12 #ifndef __PACKET_DCERPC_H__
13 #define __PACKET_DCERPC_H__
16 #include "ws_symbol_export.h"
22 #define DCERPC_TABLE_NAME "dcerpc.uuid"
26 #define DREP_LITTLE_ENDIAN 0x10
28 #define DREP_EBCDIC 0x01
33 #define DREP_ENC_INTEGER(drep) \
34 (((drep)[0] & DREP_LITTLE_ENDIAN) ? ENC_LITTLE_ENDIAN : ENC_BIG_ENDIAN)
39 #define DREP_ENC_CHAR(drep) \
40 (((drep)[0] & DREP_EBCDIC) ? ENC_EBCDIC|ENC_NA : ENC_ASCII|ENC_NA)
49 #define DCERPC_UUID_NULL { 0,0,0, {0,0,0,0,0,0,0,0} }
52 #define DCERPC_UUID_STR_LEN 36+1
98 guint32 auth_context_id;
150 #define DCERPC_IS_NDR64 0x00000001
157 guint64 transport_salt;
159 gboolean conformant_run;
161 gint32 conformant_eaten;
162 guint32 array_max_count;
163 guint32 array_max_count_offset;
164 guint32 array_offset;
165 guint32 array_offset_offset;
166 guint32 array_actual_count;
167 guint32 array_actual_count_offset;
170 const char *dcerpc_procedure_name;
178 #define PDU_WORKING 4
182 #define PDU_CL_CANCEL 8
184 #define PDU_CANCEL_ACK 10
186 #define PDU_BIND_ACK 12
187 #define PDU_BIND_NAK 13
189 #define PDU_ALTER_ACK 15
191 #define PDU_SHUTDOWN 17
192 #define PDU_CO_CANCEL 18
193 #define PDU_ORPHANED 19
201 guint16 dcerpc_tvb_get_ntohs (
tvbuff_t *tvb, gint offset, guint8 *drep);
202 guint32 dcerpc_tvb_get_ntohl (
tvbuff_t *tvb, gint offset, guint8 *drep);
203 void dcerpc_tvb_get_uuid (
tvbuff_t *tvb, gint offset, guint8 *drep,
e_guid_t *uuid);
207 int hfindex, guint8 *pdata);
211 int hfindex, guint8 *pdata);
215 int hfindex, guint16 *pdata);
219 int hfindex, guint32 *pdata);
223 int hfindex, guint64 *pdata);
226 int hfindex, gfloat *pdata);
229 int hfindex, gdouble *pdata);
232 int hfindex, guint32 *pdata);
244 int hfindex, guint8 *pdata);
250 int hfindex, guint16 *pdata);
256 int hfindex, guint32 *pdata);
262 int hfindex, guint64 *pdata);
266 int hfindex, guint64 *pdata);
272 int hfindex, gfloat *pdata);
276 int hfindex, gdouble *pdata);
281 int hfindex, guint32 *pdata);
290 #define FT_UINT1632 FT_UINT32
291 typedef guint32 guint1632;
296 int hfindex, guint1632 *pdata);
298 typedef guint64 guint3264;
303 int hfindex, guint3264 *pdata);
310 #define NDR_POINTER_REF 1
311 #define NDR_POINTER_UNIQUE 2
312 #define NDR_POINTER_PTR 3
316 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
317 int hf_index, dcerpc_callback_fnct_t *callback,
318 void *callback_args);
322 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
327 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
331 dcerpc_dissect_fnct_t *fnct,
int type,
const char *text,
337 dcerpc_dissect_fnct_t *fnct);
341 dcerpc_dissect_fnct_blk_t *fnct);
348 dcerpc_dissect_fnct_t *fnct);
352 dcerpc_dissect_fnct_blk_t *fnct);
357 dcerpc_dissect_fnct_t *fnct);
364 int hfinfo, gboolean add_subtree,
374 int hfindex, gboolean add_subtree,
char **data);
377 int hfinfo, gboolean add_subtree,
387 dcerpc_dissect_fnct_t *dissect_rqst;
388 dcerpc_dissect_fnct_t *dissect_resp;
395 const char *dcerpc_get_proto_name(
e_guid_t *uuid, guint16 ver);
397 int dcerpc_get_proto_hf_opnum(
e_guid_t *uuid, guint16 ver);
407 WS_DLL_PUBLIC
void decode_dcerpc_reset_all(
void);
408 typedef void (*decode_add_show_list_func)(gpointer data, gpointer user_data);
409 WS_DLL_PUBLIC
void decode_dcerpc_add_show_list(decode_add_show_list_func func, gpointer user_data);
418 WS_DLL_PUBLIC GHashTable *dcerpc_uuids;
442 dcerpc_dissect_fnct_t *bind_fn;
443 dcerpc_dissect_fnct_t *bind_ack_fn;
444 dcerpc_dissect_fnct_t *auth3_fn;
445 dcerpc_dissect_fnct_t *req_verf_fn;
446 dcerpc_dissect_fnct_t *resp_verf_fn;
450 dcerpc_decode_data_fnct_t *req_data_fn;
451 dcerpc_decode_data_fnct_t *resp_data_fn;
455 void register_dcerpc_auth_subdissector(guint8 auth_level, guint8 auth_type,
468 guint64 transport_salt;
475 WS_DLL_PUBLIC guint64 dcerpc_get_transport_salt(
packet_info *pinfo);
476 WS_DLL_PUBLIC
void dcerpc_set_transport_salt(guint64 dcetransportsalt,
packet_info *pinfo);
486 #define DCE_C_RPC_AUTHN_PROTOCOL_NONE 0
487 #define DCE_C_RPC_AUTHN_PROTOCOL_KRB5 1
488 #define DCE_C_RPC_AUTHN_PROTOCOL_SPNEGO 9
489 #define DCE_C_RPC_AUTHN_PROTOCOL_NTLMSSP 10
490 #define DCE_C_RPC_AUTHN_PROTOCOL_GSS_SCHANNEL 14
491 #define DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS 16
492 #define DCE_C_RPC_AUTHN_PROTOCOL_DPA 17
493 #define DCE_C_RPC_AUTHN_PROTOCOL_MSN 18
494 #define DCE_C_RPC_AUTHN_PROTOCOL_DIGEST 21
495 #define DCE_C_RPC_AUTHN_PROTOCOL_SEC_CHAN 68
496 #define DCE_C_RPC_AUTHN_PROTOCOL_MQ 100
500 #define DCE_C_AUTHN_LEVEL_NONE 1
501 #define DCE_C_AUTHN_LEVEL_CONNECT 2
502 #define DCE_C_AUTHN_LEVEL_CALL 3
503 #define DCE_C_AUTHN_LEVEL_PKT 4
504 #define DCE_C_AUTHN_LEVEL_PKT_INTEGRITY 5
505 #define DCE_C_AUTHN_LEVEL_PKT_PRIVACY 6
525 #define PIDL_POLHND_OPEN 0x80000000
526 #define PIDL_POLHND_CLOSE 0x40000000
528 #define PIDL_STR_SAVE 0x20000000
530 #define PIDL_SET_COL_INFO 0x10000000
533 #define PIDL_POLHND_TYPE_MASK 0x00ff0000
534 #define PIDL_POLHND_TYPE_SAMR_USER 0x00010000
535 #define PIDL_POLHND_TYPE_SAMR_CONNECT 0x00020000
536 #define PIDL_POLHND_TYPE_SAMR_DOMAIN 0x00030000
537 #define PIDL_POLHND_TYPE_SAMR_GROUP 0x00040000
538 #define PIDL_POLHND_TYPE_SAMR_ALIAS 0x00050000
540 #define PIDL_POLHND_TYPE_LSA_POLICY 0x00060000
541 #define PIDL_POLHND_TYPE_LSA_ACCOUNT 0x00070000
542 #define PIDL_POLHND_TYPE_LSA_SECRET 0x00080000
543 #define PIDL_POLHND_TYPE_LSA_DOMAIN 0x00090000
548 guint32 open_frame, close_frame;
556 extern int hf_dcerpc_drep_byteorder;
557 extern int hf_dcerpc_ndr_padding;
559 #define FAKE_DCERPC_INFO_STRUCTURE \
562 dcerpc_call_value call_data; \
564 di.conformant_run = FALSE; \
565 di.no_align = TRUE; \
568 call_data.flags = 0; \
569 di.call_data = &call_data;
Definition: packet-dcerpc.h:94
Definition: packet-dcerpc.h:438
Definition: packet-dcerpc.h:128
Definition: packet-dcerpc.h:154
Definition: packet-dcerpc.h:384
Definition: packet-dcerpc.h:420
Definition: packet-dcerpc.h:54
Definition: packet-dcerpc.h:59
Definition: packet-dcerpc.h:70
Definition: guid-utils.h:22
Definition: packet_info.h:44
Definition: value_string.h:26
Definition: conversation.h:202
Definition: packet-dcerpc.h:109
Definition: packet-dcerpc.h:459
Definition: packet-dcerpc.h:546
Definition: tvbuff-int.h:35