I've just finished to write a ncacn_http dissector for Wireshark which
provides the ability to dissect Outlook anywhere packets properly (as
specified by [MS-RPCH].pdf documentation.
svn path=/trunk/; revision=35259
unaligned unmarshalling of dissectors generated by PIDL.
This will allow us to use PIDL and additional IDLs from the samba
project since they use "noalign" for certain protocols.
This may also allow us to use PIDL to describe, and machinegenerate
dissectors for normal, non-DCERPC, protocols.
This patch for PIDL is still under review, but the PIDL patch is l;ikely
to be committed soonish.
svn path=/trunk/; revision=31583
is ndr64 or not, from the bind information to the data we store for each
individual pdu, since the trnasport syntax may change dynamically back
and forth between "normal" and "ndr64" on the same conversation.
svn path=/trunk/; revision=30226
Recent glib versions always include signal.h in gbacktrace.h
On Linux PPC signal.h defines PT_R4 which is also defined by samba and
compilation fails.
svn path=/trunk/; revision=28727
add dissection of the 16 byte header prior to the NDR data when NDR is
transported as a blob ontop of !dcerpc
like the LOGON_INFO in the PAC in kerberos
svn path=/trunk/; revision=24289
rename dcerpc_smb_fetch_pol to dcerpc_fetch_polhnd_data and also make
it take an additional parameter to return the "type" of the policy
handle, if such a type was stored.
extend the pol_value structure used to track policy handles to also
store a type to represent what created the policy handle
types could be USER/ALIAS/CONNECT/... etc handles returned from the
SAMR interface
add a new helper function dcerpc_store_polhnd_type()
track policy handles between request/responses for dcerpc
update the samr.cnf file to make the samr dissectors for
SetSecurity/QuerySecurity dissect the specific bits for the security
descriptor correctly based on whether the policy handle refers to a
CONNECT/DOMAIN/USER/ALIAS or GROUP
svn path=/trunk/; revision=22703
which applies (for now only) to integer types.
when this flag is specified as PARAM_VALUE the fields name and its value will be pushed onto the info column of the summary line
svn path=/trunk/; revision=20922
these new helpers take a parameter that can be used to decorate the tree and summary line (when this parameter is acted upon/implemented in the code inside the helpers)
WINREG was regenerated using a patched version of PIDL. Mainline version of PIDL does not yet have this patch applied.
svn path=/trunk/; revision=20918
the biggest problem in changing this is the dcv->private_data usage.
add a dcv->se_data which can keep data around from a request to a response and use this to change the LSA/OpenPolicy2 servername passing from request to response as a test pattern of moving all users of dcv->private data over to use dcv->se_data.
once all users are migrated over we can then change the dcv->private data pointer to be of ep scope and thus not need an explicit free (which is quite difficult and it is quite difficult in the old semantics to know WHEN we need to free this pointer)
this will eventually make the usage more clean and at the same time close down quite a few memory leaks.
eventually this will make dissect_ndr_nt_SID return a pointer to ep allocated memory that need not be explicitely freed.
svn path=/trunk/; revision=19226
most of the relevant code moved to guid_utils
lot of corresponding code cleanup in packet-dcerpc.c
still using GHashTable
still not using a manuf like file
svn path=/trunk/; revision=18939
This should fix some "differ in signedness" warnings (and maybe will raise new ones, which should be fixed at the calling places then)
svn path=/trunk/; revision=18605
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
cerlare it as a parameter that is a struct/union and not a ref pointer to one.
this is ok since toplevel ref pointers are invisible in the wire encoding anyway.
unfortunatelky ethereal dce runtime needed to see that pointer to keep track of whisch one was a toplevel and which one wasnt.
implement a new api to call pointers which explicitely specifies whether the pointer is toplevel or embedded.
eventually all dce dissectors will use this new interface and the generic dissect_ndr_pointer() can be retired.
svn path=/trunk/; revision=13755
this construct is aligned on 4 byte boundaries in ndr and NOT
8 bytes as a real uint64 (== hyper) would be.
rename the existing dissect_ndr_uint64 ro dissect_ndr_duint32 (double uint32) to make it reflect better the alignment of the type.
svn path=/trunk/; revision=13184
another part of the PROFINET dissectors (PN-CBA, including a lot of generic DCOM dissection) still some work to be done ...
svn path=/trunk/; revision=12776
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410