smb/dce_iface: use DCERPC_TYPE_REQUEST

The smb dce_iface keyword must match for all those dcerpc requests and
responses sent in the context of the given interface. They are not
matching because in rs_smb_tx_get_dce_iface, x.req_cmd is erroneously
compared with 1. Fix this by comparing with DCERPC_TYPE_REQUEST instead.

Ticket: 4767

diff --git a/rust/src/smb/detect.rs b/rust/src/smb/detect.rs
index 1c77d74608479e60aeea2316b6212b1f6c632290..a6e1560a1a08a2aae6bb490a37f500ee6c2f606b 100644 (file)
--- a/rust/src/smb/detect.rs
+++ b/rust/src/smb/detect.rs
@@ -173,7 +173,9 @@ pub extern "C" fn rs_smb_tx_get_dce_iface(state: &mut SMBState,
     let if_op = dce_data.op;
     let if_version = dce_data.version;
     let is_dcerpc_request = match tx.type_data {
-        Some(SMBTransactionTypeData::DCERPC(ref x)) => { x.req_cmd == 1 },
+        Some(SMBTransactionTypeData::DCERPC(ref x)) => {
+            x.req_cmd == DCERPC_TYPE_REQUEST
+        },
         _ => { false },
     };
     if !is_dcerpc_request {