1 files changed, 0 insertions, 246 deletions
diff --git a/framework/src/suricata/src/app-layer-dcerpc-common.h b/framework/src/suricata/src/app-layer-dcerpc-common.h
deleted file mode 100644
index cdda5630..00000000
--- a/framework/src/suricata/src/app-layer-dcerpc-common.h
+++ /dev/null
@@ -1,246 +0,0 @@
-/* Copyright (C) 2007-2010 Open Information Security Foundation
- *
- * You can copy, redistribute or modify this Program under the terms of
- * the GNU General Public License version 2 as published by the Free
- * Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * version 2 along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301, USA.
- */
-
-/**
- * \file
- *
- * \author Kirby Kuehl <kkuehl@gmail.com>
- */
-
-#ifndef __APP_LAYER_DCERPC_COMMON_H__
-#define __APP_LAYER_DCERPC_COMMON_H__
-
-#include "app-layer-protos.h"
-#include "app-layer-parser.h"
-#include "flow.h"
-#include "queue.h"
-#include "util-byte.h"
-
-void RegisterDCERPCParsers(void);
-void DCERPCParserTests(void);
-void DCERPCParserRegisterTests(void);
-
-// http://www.opengroup.org/onlinepubs/9629399/chap12.htm#tagcjh_17_06
-#define REQUEST             0
-#define PING                1
-#define RESPONSE            2
-#define FAULT               3
-#define WORKING             4
-#define NOCALL              5
-#define REJECT              6
-#define ACK                 7
-#define CL_CANCEL           8
-#define FACK                9
-#define CANCEL_ACK          10
-#define BIND                11
-#define BIND_ACK            12
-#define BIND_NAK            13
-#define ALTER_CONTEXT       14
-#define ALTER_CONTEXT_RESP  15
-#define SHUTDOWN            17
-#define CO_CANCEL           18
-#define ORPHANED            19
-#if 0
-typedef struct {
-    uint8_t rpc_vers; /* 4 RPC protocol major version (4 LSB only)*/
-    uint8_t ptype;      /* Packet type (5 LSB only) */
-    uint8_t flags1;     /* Packet flags */
-    uint8_t flags2;     /* Packet flags */
-    uint8_t drep[3];    /* Data representation format label */
-    uint8_t serial_hi;  /* High byte of serial number */
-    uuid_t         object;     /* Object identifier */
-    uuid_t         if_id;      /* Interface identifier */
-    uuid_t         act_id;     /* Activity identifier */
-    unsigned long  server_boot;/* Server boot time */
-    unsigned long  if_vers;    /* Interface version */
-    unsigned long  seqnum;     /* Sequence number */
-    unsigned short opnum;      /* Operation number */
-    unsigned short ihint;      /* Interface hint */
-    unsigned short ahint;      /* Activity hint */
-    unsigned short len;        /* Length of packet body */
-    unsigned short fragnum;    /* Fragment number */
-    unsigned small auth_proto; /* Authentication protocol identifier*/
-    unsigned small serial_lo;  /* Low byte of serial number */
-} dc_rpc_cl_pkt_hdr_t;
-#endif
-
-#define RESERVED_01     0x01
-#define LASTFRAG        0x02
-#define FRAG            0x04
-#define NOFACK          0x08
-#define MAYBE           0x10
-#define IDEMPOTENT      0x20
-#define BROADCAST       0x40
-#define RESERVED_80     0x80
-
-#define CANCEL_PENDING  0x02
-#define RESERVED_04     0x04
-#define RESERVED_10     0x10
-#define RESERVED_20     0x20
-#define RESERVED_40     0x40
-#define RESERVED_80     0x80
-
-typedef struct DCERPCHdr_ {
-    uint8_t rpc_vers;       /**< 00:01 RPC version should be 5 */
-    uint8_t rpc_vers_minor; /**< 01:01 minor version */
-    uint8_t type;           /**< 02:01 packet type */
-    uint8_t pfc_flags;      /**< 03:01 flags (see PFC_... ) */
-    uint8_t packed_drep[4]; /**< 04:04 NDR data representation format label */
-    uint16_t frag_length;   /**< 08:02 total length of fragment */
-    uint16_t auth_length;   /**< 10:02 length of auth_value */
-    uint32_t call_id;       /**< 12:04 call identifier */
-} DCERPCHdr;
-
-#define DCERPC_HDR_LEN 16
-
-typedef struct DCERPCHdrUdp_ {
-    uint8_t rpc_vers;   /**< 4 RPC protocol major version (4 LSB only)*/
-    uint8_t type;       /**< Packet type (5 LSB only) */
-    uint8_t flags1;     /**< Packet flags */
-    uint8_t flags2;     /**< Packet flags */
-    uint8_t drep[3];    /**< Data representation format label */
-    uint8_t serial_hi;  /**< High byte of serial number */
-    uint8_t objectuuid[16];
-    uint8_t interfaceuuid[16];
-    uint8_t activityuuid[16];
-    uint32_t server_boot;   /**< Server boot time */
-    uint32_t if_vers;   /**< Interface version */
-    uint32_t seqnum;    /**< Sequence number */
-    uint16_t opnum;     /**< Operation number */
-    uint16_t ihint;     /**< Interface hint */
-    uint16_t ahint;     /**< Activity hint */
-    uint16_t fraglen;   /**< Length of packet body */
-    uint16_t fragnum;   /**< Fragment number */
-    uint8_t auth_proto; /**< Authentication protocol identifier*/
-    uint8_t serial_lo;  /**< Low byte of serial number */
-} DCERPCHdrUdp;
-
-#define DCERPC_UDP_HDR_LEN 80
-
-#define DCERPC_UUID_ENTRY_FLAG_FF       0x0001  /**< FIRST flag set on the packet
-                                                  that contained this uuid entry */
-
-typedef struct DCERPCUuidEntry_ {
-    uint16_t ctxid;
-    uint16_t internal_id;
-    uint16_t result;
-    uint8_t uuid[16];
-    uint16_t version;
-    uint16_t versionminor;
-    uint16_t flags;                             /**< DCERPC_UUID_ENTRY_FLAG_* flags */
-    TAILQ_ENTRY(DCERPCUuidEntry_) next;
-} DCERPCUuidEntry;
-
-typedef struct DCERPCBindBindAck_ {
-    uint8_t numctxitems;
-    uint8_t numctxitemsleft;
-    uint8_t ctxbytesprocessed;
-    uint16_t ctxid;
-    uint8_t uuid[16];
-    uint16_t version;
-    uint16_t versionminor;
-    DCERPCUuidEntry *uuid_entry;
-    TAILQ_HEAD(, DCERPCUuidEntry_) uuid_list;
-    /* the interface uuids that the server has accepted */
-    TAILQ_HEAD(, DCERPCUuidEntry_) accepted_uuid_list;
-    uint16_t uuid_internal_id;
-    uint16_t secondaryaddrlen;
-    uint16_t secondaryaddrlenleft;
-    uint16_t result;
-} DCERPCBindBindAck;
-
-typedef struct DCERPCRequest_ {
-    uint16_t ctxid;
-    uint16_t opnum;
-    /* holds the stub data for the request */
-    uint8_t *stub_data_buffer;
-    /* length of the above buffer */
-    uint32_t stub_data_buffer_len;
-    /* used by the dce preproc to indicate fresh entry in the stub data buffer */
-    uint8_t stub_data_fresh;
-    uint8_t first_request_seen;
-} DCERPCRequest;
-
-typedef struct DCERPCResponse_ {
-    /* holds the stub data for the response */
-    uint8_t *stub_data_buffer;
-    /* length of the above buffer */
-    uint32_t stub_data_buffer_len;
-    /* used by the dce preproc to indicate fresh entry in the stub data buffer */
-    uint8_t stub_data_fresh;
-} DCERPCResponse;
-
-typedef struct DCERPC_ {
-    DCERPCHdr dcerpchdr;
-    DCERPCBindBindAck dcerpcbindbindack;
-    DCERPCRequest dcerpcrequest;
-    DCERPCResponse dcerpcresponse;
-    uint16_t bytesprocessed;
-    uint8_t pad;
-    uint16_t padleft;
-    uint16_t transaction_id;
-    /* indicates if the dcerpc pdu state is in the middle of processing
-     * a fragmented pdu */
-    uint8_t pdu_fragged;
-} DCERPC;
-
-typedef struct DCERPCUDP_ {
-    DCERPCHdrUdp dcerpchdrudp;
-    DCERPCBindBindAck dcerpcbindbindack;
-    DCERPCRequest dcerpcrequest;
-    DCERPCResponse dcerpcresponse;
-    uint16_t bytesprocessed;
-    uint16_t fraglenleft;
-    uint8_t *frag_data;
-    DCERPCUuidEntry *uuid_entry;
-    TAILQ_HEAD(, uuid_entry) uuid_list;
-} DCERPCUDP;
-
-/** First fragment */
-#define PFC_FIRST_FRAG           0x01
-/** Last fragment */
-#define PFC_LAST_FRAG            0x02
-/** Cancel was pending at sender */
-#define PFC_PENDING_CANCEL       0x04
-#define PFC_RESERVED_1           0x08
-/** supports concurrent multiplexing of a single connection. */
-#define PFC_CONC_MPX             0x10
-/** only meaningful on `fault' packet; if true, guaranteed
- *  call did not execute. */
-#define PFC_DID_NOT_EXECUTE      0x20
-/** `maybe' call semantics requested */
-#define PFC_MAYBE                0x40
-/** if true, a non-nil object UUID was specified in the handle, and
- *  is present in the optional object field. If false, the object field
- * is omitted. */
-#define PFC_OBJECT_UUID          0x80
-
-#define REASON_NOT_SPECIFIED            0
-#define TEMPORARY_CONGESTION            1
-#define LOCAL_LIMIT_EXCEEDED            2
-#define CALLED_PADDR_UNKNOWN            3 /* not used */
-#define PROTOCOL_VERSION_NOT_SUPPORTED  4
-#define DEFAULT_CONTEXT_NOT_SUPPORTED   5 /* not used */
-#define USER_DATA_NOT_READABLE          6 /* not used */
-#define NO_PSAP_AVAILABLE               7 /* not used */
-
-int32_t DCERPCParser(DCERPC *, uint8_t *, uint32_t);
-void hexdump(const void *buf, size_t len);
-void printUUID(char *type, DCERPCUuidEntry *uuid);
-
-#endif /* __APP_LAYER_DCERPC_COMMON_H__ */
-