aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--packet-dcerpc-lsa.c18
-rw-r--r--packet-dcerpc-netlogon.c10
-rw-r--r--packet-dcerpc-samr.c129
3 files changed, 107 insertions, 50 deletions
diff --git a/packet-dcerpc-lsa.c b/packet-dcerpc-lsa.c
index b0ca72cde3..b34eb63dd5 100644
--- a/packet-dcerpc-lsa.c
+++ b/packet-dcerpc-lsa.c
@@ -3,7 +3,7 @@
* Copyright 2001,2003 Tim Potter <tpot@samba.org>
* 2002 Added LSA command dissectors Ronnie Sahlberg
*
- * $Id: packet-dcerpc-lsa.c,v 1.61 2003/01/28 06:39:39 tpot Exp $
+ * $Id: packet-dcerpc-lsa.c,v 1.62 2003/01/30 05:38:56 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -656,12 +656,20 @@ static int
lsa_dissect_lsaqueryinformationpolicy_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree, char *drep)
{
+ guint16 level;
+
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
lsa_dissect_LSA_HANDLE, NDR_POINTER_REF,
"LSA_HANDLE", -1);
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
- hf_lsa_policy_information_class, NULL);
+ hf_lsa_policy_information_class, &level);
+
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_append_fstr(
+ pinfo->cinfo, COL_INFO, ", %s",
+ val_to_str(level, policy_information_class_vals,
+ "Unknown (%d)"));
return offset;
}
@@ -2721,8 +2729,10 @@ lsa_dissect_lsaopensecret_rqst(tvbuff_t *tvb, int offset,
pinfo, tree, drep);
/* [in, ref] LSA_UNICODE_STRING *name */
- offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
- hf_lsa_name);
+ dissect_ndr_nt_UNICODE_STRING_cb(
+ tvb, offset, pinfo, tree, drep, hf_lsa_name,
+ cb_str_postprocess,
+ GINT_TO_POINTER(CB_STR_ITEM | CB_STR_COL_INFO));
/* [in] ACCESS_MASK access */
offset = lsa_dissect_ACCESS_MASK(tvb, offset,
diff --git a/packet-dcerpc-netlogon.c b/packet-dcerpc-netlogon.c
index bd7ec66e8d..63982c2de0 100644
--- a/packet-dcerpc-netlogon.c
+++ b/packet-dcerpc-netlogon.c
@@ -3,7 +3,7 @@
* Copyright 2001,2003 Tim Potter <tpot@samba.org>
* 2002 structure and command dissectors by Ronnie Sahlberg
*
- * $Id: packet-dcerpc-netlogon.c,v 1.66 2003/01/28 06:39:40 tpot Exp $
+ * $Id: packet-dcerpc-netlogon.c,v 1.67 2003/01/30 05:38:56 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -1396,8 +1396,12 @@ netlogon_dissect_netserverreqchallenge_rqst(tvbuff_t *tvb, int offset,
offset = netlogon_dissect_LOGONSRV_HANDLE(tvb, offset,
pinfo, tree, drep);
- offset = dissect_ndr_str_pointer_item(tvb, offset, pinfo, tree, drep,
- NDR_POINTER_REF, "Computer Name", hf_netlogon_computer_name);
+ offset = dissect_ndr_pointer_cb(
+ tvb, offset, pinfo, tree, drep,
+ dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_REF,
+ "Computer Name", hf_netlogon_computer_name,
+ cb_str_postprocess,
+ GINT_TO_POINTER(CB_STR_ITEM | CB_STR_COL_INFO));
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
netlogon_dissect_CREDENTIAL, NDR_POINTER_REF,
diff --git a/packet-dcerpc-samr.c b/packet-dcerpc-samr.c
index 94d15915cc..f8ddf5c310 100644
--- a/packet-dcerpc-samr.c
+++ b/packet-dcerpc-samr.c
@@ -3,7 +3,7 @@
* Copyright 2001,2003 Tim Potter <tpot@samba.org>
* 2002 Added all command dissectors Ronnie Sahlberg
*
- * $Id: packet-dcerpc-samr.c,v 1.67 2003/01/28 06:39:40 tpot Exp $
+ * $Id: packet-dcerpc-samr.c,v 1.68 2003/01/30 05:38:56 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -590,7 +590,7 @@ samr_dissect_open_user_rqst(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO, ", rid 0x%x", rid);
- dcv->private_data = (void *)rid;
+ dcv->private_data = GINT_TO_POINTER(rid);
return offset;
}
@@ -600,12 +600,23 @@ samr_dissect_open_user_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
+ dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
+ dcerpc_call_value *dcv = (dcerpc_call_value *)di->call_data;
e_ctx_hnd policy_hnd;
+ guint32 rid = GPOINTER_TO_INT(dcv->private_data);
+ char *pol_name;
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, &policy_hnd, TRUE, FALSE);
- dcerpc_smb_store_pol_name(&policy_hnd, "OpenUser handle");
+ if (rid)
+ pol_name = g_strdup_printf("OpenUser, rid 0x%x", rid);
+ else
+ pol_name = g_strdup("OpenUser handle");
+
+ dcerpc_smb_store_pol_name(&policy_hnd, pol_name);
+
+ g_free(pol_name);
offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep,
hf_samr_rc, NULL);
@@ -681,18 +692,26 @@ samr_dissect_query_dispinfo_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
+ guint16 level;
+ guint32 start_idx;
+
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, NULL, FALSE, FALSE);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep,
- hf_samr_level, NULL);
+ hf_samr_level, &level);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_start_idx, NULL);
+ hf_samr_start_idx, &start_idx);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_max_entries, NULL);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_pref_maxsize, NULL);
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_append_fstr(
+ pinfo->cinfo, COL_INFO, ", level %d, start_idx %d",
+ level, start_idx);
+
return offset;
}
@@ -1128,38 +1147,16 @@ samr_dissect_get_usrdom_pwinfo_reply(tvbuff_t *tvb, int offset,
return offset;
}
-
-
-static int
-samr_dissect_connect2_server(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *parent_tree,
- char *drep)
-{
- proto_item *item=NULL;
- proto_tree *tree=NULL;
- int old_offset=offset;
-
- if(parent_tree){
- item = proto_tree_add_text(parent_tree, tvb, offset, -1,
- "Server");
- tree = proto_item_add_subtree(item, ett_samr_server);
- }
-
- offset = dissect_ndr_nt_UNICODE_STRING_str(tvb, offset, pinfo,
- tree, drep);
-
- proto_item_set_len(item, offset-old_offset);
- return offset;
-}
-
static int
samr_dissect_connect2_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
- offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
- samr_dissect_connect2_server, NDR_POINTER_UNIQUE,
- "Server", hf_samr_server);
+ offset = dissect_ndr_pointer_cb(
+ tvb, offset, pinfo, tree, drep,
+ dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_UNIQUE,
+ "Server", hf_samr_server, cb_str_postprocess,
+ GINT_TO_POINTER(CB_STR_COL_INFO | CB_STR_ITEM | CB_STR_SAVE));
offset = dissect_nt_access_mask(
tvb, offset, pinfo, tree, drep, hf_samr_access,
@@ -1173,9 +1170,11 @@ samr_dissect_connect4_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
- offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
- samr_dissect_connect2_server, NDR_POINTER_UNIQUE,
- "Server", hf_samr_server);
+ offset = dissect_ndr_pointer_cb(
+ tvb, offset, pinfo, tree, drep,
+ dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_UNIQUE,
+ "Server", hf_samr_server, cb_str_postprocess,
+ GINT_TO_POINTER(CB_STR_COL_INFO | CB_STR_ITEM));
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_unknown_long, NULL);
@@ -1192,12 +1191,22 @@ samr_dissect_connect2_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
+ dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
+ dcerpc_call_value *dcv = (dcerpc_call_value *)di->call_data;
e_ctx_hnd policy_hnd;
-
+ char *server = (char *)dcv->private_data, *pol_name;
+
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, &policy_hnd, TRUE, FALSE);
- dcerpc_smb_store_pol_name(&policy_hnd, "Connect2 handle");
+ if (server)
+ pol_name = g_strdup_printf("Connect2, %s", server);
+ else
+ pol_name = g_strdup("Connect2 handle");
+
+ dcerpc_smb_store_pol_name(&policy_hnd, pol_name);
+
+ g_free(pol_name);
offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep,
hf_samr_rc, NULL);
@@ -1488,11 +1497,16 @@ samr_dissect_query_information_alias_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo,
proto_tree *tree, char *drep)
{
+ guint16 level;
+
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, NULL, FALSE, FALSE);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep,
- hf_samr_level, NULL);
+ hf_samr_level, &level);
+
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_append_fstr(pinfo->cinfo, COL_INFO, ", level %d", level);
return offset;
}
@@ -3697,11 +3711,16 @@ samr_dissect_set_information_user2_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
+ guint16 level;
+
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, NULL, FALSE, FALSE);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep,
- hf_samr_level, NULL);
+ hf_samr_level, &level);
+
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_append_fstr(pinfo->cinfo, COL_INFO, ", level %d", level);
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
samr_dissect_USER_INFO, NDR_POINTER_REF,
@@ -3921,11 +3940,17 @@ samr_dissect_query_sec_object_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
+ guint32 info_type;
+
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, NULL, FALSE, FALSE);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_info_type, NULL);
+ hf_samr_info_type, &info_type);
+
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_append_fstr(
+ pinfo->cinfo, COL_INFO, ", info_type %d", info_type);
return offset;
}
@@ -4488,7 +4513,7 @@ samr_dissect_open_alias_rqst(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO, ", rid 0x%x", rid);
- dcv->private_data = (void *)rid;
+ dcv->private_data = GINT_TO_POINTER(rid);
return offset;
}
@@ -4498,12 +4523,25 @@ samr_dissect_open_alias_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
char *drep)
{
+ dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
+ dcerpc_call_value *dcv = (dcerpc_call_value *)di->call_data;
e_ctx_hnd policy_hnd;
+ char *pol_name;
+ guint32 rid;
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, &policy_hnd, TRUE, FALSE);
- dcerpc_smb_store_pol_name(&policy_hnd, "OpenAlias handle");
+ rid = GPOINTER_TO_INT(dcv->private_data);
+
+ if (rid)
+ pol_name = g_strdup_printf("OpenAlias, rid 0x%x", rid);
+ else
+ pol_name = g_strdup_printf("OpenAlias handle");
+
+ dcerpc_smb_store_pol_name(&policy_hnd, pol_name);
+
+ g_free(pol_name);
offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep,
hf_samr_rc, NULL);
@@ -4615,11 +4653,16 @@ samr_dissect_query_information_user_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo,
proto_tree *tree, char *drep)
{
+ guint16 level;
+
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_samr_hnd, NULL, FALSE, FALSE);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep,
- hf_samr_level, NULL);
+ hf_samr_level, &level);
+
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_append_fstr(pinfo->cinfo, COL_INFO, ", level %d", level);
return offset;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-24 07:33:48 +0000