epan/dissectors/packet-dcerpc-nt.h

   1 /* packet-dcerpc-nt.h
   2  * Routines for DCERPC over SMB packet disassembly
   3  * Copyright 2001-2003 Tim Potter <tpot@samba.org>
   4  *
   5  * $Id$
   6  *
   7  * Ethereal - Network traffic analyzer
   8  * By Gerald Combs <gerald@ethereal.com>
   9  * Copyright 1998 Gerald Combs
  10  *
  11  * This program is free software; you can redistribute it and/or
  12  * modify it under the terms of the GNU General Public License
  13  * as published by the Free Software Foundation; either version 2
  14  * of the License, or (at your option) any later version.
  15  *
  16  * This program is distributed in the hope that it will be useful,
  17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19  * GNU General Public License for more details.
  20  *
  21  * You should have received a copy of the GNU General Public License
  22  * along with this program; if not, write to the Free Software
  23  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
  24  */
  25
  26 #ifndef __PACKET_DCERPC_NT_H
  27 #define __PACKET_DCERPC_NT_H
  28
  29 /*
  30  * ett_ value for Unicode strings.
  31  */
  32 extern gint ett_nt_unicode_string;
  33
  34 /*
  35  * Platform ID values, used by several dissectors.
  36  */
  37 extern const value_string platform_id_vals[];
  38
  39 /* Routines for handling deferral of referants in NDR */
  40
  41 #define ALIGN_TO_8_BYTES \
  42         { dcerpc_info *xzdi; \
  43           xzdi=pinfo->private_data; \
  44           if(!xzdi->conformant_run) { \
  45                 if(offset&0x07) { \
  46                         offset=(offset&0xfffffff8)+8; \
  47                 } \
  48           } \
  49         }
  50 #define ALIGN_TO_4_BYTES \
  51         { dcerpc_info *xzdi; \
  52           xzdi=pinfo->private_data; \
  53           if(!xzdi->conformant_run) { \
  54                 if(offset&0x03) { \
  55                         offset=(offset&0xfffffffc)+4; \
  56                 } \
  57           } \
  58         }
  59 #define ALIGN_TO_2_BYTES \
  60         { dcerpc_info *xzdi; \
  61           xzdi=pinfo->private_data; \
  62           if(!xzdi->conformant_run) { \
  63                 if(offset&0x01) { \
  64                         offset=(offset&0xfffffffe)+2; \
  65                 } \
  66           } \
  67         }
  68
  69 int
  70 dissect_ndr_counted_ascii_string_cb(tvbuff_t *tvb, int offset,
  71                                   packet_info *pinfo, proto_tree *tree,
  72                                   guint8 *drep, int hf_index,
  73                                   dcerpc_callback_fnct_t *callback,
  74                                     void *callback_args);
  75 int
  76 dissect_ndr_counted_ascii_string(tvbuff_t *tvb, int offset,
  77                                packet_info *pinfo, proto_tree *tree,
  78                                  guint8 *drep, int hf_index, int levels);
  79
  80 int
  81 dissect_ndr_counted_string_cb(tvbuff_t *tvb, int offset,
  82                               packet_info *pinfo, proto_tree *tree,
  83                               guint8 *drep, int hf_index,
  84                               dcerpc_callback_fnct_t *callback,
  85                               void *callback_args);
  86
  87 int
  88 dissect_ndr_counted_string_ptr(tvbuff_t *tvb, int offset,
  89                                packet_info *pinfo, proto_tree *parent_tree,
  90                                guint8 *drep);
  91
  92 int
  93 dissect_ndr_counted_string(tvbuff_t *tvb, int offset,
  94                            packet_info *pinfo, proto_tree *parent_tree,
  95                            guint8 *drep, int hf_index, int levels);
  96
  97 int
  98 dissect_ndr_counted_byte_array(tvbuff_t *tvb, int offset,
  99                                packet_info *pinfo, proto_tree *parent_tree,
 100                                guint8 *drep, int hf_index, int levels);
 101
 102 int
 103 dissect_ndr_counted_byte_array_cb(tvbuff_t *tvb, int offset,
 104                                   packet_info *pinfo, proto_tree *tree,
 105                                   guint8 *drep, int hf_index,
 106                                   dcerpc_callback_fnct_t *callback,
 107                                   void *callback_args);
 108
 109 int
 110 dissect_ndr_nt_acct_ctrl(tvbuff_t *tvb, int offset, packet_info *pinfo,
 111                         proto_tree *parent_tree, guint8 *drep);
 112
 113 int
 114 dissect_nt_GUID(tvbuff_t *tvb, int offset,
 115                         packet_info *pinfo, proto_tree *tree,
 116                         guint8 *drep);
 117
 118 int
 119 dissect_ndr_nt_NTTIME (tvbuff_t *tvb, int offset,
 120                         packet_info *pinfo, proto_tree *tree,
 121                         guint8 *drep, int hf_index);
 122 int
 123 dissect_ndr_nt_LOGON_HOURS(tvbuff_t *tvb, int offset,
 124                         packet_info *pinfo, proto_tree *parent_tree,
 125                         guint8 *drep);
 126 int
 127 dissect_ndr_nt_SID(tvbuff_t *tvb, int offset,
 128                    packet_info *pinfo, proto_tree *tree,
 129                    guint8 *drep);
 130 int
 131 dissect_ndr_nt_PSID(tvbuff_t *tvb, int offset,
 132                     packet_info *pinfo, proto_tree *parent_tree,
 133                     guint8 *drep);
 134 int
 135 dissect_ndr_nt_PSID_ARRAY(tvbuff_t *tvb, int offset,
 136                         packet_info *pinfo, proto_tree *parent_tree,
 137                         guint8 *drep);
 138
 139 int
 140 dissect_ndr_nt_SID_AND_ATTRIBUTES_ARRAY(tvbuff_t *tvb, int offset,
 141                         packet_info *pinfo, proto_tree *parent_tree,
 142                         guint8 *drep);
 143 int
 144 dissect_ndr_nt_SID_AND_ATTRIBUTES(tvbuff_t *tvb, int offset,
 145                         packet_info *pinfo, proto_tree *parent_tree,
 146                         guint8 *drep);
 147
 148 /*
 149  * Policy handle hashing
 150  */
 151
 152 /* Store open and close packet numbers for a policy handle */
 153
 154 void
 155 dcerpc_smb_store_pol_pkts(e_ctx_hnd *policy_hnd, packet_info *pinfo,
 156                           gboolean is_open, gboolean is_close);
 157
 158 /* Store a name with a policy handle */
 159
 160 void
 161 dcerpc_smb_store_pol_name(e_ctx_hnd *policy_hnd, packet_info *pinfo,
 162                           char *name);
 163
 164 /* Fetch details stored with a policy handle */
 165
 166 gboolean
 167 dcerpc_smb_fetch_pol(e_ctx_hnd *policy_hnd, char **name,
 168                      guint32 *open_frame, guint32 *close_frame,
 169                      guint32 cur_frame);
 170
 171 /* Dissect NT specific things */
 172
 173 int
 174 dissect_ntstatus(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 175                  proto_tree *tree, guint8 *drep,
 176                  int hfindex, guint32 *pdata);
 177
 178 int
 179 dissect_doserror(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 180                  proto_tree *tree, guint8 *drep,
 181                  int hfindex, guint32 *pdata);
 182
 183 int
 184 dissect_nt_policy_hnd(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 185                       proto_tree *tree, guint8 *drep, int hfindex,
 186                       e_ctx_hnd *pdata, proto_item **pitem,
 187                       gboolean is_open, gboolean is_close);
 188
 189 int
 190 dissect_nt_LUID(tvbuff_t *tvb, int offset,
 191                         packet_info *pinfo, proto_tree *tree,
 192                         guint8 *drep);
 193
 194 /* Stored here instead of packet-dcerpc{,-ndr}.c as they are probably not
 195    official NDR representations. */
 196
 197 int dissect_dcerpc_uint8s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 198                           proto_tree *tree, guint8 *drep,
 199                           int hfindex, int length, const guint8 **pdata);
 200
 201 int dissect_ndr_uint8s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 202                        proto_tree *tree, guint8 *drep,
 203                        int hfindex, int length, const guint8 **pdata);
 204
 205 int dissect_dcerpc_uint16s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 206                            proto_tree *tree, guint8 *drep,
 207                            int hfindex, int length);
 208
 209 int dissect_ndr_uint16s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 210                         proto_tree *tree, guint8 *drep,
 211                         int hfindex, int length);
 212
 213 int dissect_ndr_str_pointer_item(tvbuff_t *tvb, gint offset,
 214                                  packet_info *pinfo, proto_tree *tree,
 215                                  guint8 *drep, int type, char *text,
 216                                  int hf_index, int levels);
 217
 218 /*
 219  * Helper routines for dissecting NDR strings
 220  */
 221
 222 /* Number of levels to go up appending string to pointer item */
 223 #define CB_STR_ITEM_LEVELS(x)   ((x) & 0xFFFF)
 224 #define CB_STR_COL_INFO 0x10000 /* Append string to COL_INFO */
 225 #define CB_STR_SAVE     0x20000 /* Save string to dcv->private_data */
 226
 227 void cb_wstr_postprocess(packet_info *pinfo, proto_tree *tree _U_,
 228                         proto_item *item, tvbuff_t *tvb,
 229                         int start_offset, int end_offset,
 230                         void *callback_args);
 231 void cb_str_postprocess(packet_info *pinfo, proto_tree *tree _U_,
 232                         proto_item *item, tvbuff_t *tvb,
 233                         int start_offset, int end_offset,
 234                         void *callback_args);
 235
 236 /* Initialise DCERPC over SMB */
 237
 238 void dcerpc_smb_init(int proto_dcerpc);
 239
 240 #endif /* packet-dcerpc-nt.h */