diff options
-rw-r--r-- | AUTHORS | 4 | ||||
-rw-r--r-- | Makefile.common | 11 | ||||
-rwxr-xr-x | packet-dcerpc-llb.c | 90 | ||||
-rwxr-xr-x | packet-dcerpc-rdaclif.c | 94 | ||||
-rwxr-xr-x | packet-dcerpc-rs_attr_schema.c | 95 | ||||
-rwxr-xr-x | packet-dcerpc-rs_prop_acl.c | 88 | ||||
-rwxr-xr-x | packet-dcerpc-rs_prop_attr.c | 88 | ||||
-rwxr-xr-x | packet-dcerpc-rs_prop_pgo.c | 93 | ||||
-rwxr-xr-x | packet-dcerpc-rs_prop_plcy.c | 91 | ||||
-rwxr-xr-x | packet-dcerpc-rs_pwd_mgmt.c | 95 | ||||
-rwxr-xr-x | packet-dcerpc-rs_repmgr.c | 95 |
11 files changed, 842 insertions, 2 deletions
@@ -1407,7 +1407,9 @@ Jaime Fournier <Jaime.Fournier [AT] hush.com> { UBIKDISK, UBIKVOTE, BOSSVR, FTSERVER, CDS_CLERKSERVER, KRB5RPC, REP_PROC, SECIDMAP, TKN4INT, FLDB, AFS4INT, UPDATE, BUDB, BUTC, RS_BIND, RS_PLCY, ICL RPC, - RS_PROP_ACCT + RS_PROP_ACCT, LLB, RDACLIF, RS_ATTR_SCHEMA, RS_PROP_ACL, + RS_PROP_ATTR, RS_PROP_PGO, RS_PROP_PLCY, RS_PWD_MGMT, + RS_REPMGR DCE RPC EPM version 4 support } diff --git a/Makefile.common b/Makefile.common index 40247ce317..9eafb3500f 100644 --- a/Makefile.common +++ b/Makefile.common @@ -3,7 +3,7 @@ # a) common to both files and # b) portable between both files # -# $Id: Makefile.common,v 1.10 2004/02/03 18:57:26 guy Exp $ +# $Id: Makefile.common,v 1.11 2004/02/10 23:38:34 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs <gerald@ethereal.com> @@ -98,6 +98,7 @@ DISSECTOR_SRC = \ packet-dcerpc-icl_rpc.c \ packet-dcerpc-initshutdown.c \ packet-dcerpc-krb5rpc.c \ + packet-dcerpc-llb.c \ packet-dcerpc-lsa-ds.c \ packet-dcerpc-lsa.c \ packet-dcerpc-mapi.c \ @@ -107,6 +108,7 @@ DISSECTOR_SRC = \ packet-dcerpc-netlogon.c \ packet-dcerpc-nspi.c \ packet-dcerpc-oxid.c \ + packet-dcerpc-rdaclif.c \ packet-dcerpc-reg.c \ packet-dcerpc-remact.c \ packet-dcerpc-rep_proc.c \ @@ -114,13 +116,20 @@ DISSECTOR_SRC = \ packet-dcerpc-rpriv.c \ packet-dcerpc-rs_acct.c \ packet-dcerpc-rs_attr.c \ + packet-dcerpc-rs_attr_schema.c \ packet-dcerpc-rs_bind.c \ packet-dcerpc-rs_misc.c \ packet-dcerpc-rs_pgo.c \ packet-dcerpc-rs_plcy.c \ packet-dcerpc-rs_prop_acct.c \ + packet-dcerpc-rs_prop_acl.c \ + packet-dcerpc-rs_prop_attr.c \ + packet-dcerpc-rs_prop_pgo.c \ + packet-dcerpc-rs_prop_plcy.c \ + packet-dcerpc-rs_pwd_mgmt.c \ packet-dcerpc-rs_repadm.c \ packet-dcerpc-rs_replist.c \ + packet-dcerpc-rs_repmgr.c \ packet-dcerpc-rs_unix.c \ packet-dcerpc-rsec_login.c \ packet-dcerpc-samr.c \ diff --git a/packet-dcerpc-llb.c b/packet-dcerpc-llb.c new file mode 100755 index 0000000000..4b595717eb --- /dev/null +++ b/packet-dcerpc-llb.c @@ -0,0 +1,90 @@ +/* packet-dcerpc-llb.c + * + * Routines for llb dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/admin.tar.gz ./admin/dced/idl/llb.idl + * + * $Id: packet-dcerpc-llb.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" +#include "packet-dcerpc-dce122.h" + + +static int proto_llb = -1; +static int hf_llb_opnum = -1; + +static gint ett_llb = -1; + + +static e_uuid_t uuid_llb = + { 0x333b33c3, 0x0000, 0x0000, {0x0d, 0x00, 0x00, 0x87, 0x84, 0x00, 0x00, + 0x00} }; +static guint16 ver_llb = 4; + + +static dcerpc_sub_dissector llb_dissectors[] = { + {0, "insert", NULL, NULL}, + {1, "delete", NULL, NULL}, + {2, "lookup", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_llb (void) +{ + static hf_register_info hf[] = { + {&hf_llb_opnum, + {"Operation", "llb.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, "Operation", + HFILL}}, + }; + + static gint *ett[] = { + &ett_llb, + }; + proto_llb = + proto_register_protocol ("DCE/RPC NCS 1.5.1 Local Location Broker", "llb", + "llb"); + proto_register_field_array (proto_llb, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_llb (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_llb, ett_llb, &uuid_llb, ver_llb, llb_dissectors, + hf_llb_opnum); +} diff --git a/packet-dcerpc-rdaclif.c b/packet-dcerpc-rdaclif.c new file mode 100755 index 0000000000..7e9ba3bb29 --- /dev/null +++ b/packet-dcerpc-rdaclif.c @@ -0,0 +1,94 @@ +/* packet-dcerpc-rdaclif.c + * + * Routines for rdaclif dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz ../security/idl/rdaclif.idl + * + * $Id: packet-dcerpc-rdaclif.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rdaclif = -1; +static int hf_rdaclif_opnum = -1; + + +static gint ett_rdaclif = -1; +static e_uuid_t uuid_rdaclif = + { 0x47b33331, 0x8000, 0x0000, {0x0d, 0x00, 0x01, 0xdc, 0x6c, 0x00, 0x00, + 0x00} }; + +static guint16 ver_rdaclif = 1; + + +static dcerpc_sub_dissector rdaclif_dissectors[] = { + {0, "lookup", NULL, NULL}, + {1, "replace", NULL, NULL}, + {2, "get_access", NULL, NULL}, + {3, "test_access", NULL, NULL}, + {4, "test_access_on_behalf", NULL, NULL}, + {5, "get_manager_types", NULL, NULL}, + {6, "get_printstring", NULL, NULL}, + {7, "get_referral", NULL, NULL}, + {8, "get_mgr_types_semantics", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rdaclif (void) +{ + static hf_register_info hf[] = { + {&hf_rdaclif_opnum, + {"Operation", "rdaclif.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rdaclif, + }; + proto_rdaclif = + proto_register_protocol ("DCE/RPC Directory Acl Interface ", "rdaclif", + "rdaclif"); + proto_register_field_array (proto_rdaclif, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rdaclif (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rdaclif, ett_rdaclif, &uuid_rdaclif, ver_rdaclif, + rdaclif_dissectors, hf_rdaclif_opnum); +} diff --git a/packet-dcerpc-rs_attr_schema.c b/packet-dcerpc-rs_attr_schema.c new file mode 100755 index 0000000000..6825fbddaa --- /dev/null +++ b/packet-dcerpc-rs_attr_schema.c @@ -0,0 +1,95 @@ +/* packet-dcerpc-rs_attr_schema.c + * + * Routines for rs_attr_schema dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_attr_schema.idl + * + * $Id: packet-dcerpc-rs_attr_schema.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_attr_schema = -1; +static int hf_rs_attr_schema_opnum = -1; + + +static gint ett_rs_attr_schema = -1; +static e_uuid_t uuid_rs_attr_schema = + { 0xb47c9460, 0x567f, 0x11cb, {0x8c, 0x09, 0x08, 0x00, 0x1e, 0x04, 0xde, + 0x8c} }; +static guint16 ver_rs_attr_schema = 0; + + +static dcerpc_sub_dissector rs_attr_schema_dissectors[] = { + {0, "create_entry", NULL, NULL}, + {1, "delete_entry", NULL, NULL}, + {2, "update_entry", NULL, NULL}, + {3, "cursor_init", NULL, NULL}, + {4, "scan", NULL, NULL}, + {5, "lookup_by_name", NULL, NULL}, + {6, "lookup_by_id", NULL, NULL}, + {7, "get_referral", NULL, NULL}, + {8, "get_acl_mgrs", NULL, NULL}, + {9, "aclmgr_strings", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_attr_schema (void) +{ + static hf_register_info hf[] = { + {&hf_rs_attr_schema_opnum, + {"Operation", "rs_attr_schema.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_attr_schema, + }; + proto_rs_attr_schema = + proto_register_protocol ("DCE/RPC Registry Server Attributes Schema", + "rs_attr_schema", "rs_attr_schema"); + proto_register_field_array (proto_rs_attr_schema, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_attr_schema (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_attr_schema, ett_rs_attr_schema, + &uuid_rs_attr_schema, ver_rs_attr_schema, + rs_attr_schema_dissectors, hf_rs_attr_schema_opnum); +} diff --git a/packet-dcerpc-rs_prop_acl.c b/packet-dcerpc-rs_prop_acl.c new file mode 100755 index 0000000000..02b0a39a8d --- /dev/null +++ b/packet-dcerpc-rs_prop_acl.c @@ -0,0 +1,88 @@ +/* packet-dcerpc-rs_prop_acl.c + * + * Routines for rs_prop_acl dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_prop_acl.idl + * + * $Id: packet-dcerpc-rs_prop_acl.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_prop_acl = -1; +static int hf_rs_prop_acl_opnum = -1; + + +static gint ett_rs_prop_acl = -1; +static e_uuid_t uuid_rs_prop_acl = + { 0x591d87d0, 0xde64, 0x11ca, {0xa1, 0x1c, 0x08, 0x00, 0x1e, 0x03, 0x94, + 0xc7} }; + +static guint16 ver_rs_prop_acl = 1; + + +static dcerpc_sub_dissector rs_prop_acl_dissectors[] = { + {0, "replace", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_prop_acl (void) +{ + static hf_register_info hf[] = { + {&hf_rs_prop_acl_opnum, + {"Operation", "rs_prop_acl.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_prop_acl, + }; + proto_rs_prop_acl = + proto_register_protocol + ("DCE/RPC Registry server propagation interface - ACLs. ", "rs_prop_acl", + "rs_prop_acl"); + proto_register_field_array (proto_rs_prop_acl, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_prop_acl (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_prop_acl, ett_rs_prop_acl, &uuid_rs_prop_acl, + ver_rs_prop_acl, rs_prop_acl_dissectors, + hf_rs_prop_acl_opnum); +} diff --git a/packet-dcerpc-rs_prop_attr.c b/packet-dcerpc-rs_prop_attr.c new file mode 100755 index 0000000000..ab91089f2c --- /dev/null +++ b/packet-dcerpc-rs_prop_attr.c @@ -0,0 +1,88 @@ +/* packet-dcerpc-rs_prop_attr.c + * + * Routines for rs_prop_attr dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_prop_attr.idl + * + * $Id: packet-dcerpc-rs_prop_attr.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_prop_attr = -1; +static int hf_rs_prop_attr_opnum = -1; + + +static gint ett_rs_prop_attr = -1; +static e_uuid_t uuid_rs_prop_attr = + { 0x0eff23e6, 0x555a, 0x11cd, {0x95, 0xbf, 0x08, 0x00, 0x09, 0x27, 0x84, + 0xc3} }; + +static guint16 ver_rs_prop_attr = 1; + + +static dcerpc_sub_dissector rs_prop_attr_dissectors[] = { + {0, "update", NULL, NULL}, + {1, "delete", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_prop_attr (void) +{ + static hf_register_info hf[] = { + {&hf_rs_prop_attr_opnum, + {"Operation", "rs_prop_attr.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_prop_attr, + }; + proto_rs_prop_attr = + proto_register_protocol ("DCE/RPC Prop Attr", "rs_prop_attr", + "rs_prop_attr"); + proto_register_field_array (proto_rs_prop_attr, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_prop_attr (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_prop_attr, ett_rs_prop_attr, &uuid_rs_prop_attr, + ver_rs_prop_attr, rs_prop_attr_dissectors, + hf_rs_prop_attr_opnum); +} diff --git a/packet-dcerpc-rs_prop_pgo.c b/packet-dcerpc-rs_prop_pgo.c new file mode 100755 index 0000000000..bd38468883 --- /dev/null +++ b/packet-dcerpc-rs_prop_pgo.c @@ -0,0 +1,93 @@ +/* packet-dcerpc-rs_prop_pgo.c + * + * Routines for rs_prop_pgo dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_prop_pgo.idl + * + * $Id: packet-dcerpc-rs_prop_pgo.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_prop_pgo = -1; +static int hf_rs_prop_pgo_opnum = -1; + + +static gint ett_rs_prop_pgo = -1; +static e_uuid_t uuid_rs_prop_pgo = + { 0xc23626e8, 0xde34, 0x11ca, {0x8c, 0xbc, 0x08, 0x00, 0x1e, 0x03, 0x94, + 0xc7} }; + +static guint16 ver_rs_prop_pgo = 1; + + +static dcerpc_sub_dissector rs_prop_pgo_dissectors[] = { + {0, "add", NULL, NULL}, + {1, "rename", NULL, NULL}, + {2, "replace", NULL, NULL}, + {3, "add_member", NULL, NULL}, + {4, "delete_member", NULL, NULL}, + {5, "add_member_global", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_prop_pgo (void) +{ + static hf_register_info hf[] = { + {&hf_rs_prop_pgo_opnum, + {"Operation", "rs_prop_pgo.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_prop_pgo, + }; + proto_rs_prop_pgo = + proto_register_protocol + ("DCE/RPC Registry server propagation interface - PGO items", + "rs_prop_pgo", "rs_prop_pgo"); + proto_register_field_array (proto_rs_prop_pgo, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_prop_pgo (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_prop_pgo, ett_rs_prop_pgo, &uuid_rs_prop_pgo, + ver_rs_prop_pgo, rs_prop_pgo_dissectors, + hf_rs_prop_pgo_opnum); +} diff --git a/packet-dcerpc-rs_prop_plcy.c b/packet-dcerpc-rs_prop_plcy.c new file mode 100755 index 0000000000..8276376e16 --- /dev/null +++ b/packet-dcerpc-rs_prop_plcy.c @@ -0,0 +1,91 @@ +/* packet-dcerpc-rs_prop_plcy.c + * + * Routines for rs_prop_plcy dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_prop_plcy.idl + * + * $Id: packet-dcerpc-rs_prop_plcy.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_prop_plcy = -1; +static int hf_rs_prop_plcy_opnum = -1; + + +static gint ett_rs_prop_plcy = -1; +static e_uuid_t uuid_rs_prop_plcy = + { 0xe6ac5cb8, 0xde3e, 0x11ca, {0x93, 0x76, 0x08, 0x00, 0x1e, 0x03, 0x94, + 0xc7} }; + +static guint16 ver_rs_prop_plcy = 1.1; + + +static dcerpc_sub_dissector rs_prop_plcy_dissectors[] = { + {0, "rs_prop_properties_set_info", NULL, NULL}, + {1, "rs_prop_plcy_set_info", NULL, NULL}, + {2, "rs_prop_auth_plcy_set_info", NULL, NULL}, + {3, "rs_prop_plcy_set_dom_cache_info", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_prop_plcy (void) +{ + static hf_register_info hf[] = { + {&hf_rs_prop_plcy_opnum, + {"Operation", "rs_prop_plcy.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_prop_plcy, + }; + proto_rs_prop_plcy = + proto_register_protocol + ("DCE/RPC Registry server propagation interface - properties and policies", + "rs_prop_plcy", "rs_prop_plcy"); + proto_register_field_array (proto_rs_prop_plcy, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_prop_plcy (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_prop_plcy, ett_rs_prop_plcy, &uuid_rs_prop_plcy, + ver_rs_prop_plcy, rs_prop_plcy_dissectors, + hf_rs_prop_plcy_opnum); +} diff --git a/packet-dcerpc-rs_pwd_mgmt.c b/packet-dcerpc-rs_pwd_mgmt.c new file mode 100755 index 0000000000..5d615d5f37 --- /dev/null +++ b/packet-dcerpc-rs_pwd_mgmt.c @@ -0,0 +1,95 @@ +/* packet-dcerpc-rs_pwd_mgmt.c + * + * Routines for rs_pwd_mgmt dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_pwd_mgmt.idl + * + * $Id: packet-dcerpc-rs_pwd_mgmt.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_pwd_mgmt = -1; +static int hf_rs_pwd_mgmt_opnum = -1; + + +static gint ett_rs_pwd_mgmt = -1; +static e_uuid_t uuid_rs_pwd_mgmt = + { 0x3139a0e2, 0x68da, 0x11cd, {0x91, 0xc7, 0x08, 0x00, 0x09, 0x24, 0x24, + 0x44} }; + +static guint16 ver_rs_pwd_mgmt = 1; + + +static dcerpc_sub_dissector rs_pwd_mgmt_dissectors[] = { + {0, "lookup", NULL, NULL}, + {1, "replace", NULL, NULL}, + {2, "get_access", NULL, NULL}, + {3, "test_access", NULL, NULL}, + {4, "test_access_on_behalf", NULL, NULL}, + {5, "get_manager_types", NULL, NULL}, + {6, "get_printstring", NULL, NULL}, + {7, "get_referral", NULL, NULL}, + {8, "get_mgr_types_semantics", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_pwd_mgmt (void) +{ + static hf_register_info hf[] = { + {&hf_rs_pwd_mgmt_opnum, + {"Operation", "rs_pwd_mgmt.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_pwd_mgmt, + }; + proto_rs_pwd_mgmt = + proto_register_protocol ("DCE/RPC Registry Password Management ", + "rs_pwd_mgmt", "rs_pwd_mgmt"); + proto_register_field_array (proto_rs_pwd_mgmt, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_pwd_mgmt (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_pwd_mgmt, ett_rs_pwd_mgmt, &uuid_rs_pwd_mgmt, + ver_rs_pwd_mgmt, rs_pwd_mgmt_dissectors, + hf_rs_pwd_mgmt_opnum); +} diff --git a/packet-dcerpc-rs_repmgr.c b/packet-dcerpc-rs_repmgr.c new file mode 100755 index 0000000000..ebb47d7bf5 --- /dev/null +++ b/packet-dcerpc-rs_repmgr.c @@ -0,0 +1,95 @@ +/* packet-dcerpc-rs_repmgr.c + * + * Routines for rs_repmgr dissection + * Copyright 2004, Jaime Fournier <jaime.fournier@hush.com> + * This information is based off the released idl files from opengroup. + * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_repmgr.idl + * + * $Id: packet-dcerpc-rs_repmgr.c,v 1.1 2004/02/10 23:38:34 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#include <string.h> + +#include <glib.h> +#include <epan/packet.h> +#include "packet-dcerpc.h" + +static int proto_rs_repmgr = -1; +static int hf_rs_repmgr_opnum = -1; + + +static gint ett_rs_repmgr = -1; +static e_uuid_t uuid_rs_repmgr = + { 0xb62dc198, 0xdfd4, 0x11ca, {0x94, 0x8f, 0x08, 0x00, 0x1e, 0x02, 0x59, + 0x4c} }; + +static guint16 ver_rs_repmgr = 2; + + +static dcerpc_sub_dissector rs_repmgr_dissectors[] = { + {0, "get_info_and_creds", NULL, NULL}, + {1, "init", NULL, NULL}, + {2, "init_done", NULL, NULL}, + {3, "i_am_slave", NULL, NULL}, + {4, "i_am_master", NULL, NULL}, + {5, "become_master", NULL, NULL}, + {6, "copy_all", NULL, NULL}, + {7, "copy_propq", NULL, NULL}, + {8, "stop_until_compat_sw", NULL, NULL}, + {0, NULL, NULL, NULL} +}; + +void +proto_register_rs_repmgr (void) +{ + static hf_register_info hf[] = { + {&hf_rs_repmgr_opnum, + {"Operation", "rs_repmgr.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, + "Operation", HFILL}}, + }; + + static gint *ett[] = { + &ett_rs_repmgr, + }; + proto_rs_repmgr = + proto_register_protocol + ("DCE/RPC Operations between registry server replicas", "rs_repmgr", + "rs_repmgr"); + proto_register_field_array (proto_rs_repmgr, hf, array_length (hf)); + proto_register_subtree_array (ett, array_length (ett)); +} + +void +proto_reg_handoff_rs_repmgr (void) +{ + /* Register the protocol as dcerpc */ + dcerpc_init_uuid (proto_rs_repmgr, ett_rs_repmgr, &uuid_rs_repmgr, + ver_rs_repmgr, rs_repmgr_dissectors, hf_rs_repmgr_opnum); +} |