wireshark

Commit Graph

Author	SHA1	Message	Date
Ronnie Sahlberg	26f24ec097	decode the first two bytes of the negotiate protocol request as buffercode svn path=/trunk/; revision=17821	2006-04-05 23:33:35 +00:00
Ronnie Sahlberg	fb2cf0df34	from metze dissect smb2 break responses used by a server to break an oplock these unsolicited responses are sent with a commandseqnum of -1 so mark these in the header as unsolicited as well svn path=/trunk/; revision=17820	2006-04-05 21:38:41 +00:00
Gerald Combs	172556500d	Remove MIN and MAX defines, which GLib provides. svn path=/trunk/; revision=17551	2006-03-09 16:00:33 +00:00
Guy Harris	08182946ce	Constify some items, and make one item static, so we don't initialize stack copies at run time. svn path=/trunk/; revision=17433	2006-03-01 00:14:12 +00:00
Ronnie Sahlberg	6fcf2d8c66	smb2: if the secblob starts with 'NTLMSSP' call the ntlmssp handle directly and not the gssapi one ntlmssp: dont change offset when dissecting a client_time, offset will be changed properly later outside the switch. svn path=/trunk/; revision=17215	2006-02-08 08:48:23 +00:00
Ronnie Sahlberg	3cb23ec4f8	smb2 signing add dissection of the "Signature present" bit and the 16 byte signature field in the header svn path=/trunk/; revision=17206	2006-02-07 21:30:21 +00:00
Ronnie Sahlberg	dd2f806e15	handmerged patch from metze it conflicted with recent P bit patch i checked in svn path=/trunk/; revision=17202	2006-02-07 12:01:34 +00:00
Ronnie Sahlberg	c35dfab4e9	rename Logoff to SessionLogoff to make it consistent with TreeConnect/TreeDisconnect svn path=/trunk/; revision=17201	2006-02-07 11:32:10 +00:00
Ronnie Sahlberg	5036c5cc54	add dissection of the P (PID Valid) bit in the header If the P bit is NOT set, then flag the PID field as "(not valid)" Sicne the TID might be undefined/0 in the response to a "pending" read we cant use that solely to determine if a read was for a named/pipe (==dcerpc) Assume that only NamedPipe reads can be STATUS_PENDING and thus have the P bit set and assume it IS dcerpc if the P bit is set. svn path=/trunk/; revision=17197	2006-02-07 09:28:02 +00:00
Ronnie Sahlberg	baed8f0888	add dissection of SMB/SetFileInfo level 1023 SMB2/SetInfo/FILE_INFO level 0x17 FILE_PIPE_INFO infolevel svn path=/trunk/; revision=17195	2006-02-07 08:48:51 +00:00
Ronnie Sahlberg	0c350fb5b6	prettify class/infolevel for GetInfo/SetInfo svn path=/trunk/; revision=17186	2006-02-06 13:17:11 +00:00
Ronnie Sahlberg	4a2048a5ef	dissect the TWrp chain element svn path=/trunk/; revision=17180	2006-02-06 09:51:42 +00:00
Ronnie Sahlberg	cec07db2da	from metze update to tid and uid tracking svn path=/trunk/; revision=16893	2005-12-24 10:10:04 +00:00
Ronnie Sahlberg	dd19e660ba	make smb2 tappable svn path=/trunk/; revision=16886	2005-12-23 04:55:25 +00:00
Guy Harris	e09d859591	Squelch a compiler warning. svn path=/trunk/; revision=16839	2005-12-18 10:58:47 +00:00
Ronnie Sahlberg	febe5a84e3	add decoding of the share type that metze found in the tree connect response prettify tid and uid svn path=/trunk/; revision=16729	2005-12-08 07:54:13 +00:00
Ronnie Sahlberg	adb796abc6	tap the ntlmssp protocol and extract the account/domain names when users authenticate. If known put the account name, domain name, host name and which frame the suer authenticated in in an expansion below UID in the SMB2 header svn path=/trunk/; revision=16723	2005-12-07 13:14:09 +00:00
Ronnie Sahlberg	55c9157d6b	objectid updates svn path=/trunk/; revision=16692	2005-12-06 00:27:51 +00:00
Ronnie Sahlberg	7e5f31b6a0	updates for FILE_OBJECTID_BUFFER and have smb call this (no more unknown bytes in smb for objectid) svn path=/trunk/; revision=16682	2005-12-05 21:22:06 +00:00
Ronnie Sahlberg	9edeb85cba	add some more ioctls svn path=/trunk/; revision=16646	2005-12-02 09:19:05 +00:00
Ronnie Sahlberg	bc21123474	add dissection of FSCTL_CREATE_OR_GET_OBJECT_ID svn path=/trunk/; revision=16645	2005-12-02 06:49:52 +00:00
Ronnie Sahlberg	1f39289cce	add dissection of FSCTL_GET_SHADOW_COPY_DATA svn path=/trunk/; revision=16638	2005-12-01 13:06:20 +00:00
Ronnie Sahlberg	c8ff130c27	swap in/out to be more consistent with sane naming conventions svn path=/trunk/; revision=16637	2005-12-01 12:34:53 +00:00
Ronnie Sahlberg	1b2e68397a	start implementing an ioctl dispatcher for different ioctl functions svn path=/trunk/; revision=16636	2005-12-01 10:34:00 +00:00
Ronnie Sahlberg	646535de33	add decoding of some ioctl names copied from packet-smb.c svn path=/trunk/; revision=16635	2005-12-01 10:18:14 +00:00
Ronnie Sahlberg	ced869a426	move the ioctl function code to the si structure so we can switch on this later in the ioctl_data dissector svn path=/trunk/; revision=16634	2005-12-01 09:42:39 +00:00
Ronnie Sahlberg	966de91a8d	0x0b is ioctl not transaction svn path=/trunk/; revision=16633	2005-12-01 09:20:29 +00:00
Guy Harris	37df4d6886	"dcerpc_smb_fetch_pol()" doesn't necessarily return a name, as we might not have seen anything that would let us give a name to a handle. svn path=/trunk/; revision=16623	2005-11-29 09:38:45 +00:00
Ronnie Sahlberg	74b05ec567	name some infolevels svn path=/trunk/; revision=16613	2005-11-28 08:20:12 +00:00
Ronnie Sahlberg	55beaa37cf	add endoffile infolevel svn path=/trunk/; revision=16607	2005-11-26 21:59:48 +00:00
Ronnie Sahlberg	f699f011fc	more infolevels svn path=/trunk/; revision=16606	2005-11-26 21:44:37 +00:00
Ronnie Sahlberg	81c46d4c59	update setinfo response dissection svn path=/trunk/; revision=16605	2005-11-26 21:09:53 +00:00
Ronnie Sahlberg	d107130cd4	many commands return a short 8 byte pdu when errors occur. make ethereal handle these better instead of showing them as unreassembled packet svn path=/trunk/; revision=16598	2005-11-26 03:06:21 +00:00
Ronnie Sahlberg	d149d98fc3	assume the four bytes after the fid in notify request is the completion mask svn path=/trunk/; revision=16596	2005-11-26 00:34:22 +00:00
Ronnie Sahlberg	7773d60b9a	add decoding of some more opcodes svn path=/trunk/; revision=16594	2005-11-25 23:52:47 +00:00
Ronnie Sahlberg	808f2fc111	add decoding of some more opcodes svn path=/trunk/; revision=16590	2005-11-25 22:06:56 +00:00
Ronnie Sahlberg	85cfb618f9	from metze and modified, fix for in offset/length for transaction request svn path=/trunk/; revision=16589	2005-11-25 21:55:34 +00:00
Ronnie Sahlberg	0f9be028ca	add dissection of treedisconnect svn path=/trunk/; revision=16586	2005-11-25 08:26:02 +00:00
Ronnie Sahlberg	704abdc0e5	add some more infolevels svn path=/trunk/; revision=16585	2005-11-25 08:02:40 +00:00
Ronnie Sahlberg	ebe4645322	fix typo it is one in buffer and one out buffer in transaction request not two out buffers svn path=/trunk/; revision=16584	2005-11-25 06:45:50 +00:00
Ronnie Sahlberg	cdec2dd031	transaction update svn path=/trunk/; revision=16583	2005-11-25 06:30:47 +00:00
Ronnie Sahlberg	261aade300	add dissection of the smb2 impersionationlevel field svn path=/trunk/; revision=16581	2005-11-25 06:19:41 +00:00
Ronnie Sahlberg	c76c376968	some info level updates svn path=/trunk/; revision=16580	2005-11-25 06:04:11 +00:00
Ronnie Sahlberg	cfc56af514	some info level updates svn path=/trunk/; revision=16579	2005-11-25 05:41:00 +00:00
Ronnie Sahlberg	d93bd8606c	update the transaction code svn path=/trunk/; revision=16578	2005-11-25 00:28:02 +00:00
Ronnie Sahlberg	64181a533c	dissect some more of SMB2 Transaction command svn path=/trunk/; revision=16577	2005-11-24 15:24:30 +00:00
Ronnie Sahlberg	22d2f325ea	dissect some of opcode 0x0b Transaction svn path=/trunk/; revision=16576	2005-11-24 14:49:46 +00:00
Ronnie Sahlberg	8bcb4b47e6	from Metze generalize the offset/length/buffer handling and make some code much nicer svn path=/trunk/; revision=16557	2005-11-21 20:37:43 +00:00
Ronnie Sahlberg	a54d3e960b	fix bug 588 and friends svn path=/trunk/; revision=16549	2005-11-19 10:03:16 +00:00
Ronnie Sahlberg	49499c1b96	the 4 bytes in MxAc are access maxk not file attributes svn path=/trunk/; revision=16548	2005-11-19 03:19:56 +00:00

1 2 3

112 Commits