More NETLOGON updates

svn path=/trunk/; revision=5814
author: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2002-07-02 14:41:51 +0000
committer: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2002-07-02 14:41:51 +0000
commit: ba8a7bfdc2139792298fb9fb7c28d755c184ccc0 (patch)
tree: 59097329ee93b80945c8a02a3a2ece344119baa4 /packet-dcerpc-netlogon.c
parent: b84e41cf957e727d1cc66949a820124704cb4bf3 (diff)
download: wireshark-ba8a7bfdc2139792298fb9fb7c28d755c184ccc0.tar.gz
wireshark-ba8a7bfdc2139792298fb9fb7c28d755c184ccc0.tar.bz2
wireshark-ba8a7bfdc2139792298fb9fb7c28d755c184ccc0.zip
1 files changed, 146 insertions, 134 deletions
diff --git a/packet-dcerpc-netlogon.c b/packet-dcerpc-netlogon.c
index 63843d3928..4f22358ad4 100644
--- a/packet-dcerpc-netlogon.c
+++ b/packet-dcerpc-netlogon.c
@@ -3,7 +3,7 @@
  * Copyright 2001, Tim Potter <tpot@samba.org>
  *  2002 structure and command dissectors by Ronnie Sahlberg
  *
- * $Id: packet-dcerpc-netlogon.c,v 1.28 2002/07/02 10:11:20 sahlberg Exp $
+ * $Id: packet-dcerpc-netlogon.c,v 1.29 2002/07/02 14:41:51 sahlberg Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
@@ -161,7 +161,6 @@ static gint ett_TYPE_31 = -1;
 static gint ett_TYPE_32 = -1;
 static gint ett_TYPE_33 = -1;
 static gint ett_TYPE_34 = -1;
-static gint ett_TYPE_35 = -1;
 static gint ett_SAM_DELTA = -1;
 static gint ett_SAM_DELTA_ARRAY = -1;
 static gint ett_TYPE_36 = -1;
@@ -185,7 +184,6 @@ static gint ett_NETLOGON_INFO = -1;
 static gint ett_TYPE_45 = -1;
 static gint ett_TYPE_47 = -1;
 static gint ett_GUID = -1;
-static gint ett_ENC_LM_OWF_PASSWORD = -1;
 static gint ett_LM_OWF_PASSWORD = -1;
 static gint ett_NT_OWF_PASSWORD = -1;
 static gint ett_GROUP_MEMBERSHIP = -1;
@@ -1429,6 +1427,136 @@ netlogon_dissect_netserverauthenticate_reply(tvbuff_t *tvb, int offset,
 
 
 
+/*
+ * IDL typedef struct {
+ * IDL   char encrypted_password[16];
+ * IDL } ENCRYPTED_LM_OWF_PASSWORD;
+ */
+static int
+netlogon_dissect_ENCRYPTED_LM_OWF_PASSWORD(tvbuff_t *tvb, int offset,
+			packet_info *pinfo, proto_tree *tree,
+			char *drep _U_)
+{
+	dcerpc_info *di;
+
+	di=pinfo->private_data;
+	if(di->conformant_run){
+		/*just a run to handle conformant arrays, nothing to dissect.*/
+		return offset;
+	}
+
+	proto_tree_add_item(tree, hf_netlogon_encrypted_lm_owf_password, tvb, offset, 16,
+		FALSE);
+	offset += 16;
+
+	return offset;
+}
+
+/*
+ * IDL long NetServerPasswordSet(
+ * IDL      [in][unique][string] wchar_t *ServerName,
+ * IDL      [in][ref][string] wchar_t *UserName,
+ * IDL      [in] short secure_challenge_type,
+ * IDL      [in][ref][string] wchar_t *ComputerName,
+ * IDL      [in][ref] AUTHENTICATOR credential,
+ * IDL      [in][ref] LM_OWF_PASSWORD UasNewPassword,
+ * IDL      [out][ref] AUTHENTICATOR return_authenticator
+ * IDL );
+ */
+static int
+netlogon_dissect_netserverpasswordset_rqst(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, char *drep)
+{
+	offset = netlogon_dissect_LOGONSRV_HANDLE(tvb, offset,
+		pinfo, tree, drep);
+
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_REF,
+		"User Name", hf_netlogon_acct_name, 0);
+
+	offset = netlogon_dissect_NETLOGON_SECURE_CHANNEL_TYPE(tvb, offset,
+		pinfo, tree, drep);
+
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_REF,
+		"Computer Name", hf_netlogon_computer_name, 0);
+
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		netlogon_dissect_AUTHENTICATOR, NDR_POINTER_REF,
+		"AUTHENTICATOR: credential", -1, 0);
+
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		netlogon_dissect_ENCRYPTED_LM_OWF_PASSWORD, NDR_POINTER_REF,
+		"ENCRYPTED_LM_OWF_PASSWORD: hashed_pwd", -1, 0);
+
+	return offset;
+}
+static int
+netlogon_dissect_netserverpasswordset_reply(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, char *drep)
+{
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		netlogon_dissect_AUTHENTICATOR, NDR_POINTER_REF,
+		"AUTHENTICATOR: return_authenticator", -1, 0);
+
+	offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep,
+				  hf_netlogon_rc, NULL);
+
+	return offset;
+}
+
+
+/*
+ * IDL typedef struct {
+ * IDL   [unique][string] wchar_t *UserName;
+ * IDL   UNICODESTRING dummy1;
+ * IDL   UNICODESTRING dummy2;
+ * IDL   UNICODESTRING dummy3;
+ * IDL   UNICODESTRING dummy4;
+ * IDL   long dummy5;
+ * IDL   long dummy6;
+ * IDL   long dummy7;
+ * IDL   long dummy8;
+ * IDL } DELTA_DELETE_USER;
+ */
+static int
+netlogon_dissect_DELTA_DELETE_USER(tvbuff_t *tvb, int offset,
+			packet_info *pinfo, proto_tree *tree,
+			char *drep)
+{
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_UNIQUE,
+		"Account Name", hf_netlogon_acct_name, -1);
+
+	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_dummy, 0);
+
+	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_dummy, 0);
+
+	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_dummy, 0);
+
+	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_dummy, 0);
+
+	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_reserved, NULL);
+
+	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_reserved, NULL);
+
+	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_reserved, NULL);
+
+	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
+		hf_netlogon_reserved, NULL);
+
+	return offset;
+}
+
+
+
 
 
 
@@ -1555,34 +1683,6 @@ netlogon_dissect_CYPHER_BLOCK(tvbuff_t *tvb, int offset,
 }
 #endif
 
-static int
-netlogon_dissect_ENCRYPTED_LM_OWF_PASSWORD(tvbuff_t *tvb, int offset,
-			packet_info *pinfo, proto_tree *parent_tree,
-			char *drep _U_)
-{
-	proto_item *item=NULL;
-	proto_tree *tree=NULL;
-	dcerpc_info *di;
-
-	di=pinfo->private_data;
-	if(di->conformant_run){
-		/*just a run to handle conformant arrays, nothing to dissect.*/
-		return offset;
-	}
-
-	if(parent_tree){
-		item = proto_tree_add_text(parent_tree, tvb, offset, 16,
-			"ENCRYPTED_LM_OWF_PASSWORD:");
-		tree = proto_item_add_subtree(item, ett_ENC_LM_OWF_PASSWORD);
-	}
-
-	proto_tree_add_item(tree, hf_netlogon_encrypted_lm_owf_password, tvb, offset, 16,
-		FALSE);
-	offset += 16;
-
-	return offset;
-}
-
 
 static int
 netlogon_dissect_TYPE_16(tvbuff_t *tvb, int offset,
@@ -1802,8 +1902,9 @@ netlogon_dissect_NETLOGON_SAM_ACCOUNT_INFO(tvbuff_t *tvb, int offset,
 		tree = proto_item_add_subtree(item, ett_NETLOGON_SAM_ACCOUNT_INFO);
 	}
 
-	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_acct_name, 0);
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_UNIQUE,
+		"User Name", hf_netlogon_acct_name, 0);
 
 	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
 		hf_netlogon_full_name, 0);
@@ -2481,53 +2582,6 @@ netlogon_dissect_TYPE_34(tvbuff_t *tvb, int offset,
 }
 
 static int
-netlogon_dissect_TYPE_35(tvbuff_t *tvb, int offset,
-			packet_info *pinfo, proto_tree *parent_tree,
-			char *drep)
-{
-	proto_item *item=NULL;
-	proto_tree *tree=NULL;
- 	int old_offset=offset;
-
-	if(parent_tree){
-		item = proto_tree_add_text(parent_tree, tvb, offset, 0,
-			"TYPE_35:");
-		tree = proto_item_add_subtree(item, ett_TYPE_35);
-	}
-
-	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_PTR,
-		"unknown", hf_netlogon_unknown_string, -1);
-
-	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_string, 0);
-
-	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_string, 0);
-
-	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_string, 0);
-
-	offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_string, 0);
-
-	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_long, NULL);
-
-	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_long, NULL);
-
-	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_long, NULL);
-
-	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
-		hf_netlogon_unknown_long, NULL);
-
-	proto_item_set_len(item, offset-old_offset);
-	return offset;
-}
-
-static int
 netlogon_dissect_WCHAR_ptr(tvbuff_t *tvb, int offset,
 			packet_info *pinfo, proto_tree *tree,
 			char *drep)
@@ -3605,13 +3659,13 @@ netlogon_dissect_TYPE_20(tvbuff_t *tvb, int offset,
 		break;
 	case 20:
 		offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-			netlogon_dissect_TYPE_35, NDR_POINTER_PTR,
-			"TYPE_35 pointer:", -1, 0);
+			netlogon_dissect_DELTA_DELETE_USER, NDR_POINTER_UNIQUE,
+			"DELTA_DELETE_GROUP:", -1, 0);
 		break;
 	case 21:
 		offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-			netlogon_dissect_TYPE_35, NDR_POINTER_PTR,
-			"TYPE_35 pointer:", -1, 0);
+			netlogon_dissect_DELTA_DELETE_USER, NDR_POINTER_UNIQUE,
+			"DELTA_DELETE_GROUP:", -1, 0);
 		break;
 	case 22:
 		offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
@@ -3821,48 +3875,6 @@ netlogon_dissect_TYPE_47(tvbuff_t *tvb, int offset,
 
 
 static int
-netlogon_dissect_netserverpasswordset_rqst(tvbuff_t *tvb, int offset,
-	packet_info *pinfo, proto_tree *tree, char *drep)
-{
-	offset = netlogon_dissect_LOGONSRV_HANDLE(tvb, offset,
-		pinfo, tree, drep);
-
-	offset = netlogon_dissect_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		NDR_POINTER_REF, hf_netlogon_acct_name, 0);
-
-	offset = netlogon_dissect_NETLOGON_SECURE_CHANNEL_TYPE(tvb, offset,
-		pinfo, tree, drep);
-
-	offset = netlogon_dissect_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		NDR_POINTER_REF, hf_netlogon_computer_name, 0);
-
-	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		netlogon_dissect_AUTHENTICATOR, NDR_POINTER_REF,
-		"AUTHENTICATOR: credential", -1, 0);
-
-	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		netlogon_dissect_ENCRYPTED_LM_OWF_PASSWORD, NDR_POINTER_REF,
-		"ENCRYPTED_LM_OWF_PASSWORD pointer: hashed_pwd", -1, 0);
-
-	return offset;
-}
-
-
-static int
-netlogon_dissect_netserverpasswordset_reply(tvbuff_t *tvb, int offset,
-	packet_info *pinfo, proto_tree *tree, char *drep)
-{
-	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
-		netlogon_dissect_AUTHENTICATOR, NDR_POINTER_REF,
-		"AUTHENTICATOR: return_authenticator", -1, 0);
-
-	offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep,
-				  hf_netlogon_rc, NULL);
-
-	return offset;
-}
-
-static int
 netlogon_dissect_netsamdeltas_rqst(tvbuff_t *tvb, int offset,
 	packet_info *pinfo, proto_tree *tree, char *drep)
 {
@@ -4239,14 +4251,16 @@ netlogon_dissect_netserverauthenticate2_rqst(tvbuff_t *tvb, int offset,
 	offset = netlogon_dissect_LOGONSRV_HANDLE(tvb, offset,
 		pinfo, tree, drep);
 
-	offset = netlogon_dissect_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		NDR_POINTER_REF, hf_netlogon_acct_name, 0);
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_REF,
+		"User Name", hf_netlogon_acct_name, 0);
 
 	offset = netlogon_dissect_NETLOGON_SECURE_CHANNEL_TYPE(tvb, offset,
 		pinfo, tree, drep);
 
-	offset = netlogon_dissect_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
-		NDR_POINTER_REF, hf_netlogon_computer_name, 0);
+	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+		dissect_ndr_nt_UNICODE_STRING_str, NDR_POINTER_REF,
+		"Computer Name", hf_netlogon_computer_name, 0);
 
 	offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
 		netlogon_dissect_CREDENTIAL, NDR_POINTER_REF,
@@ -5288,7 +5302,7 @@ static dcerpc_sub_dissector dcerpc_netlogon_dissectors[] = {
 	{ NETLOGON_NETSERVERAUTHENTICATE, "ServerAuthenticate",
 		netlogon_dissect_netserverauthenticate_rqst,
 		netlogon_dissect_netserverauthenticate_reply },
-	{ NETLOGON_NETSERVERPASSWORDSET, "NETSERVERPASSWORDSET",
+	{ NETLOGON_NETSERVERPASSWORDSET, "ServerPasswdSet",
 		netlogon_dissect_netserverpasswordset_rqst,
 		netlogon_dissect_netserverpasswordset_reply },
 	{ NETLOGON_NETSAMDELTAS, "NETSAMDELTAS",
@@ -5406,7 +5420,7 @@ static const value_string netlogon_opnum_vals[] = {
 	{ NETLOGON_NETLOGONSAMLOGOFF, "SamLogoff" },
 	{ NETLOGON_NETSERVERREQCHALLENGE, "ServerReqChallenge" },
 	{ NETLOGON_NETSERVERAUTHENTICATE, "ServerAuthenticate" },
-	{ NETLOGON_NETSERVERPASSWORDSET, "NETSERVERPASSWORDSET" },
+	{ NETLOGON_NETSERVERPASSWORDSET, "ServerPasswdSet" },
 	{ NETLOGON_NETSAMDELTAS, "NETSAMDELTAS" },
 	{ NETLOGON_DATABASESYNC, "DatabaseSync" },
 	{ NETLOGON_ACCOUNTDELTAS, "AccountDeltas" },
@@ -5884,7 +5898,6 @@ static hf_register_info hf[] = {
 		&ett_TYPE_32,
 		&ett_TYPE_33,
 		&ett_TYPE_34,
-		&ett_TYPE_35,
 		&ett_SAM_DELTA,
 		&ett_SAM_DELTA_ARRAY,
 		&ett_TYPE_36,
@@ -5908,7 +5921,6 @@ static hf_register_info hf[] = {
 		&ett_TYPE_45,
 		&ett_TYPE_47,
 		&ett_GUID,
-		&ett_ENC_LM_OWF_PASSWORD,
 		&ett_LM_OWF_PASSWORD,
 		&ett_NT_OWF_PASSWORD,
 		&ett_GROUP_MEMBERSHIP,
author	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2002-07-02 14:41:51 +0000
committer	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2002-07-02 14:41:51 +0000
commit	ba8a7bfdc2139792298fb9fb7c28d755c184ccc0 (patch)
tree	59097329ee93b80945c8a02a3a2ece344119baa4 /packet-dcerpc-netlogon.c
parent	b84e41cf957e727d1cc66949a820124704cb4bf3 (diff)
download	wireshark-ba8a7bfdc2139792298fb9fb7c28d755c184ccc0.tar.gz wireshark-ba8a7bfdc2139792298fb9fb7c28d755c184ccc0.tar.bz2 wireshark-ba8a7bfdc2139792298fb9fb7c28d755c184ccc0.zip