(on behalf of the PROFIBUS Nutzerorganisation e.V. Deutschland):

another part of the PROFINET dissectors (PN-CBA, including a lot of generic DCOM dissection) still some work to be done ... svn path=/trunk/; revision=12776
2004-12-19 13:46:09 +00:00 · 2004-12-19 13:46:09 +00:00 · ea0baf468e
parent 1f73d0df93
commit ea0baf468e
7 changed files with 6568 additions and 17 deletions
--- a/epan/dissectors/Makefile.common
+++ b/epan/dissectors/Makefile.common
@ -194,6 +194,9 @@ DISSECTOR_SRC =	\
 	packet-dcerpc-wkssvc.c	\
 	packet-dcerpc.c	\
 	packet-dcm.c		\
+	packet-dcom.c \
+	packet-dcom-cba.c \
+	packet-dcom-cba-acco.c \
 	packet-ddtp.c	\
 	packet-dec-bpdu.c	\
 	packet-dhcp-failover.c	\
@ -599,6 +602,7 @@ DISSECTOR_INCLUDES =	\
 	packet-dcerpc-tapi.h	\
 	packet-dcerpc-wkssvc.h	\
 	packet-dcerpc.h	\
+	packet-dcom.h	\
 	packet-ddtp.h	\
 	packet-diameter-defs.h	\
 	packet-diffserv-mpls-common.h	\
--- a/epan/dissectors/packet-dcerpc.c
+++ b/epan/dissectors/packet-dcerpc.c
@ -666,6 +666,28 @@ dcerpc_init_uuid (int proto, int ett, e_uuid_t *uuid, guint16 ver,
    hf_info->strings = value_string_from_subdissectors(procs);
 }

+
+/* try to get registered name for this uuid */
+gchar *dcerpc_get_uuid_name(e_uuid_t *uuid, guint16 ver)
+{
+    dcerpc_uuid_key key;
+    dcerpc_uuid_value *sub_proto;
+
+
+	/* try to get registered uuid "name" of if_id */
+	key.uuid = *uuid;
+	key.ver = ver;
+
+	if ((sub_proto = g_hash_table_lookup (dcerpc_uuids, &key)) != NULL
+		 && proto_is_protocol_enabled(sub_proto->proto)) {
+
+		return sub_proto->name;
+	}
+
+	return NULL;
+}
+
+
 /* Function to find the name of a registered protocol
 * or NULL if the protocol/version is not known to ethereal.
 */
@ -2290,7 +2312,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
      }

      offset = dissect_dcerpc_uint8 (tvb, offset, pinfo, ctx_tree, hdr->drep,
-                                     hf_dcerpc_cn_num_trans_items, &num_trans_items);
+                                      hf_dcerpc_cn_num_trans_items, &num_trans_items);

      /* padding */
      offset += 1;
@ -2843,7 +2865,7 @@ dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding)
        binding->port_a, 
        binding->port_b, 
        0);
- 
+
    if (!conv) {
        conv = conversation_new (
            &binding->addr_a, 
@ -2853,7 +2875,7 @@ dcerpc_add_conv_to_bind_table(decode_dcerpc_bind_values_t *binding)
            binding->port_b, 
            0);
    }
-
+    
    bind_value = g_mem_chunk_alloc (dcerpc_bind_value_chunk);
    bind_value->uuid = binding->uuid;
    bind_value->ver = binding->ver;
@ -3971,23 +3993,23 @@ dissect_dcerpc_dg_stub (tvbuff_t *tvb, int offset, packet_info *pinfo,
 			hdr->seqnum, &hdr->act_id, dcerpc_cl_reassemble_table,
 			hdr->frag_num, stub_length,
 			!(hdr->flags1 & PFCL1_LASTFRAG));
-	if (fd_head != NULL) {
+    if (fd_head != NULL) {
 	    /* We completed reassembly... */
        if(pinfo->fd->num==fd_head->reassembled_in) {
            /* ...and this is the reassembled RPC PDU */
-	    next_tvb = tvb_new_real_data(fd_head->data, fd_head->len, fd_head->len);
-	    tvb_set_child_real_data_tvbuff(tvb, next_tvb);
-	    add_new_data_source(pinfo, next_tvb, "Reassembled DCE/RPC");
-	    show_fragment_seq_tree(fd_head, &dcerpc_frag_items,
-				   dcerpc_tree, pinfo, next_tvb);
+	    	next_tvb = tvb_new_real_data(fd_head->data, fd_head->len, fd_head->len);
+	    	tvb_set_child_real_data_tvbuff(tvb, next_tvb);
+	    	add_new_data_source(pinfo, next_tvb, "Reassembled DCE/RPC");
+	    	show_fragment_seq_tree(fd_head, &dcerpc_frag_items,
+					   dcerpc_tree, pinfo, next_tvb);

-	    /*
-	     * XXX - authentication info?
-	     */
-	    pinfo->fragmented = FALSE;
-	    dcerpc_try_handoff (pinfo, tree, dcerpc_tree, next_tvb,
-				next_tvb, hdr->drep, di, NULL);
-	} else {
+	    	/*
+	     	 * XXX - authentication info?
+	     	 */
+	    	pinfo->fragmented = FALSE;
+	    	dcerpc_try_handoff (pinfo, tree, dcerpc_tree, next_tvb,
+					next_tvb, hdr->drep, di, NULL);
+		} else {
            /* ...and this isn't the reassembled RPC PDU */
 	        pi = proto_tree_add_uint(dcerpc_tree, hf_dcerpc_reassembled_in,
 				    tvb, 0, 0, fd_head->reassembled_in);
@ -4822,7 +4844,7 @@ proto_register_dcerpc (void)
      NULL, 0, "Time between Request and Response for DCE-RPC calls", HFILL }},

 	{ &hf_dcerpc_reassembled_in,
-	  { "Reassembled PDU in frame", "dcerpc.reassembled_in", FT_FRAMENUM, BASE_NONE, 
+      { "Reassembled PDU in frame", "dcerpc.reassembled_in", FT_FRAMENUM, BASE_NONE, 
      NULL, 0x0, "The DCE/RPC PDU is completely reassembled in the packet with this number", HFILL }},

 	{ &hf_dcerpc_unknown_if_id, 
--- a/epan/dissectors/packet-dcerpc.h
+++ b/epan/dissectors/packet-dcerpc.h
@ -224,6 +224,9 @@ dcerpc_sub_dissector *dcerpc_get_proto_sub_dissector(e_uuid_t *uuid, guint16 ver

 value_string *value_string_from_subdissectors(dcerpc_sub_dissector *sd);

+/* try to get protocol name registered for this uuid */
+gchar *dcerpc_get_uuid_name(e_uuid_t *uuid, guint16 ver);
+
 /* Private data structure to pass to DCERPC dissector. This is used to
   pass transport specific information down to the dissector from the
   dissector that parsed this encapsulated calls. 
--- a/epan/dissectors/packet-dcom-cba-acco.c
+++ b/epan/dissectors/packet-dcom-cba-acco.c
--- a/epan/dissectors/packet-dcom-cba.c
+++ b/epan/dissectors/packet-dcom-cba.c
--- a/epan/dissectors/packet-dcom.c
+++ b/epan/dissectors/packet-dcom.c
--- a/epan/dissectors/packet-dcom.h
+++ b/epan/dissectors/packet-dcom.h
@ -0,0 +1,158 @@
+/* packet-dcom.h
+ * Routines for DCOM generics
+ *
+ * $Id$
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ * 
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef __PACKET_DCERPC_DCOM_H
+#define __PACKET_DCERPC_DCOM_H
+
+
+extern const value_string dcom_hresult_vals[];
+extern const value_string dcom_variant_type_vals[];
+
+/* preferences */
+extern int dcom_prefs_display_unmarshalling_details;
+
+
+/* the essential DCOM this and that, starting every call */
+extern int
+dissect_dcom_this(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep);
+extern int
+dissect_dcom_that(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep);
+
+
+/* dissection of somewhat more simple data types */
+#define dissect_dcom_BOOLEAN		dissect_ndr_uint8
+#define dissect_dcom_BYTE			dissect_ndr_uint8
+#define dissect_dcom_WORD			dissect_ndr_uint16
+#define dissect_dcom_DWORD			dissect_ndr_uint32
+#define dissect_dcom_ID				dissect_ndr_uint64
+#define dissect_dcom_UUID			dissect_ndr_uuid_t
+#define dissect_dcom_FILETIME		dissect_ndr_uint64 /* ToBeDone */
+#define dissect_dcom_VARIANT_BOOL	dissect_ndr_uint16
+#define dissect_dcom_FLOAT			dissect_ndr_float
+#define dissect_dcom_DOUBLE			dissect_ndr_double
+#define dissect_dcom_DATE			dissect_ndr_double
+
+extern int
+dissect_dcom_append_UUID(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep,
+	int hfindex, gchar *field_name, int field_index);
+
+extern int
+dissect_dcom_indexed_WORD(tvbuff_t *tvb, int offset,	packet_info *pinfo,
+					 proto_tree *tree, guint8 *drep, 
+					 int hfindex, guint16 * pu16WORD, int field_index);
+
+extern int
+dissect_dcom_indexed_DWORD(tvbuff_t *tvb, int offset,	packet_info *pinfo,
+					 proto_tree *tree, guint8 *drep, 
+					 int hfindex, guint32 * pu32DWORD, int field_index);
+
+extern int
+dissect_dcom_HRESULT(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep, guint32 * pu32hresult);
+
+extern int
+dissect_dcom_indexed_HRESULT(tvbuff_t *tvb, int offset,	packet_info *pinfo,
+					 proto_tree *tree, guint8 *drep, 
+					 guint32 * pu32hresult, int field_index);
+
+extern int
+dissect_dcom_COMVERSION(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep,
+	guint16	* pu16version_major, guint16 * pu16version_minor);
+
+extern int
+dissect_dcom_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex,
+					   gchar *psz_buffer, guint32 u32max_buffer);
+
+extern int
+dissect_dcom_indexed_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex,
+					   gchar *pszStr, guint32 u32MaxStr, int field_index);
+
+extern int
+dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex,
+					   gchar *psz_buffer, guint32 u32max_buffer);
+
+extern int
+dissect_dcom_DUALSTRINGARRAY(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex);
+
+extern int
+dissect_dcom_STDOBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex);
+
+extern int
+dissect_dcom_OBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex);
+
+extern int
+dissect_dcom_MInterfacePointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex);
+extern int
+dissect_dcom_PMInterfacePointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, int hfindex);
+
+extern int
+dissect_dcom_VARTYPE(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep,
+	guint16 *pu16Vartype);
+
+extern int
+dissect_dcom_VARIANT(tvbuff_t *tvb, int offset, packet_info *pinfo, 
+					 proto_tree *tree, guint8 *drep, int hfindex);
+
+/* dcom "dcerpc internal" unmarshalling */
+extern int
+dissect_dcom_dcerpc_array_size(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, guint32 *pu32array_size);
+
+extern int
+dissect_dcom_dcerpc_pointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
+                       proto_tree *tree, guint8 *drep, guint32 *pu32pointer);
+
+/* mark things to be done */
+extern int
+dissect_dcom_tobedone_data(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep, int length);
+
+/* very simple parameter-profiles dissectors (for very simple requests ;-) */
+/* request: no parameters */
+extern int 
+dissect_dcom_simple_rqst(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep);
+/* response: only HRESULT */
+extern int 
+dissect_dcom_simple_resp(tvbuff_t *tvb, int offset,
+	packet_info *pinfo, proto_tree *tree, guint8 *drep);
+
+void dcom_register_server_coclass(int proto, int ett,
+	e_uuid_t *uuid, guint16 ver, 
+	dcerpc_sub_dissector *sub_dissectors, int opnum_hf);
+
+#endif /* packet-dcerpc-dcom.h */