checked in
On 9/27/06, Stephen Fisher <stephentfisher@xxxxxxxxx> wrote:
On Fri, Sep 22, 2006 at 02:42:10PM -0700, Stephen Fisher wrote:
> I have figured out one of the fields in the MAPI
> EcRRegisterPushNotification packet. The field is a UDP port number
> that the client wants the Exchange server to send new mail
> notifications on. These notifications are on a port > 1023 and are
> always 8 bytes long.
Here is a patch to add this functionality. It displays the notification
port and the notification payload (not sure what the payload itself
means yet). It also dynamically registers each notification port found
with a new dissector (that I called newmail for lack of a better name -
I'm open to suggestions) that displays the notification payload. This
is all undocumented by Microsoft in their usual fashion.
I also changed the code to always display the mapi.opnum field;
currently, the mapi.opnum is only displayed when the
dcerpc_mapi_dissector is null.
Steve
