>From 12a67dd3aef2ab4c1936a9576b241f58dfee7669 Mon Sep 17 00:00:00 2001
From: Matthieu Patou <mat@matws.net>
Date: Tue, 1 Oct 2013 12:04:02 -0700
Subject: [PATCH 07/11] pidl-wireshark: add the type dom_sid28 and call ad-hoc
 dissector

Signed-off-by: Matthieu Patou <mat@matws.net>
---
 pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
index 696241d..83ab3ef 100644
--- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
+++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
@@ -1031,6 +1031,12 @@ sub Initialize($$)
 	$self->register_type("NTTIME_hyper", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);","FT_ABSOLUTE_TIME", "ABSOLUTE_TIME_LOCAL", 0, "NULL", 4);
 	$self->register_type("time_t", "offset = dissect_ndr_time_t(tvb, offset, pinfo,tree, drep, \@HF\@, NULL);","FT_ABSOLUTE_TIME", "ABSOLUTE_TIME_LOCAL", 0, "NULL", 4);
 	$self->register_type("NTTIME_1sec", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);", "FT_ABSOLUTE_TIME", "ABSOLUTE_TIME_LOCAL", 0, "NULL", 4);
+	$self->register_type("dom_sid28", "
+		dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
+		di->hf_index = \@HF\@;
+
+		offset = dissect_ndr_nt_SID28(tvb, offset, pinfo, tree, drep);",
+		"FT_STRING", "BASE_NONE", 0, "NULL", 4);
 	$self->register_type("SID", "
 		dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
 
-- 
1.8.1.2