osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

In packet-dcerpc-nt.c, make sure we call init_pol_hash() each time we load 

a capture file.  This should fix bug #536.

Make sure we initialize our hash tables in packet-dcerpc-nt.c and several 
other files.  Fix up whitespace while we're at it.

svn path=/trunk/; revision=16255
This commit is contained in:
Gerald Combs 2005-10-17 18:56:27 +00:00
parent e8065e3fde
commit 93b99abf30
5 changed files with 282 additions and 282 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
epan/dissectors/packet-aoe.c
View File

@ -54,8 +54,8 @@ static int hf_aoe_response_in=-1;
static int hf_aoe_response_to=-1;
static int hf_aoe_time=-1;
static gint ett_aoe = -1;
static gint ett_aoe_flags = -1;
static gint ett_aoe = -1;
static gint ett_aoe_flags = -1;
#define AOE_FLAGS_RESPONSE 0x08
#define AOE_FLAGS_ERROR 0x04
@ -179,8 +179,8 @@ typedef struct ata_info_t {
nstime_t req_time;
guint8 cmd;
} ata_info_t;
static GHashTable *ata_cmd_unmatched;
static GHashTable *ata_cmd_matched;
static GHashTable *ata_cmd_unmatched = NULL;
static GHashTable *ata_cmd_matched = NULL;
static guint
ata_cmd_hash_matched(gconstpointer k)
@ -354,8 +354,8 @@ dissect_aoe_v1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_item_append_text(flags_item,(flags&AOE_FLAGS_RESPONSE)?" Response":" Request");
if(flags&AOE_FLAGS_ERROR){
proto_item_append_text(flags_item, " Error");
}
}
}
}
/* error */
@ -407,7 +407,7 @@ dissect_aoe(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
if (parent_tree) {
item = proto_tree_add_item(parent_tree, proto_aoe, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_aoe);
}
}
version=tvb_get_guint8(tvb, 0)>>4;
proto_tree_add_uint(tree, hf_aoe_version, tvb, 0, 1, version);
@ -441,38 +441,38 @@ proto_register_aoe(void)
static hf_register_info hf[] = {
{ &hf_aoe_cmd,
{ "Command", "aoe.cmd", FT_UINT8, BASE_DEC, VALS(cmd_vals), 0x0,
{ "Command", "aoe.cmd", FT_UINT8, BASE_DEC, VALS(cmd_vals), 0x0,
"AOE Command", HFILL}},
{ &hf_aoe_version,
{ "Version", "aoe.version", FT_UINT8, BASE_DEC, NULL, 0x0,
{ "Version", "aoe.version", FT_UINT8, BASE_DEC, NULL, 0x0,
"Version of the AOE protocol", HFILL}},
{ &hf_aoe_error,
{ "Error", "aoe.error", FT_UINT8, BASE_DEC, VALS(error_vals), 0x0,
{ "Error", "aoe.error", FT_UINT8, BASE_DEC, VALS(error_vals), 0x0,
"Error code", HFILL}},
{ &hf_aoe_err_feature,
{ "Err/Feature", "aoe.err_feature", FT_UINT8, BASE_HEX, NULL, 0x0,
{ "Err/Feature", "aoe.err_feature", FT_UINT8, BASE_HEX, NULL, 0x0,
"Err/Feature", HFILL}},
{ &hf_aoe_sector_count,
{ "Sector Count", "aoe.sector_count", FT_UINT8, BASE_DEC, NULL, 0x0,
{ "Sector Count", "aoe.sector_count", FT_UINT8, BASE_DEC, NULL, 0x0,
"Sector Count", HFILL}},
{ &hf_aoe_flags_response,
{ "Response flag", "aoe.response", FT_BOOLEAN, 8, TFS(&tfs_response), AOE_FLAGS_RESPONSE, "Whether this is a response PDU or not", HFILL}},
{ &hf_aoe_flags_error,
{ "Error flag", "aoe.error", FT_BOOLEAN, 8, TFS(&tfs_error), AOE_FLAGS_ERROR, "Whether this is an error PDU or not", HFILL}},
{ &hf_aoe_major,
{ "Major", "aoe.major", FT_UINT16, BASE_HEX, NULL, 0x0,
{ "Major", "aoe.major", FT_UINT16, BASE_HEX, NULL, 0x0,
"Major address", HFILL}},
{ &hf_aoe_minor,
{ "Minor", "aoe.minor", FT_UINT8, BASE_HEX, NULL, 0x0,
{ "Minor", "aoe.minor", FT_UINT8, BASE_HEX, NULL, 0x0,
"Minor address", HFILL}},
{ &hf_aoe_acmd,
{ "ATA Cmd", "aoe.ata.cmd", FT_UINT8, BASE_HEX, VALS(ata_cmd_vals), 0x0,
{ "ATA Cmd", "aoe.ata.cmd", FT_UINT8, BASE_HEX, VALS(ata_cmd_vals), 0x0,
"ATA command opcode", HFILL}},
{ &hf_aoe_astatus,
{ "ATA Status", "aoe.ata.status", FT_UINT8, BASE_HEX, NULL, 0x0,
{ "ATA Status", "aoe.ata.status", FT_UINT8, BASE_HEX, NULL, 0x0,
"ATA status bits", HFILL}},
{ &hf_aoe_tag,
{ "Tag", "aoe.tag", FT_UINT32, BASE_HEX, NULL, 0x0,
{ "Tag", "aoe.tag", FT_UINT32, BASE_HEX, NULL, 0x0,
"Command Tag", HFILL}},
{ &hf_aoe_aflags_e,
{ "E", "aoe.aflags.e", FT_BOOLEAN, 8, TFS(&tfs_aflags_e), AOE_AFLAGS_E, "Whether this is a normal or LBA48 command", HFILL}},
@ -488,7 +488,7 @@ proto_register_aoe(void)
{ "Response In", "aoe.response_in", FT_FRAMENUM, BASE_DEC, NULL, 0x0, "The response to this packet is in this frame", HFILL }},
{ &hf_aoe_response_to,
{ "Response To", "aoe.response_to", FT_FRAMENUM, BASE_DEC, NULL, 0x0, "This is a response to the ATA command in this frame", HFILL }},
{ &hf_aoe_time,
{ &hf_aoe_time,
{ "Time from request", "aoe.time", FT_RELATIVE_TIME, BASE_NONE, NULL, 0, "Time between Request and Reply for ATA calls", HFILL }},
};
@ -496,7 +496,7 @@ proto_register_aoe(void)
&ett_aoe,
&ett_aoe_flags,
};
proto_aoe = proto_register_protocol("ATAoverEthernet", "AOE", "aoe");
proto_register_field_array(proto_aoe, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));

150
epan/dissectors/packet-dcerpc-nt.c
View File

@ -81,8 +81,8 @@ dissect_ndr_counted_string_cb(tvbuff_t *tvb, int offset,
if (di->conformant_run)
return offset;
/*
/*
struct {
short len;
short size;
@ -95,7 +95,7 @@ dissect_ndr_counted_string_cb(tvbuff_t *tvb, int offset,
hf_nt_cs_len, &len);
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
hf_nt_cs_size, &size);
hf_nt_cs_size, &size);
offset = dissect_ndr_pointer_cb(tvb, offset, pinfo, tree, drep,
dissect_ndr_wchar_cvstring, NDR_POINTER_UNIQUE,
@ -118,7 +118,7 @@ dissect_ndr_counted_string_helper(tvbuff_t *tvb, int offset,
if (add_subtree) {
item = proto_tree_add_text(
tree, tvb, offset, 0,
tree, tvb, offset, 0,
proto_registrar_get_name(hf_index));
subtree = proto_item_add_subtree(item, ett_nt_counted_string);
@ -185,12 +185,12 @@ dissect_ndr_counted_byte_array_cb(tvbuff_t *tvb, int offset,
if (di->conformant_run)
return offset;
item = proto_tree_add_text(tree, tvb, offset, 0,
item = proto_tree_add_text(tree, tvb, offset, 0,
proto_registrar_get_name(hf_index));
subtree = proto_item_add_subtree(item, ett_nt_counted_byte_array);
/*
/*
struct {
short len;
short size;
@ -203,7 +203,7 @@ dissect_ndr_counted_byte_array_cb(tvbuff_t *tvb, int offset,
hf_nt_cs_len, &len);
offset = dissect_ndr_uint16(tvb, offset, pinfo, subtree, drep,
hf_nt_cs_size, &size);
hf_nt_cs_size, &size);
offset = dissect_ndr_pointer_cb(tvb, offset, pinfo, subtree, drep,
dissect_ndr_char_cvstring, NDR_POINTER_UNIQUE,
@ -213,7 +213,7 @@ dissect_ndr_counted_byte_array_cb(tvbuff_t *tvb, int offset,
}
static void cb_byte_array_postprocess(packet_info *pinfo, proto_tree *tree _U_,
proto_item *item, tvbuff_t *tvb,
proto_item *item, tvbuff_t *tvb,
int start_offset, int end_offset,
void *callback_args)
{
@ -291,12 +291,12 @@ dissect_ndr_counted_ascii_string_cb(tvbuff_t *tvb, int offset,
if (di->conformant_run)
return offset;
item = proto_tree_add_text(tree, tvb, offset, 0,
item = proto_tree_add_text(tree, tvb, offset, 0,
proto_registrar_get_name(hf_index));
subtree = proto_item_add_subtree(item, ett_nt_counted_ascii_string);
/*
/*
struct {
short len;
short size;
@ -309,7 +309,7 @@ dissect_ndr_counted_ascii_string_cb(tvbuff_t *tvb, int offset,
hf_nt_cs_len, &len);
offset = dissect_ndr_uint16(tvb, offset, pinfo, subtree, drep,
hf_nt_cs_size, &size);
hf_nt_cs_size, &size);
offset = dissect_ndr_pointer_cb(tvb, offset, pinfo, subtree, drep,
dissect_ndr_char_cvstring, NDR_POINTER_UNIQUE,
@ -412,7 +412,7 @@ typedef struct {
pol_value *list; /* List of policy handle entries */
} pol_hash_value;
static GHashTable *pol_hash;
static GHashTable *pol_hash = NULL;
/* Hash function */
@ -536,7 +536,7 @@ static void add_pol_handle(e_ctx_hnd *policy_hnd, guint32 frame,
value->list = pol;
else
polprev->next = pol;
/*
* "polnext" points to the entry in the list before
* which we should put the new entry; if it's null,
@ -960,7 +960,7 @@ dissect_ndr_uint16s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
* Helper routines for dissecting NDR strings
*/
void cb_wstr_postprocess(packet_info *pinfo, proto_tree *tree _U_,
proto_item *item, tvbuff_t *tvb,
proto_item *item, tvbuff_t *tvb,
int start_offset, int end_offset,
void *callback_args)
{
@ -1020,14 +1020,14 @@ void cb_wstr_postprocess(packet_info *pinfo, proto_tree *tree _U_,
if (options & CB_STR_SAVE) {
dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
dcerpc_call_value *dcv = (dcerpc_call_value *)di->call_data;
/* FIXME EPHEMERAL need to get rid of the g_strdup() and later g_free() */
dcv->private_data = g_strdup(s);
}
}
void cb_str_postprocess(packet_info *pinfo, proto_tree *tree _U_,
proto_item *item, tvbuff_t *tvb,
proto_item *item, tvbuff_t *tvb,
int start_offset, int end_offset,
void *callback_args)
{
@ -1086,7 +1086,7 @@ void cb_str_postprocess(packet_info *pinfo, proto_tree *tree _U_,
if (options & CB_STR_SAVE) {
dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
dcerpc_call_value *dcv = (dcerpc_call_value *)di->call_data;
dcv->private_data = g_strdup(s);
}
}
@ -1094,14 +1094,14 @@ void cb_str_postprocess(packet_info *pinfo, proto_tree *tree _U_,
/* Dissect a pointer to a NDR string and append the string value to the
proto_item. */
int dissect_ndr_str_pointer_item(tvbuff_t *tvb, gint offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep, int type, const char *text,
int dissect_ndr_str_pointer_item(tvbuff_t *tvb, gint offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep, int type, const char *text,
int hf_index, int levels)
{
return dissect_ndr_pointer_cb(
tvb, offset, pinfo, tree, drep,
dissect_ndr_wchar_cvstring, type, text, hf_index,
tvb, offset, pinfo, tree, drep,
dissect_ndr_wchar_cvstring, type, text, hf_index,
cb_wstr_postprocess, GINT_TO_POINTER(levels + 1));
}
@ -1111,7 +1111,7 @@ static int hf_nt_count = -1;
static int hf_nt_domain_sid = -1;
int
dissect_ndr_nt_SID(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_nt_SID(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
@ -1135,7 +1135,7 @@ dissect_ndr_nt_SID(tvbuff_t *tvb, int offset, packet_info *pinfo,
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_nt_count, NULL);
offset = dissect_nt_sid(tvb, offset, tree, name, &sid_str,
offset = dissect_nt_sid(tvb, offset, tree, name, &sid_str,
hf_nt_domain_sid);
/* dcv can be null, for example when this ndr structure is embedded
@ -1164,8 +1164,8 @@ dissect_ndr_nt_SID_with_options(tvbuff_t *tvb, int offset, packet_info *pinfo, p
proto_item *item=(proto_item *)tree;
if ((options & CB_STR_COL_INFO)&&(!di->conformant_run)) {
/* kludge, ugly, but this is called twice for all
dcerpc interfaces due to how we chase pointers
/* kludge, ugly, but this is called twice for all
dcerpc interfaces due to how we chase pointers
and putting the sid twice on the summary line
looks even worse.
Real solution would be to block updates to col_info
@ -1199,7 +1199,7 @@ dissect_ndr_nt_SID_with_options(tvbuff_t *tvb, int offset, packet_info *pinfo, p
}
static int
dissect_ndr_nt_SID_hf_through_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_nt_SID_hf_through_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
offset = dissect_ndr_nt_SID(tvb, offset, pinfo, tree, drep);
@ -1517,17 +1517,17 @@ void dcerpc_smb_init(int proto_dcerpc)
{ &hf_nt_cs_size,
{ "Size", "nt.str.size", FT_UINT16, BASE_DEC,
NULL, 0x0, "Size of string in short integers",
NULL, 0x0, "Size of string in short integers",
HFILL }},
{ &hf_nt_cs_len,
{ "Length", "nt.str.len", FT_UINT16, BASE_DEC,
NULL, 0x0, "Length of string in short integers",
NULL, 0x0, "Length of string in short integers",
HFILL }},
/* GUIDs */
{ &hf_nt_guid,
{ "GUID", "nt.guid", FT_STRING, BASE_NONE,
{ "GUID", "nt.guid", FT_STRING, BASE_NONE,
NULL, 0x0, "GUID (uuid for groups?)", HFILL }},
/* Policy handles */
@ -1548,90 +1548,90 @@ void dcerpc_smb_init(int proto_dcerpc)
{ "Acct Ctrl", "nt.acct_ctrl", FT_UINT32, BASE_HEX,
NULL, 0x0, "Acct CTRL", HFILL }},
{ &hf_nt_acb_disabled,
{ "", "nt.acb.disabled", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_disabled), 0x0001,
{ &hf_nt_acb_disabled,
{ "", "nt.acb.disabled", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_disabled), 0x0001,
"If this account is enabled or disabled", HFILL }},
{ &hf_nt_acb_homedirreq,
{ &hf_nt_acb_homedirreq,
{ "", "nt.acb.homedirreq", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_homedirreq), 0x0002,
TFS(&tfs_nt_acb_homedirreq), 0x0002,
"Is hom,edirs required for this account?", HFILL }},
{ &hf_nt_acb_pwnotreq,
{ "", "nt.acb.pwnotreq", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_pwnotreq), 0x0004,
{ &hf_nt_acb_pwnotreq,
{ "", "nt.acb.pwnotreq", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_pwnotreq), 0x0004,
"If a password is required for this account?", HFILL }},
{ &hf_nt_acb_tempdup,
{ "", "nt.acb.tempdup", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_tempdup), 0x0008,
{ &hf_nt_acb_tempdup,
{ "", "nt.acb.tempdup", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_tempdup), 0x0008,
"If this is a temporary duplicate account", HFILL }},
{ &hf_nt_acb_normal,
{ "", "nt.acb.normal", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_normal), 0x0010,
{ &hf_nt_acb_normal,
{ "", "nt.acb.normal", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_normal), 0x0010,
"If this is a normal user account", HFILL }},
{ &hf_nt_acb_mns,
{ &hf_nt_acb_mns,
{ "", "nt.acb.mns", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_mns), 0x0020,
TFS(&tfs_nt_acb_mns), 0x0020,
"MNS logon user account", HFILL }},
{ &hf_nt_acb_domtrust,
{ &hf_nt_acb_domtrust,
{ "", "nt.acb.domtrust", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_domtrust), 0x0040,
TFS(&tfs_nt_acb_domtrust), 0x0040,
"Interdomain trust account", HFILL }},
{ &hf_nt_acb_wstrust,
{ &hf_nt_acb_wstrust,
{ "", "nt.acb.wstrust", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_wstrust), 0x0080,
TFS(&tfs_nt_acb_wstrust), 0x0080,
"Workstation trust account", HFILL }},
{ &hf_nt_acb_svrtrust,
{ &hf_nt_acb_svrtrust,
{ "", "nt.acb.svrtrust", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_svrtrust), 0x0100,
TFS(&tfs_nt_acb_svrtrust), 0x0100,
"Server trust account", HFILL }},
{ &hf_nt_acb_pwnoexp,
{ &hf_nt_acb_pwnoexp,
{ "", "nt.acb.pwnoexp", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_pwnoexp), 0x0200,
TFS(&tfs_nt_acb_pwnoexp), 0x0200,
"If this account expires or not", HFILL }},
{ &hf_nt_acb_autolock,
{ &hf_nt_acb_autolock,
{ "", "nt.acb.autolock", FT_BOOLEAN, 32,
TFS(&tfs_nt_acb_autolock), 0x0400,
TFS(&tfs_nt_acb_autolock), 0x0400,
"If this account has been autolocked", HFILL }},
/* SIDs */
{ &hf_nt_domain_sid,
{ "Domain SID", "nt.domain_sid",
FT_STRING, BASE_NONE, NULL, 0x0,
{ "Domain SID", "nt.domain_sid",
FT_STRING, BASE_NONE, NULL, 0x0,
"The Domain SID", HFILL }},
{ &hf_nt_count,
{ "Count", "nt.count",
FT_UINT32, BASE_DEC, NULL, 0x0,
{ "Count", "nt.count",
FT_UINT32, BASE_DEC, NULL, 0x0,
"Number of elements in following array", HFILL }},
/* Logon hours */
{ &hf_logonhours_divisions,
{ "Divisions", "logonhours.divisions",
FT_UINT16, BASE_DEC, NULL, 0,
{ &hf_logonhours_divisions,
{ "Divisions", "logonhours.divisions",
FT_UINT16, BASE_DEC, NULL, 0,
"Number of divisions for LOGON_HOURS", HFILL }},
{ &hf_logonhours_unknown_char,
{ "Unknown char", "nt.unknown.char",
FT_UINT8, BASE_HEX, NULL, 0x0,
{ &hf_logonhours_unknown_char,
{ "Unknown char", "nt.unknown.char",
FT_UINT8, BASE_HEX, NULL, 0x0,
"Unknown char. If you know what this is, contact "
"ethereal developers.", HFILL }},
/* Misc */
{ &hf_nt_attrib,
{ "Attributes", "nt.attr",
{ &hf_nt_attrib,
{ "Attributes", "nt.attr",
FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }},
};
@ -1657,5 +1657,5 @@ void dcerpc_smb_init(int proto_dcerpc)
/* Initialise policy handle hash */
init_pol_hash();
register_init_routine(&init_pol_hash);
}

272
epan/dissectors/packet-dcerpc.c
View File

@ -113,7 +113,7 @@ static const value_string authn_protocol_vals[] = {
{ DCE_C_RPC_AUTHN_PROTOCOL_NTLMSSP, "NTLMSSP" },
{ DCE_C_RPC_AUTHN_PROTOCOL_GSS_SCHANNEL, "SCHANNEL SSP" },
{ DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS, "Kerberos SSP" },
{ DCE_C_RPC_AUTHN_PROTOCOL_DPA,
{ DCE_C_RPC_AUTHN_PROTOCOL_DPA,
"Distributed Password Authentication SSP"},
{ DCE_C_RPC_AUTHN_PROTOCOL_MSN, "MSN SSP"},
{ DCE_C_RPC_AUTHN_PROTOCOL_DIGEST, "Digest SSP"},
@ -294,8 +294,8 @@ static const value_string reject_status_vals[] = {
{ 0x1c010014, "nca_server_too_busy" },
{ 0x1c010017, "nca_unsupported_type" },
/* MS Windows specific values
* see: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/system_error_codes__1700-3999_.asp
* and: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/common_hresult_values.asp
* see: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/system_error_codes__1700-3999_.asp
* and: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/common_hresult_values.asp
* and: http://www.megos.ch/support/doserrors.txt
*
* XXX - we might need a way to dynamically add entries here, as higher layer protocols use these values too,
@ -486,7 +486,7 @@ int ResolveWin32UUID(e_uuid_t if_id, char *UUID_NAME, int UUID_NAME_MAX_LEN)
HKEY hKey = NULL;
DWORD UUID_MAX_SIZE = MAX_PATH;
char REG_UUID_STR[MAX_PATH];
if(UUID_NAME_MAX_LEN < 2)
return 0;
REG_UUID_NAME[0] = '\0';
@ -507,7 +507,7 @@ int ResolveWin32UUID(e_uuid_t if_id, char *UUID_NAME, int UUID_NAME_MAX_LEN)
RegCloseKey(hKey);
}
return 0; /* we didn't find anything anyhow. Please don't use the string! */
}
#endif
@ -571,7 +571,7 @@ static dcerpc_auth_subdissector_fns *get_auth_subdissector_fns(
for (i = 0; (data = g_slist_nth_data(dcerpc_auth_subdissector_list, i)); i++) {
dcerpc_auth_subdissector *asd = (dcerpc_auth_subdissector *)data;
if (asd->auth_level == auth_level &&
if (asd->auth_level == auth_level &&
asd->auth_type == auth_type)
return &asd->auth_fns;
}
@ -599,9 +599,9 @@ void register_dcerpc_auth_subdissector(guint8 auth_level, guint8 auth_type,
/* Hand off verifier data to a registered dissector */
static void dissect_auth_verf(tvbuff_t *auth_tvb, packet_info *pinfo,
proto_tree *tree,
proto_tree *tree,
dcerpc_auth_subdissector_fns *auth_fns,
e_dce_cn_common_hdr_t *hdr,
e_dce_cn_common_hdr_t *hdr,
dcerpc_auth_info *auth_info)
{
dcerpc_dissect_fnct_t *volatile fn = NULL;
@ -625,7 +625,7 @@ static void dissect_auth_verf(tvbuff_t *auth_tvb, packet_info *pinfo,
fn = auth_fns->resp_verf_fn;
break;
/* Don't know how to handle authentication data in this
/* Don't know how to handle authentication data in this
pdu type. */
default:
@ -639,8 +639,8 @@ static void dissect_auth_verf(tvbuff_t *auth_tvb, packet_info *pinfo,
else {
tvb_ensure_bytes_exist(auth_tvb, 0, hdr->auth_len);
proto_tree_add_text(tree, auth_tvb, 0, hdr->auth_len,
"%s Verifier",
val_to_str(auth_info->auth_type,
"%s Verifier",
val_to_str(auth_info->auth_type,
authn_protocol_vals,
"Unknown (%u)"));
}
@ -648,11 +648,11 @@ static void dissect_auth_verf(tvbuff_t *auth_tvb, packet_info *pinfo,
/* Hand off payload data to a registered dissector */
static tvbuff_t *decode_encrypted_data(tvbuff_t *data_tvb,
static tvbuff_t *decode_encrypted_data(tvbuff_t *data_tvb,
tvbuff_t *auth_tvb,
packet_info *pinfo,
dcerpc_auth_subdissector_fns *auth_fns,
gboolean is_request,
gboolean is_request,
dcerpc_auth_info *auth_info)
{
dcerpc_decode_data_fnct_t *fn;
@ -1060,7 +1060,7 @@ dissect_dcerpc_uint64 (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
int
dissect_dcerpc_float(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
proto_tree *tree, guint8 *drep,
proto_tree *tree, guint8 *drep,
int hfindex, gfloat *pdata)
{
gfloat data;
@ -1094,7 +1094,7 @@ dissect_dcerpc_float(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
int
dissect_dcerpc_double(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
proto_tree *tree, guint8 *drep,
proto_tree *tree, guint8 *drep,
int hfindex, gdouble *pdata)
{
gdouble data;
@ -1351,7 +1351,7 @@ dissect_ndr_uvarray(tvbuff_t *tvb, gint offset, packet_info *pinfo,
that are conformant and varying - they're stored like conformant
varying arrays of bytes. */
int
dissect_ndr_byte_array(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_byte_array(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
dcerpc_info *di;
@ -1394,7 +1394,7 @@ dissect_ndr_byte_array(tvbuff_t *tvb, int offset, packet_info *pinfo,
XXX - does this need to do all the conformant array stuff that
"dissect_ndr_ucvarray()" does? */
int
dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep, int size_is,
int hfindex, gboolean add_subtree, char **data)
{
@ -1479,7 +1479,7 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
*data = s;
else
g_free(s);
offset += buffer_len;
proto_item_set_end(string_item, tvb, offset);
@ -1497,7 +1497,7 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
such as C. Is this ever used for purely counted strings?
(Not that it matters if it is.) */
int
dissect_ndr_char_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_char_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
dcerpc_info *di;
@ -1518,7 +1518,7 @@ dissect_ndr_char_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
such as C. Is this ever used for purely counted strings?
(Not that it matters if it is.) */
int
dissect_ndr_wchar_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_wchar_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
dcerpc_info *di;
@ -1534,7 +1534,7 @@ dissect_ndr_wchar_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
the elements are assumed to be characters or wide characters.
*/
int
dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep, int size_is,
int hfindex, gboolean add_subtree, char **data)
{
@ -1615,7 +1615,7 @@ dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
*data = s;
else
g_free(s);
offset += buffer_len;
proto_item_set_end(string_item, tvb, offset);
@ -1632,7 +1632,7 @@ dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
such as C. Is this ever used for purely counted strings?
(Not that it matters if it is.) */
int
dissect_ndr_char_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_char_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
dcerpc_info *di;
@ -1653,7 +1653,7 @@ dissect_ndr_char_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
such as C. Is this ever used for purely counted strings?
(Not that it matters if it is.) */
int
dissect_ndr_wchar_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
dissect_ndr_wchar_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep)
{
dcerpc_info *di;
@ -1808,7 +1808,7 @@ dissect_deferred_pointers(packet_info *pinfo, tvbuff_t *tvb, int offset, guint8
static void
add_pointer_to_list(packet_info *pinfo, proto_tree *tree, proto_item *item,
dcerpc_dissect_fnct_t *fnct, guint32 id, int hf_index,
dcerpc_dissect_fnct_t *fnct, guint32 id, int hf_index,
dcerpc_callback_fnct_t *callback, void *callback_args)
{
ndr_pointer_data_t *npd;
@ -1898,7 +1898,7 @@ find_pointer_index(guint32 id)
int
dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep, dcerpc_dissect_fnct_t *fnct,
int type, const char *text, int hf_index,
int type, const char *text, int hf_index,
dcerpc_callback_fnct_t *callback, void *callback_args)
{
dcerpc_info *di;
@ -1924,7 +1924,7 @@ dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"%s", text);
tr=proto_item_add_subtree(item,ett_dcerpc_pointer_data);
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
hf_index, callback, callback_args);
goto after_ref_id;
}
@ -1962,7 +1962,7 @@ dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"%s", text);
tr=proto_item_add_subtree(item,ett_dcerpc_pointer_data);
proto_tree_add_uint(tr, hf_dcerpc_referent_id, tvb, offset-4, 4, id);
add_pointer_to_list(pinfo, tr, item, fnct, id, hf_index,
add_pointer_to_list(pinfo, tr, item, fnct, id, hf_index,
callback, callback_args);
goto after_ref_id;
}
@ -1988,7 +1988,7 @@ dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"%s", text);
tr=proto_item_add_subtree(item,ett_dcerpc_pointer_data);
proto_tree_add_uint(tr, hf_dcerpc_referent_id, tvb, offset-4, 4, id);
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
hf_index, callback, callback_args);
goto after_ref_id;
}
@ -2008,7 +2008,7 @@ dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"%s",text);
tr=proto_item_add_subtree(item,ett_dcerpc_pointer_data);
proto_tree_add_uint(tr, hf_dcerpc_referent_id, tvb, offset-4, 4, id);
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
hf_index, callback, callback_args);
goto after_ref_id;
}
@ -2035,7 +2035,7 @@ dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"%s",text);
tr=proto_item_add_subtree(item,ett_dcerpc_pointer_data);
proto_tree_add_uint(tr, hf_dcerpc_referent_id, tvb, offset-4, 4, id);
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
add_pointer_to_list(pinfo, tr, item, fnct, 0xffffffff,
hf_index, callback, callback_args);
goto after_ref_id;
}
@ -2073,7 +2073,7 @@ dissect_ndr_pointer_cb(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"%s", text);
tr=proto_item_add_subtree(item,ett_dcerpc_pointer_data);
proto_tree_add_uint(tr, hf_dcerpc_referent_id, tvb, offset-4, 4, id);
add_pointer_to_list(pinfo, tr, item, fnct, id, hf_index,
add_pointer_to_list(pinfo, tr, item, fnct, id, hf_index,
callback, callback_args);
goto after_ref_id;
}
@ -2298,7 +2298,7 @@ else
name, info->call_data->opnum);
}
sub_dissect = (info->ptype == PDU_REQ) ?
sub_dissect = (info->ptype == PDU_REQ) ?
proc->dissect_rqst : proc->dissect_resp;
if (decrypted_tvb != NULL) {
@ -2310,7 +2310,7 @@ else
saved_private_data = pinfo->private_data;
pinfo->current_proto = sub_proto->name;
pinfo->private_data = (void *)info;
init_ndr_pointer_list(pinfo);
/*
@ -2420,7 +2420,7 @@ else
}
static int
dissect_dcerpc_verifier (tvbuff_t *tvb, packet_info *pinfo,
dissect_dcerpc_verifier (tvbuff_t *tvb, packet_info *pinfo,
proto_tree *dcerpc_tree, e_dce_cn_common_hdr_t *hdr,
dcerpc_auth_info *auth_info)
{
@ -2469,14 +2469,14 @@ dissect_dcerpc_cn_auth (tvbuff_t *tvb, int stub_offset, packet_info *pinfo,
volatile int offset;
/*
* Initially set auth_level and auth_type to zero to indicate that we
* Initially set auth_level and auth_type to zero to indicate that we
* haven't yet seen any authentication level information.
*/
auth_info->auth_level = 0;
auth_info->auth_type = 0;
auth_info->auth_size = 0;
auth_info->auth_pad_len = 0;
/*
* The authentication information is at the *end* of the PDU; in
* request and response PDUs, the request and response stub data
@ -2513,14 +2513,14 @@ dissect_dcerpc_cn_auth (tvbuff_t *tvb, int stub_offset, packet_info *pinfo,
*/
TRY {
offset = dissect_dcerpc_uint8 (tvb, offset, pinfo, dcerpc_tree, hdr->drep,
hf_dcerpc_auth_type,
hf_dcerpc_auth_type,
&auth_info->auth_type);
offset = dissect_dcerpc_uint8 (tvb, offset, pinfo, dcerpc_tree, hdr->drep,
hf_dcerpc_auth_level,
hf_dcerpc_auth_level,
&auth_info->auth_level);
offset = dissect_dcerpc_uint8 (tvb, offset, pinfo, dcerpc_tree, hdr->drep,
hf_dcerpc_auth_pad_len,
hf_dcerpc_auth_pad_len,
&auth_info->auth_pad_len);
offset = dissect_dcerpc_uint8 (tvb, offset, pinfo, dcerpc_tree, hdr->drep,
hf_dcerpc_auth_rsrvd, NULL);
@ -2534,20 +2534,20 @@ dissect_dcerpc_cn_auth (tvbuff_t *tvb, int stub_offset, packet_info *pinfo,
tvbuff_t *auth_tvb;
dcerpc_auth_subdissector_fns *auth_fns;
auth_tvb = tvb_new_subset(tvb, offset,
MIN(hdr->auth_len,tvb_length_remaining(tvb, offset)),
auth_tvb = tvb_new_subset(tvb, offset,
MIN(hdr->auth_len,tvb_length_remaining(tvb, offset)),
hdr->auth_len);
if ((auth_fns = get_auth_subdissector_fns(auth_info->auth_level,
auth_info->auth_type)))
dissect_auth_verf(auth_tvb, pinfo, dcerpc_tree, auth_fns,
dissect_auth_verf(auth_tvb, pinfo, dcerpc_tree, auth_fns,
hdr, auth_info);
else
proto_tree_add_text (dcerpc_tree, tvb, offset, hdr->auth_len,
"Auth Credentials");
}
/* Compute the size of the auth block. Note that this should not
/* Compute the size of the auth block. Note that this should not
include auth padding, since when NTLMSSP encryption is used, the
padding is actually inside the encrypted stub */
auth_info->auth_size = hdr->auth_len + 8;
@ -2561,7 +2561,7 @@ dissect_dcerpc_cn_auth (tvbuff_t *tvb, int stub_offset, packet_info *pinfo,
/* We need to hash in the SMB fid number to generate a unique hash table
* key as DCERPC over SMB allows several pipes over the same TCP/IP
* socket.
* socket.
* We pass this function the transport type here to make sure we only look
* at this function if it came across an SMB pipe.
* Other transports might need to mix in their own extra multiplexing data
@ -2585,7 +2585,7 @@ guint16 dcerpc_get_transport_salt (packet_info *pinfo)
*/
static void
dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *dcerpc_tree, e_dce_cn_common_hdr_t *hdr)
{
conversation_t *conv = NULL;
@ -2599,7 +2599,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
e_uuid_t trans_id;
guint32 trans_ver;
guint16 if_ver, if_ver_minor;
char uuid_str[DCERPC_UUID_STR_LEN];
char uuid_str[DCERPC_UUID_STR_LEN];
int uuid_str_len;
dcerpc_auth_info auth_info;
#ifdef _WIN32
@ -2636,7 +2636,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_item *ctx_item;
ctx_item = proto_tree_add_item(dcerpc_tree, hf_dcerpc_cn_ctx_id,
tvb, offset - 2, 2,
tvb, offset - 2, 2,
hdr->drep[0] & 0x10);
ctx_tree = proto_item_add_subtree(ctx_item, ett_dcerpc_cn_ctx);
@ -2653,7 +2653,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
if (ctx_tree) {
proto_item *iface_item;
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
if_id.Data1, if_id.Data2, if_id.Data3,
if_id.Data4[0], if_id.Data4[1],
@ -2732,7 +2732,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
if (num_ctx_items > 1)
col_append_fstr(pinfo->cinfo, COL_INFO, ", %u context items, 1st", num_ctx_items);
if ((value = g_hash_table_lookup(dcerpc_uuids, &key)))
col_append_fstr(pinfo->cinfo, COL_INFO, " UUID: %s", value->name);
else
@ -2762,7 +2762,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* XXX - use "dissect_ndr_uuid_t()"? */
dcerpc_tvb_get_uuid (tvb, offset, hdr->drep, &trans_id);
if (iface_tree) {
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
trans_id.Data1, trans_id.Data2, trans_id.Data3,
trans_id.Data4[0], trans_id.Data4[1],
@ -2790,7 +2790,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
}
static void
dissect_dcerpc_cn_bind_ack (tvbuff_t *tvb, gint offset, packet_info *pinfo,
dissect_dcerpc_cn_bind_ack (tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *dcerpc_tree, e_dce_cn_common_hdr_t *hdr)
{
guint16 max_xmit, max_recv;
@ -2801,7 +2801,7 @@ dissect_dcerpc_cn_bind_ack (tvbuff_t *tvb, gint offset, packet_info *pinfo,
guint16 reason;
e_uuid_t trans_id;
guint32 trans_ver;
char uuid_str[DCERPC_UUID_STR_LEN];
char uuid_str[DCERPC_UUID_STR_LEN];
int uuid_str_len;
dcerpc_auth_info auth_info;
@ -2860,7 +2860,7 @@ dissect_dcerpc_cn_bind_ack (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* XXX - use "dissect_ndr_uuid_t()"? */
dcerpc_tvb_get_uuid (tvb, offset, hdr->drep, &trans_id);
if (ctx_tree) {
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
trans_id.Data1, trans_id.Data2, trans_id.Data3,
trans_id.Data4[0], trans_id.Data4[1],
@ -2902,7 +2902,7 @@ dissect_dcerpc_cn_bind_ack (tvbuff_t *tvb, gint offset, packet_info *pinfo,
}
static void
dissect_dcerpc_cn_bind_nak (tvbuff_t *tvb, gint offset, packet_info *pinfo,
dissect_dcerpc_cn_bind_nak (tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *dcerpc_tree, e_dce_cn_common_hdr_t *hdr)
{
guint16 reason;
@ -3013,7 +3013,7 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
* encrypted; attempt to decrypt it.
*/
dcerpc_auth_subdissector_fns *auth_fns;
/* Start out assuming we won't succeed in decrypting. */
decrypted_tvb = NULL;
@ -3023,8 +3023,8 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
result = decode_encrypted_data(
payload_tvb, auth_tvb, pinfo, auth_fns,
hdr->ptype == PDU_REQ, auth_info);
hdr->ptype == PDU_REQ, auth_info);
if (result) {
if (dcerpc_tree)
proto_tree_add_text(
@ -3036,7 +3036,7 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
add_new_data_source(
pinfo, result, "Decrypted stub data");
/* We succeeded. */
decrypted_tvb = result;
}
@ -3051,7 +3051,7 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
dcerpc_try_handoff(
pinfo, tree, dcerpc_tree, payload_tvb, decrypted_tvb,
hdr->drep, di, auth_info);
pinfo->fragmented = save_fragmented;
return;
}
@ -3061,7 +3061,7 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
/* debug output of essential fragment data. */
/* leave it here for future debugging sessions */
/*printf("DCE num:%u offset:%u frag_len:%u tvb_len:%u\n",
/*printf("DCE num:%u offset:%u frag_len:%u tvb_len:%u\n",
pinfo->fd->num, offset, hdr->frag_len, tvb_length(decrypted_tvb));*/
/* if we are not doing reassembly and this is the first fragment
@ -3074,12 +3074,12 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
dcerpc_try_handoff(
pinfo, tree, dcerpc_tree, payload_tvb, decrypted_tvb,
hdr->drep, di, auth_info);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO,
" [DCE/RPC %s fragment]", fragment_type(hdr->flags));
}
expert_add_info_format(pinfo, NULL, PI_REASSEMBLE, PI_CHAT,
expert_add_info_format(pinfo, NULL, PI_REASSEMBLE, PI_CHAT,
"%s fragment", fragment_type(hdr->flags));
pinfo->fragmented = save_fragmented;
return;
@ -3087,7 +3087,7 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
/* if we have already seen this packet, see if it was reassembled
and if so dissect the full pdu.
then exit
then exit
*/
if(pinfo->fd->flags.visited){
fd_head=fragment_get_reassembled(pinfo, frame, dcerpc_co_reassemble_table);
@ -3102,12 +3102,12 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
goto end_cn_stub;
/* if we didnt get 'frame' we dont know where the PDU started and thus
it is pointless to continue
it is pointless to continue
*/
if(!frame)
goto end_cn_stub;
/* from now on we must attempt to reassemble the PDU
/* from now on we must attempt to reassemble the PDU
*/
/* if we get here we know it is the first time we see the packet
@ -3121,10 +3121,10 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
goto end_cn_stub;
}
/* defragmentation is a bit tricky, as there's no offset of the fragment
/* defragmentation is a bit tricky, as there's no offset of the fragment
* in the protocol data.
*
* just use fragment_add_seq_next() and hope that TCP/SMB segments coming
* just use fragment_add_seq_next() and hope that TCP/SMB segments coming
* in with the correct sequence.
*/
fd_head = fragment_add_seq_next(decrypted_tvb, 0, pinfo, frame,
@ -3134,7 +3134,7 @@ dissect_dcerpc_cn_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
end_cn_stub:
/* if reassembly is complete and this is the last fragment
/* if reassembly is complete and this is the last fragment
* (multiple fragments in one PDU are possible!)
* dissect the full PDU
*/
@ -3158,8 +3158,8 @@ end_cn_stub:
pinfo->fragmented = FALSE;
expert_add_info_format(pinfo, frag_tree_item, PI_REASSEMBLE, PI_CHAT,
"%s fragment, %u bytes reassembled here in #%u",
expert_add_info_format(pinfo, frag_tree_item, PI_REASSEMBLE, PI_CHAT,
"%s fragment, %u bytes reassembled here in #%u",
fragment_type(hdr->flags), fd_head->len, fd_head->reassembled_in);
dcerpc_try_handoff (pinfo, tree, dcerpc_tree, next_tvb,
@ -3177,7 +3177,7 @@ end_cn_stub:
col_append_fstr(pinfo->cinfo, COL_INFO,
" [DCE/RPC %s fragment, reas: #%u]", fragment_type(hdr->flags), fd_head->reassembled_in);
}
expert_add_info_format(pinfo, NULL, PI_REASSEMBLE, PI_CHAT,
expert_add_info_format(pinfo, NULL, PI_REASSEMBLE, PI_CHAT,
"%s fragment, reassembled in #%u", fragment_type(hdr->flags), fd_head->reassembled_in);
}
} else {
@ -3187,7 +3187,7 @@ end_cn_stub:
col_append_fstr(pinfo->cinfo, COL_INFO,
" [DCE/RPC %s fragment]", fragment_type(hdr->flags));
}
expert_add_info_format(pinfo, NULL, PI_REASSEMBLE, PI_CHAT,
expert_add_info_format(pinfo, NULL, PI_REASSEMBLE, PI_CHAT,
"%s fragment", fragment_type(hdr->flags));
if(decrypted_tvb){
@ -3204,9 +3204,9 @@ end_cn_stub:
* Registers a conversation/UUID binding association, so that
* we can invoke the proper sub-dissector for a given DCERPC
* conversation.
*
*
* @param binding all values needed to create and bind a new conversation
*
*
* @return Pointer to newly-added UUID/conversation binding.
*/
struct _dcerpc_bind_value *
@ -3217,25 +3217,25 @@ dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding)
conversation_t *conv;
conv = find_conversation (
0,
&binding->addr_a,
&binding->addr_b,
binding->ptype,
binding->port_a,
binding->port_b,
0,
&binding->addr_a,
&binding->addr_b,
binding->ptype,
binding->port_a,
binding->port_b,
0);
if (!conv) {
conv = conversation_new (
0,
&binding->addr_a,
&binding->addr_b,
binding->ptype,
binding->port_a,
binding->port_b,
0,
&binding->addr_a,
&binding->addr_b,
binding->ptype,
binding->port_a,
binding->port_b,
0);
}
bind_value = se_alloc (sizeof (dcerpc_bind_value));
bind_value->uuid = binding->uuid;
bind_value->ver = binding->ver;
@ -3244,7 +3244,7 @@ dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding)
key->conv = conv;
key->ctx_id = binding->ctx_id;
key->smb_fid = binding->smb_fid;
/* add this entry to the bind table, first removing any
previous ones that are identical
*/
@ -3258,7 +3258,7 @@ dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding)
}
static void
dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *dcerpc_tree, proto_tree *tree,
e_dce_cn_common_hdr_t *hdr)
{
@ -3268,7 +3268,7 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
e_uuid_t obj_id;
dcerpc_auth_info auth_info;
guint32 alloc_hint;
char uuid_str[DCERPC_UUID_STR_LEN];
char uuid_str[DCERPC_UUID_STR_LEN];
int uuid_str_len;
proto_item *pi;
proto_item *parent_pi;
@ -3298,7 +3298,7 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* XXX - use "dissect_ndr_uuid_t()"? */
dcerpc_tvb_get_uuid (tvb, offset, hdr->drep, &obj_id);
if (dcerpc_tree) {
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
obj_id.Data1, obj_id.Data2, obj_id.Data3,
obj_id.Data4[0],
@ -3365,9 +3365,9 @@ dissect_dcerpc_cn_rqst (tvbuff_t *tvb, gint offset, packet_info *pinfo,
dcerpc_cn_call_key *call_key;
dcerpc_call_value *call_value;
/* We found the binding and it is the first fragment
(or a complete PDU) of a dcerpc pdu so just add
the call to both the call table and the
/* We found the binding and it is the first fragment
(or a complete PDU) of a dcerpc pdu so just add
the call to both the call table and the
matched table
*/
call_key=se_alloc (sizeof (dcerpc_cn_call_key));
@ -3671,7 +3671,7 @@ dissect_dcerpc_cn_fault (tvbuff_t *tvb, gint offset, packet_info *pinfo,
length = tvb_length_remaining(tvb, offset);
reported_length = tvb_reported_length_remaining(tvb, offset);
/* as we now create a tvb in dissect_dcerpc_cn() containing only the
/* as we now create a tvb in dissect_dcerpc_cn() containing only the
* stub_data, the following calculation is no longer valid:
* stub_length = hdr->frag_len - offset - auth_info.auth_size;
* simply use the remaining length of the tvb instead.
@ -3887,7 +3887,7 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
if(pinfo->dcectxid == 0) {
col_append_fstr (pinfo->cinfo, COL_DCE_CALL, "%u", hdr.call_id);
} else {
/* this is not the first DCE-RPC request/response in this (TCP?-)PDU,
/* this is not the first DCE-RPC request/response in this (TCP?-)PDU,
* prepend a delimiter */
col_append_fstr (pinfo->cinfo, COL_DCE_CALL, "#%u", hdr.call_id);
}
@ -3906,7 +3906,7 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
if (check_col (pinfo->cinfo, COL_INFO)) {
if(pinfo->dcectxid != 0) {
/* this is not the first DCE-RPC request/response in this (TCP?-)PDU,
/* this is not the first DCE-RPC request/response in this (TCP?-)PDU,
* append a delimiter and set a column fence */
col_append_str (pinfo->cinfo, COL_INFO, " # ");
col_set_fence(pinfo->cinfo,COL_INFO);
@ -3935,7 +3935,7 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
tf = proto_tree_add_uint (dcerpc_tree, hf_dcerpc_packet_type, tvb, offset, 1, hdr.ptype);
offset++;
/* XXX - too much "output noise", removed for now
if(hdr.ptype == PDU_BIND || hdr.ptype == PDU_ALTER ||
hdr.ptype == PDU_BIND_ACK || hdr.ptype == PDU_ALTER_ACK)
@ -4014,13 +4014,13 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
/* The remaining bytes in the current tvb might contain multiple
* DCE/RPC fragments, so create a new tvb subset for this fragment.
* Only limit the end of the fragment, but not the offset start,
* as the authentication function dissect_dcerpc_cn_auth() will fail
* (and other functions might fail as well) computing the right start
* Only limit the end of the fragment, but not the offset start,
* as the authentication function dissect_dcerpc_cn_auth() will fail
* (and other functions might fail as well) computing the right start
* offset otherwise.
*/
fragment_tvb = tvb_new_subset(tvb, 0,
MIN((hdr.frag_len + (guint) start_offset), tvb_length(tvb)) /* length */,
fragment_tvb = tvb_new_subset(tvb, 0,
MIN((hdr.frag_len + (guint) start_offset), tvb_length(tvb)) /* length */,
hdr.frag_len + start_offset /* reported_length */);
/*
@ -4041,7 +4041,7 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
/*
* Nothing after the common header other than credentials.
*/
dissect_dcerpc_cn_auth (fragment_tvb, offset, pinfo, dcerpc_tree, &hdr, TRUE,
dissect_dcerpc_cn_auth (fragment_tvb, offset, pinfo, dcerpc_tree, &hdr, TRUE,
&auth_info);
break;
@ -4067,7 +4067,7 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
* Nothing after the common header other than an authentication
* verifier.
*/
dissect_dcerpc_cn_auth (fragment_tvb, offset, pinfo, dcerpc_tree, &hdr, FALSE,
dissect_dcerpc_cn_auth (fragment_tvb, offset, pinfo, dcerpc_tree, &hdr, FALSE,
&auth_info);
break;
@ -4080,7 +4080,7 @@ dissect_dcerpc_cn (tvbuff_t *tvb, int offset, packet_info *pinfo,
default:
/* might as well dissect the auth info */
dissect_dcerpc_cn_auth (fragment_tvb, offset, pinfo, dcerpc_tree, &hdr, FALSE,
dissect_dcerpc_cn_auth (fragment_tvb, offset, pinfo, dcerpc_tree, &hdr, FALSE,
&auth_info);
break;
}
@ -4178,11 +4178,11 @@ dissect_dcerpc_cn_bs_body (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/*
* Desegmentation required - bail now, but give the user a hint that desegmentation might be done later.
*/
proto_tree_add_uint_format(tree, hf_dcerpc_cn_deseg_req, tvb, offset,
0,
tvb_reported_length_remaining(tvb, offset),
"[DCE RPC: %u byte%s left, desegmentation might follow]",
tvb_reported_length_remaining(tvb, offset),
proto_tree_add_uint_format(tree, hf_dcerpc_cn_deseg_req, tvb, offset,
0,
tvb_reported_length_remaining(tvb, offset),
"[DCE RPC: %u byte%s left, desegmentation might follow]",
tvb_reported_length_remaining(tvb, offset),
plurality(tvb_reported_length_remaining(tvb, offset), "", "s"));
break;
}
@ -4397,7 +4397,7 @@ dissect_dcerpc_dg_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_item *parent_pi;
if (check_col (pinfo->cinfo, COL_INFO))
col_append_fstr (pinfo->cinfo, COL_INFO, " opnum: %u len: %u",
col_append_fstr (pinfo->cinfo, COL_INFO, " opnum: %u len: %u",
di->call_data->opnum, hdr->frag_len );
length = tvb_length_remaining (tvb, offset);
@ -4691,7 +4691,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
int offset = 0;
conversation_t *conv;
int auth_level;
char uuid_str[DCERPC_UUID_STR_LEN];
char uuid_str[DCERPC_UUID_STR_LEN];
int uuid_str_len;
/*
@ -4713,8 +4713,8 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
if (hdr.ptype > 19)
return FALSE;
/* flags1 has bit 1 and 8 as reserved so if any of them are set, it is
probably not a DCE/RPC packet
/* flags1 has bit 1 and 8 as reserved so if any of them are set, it is
probably not a DCE/RPC packet
*/
hdr.flags1 = tvb_get_guint8 (tvb, offset++);
if(hdr.flags1&0x81)
@ -4765,7 +4765,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
ti = proto_tree_add_item (tree, proto_dcerpc, tvb, 0, -1, FALSE);
if (ti) {
dcerpc_tree = proto_item_add_subtree(ti, ett_dcerpc);
proto_item_append_text(ti, " %s, Seq: %u, Serial: %u, Frag: %u, FragLen: %u",
proto_item_append_text(ti, " %s, Seq: %u, Serial: %u, Frag: %u, FragLen: %u",
val_to_str(hdr.ptype, pckt_vals, "Unknown (0x%02x)"),
hdr.seqnum, hdr.serial_hi*256+hdr.serial_lo,
hdr.frag_num, hdr.frag_len);
@ -4794,7 +4794,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree_add_boolean (dg_flags1_tree, hf_dcerpc_dg_flags1_last_frag, tvb, offset, 1, hdr.flags1);
proto_tree_add_boolean (dg_flags1_tree, hf_dcerpc_dg_flags1_rsrvd_01, tvb, offset, 1, hdr.flags1);
if(hdr.flags1) {
proto_item_append_text(tf, " %s%s%s%s%s%s",
proto_item_append_text(tf, " %s%s%s%s%s%s",
(hdr.flags1 & PFCL1_BROADCAST) ? "\"Broadcast\" " : "",
(hdr.flags1 & PFCL1_IDEMPOTENT) ? "\"Idempotent\" " : "",
(hdr.flags1 & PFCL1_MAYBE) ? "\"Maybe\" " : "",
@ -4819,7 +4819,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree_add_boolean (dg_flags2_tree, hf_dcerpc_dg_flags2_cancel_pending, tvb, offset, 1, hdr.flags2);
proto_tree_add_boolean (dg_flags2_tree, hf_dcerpc_dg_flags2_rsrvd_01, tvb, offset, 1, hdr.flags2);
if(hdr.flags2) {
proto_item_append_text(tf, " %s",
proto_item_append_text(tf, " %s",
(hdr.flags2 & PFCL2_CANCEL_PENDING) ? "\"Cancel Pending\" " : "");
}
}
@ -4833,7 +4833,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree_add_uint(drep_tree, hf_dcerpc_drep_byteorder, tvb, offset, 1, hdr.drep[0] >> 4);
proto_tree_add_uint(drep_tree, hf_dcerpc_drep_character, tvb, offset, 1, hdr.drep[0] & 0x0f);
proto_tree_add_uint(drep_tree, hf_dcerpc_drep_fp, tvb, offset+1, 1, hdr.drep[1]);
proto_item_append_text(tf, " (Order: %s, Char: %s, Float: %s)",
proto_item_append_text(tf, " (Order: %s, Char: %s, Float: %s)",
val_to_str(hdr.drep[0] >> 4, drep_byteorder_vals, "Unknown"),
val_to_str(hdr.drep[0] & 0x0f, drep_character_vals, "Unknown"),
val_to_str(hdr.drep[1], drep_fp_vals, "Unknown"));
@ -4847,7 +4847,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
if (tree) {
/* XXX - use "dissect_ndr_uuid_t()"? */
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
hdr.obj_id.Data1, hdr.obj_id.Data2, hdr.obj_id.Data3,
hdr.obj_id.Data4[0],
@ -4867,7 +4867,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
if (tree) {
/* XXX - use "dissect_ndr_uuid_t()"? */
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
hdr.if_id.Data1, hdr.if_id.Data2, hdr.if_id.Data3,
hdr.if_id.Data4[0],
@ -4887,7 +4887,7 @@ dissect_dcerpc_dg (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
if (tree) {
/* XXX - use "dissect_ndr_uuid_t()"? */
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
uuid_str_len = g_snprintf(uuid_str, DCERPC_UUID_STR_LEN,
"%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
hdr.act_id.Data1, hdr.act_id.Data2, hdr.act_id.Data3,
hdr.act_id.Data4[0],
@ -5073,7 +5073,7 @@ dcerpc_init_protocol (void)
if (dcerpc_binds){
g_hash_table_destroy (dcerpc_binds);
dcerpc_binds=NULL;
}
}
if(!dcerpc_binds){
dcerpc_binds = g_hash_table_new (dcerpc_bind_hash, dcerpc_bind_equal);
}
@ -5326,7 +5326,7 @@ proto_register_dcerpc (void)
{ &hf_dcerpc_array_buffer,
{ "Buffer", "dcerpc.array.buffer", FT_BYTES, BASE_NONE, NULL, 0x0, "Buffer: Buffer containing elements of the array", HFILL }},
{ &hf_dcerpc_op,
{ "Operation", "dcerpc.op", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
@ -5339,34 +5339,34 @@ proto_register_dcerpc (void)
NULL, 0x0, "DCE/RPC Fragment", HFILL }},
{ &hf_dcerpc_fragment_overlap,
{ "Fragment overlap", "dcerpc.fragment.overlap", FT_BOOLEAN, BASE_NONE,
{ "Fragment overlap", "dcerpc.fragment.overlap", FT_BOOLEAN, BASE_NONE,
NULL, 0x0, "Fragment overlaps with other fragments", HFILL }},
{ &hf_dcerpc_fragment_overlap_conflict,
{ "Conflicting data in fragment overlap", "dcerpc.fragment.overlap.conflict", FT_BOOLEAN, BASE_NONE,
{ "Conflicting data in fragment overlap", "dcerpc.fragment.overlap.conflict", FT_BOOLEAN, BASE_NONE,
NULL, 0x0, "Overlapping fragments contained conflicting data", HFILL }},
{ &hf_dcerpc_fragment_multiple_tails,
{ "Multiple tail fragments found", "dcerpc.fragment.multipletails", FT_BOOLEAN, BASE_NONE,
{ "Multiple tail fragments found", "dcerpc.fragment.multipletails", FT_BOOLEAN, BASE_NONE,
NULL, 0x0, "Several tails were found when defragmenting the packet", HFILL }},
{ &hf_dcerpc_fragment_too_long_fragment,
{ "Fragment too long", "dcerpc.fragment.toolongfragment", FT_BOOLEAN, BASE_NONE,
{ "Fragment too long", "dcerpc.fragment.toolongfragment", FT_BOOLEAN, BASE_NONE,
NULL, 0x0, "Fragment contained data past end of packet", HFILL }},
{ &hf_dcerpc_fragment_error,
{ "Defragmentation error", "dcerpc.fragment.error", FT_FRAMENUM, BASE_NONE,
{ "Defragmentation error", "dcerpc.fragment.error", FT_FRAMENUM, BASE_NONE,
NULL, 0x0, "Defragmentation error due to illegal fragments", HFILL }},
{ &hf_dcerpc_time,
{ "Time from request", "dcerpc.time", FT_RELATIVE_TIME, BASE_NONE,
{ &hf_dcerpc_time,
{ "Time from request", "dcerpc.time", FT_RELATIVE_TIME, BASE_NONE,
NULL, 0, "Time between Request and Response for DCE-RPC calls", HFILL }},
{ &hf_dcerpc_reassembled_in,
{ "Reassembled PDU in frame", "dcerpc.reassembled_in", FT_FRAMENUM, BASE_NONE,
{ "Reassembled PDU in frame", "dcerpc.reassembled_in", FT_FRAMENUM, BASE_NONE,
NULL, 0x0, "The DCE/RPC PDU is completely reassembled in the packet with this number", HFILL }},
{ &hf_dcerpc_unknown_if_id,
{ &hf_dcerpc_unknown_if_id,
{ "Unknown DCERPC interface id", "dcerpc.unknown_if_id", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "", HFILL }},
};
static gint *ett[] = {
@ -5404,7 +5404,7 @@ proto_register_dcerpc (void)
register_init_routine(dcerpc_reassemble_init);
dcerpc_uuids = g_hash_table_new (dcerpc_uuid_hash, dcerpc_uuid_equal);
dcerpc_tap=register_tap("dcerpc");
g_hook_list_init(&dcerpc_hooks_init_protos, sizeof(GHook));
}

56
epan/dissectors/packet-k12.c
View File

@ -72,11 +72,11 @@ static void dissect_k12(tvbuff_t* tvb,packet_info* pinfo,proto_tree* tree) {
proto_item* k12_item;
proto_tree* k12_tree;
dissector_handle_t sub_handle;
k12_item = proto_tree_add_protocol_format(tree, proto_k12, tvb, 0, 0, "Packet from: '%s' (0x%.8x)",
pinfo->pseudo_header->k12.input_name,
pinfo->pseudo_header->k12.input);
k12_tree = proto_item_add_subtree(k12_item, ett_k12);
proto_tree_add_uint(k12_tree, hf_k12_port_id, tvb, 0,0,pinfo->pseudo_header->k12.input);
@ -85,9 +85,9 @@ static void dissect_k12(tvbuff_t* tvb,packet_info* pinfo,proto_tree* tree) {
k12_item = proto_tree_add_uint(k12_tree, hf_k12_port_type, tvb, 0, 0,
pinfo->pseudo_header->k12.input_type);
k12_tree = proto_item_add_subtree(k12_item, ett_port);
switch ( pinfo->pseudo_header->k12.input_type ) {
case K12_PORT_DS0S:
proto_tree_add_uint(k12_tree, hf_k12_ts, tvb, 0,0,pinfo->pseudo_header->k12.input_info.ds0mask);
@ -99,19 +99,19 @@ static void dissect_k12(tvbuff_t* tvb,packet_info* pinfo,proto_tree* tree) {
default:
break;
}
if (! k12_cfg ) {
sub_handle = data_handle;
} else {
sub_handle = g_hash_table_lookup(k12_cfg,pinfo->pseudo_header->k12.stack_file);
if (! sub_handle )
sub_handle = data_handle;
}
call_dissector(sub_handle, tvb, pinfo, tree);
}
}
static gboolean free_just_key (gpointer k, gpointer v _U_, gpointer p _U_) {
g_free(k);
@ -128,9 +128,9 @@ static GHashTable* k12_load_config(const gchar* filename) {
gchar** lines = NULL;
guint i;
dissector_handle_t handle;
/* XXX: should look for the file in common locations */
if (( fp = fopen(filename,"r") )) {
len = fread(buffer,1,0xFFFF,fp);
} else {
@ -139,18 +139,18 @@ static GHashTable* k12_load_config(const gchar* filename) {
}
if (len > 0) {
lines = g_strsplit(buffer,"\n",0);
for (i = 0 ; lines[i]; i++) {
g_strstrip(lines[i]);
g_strdown(lines[i]);
if(*(lines[i]) == '#' || *(lines[i]) == '\0')
continue;
curr = g_strsplit(lines[i]," ",0);
if (! (curr[0] != NULL && *curr[0] != '\0' && curr[1] != NULL && *curr[1] != '\0' ) ) {
report_failure("K12xx: Format error in line %u",i+1);
g_strfreev(curr);
@ -159,7 +159,7 @@ static GHashTable* k12_load_config(const gchar* filename) {
g_hash_table_destroy(hash);
return NULL;
}
g_strstrip(curr[0]);
g_strstrip(curr[1]);
handle = find_dissector(curr[1]);
@ -168,32 +168,32 @@ static GHashTable* k12_load_config(const gchar* filename) {
report_failure("k12: proto %s not found",curr[1]);
handle = data_handle;
}
g_hash_table_insert(hash,g_strdup(curr[0]),handle);
g_strfreev(curr);
}
g_strfreev(lines);
return hash;
}
g_hash_table_destroy(hash);
report_read_failure(filename, errno);
return NULL;
}
static void k12_load_prefs(void) {
static void k12_load_prefs(void) {
if (k12_cfg) {
g_hash_table_foreach_remove(k12_cfg,free_just_key,NULL);
g_hash_table_destroy(k12_cfg);
k12_cfg = NULL;
}
if (*k12_config_filename != '\0') {
k12_cfg = k12_load_config(k12_config_filename);
return;
@ -203,7 +203,7 @@ static void k12_load_prefs(void) {
void proto_reg_handoff_k12(void) {
k12_handle = find_dissector("k12");
data_handle = find_dissector("data");
dissector_add("wtap_encap", WTAP_ENCAP_K12, k12_handle);
dissector_add("wtap_encap", WTAP_ENCAP_K12, k12_handle);
}
void
@ -218,22 +218,22 @@ proto_register_k12(void)
{ &hf_k12_atm_vp, { "ATM VPI", "atm.vpi", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
{ &hf_k12_atm_vc, { "ATM VCI", "atm.vci", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }}
};
static gint *ett[] = {
&ett_k12,
&ett_port
};
proto_k12 = proto_register_protocol("K12xx", "K12xx", "k12");
proto_register_field_array(proto_k12, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
register_dissector("k12", dissect_k12, proto_k12);
k12_module = prefs_register_protocol(proto_k12, k12_load_prefs);
prefs_register_string_preference(k12_module, "config",
"Configuration filename",
"K12 module configuration filename",
&k12_config_filename);
}

48
epan/dissectors/packet-rpc.c
View File

@ -74,7 +74,7 @@ static gboolean rpc_defragment = TRUE;
*/
static gboolean rpc_dissect_unknown_programs = FALSE;
/* try to find RPC fragment start if normal decode fails
/* try to find RPC fragment start if normal decode fails
* (good when starting decode of mid-stream capture)
*/
static gboolean rpc_find_fragment_start = FALSE;
@ -263,10 +263,10 @@ static const fragment_items rpc_frag_items = {
};
/* Hash table with info on RPC program numbers */
GHashTable *rpc_progs;
GHashTable *rpc_progs = NULL;
/* Hash table with info on RPC procedure numbers */
GHashTable *rpc_procs;
GHashTable *rpc_procs = NULL;
static void dissect_rpc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
static void dissect_rpc_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
@ -455,9 +455,9 @@ typedef struct _rpc_call_info_key {
conversation_t *conversation;
} rpc_call_info_key;
static GHashTable *rpc_calls;
static GHashTable *rpc_calls = NULL;
static GHashTable *rpc_indir_calls;
static GHashTable *rpc_indir_calls = NULL;
/* compare 2 keys */
static gint
@ -524,9 +524,9 @@ int hfindex, int offset)
}
/*
* We want to make this function available outside this file and
* We want to make this function available outside this file and
* allow callers to pass a dissection function for the opaque data
*/
*/
int
dissect_rpc_opaque_data(tvbuff_t *tvb, int offset,
proto_tree *tree,
@ -719,7 +719,7 @@ int
dissect_rpc_string(tvbuff_t *tvb, proto_tree *tree,
int hfindex, int offset, char **string_buffer_ret)
{
offset = dissect_rpc_opaque_data(tvb, offset, tree, NULL,
offset = dissect_rpc_opaque_data(tvb, offset, tree, NULL,
hfindex, FALSE, 0, TRUE, string_buffer_ret, NULL);
return offset;
}
@ -729,7 +729,7 @@ int
dissect_rpc_data(tvbuff_t *tvb, proto_tree *tree,
int hfindex, int offset)
{
offset = dissect_rpc_opaque_data(tvb, offset, tree, NULL,
offset = dissect_rpc_opaque_data(tvb, offset, tree, NULL,
hfindex, FALSE, 0, FALSE, NULL, NULL);
return offset;
}
@ -1624,7 +1624,7 @@ dissect_rpc_continuation(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/**
* Produce a dummy RPC program entry for the given RPC program key
* Produce a dummy RPC program entry for the given RPC program key
* and version values.
*/
@ -1774,10 +1774,10 @@ dissect_rpc_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
if(rpc_dissect_unknown_programs){
guint32 version;
/* if the user has specified that he wants to try to
/* if the user has specified that he wants to try to
* dissect even completely unknown RPC program numbers
* then let him do that.
* In this case we only check that the program number
* In this case we only check that the program number
* is neither 0 nor -1 which is better than nothing.
*/
if(rpc_prog_key.prog==0 || rpc_prog_key.prog==0xffffffff){
@ -2576,10 +2576,10 @@ dissect_rpc_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
case AUTH_GSSAPI_CONTINUE_INIT:
case AUTH_GSSAPI_MSG:
if (msg_type == RPC_CALL) {
offset = dissect_rpc_authgssapi_initarg(tvb,
offset = dissect_rpc_authgssapi_initarg(tvb,
rpc_tree, offset, pinfo);
} else {
offset = dissect_rpc_authgssapi_initres(tvb,
offset = dissect_rpc_authgssapi_initres(tvb,
rpc_tree, offset, pinfo);
}
break;
@ -2608,10 +2608,10 @@ dissect_rpc_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
break;
}
if (tvb_length_remaining(tvb, offset) > 0) {
/*
* dissect any remaining bytes (incomplete dissection) as pure
* data in the ptree
if (tvb_length_remaining(tvb, offset) > 0) {
/*
* dissect any remaining bytes (incomplete dissection) as pure
* data in the ptree
*/
call_dissector(data_handle,
@ -3043,7 +3043,7 @@ dissect_rpc_fragment(tvbuff_t *tvb, int offset, packet_info *pinfo,
new_rfk->start_seq = rfk->start_seq;
g_hash_table_insert(rpc_reassembly_table, new_rfk,
new_rfk);
/*
* This is part of a fragmented record,
* but it's not the first part.
@ -3051,7 +3051,7 @@ dissect_rpc_fragment(tvbuff_t *tvb, int offset, packet_info *pinfo,
* a top-level tree for this protocol.
*/
make_frag_tree(frag_tvb, tree, proto, ett,rpc_rm);
/*
* No more processing need be done, as we don't
* have a complete record.
@ -3063,7 +3063,7 @@ dissect_rpc_fragment(tvbuff_t *tvb, int offset, packet_info *pinfo,
* So rather than creating a fragment reassembly tree,
* we simply throw away the partial fragment structure
* and fall though to our "sole fragment" processing below.
*/
*/
}
}
@ -3194,10 +3194,10 @@ dissect_rpc_fragment(tvbuff_t *tvb, int offset, packet_info *pinfo,
/**
* Scans tvb, starting at given offset, to see if we can find
* what looks like a valid RPC-over-TCP reply header.
*
*
* @param tvb Buffer to inspect for RPC reply header.
* @param offset Offset to begin search of tvb at.
*
*
* @return -1 if no reply header found, else offset to start of header
* (i.e., to the RPC record mark field).
*/
@ -3264,7 +3264,7 @@ guint32 ulRecMark;
int i;
cbInBuf = tvb_reported_length_remaining(tvb, offset);
/* start search at first possible location */