Tim Potter [Fri, 21 Feb 2003 00:19:02 +0000 (00:19 -0000)]
Apparently bit 0x80 of a SAMR domain handle is the permission to look
up alias members.
svn path=/trunk/; revision=7178
Guy Harris [Fri, 21 Feb 2003 00:11:31 +0000 (00:11 -0000)]
Don't return a success/failure value from a function if we're not going
to check the value, or if we always return "success".
Have "dissect_cops_object()" check for a bogus object length and give
up, returning an error indication, if it gets one. Also don't store the
object length in a guint16, as we might round it up to a multiple of 4,
and if it's 65535, it gets rounded up to 0, not 65536, if it's 16 bits
long.
Have "dissect_cops_pr_objects()" check for a bogus object length and
give up if it gets one. Also don't store the object length in a
guint16, as we might round it up to a multiple of 4, and if it's 65535,
it gets rounded up to 0, not 65536, if it's 16 bits long.
If "dissect_cops_object()" returns a "bogus length" indication, stop
dissecting.
If we've fetched a value, don't fetch it again to pass it to
"proto_tree_add_uint()". If we haven't fetched the value, don't fetch
it to pass it to "proto_tree_add_uint()", use "proto_tree_add_item()".
svn path=/trunk/; revision=7177
Jörg Mayer [Thu, 20 Feb 2003 12:04:11 +0000 (12:04 -0000)]
Move packet-c into alphabetically correct posision in Makefile.*
Remove comma after last element in enum.
svn path=/trunk/; revision=7176
Guy Harris [Thu, 20 Feb 2003 07:55:00 +0000 (07:55 -0000)]
At least in regular SMB Browse and RAP messages, the server type mask is
not guaranteed to be aligned on a 4-byte boundary, so, if we're not
dissecting a DCE RPC request or reply, don't use "dissect_ndr_uint32()"
to extract the access mask.
svn path=/trunk/; revision=7175
Guy Harris [Thu, 20 Feb 2003 04:42:08 +0000 (04:42 -0000)]
Updates from Devin Heitmueller to add a framework to handle TLVs, and to
handle "oncoming buddy" and "signon" TLVs.
svn path=/trunk/; revision=7174
Guy Harris [Wed, 19 Feb 2003 22:09:03 +0000 (22:09 -0000)]
Don't try to put the policy handle name into the Info column if we don't
have a policy handle name.
svn path=/trunk/; revision=7173
Guy Harris [Wed, 19 Feb 2003 21:47:46 +0000 (21:47 -0000)]
Updates from Greg Morris:
1. Added a number of NCP Error return values.
2. Added ability to pass byte strings to summary window.
3. Modified file NCP's to reflect file handle in summary window.
4. Changed all NCP's using QueueID from big endian to little endian.
This is different from Novell's NCP documentation but matches same
information obtained from NDS dissector.
5. Added over 50 more NDS error return values.
6. Partially fixed NDS Request verb 6 (Search Entries)
svn path=/trunk/; revision=7172
Guy Harris [Tue, 18 Feb 2003 21:47:56 +0000 (21:47 -0000)]
From Brad Hards: initial rsync support.
svn path=/trunk/; revision=7171
Laurent Deniel [Tue, 18 Feb 2003 21:47:01 +0000 (21:47 -0000)]
Remove hidden hf_rpl_type field from top level tree and add it to
rpl_tree subtree since this produces some weird thing like abort
in "Protocol Hierarchy Statistics".
svn path=/trunk/; revision=7170
Guy Harris [Tue, 18 Feb 2003 21:37:53 +0000 (21:37 -0000)]
From Didier Gautheron: fix desegmentation code to handle sequence number
overflow.
svn path=/trunk/; revision=7169
Guy Harris [Tue, 18 Feb 2003 21:29:53 +0000 (21:29 -0000)]
From Martijn Schipper: fix the tag for the 802.11g ERP Information field
to match draft 6.1 of the 802.11g spec.
svn path=/trunk/; revision=7168
Guy Harris [Tue, 18 Feb 2003 19:59:00 +0000 (19:59 -0000)]
Sigh. It appears that atmsnoop might, at least for some packets, put 4
bytes of padding into the packet (possibly more, as if it's putting
extra stuff in the padding as Shomiti/Finisar Surveyor does, it might be
up to 7). Fortunately, Surveyor puts lots of stuff into the padding, so
we'll crank up the "snoop vs. Surveyor" check to look for 4 or more
bytes.
svn path=/trunk/; revision=7167
Michael Tüxen [Tue, 18 Feb 2003 19:48:31 +0000 (19:48 -0000)]
Fixed a bug in the calculation of number of routing contexts.
svn path=/trunk/; revision=7166
Jörg Mayer [Tue, 18 Feb 2003 11:27:50 +0000 (11:27 -0000)]
Update to version Feb, 9th
svn path=/trunk/; revision=7165
Jörg Mayer [Tue, 18 Feb 2003 11:24:19 +0000 (11:24 -0000)]
Turn off -x
svn path=/trunk/; revision=7164
Guy Harris [Tue, 18 Feb 2003 02:24:51 +0000 (02:24 -0000)]
Add a function to dissect service contexts whose values don't
necessarily use the section 15.3.3 encapsulation rules, and use that to
dissect service contexts with unknown IDs.
svn path=/trunk/; revision=7163
Guy Harris [Tue, 18 Feb 2003 02:03:29 +0000 (02:03 -0000)]
Add a dissector for the CodeSets service context.
Pass "encapsulation_boundary", not "seqlen_cd", as the boundary argument
to the dissector for RTCorbaPriority.
svn path=/trunk/; revision=7162
Olivier Abad [Mon, 17 Feb 2003 21:08:37 +0000 (21:08 -0000)]
In gtk2, the "changed" signal is sent by the GtkTreeSelection, not the
GtkTreeView.
svn path=/trunk/; revision=7161
Richard Sharpe [Mon, 17 Feb 2003 17:32:59 +0000 (17:32 -0000)]
Small explanation for why MS created their own KRB5 OID value.
svn path=/trunk/; revision=7160
Olivier Abad [Mon, 17 Feb 2003 07:50:49 +0000 (07:50 -0000)]
In gtk2 code, replace gdk_string_width() with the "Pango" way of
computing strings width and height.
svn path=/trunk/; revision=7159
Tim Potter [Mon, 17 Feb 2003 01:59:39 +0000 (01:59 -0000)]
Dissect the server type bitfield in NetServerGetInfo for SERVER_INFO_101
and SERVER_INFO_102.
Modify all callers to use the new interface.
svn path=/trunk/; revision=7158
Laurent Deniel [Sun, 16 Feb 2003 20:55:10 +0000 (20:55 -0000)]
According to ITU/X.25 (refer to table G.2), only the bits 1 to 6
represent the number of semi-octets in the calling/called address
extension facility. So bits 7 and 8 shall be masked.
This fix avoids an incorrect detection of malformed packets.
svn path=/trunk/; revision=7157
Guy Harris [Sat, 15 Feb 2003 08:24:52 +0000 (08:24 -0000)]
Fix a comment to more accurately describe what the statement following
it does.
svn path=/trunk/; revision=7156
Jörg Mayer [Sat, 15 Feb 2003 03:17:17 +0000 (03:17 -0000)]
Comment out usage for obsolete configure args support
svn path=/trunk/; revision=7155
Guy Harris [Fri, 14 Feb 2003 19:51:54 +0000 (19:51 -0000)]
From Mike Frisch: add support for zero-length file handles (such as the
WebNFS root file handle).
svn path=/trunk/; revision=7154
Guy Harris [Fri, 14 Feb 2003 19:39:54 +0000 (19:39 -0000)]
From Olivier Biot:
- Move all static definitions from packet-wbxml.h to packet-wbxml.c
- Comment out inclusion of packet-wbxml.h in packet-wbxml.c
- Append WBXML + version + public ID to the Info column
Then, while we're at it, get rid of packet-wbxml.h (we can reinstate it
if there's any functionality to export other than the dissector) and get
rid of the include of packet-wbxml.h (and update comments not to refer
to it).
svn path=/trunk/; revision=7153
Guy Harris [Fri, 14 Feb 2003 07:20:40 +0000 (07:20 -0000)]
From Brad Hards: put the XID into the protocol tree with a length of 2,
and fix some typos in field names.
svn path=/trunk/; revision=7152
Guy Harris [Fri, 14 Feb 2003 07:14:18 +0000 (07:14 -0000)]
Don't have "decode_UnknownServiceContext()" put the service context
ID subfields into the tree - do that in "decode_ServiceContextList()",
and put them under the item for the entire service context ID. Given
that, we don't need to pass it the encapsulation byte order and
alignment information, either.
Don't have it fetch the sequence length, either; just pass it the
sequence length as an argument.
When we create an item for the service context ID, get a string for the
service context name based on the entire service context ID, not just on
the SCID.
After dissecting the service context data, advance the offset to point
past the end of the context_data.
svn path=/trunk/; revision=7151
Tim Potter [Fri, 14 Feb 2003 06:23:45 +0000 (06:23 -0000)]
More cleanups - nearly done!
svn path=/trunk/; revision=7150
Tim Potter [Fri, 14 Feb 2003 06:21:30 +0000 (06:21 -0000)]
Move some constants here from packet-dcerpc-spoolss.c
svn path=/trunk/; revision=7149
Tim Potter [Fri, 14 Feb 2003 06:19:54 +0000 (06:19 -0000)]
Display the policy handle name in COL_INFO for the ClosePolicy RPC.
Change the policy names slightly so they look nicer.
svn path=/trunk/; revision=7148
Tim Potter [Fri, 14 Feb 2003 06:17:20 +0000 (06:17 -0000)]
Display user name in COL_INFO for ServerAuthenticate2 request.
Add note about putting DOMAIN\Username in COL_INFO when dissecting
LOGIN_IDENTITY_INFO (part of SamLogon RPC).
svn path=/trunk/; revision=7147
Tim Potter [Fri, 14 Feb 2003 06:14:27 +0000 (06:14 -0000)]
Put info level in COL_INFO for DsRoleGetDomInfo RPC.
svn path=/trunk/; revision=7146
Guy Harris [Fri, 14 Feb 2003 05:00:05 +0000 (05:00 -0000)]
From Didier Gautheron:
further fixes to the TCP graph code's cross handling;
fix to sequence number overflow problems.
svn path=/trunk/; revision=7145
Guy Harris [Fri, 14 Feb 2003 04:54:47 +0000 (04:54 -0000)]
Properly set the ACE type in the summary line for an ACE - and, while
we're at it, avoid going past the end of a packet. Put the ACE type's
hex value into that line if it's an unknown type.
svn path=/trunk/; revision=7144
Guy Harris [Fri, 14 Feb 2003 01:01:26 +0000 (01:01 -0000)]
From Olivier Biot: README.win32 updates for Cygwin.
svn path=/trunk/; revision=7143
Jörg Mayer [Thu, 13 Feb 2003 23:49:19 +0000 (23:49 -0000)]
Comment out unused variables
svn path=/trunk/; revision=7142
Guy Harris [Thu, 13 Feb 2003 23:18:59 +0000 (23:18 -0000)]
From Craig Rodrigues and Bernd Becker (merger of their patches, from
Craig):
- correct bitmask for hf_giop_iop_vscid and hf_giop_iop_scid,
reflecting the change to a 24bit vendor id and 8 bit service id
- set the length of the "Service Context List" tree correctly
after dissecting. The length was just being set to the end of
the tvb
- do not exit the loop through the Service Context List with
return if the sequence length is 0, continue the loop instead.
This should fix a problem reported by Mika Korpela.
(see
http://www.ethereal.com/lists/ethereal-dev/200205/msg00234.html)
svn path=/trunk/; revision=7141
Guy Harris [Thu, 13 Feb 2003 22:35:10 +0000 (22:35 -0000)]
Make doc/Makefile.nmake work in POSIXLY_CORRECT environment, as per
Santeri Paavolainen's changes to make doc/Makefile.am work in such an
environment.
Move the idl2eth rules above the mergecap rules, to match the way
doc/Makefile.am works.
svn path=/trunk/; revision=7140
Guy Harris [Thu, 13 Feb 2003 22:23:20 +0000 (22:23 -0000)]
From Santeri Paavolainen: fix for the following problems:
- BRR packets were incorrectly labeled as BE packets
- Pad1 options had their length handled incorrectly
svn path=/trunk/; revision=7139
Guy Harris [Thu, 13 Feb 2003 22:17:18 +0000 (22:17 -0000)]
From Didier Gautheron: fix up the handling of the cross.
svn path=/trunk/; revision=7138
Guy Harris [Thu, 13 Feb 2003 22:16:16 +0000 (22:16 -0000)]
From Olivier Biot:
Decoding of WML 1.0 and PROV 1.0.
Now the following content types are decoded and rendered:
- WML: 1.0, 1.1, 1.2, 1.3
- SI: 1.0
- SL: 1.0
- CO: 1.0
- PROV: 1.0
svn path=/trunk/; revision=7137
Jörg Mayer [Thu, 13 Feb 2003 22:00:53 +0000 (22:00 -0000)]
Mark pinfo parameter as unused
svn path=/trunk/; revision=7136
Guy Harris [Thu, 13 Feb 2003 08:29:19 +0000 (08:29 -0000)]
Put in a missing comma in a list of strings, so we don't get two strings
concatenated.
svn path=/trunk/; revision=7135
Guy Harris [Thu, 13 Feb 2003 03:05:14 +0000 (03:05 -0000)]
Fetch the time stamp into a gint32, as it's known to be 32 bits, and let
the call to "abs_time_secs_to_str()" convert it to a "time_t".
svn path=/trunk/; revision=7134
Guy Harris [Thu, 13 Feb 2003 02:47:50 +0000 (02:47 -0000)]
Cast "timeval" to "long", and print it with "%ld", to handle "time_t"
being an "int" or a "long".
svn path=/trunk/; revision=7133
Guy Harris [Thu, 13 Feb 2003 01:23:37 +0000 (01:23 -0000)]
From Craig Rodrigues: decode the priority value put into the service
context field by Real-time CORBA.
Update his e-mail address while we're at it.
svn path=/trunk/; revision=7132
Guy Harris [Thu, 13 Feb 2003 00:47:42 +0000 (00:47 -0000)]
From Jochen Friedrich:
Fixed handling of NLP header in SNA
XID handoff table for LLC, and XID dissection for SNA format 3
HPR optional segments in SNA
Most important control vectors in SNA
Route setup messages in SNA
Additional LLC DSAPs for SNA
svn path=/trunk/; revision=7131
Guy Harris [Wed, 12 Feb 2003 21:50:31 +0000 (21:50 -0000)]
From Didier Gautheron: add AFP3 setforkparam 64 bits parameters.
svn path=/trunk/; revision=7130
Guy Harris [Wed, 12 Feb 2003 21:46:15 +0000 (21:46 -0000)]
From Olivier Biot:
add string table parsing and displaying;
add registration to more content types;
LITERAL tag indentation fix;
add and a change in unrendered WBXML: from confusing "<Tag
0x37>" type display to "<Tag_0x37>" (and same in attribute
state).
svn path=/trunk/; revision=7129
Guy Harris [Wed, 12 Feb 2003 08:55:19 +0000 (08:55 -0000)]
From Santeri Paavolainen: make doc/Makefile.am work in POSIXLY_CORRECT
environment.
svn path=/trunk/; revision=7128
Guy Harris [Wed, 12 Feb 2003 08:36:48 +0000 (08:36 -0000)]
From Matthew Smart: partial NetFlow V9 support.
svn path=/trunk/; revision=7127
Guy Harris [Wed, 12 Feb 2003 01:17:07 +0000 (01:17 -0000)]
WBXML updates, and e-mail address update, from Olivier Biot.
svn path=/trunk/; revision=7126
Guy Harris [Wed, 12 Feb 2003 00:44:04 +0000 (00:44 -0000)]
Make the argument to "abs_time_secs_to_str()" a "time_t" - it's in ANSI
C, and it's the right thing to pass to "localtime()".
svn path=/trunk/; revision=7125
Guy Harris [Tue, 11 Feb 2003 19:42:38 +0000 (19:42 -0000)]
Add a "abs_time_secs_to_str()" routine that takes a UNIX time-since-the-
epoch-in-seconds value and converts it to a string.
Use that routine in the RADIUS dissector, rather than using "ctime()"
and "tzname[]" - "tzname[]" strings might contain non-ASCII characters,
which currently give the GTK+ 1.3[.x] used on Windows, and also, I
think, GTK+ 2.x, heartburn, as they expect UTF-8, not, for example, ISO
8859/1.
Fix the string length in "abs_time_to_str()".
svn path=/trunk/; revision=7124
Guy Harris [Tue, 11 Feb 2003 08:47:22 +0000 (08:47 -0000)]
The Novell Web site's information for Scan Directory Disk Space appears
to be correct; remove the comment about what was there not matching.
Note that the PropertyValue item in a Write Property Value request
should perhaps be omitted if MoreFlag isn't set (it appears to be
garbage if it's not set).
svn path=/trunk/; revision=7123
Tim Potter [Tue, 11 Feb 2003 04:33:24 +0000 (04:33 -0000)]
Decorate ACE items in an ACL with the SID and flag values.
svn path=/trunk/; revision=7122
Tim Potter [Tue, 11 Feb 2003 03:22:59 +0000 (03:22 -0000)]
More cleanups.
Added name parameter and add_subtree boolean to dissect_SYSTEM_TIME()
Decorate COL_INFO with changeid and notify information for print
notify RPCs.
svn path=/trunk/; revision=7121
Guy Harris [Tue, 11 Feb 2003 02:31:22 +0000 (02:31 -0000)]
Future releases of libpcap probably won't install <net/bpf.h>, so we
shouldn't require it to exist. Instead, as we're already checking
whether we can find <pcap.h> (which is the only thing we actually
include - we rely on it to include whatever BPF headers are necessary),
we print the big "are you sure you installed the development package?"
message if we don't find "pcap.h".
svn path=/trunk/; revision=7120
Guy Harris [Tue, 11 Feb 2003 02:18:27 +0000 (02:18 -0000)]
When putting the lowest-level protocol tree item in for a Unicode
string, use the "fake Unicode" value for it.
svn path=/trunk/; revision=7119
Guy Harris [Mon, 10 Feb 2003 23:45:56 +0000 (23:45 -0000)]
Decorate the top-level item for a PRIV_NAME_ARRAY with the privilege
names.
svn path=/trunk/; revision=7118
Guy Harris [Mon, 10 Feb 2003 23:34:49 +0000 (23:34 -0000)]
Boost the memory allocation so we can compile "help_dlg.c" which
includes "FAQ.include" as a giant string containing the entire FAQ.
svn path=/trunk/; revision=7117
Guy Harris [Mon, 10 Feb 2003 21:13:13 +0000 (21:13 -0000)]
Don't tell the resolver code that a given MAC address corresponds to a
given IP address if:
the MAC address is non-unicast, not just if it's broadcast;
the MAC address is all zeroes;
the IP address is all zeroes.
*Do* tell the resolver code that the target MAC address corresponds to
the target IP address in ARP replies, as long as none of the above are
true - replies are the packets most likely to contain interesting target
address information.
svn path=/trunk/; revision=7116
Guy Harris [Mon, 10 Feb 2003 19:21:25 +0000 (19:21 -0000)]
Note that one shouldn't put a comma after the last element of an enum.
svn path=/trunk/; revision=7115
Tim Potter [Mon, 10 Feb 2003 06:25:10 +0000 (06:25 -0000)]
In dissect_ndr_cvstring(), return string data even if tree == NULL.
svn path=/trunk/; revision=7114
Tim Potter [Mon, 10 Feb 2003 06:21:57 +0000 (06:21 -0000)]
Deleted dissect_unistr2() function - call dissect_ndr_cvstring() instead.
Hooray - I think that's the last of the spoolss specific string routines
cleaned up.
Cleanup of print notify dissections:
- rename hf variable names
- added 'job total bytes' and 'job bytes printed' filter fields
- fixed bug dissecting job notify data introduced when converting to NDR
routines
- add hidden values for notify data so that filtering on (say) printer
name brings up notify data that references it
- decorate some higher level print notify proto_items to make things look
pretty
Add printer name to ReplyOpenPrinter policy handle name.
svn path=/trunk/; revision=7113
Guy Harris [Mon, 10 Feb 2003 02:38:24 +0000 (02:38 -0000)]
Update some comments.
svn path=/trunk/; revision=7112
Tim Potter [Mon, 10 Feb 2003 02:11:36 +0000 (02:11 -0000)]
Cleanup of printer forms dissection:
- display more data in COL_INFO
- replaced per-RPC level fields with generic spoolss.form.level one
- put the form type value string into the hf initialisation instead
of displaying it by hand using proto_tree_add_text
- added hidden field for all forms RPCs (filter on spoolss.form to get
all form related RPCs)
- removed useless dissect_form_name() function
svn path=/trunk/; revision=7111
Tim Potter [Mon, 10 Feb 2003 02:07:15 +0000 (02:07 -0000)]
Use new format of dissect_ndr_cvstring() function.
svn path=/trunk/; revision=7110
Tim Potter [Mon, 10 Feb 2003 02:06:28 +0000 (02:06 -0000)]
Allow dissect_ndr_cvstring to return a malloced copy of the string.
svn path=/trunk/; revision=7109
Tim Potter [Mon, 10 Feb 2003 02:05:24 +0000 (02:05 -0000)]
Added a comment about the length argument to fake_unicode. It should be
the number of guint16's to convert from unicode.
Allow dissect_ndr_cvstring to return a malloced copy of the string.
svn path=/trunk/; revision=7108
Guy Harris [Sat, 8 Feb 2003 09:41:44 +0000 (09:41 -0000)]
Have "dissect_ndr_counted_string()" add 2, not 1, to its argument, as it
adds 2 levels to the tree. Fix calls to it not to add 1 for that level.
The NT and LM challenges in a NETWORK_INFO structure are opaque arrays
of bytes, not Unicode strings; dissect them as such, adding a new
routine "dissect_ndr_counted_byte_array()" for that purpose.
Get rid of some extra colons in names - the colon is put there if a
string is appended, so putting a colon in there explicitly gives double
colons.
Decorate some higher-level tree nodes with strings.
svn path=/trunk/; revision=7107
Guy Harris [Sat, 8 Feb 2003 08:55:13 +0000 (08:55 -0000)]
At least in regular SMB requests, the access mask in an ACE is not
guaranteed to be aligned on a 4-byte boundary, so, if we're not
dissecting an ACE from a DCE RPC request or reply, don't use
"dissect_ndr_uint32()" to extract the access mask. (Is it guaranteed to
be so aligned even if the ACE is part of a DCE RPC message? Or are ACLs
just opaque blobs from the point of view of DCE RPC?)
Use "%u", not "%d", to print unsigned quantities.
svn path=/trunk/; revision=7106
Guy Harris [Sat, 8 Feb 2003 06:25:35 +0000 (06:25 -0000)]
Update URLs for NCP documentation.
svn path=/trunk/; revision=7105
Guy Harris [Sat, 8 Feb 2003 05:32:10 +0000 (05:32 -0000)]
0xff00 is a valid completion code for Keyed Object Login requests.
svn path=/trunk/; revision=7104
Guy Harris [Sat, 8 Feb 2003 05:31:05 +0000 (05:31 -0000)]
Add a preference to control whether to attempt to un-mangle Linux
token-ring headers; sometimes a header might look mangled when it's not.
(It'd be nice if we could detect that from the capture file;
unfortunately, there are already both mangled Linux libpcap captures
and, presumably, un-mangled non-Linux libpcap captures with the same
DLT_ value.)
svn path=/trunk/; revision=7103
Guy Harris [Sat, 8 Feb 2003 05:05:17 +0000 (05:05 -0000)]
Make the request frame number field an FT_FRAMENUM.
0xff00 is a valid reply to "Get Name Space Information".
svn path=/trunk/; revision=7102
Guy Harris [Sat, 8 Feb 2003 04:34:38 +0000 (04:34 -0000)]
Fix a typo in the "Defined Name Spaces" field name.
Properly display the reply to a Get Name Space Information request -
there is a sequence of name space names, and a sequence of pairs of
{associated name space, data stream name}, and there are also sequences
of name space index numbers, but if we try to display anything after the
list of loaded name spaces, nothing gets displayed at all.
svn path=/trunk/; revision=7101
Gilbert Ramirez [Sat, 8 Feb 2003 04:22:37 +0000 (04:22 -0000)]
Provide a way for ftype modules to provide a string representation
of their value. Provide such a method for FT_BYTES, FT_UINT_BYTES,
and FT_ETHER. Have proto_alloc_dfilter_string() use the new methods.
This is part of a movement of ftype-related code out of proto.c and
into the ftype code. The immediate effect is that generated display
filters for long byte sequences don't incorrectly have trailing periods
("...") to indicate continuation.
svn path=/trunk/; revision=7100
Guy Harris [Sat, 8 Feb 2003 03:06:06 +0000 (03:06 -0000)]
The hour and minute fields of times go from 0 to 23 and 0 to 59, so
adding 1 to them is incorrect (and cannot possibly be correct, as that'd
rule out 0 as valid values, meaning nothing can ever happen in the first
hour after midnight or in the first minute after the hour).
svn path=/trunk/; revision=7099
Guy Harris [Sat, 8 Feb 2003 02:59:05 +0000 (02:59 -0000)]
Force the endianness of the dates and times in DirectoryInstance and
FileInstance to big-endian.
Those structures apparently contain a last access date rather than a
creation time.
svn path=/trunk/; revision=7098
Guy Harris [Fri, 7 Feb 2003 22:49:35 +0000 (22:49 -0000)]
Fix some comments.
svn path=/trunk/; revision=7097
Guy Harris [Fri, 7 Feb 2003 22:44:54 +0000 (22:44 -0000)]
Rename "dissect_ndr_char_string()" and "dissect_ndr_wchar_string()" to
"dissect_ndr_char_cvstring()" and "dissect_ndr_wchar_cvstring()", to
indicate that they're for conformant varying strings.
Rename "dissect_ndr_character_array()" to "dissect_ndr_cvstring()", to
indicate that it's for conformant varying strings.
svn path=/trunk/; revision=7096
Guy Harris [Fri, 7 Feb 2003 22:31:32 +0000 (22:31 -0000)]
Rename "dissect_ndr_char_array" and "disect_ndr_wchar_array" to
"dissect_ndr_char_string" and "dissect_ndr_wchar_string", to make it
clearer what it does.
svn path=/trunk/; revision=7095
Guy Harris [Fri, 7 Feb 2003 20:09:33 +0000 (20:09 -0000)]
From Thierry Pelle: updates (use the correct RFC 2472 term - "interface
identifier", not "interface token" - and print the octets of the
interface identifier with zero padding).
svn path=/trunk/; revision=7094
Guy Harris [Fri, 7 Feb 2003 19:57:19 +0000 (19:57 -0000)]
Thou Shalt Not Ever Make An Offset An 8-bit Quantity If Thou Art
Comparing It Against An 8-bit Or Longer Length To Make Sure It Doesn't
Go Past The Length, because if the length is 255, it can't ever go past
it as it'll overflow if it does.
svn path=/trunk/; revision=7093
Guy Harris [Fri, 7 Feb 2003 19:45:56 +0000 (19:45 -0000)]
Catch ReportedBoundsError when dissecting even non-encrypted stub data,
so that even if the stub data is bad, we still dissect and show the
verifier.
svn path=/trunk/; revision=7092
Guy Harris [Fri, 7 Feb 2003 08:56:12 +0000 (08:56 -0000)]
Fix a typo in the multiple-include protection in "packet-dcerpc-nt.h".
Rename "dissect_ndr_element_array()" to "dissect_ndr_character_array()",
move it out of "packet-dcerpc-nt.c" to "packet-dcerpc.c", and have it
use the standard DCE RPC array max count/offset/count fields rather than
their own private versions of those fields. Give it an option to create
a subtree, and an argument to specify the field to use for the actual
data buffer, and export it.
Move the routines for handling arrays of "char" and "wchar" as strings
out of "packet-dcerpc-nt.c" to "packet-dcerpc.c".
Add a routine to handle an array of "char" as an opaque blob of bytes.
Use "dissect_ndr_character_array()" to dissect character strings in MAPI
(the strings in question are ASCII, not Unicode), and use the routine to
handle an array of "char" as an opaque blob of bytes to dissect
encrypted data (again, it's bytes, not 16-bit quantities). Show them as
encrypted data, not unknown data.
Use "dissect_ndr_character_array()" to dissect a form name in
"dissect_form_name()" in the SPOOLSS dissector.
svn path=/trunk/; revision=7091
Guy Harris [Fri, 7 Feb 2003 08:37:13 +0000 (08:37 -0000)]
Decorate several layers of the tree with the account name in
"USER_INFO_21" and in "LOOKUP_NAMES".
svn path=/trunk/; revision=7090
Guy Harris [Fri, 7 Feb 2003 08:33:07 +0000 (08:33 -0000)]
Decorate the top-level items for the account name in
POLICY_ACCOUNT_DOMAIN_INFO and the domain in TRUSTED_DOMAIN with the
string.
svn path=/trunk/; revision=7089
Guy Harris [Fri, 7 Feb 2003 06:38:40 +0000 (06:38 -0000)]
Decorate the top-level tree items for "LSA_TRANSLATED_NAME" and an
"LSA_TRUST_INFORMATION" with the account name.
svn path=/trunk/; revision=7088
Tim Potter [Fri, 7 Feb 2003 06:04:28 +0000 (06:04 -0000)]
Fix callers to dissect_nt_sec_desc() to use new function interface.
Dissection of security descriptors in SPOOLSS RPC calls now display
the correct meaning of the specific access mask bits.
svn path=/trunk/; revision=7087
Tim Potter [Fri, 7 Feb 2003 06:01:49 +0000 (06:01 -0000)]
Move dissect_nt_access_mask() from packet-dcerpc-nt.c to packet-smb.c
Give dissect_nt_sec_desc() and dissect_nt_access_mask() a specific rights
function parameter for dissecting specific access rights.
Fix callers in packet-smb.c to use the new interface.
svn path=/trunk/; revision=7086
Gerald Combs [Fri, 7 Feb 2003 04:25:37 +0000 (04:25 -0000)]
Add the RFC 3203 FORCERENEW message type, as suggested by Suresh K.
svn path=/trunk/; revision=7085
Guy Harris [Thu, 6 Feb 2003 01:23:32 +0000 (01:23 -0000)]
From Olivier Biot: WBXML/WMLC support.
svn path=/trunk/; revision=7084
Guy Harris [Wed, 5 Feb 2003 20:52:48 +0000 (20:52 -0000)]
The "Subdirectory" bit in search attributes means "subdirectories only",
and in file attributes means "this is a subdirectory"; don't mix the
two.
The 1-byte and 2-byte search attributes appear to have the same bit
definitions (except, obviously, for those that are in the topmost byte).
svn path=/trunk/; revision=7083
Laurent Deniel [Wed, 5 Feb 2003 20:45:38 +0000 (20:45 -0000)]
- protect against multiple inclusion
- remove incorrect and unused definition
of tapping_is_active
svn path=/trunk/; revision=7082
Guy Harris [Wed, 5 Feb 2003 20:02:34 +0000 (20:02 -0000)]
Various XXXDirectoryID values always appear to be big-endian (including
the ones not specified as such when used), so declare them as such
rather than specifying them as such when used.
The SearchSequenceWord also appears to be big-endian.
Note that we're not cracking the bits of a DirectoryAttributes field.
The "Subdirectory" bit in search attributes is really "Subdirectories
Only", as in "just show me subdirectories".
Note some confusion about whether the bit numbers on the Novell Web site
for search attributes are bit numbers or bit flags.
Note that we appear to have gotten back attributes for a file rather
than a directory in at least one search that had "Subdirectories Only"
set - unless the problem is that the numbers in the Novell spec are bit
numbers rather than bit flags.
Update some items that claimed to have a 2-byte search attributes field
to have a 1-byte search attributes field instead, to match the spec on
the Novell site (of course, the spec could be wrong...).
svn path=/trunk/; revision=7081
Guy Harris [Wed, 5 Feb 2003 19:03:51 +0000 (19:03 -0000)]
An object of type 0x5555 is apparently a "Site Lock".
svn path=/trunk/; revision=7080
Guy Harris [Wed, 5 Feb 2003 08:06:40 +0000 (08:06 -0000)]
Sometimes the trace stuff doesn't appear in connect messages.
svn path=/trunk/; revision=7079