search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HACK: pinfo->private_data points to smb_info again
[wireshark-wip.git] / epan / dissectors / packet-dcerpc-conv.c
blobf75bb3202fdab97a37f4a9dbb29f2ee76d4e1446
1 /* packet-dcerpc-conv.c
2 * Routines for dcerpc conv dissection
3 * Copyright 2001, Todd Sabin <tas@webspan.net>
4 *
5 * $Id$
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
10 *
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26 #include "config.h"
27
28
29 #include <glib.h>
30 #include <epan/packet.h>
31 #include "packet-dcerpc.h"
32 #include "packet-dcerpc-dce122.h"
33
34
35 static int proto_conv = -1;
36 static int hf_conv_opnum = -1;
37 static int hf_conv_rc = -1;
38 static int hf_conv_who_are_you_rqst_actuid = -1;
39 static int hf_conv_who_are_you_rqst_boot_time = -1;
40 static int hf_conv_who_are_you2_rqst_actuid = -1;
41 static int hf_conv_who_are_you2_rqst_boot_time = -1;
42 static int hf_conv_who_are_you_resp_seq = -1;
43 static int hf_conv_who_are_you2_resp_seq = -1;
44 static int hf_conv_who_are_you2_resp_casuuid = -1;
45
46 static gint ett_conv = -1;
47
48
49 static e_uuid_t uuid_conv = { 0x333a2276, 0x0000, 0x0000, { 0x0d, 0x00, 0x00, 0x80, 0x9c, 0x00, 0x00, 0x00 } };
50 static guint16 ver_conv = 3;
51
52
53 static int
54 conv_dissect_who_are_you_rqst (tvbuff_t *tvb, int offset,
55 packet_info *pinfo, proto_tree *tree,
56 dcerpc_info *di, guint8 *drep)
57 {
58 /*
59 * [in] uuid_t *actuid,
60 * [in] unsigned32 boot_time,
61 */
62 e_uuid_t actuid;
63
64 offset = dissect_ndr_uuid_t(tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you_rqst_actuid, &actuid);
65 offset = dissect_ndr_time_t(tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you_rqst_boot_time, NULL);
66
67 col_add_fstr(pinfo->cinfo, COL_INFO,
68 "conv_who_are_you request actuid: %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
69 actuid.Data1, actuid.Data2, actuid.Data3,
70 actuid.Data4[0], actuid.Data4[1], actuid.Data4[2], actuid.Data4[3],
71 actuid.Data4[4], actuid.Data4[5], actuid.Data4[6], actuid.Data4[7]);
72
73 return offset;
74 }
75
76 static int
77 conv_dissect_who_are_you_resp (tvbuff_t *tvb, int offset,
78 packet_info *pinfo, proto_tree *tree,
79 dcerpc_info *di, guint8 *drep)
80 {
81 /*
82 * [out] unsigned32 *seq,
83 * [out] unsigned32 *st
84 */
85 guint32 seq, st;
86
87 offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you_resp_seq, &seq);
88 offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_conv_rc, &st);
89
90
91 col_add_fstr(pinfo->cinfo, COL_INFO, "conv_who_are_you response seq:%u st:%s",
92 seq, val_to_str_ext(st, &dce_error_vals_ext, "%u"));
93
94 return offset;
95 }
96
97
98
99 static int
100 conv_dissect_who_are_you2_rqst (tvbuff_t *tvb, int offset,
101 packet_info *pinfo, proto_tree *tree,
102 dcerpc_info *di, guint8 *drep)
103 {
104 /*
105 * [in] uuid_t *actuid,
106 * [in] unsigned32 boot_time,
107 */
108 e_uuid_t actuid;
109
110 offset = dissect_ndr_uuid_t(tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you2_rqst_actuid, &actuid);
111 offset = dissect_ndr_time_t(tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you2_rqst_boot_time, NULL);
112
113 col_add_fstr(pinfo->cinfo, COL_INFO,
114 "conv_who_are_you2 request actuid: %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
115 actuid.Data1, actuid.Data2, actuid.Data3,
116 actuid.Data4[0], actuid.Data4[1], actuid.Data4[2], actuid.Data4[3],
117 actuid.Data4[4], actuid.Data4[5], actuid.Data4[6], actuid.Data4[7]);
118
119 return offset;
120 }
121 static int
122 conv_dissect_who_are_you2_resp (tvbuff_t *tvb, int offset,
123 packet_info *pinfo, proto_tree *tree,
124 dcerpc_info *di, guint8 *drep)
125 {
126 /*
127 * [out] unsigned32 *seq,
128 * [out] uuid_t *cas_uuid,
129 *
130 * [out] unsigned32 *st
131 */
132 guint32 seq, st;
133 e_uuid_t cas_uuid;
134
135 offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you2_resp_seq, &seq);
136 offset = dissect_ndr_uuid_t (tvb, offset, pinfo, tree, di, drep, hf_conv_who_are_you2_resp_casuuid, &cas_uuid);
137 offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_conv_rc, &st);
138
139 col_add_fstr(pinfo->cinfo, COL_INFO,
140 "conv_who_are_you2 response seq:%u st:%s cas:%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
141 seq, val_to_str_ext(st, &dce_error_vals_ext, "%u"),
142 cas_uuid.Data1, cas_uuid.Data2, cas_uuid.Data3,
143 cas_uuid.Data4[0], cas_uuid.Data4[1], cas_uuid.Data4[2], cas_uuid.Data4[3],
144 cas_uuid.Data4[4], cas_uuid.Data4[5], cas_uuid.Data4[6], cas_uuid.Data4[7]);
145
146 return offset;
147 }
148
149
150 static dcerpc_sub_dissector conv_dissectors[] = {
151 { 0, "who_are_you",
152 conv_dissect_who_are_you_rqst, conv_dissect_who_are_you_resp },
153 { 1, "who_are_you2",
154 conv_dissect_who_are_you2_rqst, conv_dissect_who_are_you2_resp },
155 { 2, "are_you_there",
156 NULL, NULL },
157 { 3, "who_are_you_auth",
158 NULL, NULL },
159 { 4, "who_are_you_auth_more",
160 NULL, NULL },
161 { 0, NULL, NULL, NULL }
162 };
163
164 void
165 proto_register_conv (void)
166 {
167 static hf_register_info hf[] = {
168 { &hf_conv_opnum,
169 { "Operation", "conv.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
170 { &hf_conv_rc,
171 {"Status", "conv.status", FT_UINT32, BASE_DEC|BASE_EXT_STRING, &dce_error_vals_ext, 0x0, NULL, HFILL }},
172
173 { &hf_conv_who_are_you_rqst_actuid,
174 {"Activity UID", "conv.who_are_you_rqst_actuid", FT_GUID, BASE_NONE, NULL, 0x0, "UUID", HFILL }},
175 { &hf_conv_who_are_you_rqst_boot_time,
176 {"Boot time", "conv.who_are_you_rqst_boot_time", FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0, NULL, HFILL }},
177 { &hf_conv_who_are_you2_rqst_actuid,
178 {"Activity UID", "conv.who_are_you2_rqst_actuid", FT_GUID, BASE_NONE, NULL, 0x0, "UUID", HFILL }},
179 { &hf_conv_who_are_you2_rqst_boot_time,
180 {"Boot time", "conv.who_are_you2_rqst_boot_time", FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0, NULL, HFILL }},
181
182 { &hf_conv_who_are_you_resp_seq,
183 {"Sequence Number", "conv.who_are_you_resp_seq", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
184 { &hf_conv_who_are_you2_resp_seq,
185 {"Sequence Number", "conv.who_are_you2_resp_seq", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }},
186 { &hf_conv_who_are_you2_resp_casuuid,
187 {"Client's address space UUID", "conv.who_are_you2_resp_casuuid", FT_GUID, BASE_NONE, NULL, 0x0, "UUID", HFILL }}
188 };
189
190 static gint *ett[] = {
191 &ett_conv
192 };
193 proto_conv = proto_register_protocol ("DCE/RPC Conversation Manager", "CONV", "conv");
194 proto_register_field_array (proto_conv, hf, array_length (hf));
195 proto_register_subtree_array (ett, array_length (ett));
196 }
197
198 void
199 proto_reg_handoff_conv (void)
200 {
201 /* Register the protocol as dcerpc */
202 dcerpc_init_uuid (proto_conv, ett_conv, &uuid_conv, ver_conv, conv_dissectors, hf_conv_opnum);
203 }
204