When offset parameter is 0 replace tvb_bytes_exist() with the faster tvb_length().
On the other hand
if (tvb_bytes_exist(tvb, 0, 20)
is more readable than
if (tvb_length(tvb) >= 20
so only do it in heuristic function
svn path=/trunk/; revision=23412
- if offset is 0, tvb_length is the same as tvb_length_remaining, just faster.
Replace
- col_append_fstr() with faster col_append_str()
- col_add_str() with col_set_str()
when it's safe
svn path=/trunk/; revision=23252
rename dcerpc_smb_fetch_pol to dcerpc_fetch_polhnd_data and also make
it take an additional parameter to return the "type" of the policy
handle, if such a type was stored.
extend the pol_value structure used to track policy handles to also
store a type to represent what created the policy handle
types could be USER/ALIAS/CONNECT/... etc handles returned from the
SAMR interface
add a new helper function dcerpc_store_polhnd_type()
track policy handles between request/responses for dcerpc
update the samr.cnf file to make the samr dissectors for
SetSecurity/QuerySecurity dissect the specific bits for the security
descriptor correctly based on whether the policy handle refers to a
CONNECT/DOMAIN/USER/ALIAS or GROUP
svn path=/trunk/; revision=22703
routines and routines using those routines. GLib might use different
modifiers for 64-bit quantities than the platform's C library does.
svn path=/trunk/; revision=21990
new tvb for it or else the offset/length calculations for where blobs
a next_tvb=tvb_new_subset(tvb, chain_offset, MIN((int)len,
tvb_length_remaining(tvb, off)), len);
re in the packets are wrong.
svn path=/trunk/; revision=21795
dissect smb2 break responses used by a server to break an oplock
these unsolicited responses are sent with a commandseqnum of -1 so mark these in the header as unsolicited as well
svn path=/trunk/; revision=17820
if the secblob starts with 'NTLMSSP' call the ntlmssp handle directly and not the gssapi one
ntlmssp:
dont change offset when dissecting a client_time, offset will be changed properly later outside the switch.
svn path=/trunk/; revision=17215
If the P bit is NOT set, then flag the PID field as "(not valid)"
Sicne the TID might be undefined/0 in the response to a "pending" read
we cant use that solely to determine if a read was for a named/pipe (==dcerpc)
Assume that only NamedPipe reads can be STATUS_PENDING and thus have the P bit set and assume it IS dcerpc if the P bit is set.
svn path=/trunk/; revision=17197