diff options
author | Tim Potter <tpot@samba.org> | 2003-05-15 04:58:53 +0000 |
---|---|---|
committer | Tim Potter <tpot@samba.org> | 2003-05-15 04:58:53 +0000 |
commit | 2ef11527a339f147133d8c633715cfc59b44e447 (patch) | |
tree | 0c0426ed8e6afd02d57d4e583f70949b004806f1 /packet-dcerpc-netlogon.c | |
parent | 180e410bd47b8108f42b91535907e078377c25d2 (diff) |
Move dissection of NETLOGON secure channel auth verifier into
packet-dcerpc-netlogon.c
svn path=/trunk/; revision=7670
Diffstat (limited to 'packet-dcerpc-netlogon.c')
-rw-r--r-- | packet-dcerpc-netlogon.c | 64 |
1 files changed, 62 insertions, 2 deletions
diff --git a/packet-dcerpc-netlogon.c b/packet-dcerpc-netlogon.c index 218cdf4942..e2db33be78 100644 --- a/packet-dcerpc-netlogon.c +++ b/packet-dcerpc-netlogon.c @@ -3,7 +3,7 @@ * Copyright 2001,2003 Tim Potter <tpot@samba.org> * 2002 structure and command dissectors by Ronnie Sahlberg * - * $Id: packet-dcerpc-netlogon.c,v 1.79 2003/05/15 02:01:39 tpot Exp $ + * $Id: packet-dcerpc-netlogon.c,v 1.80 2003/05/15 04:58:53 tpot Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -5946,6 +5946,7 @@ static int hf_netlogon_secchan_bind_ack_unknown1 = -1; static int hf_netlogon_secchan_bind_ack_unknown2 = -1; static int hf_netlogon_secchan_bind_ack_unknown3 = -1; +static gint ett_secchan = -1; static gint ett_secchan_bind_creds = -1; static gint ett_secchan_bind_ack_creds = -1; @@ -6029,6 +6030,42 @@ int netlogon_dissect_secchan_bind_ack_creds(tvbuff_t *tvb, int offset, return offset; } +static int hf_netlogon_secchan = -1; +static int hf_netlogon_secchan_sig = -1; +static int hf_netlogon_secchan_unk = -1; +static int hf_netlogon_secchan_seq = -1; +static int hf_netlogon_secchan_nonce = -1; + +int netlogon_dissect_secchan_verf(tvbuff_t *tvb, int offset, + packet_info *pinfo _U_, proto_tree *tree, + char *drep _U_) +{ + proto_item *vf; + proto_tree *sec_chan_tree; + /* + * Create a new tree, and split into 4 components ... + */ + vf = proto_tree_add_item(tree, hf_netlogon_secchan, tvb, + offset, -1, FALSE); + sec_chan_tree = proto_item_add_subtree(vf, ett_secchan); + + proto_tree_add_item(sec_chan_tree, hf_netlogon_secchan_sig, tvb, + offset, 8, FALSE); + + proto_tree_add_item(sec_chan_tree, hf_netlogon_secchan_unk, tvb, + offset + 8, 8, FALSE); + + proto_tree_add_item(sec_chan_tree, hf_netlogon_secchan_seq, tvb, + offset + 16, 8, FALSE); + + proto_tree_add_item(sec_chan_tree, hf_netlogon_secchan_nonce, tvb, + offset + 24, 8, FALSE); + + return offset; +} + +/* Subdissectors */ + static dcerpc_sub_dissector dcerpc_netlogon_dissectors[] = { { NETLOGON_UASLOGON, "UasLogon", netlogon_dissect_netlogonuaslogon_rqst, @@ -6996,6 +7033,8 @@ static hf_register_info hf[] = { { "Time Limit", "netlogon.time_limit", FT_RELATIVE_TIME, BASE_NONE, NULL, 0, "", HFILL }}, + /* Secure channel dissection */ + { &hf_netlogon_secchan_bind_unknown1, { "Unknown1", "netlogon.secchan.bind.unknown1", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }}, @@ -7024,6 +7063,26 @@ static hf_register_info hf[] = { { "Unknown3", "netlogon.secchan.bind_ack.unknown3", FT_UINT32, BASE_HEX, NULL, 0x0, "", HFILL }}, + { &hf_netlogon_secchan, + { "Verifier", "netlogon.secchan.verifier", FT_NONE, BASE_NONE, + NULL, 0x0, "Verifier", HFILL }}, + + { &hf_netlogon_secchan_sig, + { "Signature", "netlogon.secchan.sig", FT_BYTES, BASE_HEX, NULL, + 0x0, "Signature", HFILL }}, + + { &hf_netlogon_secchan_unk, + { "Unknown", "netlogon.secchan.unk", FT_BYTES, BASE_HEX, NULL, + 0x0, "Unknown", HFILL }}, + + { &hf_netlogon_secchan_seq, + { "Sequence No", "netlogon.secchan.seq", FT_BYTES, BASE_HEX, NULL, + 0x0, "Sequence No", HFILL }}, + + { &hf_netlogon_secchan_nonce, + { "Nonce", "netlogon.secchan.nonce", FT_BYTES, BASE_HEX, NULL, + 0x0, "Nonce", HFILL }}, + }; static gint *ett[] = { @@ -7050,7 +7109,8 @@ static hf_register_info hf[] = { &ett_get_dcname_request_flags, &ett_dc_flags, &ett_secchan_bind_creds, - &ett_secchan_bind_ack_creds + &ett_secchan_bind_ack_creds, + &ett_secchan, }; proto_dcerpc_netlogon = proto_register_protocol( |