diff options
| author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2007-08-28 11:45:08 +0000 |
|---|---|---|
| committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2007-08-28 11:45:08 +0000 |
| commit | 8fde3b7561ce61061c6d9ae8149c1ea916fdd7cb (patch) | |
| tree | 6d42c0f32f0c521e3e63c363d1bb715b6a1bb842 /epan/dissectors/packet-dcerpc.h | |
| parent | 659b175cd799288e125f633ccc0d5dcf4d05f16c (diff) | |
| download | wireshark-8fde3b7561ce61061c6d9ae8149c1ea916fdd7cb.tar.gz | |
rename dcerpc_smb_store_pol_name to dcerpc_store_polhnd_name
rename dcerpc_smb_fetch_pol to dcerpc_fetch_polhnd_data and also make
it take an additional parameter to return the "type" of the policy
handle, if such a type was stored.
extend the pol_value structure used to track policy handles to also
store a type to represent what created the policy handle
types could be USER/ALIAS/CONNECT/... etc handles returned from the
SAMR interface
add a new helper function dcerpc_store_polhnd_type()
track policy handles between request/responses for dcerpc
update the samr.cnf file to make the samr dissectors for
SetSecurity/QuerySecurity dissect the specific bits for the security
descriptor correctly based on whether the policy handle refers to a
CONNECT/DOMAIN/USER/ALIAS or GROUP
svn path=/trunk/; revision=22703
Diffstat (limited to 'epan/dissectors/packet-dcerpc.h')
| -rw-r--r-- | epan/dissectors/packet-dcerpc.h | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/epan/dissectors/packet-dcerpc.h b/epan/dissectors/packet-dcerpc.h index 6482df2681..3dfd954999 100644 --- a/epan/dissectors/packet-dcerpc.h +++ b/epan/dissectors/packet-dcerpc.h @@ -294,6 +294,7 @@ typedef struct _dcerpc_call_value { * request to the reply. */ void *private_data; /* XXX This will later be renamed as ep_data */ + e_ctx_hnd *pol; /* policy handle tracked between request/response*/ } dcerpc_call_value; typedef struct _dcerpc_info { @@ -430,12 +431,40 @@ init_ndr_pointer_list(packet_info *pinfo); */ /* Policy handle tracking. Describes in which function a handle is * opened/closed. See "winreg.cnf" for example. + * + * The guint32 param is divided up into multiple fields + * + * +--------+--------+--------+--------+ + * | Flags | Type | | | + * +--------+--------+--------+--------+ */ +/* Flags : */ #define PIDL_POLHND_OPEN 0x80000000 #define PIDL_POLHND_CLOSE 0x40000000 /* To "save" a pointer to the string in dcv->private_data */ -#define PIDL_STR_SAVE 0x00020000 +#define PIDL_STR_SAVE 0x20000000 /* To make this value appear on the summary line for the packet */ -#define PIDL_SET_COL_INFO 0x00010000 +#define PIDL_SET_COL_INFO 0x10000000 + +/* Type */ +#define PIDL_POLHND_TYPE_MASK 0x00ff0000 +#define PIDL_POLHND_TYPE_SAMR_USER 0x00010000 +#define PIDL_POLHND_TYPE_SAMR_CONNECT 0x00020000 +#define PIDL_POLHND_TYPE_SAMR_DOMAIN 0x00030000 +#define PIDL_POLHND_TYPE_SAMR_GROUP 0x00040000 +#define PIDL_POLHND_TYPE_SAMR_ALIAS 0x00050000 + + +/* a structure we store for all policy handles we track */ +typedef struct pol_value { + struct pol_value *next; /* Next entry in hash bucket */ + guint32 open_frame, close_frame; /* Frame numbers for open/close */ + guint32 first_frame; /* First frame in which this instance was seen */ + guint32 last_frame; /* Last frame in which this instance was seen */ + char *name; /* Name of policy handle */ + guint32 type; /* policy handle type */ +} pol_value; + + #endif /* packet-dcerpc.h */ |