Hi Todd, list, Guy
TCP reassembly for DCERPC over TCP. Cool.
Guy, you did the pinfo.can_desegment stuff.
Now that DCERPC does TCP reassembly, could you please check how and when
can_desegment is set/clerared?
(I havnt looked into this yet but can do it if you dont remember of the top
of your head)
I think of the case where we have
TCP -> NBSS -> SMB -> DCERPC
TCP sets can_desegment, but this will be wrong when we hit the DCERPC layer.
Will the can_desegment flag still be set when we come up to DCERPC again
(through the
SMB layer) ? If so it will fail.
We must make sure NBSS will clear the can_desegment flag before it calls SMB
(or any other
protocol dissector)
If you doesnt have time, I will look into it tomorrow.
----- Original Message -----
From: "Todd Sabin" <tas@xxxxxxxxxxx>
To: <ethereal-dev@xxxxxxxxxxxx>
Sent: Monday, November 19, 2001 11:44 AM
Subject: [Ethereal-dev] a few things for dcerpc
>
> Here's a patch (and a new file) for some dcerpc stuff. It does the
> following:
>
> o Modifies the dcerpc handoff to subdissectors slightly. It also
> needs to pass the data representation to the subdissector. Also, if
> no subdissector is found, it puts a "Stub data" entry in the tree.
>
> o Adds optional TCP desegmentation to the dcerpc layer. Note that
> dcerpc has it's own ability to fragment PDUs. This isn't for dealing
> with that, but with the case of a single PDU being broken over more
> than one TCP segment.
>
> o Adds a little bit of dissection to packet-dcerpc-epm.c. Mainly just
> proof of concept for the dcerpc handoff stuff. (Writing this is how I
> realized the need for the drep.)
>
> o Adds packet-dcerpc-ndr.c, which will contain NDR dissection routines
> for use by subdissectors.
>
>
> Todd
>
>