Small fix for dissect_ndr_nt_UNICODE_STRING_str() in packet-dcerpc-nt.c

so that NETLOGON will not dump core (since netlogon has these structs as top level reference pointers) Addition of full netlogon dissection. Full in the sense as it assumes the idl is correct and complete. Many calls and fields are unknown so they get dissected with "unknown long, contact ethereal-dev@... if you know what it is". svn path=/trunk/; revision=4929
2002-03-12 08:16:41 +00:00 · 2002-03-12 08:16:41 +00:00 · 385c80e202
parent c41a4fe415
commit 385c80e202
3 changed files with 5548 additions and 30 deletions
--- a/packet-dcerpc-netlogon.c
+++ b/packet-dcerpc-netlogon.c
--- a/packet-dcerpc-netlogon.h
+++ b/packet-dcerpc-netlogon.h
@ -2,7 +2,7 @@
 * Routines for SMB \PIPE\NETLOGON packet disassembly
 * Copyright 2001, Tim Potter <tpot@samba.org>
 *
- * $Id: packet-dcerpc-netlogon.h,v 1.3 2001/12/16 20:08:22 guy Exp $
+ * $Id: packet-dcerpc-netlogon.h,v 1.4 2002/03/12 08:16:41 sahlberg Exp $
 *
 * Ethereal - Network traffic analyzer
 * By Gerald Combs <gerald@ethereal.com>
@ -26,19 +26,47 @@
 #ifndef __PACKET_DCERPC_NETLOGON_H
 #define __PACKET_DCERPC_NETLOGON_H

-/* Functions available on the NETLOGON pipe.  From Samba, 
-   include/rpc_netlogon.h */
-
-#define NET_SAMLOGON           0x02
-#define NET_SAMLOGOFF          0x03
-#define NET_REQCHAL            0x04
-#define NET_AUTH               0x05
-#define NET_SRVPWSET           0x06
-#define NET_SAM_DELTAS         0x07
-#define NET_LOGON_CTRL         0x0c
-#define NET_AUTH2              0x0f
-#define NET_LOGON_CTRL2        0x0e
-#define NET_SAM_SYNC           0x10
-#define NET_TRUST_DOM_LIST     0x13
+#define NETLOGON_FUNCTION_00				0x00
+#define NETLOGON_FUNCTION_01				0x01
+#define NETLOGON_NETLOGONSAMLOGON			0x02
+#define NETLOGON_NETLOGONSAMLOGOFF			0x03
+#define NETLOGON_NETSERVERREQCHALLENGE			0x04
+#define NETLOGON_NETSERVERAUTHENTICATE			0x05
+#define NETLOGON_NETSERVERPASSWORDSET			0x06
+#define NETLOGON_NETSAMDELTAS				0x07
+#define NETLOGON_FUNCTION_08				0x08
+#define NETLOGON_FUNCTION_09				0x09
+#define NETLOGON_FUNCTION_0A				0x0a
+#define NETLOGON_FUNCTION_0B				0x0b
+#define NETLOGON_NETLOGONCONTROL			0x0c
+#define NETLOGON_FUNCTION_0D				0x0d
+#define NETLOGON_NETLOGONCONTROL2			0x0e
+#define NETLOGON_NETSERVERAUTHENTICATE2			0x0f
+#define NETLOGON_NETDATABASESYNC2			0x10
+#define NETLOGON_FUNCTION_11				0x11
+#define NETLOGON_FUNCTION_12				0x12
+#define NETLOGON_NETTRUSTEDDOMAINLIST			0x13
+#define NETLOGON_DSRGETDCNAME2				0x14
+#define NETLOGON_FUNCTION_15				0x15
+#define NETLOGON_FUNCTION_16				0x16
+#define NETLOGON_FUNCTION_17				0x17
+#define NETLOGON_FUNCTION_18				0x18
+#define NETLOGON_FUNCTION_19				0x19
+#define NETLOGON_NETSERVERAUTHENTICATE3			0x1a
+#define NETLOGON_DSRGETDCNAME				0x1b
+#define NETLOGON_DSRGETSITENAME				0x1c
+#define NETLOGON_FUNCTION_1D				0x1d
+#define NETLOGON_FUNCTION_1E				0x1e
+#define NETLOGON_NETSERVERPASSWORDSET2			0x1f
+#define NETLOGON_FUNCTION_20				0x20
+#define NETLOGON_FUNCTION_21				0x21
+#define NETLOGON_FUNCTION_22				0x22
+#define NETLOGON_FUNCTION_23				0x23
+#define NETLOGON_FUNCTION_24				0x24
+#define NETLOGON_FUNCTION_25				0x25
+#define NETLOGON_FUNCTION_26				0x26
+#define NETLOGON_FUNCTION_27				0x27
+#define NETLOGON_DSRROLEGETPRIMARYDOMAININFORMATION	0x28
+#define NETLOGON_DSRDEREGISTERDNSHOSTRECORDS		0x29

 #endif /* packet-dcerpc-netlogon.h */
--- a/packet-dcerpc-nt.c
+++ b/packet-dcerpc-nt.c
@ -2,7 +2,7 @@
 * Routines for DCERPC over SMB packet disassembly
 * Copyright 2001, Tim Potter <tpot@samba.org>
 *
- * $Id: packet-dcerpc-nt.c,v 1.13 2002/03/11 00:15:20 sahlberg Exp $
+ * $Id: packet-dcerpc-nt.c,v 1.14 2002/03/12 08:16:41 sahlberg Exp $
 *
 * Ethereal - Network traffic analyzer
 * By Gerald Combs <gerald@ethereal.com>
@ -464,7 +464,10 @@ dissect_ndr_nt_UNICODE_STRING_str(tvbuff_t *tvb, int offset,
 	proto_tree_add_string(tree, di->hf_index, tvb, old_offset,
 		offset-old_offset, text);

-	if(tree){
+	/* need to test di->levels before doing the proto_item_append_text()
+	   since netlogon has these objects as top level objects in its representation
+	   and trying to append to the tree object in that case will dump core */
+	if(tree && (di->levels>-1)){
 		proto_item_append_text(tree, ": %s", text);
 		if(di->levels>-1){
 			tree=tree->parent;