4 the base dcerpc packet definitions - not traditionally coded as IDL,
5 but given that pidl can handle it nicely it simplifies things a lot
8 see http://www.opengroup.org/onlinepubs/9629399/chap12.htm for packet
12 pointer_default(unique),
17 typedef [public] struct {
24 uint8 num_transfer_syntaxes;
25 dcerpc_syntax_id abstract_syntax;
26 dcerpc_syntax_id transfer_syntaxes[num_transfer_syntaxes];
32 uint32 assoc_group_id;
34 dcerpc_ctx_list ctx_list[num_contexts];
35 [flag(NDR_ALIGN4)] DATA_BLOB _pad;
36 [flag(NDR_REMAINING)] DATA_BLOB auth_info;
40 const uint8 DCERPC_REQUEST_LENGTH = 24;
41 const uint8 DCERPC_MAX_SIGN_SIZE = 32;
46 typedef [nodiscriminant] union {
47 [default] dcerpc_empty empty;
48 [case(LIBNDR_FLAG_OBJECT_PRESENT)] GUID object;
55 [switch_is(ndr->flags & LIBNDR_FLAG_OBJECT_PRESENT)] dcerpc_object object;
56 [flag(NDR_ALIGN8)] DATA_BLOB _pad;
57 [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
60 const int DCERPC_BIND_PROVIDER_REJECT = 2;
61 const int DCERPC_BIND_REASON_ASYNTAX = 1;
66 dcerpc_syntax_id syntax;
72 uint32 assoc_group_id;
73 ascstr3 secondary_address;
74 [flag(NDR_ALIGN4)] DATA_BLOB _pad1;
76 dcerpc_ack_ctx ctx_list[num_results];
77 [flag(NDR_REMAINING)] DATA_BLOB auth_info;
83 uint32 versions[num_versions];
86 const uint8 DCERPC_RESPONSE_LENGTH = 24;
92 [flag(NDR_ALIGN8)] DATA_BLOB _pad;
93 [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
97 const int DCERPC_FAULT_OP_RNG_ERROR = 0x1c010002;
98 const int DCERPC_FAULT_UNK_IF = 0x1c010003;
99 const int DCERPC_FAULT_NDR = 0x000006f7;
100 const int DCERPC_FAULT_INVALID_TAG = 0x1c000006;
101 const int DCERPC_FAULT_CONTEXT_MISMATCH = 0x1c00001a;
102 const int DCERPC_FAULT_OTHER = 0x00000001;
103 const int DCERPC_FAULT_ACCESS_DENIED = 0x00000005;
104 const int DCERPC_FAULT_CANT_PERFORM = 0x000006d8;
106 /* we return this fault when we haven't yet run the test
107 to see what fault w2k3 returns in this case */
108 const int DCERPC_FAULT_TODO = 0x00000042;
117 /* the auth types we know about */
118 const uint8 DCERPC_AUTH_TYPE_NONE = 0;
119 /* this seems to be not krb5! */
120 const uint8 DCERPC_AUTH_TYPE_KRB5_1 = 1;
121 const uint8 DCERPC_AUTH_TYPE_SPNEGO = 9;
122 const uint8 DCERPC_AUTH_TYPE_NTLMSSP = 10;
123 /* I'm not 100% sure but type 16(0x10)
124 * seems to be raw krb5 --metze
126 const uint8 DCERPC_AUTH_TYPE_KRB5 = 16;
127 const uint8 DCERPC_AUTH_TYPE_SCHANNEL = 68;
128 const uint8 DCERPC_AUTH_TYPE_MSMQ = 100;
130 const uint8 DCERPC_AUTH_LEVEL_DEFAULT = DCERPC_AUTH_LEVEL_CONNECT;
131 const uint8 DCERPC_AUTH_LEVEL_NONE = 1;
132 const uint8 DCERPC_AUTH_LEVEL_CONNECT = 2;
133 const uint8 DCERPC_AUTH_LEVEL_CALL = 3;
134 const uint8 DCERPC_AUTH_LEVEL_PACKET = 4;
135 const uint8 DCERPC_AUTH_LEVEL_INTEGRITY = 5;
136 const uint8 DCERPC_AUTH_LEVEL_PRIVACY = 6;
138 typedef [public] struct {
141 uint8 auth_pad_length;
143 uint32 auth_context_id;
144 [flag(NDR_REMAINING)] DATA_BLOB credentials;
147 typedef [public] struct {
149 [flag(NDR_REMAINING)] DATA_BLOB auth_info;
152 typedef [public] struct {
154 [flag(NDR_REMAINING)] DATA_BLOB auth_info;
157 typedef [public] struct {
159 [flag(NDR_REMAINING)] DATA_BLOB auth_info;
162 typedef [public] struct {
167 typedef [public] struct {
170 boolean32 server_is_accepting;
173 typedef [public] struct {
178 uint32 max_frag_size;
181 uint32 selack[selack_size];
184 typedef [public] struct {
187 typedef [public] struct {
190 typedef [public] struct {
193 typedef [public] struct {
196 typedef [enum8bit] enum {
197 DCERPC_PKT_REQUEST = 0,
199 DCERPC_PKT_RESPONSE = 2,
200 DCERPC_PKT_FAULT = 3,
201 DCERPC_PKT_WORKING = 4,
202 DCERPC_PKT_NOCALL = 5,
203 DCERPC_PKT_REJECT = 6,
205 DCERPC_PKT_CL_CANCEL = 8,
207 DCERPC_PKT_CANCEL_ACK = 10,
208 DCERPC_PKT_BIND = 11,
209 DCERPC_PKT_BIND_ACK = 12,
210 DCERPC_PKT_BIND_NAK = 13,
211 DCERPC_PKT_ALTER = 14,
212 DCERPC_PKT_ALTER_RESP = 15,
213 DCERPC_PKT_AUTH3 = 16,
214 DCERPC_PKT_SHUTDOWN = 17,
215 DCERPC_PKT_CO_CANCEL = 18,
216 DCERPC_PKT_ORPHANED = 19
219 typedef [nodiscriminant] union {
220 [case(DCERPC_PKT_REQUEST)] dcerpc_request request;
221 [case(DCERPC_PKT_PING)] dcerpc_ping ping;
222 [case(DCERPC_PKT_RESPONSE)] dcerpc_response response;
223 [case(DCERPC_PKT_FAULT)] dcerpc_fault fault;
224 [case(DCERPC_PKT_WORKING)] dcerpc_working working;
225 [case(DCERPC_PKT_NOCALL)] dcerpc_fack nocall;
226 [case(DCERPC_PKT_REJECT)] dcerpc_fault reject;
227 [case(DCERPC_PKT_ACK)] dcerpc_ack ack;
228 [case(DCERPC_PKT_CL_CANCEL)] dcerpc_cl_cancel cl_cancel;
229 [case(DCERPC_PKT_FACK)] dcerpc_fack fack;
230 [case(DCERPC_PKT_CANCEL_ACK)] dcerpc_cancel_ack cancel_ack;
231 [case(DCERPC_PKT_BIND)] dcerpc_bind bind;
232 [case(DCERPC_PKT_BIND_ACK)] dcerpc_bind_ack bind_ack;
233 [case(DCERPC_PKT_BIND_NAK)] dcerpc_bind_nak bind_nak;
234 [case(DCERPC_PKT_ALTER)] dcerpc_bind alter;
235 [case(DCERPC_PKT_ALTER_RESP)] dcerpc_bind_ack alter_resp;
236 [case(DCERPC_PKT_SHUTDOWN)] dcerpc_shutdown shutdown;
237 [case(DCERPC_PKT_CO_CANCEL)] dcerpc_co_cancel co_cancel;
238 [case(DCERPC_PKT_ORPHANED)] dcerpc_orphaned orphaned;
239 [case(DCERPC_PKT_AUTH3)] dcerpc_auth3 auth3;
242 /* pfc_flags values */
243 const uint8 DCERPC_PFC_FLAG_FIRST = 0x01;
244 const uint8 DCERPC_PFC_FLAG_LAST = 0x02;
245 const uint8 DCERPC_PFC_FLAG_NOCALL = 0x20;
246 const uint8 DCERPC_PFC_FLAG_ORPC = 0x80;
248 /* these offsets are needed by the signing code */
249 const uint8 DCERPC_DREP_OFFSET = 4;
250 const uint8 DCERPC_FRAG_LEN_OFFSET = 8;
251 const uint8 DCERPC_AUTH_LEN_OFFSET = 10;
253 /* little-endian flag */
254 const uint8 DCERPC_DREP_LE = 0x10;
256 typedef [public] struct {
257 uint8 rpc_vers; /* RPC version */
258 uint8 rpc_vers_minor; /* Minor version */
259 dcerpc_pkt_type ptype; /* Packet type */
260 uint8 pfc_flags; /* Fragmentation flags */
261 uint8 drep[4]; /* NDR data representation */
262 uint16 frag_length; /* Total length of fragment */
263 uint16 auth_length; /* authenticator length */
264 uint32 call_id; /* Call identifier */
265 [switch_is(ptype)] dcerpc_payload u;
268 typedef [public] struct {
269 uint8 rpc_vers; /* RPC version (4) */
278 uint32 server_boot; /* Server boot time */
279 uint32 iface_version;
288 [switch_is(ptype)] dcerpc_payload u;