
GtkCList *clist;
gint row;
#else
GtkListStore *store;
GtkTreeIter iter;
#endif
dissector_handle_t current, initial;
gchar *current_proto_name, *initial_proto_name, *text[E_LIST_D_COLUMNS];
gchar *current_proto_name, *initial_proto_name, *selector_name;
gchar string1[20];
g_assert(user_data);
g_assert(value);
#if GTK_MAJOR_VERSION < 2
clist = (GtkCList *)user_data;
#else
store = (GtkListStore *)user_data;
#endif
current = dtbl_entry_get_handle(value);
if (current == NULL)
current_proto_name = "(none)";
@ -293,7 +296,6 @@ decode_build_show_list (gchar *table_name, ftenum_t selector_type,
else
initial_proto_name = dissector_handle_get_short_name(initial);
text[E_LIST_D_TABLE] = get_dissector_table_ui_name(table_name);
switch (selector_type) {
case FT_UINT8:
@ -335,29 +337,25 @@ decode_build_show_list (gchar *table_name, ftenum_t selector_type,
g_snprintf(string1, sizeof(string1), "%#o", GPOINTER_TO_UINT(key));
break;
}
text[E_LIST_D_SELECTOR] = string1;
selector_name = string1;
break;
case FT_STRING:
case FT_STRINGZ:
text[E_LIST_D_SELECTOR] = key;
selector_name = key;
break;
default:
g_assert_not_reached();
break;
}
text[E_LIST_D_INITIAL] = initial_proto_name;
text[E_LIST_D_CURRENT] = current_proto_name;
#if GTK_MAJOR_VERSION < 2
row = gtk_clist_prepend(clist, text);
#else
gtk_list_store_append(store, &iter);
gtk_list_store_set(store, &iter, E_LIST_D_TABLE, text[E_LIST_D_TABLE],
E_LIST_D_SELECTOR, text[E_LIST_D_SELECTOR],
E_LIST_D_INITIAL, text[E_LIST_D_INITIAL],
E_LIST_D_CURRENT, text[E_LIST_D_CURRENT], -1);
#endif
decode_add_to_show_list (
user_data,
get_dissector_table_ui_name(table_name),
selector_name,
initial_proto_name,
current_proto_name);
}
@ -420,6 +418,8 @@ decode_show_clear_cb (GtkWidget *clear_bt _U_, gpointer parent_w)
g_slist_free(dissector_reset_list);
dissector_reset_list = NULL;
decode_dcerpc_reset_all();
redissect_packets(&cfile);
window_destroy(GTK_WIDGET(parent_w));
@ -533,9 +533,11 @@ decode_show_cb (GtkWidget * w _U_, gpointer data _U_)
#if GTK_MAJOR_VERSION < 2
dissector_all_tables_foreach_changed(decode_build_show_list, list);
gtk_clist_sort(list);
decode_dcerpc_add_show_list(list);
#else
dissector_all_tables_foreach_changed(decode_build_show_list, store);
g_object_unref(G_OBJECT(store));
decode_dcerpc_add_show_list(store);
#endif
/* Put clist into a scrolled window */
@ -656,71 +658,6 @@ decode_change_one_dissector(gchar *table_name, guint selector, GtkWidget *list)
}
static void
decode_dcerpc_dissector_change(gchar *table_name, conversation_t *conv, guint16 ctx_id, guint16 smb_fid, dcerpc_uuid_key *key)
{
printf("cn_rqst: conv 0x%x ctx:%u smb:%u\n", conv, ctx_id, 0);
dcerpc_add_conv_to_bind_table(conv,
ctx_id,
smb_fid /*get_transport_salt(pinfo, pinfo->dcetransporttype)*/,
key->uuid,
key->ver);
redissect_packets(&cfile);
}
static void
decode_change_one_dcerpc_dissector(gchar *table_name, conversation_t *conv, guint16 ctx_id, guint16 smb_fid, GtkWidget *list)
{
dcerpc_uuid_key *key;
gchar *abbrev;
#if GTK_MAJOR_VERSION < 2
gint row;
#else
GtkTreeSelection *selection;
GtkTreeModel *model;
GtkTreeIter iter;
#endif
#if GTK_MAJOR_VERSION < 2
if (!GTK_CLIST(list)->selection)
{
abbrev = NULL;
key = NULL;
} else {
row = GPOINTER_TO_INT(GTK_CLIST(list)->selection->data);
key = gtk_clist_get_row_data(GTK_CLIST(list), row);
gtk_clist_get_text(GTK_CLIST(list), row, E_LIST_S_PROTO_NAME, &abbrev);
}
#else
selection = gtk_tree_view_get_selection(GTK_TREE_VIEW(list));
if (gtk_tree_selection_get_selected(selection, &model, &iter) == FALSE)
{
abbrev = NULL;
key = NULL;
} else {
gtk_tree_model_get(model, &iter, E_LIST_S_PROTO_NAME, &abbrev,
E_LIST_S_TABLE+1, &key, -1);
}
#endif
if (abbrev != NULL && strcmp(abbrev, "(default)") == 0) {
/* dissector_reset(table_name, selector);*/
/* XXX - what to do instead? */
} else {
/* dissector_change(table_name, selector, handle);*/
decode_dcerpc_dissector_change(table_name, conv, ctx_id, smb_fid, key);
}
#if GTK_MAJOR_VERSION >= 2
if (abbrev != NULL)
g_free(abbrev);
#endif
}
/**************************************************/
/* Action routines for the "Decode As..." dialog */
/* - called when the OK button pressed */
@ -865,41 +802,6 @@ decode_transport(GtkWidget *notebook_pg)
}
/*
* This routine is called when the user clicks the "OK" button in the
* "Decode As..." dialog window and the DCE-RPC page is foremost.
* This routine takes care of making any changes requested to the DCE-RPC
* dissector tables.
*
* @param notebook_pg A pointer to the "transport" notebook page.
*/
static void
decode_dcerpc(GtkWidget *notebook_pg)
{
GtkWidget *list;
gchar *table_name;
guint16 ctx_id;
guint16 smb_fid;
conversation_t *conv;
list = OBJECT_GET_DATA(notebook_pg, E_PAGE_LIST);
if (requested_action == E_DECODE_NO)
#if GTK_MAJOR_VERSION < 2
gtk_clist_unselect_all(GTK_CLIST(list));
#else
gtk_tree_selection_unselect_all(gtk_tree_view_get_selection(GTK_TREE_VIEW(list)));
#endif
conv = OBJECT_GET_DATA(notebook_pg, E_PAGE_CONV);
ctx_id = GPOINTER_TO_UINT(OBJECT_GET_DATA(notebook_pg, E_PAGE_CTX_ID));
smb_fid = GPOINTER_TO_UINT(OBJECT_GET_DATA(notebook_pg, E_PAGE_SMB_FID));
/*table_name = OBJECT_GET_DATA(notebook_pg, E_PAGE_TABLE);*/
table_name = "DCE-RPC";
decode_change_one_dcerpc_dissector(table_name, conv, ctx_id, smb_fid, list);
}
/**************************************************/
/* Signals from the "Decode As..." dialog */
/**************************************************/
@ -923,6 +825,7 @@ decode_ok_cb (GtkWidget *ok_bt _U_, gpointer parent_w)
GtkWidget *notebook, *notebook_pg;
void (* func)(GtkWidget *);
gint page_num;
void *binding;
/* Call the right routine for the page that was currently in front. */
notebook = OBJECT_GET_DATA(parent_w, E_NOTEBOOK);
@ -933,6 +836,11 @@ decode_ok_cb (GtkWidget *ok_bt _U_, gpointer parent_w)
func(notebook_pg);
/* Now destroy the "Decode As" dialog. */
notebook_pg = OBJECT_GET_DATA(parent_w, E_PAGE_DCERPC);
binding = OBJECT_GET_DATA(notebook_pg, E_PAGE_BINDING);
if(binding) {
decode_dcerpc_binding_free(binding);
}
window_destroy(GTK_WIDGET(parent_w));
g_slist_free(decode_dimmable);
decode_dimmable = NULL;
@ -981,6 +889,17 @@ decode_apply_cb (GtkWidget *apply_bt _U_, gpointer parent_w)
static void
decode_cancel_cb (GtkWidget *cancel_bt _U_, gpointer parent_w)
{
GtkWidget *notebook_pg = NULL;
void *binding = NULL;
notebook_pg = OBJECT_GET_DATA(parent_w, E_PAGE_DCERPC);
if(notebook_pg) {
binding = OBJECT_GET_DATA(notebook_pg, E_PAGE_BINDING);
}
if(binding) {
decode_dcerpc_binding_free(binding);
}
window_destroy(GTK_WIDGET(parent_w));
g_slist_free(decode_dimmable);
decode_dimmable = NULL;
@ -1235,7 +1154,7 @@ lookup_handle(GtkTreeModel *model, GtkTreePath *path _U_, GtkTreeIter *iter,
* routine, specifying information about the dissector table and where
* to store any information generated by this routine.
*/
static void
void
decode_add_to_list (gchar *table_name, gchar *proto_name, gpointer value, gpointer user_data)
{
gchar *text[E_LIST_S_COLUMNS];
@ -1314,7 +1233,7 @@ decode_proto_add_to_list (gchar *table_name, gpointer value, gpointer user_data)
* @param scrolled_win_p Will be filled in with the address of a newly
* created GtkScrolledWindow.
*/
static void
void
decode_list_menu_start(GtkWidget *page, GtkWidget **list_p,
GtkWidget **scrolled_win_p)
{
@ -1382,7 +1301,7 @@ decode_list_menu_start(GtkWidget *page, GtkWidget **list_p,
*
* @param list A pointer the the List to finish.
*/
static void
void
decode_list_menu_finish(GtkWidget *list)
{
gchar *text[E_LIST_S_COLUMNS];
@ -1442,27 +1361,6 @@ decode_add_simple_menu (GtkWidget *page, gchar *table_name)
}
void decode_dcerpc_add_to_list(gpointer key, gpointer value, gpointer user_data)
{
dcerpc_uuid_key *k = key;
dcerpc_uuid_value *v = value;
decode_add_to_list("DCE-RPC", v->name, key, user_data);
}
static GtkWidget *
decode_add_dcerpc_menu (GtkWidget *page, gchar *table_name)
{
GtkWidget *scrolled_window;
GtkWidget *list;
decode_list_menu_start(page, &list, &scrolled_window);
g_hash_table_foreach(dcerpc_uuids, decode_dcerpc_add_to_list, list);
decode_list_menu_finish(list);
return(scrolled_window);
}
/**************************************************/
/* Dialog setup */
/**************************************************/
@ -1594,52 +1492,6 @@ decode_add_sctp_page (gchar *prompt, gchar *table_name)
return(page);
}
static GtkWidget *
decode_add_decrpc_page (packet_info *pinfo)
{
GtkWidget *page_hb, *info_vb, *label, *scrolled_window/*, *optmenu*/;
gchar ls[100];
conversation_t *conv;
page_hb = gtk_hbox_new(FALSE, 5);
OBJECT_SET_DATA(page_hb, E_PAGE_ACTION, decode_dcerpc);
OBJECT_SET_DATA(page_hb, E_PAGE_TABLE, "DCE-RPC");
OBJECT_SET_DATA(page_hb, E_PAGE_TITLE, "DCE-RPC");
info_vb = gtk_vbox_new(FALSE, 5);
gtk_box_pack_start(GTK_BOX(page_hb), info_vb, TRUE, TRUE, 0);
/* Always enabled */
g_snprintf(ls, sizeof(ls), "Context ID: %u", pinfo->dcectxid);
label = gtk_label_new(ls);
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
conv = find_conversation (&pinfo->src, &pinfo->dst, pinfo->ptype,
pinfo->srcport, pinfo->destport, 0);
/* beware: if the capture file is closed, we have to remove all conversation
* "decode as" bindings, as the pinfo and conversations become invalid! */
OBJECT_SET_DATA(page_hb, E_PAGE_CONV, conv);
OBJECT_SET_DATA(page_hb, E_PAGE_CTX_ID, GUINT_TO_POINTER(pinfo->dcectxid));
OBJECT_SET_DATA(page_hb, E_PAGE_SMB_FID, GUINT_TO_POINTER(0 /*pinfo->dcecsmbfid*/));
g_snprintf(ls, sizeof(ls), "Between port: %u and %u",
pinfo->srcport, pinfo->destport);
label = gtk_label_new(ls);
gtk_box_pack_start(GTK_BOX(info_vb), label, TRUE, TRUE, 0);
/* Conditionally enabled - only when decoding packets */
label = gtk_label_new("as");
gtk_box_pack_start(GTK_BOX(page_hb), label, TRUE, TRUE, 0);
decode_dimmable = g_slist_prepend(decode_dimmable, label);
scrolled_window = decode_add_dcerpc_menu(page_hb, "dcerpc" /*table_name*/);
gtk_box_pack_start(GTK_BOX(page_hb), scrolled_window, TRUE, TRUE, 0);
decode_dimmable = g_slist_prepend(decode_dimmable, scrolled_window);
return(page_hb);
}
/*
* This routine indicates whether we'd actually have any pages in the
@ -1717,13 +1569,12 @@ decode_add_notebook (GtkWidget *format_hb)
gtk_notebook_append_page(GTK_NOTEBOOK(notebook), page, label);
}
/*
if(cfile.edt->pi.dcetransporttype != -1) {
page = decode_add_decrpc_page(&cfile.edt->pi);
page = decode_dcerpc_add_page(&cfile.edt->pi);
label = gtk_label_new("DCE-RPC");
gtk_notebook_append_page(GTK_NOTEBOOK(notebook), page, label);
OBJECT_SET_DATA(decode_w, E_PAGE_DCERPC, page);
}
*/
/* Select the last added page (selects first by default) */
/* Notebook must be visible for set_page to work. */

4
gtk/decode_as_dlg.h
View File

@ -31,6 +31,10 @@
* @ingroup dialog_group
*/
/** Init the "Decode As" module
*/
void decode_as_init(void);
/** User requested the "Decode As" dialog box by menu or toolbar.
*
* @param widget parent widget (unused)

2
gtk/main.c
View File

@ -132,6 +132,7 @@
#include "follow_dlg.h"
#include "font_utils.h"
#include "about_dlg.h"
#include "decode_as_dlg.h"
/*
@ -2419,6 +2420,7 @@ main(int argc, char *argv[])
colors_init();
colfilter_init();
decode_as_init();
/* the window can be sized only, if it's not already shown, so do it now! */
main_load_window_geometry(top_level);