Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Make the NTLMSSP Unknown message type string more explicit

From: Richard Sharpe <realrichardsharpe@xxxxxxxxx>
Date: Sat, 14 Jul 2012 10:53:04 -0700
Hi folks,

One problem I saw at Sharkfest was that the NTLMSSP dissector was
printing UNKNOWN message type on the info field, which was being
confused as an Unknown SMB2 message type by the presenter.

This makes it more explicit:

Index: epan/dissectors/packet-ntlmssp.c
===================================================================
--- epan/dissectors/packet-ntlmssp.c	(revision 43690)
+++ epan/dissectors/packet-ntlmssp.c	(working copy)
@@ -2173,7 +2173,7 @@
     col_append_sep_fstr(pinfo->cinfo, COL_INFO, ", ","%s",
                     val_to_str(ntlmssph->type,
                                ntlmssp_message_types,
-                               "Unknown message type"));
+                               "Unknown NTLMSSP message type"));

     /* Call the appropriate dissector based on the Message Type */
     switch (ntlmssph->type) {


-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)