diff options
author | Guy Harris <guy@alum.mit.edu> | 2001-11-27 09:27:29 +0000 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2001-11-27 09:27:29 +0000 |
commit | 5ebf118bf33ca1eb7e3e085df1c069595478af7e (patch) | |
tree | 0a4efcbd14f10c115924687ece73097c1c0b9405 /packet-dcerpc-ndr.c | |
parent | 425fce6e925538a36c1c4363e173599127b39dc2 (diff) |
From Todd Sabin:
o Modifies the dcerpc handoff to subdissectors slightly. It
also needs to pass the data representation to the
subdissector. Also, if no subdissector is found, it puts a
"Stub data" entry in the tree.
o Adds optional TCP desegmentation to the dcerpc layer. Note
that dcerpc has it's own ability to fragment PDUs. This isn't
for dealing with that, but with the case of a single PDU being
broken over more than one TCP segment.
o Adds a little bit of dissection to packet-dcerpc-epm.c.
Mainly just proof of concept for the dcerpc handoff stuff.
(Writing this is how I realized the need for the drep.)
o Adds packet-dcerpc-ndr.c, which will contain NDR dissection
routines for use by subdissectors.
Also, support added for multiple PDUs per segment for DCERPC-over-TCP
(and, potentially, other byte-stream transports).
svn path=/trunk/; revision=4285
Diffstat (limited to 'packet-dcerpc-ndr.c')
-rw-r--r-- | packet-dcerpc-ndr.c | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/packet-dcerpc-ndr.c b/packet-dcerpc-ndr.c new file mode 100644 index 0000000000..1db0672b6e --- /dev/null +++ b/packet-dcerpc-ndr.c @@ -0,0 +1,108 @@ +/* packet-dcerpc-ndr.c + * Routines for DCERPC NDR dissection + * Copyright 2001, Todd Sabin <tas@webspan.net> + * + * $Id: packet-dcerpc-ndr.c,v 1.1 2001/11/27 09:27:29 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> +#include <ctype.h> + +#include <glib.h> +#include "packet.h" +#include "packet-dcerpc.h" + + +/* + * The NDR routines are for use by dcerpc subdissetors. They're + * primarily for making sure things are aligned properly according + * to the rules of NDR. + */ + +int +dissect_ndr_uint8 (tvbuff_t *tvb, gint offset, packet_info *pinfo, + proto_tree *tree, char *drep, + int hfindex, guint8 *pdata) +{ + /* no alignment needed */ + return dissect_dcerpc_uint8 (tvb, offset, pinfo, + tree, drep, hfindex, pdata); +} + +int +dissect_ndr_uint16 (tvbuff_t *tvb, gint offset, packet_info *pinfo, + proto_tree *tree, char *drep, + int hfindex, guint16 *pdata) +{ + if (offset % 2) { + offset++; + } + return dissect_dcerpc_uint16 (tvb, offset, pinfo, + tree, drep, hfindex, pdata); +} + +int +dissect_ndr_uint32 (tvbuff_t *tvb, gint offset, packet_info *pinfo, + proto_tree *tree, char *drep, + int hfindex, guint32 *pdata) +{ + if (offset % 4) { + offset += 4 - (offset % 4); + } + return dissect_dcerpc_uint32 (tvb, offset, pinfo, + tree, drep, hfindex, pdata); +} + +int +dissect_ndr_uuid_t (tvbuff_t *tvb, gint offset, packet_info *pinfo, + proto_tree *tree, char *drep, + int hfindex, e_uuid_t *pdata) +{ + e_uuid_t uuid; + + /* uuid's are aligned to 4 bytes, due to initial uint32 in struct */ + if (offset % 4) { + offset += 4 - (offset % 4); + } + dcerpc_tvb_get_uuid (tvb, offset, drep, &uuid); + if (tree) { + proto_tree_add_string_format (tree, hfindex, tvb, offset, 16, "", + "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + uuid.Data1, uuid.Data2, uuid.Data3, + uuid.Data4[0], uuid.Data4[1], + uuid.Data4[2], uuid.Data4[3], + uuid.Data4[4], uuid.Data4[5], + uuid.Data4[6], uuid.Data4[7]); + } + if (pdata) { + *pdata = uuid; + } + return offset + 16; +} + |