Move the declaration of routines exported from "packet-smb-mailslot.c"
into a "packet-smb-mailslot.h" header file, and have modules that import
those routines include "packet-smb-mailslot.h" rather than declaring the
routines themselves; do the same for routines exported from
"packet-smb-pipe.c". Make routines not exported static, and make
routines that return a true/false return value "gboolean" rather than
"guint32".
svn path=/trunk/; revision=3146
with not terminating their arrays because they knew the limits of the
value used to look up strings in the value_string array, but the
dfilter_expr_dlg does not know these limits and must rely on the terminating
{0, NULL} record.
Also, in SNA fixed a bug in which a field should have been defined as FT_UINT8
but was defined as FT_BOOLEAN.
In WTP, fixed a value string which had duplicate keys.
svn path=/trunk/; revision=2817
protocols, in addition to adding structures to the list of filterable
fields. Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as
pinfo->current_proto;
the dialog box for constructing filters;
the preferences tab for the protocol;
and so on (although we're not yet using it in all those places).
Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.
Make some routines and variables that aren't exported static.
Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.
svn path=/trunk/; revision=2810
Make sure that if _gtime is null, a bad format message returned.
Also noticed that I am going to have to do something about Unicode strings soon and the SMBopenX dissect is slightly wrong ... Oh well, it is the Xmas break soon :-) No rest for the Wicca'd (please don't interpret that as a statement of my religious affiliation, it is just a cute saying :-)
svn path=/trunk/; revision=2764
can be put, and a pointer to the string for the column, which might or
might not point to that buffer.
Add a routine "col_set_str()", which sets the string for the column to
the string passed to it as an argument; it should only be handed a
static string (a string constant would be ideal). It doesn't do any
copying, so it's faster than "col_add_str()".
Make the routines that append to columns check whether the pointer to
the string for the column points to the buffer for the column and, if
not, copy the string for the column to the buffer for the column so that
you can append to it (so you can use "col_set_str()" and then use
"col_append_str()" or "col_append_fstr()").
Convert a bunch of "col_add_str()" calls that take a string constant as
an argument to "col_set_str()" calls.
Convert some "col_add_fstr()" calls that take a string constant as the
only argument - i.e., the format string doesn't have any "%" slots into
which to put strings for subsequent arguments to "col_set_str()" calls
(those calls are just like "col_add_str()" calls).
Replace an END_OF_FRAME reference in a tvbuffified dissector with a
"tvb_length(tvb)" call.
svn path=/trunk/; revision=2670
the following:
It is now possible to enable/disable a particular protocol decoding
(i.e. the protocol dissector is void or not). When a protocol
is disabled, it is displayed as Data and of course, all linked
sub-protocols are disabled as well.
Disabling a protocol could be interesting:
- in case of buggy dissectors
- in case of wrong heuristics
- for performance reasons
- to decode the data as another protocol (TODO)
Currently (if I am not wrong), all dissectors but NFS can be disabled
(and dissectors that do not register protocols :-)
I do not like the way the RPC sub-dissectors are disabled (in the
sub-dissectors) since this could be done in the RPC dissector itself,
knowing the sub-protocol hfinfo entry (this is why, I've not modified
the NFS one yet).
Two functions are added in proto.c :
gboolean proto_is_protocol_enabled(int n);
void proto_set_decoding(int n, gboolean enabled);
and two MACROs which can be used in dissectors:
OLD_CHECK_DISPLAY_AS_DATA(index, pd, offset, fd, tree)
CHECK_DISPLAY_AS_DATA(index, tvb, pinfo, tree)
See also the XXX in proto_dlg.c and proto.c around the new functions.
svn path=/trunk/; revision=2267
a particular type, rather than taking a varargs list, along the lines of
the "proto_tree_add_XXX_format()" routines.
Replace most calls to "proto_tree_add_item()" and
"proto_tree_add_item_hidden()" with calls to those routines.
Rename "proto_tree_add_item()" and "proto_tree_add_item_hidden()" to
"proto_tree_add_item_old()" and "proto_tree_add_item_hidden_old()", and
add new "proto_tree_add_item()" and "proto_tree_add_item_hidden()"
routines that don't take the item to be added as an argument - instead,
they fetch the argument from the packet whose tvbuff was handed to them,
from the offset handed to them.
svn path=/trunk/; revision=2031
Add exceptions routines.
Convert proto_tree_add_*() routines to require tvbuff_t* argument.
Convert all dissectors to pass NULL argument ("NullTVB" macro == NULL) as
the tvbuff_t* argument to proto_tree_add_*() routines.
dissect_packet() creates a tvbuff_t, wraps the next dissect call in
a TRY block, will print "Short Frame" on the proto_tree if a BoundsError
exception is caught.
The FDDI dissector is converted to use tvbuff's.
svn path=/trunk/; revision=1939
Don't use a global variable named "gmtime" - some versions of
NetBSD define it in <time.h> - use "_gmtime" instead, so we can
build on those NetBSD systems.
svn path=/trunk/; revision=1375
responses and adds some more stuff.
I will have to decode NTcreateAndX requests and responses soon as well
as the MSRPC stuff ...
svn path=/trunk/; revision=1356
Now should be decoding the names of lots more LanMan API request. These
were culled from Samba. Would be good to go through and give names to the
fields as well.
Will soon decode the response structures returned and then will look at
ways to specify that built-in routines should be called to decode an element.
I also need some captures with UNICODE in them. Anyone got any? Someone
sent in a patch for UNICODE handling, but I did not realize what it was and
now the code has diverged so far it is hard to apply the patch ...
Send captures to rsharpe@ns.aus.com./
svn path=/trunk/; revision=1334
from Guy, plus a few more of my own.
Also added in basic response decoding where we don't know what it is ...
Got more to do, as well as decoding returned data ... Thinking about that
now, and will have a data-drived approach.
I need some way to specify that an internal routine be called for some types
of data where we know what type it is, in the case of Server Types for
example ...
svn path=/trunk/; revision=1294
Fixed up some bugs to do with NetShareEnum. There is still a persistent bug
left that looks like an alignment problem. Damn documentation does not talk
about the need to align the response structures for a NetServerEnum2 on SHORT
boundaries, but it sure looks like they should be so.
svn path=/trunk/; revision=1235
UNICODE strings in transact SMBs.
Added decode of NetShareEnum transact request. Will have to clean that all
up and use the decode engine when I get it done.
Still more fix ups to be done, but the book is calling, and I have to write
some stuff after an interview with LinuxCare.
svn path=/trunk/; revision=1113
I still have compile warnings, but I am too tired to chase them down.
Have also fixed a number of problems.
Next thing to add is a general engine that can decode Transact messages
as they can be decode from the descriptors in the Parameters area, and I
can feed in a list of names where we know what a structure looks like,
otherwise we use made up names.
svn path=/trunk/; revision=1079
(remove commas following the last member of an enum, make all bit fields
"guint32" - GCC lets you get away with that, but at least some other
compilers don't).
svn path=/trunk/; revision=1052
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
dynamically-assigned "ett_" integer values, assigned by
"proto_register_subtree_array()"; this:
obviates the need to update "packet.h" whenever you add a new
subtree type - you only have to add a call to
"proto_register_subtree_array()" to a "register" routine and an
array of pointers to "ett_", if they're not already there, and
add a pointer to the new "ett_" variable to the array, if they
are there;
would allow run-time-loaded dissectors to allocate subtree types
when they're loaded.
svn path=/trunk/; revision=1043
There was a core dump because of a coding oversight. Should be fixed
now Gilbert.
Should now handle names of form \<somepipe>
Will screw up if there is no leading slash, but in a non-fatal way, I
think.
svn path=/trunk/; revision=1041
much more complete decoding of browse messages.
They are now shown in the parent tree as well.
I still have problems with:
1. Times
2. Election criteral
I also haven't been able to see a BecomeBackup request, nor a
GetBackupListResp with more than one browser ... Should run a Windows NT
server or another Samba on my network.
I am also not sure of there are any more message types. Damn! Old, and
wrong MS documents!
svn path=/trunk/; revision=1025
MS Windows Browser messages. Can decode host announcements now.
Still need to decode more. Also need to break the new code out.
I also have the Browse tree at the wrong location. Can I get at the
parent of the tree somewhere, or do I have to pass it in as a variable?
svn path=/trunk/; revision=1024
Guy Harris