Ethereal-dev: Re: [Ethereal-dev] Novell NDS decodes

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxx>
Date: Wed, 9 Oct 2002 19:58:46 -0700
On Fri, Sep 20, 2002 at 10:59:47AM -0600, Greg Morris wrote:
> Please see attached diffs for most NDS decodes. I am still working on
> the rest but I wanted to get my work to date submitted for review. I
> know there is more then likely a lot of cleanup that can be done but I
> haven't taken the time yet. Please let me know what you think, 
> 
> Index: packet-ncp.c
> ===================================================================
> RCS file: /cvsroot/ethereal/packet-ncp.c,v
> retrieving revision 1.68
> diff -r1.68 packet-ncp.c

	...

> 405,417c435,458
> < 		if (tvb_get_guint8(tvb, commhdr+6) == 0x68) {
> < 			ncp_nds_verb = tvb_get_ntohl(tvb, commhdr+4);
> < 			if (tvb_get_guint8(tvb, commhdr+7) == 0x02) {  /* NDS Packet to decode */
> < 				dissect_nds_request(next_tvb, pinfo, nw_connection,
> < 				    header.sequence, header.type, ncp_tree);
> < 			} else {
> < 				dissect_ncp_request(next_tvb, pinfo, nw_connection,
> < 				    header.sequence, header.type, ncp_tree);
> < 			}
> < 		} else {
> < 			dissect_ncp_request(next_tvb, pinfo, nw_connection,
> < 			    header.sequence, header.type, ncp_tree);
> < 		}
> ---
> >         if (tvb_get_guint8(tvb, commhdr+6)==0x68) {
> >             ncp_nds_verb = tvb_get_ntohl(tvb, commhdr+4);
> >             if (tvb_get_guint8(tvb, commhdr+7)==0x02) {  /* NDS Frag Packet to decode */
> >                 dissect_nds_request(next_tvb, pinfo, nw_connection, 
> >                     header.sequence, header.type, ncp_tree);
> >             }
> >             else 
> >             {
> >                 if(tvb_get_guint8(tvb, commhdr+7)==0x01) { /* NDS Ping */
> >                     dissect_ping_req(next_tvb, pinfo, nw_connection,
> >                         header.sequence, header.type, ncp_tree);
> >                 }
> >                 else
> >                 {
> >                     dissect_ncp_request(next_tvb, pinfo, nw_connection,
> >                         header.sequence, header.type, ncp_tree);
> >                 }
> >             }
> >         }
> >         else
> >         {
> >         dissect_ncp_request(next_tvb, pinfo, nw_connection,
> > 			header.sequence, header.type, ncp_tree);
> >         }

According to the page at

	http://developer.novell.com/ndk/doc/ncp/index.html?page=/ndk/doc/ncp/ncp__enu/data/a1wfz7x.html

an NDS Ping request's request header doesn't have anything in it other
than a function code, a subfunction code, and 3 reserved bytes.

According to at least one capture I've seen, that page is correct -
there *isn't* anything in the NDS Ping after the subfunction code.

"dissect_ping_req()" assumes there's a pile of additional stuff in the
packet, but that stuff doesn't appear to be there, so it doesn't look as
if it's correct to call "dissect_ping_req()" in that case.