osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Correctly handle Interim responses to TRANSACTION requests. 

Move the declaration of routines exported from "packet-smb-mailslot.c"
into a "packet-smb-mailslot.h" header file, and have modules that import
those routines include "packet-smb-mailslot.h" rather than declaring the
routines themselves; do the same for routines exported from
"packet-smb-pipe.c".  Make routines not exported static, and make
routines that return a true/false return value "gboolean" rather than
"guint32".

svn path=/trunk/; revision=3146
This commit is contained in:
Guy Harris 2001-03-18 03:23:30 +00:00
parent 8e268424e1
commit b8289288e8
6 changed files with 207 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile.am
View File

@ -1,7 +1,7 @@
# Makefile.am
# Automake file for Ethereal
#
# $Id: Makefile.am,v 1.291 2001/03/18 02:13:32 guy Exp $
# $Id: Makefile.am,v 1.292 2001/03/18 03:23:30 guy Exp $
#
# Ethereal - Network traffic analyzer
# By Gerald Combs <gerald@zing.org>
@ -293,6 +293,8 @@ noinst_HEADERS = \
packet-sll.h \
packet-smb.h \
packet-smb-common.h \
packet-smb-mailslot.h \
packet-smb-pipe.h \
packet-sna.h \
packet-snmp.h \
packet-sscop.h \

32
packet-smb-mailslot.c
View File

@ -1,8 +1,8 @@
/* packet-smb-mailslot.c
* Routines for smb mailslot packet dissection
* Routines for SMB mailslot packet dissection
* Copyright 2000, Jeffrey C. Foster <jfoste@woodward.com>
*
* $Id: packet-smb-mailslot.c,v 1.9 2001/01/03 06:55:32 guy Exp $
* $Id: packet-smb-mailslot.c,v 1.10 2001/03/18 03:23:30 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
@ -27,6 +27,8 @@
#include "packet-smb-common.h"
#include "packet-smb-mailslot.h"
#include "packet-smb-pipe.h"
static int proto_smb_msp = -1;
@ -41,12 +43,6 @@ dissect_mailslot_browse(const u_char *pd, int offset, frame_data *fd,
int SMB_offset, int errcode, int dirn, const u_char *command,
int DataOffset, int DataCount);
extern guint32
dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data,
int SMB_offset, int errcode, int dirn, const u_char *command,
int DataOffset, int DataCount, int ParameterOffset, int ParameterCount);
extern guint32
dissect_smb_ntlogon(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data,
@ -62,7 +58,7 @@ dissect_smb_logon(const u_char *pd, int offset, frame_data *fd,
guint32
gboolean
dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data,
int SMB_offset, int errcode, int dirn, const u_char *command,
@ -78,17 +74,23 @@ dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd,
const char *StrPtr;
if (!proto_is_protocol_enabled(proto_smb_msp))
return 0;
return FALSE;
if (check_col(fd, COL_PROTOCOL))
col_set_str(fd, COL_PROTOCOL, "SMB Mailslot");
if (DataOffset < 0) {
/* Interim reply */
col_set_str(fd, COL_INFO, "Interim reply");
return TRUE;
}
/* do the Op code field */
Temp16 = GSHORT(pd, offset); /* get Op code */
if (check_col(fd, COL_PROTOCOL))
col_set_str(fd, COL_PROTOCOL, "SMB Mailslot");
if (check_col(fd, COL_INFO))
col_add_fstr(fd, COL_INFO, "%s",
col_set_str(fd, COL_INFO,
( Temp16 == 1 ? "Write Mail slot" : "Unknown"));
@ -169,7 +171,7 @@ dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd,
command, DataOffset, DataCount);
}
return 1;
return TRUE;
}

30
packet-smb-mailslot.h Normal file
View File

@ -0,0 +1,30 @@
/* packet-smb-mailslot.h
* Declaration of routines for SMB mailslot packet dissection
* Copyright 2000, Jeffrey C. Foster <jfoste@woodward.com>
*
* $Id: packet-smb-mailslot.h,v 1.1 2001/03/18 03:23:30 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
gboolean
dissect_mailslot_smb(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data,
int SMB_offset, int errcode, int dirn, const u_char *command,
int DataOffset, int DataCount, int ParameterOffset, int ParameterCount);

99
packet-smb-pipe.c
View File

@ -1,8 +1,8 @@
/* packet-smb-pipe.c
* Routines for smb packet dissection
* Routines for SMB named pipe packet dissection
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
*
* $Id: packet-smb-pipe.c,v 1.15 2001/01/03 06:55:32 guy Exp $
* $Id: packet-smb-pipe.c,v 1.16 2001/03/18 03:23:30 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
@ -48,6 +48,7 @@
#include "smb.h"
#include "alignment.h"
#include "strutil.h"
#include "packet-smb-pipe.h"
static int proto_smb_lanman = -1;
@ -129,7 +130,7 @@ struct lanman_desc lmd[] = {
{-1, NULL, NULL,NULL, NULL, NULL}
};
struct lanman_desc *
static struct lanman_desc *
find_lanman(int lanman_num)
{
int i = 0;
@ -156,7 +157,8 @@ find_lanman(int lanman_num)
#define NETSHAREENUM 0x00 /* 00 */
#define NETSERVERENUM2 0x68 /* 104 */
void dissect_server_flags(proto_tree *tree, int offset, int length, int flags)
static void
dissect_server_flags(proto_tree *tree, int offset, int length, int flags)
{
proto_tree_add_text(tree, NullTVB, offset, length, "%s",
decode_boolean_bitfield(flags, 0x0001, length*8, "Workstation", "Not Workstation"));
@ -217,8 +219,10 @@ static int pd_p_current = 0, pd_d_current = 0, in_params = 0, need_data = 0;
static int lm_ent_count = 0, lm_act_count = 0;
/* Initialize the various data structure */
void
dissect_transact_engine_init(const u_char *pd, const char *param_desc, const char *data_desc, int SMB_offset, int ParameterOffset, int ParameterCount, int DataOffset, int DataCount)
static void
dissect_transact_engine_init(const u_char *pd, const char *param_desc,
const char *data_desc, int SMB_offset, int ParameterOffset,
int ParameterCount, int DataOffset, int DataCount)
{
d_count = DataCount;
@ -264,7 +268,7 @@ int get_act_count()
}
int get_byte_count(const u_char *p_data)
static int get_byte_count(const u_char *p_data)
{
int count = 0, off = 0;
@ -283,7 +287,8 @@ int get_byte_count(const u_char *p_data)
/* We pull out the next item in the appropriate place and display it */
/* We display the parameters first, then the data, then any auxilliary data */
int dissect_transact_next(const u_char *pd, char *Name, int dirn, proto_tree *tree)
static int
dissect_transact_next(const u_char *pd, char *Name, int dirn, proto_tree *tree)
{
/* guint8 BParam; */
guint16 WParam = 0;
@ -553,7 +558,7 @@ static const value_string share_type_vals[] = {
{0, NULL}
};
guint32
gboolean
dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si,
int max_data, int SMB_offset, int errcode, int dirn,
@ -574,7 +579,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
guint32 string_offset;
if (check_col(fd, COL_PROTOCOL))
col_add_fstr(fd, COL_PROTOCOL, "LANMAN");
col_set_str(fd, COL_PROTOCOL, "LANMAN");
if (dirn == 1) { /* The request side */
@ -588,7 +593,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
if (check_col(fd, COL_INFO)) {
col_add_fstr(fd, COL_INFO, "NetShareEnum Request");
col_set_str(fd, COL_INFO, "NetShareEnum Request");
}
@ -661,7 +666,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
if (check_col(fd, COL_INFO)) {
col_add_fstr(fd, COL_INFO, "NetServerEnum2 %s", dirn ? "Request" : "Response");
col_set_str(fd, COL_INFO, "NetServerEnum2 Request");
}
@ -744,7 +749,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
loc_offset += 4;
return 1;
return TRUE;
break;
default: /* Just try to handle what is there ... */
@ -827,6 +832,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
}
}
else { /* Dirn == 0, response */
gboolean is_interim_response;
guint16 Status;
guint16 Convert;
guint16 EntCount;
@ -847,7 +853,7 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
if (si.request_val -> trans_response_seen == 1) {
if (check_col(fd, COL_INFO)) {
col_add_fstr(fd, COL_INFO, "Transact Continuation");
col_set_str(fd, COL_INFO, "Transact Continuation");
}
if (tree) {
@ -860,20 +866,34 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
}
return 1;
return TRUE;
}
si.request_val -> trans_response_seen = 1;
is_interim_response = (DataOffset < 0);
switch (FunctionCode) {
case NETSHAREENUM:
if (is_interim_response) {
if (check_col(fd, COL_INFO)) {
col_set_str(fd, COL_INFO, "NetShareEnum Interim Response");
}
return TRUE;
}
if (check_col(fd, COL_INFO)) {
col_add_fstr(fd, COL_INFO, "NetShareEnum Response");
col_set_str(fd, COL_INFO, "NetShareEnum Response");
}
@ -996,9 +1016,21 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
case NETSERVERENUM2:
if (is_interim_response) {
if (check_col(fd, COL_INFO)) {
col_set_str(fd, COL_INFO, "NetShareEnum2 Interim Response");
}
return TRUE;
}
if (check_col(fd, COL_INFO)) {
col_add_fstr(fd, COL_INFO, "NetServerEnum2 %s", dirn ? "Request" : "Response");
col_set_str(fd, COL_INFO, "NetServerEnum2 Response");
}
@ -1155,6 +1187,22 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
lanman = find_lanman(si.request_val -> last_lanman_cmd);
if (is_interim_response) {
if (check_col(fd, COL_INFO)) {
if (lanman) {
col_add_fstr(fd, COL_INFO, "%s Interim Response", lanman -> lanman_name);
}
else {
col_add_fstr(fd, COL_INFO, "Unknown LANMAN Interim Response: %u", FunctionCode);
}
}
return TRUE;
}
if (check_col(fd, COL_INFO)) {
if (lanman) {
@ -1213,31 +1261,34 @@ dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
}
return 1;
return TRUE;
break;
}
}
return 0;
return FALSE;
}
guint32
gboolean
dissect_pipe_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, const u_char *command, int DataOffset, int DataCount, int ParameterOffset, int ParameterCount)
{
if (!proto_is_protocol_enabled(proto_smb_lanman))
return 0;
return FALSE;
if (command != NULL && strcmp(command, "LANMAN") == 0) { /* Try to decode a LANMAN */
if (command != NULL && strcmp(command, "LANMAN") == 0) {
/* Try to decode a LANMAN */
return dissect_pipe_lanman(pd, offset, fd, parent, tree, si, max_data, SMB_offset, errcode, dirn, command, DataOffset, DataCount, ParameterOffset, ParameterCount);
return dissect_pipe_lanman(pd, offset, fd, parent, tree, si, max_data,
SMB_offset, errcode, dirn, command, DataOffset,
DataCount, ParameterOffset, ParameterCount);
}
return 0;
return FALSE;
}

37
packet-smb-pipe.h Normal file
View File

@ -0,0 +1,37 @@
/* packet-smb-pipe.h
* Declarations of routines for SMB named pipe packet dissection
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
*
* $Id: packet-smb-pipe.h,v 1.1 2001/03/18 03:23:30 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
gboolean
dissect_pipe_lanman(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si,
int max_data, int SMB_offset, int errcode, int dirn,
const u_char *command, int DataOffset, int DataCount,
int ParameterOffset, int ParameterCount);
gboolean
dissect_pipe_smb(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data,
int SMB_offset, int errcode, int dirn, const u_char *command,
int DataOffset, int DataCount, int ParameterOffset, int ParameterCount);

56
packet-smb.c
View File

@ -2,7 +2,7 @@
* Routines for smb packet dissection
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
*
* $Id: packet-smb.c,v 1.79 2001/01/29 08:14:41 sharpe Exp $
* $Id: packet-smb.c,v 1.80 2001/03/18 03:23:30 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
@ -49,10 +49,8 @@
#include "alignment.h"
#include "strutil.h"
guint32 dissect_mailslot_smb(const u_char *, int, frame_data *, proto_tree *, proto_tree *, struct smb_info, int, int, int, int, const u_char *, int, int, int, int);
guint32 dissect_pipe_smb(const u_char *, int, frame_data *, proto_tree *, proto_tree *, struct smb_info, int, int, int, int, const u_char *, int, int, int, int);
#include "packet-smb-mailslot.h"
#include "packet-smb-pipe.h"
static int proto_smb = -1;
@ -9038,7 +9036,7 @@ dissect_transact2_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *
proto_tree_add_text(Flags_tree, NullTVB, offset, 2, "%s",
decode_boolean_bitfield(Flags, 0x02, 16, "One way transaction", "Two way transaction"));
}
}
offset += 2; /* Skip Flags */
@ -9504,8 +9502,12 @@ dissect_transact2_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *
}
void
dissect_transact_params(const u_char *pd, int offset, frame_data *fd, proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data, int SMB_offset, int errcode, int dirn, int DataOffset, int DataCount, int ParameterOffset, int ParameterCount, int SetupAreaOffset, int SetupCount, const char *TransactName)
static void
dissect_transact_params(const u_char *pd, int offset, frame_data *fd,
proto_tree *parent, proto_tree *tree, struct smb_info si, int max_data,
int SMB_offset, int errcode, int dirn, int DataOffset, int DataCount,
int ParameterOffset, int ParameterCount, int SetupAreaOffset,
int SetupCount, const char *TransactName)
{
char *TransactNameCopy;
char *trans_type = NULL, *trans_cmd, *loc_of_slash = NULL;
@ -9535,9 +9537,14 @@ dissect_transact_params(const u_char *pd, int offset, frame_data *fd, proto_tree
if ((trans_cmd == NULL) ||
(((trans_type == NULL || strcmp(trans_type, "MAILSLOT") != 0) ||
!dissect_mailslot_smb(pd, SetupAreaOffset, fd, parent, tree, si, max_data, SMB_offset, errcode, dirn, trans_cmd, SMB_offset + DataOffset, DataCount, SMB_offset + ParameterOffset, ParameterCount)) &&
!dissect_mailslot_smb(pd, SetupAreaOffset, fd, parent, tree, si,
max_data, SMB_offset, errcode, dirn, trans_cmd,
SMB_offset + DataOffset, DataCount,
SMB_offset + ParameterOffset, ParameterCount)) &&
((trans_type == NULL || strcmp(trans_type, "PIPE") != 0) ||
!dissect_pipe_smb(pd, offset, fd, parent, tree, si, max_data, SMB_offset, errcode, dirn, trans_cmd, DataOffset, DataCount, ParameterOffset, ParameterCount)))) {
!dissect_pipe_smb(pd, offset, fd, parent, tree, si, max_data,
SMB_offset, errcode, dirn, trans_cmd, DataOffset,
DataCount, ParameterOffset, ParameterCount)))) {
if (ParameterCount > 0) {
@ -9764,7 +9771,7 @@ dissect_transact_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *p
proto_tree_add_text(Flags_tree, NullTVB, offset, 2, "%s",
decode_boolean_bitfield(Flags, 0x02, 16, "One way transaction", "Two way transaction"));
}
}
offset += 2; /* Skip Flags */
@ -9982,6 +9989,33 @@ dissect_transact_smb(const u_char *pd, int offset, frame_data *fd, proto_tree *p
offset += 1; /* Skip Word Count (WCT) */
if (WordCount == 0) {
/* Interim response.
XXX - should we tag it as such? */
/* Build display for: Byte Count (BCC) */
ByteCount = GSHORT(pd, offset);
if (tree) {
proto_tree_add_text(tree, NullTVB, offset, 2, "Byte Count (BCC): %u", ByteCount);
}
offset += 2; /* Skip Byte Count (BCC) */
/* Dissect the interim response by showing the type of request to
which it's a reply. */
dissect_transact_params(pd, offset, fd, parent, tree, si, max_data,
SMB_offset, errcode, dirn, -1, -1, -1, -1, -1, -1,
si.request_val -> last_transact_command);
return;
}
/* Build display for: Total Parameter Count */
TotalParameterCount = GSHORT(pd, offset);