osmith/wireshark
1
0
Fork 0
forked from osmocom/wireshark
Code Pull requests Releases Wiki Activity
wireshark/epan/dissectors/pidl/mapi/mapi.cnf
Stig Bjørlykke 782138e1aa Corrected some HF_FIELD values. 
svn path=/trunk/; revision=30510
2009-10-11 14:34:33 +00:00

120 lines
3.6 KiB
INI
Raw Blame History

# handle
HF_FIELD hf_mapi_handle "Handle" "mapi.handle" FT_BYTES BASE_NONE NULL 0 NULL HFILL
HF_RENAME hf_mapi_EcDoConnect_handle hf_mapi_handle
HF_RENAME hf_mapi_EcDoDisconnect_handle hf_mapi_handle
HF_RENAME hf_mapi_EcDoRpc_handle hf_mapi_handle
HF_RENAME hf_mapi_EcRRegisterPushNotification_handle hf_mapi_handle
HF_RENAME hf_mapi_EcRUnregisterPushNotification_handle hf_mapi_handle
#
# policyhandle tracking
# This block is to specify where a policyhandle is opened and where it is
# closed so that policyhandles when dissected contain nice info such as
# [opened in xxx] [closed in yyy]
#
# Policyhandles are opened in these functions (open == 0x0001)
PARAM_VALUE mapi_dissect_element_EcDoConnect_handle_ 0x0001
# Policyhandles are closed in these functions (close == 0x0002)
PARAM_VALUE mapi_dissect_element_EcDoDisconnect_handle_ 0x0002
HF_FIELD hf_mapi_property_types "Value" "mapi.SPropValue.value" FT_UINT32 BASE_HEX VALS(mapi_property_types_vals) 0 NULL HFILL
HF_RENAME hf_mapi_SPropValue_value hf_mapi_property_types
HF_FIELD hf_mapi_recipient_type "Recipient Type" "mapi.recipients_headers.type" FT_UINT16 BASE_HEX VALS(mapi_OM_recipient_type_vals) 0 NULL HFILL
HF_RENAME hf_mapi_recipients_headers_type hf_mapi_recipient_type
HF_FIELD hf_mapi_MAPI_OPNUM "Opnum" "mapi.EcDoRpc_MAPI_REQ.opnum" FT_UINT8 BASE_HEX VALS(mapi_MAPI_OPNUM_vals) 0 NULL HFILL
HF_RENAME hf_mapi_EcDoRpc_MAPI_REQ_opnum hf_mapi_MAPI_OPNUM
HF_FIELD hf_mapi_pdu_len "Length" "mapi.pdu.len" FT_UINT16 BASE_HEX NULL 0x0 "Size of the command PDU" HFILL
HF_FIELD hf_mapi_decrypted_data "Decrypted data" "mapi.decrypted.data" FT_BYTES BASE_NONE NULL 0 NULL HFILL
NOEMIT SBinary_short
NOEMIT MV_LONG_STRUCT
NOEMIT SLPSTRArray
NOEMIT SBinaryArray
NOEMIT SGuidArray
NOEMIT SPropValue_array
NOEMIT SPropTagArray
NOEMIT SRowList
NOEMIT OpenMessage_repl
NOEMIT GetPropList_repl
NOEMIT DeleteProps_req
NOEMIT ModifyRecipients_req
NOEMIT SetColumns_req
NOEMIT SSortOrderSet
NOEMIT SAndRestriction
NOEMIT SOrRestriction
NOEMIT SNotRestriction
NOEMIT SSubRestriction
NOEMIT SCommentRestriction
NOEMIT DeleteMessages_req
NOEMIT SetSearchCriteria_req
NOEMIT GetSearchCriteria_repl
NOEMIT CopyMessages_req
NOEMIT QueryColumns_repl
NOEMIT AddressTypes_repl
NOEMIT GetNamesFromIDs_repl
NOEMIT GetIDsFromNames_req
NOEMIT GetIDsFromNames_repl
NOEMIT QueryNamesFromIDs_repl
NOEMIT GetReceiveFolderTable_repl
NOEMIT NOTIFKEY
TYPE hyper "offset=cnf_dissect_hyper(tvb, offset, pinfo, tree, drep, @PARAM@, @HF@);" FT_UINT64 BASE_DEC 0 NULL 8
CODE START
static int
cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, guint32 param _U_, int hfindex)
{
offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, drep, hfindex, NULL);
return offset;
}
/**
* Analyze mapi_request MAPI Handles
*/
static int mapi_dissect_element_request_handles(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
{
gint reported_len;
gint i;
gint handles_cnt = 0;
int old_offset;
guint32 value;
proto_item *it = NULL;
proto_tree *tr = NULL;
reported_len = tvb_reported_length_remaining(tvb, offset);
handles_cnt = reported_len / 4;
it = proto_tree_add_text(tree, tvb, offset, reported_len, "MAPI Handles: %d", handles_cnt);
tr = proto_item_add_subtree(it, ett_mapi_mapi_request);
for (i = 0; i < handles_cnt; i++) {
old_offset = offset;
value = tvb_get_letohl(tvb, offset);
offset += 4;
proto_tree_add_text(tr, tvb, old_offset, offset - old_offset, "[%.2d] MAPI handle: 0x%.8x", i, value);
}
return offset;
}
CODE END
#
# MAPI Request and Response
#
INCLUDE request.cnf.c
INCLUDE response.cnf.c
View git blame Copy permalink