From f42d6526dd9bf727b8d963b0bf6ce95732489faa Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Sat, 3 Mar 2012 02:12:56 +0100 Subject: [PATCH] smb2-dissector: learn the "REPLAY_OPERATION" flag --- epan/dissectors/packet-smb2.c | 10 ++++++++++ epan/dissectors/packet-smb2.h | 1 + 2 files changed, 11 insertions(+) diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c index a6725c603d..83176aa78b 100644 --- a/epan/dissectors/packet-smb2.c +++ b/epan/dissectors/packet-smb2.c @@ -68,6 +68,7 @@ static int hf_smb2_flags_async_cmd = -1; static int hf_smb2_flags_dfs_op = -1; static int hf_smb2_flags_chained = -1; static int hf_smb2_flags_signature = -1; +static int hf_smb2_flags_replay_operation = -1; static int hf_smb2_chain_offset = -1; static int hf_smb2_security_blob = -1; static int hf_smb2_ioctl_in_data = -1; @@ -852,6 +853,11 @@ static const true_false_string tfs_flags_signature = { "This pdu is NOT signed" }; +static const true_false_string tfs_flags_replay_operation = { + "This is a REPLAY OPEARATION", + "This is NOT a replay operation" +}; + static const true_false_string tfs_cap_dfs = { "This host supports DFS", "This host does NOT support DFS" @@ -6331,6 +6337,7 @@ dissect_smb2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, gboolea "Flags: 0x%08x", si->flags); flags_tree = proto_item_add_subtree(flags_item, ett_smb2_flags); } + proto_tree_add_boolean(flags_tree, hf_smb2_flags_replay_operation, tvb, offset, 4, si->flags); proto_tree_add_boolean(flags_tree, hf_smb2_flags_dfs_op, tvb, offset, 4, si->flags); proto_tree_add_boolean(flags_tree, hf_smb2_flags_signature, tvb, offset, 4, si->flags); proto_tree_add_boolean(flags_tree, hf_smb2_flags_chained, tvb, offset, 4, si->flags); @@ -6577,6 +6584,9 @@ proto_register_smb2(void) { &hf_smb2_flags_signature, { "Signing", "smb2.flags.signature", FT_BOOLEAN, 32, TFS(&tfs_flags_signature), SMB2_FLAGS_SIGNATURE, "Whether the pdu is signed or not", HFILL }}, + { &hf_smb2_flags_replay_operation, + { "Replay operation", "smb2.flags.replay", FT_BOOLEAN, 32, + TFS(&tfs_flags_replay_operation), SMB2_FLAGS_REPLAY_OPERATION, "Whether this is a replay operation", HFILL }}, { &hf_smb2_tree, { "Tree", "smb2.tree", FT_STRING, BASE_NONE, NULL, 0, "Name of the Tree/Share", HFILL }}, diff --git a/epan/dissectors/packet-smb2.h b/epan/dissectors/packet-smb2.h index 6648c6df25..25b4c3d451 100644 --- a/epan/dissectors/packet-smb2.h +++ b/epan/dissectors/packet-smb2.h @@ -92,6 +92,7 @@ typedef struct _smb2_conv_info_t { #define SMB2_FLAGS_CHAINED 0x00000004 #define SMB2_FLAGS_SIGNATURE 0x00000008 #define SMB2_FLAGS_DFS_OP 0x10000000 +#define SMB2_FLAGS_REPLAY_OPERATION 0x20000000 typedef struct _smb2_info_t { guint16 opcode; guint32 ioctl_function; -- 2.34.1