current "this is an error packet" flag and set that flag, so the payload
is dissected as the payload of an error packet rather than as a "real"
packet.
svn path=/trunk/; revision=6701
"dissect_ndr_uint16s()"; "dissect_ndr_uint16s()" is always passed a null
pointer, "dissect_dcerpc_uint16s()" is only called by
"dissect_ndr_uint16s()", and the pointer returned through "pdata" is
*NOT* guaranteed to be aligned on a 16-bit boundary so we don't want to
tempt people to blithely dereference that pointer.
svn path=/trunk/; revision=6699
soon as we see a packet for that circuit (we don't do that in X.25, for
example), so there's no guarantee that the first circuit starts at the
first circuit of the capture.
svn path=/trunk/; revision=6695
call to "gssapi_init_oid()" supplies both dissectors for context-level
tokens and GSS_Wrap header information; the latter dissector should
return the number of bytes of header information, so that if the header
information and the message for the protocol that's using GSSAPI are
treated as a single blob of data (as is the case with LDAP, but not with
DCE RPC, for example), the dissector for the protocol using GSSAPI knows
where to start dissecting.
We associate a pointer to the entire data structure for the OID, not the
handle for context-level token dissector for the OID, with conversations
and frames.
Make the dissector for NTLMSSP verifiers be the handler for GSS_Wrap
stuff for NTLMSSP, and add support for GSS_Wrap stuff for Kerberos.
Support SASL GSS-SPNEGO wrapping of LDAP messages. (XXX - this should
really check for GSS-SPNEGO.)
svn path=/trunk/; revision=6692
-Wcast-align" to be added to CFLAGS (except in Wiretap, where we already
do "-Wcast-qual"). We don't do them by default, as they produce some
warnings that aren't easy to eliminate; if we figure out how to
eliminate them on all platforms (or at least, on the platforms where you
*can't* eliminate them, reduce them to a low level), we can make those
options the default.
svn path=/trunk/; revision=6689
pointers.
The first argument to "sscanf()" is a "const char *"; don't cast const
pointers to "char *" when passing them to "sscanf()".
Assign the result of "tvb_get_ptr()" to const pointers, not non-const
pointers.
Make the "pdata" argument to various DCE routines a const pointer.
svn path=/trunk/; revision=6688
pointer, and put "const" into the casts in "VALS()" and "TFS()" macros,
so we don't un-constify pointers to "value_string" arrays and
"true_false_string" structures.
Make some things "const" to keep the compiler happy with the previous
change.
svn path=/trunk/; revision=6684
In a Router-LSA in an OSPF LS Update packet it was difficult for
the untrained to associate the informations in the link list to
the single links. This patch adds a subtree for each link with
a short summary in the tree "title".
svn path=/trunk/; revision=6677
Reorganize the desegmentation to match a bit more closely the
desegmentation code in "tcp_dissect_pdus()" (eventually, we should see
if we can just use that code).
svn path=/trunk/; revision=6676
This patch fixes decoding of the newSuperior attribute of an
LDAPv3 modrdn request. The current implementation attempts to
decode the attribute as an LDAPDN (Octext String, 0x4), when its
definition is actually Context 0 (0x80).
svn path=/trunk/; revision=6672
name of the field being dissected, and, if it's not null, use it instead
of "UINT16UNI". Pass the appropriate argument in some calls.
In "SpoolssOpenPrinterEx_q()", put in some #if 0'ed out code to note
what should be done with the printer name when we can get it.
svn path=/trunk/; revision=6670
information at
http://www.freetds.org/tds.html
and the way the packets seem to work (the description of TDS "PDUs"
actually appears to be a description of items in a TDS server reply PDU,
and I rather strongly suspect that you do *not* have multiple TDS PDUs
in a NETLIB packet), as well as to note that Microsoft Network Monitor
2.x appears to dissect some additional stuff.
Note that if I'm correct we can do desegmentation of NETLIB packets and
reassembly of TDS PDUs rather than the current somewhat clumsy handling
of packets split across segment boundaries.
Put the hf_netlib_xxx variables in the order in which they appear in the
NETLIB header, give hf_netlib_type the "packet_type_names" value_string
table as its value_string table, and actually use it when putting the
NETLIB type field into the protocol tree.
Clear out "nl_data" at the beginning of "dissect_netlib()", as there are
code paths where it does not get set. (That's a bit of a hack to try to
clean up a crashing bug - but I can't reproduce the crash on my home
FreeBSD PC, so I don't know whether it fixed the problem or not. If I'm
correct about the way the packets seem to work, the problem can probably
be fixed quite cleanly by tossing out the current split-packet handling
in favor of the reassembly described above.)
svn path=/trunk/; revision=6669
arguments correctly. There's a string datatype, a devicemode
container with a possibly null devicemode, and a "user level"
structure, whatever that is.
svn path=/trunk/; revision=6659
while. Also convert to dissect_ndr_* functions instead of old-style
prs_* functions.
Converted devicemode dissection to ndr functions as well. There are
still a bunch of value_strings that can be written to decode some of
the constants here.
svn path=/trunk/; revision=6658
dissect_rpc_opaque_data() the actual bytes into the dissector data tree
(improves searching). But if we only give the string "<DATA>" to the
proto_tree_add_* functions and tell it at the same time, that we have indeed
string_length_copy bytes, this leads to problems.
Correction: give the pointer into the real data and not the pointer to the
print string to the proto_tree_add_string_format() and
proto_tree_add_bytes_format() functions.
The correction was found by Martin Regner.
svn path=/trunk/; revision=6655
and CaveBear OUI lists:
- Remove punctuation
- Remove fill words (including the, inc, plc, ...)
- Capitalize each word at the beginning (and only there)
- Replace SPACE by _
- Restrict length to 20 characters
svn path=/trunk/; revision=6654
unsigned, and set their size to match the protocol data assigned to
them. Make sure the number of columns read doesn't exceed MAX_COLUMNS.
Explicitly check for integer values > 0. Switch from using memcpy with
tvb_get_ptr to tvb_memcpy. Make indentation consistent.
Add TDS support to randpkt. Most of the generated packets won't pass
the heuristic checks, but enough should make it through to adequately
test the dissector.
svn path=/trunk/; revision=6653
Ronnie Sahlberg