Revert "TODO PAC_DEVICE_INFO..."
authorStefan Metzmacher <metze@samba.org>
Sun, 28 Aug 2016 22:03:10 +0000 (00:03 +0200)
committerStefan Metzmacher <metze@samba.org>
Sun, 20 Jan 2019 22:14:58 +0000 (23:14 +0100)
This reverts commit b8e83e7a0cd1cfda0678dec79a2de7bbe83173ac.

epan/dissectors/asn1/kerberos/packet-kerberos-template.c
epan/dissectors/packet-dcerpc-netlogon.c
epan/dissectors/packet-dcerpc-netlogon.h

index 5501588..5d735ff 100644 (file)
@@ -230,7 +230,6 @@ static gint ett_krb_pac_logon_info = -1;
 static gint ett_krb_pac_credential_info = -1;
 static gint ett_krb_pac_s4u_delegation_info = -1;
 static gint ett_krb_pac_upn_dns_info = -1;
-static gint ett_krb_pac_device_info = -1;
 static gint ett_krb_pac_server_checksum = -1;
 static gint ett_krb_pac_privsvr_checksum = -1;
 static gint ett_krb_pac_client_info_type = -1;
@@ -1996,29 +1995,6 @@ dissect_krb5_PAC_LOGON_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset,
 static int
 dissect_krb5_PAC_CREDENTIAL_DATA(proto_tree *parent_tree, tvbuff_t *tvb, int offset, packet_info *pinfo _U_)
 {
-       proto_item *item;
-       proto_tree *tree;
-       guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */
-       static dcerpc_info di;      /* fake dcerpc_info struct */
-       static dcerpc_call_value call_data;
-
-       item = proto_tree_add_item(parent_tree, hf_krb_pac_device_info, tvb, offset, -1, ENC_NA);
-       tree = proto_item_add_subtree(item, ett_krb_pac_device_info);
-
-       /* skip the first 16 bytes, they are some magic created by the idl
-        * compiler   the first 4 bytes might be flags?
-        */
-       offset = dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
-
-       /* the PAC_DEVICE_INFO blob */
-       /* fake whatever state the dcerpc runtime support needs */
-       di.conformant_run=0;
-       /* we need di->call_data->flags.NDR64 == 0 */
-       di.call_data=&call_data;
-       init_ndr_pointer_list(&di);
-       offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, &di, drep,
-                                    netlogon_dissect_PAC_DEVICE_INFO, NDR_POINTER_UNIQUE,
-                                    "PAC_DEVICE_INFO:", -1);
        proto_tree_add_item(parent_tree, hf_krb_pac_credential_data, tvb, offset, -1, ENC_NA);
 
        return offset;
@@ -2155,12 +2131,6 @@ dissect_krb5_PAC_UPN_DNS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset
 static int
 dissect_krb5_PAC_CLIENT_CLAIMS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
 {
-       int length = tvb_captured_length_remaining(tvb, offset);
-
-       if (length == 0) {
-               return offset;
-       }
-
        proto_tree_add_item(parent_tree, hf_krb_pac_client_claims_info, tvb, offset, -1, ENC_NA);
 
        return offset;
@@ -2169,29 +2139,7 @@ dissect_krb5_PAC_CLIENT_CLAIMS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int
 static int
 dissect_krb5_PAC_DEVICE_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
 {
-       proto_item *item;
-       proto_tree *tree;
-       guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */
-       static dcerpc_info di;      /* fake dcerpc_info struct */
-       static dcerpc_call_value call_data;
-
-       item = proto_tree_add_item(parent_tree, hf_krb_pac_device_info, tvb, offset, -1, ENC_NA);
-       tree = proto_item_add_subtree(item, ett_krb_pac_device_info);
-
-       /* skip the first 16 bytes, they are some magic created by the idl
-        * compiler   the first 4 bytes might be flags?
-        */
-       offset = dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
-
-       /* the PAC_DEVICE_INFO blob */
-       /* fake whatever state the dcerpc runtime support needs */
-       di.conformant_run=0;
-       /* we need di->call_data->flags.NDR64 == 0 */
-       di.call_data=&call_data;
-       init_ndr_pointer_list(&di);
-       offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, &di, drep,
-                                    netlogon_dissect_PAC_DEVICE_INFO, NDR_POINTER_UNIQUE,
-                                    "PAC_DEVICE_INFO:", -1);
+       proto_tree_add_item(parent_tree, hf_krb_pac_device_info, tvb, offset, -1, ENC_NA);
 
        return offset;
 }
@@ -2199,12 +2147,6 @@ dissect_krb5_PAC_DEVICE_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset,
 static int
 dissect_krb5_PAC_DEVICE_CLAIMS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
 {
-       int length = tvb_captured_length_remaining(tvb, offset);
-
-       if (length == 0) {
-               return offset;
-       }
-
        proto_tree_add_item(parent_tree, hf_krb_pac_device_claims_info, tvb, offset, -1, ENC_NA);
 
        return offset;
@@ -2812,7 +2754,6 @@ void proto_register_kerberos(void) {
                &ett_krb_pac_credential_info,
                &ett_krb_pac_s4u_delegation_info,
                &ett_krb_pac_upn_dns_info,
-               &ett_krb_pac_device_info,
                &ett_krb_pac_server_checksum,
                &ett_krb_pac_privsvr_checksum,
                &ett_krb_pac_client_info_type,
index 18f2917..753938a 100644 (file)
@@ -263,7 +263,6 @@ static int hf_netlogon_logon_srv = -1;
 /* static int hf_netlogon_principal = -1; */
 static int hf_netlogon_logon_dom = -1;
 static int hf_netlogon_resourcegroupcount = -1;
-static int hf_netlogon_accountdomaingroupcount = -1;
 static int hf_netlogon_downlevel_domain_name = -1;
 static int hf_netlogon_dns_domain_name = -1;
 static int hf_netlogon_ad_client_dns_name = -1;
@@ -1800,51 +1799,6 @@ netlogon_dissect_VALIDATION_SAM_INFO4(tvbuff_t *tvb, int offset,
                                         hf_netlogon_dummy_string10, 0);
     return offset;
 }
-
-static int
-netlogon_dissect_PAC_DOMAIN_GROUP_MEMBERSHIPS(tvbuff_t *tvb, int offset,
-                                packet_info *pinfo, proto_tree *tree,
-                                dcerpc_info *di, guint8 *drep,
-                                int hf_count, const char *array_name)
-{
-    guint32 rgc;
-
-    offset = dissect_ndr_nt_PSID(tvb, offset, pinfo, tree, di, drep);
-
-    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
-                                hf_count, &rgc);
-
-    offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, di, drep,
-                                 netlogon_dissect_GROUP_MEMBERSHIP_ARRAY, NDR_POINTER_UNIQUE,
-                                 array_name, -1);
-
-    return offset;
-}
-
-static gint ett_nt_sid_and_attributes_array = -1;
-
-static int
-netlogon_dissect_PAC_DOMAIN_GROUP_MEMBERSHIPS_ARRAY(tvbuff_t *tvb, int offset,
-                       packet_info *pinfo, proto_tree *parent_tree,
-                       dcerpc_info *di, guint8 *drep)
-{
-       proto_item *item=NULL;
-       proto_tree *tree=NULL;
-       int old_offset=offset;
-
-       if(parent_tree){
-               tree = proto_tree_add_subtree(parent_tree, tvb, offset, 0,
-                       ett_nt_sid_and_attributes_array, &item, "DOMAIN_GROUP_MEMBERSHIPS array:");
-       }
-
-       /*offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep,
-         hf_samr_count, &count); */
-       offset = dissect_ndr_ucarray(tvb, offset, pinfo, tree, di, drep,
-                       dissect_ndr_nt_SID_AND_ATTRIBUTES);
-
-       proto_item_set_len(item, offset-old_offset);
-       return offset;
-}
 /*
  * IDL typedef struct {
  * IDL   uint64 LogonTime;
@@ -1979,10 +1933,15 @@ netlogon_dissect_PAC_LOGON_INFO(tvbuff_t *tvb, int offset,
                                  dissect_ndr_nt_SID_AND_ATTRIBUTES_ARRAY, NDR_POINTER_UNIQUE,
                                  "SID_AND_ATTRIBUTES_ARRAY:", -1);
 
-    offset = netlogon_dissect_PAC_DOMAIN_GROUP_MEMBERSHIPS(tvb, offset,
-                              pinfo, tree, di, drep,
-                              hf_netlogon_resourcegroupcount,
-                              "ResourceGroupIDs");
+
+    offset = dissect_ndr_nt_PSID(tvb, offset, pinfo, tree, di, drep);
+
+    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
+                                hf_netlogon_resourcegroupcount, &rgc);
+
+    offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, di, drep,
+                                 netlogon_dissect_GROUP_MEMBERSHIP_ARRAY, NDR_POINTER_UNIQUE,
+                                 "ResourceGroupIDs", -1);
 
     return offset;
 }
@@ -2027,62 +1986,6 @@ netlogon_dissect_PAC_S4U_DELEGATION_INFO(tvbuff_t *tvb, int offset,
     return offset;
 }
 
-/*
- * IDL typedef struct {
- * IDL   long UserId;
- * IDL   long PrimaryGroupId;
- * IDL   SID AccountDomainId;
- * IDL   long AccountGroupCount;
- * IDL   [size_is(AccountGroupCount)] PGROUP_MEMBERSHIP AccountGroupIds;
- * IDL   ULONG SidCount;
- * IDL   [size_is(SidCount)] PKERB_SID_AND_ATTRIBUTES ExtraSids;
- * IDL   ULONG DomainGroupCount;
- * IDL   [size_is(DomainGroupCount)] PDOMAIN_GROUP_MEMBERSHIP DomainGroup;
- * IDL } PAC_DEVICE_INFO;
- */
-int
-netlogon_dissect_PAC_DEVICE_INFO(tvbuff_t *tvb, int offset,
-                                 packet_info *pinfo, proto_tree *tree,
-                                 dcerpc_info *di, guint8 *drep)
-{
-    guint32 rgc;
-
-    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
-                                hf_netlogon_user_rid, NULL);
-
-    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
-                                hf_netlogon_group_rid, NULL);
-
-    offset = netlogon_dissect_PAC_DOMAIN_GROUP_MEMBERSHIPS(tvb, offset,
-                              pinfo, tree, di, drep,
-                              hf_netlogon_accountdomaingroupcount,
-                              "AccountDomainGroupIds");
-
-    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
-                                hf_netlogon_num_rids, NULL);
-
-    offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, di, drep,
-                                 netlogon_dissect_GROUP_MEMBERSHIP_ARRAY, NDR_POINTER_UNIQUE,
-                                 "GROUP_MEMBERSHIP_ARRAY", -1);
-
-    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
-                                hf_netlogon_num_sid, NULL);
-
-    offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, di, drep,
-                                 dissect_ndr_nt_SID_AND_ATTRIBUTES_ARRAY, NDR_POINTER_UNIQUE,
-                                 "SID_AND_ATTRIBUTES_ARRAY:", -1);
-
- /* TODO */
-    offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
-                                hf_netlogon_resourcegroupcount, &rgc);
-
-    offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, di, drep,
-                                 netlogon_dissect_GROUP_MEMBERSHIP_ARRAY, NDR_POINTER_UNIQUE,
-                                 "ResourceGroupIDs", -1);
-
-    return offset;
-}
-
 #if 0
 static int
 netlogon_dissect_PAC(tvbuff_t *tvb, int offset,
@@ -8348,10 +8251,6 @@ proto_register_dcerpc_netlogon(void)
           { "ResourceGroup count", "netlogon.resourcegroupcount", FT_UINT32, BASE_DEC,
             NULL, 0, "Number of Resource Groups", HFILL }},
 
-        { &hf_netlogon_accountdomaingroupcount,
-          { "AccountDomainGroup count", "netlogon.accountdomaingroupcount", FT_UINT32, BASE_DEC,
-            NULL, 0, "Number of Account Domain Groups", HFILL }},
-
         { &hf_netlogon_computer_name,
           { "Computer Name", "netlogon.computer_name", FT_STRING, BASE_NONE,
             NULL, 0, NULL, HFILL }},
index f552fad..6be89be 100644 (file)
@@ -79,10 +79,4 @@ netlogon_dissect_PAC_S4U_DELEGATION_INFO(tvbuff_t *tvb, int offset,
                        packet_info *pinfo, proto_tree *tree,
                        dcerpc_info *di, guint8 *drep);
 
-/* needed to decrypt PAC_DEVICE_INFO in kerberos */
-int
-netlogon_dissect_PAC_DEVICE_INFO(tvbuff_t *tvb, int offset,
-                       packet_info *pinfo, proto_tree *tree,
-                       dcerpc_info *di, guint8 *drep);
-
 #endif /* packet-dcerpc-netlogon.h */