* Routines for dcerpc endpoint mapper dissection
* Copyright 2001, Todd Sabin <tas@webspan.net>
*
- * $Id: packet-dcerpc-epm.c,v 1.7 2002/05/02 21:47:47 guy Exp $
+ * $Id: packet-dcerpc-epm.c,v 1.8 2002/05/26 10:51:06 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
static int hf_epm_ver_maj = -1;
static int hf_epm_ver_min = -1;
static int hf_epm_ver_opt = -1;
-static int hf_epm_lookup_hnd = -1;
+static int hf_epm_hnd = -1;
static int hf_epm_max_ents = -1;
static int hf_epm_num_ents = -1;
+static int hf_epm_uuid = -1;
+static int hf_epm_tower_length = -1;
+static int hf_epm_tower_data = -1;
+static int hf_epm_max_towers = -1;
+static int hf_epm_num_towers = -1;
+static int hf_epm_rc = -1;
static gint ett_epm = -1;
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_epm_ver_opt, NULL);
if (tree) {
- proto_tree_add_bytes (tree, hf_epm_lookup_hnd, tvb, offset, 20,
+ proto_tree_add_bytes (tree, hf_epm_hnd, tvb, offset, 20,
tvb_get_ptr (tvb, offset, 20));
}
offset += 20;
char *drep)
{
offset = dissect_ndr_ctx_hnd (tvb, offset, pinfo, tree, drep,
- hf_epm_lookup_hnd, NULL);
+ hf_epm_hnd, NULL);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_epm_num_ents, NULL);
return offset;
}
+#if 0
+static int
+epm_dissect_uuid (tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree,
+ char *drep)
+{
+ offset = dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep,
+ hf_epm_uuid, NULL);
+ return offset;
+}
+#endif
+
+/* typedef struct {
+ unsigned int tower_len,
+ [size_is(tower_len)] char tower[];
+ } twr_t, *twr_p_t;
+*/
+static int
+epm_dissect_tower (tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree,
+ char *drep)
+{
+ guint32 len;
+ dcerpc_info *di;
+
+ di=pinfo->private_data;
+ if(di->conformant_run){
+ return offset;
+ }
+
+ /* first one is the header of the conformant array, second one is the
+ length field */
+ offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
+ hf_epm_tower_length, &len);
+ offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
+ hf_epm_tower_length, NULL);
+ proto_tree_add_item(tree, hf_epm_tower_data, tvb, offset, len, FALSE);
+ offset += len;
+
+ return offset;
+}
+static int
+epm_dissect_tower_pointer (tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree,
+ char *drep)
+{
+ offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+ epm_dissect_tower, NDR_POINTER_PTR,
+ "Tower pointer:", -1, 1);
+ return offset;
+}
+static int
+epm_dissect_tower_array (tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree,
+ char *drep)
+{
+ offset = dissect_ndr_ucvarray(tvb, offset, pinfo, tree, drep,
+ epm_dissect_tower_pointer);
+
+ return offset;
+}
+
+static int
+epm_dissect_ept_map_rqst (tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree,
+ char *drep)
+{
+ /* [in] handle_t h */
+ offset = dissect_ndr_ctx_hnd (tvb, offset, pinfo, tree, drep,
+ hf_epm_hnd, NULL);
+
+#if 0
+ /* according to opengroup we should have an uuid pointer here.
+ in my w2k captures i can not see any such thing */
+ /* [in, ptr] uuid_p_t object */
+ offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+ epm_dissect_uuid, NDR_POINTER_PTR,
+ "UUID pointer:", -1, 1);
+#endif
+
+ /* [in, ptr] twr_p_t map_tower */
+ offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+ epm_dissect_tower, NDR_POINTER_PTR,
+ "Tower pointer:", -1, 1);
+
+ /* [in, out] ept_lookup_handle_t *entry_handle */
+ offset = dissect_ndr_ctx_hnd (tvb, offset, pinfo, tree, drep,
+ hf_epm_hnd, NULL);
+
+ /* [in] unsigned32 max_towers */
+ offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
+ hf_epm_max_towers, NULL);
+
+ return offset;
+}
+
+static int
+epm_dissect_ept_map_resp (tvbuff_t *tvb, int offset,
+ packet_info *pinfo, proto_tree *tree,
+ char *drep)
+{
+ /* [in, out] ept_lookup_handle_t *entry_handle */
+ offset = dissect_ndr_ctx_hnd (tvb, offset, pinfo, tree, drep,
+ hf_epm_hnd, NULL);
+
+ /* [out, ptr] unsigned32 *num_towers */
+ offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
+ hf_epm_num_towers, NULL);
+
+ /* [out, length_is(*num_towers), size_is(max_towers), ptr] twr_p_t towers[] */
+ offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+ epm_dissect_tower_array, NDR_POINTER_REF,
+ "Tower array:", -1, 1);
+
+ /* [out] error_status_t *status */
+ offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
+ hf_epm_rc, NULL);
+
+ return offset;
+}
static dcerpc_sub_dissector epm_dissectors[] = {
{ 0, "ept_insert", NULL, NULL },
{ 1, "ept_delete", NULL, NULL },
- { 2, "ept_lookup", epm_dissect_ept_lookup_rqst, epm_dissect_ept_lookup_resp },
- { 3, "ept_map", NULL, NULL },
+ { 2, "ept_lookup",
+ epm_dissect_ept_lookup_rqst,
+ epm_dissect_ept_lookup_resp },
+ { 3, "Map",
+ epm_dissect_ept_map_rqst,
+ epm_dissect_ept_map_resp },
{ 4, "ept_lookup_handle_free", NULL, NULL },
{ 5, "ept_inq_object", NULL, NULL },
{ 6, "ept_mgmt_delete", NULL, NULL },
{ "Version Minor", "epm.ver_min", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
{ &hf_epm_ver_opt,
{ "Version Option", "epm.ver_opt", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL }},
- { &hf_epm_lookup_hnd,
- { "Lookup Handle", "epm.lookup_hnd", FT_BYTES, BASE_NONE, NULL, 0x0, "", HFILL }},
+ { &hf_epm_hnd,
+ { "Handle", "epm.hnd", FT_BYTES, BASE_NONE, NULL, 0x0, "Context handle", HFILL }},
{ &hf_epm_max_ents,
{ "Max entries", "epm.max_ents", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL }},
{ &hf_epm_num_ents,
{ "Num entries", "epm.num_ents", FT_UINT32, BASE_DEC, NULL, 0x0, "", HFILL }},
+ { &hf_epm_uuid,
+ { "UUID", "epm.uuid", FT_STRING, BASE_NONE, NULL, 0x0, "UUID", HFILL }},
+ { &hf_epm_tower_length,
+ { "Length", "epm.tower.len", FT_UINT32, BASE_DEC, NULL, 0x0, "Length of tower data", HFILL }},
+ { &hf_epm_tower_data,
+ { "Tower", "epm.tower", FT_BYTES, BASE_HEX, NULL, 0x0, "Tower data", HFILL }},
+ { &hf_epm_max_towers,
+ { "Max Towers", "epm.max_towers", FT_UINT32, BASE_DEC, NULL, 0x0, "Maximum number of towers to return", HFILL }},
+ { &hf_epm_num_towers,
+ { "Num Towers", "epm.num_towers", FT_UINT32, BASE_DEC, NULL, 0x0, "Number number of towers to return", HFILL }},
+ { &hf_epm_rc,
+ { "Return code", "epm.rc", FT_UINT32, BASE_HEX, NULL, 0x0, "EPM return value", HFILL }},
};
static gint *ett[] = {
git.samba.org / obnox / wireshark / wip.git / commitdiff