aboutsummaryrefslogtreecommitdiffstats
path: root/packet-dcerpc-netlogon.c
AgeCommit message (Collapse)AuthorFilesLines
2004-05-19Remove hf argument to common routines for dissecting domain sids. Mosttpot1-27/+12
of the callers passed -1 for this parameter anyway. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10919 f5534014-38df-0310-8fa8-9805f1628bb7
2004-05-01more deltatypessahlberg1-1/+10
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10748 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-23prettified a few netlogon calls and populate col_info with account namessahlberg1-6/+6
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10679 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-23update to netlogon to dissect the timestamps in VALIDATION_UAS_INFOsahlberg1-18/+19
update to dcerpc time_t dissector to print the string "No time specified" when the seconds field is 0xffffffff git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10678 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-23update to netlogon, now also decode the delete user/group/aliassahlberg1-8/+16
deltas. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10677 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-21 update to netlogon to show DsrGetDcNameEx2() Client account name, domain ↵sahlberg1-8/+8
name and site name git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10656 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-08update to netlogon: make it dissect all the bits of the UserAccountControl ↵sahlberg1-11/+285
flags field in the pac structure and elsewhere in netlogon git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10565 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-08dissection of netlogon userflags in tha pac structure and elsewheresahlberg1-9/+65
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10564 f5534014-38df-0310-8fa8-9805f1628bb7
2004-04-08dissect group attributes for the pac structure and other places in netlogonsahlberg1-4/+71
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10563 f5534014-38df-0310-8fa8-9805f1628bb7
2004-03-05Kerberos contain a structure that is VERY similar to VALIDATE_SAM_INFO2sahlberg1-1/+151
so declare it here. This substructure in the w2k kerberos PAC structure is called PAC_LOGIN_INFO and might actually exist inside the netlogon interface as well? git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10322 f5534014-38df-0310-8fa8-9805f1628bb7
2004-01-19char *drep -> guint8 *drepjmayer1-191/+191
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9735 f5534014-38df-0310-8fa8-9805f1628bb7
2003-11-02In a secure channel verifier, sometimes the nonce isn't present; not suretpot1-8/+13
why this is so. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8856 f5534014-38df-0310-8fa8-9805f1628bb7
2003-10-23Use -1 rather than "tvb_length(tvb)" to specify a length that covers theguy1-3/+3
entire tvbuff for Secure Channel bind credentials. Use -1 rather than 0 to have the top-level item for Secure Channel ACK credentials cover the entire tvbuff. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8756 f5534014-38df-0310-8fa8-9805f1628bb7
2003-09-27From JBM update some function names in Netlogonsahlberg1-88/+95
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8556 f5534014-38df-0310-8fa8-9805f1628bb7
2003-09-22A bunch of fixups for the NETLOGON sam database synchronisationtpot1-8/+12
dissector: - some rids marked as user are actually groups - decorate some strings higher up in the tree - dissect the delta id as such and add value string text item git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8510 f5534014-38df-0310-8fa8-9805f1628bb7
2003-09-12Update to netlogonsahlberg1-4/+39
make it decode DsrGetDCSiteCoverage replies properly git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8463 f5534014-38df-0310-8fa8-9805f1628bb7
2003-09-12upadtes to NETLOGONsahlberg1-154/+155
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8462 f5534014-38df-0310-8fa8-9805f1628bb7
2003-09-11From Jean-Baptiste Marchandsahlberg1-39/+8
update of the type of pointer used for DsrGetSiteName reply packets git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8456 f5534014-38df-0310-8fa8-9805f1628bb7
2003-09-10NETLOGON/DsrDeregisterDNSHostRecords :sahlberg1-2/+2
The dns_host field is a REF pointer to a unicode string. NOT a Unique pointer. Update iethereal so that this packet is dissected properly git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8446 f5534014-38df-0310-8fa8-9805f1628bb7
2003-08-04Guy suggested that the dcerpc opnum value_string code could be simplifiedtpot1-9/+1
somewhat. Now the dynamic initialisation of the value_string is contained in the value_string_from_subdissectors() function instead of being distributed amongst the dcerpc dissectors. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8123 f5534014-38df-0310-8fa8-9805f1628bb7
2003-07-18I've seen captures with Netlogon Secure Channel security with aguy1-1/+4
protection level of DCE_C_AUTHN_LEVEL_PKT_INTEGRITY. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8041 f5534014-38df-0310-8fa8-9805f1628bb7
2003-07-18Capitalize "C" in "Channel" in "Secure Channel", as is done elsewhere.guy1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8040 f5534014-38df-0310-8fa8-9805f1628bb7
2003-07-16Move all DCERPC authentication/encryption dissection code from packet-dcerpc.ctpot1-54/+69
to the dissector that handles the particular authentication flavour. This gets rid of a couple of ugly switch statements and allows other authentication modules to be written easily. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8026 f5534014-38df-0310-8fa8-9805f1628bb7
2003-06-26Dynamically create DCERPC opnum value_strings from the subdissectortpot1-48/+10
list rather than duplicating this information in the dissector. Some of the opnum strings were starting to get out of date as developers forgot to update the information in both places. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7936 f5534014-38df-0310-8fa8-9805f1628bb7
2003-06-02Dissect a netlogon credential as eight FT_BYTES rather than two guint32tpot1-17/+8
quantities. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7768 f5534014-38df-0310-8fa8-9805f1628bb7
2003-05-21Change the interface to dissect_ndr_nt_PSID to take one extra parameter ↵sahlberg1-10/+10
which if !=-1 is a hf field for the sid to use instead of the default smb.sid one. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7706 f5534014-38df-0310-8fa8-9805f1628bb7
2003-05-15Move dissection of NETLOGON secure channel auth verifier intotpot1-2/+62
packet-dcerpc-netlogon.c git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7670 f5534014-38df-0310-8fa8-9805f1628bb7
2003-05-15Dissect authentication data for netlogon secure channel bind and bind acks.tpot1-3/+124
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7667 f5534014-38df-0310-8fa8-9805f1628bb7
2003-05-09Dissect a ntlmv2 response if found in a samlogon request.tpot1-10/+42
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7657 f5534014-38df-0310-8fa8-9805f1628bb7
2003-04-27Not all strings in MS interfaces are unicode.sahlberg1-3/+3
Rename cb_str_postprocess which handles unicode strings to cb_wstr_postprocess. Add cb_str_postprocess which handles ASCII strings git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7572 f5534014-38df-0310-8fa8-9805f1628bb7
2003-02-14Display user name in COL_INFO for ServerAuthenticate2 request.tpot1-3/+9
Add note about putting DOMAIN\Username in COL_INFO when dissecting LOGIN_IDENTITY_INFO (part of SamLogon RPC). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7147 f5534014-38df-0310-8fa8-9805f1628bb7
2003-02-10Decorate the top-level item for a PRIV_NAME_ARRAY with the privilegeguy1-2/+2
names. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7118 f5534014-38df-0310-8fa8-9805f1628bb7
2003-02-08Have "dissect_ndr_counted_string()" add 2, not 1, to its argument, as itguy1-6/+6
adds 2 levels to the tree. Fix calls to it not to add 1 for that level. The NT and LM challenges in a NETWORK_INFO structure are opaque arrays of bytes, not Unicode strings; dissect them as such, adding a new routine "dissect_ndr_counted_byte_array()" for that purpose. Get rid of some extra colons in names - the colon is put there if a string is appended, so putting a colon in there explicitly gives double colons. Decorate some higher-level tree nodes with strings. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7107 f5534014-38df-0310-8fa8-9805f1628bb7
2003-02-07Rename "dissect_ndr_char_string()" and "dissect_ndr_wchar_string()" toguy1-3/+3
"dissect_ndr_char_cvstring()" and "dissect_ndr_wchar_cvstring()", to indicate that they're for conformant varying strings. Rename "dissect_ndr_character_array()" to "dissect_ndr_cvstring()", to indicate that it's for conformant varying strings. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7096 f5534014-38df-0310-8fa8-9805f1628bb7
2003-02-07Rename "dissect_ndr_char_array" and "disect_ndr_wchar_array" toguy1-3/+3
"dissect_ndr_char_string" and "dissect_ndr_wchar_string", to make it clearer what it does. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7095 f5534014-38df-0310-8fa8-9805f1628bb7
2003-02-03Convert to new DCERPC string handling functions. There are still sometpot1-105/+105
cosmetic bugs to work out though. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7069 f5534014-38df-0310-8fa8-9805f1628bb7
2003-01-31Decorate a PRIV_NAME_ARRAY with the privilege names in the array.guy1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7063 f5534014-38df-0310-8fa8-9805f1628bb7
2003-01-31Decorate a DELTA_DOMAIN structure's top-level item with the domain name.guy1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7062 f5534014-38df-0310-8fa8-9805f1628bb7
2003-01-30Generalize "cb_str_postprocess()" to allow the string to be appended toguy1-178/+178
items N levels up from the item being processed, and use that to decorate the tree as it was decorated before. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7043 f5534014-38df-0310-8fa8-9805f1628bb7
2003-01-30Display random useful tidbits in COL_INFO.tpot1-3/+7
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7040 f5534014-38df-0310-8fa8-9805f1628bb7
2003-01-28Convert dissector to callback based version of dissect_ndr_pointer().tpot1-499/+449
Strings that used to call with levels != -1 should call the callback helper which will append the string to the pointer item. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7017 f5534014-38df-0310-8fa8-9805f1628bb7
2003-01-14Add value_string for secure channel type used in ServerAuthenticate2.tpot1-4/+13
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6920 f5534014-38df-0310-8fa8-9805f1628bb7
2002-11-30Added some flags and value_Strings for netlogonsahlberg1-18/+600
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6706 f5534014-38df-0310-8fa8-9805f1628bb7
2002-11-29From Like H, update to NETLOGON. DSROLEGETPRIMARYDOMAININFO is actually ↵sahlberg1-22/+42
ENUMERATETRUSTEDDOMAINS git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6705 f5534014-38df-0310-8fa8-9805f1628bb7
2002-11-29From Luke H. Update to GetDomainInfosahlberg1-48/+69
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6704 f5534014-38df-0310-8fa8-9805f1628bb7
2002-11-04Bugfix.sahlberg1-35/+11
Previous checkin did not make sense. We can not have a union without having the union case value stored as a separate variable or else the receiving side will not know how to decode the packet. Therefore it can not be a union at all. Instead we have a REF pointer to a ulong holding the number of elements, then a unique pointer to a conformant array of structures. Thus, the content of the reply packet for function_24 as well as dsrolegetprimarydomaininfo can not be [ref] PRIMARY_DOMAIN_INFO_EX_UNION *pdi; but instead MUST be long num_entries; [unique][size_is(num_entries)] PRIMARY_DOMAIN_INFO_EX *pdi; git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6559 f5534014-38df-0310-8fa8-9805f1628bb7
2002-11-04Bugfix for DSROLE_PRIMARY_DOMAIN_INFOsahlberg1-36/+40
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6558 f5534014-38df-0310-8fa8-9805f1628bb7
2002-11-03Fix for Netlogon function 0x22 which used the wrong pointer type.sahlberg1-25/+13
Additional cleanups added when no longer nessecary to pass through two levels of pointers to get to the DOMAIN_CONTROLLER_INFO structure in the code. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6550 f5534014-38df-0310-8fa8-9805f1628bb7
2002-10-15When registering a protocol, make sure there are no other protocols withguy1-2/+2
the same long name, short name, or filter name, and abort if there are. Fix the duplicate names that found (and another name error found while fixing one of those errors). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6425 f5534014-38df-0310-8fa8-9805f1628bb7
2002-09-29Some changes to netlogon. function 0x1d is still not right but maybe we aresahlberg1-114/+94
getting closer. from Luke H. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6353 f5534014-38df-0310-8fa8-9805f1628bb7
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 20:30:14 +0000