Operation name updates for winreg pipe from Jean-Baptiste Marchand.

svn path=/trunk/; revision=8561
author: Tim Potter <tpot@samba.org> 2003-09-28 11:35:20 +0000
committer: Tim Potter <tpot@samba.org> 2003-09-28 11:35:20 +0000
commit: 82d0ca7c519048ded3eef9ee6b1ff03279893624 (patch)
tree: ed112a63f8b9f7b81ae504fd95029269fa83a7d2 /packet-dcerpc-reg.c
parent: 84274d4870178bc80482e7837c019eeeda29139a (diff)
1 files changed, 53 insertions, 45 deletions
diff --git a/packet-dcerpc-reg.c b/packet-dcerpc-reg.c
index f986fd0c6e..2c5808eac1 100644
--- a/packet-dcerpc-reg.c
+++ b/packet-dcerpc-reg.c
@@ -2,7 +2,7 @@
  * Routines for SMB \PIPE\winreg packet disassembly
  * Copyright 2001-2003 Tim Potter <tpot@samba.org>
  *
- * $Id: packet-dcerpc-reg.c,v 1.21 2003/08/04 02:49:02 tpot Exp $
+ * $Id: packet-dcerpc-reg.c,v 1.22 2003/09/28 11:35:20 tpot Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
@@ -51,7 +51,7 @@ static int hf_unknown = -1;
 static int hf_openhklm_unknown1 = -1;
 static int hf_openhklm_unknown2 = -1;
 
-/* QueryKey */
+/* QueryInfoKey */
 
 static int hf_querykey_class = -1;
 static int hf_querykey_num_subkeys = -1;
@@ -63,14 +63,14 @@ static int hf_querykey_max_valbuf_size = -1;
 static int hf_querykey_secdesc = -1;
 static int hf_querykey_modtime = -1;
 
-/* OpenEntry */
+/* OpenKey */
 
 static int hf_keyname = -1;
-static int hf_openentry_unknown1 = -1;
+static int hf_openkey_unknown1 = -1;
 
-/* Unknown 0x1A */
+/* GetVersion */
 
-static int hf_unknown1A_unknown1 = -1;
+static int hf_getversion_version = -1;
 
 /* Data that is passed to a open call */
 
@@ -226,11 +226,11 @@ RegOpenHKCR_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 /*
- * RegClose
+ * CloseKey
  */
 
 static int
-RegClose_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegCloseKey_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	   proto_tree *tree, char *drep)
 {
 	/* Parse packet */
@@ -243,7 +243,7 @@ RegClose_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 static int
-RegClose_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegCloseKey_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	   proto_tree *tree, char *drep)
 {
 	/* Parse packet */
@@ -259,11 +259,11 @@ RegClose_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 /*
- * RegQueryKey
+ * QueryInfoKey
  */
 
 static int
-RegQueryKey_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegQueryInfoKey_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	      proto_tree *tree, char *drep)
 {
 	/* Parse packet */
@@ -279,7 +279,7 @@ RegQueryKey_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 static int
-RegQueryKey_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegQueryInfoKey_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	      proto_tree *tree, char *drep)
 {
 	/* Parse packet */
@@ -325,11 +325,11 @@ RegQueryKey_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 /*
- * OpenEntry
+ * OpenKey
  */
 
 static int
-RegOpenEntry_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegOpenKey_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	       proto_tree *tree, char *drep)
 {
 	/* Parse packet */
@@ -343,7 +343,7 @@ RegOpenEntry_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 
 	offset = dissect_ndr_uint32(
 		tvb, offset, pinfo, tree, drep,
-		hf_openentry_unknown1, NULL);
+		hf_openkey_unknown1, NULL);
 
 	offset = dissect_ndr_uint32(
 		tvb, offset, pinfo, tree, drep,
@@ -353,7 +353,7 @@ RegOpenEntry_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 static int
-RegOpenEntry_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegOpenKey_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	       proto_tree *tree, char *drep)
 {
 	e_ctx_hnd policy_hnd;
@@ -371,20 +371,20 @@ RegOpenEntry_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 
 	if (status == 0) {
 		dcerpc_smb_store_pol_name(&policy_hnd, pinfo,
-			"OpenEntry handle");
+			"OpenKey handle");
 		if (hnd_item != NULL)
-			proto_item_append_text(hnd_item, ": OpenEntry handle");
+			proto_item_append_text(hnd_item, ": OpenKey handle");
 	}
 
 	return offset;
 }
 
 /*
- * Unknown1A
+ * GetVersion
  */
 
 static int
-RegUnknown1A_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegGetVersion_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	       proto_tree *tree, char *drep)
 {
 	/* Parse packet */
@@ -397,14 +397,14 @@ RegUnknown1A_q(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 static int
-RegUnknown1A_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
+RegGetVersion_r(tvbuff_t *tvb, int offset, packet_info *pinfo,
 	       proto_tree *tree, char *drep)
 {
 	/* Parse packet */
 
 	offset = dissect_ndr_uint32(
 		tvb, offset, pinfo, tree, drep,
-		hf_unknown1A_unknown1, NULL);
+		hf_getversion_version, NULL);
 
 	offset = dissect_ntstatus(
 		tvb, offset, pinfo, tree, drep, hf_rc, NULL);
@@ -639,11 +639,11 @@ static guint16 ver_dcerpc_reg = 1;
 
 static dcerpc_sub_dissector dcerpc_reg_dissectors[] = {
         { REG_OPEN_HKCR, "OpenHKCR", RegOpenHKCR_q, RegOpenHKCR_r },
-        { _REG_UNK_01, "Unknown01", NULL, NULL },
+        { REG_OPEN_HKCU, "OpenHKCU", NULL, NULL },
         { REG_OPEN_HKLM, "OpenHKLM", RegOpenHKLM_q, RegOpenHKLM_r },
-        { _REG_UNK_03, "Unknown03", NULL, NULL },
+        { REG_OPEN_HKPD, "OpenHKPD", NULL, NULL },
         { REG_OPEN_HKU, "OpenHKU", RegOpenHKU_q, RegOpenHKU_r },
-        { REG_CLOSE, "Close", RegClose_q, RegClose_r },
+        { REG_CLOSE_KEY, "CloseKey", RegCloseKey_q, RegCloseKey_r },
         { REG_CREATE_KEY, "CreateKey", NULL, NULL },
         { REG_DELETE_KEY, "DeleteKey", NULL, NULL },
         { REG_DELETE_VALUE, "DeleteValue", NULL, NULL },
@@ -651,21 +651,29 @@ static dcerpc_sub_dissector dcerpc_reg_dissectors[] = {
         { REG_ENUM_VALUE, "EnumValue", NULL, NULL },
         { REG_FLUSH_KEY, "FlushKey", NULL, NULL },
         { REG_GET_KEY_SEC, "GetKeySecurity", NULL, NULL },
-        { _REG_UNK_0D, "Unknown0d", NULL, NULL },
-        { _REG_UNK_0E, "Unknown0e", NULL, NULL },
-        { REG_OPEN_ENTRY, "OpenEntry", RegOpenEntry_q, RegOpenEntry_r },
-        { REG_QUERY_KEY, "QueryKey", RegQueryKey_q, RegQueryKey_r },
+        { REG_LOAD_KEY, "LoadKey", NULL, NULL },
+        { REG_NOTIFY_CHANGE_KEY_VALUE, "NotifyChangeKeyValue", NULL, NULL },
+        { REG_OPEN_KEY, "OpenKey", RegOpenKey_q, RegOpenKey_r },
+        { REG_QUERY_INFO_KEY, "QueryInfoKey", RegQueryInfoKey_q, RegQueryInfoKey_r },
         { REG_QUERY_VALUE, "QueryValue", RegQueryValue_q, RegQueryValue_r },
-        { _REG_UNK_12, "Unknown12", NULL, NULL },
-        { _REG_UNK_13, "Unknown13", NULL, NULL },
-        { _REG_UNK_14, "Unknown14", NULL, NULL },
+        { REG_REPLACE_KEY, "ReplaceKey", NULL, NULL },
+        { REG_RESTORE_KEY, "RestoreKey", NULL, NULL },
+        { REG_SAVE_KEY, "SaveKey", NULL, NULL },
         { REG_SET_KEY_SEC, "SetKeySecurity", NULL, NULL },
-        { REG_CREATE_VALUE, "CreateValue", NULL, NULL },
-        { _REG_UNK_17, "Unknown17", NULL, NULL },
-        { REG_SHUTDOWN, "Shutdown", NULL, NULL },
-        { REG_ABORT_SHUTDOWN, "AbortShutdown", NULL, NULL },
-        { _REG_UNK_1A, "Unknown1A", RegUnknown1A_q, RegUnknown1A_r },
-
+        { REG_SET_VALUE, "SetValue", NULL, NULL },
+        { REG_UNLOAD_KEY, "UnLoadKey", NULL, NULL },
+        { REG_INITIATE_SYSTEM_SHUTDOWN, "InitiateSystemShutdown", NULL, NULL },
+        { REG_ABORT_SYSTEM_SHUTDOWN, "AbortSystemShutdown", NULL, NULL },
+        { REG_GET_VERSION, "GetVersion", RegGetVersion_q, RegGetVersion_r },
+	{ REG_OPEN_HKCC, "OpenHKCC", NULL, NULL },
+	{ REG_OPEN_HKDD, "OpenHKDD", NULL, NULL },
+	{ REG_QUERY_MULTIPLE_VALUES, "QueryMultipleValues", NULL, NULL },
+	{ REG_INITIATE_SYSTEM_SHUTDOWN_EX, "InitiateSystemShutdownEx", 
+	  NULL, NULL },
+	{ REG_SAVE_KEY_EX, "SaveKeyEx", NULL, NULL },
+	{ REG_OPEN_HKPT, "OpenHKPT", NULL, NULL },
+	{ REG_OPEN_HKPN, "OpenHKPN", NULL, NULL },
+	{ REG_QUERY_MULTIPLE_VALUES_2, "QueryMultipleValues2", NULL, NULL },
         { 0, NULL, NULL,  NULL }
 };
 
@@ -764,21 +772,21 @@ proto_register_dcerpc_reg(void)
 		  { "Mod time", "reg.querykey.modtime", FT_ABSOLUTE_TIME, BASE_NONE,
 		    NULL, 0x0, "Secdesc", HFILL }},
 
-		/* OpenEntry */
+		/* OpenKey */
 
 		{ &hf_keyname,
 		  { "Key name", "reg.keyname", FT_STRING, BASE_NONE,
 		    NULL, 0x0, "Keyname", HFILL }},
 
-		{ &hf_openentry_unknown1,
-		  { "Unknown 1", "reg.openentry.unknown1", FT_UINT32, BASE_HEX,
+		{ &hf_openkey_unknown1,
+		  { "Unknown 1", "reg.openkey.unknown1", FT_UINT32, BASE_HEX,
 		    NULL, 0x0, "Unknown 1", HFILL }},
 
-		/* Unknown1A */
+		/* GetVersion */
 
-		{ &hf_unknown1A_unknown1,
-		  { "Unknown 1", "reg.unknown1A.unknown1", FT_UINT32, BASE_HEX,
-		    NULL, 0x0, "Unknown 1", HFILL }},
+		{ &hf_getversion_version,
+		  { "Version", "reg.getversion.version", FT_UINT32, BASE_HEX,
+		    NULL, 0x0, "Version", HFILL }},
 
 	};
author	Tim Potter <tpot@samba.org>	2003-09-28 11:35:20 +0000
committer	Tim Potter <tpot@samba.org>	2003-09-28 11:35:20 +0000
commit	82d0ca7c519048ded3eef9ee6b1ff03279893624 (patch)
tree	ed112a63f8b9f7b81ae504fd95029269fa83a7d2 /packet-dcerpc-reg.c
parent	84274d4870178bc80482e7837c019eeeda29139a (diff)