diff options
| author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2011-09-10 11:04:42 +0000 |
|---|---|---|
| committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2011-09-10 11:04:42 +0000 |
| commit | c8edaa4b36f9071f24ccf2d7cb09a081c013caf2 (patch) | |
| tree | 9f207eb69e91be3261b34e474b0e794fd9f6c19e /epan/dissectors/packet-dcerpc-mgmt.c | |
| parent | 98cc920265464e9773facdd32b7e166244e5b3e4 (diff) | |
DCE/RPC MGMT: Add dissection of INQ_PRINC_NAME procedure
From: Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=38957
Diffstat (limited to 'epan/dissectors/packet-dcerpc-mgmt.c')
| -rw-r--r-- | epan/dissectors/packet-dcerpc-mgmt.c | 51 |
1 files changed, 44 insertions, 7 deletions
diff --git a/epan/dissectors/packet-dcerpc-mgmt.c b/epan/dissectors/packet-dcerpc-mgmt.c index 1a1afd5ec8..f9e174919a 100644 --- a/epan/dissectors/packet-dcerpc-mgmt.c +++ b/epan/dissectors/packet-dcerpc-mgmt.c @@ -1,6 +1,7 @@ /* packet-dcerpc-mgmt.c * Routines for dcerpc mgmt dissection * Copyright 2001, Todd Sabin <tas@webspan.net> + * Copyright 2011, Matthieu Patou <mat@matws.net> * * $Id$ * @@ -26,39 +27,75 @@ #ifdef HAVE_CONFIG_H #include "config.h" #endif - +#include <stdio.h> #include <glib.h> #include <epan/packet.h> #include "packet-dcerpc.h" +#include "packet-dcerpc-nt.h" static int proto_mgmt = -1; -static int hf_opnum = -1; - +static int hf_mgmt_opnum = -1; +static int hf_mgmt_proto = -1; +static int hf_mgmt_rc = -1; +static int hf_mgmt_princ_size = -1; +static int hf_mgmt_princ_name = -1; static gint ett_mgmt = -1; static e_uuid_t uuid_mgmt = { 0xafa8bd80, 0x7d8a, 0x11c9, { 0xbe, 0xf4, 0x08, 0x00, 0x2b, 0x10, 0x29, 0x89 } }; static guint16 ver_mgmt = 1; +static int +mgmtrpc_dissect_inq_princ_name_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_) +{ + + offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, drep, + sizeof(guint8), hf_mgmt_princ_name, TRUE, NULL); + + offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep, hf_mgmt_rc, NULL); + + + return offset; +} +static int +mgmtrpc_dissect_inq_princ_name_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_) +{ + offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf_mgmt_proto, NULL); + offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf_mgmt_princ_size, NULL); + return offset; +} + + static dcerpc_sub_dissector mgmt_dissectors[] = { { 0, "rpc__mgmt_inq_if_ids", NULL, NULL }, { 1, "rpc__mgmt_inq_stats", NULL, NULL }, { 2, "rpc__mgmt_is_server_listening", NULL, NULL }, { 3, "rpc__mgmt_stop_server_listening", NULL, NULL }, - { 4, "rpc__mgmt_inq_princ_name", NULL, NULL }, + { 4, "rpc__mgmt_inq_princ_name", mgmtrpc_dissect_inq_princ_name_request, mgmtrpc_dissect_inq_princ_name_response}, { 0, NULL, NULL, NULL } }; - void proto_register_mgmt (void) { static hf_register_info hf[] = { - { &hf_opnum, + { &hf_mgmt_opnum, { "Operation", "mgmt.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, + { &hf_mgmt_proto, + {"Authn Proto", "mgmt.proto", FT_UINT32, BASE_HEX, + NULL, 0x0, "Authn Proto", HFILL }}, + { &hf_mgmt_princ_name, + {"Principal name", "mgmt.princ_name", FT_STRING, BASE_NONE, + NULL, 0, "Principal name", HFILL }}, + { &hf_mgmt_princ_size, + {"Principal size", "mgmt.princ_size", FT_UINT32, BASE_DEC, + NULL, 0x0, "Size of principal", HFILL }}, + { &hf_mgmt_rc, + {"Status", "mgmt.rc", FT_UINT32, BASE_HEX, + NULL, 0x0, "Status", HFILL }}, }; static gint *ett[] = { @@ -73,5 +110,5 @@ void proto_reg_handoff_mgmt (void) { /* Register the protocol as dcerpc */ - dcerpc_init_uuid (proto_mgmt, ett_mgmt, &uuid_mgmt, ver_mgmt, mgmt_dissectors, hf_opnum); + dcerpc_init_uuid (proto_mgmt, ett_mgmt, &uuid_mgmt, ver_mgmt, mgmt_dissectors, hf_mgmt_opnum); } |