On Tue, 2009-02-24 at 12:13 -0800, Harsha wrote: > Hi all, > > I just started looking into openchange and first want to thank all the > contributors for giving us openchange and the related projects. > > As a first step to contributing to the mapiproxy project, I'm reading > documents on openchange.org and MS Specifications. I have worked on > CIFS in the past and would like to take a similar approach of looking > at the packet captures simultaneously. So my question to the list is > suggestions for looking into the packet captures. I looked at > Wireshark support for MAPI here - > http://www.wireshark.org/docs/dfref/m/mapi.html > Looks like thre are not many fields supported yet (I'm hoping to > contribute to Wireshark as I go along).
Hi Harsha, I would suggest to directly browse the MAPI dissector code [1]. The dissector code is a bit old (never really had time to update it), but should be a good start for further contributions. Also, I'd suggest you to run mapiproxy [2] in the middle of Outlook/Exchange with the downgrade module enabled so Outlook will be forced to downgrade to EcDoConnect/EcDoRpc and avoid using EcDoConnectEx/EcDoRpcExt2 with compression. Finally if you set mapiproxy binding string parameter with [print] flag, you'll have all MAPI traffic decoded properly and dumped on stdout. Within the same order idea, you may want to try mapitrace tool[3] available in trunk and possibly look at openchange tools to understand MAPI semantics. [1] http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/pidl/mapi/ [2] http://mapiproxy.openchange.org [3] http://wiki.openchange.org/index.php/MAPITRACE Cheers, Julien. -- Julien Kerihuel [email protected] OpenChange Project Manager GPG Fingerprint: 0B55 783D A781 6329 108A B609 7EF6 FE11 A35F 1F79
signature.asc
Description: This is a digitally signed message part
_______________________________________________ devel mailing list [email protected] http://mailman.openchange.org/listinfo/devel
