12 #ifndef __PACKET_DCERPC_H__ 13 #define __PACKET_DCERPC_H__ 16 #include "ws_symbol_export.h" 25 #define DREP_LITTLE_ENDIAN 0x10 27 #define DREP_EBCDIC 0x01 32 #define DREP_ENC_INTEGER(drep) \ 33 (((drep)[0] & DREP_LITTLE_ENDIAN) ? ENC_LITTLE_ENDIAN : ENC_BIG_ENDIAN) 38 #define DREP_ENC_CHAR(drep) \ 39 (((drep)[0] & DREP_EBCDIC) ? ENC_EBCDIC|ENC_NA : ENC_ASCII|ENC_NA) 48 #define DCERPC_UUID_NULL { 0,0,0, {0,0,0,0,0,0,0,0} } 51 #define DCERPC_UUID_STR_LEN 36+1 96 guint32 auth_context_id;
147 #define DCERPC_IS_NDR64 0x00000001 154 guint64 transport_salt;
156 gboolean conformant_run;
158 gint32 conformant_eaten;
159 guint32 array_max_count;
160 guint32 array_max_count_offset;
161 guint32 array_offset;
162 guint32 array_offset_offset;
163 guint32 array_actual_count;
164 guint32 array_actual_count_offset;
167 const char *dcerpc_procedure_name;
175 #define PDU_WORKING 4 179 #define PDU_CL_CANCEL 8 181 #define PDU_CANCEL_ACK 10 183 #define PDU_BIND_ACK 12 184 #define PDU_BIND_NAK 13 186 #define PDU_ALTER_ACK 15 188 #define PDU_SHUTDOWN 17 189 #define PDU_CO_CANCEL 18 190 #define PDU_ORPHANED 19 198 guint16 dcerpc_tvb_get_ntohs (
tvbuff_t *tvb, gint offset, guint8 *drep);
199 guint32 dcerpc_tvb_get_ntohl (
tvbuff_t *tvb, gint offset, guint8 *drep);
200 void dcerpc_tvb_get_uuid (
tvbuff_t *tvb, gint offset, guint8 *drep,
e_guid_t *uuid);
204 int hfindex, guint8 *pdata);
208 int hfindex, guint8 *pdata);
212 int hfindex, guint16 *pdata);
216 int hfindex, guint32 *pdata);
220 int hfindex, guint64 *pdata);
223 int hfindex, gfloat *pdata);
226 int hfindex, gdouble *pdata);
229 int hfindex, guint32 *pdata);
241 int hfindex, guint8 *pdata);
247 int hfindex, guint16 *pdata);
253 int hfindex, guint32 *pdata);
259 int hfindex, guint64 *pdata);
263 int hfindex, guint64 *pdata);
269 int hfindex, gfloat *pdata);
273 int hfindex, gdouble *pdata);
278 int hfindex, guint32 *pdata);
287 #define FT_UINT1632 FT_UINT32 288 typedef guint32 guint1632;
293 int hfindex, guint1632 *pdata);
295 typedef guint64 guint3264;
300 int hfindex, guint3264 *pdata);
307 #define NDR_POINTER_REF 1 308 #define NDR_POINTER_UNIQUE 2 309 #define NDR_POINTER_PTR 3 313 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
314 int hf_index, dcerpc_callback_fnct_t *callback,
315 void *callback_args);
319 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
324 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
328 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
334 dcerpc_dissect_fnct_t *fnct);
338 dcerpc_dissect_fnct_blk_t *fnct);
345 dcerpc_dissect_fnct_t *fnct);
349 dcerpc_dissect_fnct_blk_t *fnct);
354 dcerpc_dissect_fnct_t *fnct);
361 int hfinfo, gboolean add_subtree,
371 int hfindex, gboolean add_subtree,
char **data);
374 int hfinfo, gboolean add_subtree,
384 dcerpc_dissect_fnct_t *dissect_rqst;
385 dcerpc_dissect_fnct_t *dissect_resp;
392 const char *dcerpc_get_proto_name(
e_guid_t *uuid, guint16 ver);
394 int dcerpc_get_proto_hf_opnum(
e_guid_t *uuid, guint16 ver);
404 WS_DLL_PUBLIC
void decode_dcerpc_reset_all(
void);
405 typedef void (*decode_add_show_list_func)(gpointer data, gpointer user_data);
406 WS_DLL_PUBLIC
void decode_dcerpc_add_show_list(decode_add_show_list_func func, gpointer user_data);
415 WS_DLL_PUBLIC GHashTable *dcerpc_uuids;
438 dcerpc_dissect_fnct_t *bind_fn;
439 dcerpc_dissect_fnct_t *bind_ack_fn;
440 dcerpc_dissect_fnct_t *auth3_fn;
441 dcerpc_dissect_fnct_t *req_verf_fn;
442 dcerpc_dissect_fnct_t *resp_verf_fn;
446 dcerpc_decode_data_fnct_t *req_data_fn;
447 dcerpc_decode_data_fnct_t *resp_data_fn;
451 void register_dcerpc_auth_subdissector(guint8 auth_level, guint8 auth_type,
464 guint64 transport_salt;
471 WS_DLL_PUBLIC guint64 dcerpc_get_transport_salt(
packet_info *pinfo);
472 WS_DLL_PUBLIC
void dcerpc_set_transport_salt(guint64 dcetransportsalt,
packet_info *pinfo);
482 #define DCE_C_RPC_AUTHN_PROTOCOL_NONE 0 483 #define DCE_C_RPC_AUTHN_PROTOCOL_KRB5 1 484 #define DCE_C_RPC_AUTHN_PROTOCOL_SPNEGO 9 485 #define DCE_C_RPC_AUTHN_PROTOCOL_NTLMSSP 10 486 #define DCE_C_RPC_AUTHN_PROTOCOL_GSS_SCHANNEL 14 487 #define DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS 16 488 #define DCE_C_RPC_AUTHN_PROTOCOL_DPA 17 489 #define DCE_C_RPC_AUTHN_PROTOCOL_MSN 18 490 #define DCE_C_RPC_AUTHN_PROTOCOL_DIGEST 21 491 #define DCE_C_RPC_AUTHN_PROTOCOL_SEC_CHAN 68 492 #define DCE_C_RPC_AUTHN_PROTOCOL_MQ 100 496 #define DCE_C_AUTHN_LEVEL_NONE 1 497 #define DCE_C_AUTHN_LEVEL_CONNECT 2 498 #define DCE_C_AUTHN_LEVEL_CALL 3 499 #define DCE_C_AUTHN_LEVEL_PKT 4 500 #define DCE_C_AUTHN_LEVEL_PKT_INTEGRITY 5 501 #define DCE_C_AUTHN_LEVEL_PKT_PRIVACY 6 521 #define PIDL_POLHND_OPEN 0x80000000 522 #define PIDL_POLHND_CLOSE 0x40000000 524 #define PIDL_STR_SAVE 0x20000000 526 #define PIDL_SET_COL_INFO 0x10000000 529 #define PIDL_POLHND_TYPE_MASK 0x00ff0000 530 #define PIDL_POLHND_TYPE_SAMR_USER 0x00010000 531 #define PIDL_POLHND_TYPE_SAMR_CONNECT 0x00020000 532 #define PIDL_POLHND_TYPE_SAMR_DOMAIN 0x00030000 533 #define PIDL_POLHND_TYPE_SAMR_GROUP 0x00040000 534 #define PIDL_POLHND_TYPE_SAMR_ALIAS 0x00050000 536 #define PIDL_POLHND_TYPE_LSA_POLICY 0x00060000 537 #define PIDL_POLHND_TYPE_LSA_ACCOUNT 0x00070000 538 #define PIDL_POLHND_TYPE_LSA_SECRET 0x00080000 539 #define PIDL_POLHND_TYPE_LSA_DOMAIN 0x00090000 544 guint32 open_frame, close_frame;
552 extern int hf_dcerpc_drep_byteorder;
553 extern int hf_dcerpc_ndr_padding;
555 #define FAKE_DCERPC_INFO_STRUCTURE \ 558 dcerpc_call_value call_data; \ 560 di.conformant_run = FALSE; \ 561 di.no_align = TRUE; \ 564 call_data.flags = 0; \ 565 di.call_data = &call_data; Definition: packet-dcerpc.h:455
Definition: packet-dcerpc.h:417
Definition: packet_info.h:44
Definition: packet-dcerpc.h:381
Definition: packet-dcerpc.h:125
Definition: tvbuff-int.h:35
Definition: packet-dcerpc.h:434
Definition: packet-dcerpc.h:542
Definition: conversation.h:89
Definition: guid-utils.h:21
Definition: packet-dcerpc.h:93
Definition: packet-dcerpc.h:58
Definition: packet-dcerpc.h:53
Definition: packet-dcerpc.h:69
Definition: value_string.h:24
Definition: packet-dcerpc.h:151
Definition: packet-dcerpc.h:105