1 /* packet-dcerpc-rs_pgo.c
3 * Routines for dcerpc Afs4Int dissection
4 * Copyright 2002, Jaime Fournier <Jaime.Fournier@hush.com>
5 * This information is based off the released idl files from opengroup.
6 * ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/rs_pgo.idl
10 * Wireshark - Network traffic analyzer
11 * By Gerald Combs <gerald@wireshark.org>
12 * Copyright 1998 Gerald Combs
14 * This program is free software; you can redistribute it and/or
15 * modify it under the terms of the GNU General Public License
16 * as published by the Free Software Foundation; either version 2
17 * of the License, or (at your option) any later version.
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 #ifdef HAVE_SYS_TYPES_H
35 #include <sys/types.h>
39 #include <epan/packet.h>
40 #include "packet-dcerpc.h"
41 #include "packet-dcerpc-dce122.h"
44 dissect_rgy_acct_user_flags_t
47 static int proto_rs_pgo = -1;
48 static int hf_rs_pgo_opnum = -1;
49 static int hf_rs_var1 = -1;
50 static int hf_rs_pgo_query_result_t = -1;
51 static int hf_rs_pgo_query_t = -1;
52 static int hf_rs_pgo_query_key_t = -1;
53 static int hf_error_status_t = -1;
54 static int hf_sec_rgy_pgo_flags_t = -1;
55 static int hf_rs_sec_rgy_pgo_item_t_quota = -1;
56 static int hf_rs_sec_rgy_pgo_item_t_unix_num = -1;
57 static int hf_rs_timeval = -1;
58 static int hf_rs_uuid1 = -1;
59 static int hf_sec_rgy_domain_t = -1;
60 static int hf_sec_rgy_name_t_principalName_string = -1;
61 static int hf_sec_rgy_name_t_size = -1;
62 static int hf_sec_rgy_pname_t_principalName_string = -1;
63 static int hf_sec_rgy_pname_t_size = -1;
64 static int hf_rs_pgo_unix_num_key_t = -1;
66 static gint ett_rs_cache_data_t = -1;
67 static gint ett_sec_rgy_domain_t = -1;
68 static gint ett_rgy_acct_user_flags_t = -1;
69 static gint ett_sec_attr_component_name_t = -1;
70 static gint ett_sec_passwd_type_t = -1;
71 static gint ett_sec_rgy_acct_admin_flags_t = -1;
72 static gint ett_sec_rgy_acct_admin_t = -1;
73 static gint ett_sec_rgy_acct_auth_flags_t = -1;
74 static gint ett_sec_rgy_acct_key_t = -1;
75 static gint ett_sec_rgy_acct_user_t = -1;
76 static gint ett_sec_rgy_cursor_t = -1;
77 static gint ett_sec_rgy_foreign_id_t = -1;
78 static gint ett_sec_rgy_login_name_t = -1;
79 static gint ett_sec_rgy_name_t = -1;
80 static gint ett_sec_rgy_pgo_item_t = -1;
81 static gint ett_sec_rgy_pname_t = -1;
82 static gint ett_sec_rgy_sid_t = -1;
83 static gint ett_sec_rgy_unix_passwd_buf_t = -1;
84 static gint ett_sec_rgy_unix_sid_t = -1;
85 static gint ett_sec_timeval_sec_t = -1;
86 static gint ett_sec_rgy_pgo_flags_t = -1;
87 static gint ett_error_status_t = -1;
88 static gint ett_rs_pgo_query_t = -1;
89 static gint ett_rs_pgo_query_key_t = -1;
90 static gint ett_rs_pgo_id_key_t = -1;
91 static gint ett_rs_pgo_unix_num_key_t = -1;
92 static gint ett_rs_pgo_query_result_t = -1;
93 static gint ett_rs_pgo_result_t = -1;
96 #define sec_rgy_acct_admin_valid 0x1
97 #define sec_rgy_acct_admin_audit 0x2
98 #define sec_rgy_acct_admin_server 0x4
99 #define sec_rgy_acct_admin_client 0x8
100 #define sec_rgy_acct_admin_flags_none 0
101 #define sec_rgy_acct_auth_post_dated 0x1
102 #define sec_rgy_acct_auth_forwardable 0x2
103 #define sec_rgy_acct_auth_tgt 0x4
104 #define sec_rgy_acct_auth_renewable 0x8
105 #define sec_rgy_acct_auth_proxiable 0x10
106 #define sec_rgy_acct_auth_dup_skey 0x20
107 #define sec_rgy_acct_auth_user_to_user 0x40
108 #define sec_rgy_acct_auth_flags_none 0
109 #define sec_rgy_acct_user_passwd_valid 0x1
110 #define sec_rgy_acct_user_flags_none 0
111 #define rs_acct_part_user 0x1
112 #define rs_acct_part_admin 0x2
113 #define rs_acct_part_passwd 0x4
114 #define rs_acct_part_unused 0x8
115 #define rs_acct_part_login_name 0x10
116 #define sec_rgy_pgo_is_an_alias 0x1
117 #define sec_rgy_pgo_is_required 0x2
118 #define sec_rgy_pgo_projlist_ok 0x4
119 #define sec_rgy_pgo_flags_none 0
120 #define sec_rgy_acct_user_passwd_valid 0x1
121 #define sec_rgy_acct_user_flags_none 0
123 static gint ett_rs_pgo = -1;
125 static e_uuid_t uuid_rs_pgo =
126 { 0x4c878280, 0x3000, 0x0000, {0x0d, 0x00, 0x02, 0x87, 0x14, 0x00, 0x00,
129 static guint16 ver_rs_pgo = 1;
133 dissect_error_status_t (tvbuff_t * tvb, int offset,
134 packet_info * pinfo, proto_tree * parent_tree,
137 proto_item *item = NULL;
138 proto_tree *tree = NULL;
139 int old_offset = offset;
144 di = pinfo->private_data;
145 if (di->conformant_run)
152 item = proto_tree_add_text (parent_tree, tvb, offset, -1,
154 tree = proto_item_add_subtree (item, ett_error_status_t);
158 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep, hf_error_status_t,
160 st_str = val_to_str (st, dce_error_vals, "%u");
162 if (check_col (pinfo->cinfo, COL_INFO))
163 col_append_fstr (pinfo->cinfo, COL_INFO, " st:%s ", st_str);
165 proto_item_set_len (item, offset - old_offset);
171 dissect_sec_rgy_pname_t (tvbuff_t * tvb, int offset,
172 packet_info * pinfo, proto_tree * parent_tree,
177 proto_item *item = NULL;
178 proto_tree *tree = NULL;
179 int old_offset = offset;
180 #define sec_rgy_pname_t_size 257
182 dissect sec_rgy_pname const signed32 sec_rgy_pname_t_size = 257; * Include final '\0' *
183 typedef [string] char sec_rgy_pname_t[sec_rgy_pname_t_size];
186 const guint8 *namestring;
189 di = pinfo->private_data;
190 if (di->conformant_run)
199 proto_tree_add_text (parent_tree, tvb, offset, -1, "sec_rgy_pname_t");
200 tree = proto_item_add_subtree (item, ett_sec_rgy_pname_t);
204 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
205 hf_sec_rgy_pname_t_size, &string_size);
206 if (check_col (pinfo->cinfo, COL_INFO))
207 col_append_fstr (pinfo->cinfo, COL_INFO, " String_size:%u", string_size);
208 if (string_size < sec_rgy_pname_t_size)
210 /* proto_tree_add_string(tree, id, tvb, start, length, value_ptr); */
212 proto_tree_add_string (tree, hf_sec_rgy_pname_t_principalName_string,
213 tvb, offset, string_size, tvb_get_ptr (tvb,
218 namestring = tvb_get_ptr (tvb, offset, string_size);
219 if (check_col (pinfo->cinfo, COL_INFO))
220 col_append_fstr (pinfo->cinfo, COL_INFO, " Principal:%s",
223 offset += string_size;
227 if (check_col (pinfo->cinfo, COL_INFO))
228 col_append_fstr (pinfo->cinfo, COL_INFO,
229 " :FIXME!: Invalid string length of %u",
233 proto_item_set_len (item, offset - old_offset);
238 dissect_sec_rgy_pgo_flags_t (tvbuff_t * tvb, int offset,
239 packet_info * pinfo, proto_tree * parent_tree,
247 proto_item *item = NULL;
248 proto_tree *tree = NULL;
249 int old_offset = offset;
254 typedef bitset sec_rgy_pgo_flags_t;
257 di = pinfo->private_data;
258 if (di->conformant_run)
267 proto_tree_add_text (parent_tree, tvb, offset, -1,
268 "sec_rgy_pgo_flags_t ");
269 tree = proto_item_add_subtree (item, ett_sec_rgy_pgo_flags_t);
273 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
274 hf_sec_rgy_pgo_flags_t, &flags);
278 * s e c _ r g y _ p g o _ f l a g s _ t
281 * pgo item is an alias *
282 const unsigned32 sec_rgy_pgo_is_an_alias = 0x1;
284 * pgo item is required - cannot be deleted *
285 const unsigned32 sec_rgy_pgo_is_required = 0x2;
288 * projlist_ok: on person items indicates person can have a concurrent
289 * group set on group items indicates this group can appear on a
290 * concurrent group set. On org items this flag is undefined.
292 const unsigned32 sec_rgy_pgo_projlist_ok = 0x4;
297 const unsigned32 sec_rgy_pgo_flags_none = 0;
299 #define sec_rgy_pgo_is_an_alias 0x1
300 #define sec_rgy_pgo_is_required 0x2
301 #define sec_rgy_pgo_projlist_ok 0x4
302 #define sec_rgy_pgo_flags_none 0
305 col_append_str (pinfo->cinfo, COL_INFO, " PgoFlags=");
306 if ((flags & sec_rgy_pgo_is_an_alias) == sec_rgy_pgo_is_an_alias)
308 col_append_str (pinfo->cinfo, COL_INFO, ":IS_AN_ALIAS");
310 if ((flags & sec_rgy_pgo_is_required) == sec_rgy_pgo_is_required)
312 col_append_str (pinfo->cinfo, COL_INFO, ":IS_REQUIRED");
314 if ((flags & sec_rgy_pgo_projlist_ok) == sec_rgy_pgo_projlist_ok)
316 col_append_str (pinfo->cinfo, COL_INFO, ":PROJLIST_OK");
318 if ((flags & sec_rgy_acct_admin_client) == sec_rgy_acct_admin_client)
320 col_append_str (pinfo->cinfo, COL_INFO, ":NONE");
322 if ((flags & sec_rgy_pgo_flags_none) == sec_rgy_pgo_flags_none)
324 col_append_str (pinfo->cinfo, COL_INFO, ":NONE");
327 proto_item_set_len (item, offset - old_offset);
335 dissect_rs_cache_data_t (tvbuff_t * tvb, int offset,
336 packet_info * pinfo, proto_tree * parent_tree,
343 sec_timeval_sec_t person_dtm;
344 sec_timeval_sec_t group_dtm;
345 sec_timeval_sec_t org_dtm;
350 proto_item *item = NULL;
351 proto_tree *tree = NULL;
352 int old_offset = offset;
354 guint32 person_dtm, group_dtm, org_dtm;
358 di = pinfo->private_data;
359 if (di->conformant_run)
368 proto_tree_add_text (parent_tree, tvb, offset, -1, "rs_cache_data_t");
369 tree = proto_item_add_subtree (item, ett_rs_cache_data_t);
374 dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep, hf_rs_uuid1, &uuid1);
376 dissect_dcerpc_time_t (tvb, offset, pinfo, tree, drep, hf_rs_timeval,
379 dissect_dcerpc_time_t (tvb, offset, pinfo, tree, drep, hf_rs_timeval,
382 dissect_dcerpc_time_t (tvb, offset, pinfo, tree, drep, hf_rs_timeval,
385 if (check_col (pinfo->cinfo, COL_INFO))
386 col_append_fstr (pinfo->cinfo, COL_INFO,
387 " siteid %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x person_dtm:%u group_dtm:%u org_dtm:%u",
388 uuid1.Data1, uuid1.Data2, uuid1.Data3, uuid1.Data4[0],
389 uuid1.Data4[1], uuid1.Data4[2], uuid1.Data4[3],
390 uuid1.Data4[4], uuid1.Data4[5], uuid1.Data4[6],
391 uuid1.Data4[7], person_dtm, group_dtm, org_dtm);
393 proto_item_set_len (item, offset - old_offset);
400 dissect_sec_rgy_name_t (tvbuff_t * tvb, int offset,
401 packet_info * pinfo, proto_tree * parent_tree,
406 proto_item *item = NULL;
407 proto_tree *tree = NULL;
408 int old_offset = offset;
409 #define sec_rgy_name_t_size 1025
410 /* typedef [string] char sec_rgy_name_t[sec_rgy_name_t_size]; */
412 const guint8 *namestring;
415 di = pinfo->private_data;
416 if (di->conformant_run)
425 proto_tree_add_text (parent_tree, tvb, offset, -1, "sec_rgy_name_t");
426 tree = proto_item_add_subtree (item, ett_sec_rgy_name_t);
430 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
431 hf_sec_rgy_name_t_size, &string_size);
432 if (check_col (pinfo->cinfo, COL_INFO))
433 col_append_fstr (pinfo->cinfo, COL_INFO, " String_size:%u", string_size);
434 if (string_size < sec_rgy_name_t_size)
436 /* proto_tree_add_string(tree, id, tvb, start, length, value_ptr); */
438 proto_tree_add_string (tree, hf_sec_rgy_name_t_principalName_string,
439 tvb, offset, string_size, tvb_get_ptr (tvb,
444 namestring = tvb_get_ptr (tvb, offset, string_size);
445 if (check_col (pinfo->cinfo, COL_INFO))
446 col_append_fstr (pinfo->cinfo, COL_INFO, " Principal:%s",
449 offset += string_size;
453 if (check_col (pinfo->cinfo, COL_INFO))
454 col_append_fstr (pinfo->cinfo, COL_INFO,
455 " :FIXME!: Invalid string length of %u",
459 proto_item_set_len (item, offset - old_offset);
465 dissect_sec_rgy_domain_t (tvbuff_t * tvb, int offset,
466 packet_info * pinfo, proto_tree * parent_tree,
471 typedef signed32 sec_rgy_domain_t;
474 proto_item *item = NULL;
475 proto_tree *tree = NULL;
476 int old_offset = offset;
480 di = pinfo->private_data;
481 if (di->conformant_run)
490 proto_tree_add_text (parent_tree, tvb, offset, -1, "sec_rgy_domain_t");
491 tree = proto_item_add_subtree (item, ett_sec_rgy_domain_t);
496 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep, hf_sec_rgy_domain_t,
499 if (check_col (pinfo->cinfo, COL_INFO))
500 col_append_fstr (pinfo->cinfo, COL_INFO, " sec_rgy_domain_t:%u",
504 proto_item_set_len (item, offset - old_offset);
509 dissect_sec_rgy_pgo_item_t (tvbuff_t * tvb, int offset,
510 packet_info * pinfo, proto_tree * parent_tree,
519 sec_rgy_pgo_flags_t flags;
520 sec_rgy_pname_t fullname;
521 } sec_rgy_pgo_item_t;
525 proto_item *item = NULL;
526 proto_tree *tree = NULL;
527 int old_offset = offset;
530 guint32 unix_num, quota;
532 di = pinfo->private_data;
533 if (di->conformant_run)
542 proto_tree_add_text (parent_tree, tvb, offset, -1,
543 " sec_rgy_pgo_item_t ");
544 tree = proto_item_add_subtree (item, ett_sec_rgy_pgo_item_t);
548 dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep, hf_rs_uuid1, &id);
550 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
551 hf_rs_sec_rgy_pgo_item_t_unix_num, &unix_num);
553 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
554 hf_rs_sec_rgy_pgo_item_t_quota, "a);
555 offset = dissect_sec_rgy_pgo_flags_t (tvb, offset, pinfo, tree, drep);
556 offset += 4; /* XXX */
557 offset = dissect_sec_rgy_pname_t (tvb, offset, pinfo, tree, drep);
559 if (check_col (pinfo->cinfo, COL_INFO))
560 col_append_fstr (pinfo->cinfo, COL_INFO,
561 " sec_rgy_pgo_item_t - id %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x unix_num:%u quota:%u",
562 id.Data1, id.Data2, id.Data3, id.Data4[0],
563 id.Data4[1], id.Data4[2], id.Data4[3],
564 id.Data4[4], id.Data4[5], id.Data4[6],
565 id.Data4[7], unix_num, quota);
567 proto_item_set_len (item, offset - old_offset);
573 dissect_sec_rgy_cursor_t (tvbuff_t * tvb, int offset,
574 packet_info * pinfo, proto_tree * parent_tree,
579 * Database cursor for iterative operations
590 proto_item *item = NULL;
591 proto_tree *tree = NULL;
592 int old_offset = offset;
595 guint32 handle, valid;
597 di = pinfo->private_data;
598 if (di->conformant_run)
607 proto_tree_add_text (parent_tree, tvb, offset, -1,
608 " sec_rgy_cursor_t ");
609 tree = proto_item_add_subtree (item, ett_sec_rgy_cursor_t);
613 dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep, hf_rs_uuid1, &source);
615 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
616 hf_rs_sec_rgy_pgo_item_t_unix_num, &handle);
618 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
619 hf_rs_sec_rgy_pgo_item_t_quota, &valid);
621 if (check_col (pinfo->cinfo, COL_INFO))
622 col_append_fstr (pinfo->cinfo, COL_INFO,
623 " sec_rgy_cursor_t - source %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x handle:%u valid:%u",
624 source.Data1, source.Data2, source.Data3,
625 source.Data4[0], source.Data4[1], source.Data4[2],
626 source.Data4[3], source.Data4[4], source.Data4[5],
627 source.Data4[6], source.Data4[7], handle, valid);
629 proto_item_set_len (item, offset - old_offset);
634 dissect_rs_pgo_query_t (tvbuff_t * tvb, int offset,
635 packet_info * pinfo, proto_tree * parent_tree,
643 rs_pgo_query_unix_num,
649 proto_item *item = NULL;
650 proto_tree *tree = NULL;
651 int old_offset = offset;
655 di = pinfo->private_data;
656 if (di->conformant_run)
665 proto_tree_add_text (parent_tree, tvb, offset, -1, "rs_pgo_query_t ");
666 tree = proto_item_add_subtree (item, ett_rs_pgo_query_t);
669 dissect_ndr_uint8 (tvb, offset, pinfo, tree, drep, hf_rs_pgo_query_t,
671 col_append_str (pinfo->cinfo, COL_INFO, " rs_pgo_query_t:");
675 case rs_pgo_query_name:
676 col_append_str (pinfo->cinfo, COL_INFO, "NAME");
678 case rs_pgo_query_id:
679 col_append_str (pinfo->cinfo, COL_INFO, "ID");
681 case rs_pgo_query_unix_num:
682 col_append_str (pinfo->cinfo, COL_INFO, "UNIX_NUM");
684 case rs_pgo_query_next:
685 col_append_str (pinfo->cinfo, COL_INFO, "NEXT");
687 case rs_pgo_query_none:
688 col_append_str (pinfo->cinfo, COL_INFO, "NONE");
691 if (check_col (pinfo->cinfo, COL_INFO))
692 col_append_fstr (pinfo->cinfo, COL_INFO, " unknown:%u", query_t);
698 proto_item_set_len (item, offset - old_offset);
702 dissect_rs_pgo_id_key_t (tvbuff_t * tvb, int offset,
703 packet_info * pinfo, proto_tree * parent_tree,
710 sec_rgy_name_t scope;
715 proto_item *item = NULL;
716 proto_tree *tree = NULL;
717 int old_offset = offset;
721 di = pinfo->private_data;
722 if (di->conformant_run)
731 proto_tree_add_text (parent_tree, tvb, offset, -1,
733 tree = proto_item_add_subtree (item, ett_rs_pgo_id_key_t);
737 dissect_ndr_uuid_t (tvb, offset, pinfo, tree, drep, hf_rs_uuid1, &id);
738 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
740 if (check_col (pinfo->cinfo, COL_INFO))
741 col_append_fstr (pinfo->cinfo, COL_INFO,
742 " rs_pgo_id_key_t - id %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
743 id.Data1, id.Data2, id.Data3, id.Data4[0],
744 id.Data4[1], id.Data4[2], id.Data4[3],
745 id.Data4[4], id.Data4[5], id.Data4[6], id.Data4[7]);
747 proto_item_set_len (item, offset - old_offset);
753 dissect_rs_pgo_result_t (tvbuff_t * tvb, int offset,
754 packet_info * pinfo, proto_tree * parent_tree,
761 sec_rgy_pgo_item_t item;
767 proto_item *item = NULL;
768 proto_tree *tree = NULL;
769 int old_offset = offset;
772 di = pinfo->private_data;
773 if (di->conformant_run)
781 proto_tree_add_text (parent_tree, tvb, offset, -1,
783 tree = proto_item_add_subtree (item, ett_rs_pgo_result_t);
786 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
787 offset = dissect_sec_rgy_pgo_item_t (tvb, offset, pinfo, tree, drep);
789 proto_item_set_len (item, offset - old_offset);
796 dissect_rs_pgo_unix_num_key_t (tvbuff_t * tvb, int offset,
797 packet_info * pinfo, proto_tree * parent_tree,
804 sec_rgy_name_t scope;
805 } rs_pgo_unix_num_key_t;
812 proto_item *item = NULL;
813 proto_tree *tree = NULL;
814 int old_offset = offset;
816 guint32 rs_pgo_unix_num_key_t;
818 di = pinfo->private_data;
819 if (di->conformant_run)
828 proto_tree_add_text (parent_tree, tvb, offset, -1,
829 " rs_pgo_unix_num_key_t ");
830 tree = proto_item_add_subtree (item, ett_rs_pgo_unix_num_key_t);
834 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
835 hf_rs_pgo_unix_num_key_t, &rs_pgo_unix_num_key_t);
836 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
838 if (check_col (pinfo->cinfo, COL_INFO))
839 col_append_fstr (pinfo->cinfo, COL_INFO,
840 " rs_pgo_unix_num_key_t:%u", rs_pgo_unix_num_key_t);
842 proto_item_set_len (item, offset - old_offset);
848 dissect_rs_pgo_query_key_t (tvbuff_t * tvb, int offset,
849 packet_info * pinfo, proto_tree * parent_tree,
857 rs_pgo_query_unix_num,
862 typedef union switch (rs_pgo_query_t query) tagged_union {
863 case rs_pgo_query_name:
866 case rs_pgo_query_id:
867 rs_pgo_id_key_t id_key;
869 case rs_pgo_query_unix_num:
870 rs_pgo_unix_num_key_t unix_num_key;
872 case rs_pgo_query_next:
873 sec_rgy_name_t scope;
876 ; * empty branch of union *
878 } rs_pgo_query_key_t;
882 proto_item *item = NULL;
883 proto_tree *tree = NULL;
884 int old_offset = offset;
888 di = pinfo->private_data;
889 if (di->conformant_run)
898 proto_tree_add_text (parent_tree, tvb, offset, -1,
899 "rs_pgo_query_key_t ");
900 tree = proto_item_add_subtree (item, ett_rs_pgo_query_key_t);
903 dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep, hf_rs_pgo_query_key_t,
905 col_append_str (pinfo->cinfo, COL_INFO, " rs_pgo_query_key_t:");
909 case rs_pgo_query_name:
910 col_append_str (pinfo->cinfo, COL_INFO, "NAME");
911 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
913 case rs_pgo_query_id:
914 col_append_str (pinfo->cinfo, COL_INFO, "ID");
915 offset = dissect_rs_pgo_id_key_t (tvb, offset, pinfo, tree, drep);
917 case rs_pgo_query_unix_num:
918 col_append_str (pinfo->cinfo, COL_INFO, "UNIX_NUM");
919 offset = dissect_rs_pgo_unix_num_key_t (tvb, offset, pinfo, tree, drep);
921 case rs_pgo_query_next:
922 col_append_str (pinfo->cinfo, COL_INFO, "NEXT");
923 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
925 case rs_pgo_query_none:
926 col_append_str (pinfo->cinfo, COL_INFO, "NONE");
930 if (check_col (pinfo->cinfo, COL_INFO))
931 col_append_fstr (pinfo->cinfo, COL_INFO, " unknown:%u", query_t);
935 proto_item_set_len (item, offset - old_offset);
941 dissect_rs_pgo_query_result_t (tvbuff_t * tvb, int offset,
942 packet_info * pinfo, proto_tree * parent_tree,
945 proto_item *item = NULL;
946 proto_tree *tree = NULL;
947 int old_offset = offset;
951 #define error_status_ok 0
954 typedef union switch (signed32 status) tagged_union {
955 case error_status_ok:
956 rs_pgo_result_t result;
959 ; * empty branch of union *
961 } rs_pgo_query_result_t;
964 di = pinfo->private_data;
965 if (di->conformant_run)
972 item = proto_tree_add_text (parent_tree, tvb, offset, -1,
973 "rs_pgo_query_result_t");
974 tree = proto_item_add_subtree (item, ett_rs_pgo_query_result_t);
978 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
979 hf_rs_pgo_query_result_t, &st);
980 status = val_to_str (st, dce_error_vals, "%u");
982 if (check_col (pinfo->cinfo, COL_INFO))
983 col_append_fstr (pinfo->cinfo, COL_INFO, " status:%s ", status);
985 offset += 4; /* XXX */
989 case error_status_ok:
990 offset = dissect_rs_pgo_result_t (tvb, offset, pinfo, tree, drep);
997 proto_item_set_len (item, offset - old_offset);
1004 rs_pgo_dissect_add_rqst (tvbuff_t * tvb, int offset,
1005 packet_info * pinfo, proto_tree * tree,
1010 di = pinfo->private_data;
1011 if (di->conformant_run)
1017 [in] sec_rgy_domain_t name_domain,
1018 [in] sec_rgy_name_t pgo_name,
1019 [in] sec_rgy_pgo_item_t *pgo_item,
1022 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1024 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1026 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1027 dissect_sec_rgy_pgo_item_t, NDR_POINTER_REF,
1028 "sec_rgy_pgo_item_t: ", -1);
1033 rs_pgo_dissect_add_resp (tvbuff_t * tvb, int offset,
1034 packet_info * pinfo, proto_tree * tree,
1038 guint32 buff_remain;
1040 di = pinfo->private_data;
1041 if (di->conformant_run)
1047 [out] rs_cache_data_t *cache_info,
1048 [out] error_status_t *status
1051 buff_remain = tvb_length_remaining(tvb, offset);
1053 /* found several add_member responses that had 8 bytes of data. first was 4 0's and last was 3 zeros and a 1 */
1054 if (buff_remain > 8) {
1056 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1057 dissect_rs_cache_data_t, NDR_POINTER_REF,
1058 "cache_info: ", -1);
1061 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1062 dissect_error_status_t, NDR_POINTER_REF, "status: ",
1068 rs_pgo_dissect_delete_rqst (tvbuff_t * tvb, int offset,
1069 packet_info * pinfo, proto_tree * tree,
1074 di = pinfo->private_data;
1075 if (di->conformant_run)
1081 [in] sec_rgy_domain_t name_domain,
1082 [in] sec_rgy_name_t pgo_name,
1084 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1085 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1091 rs_pgo_dissect_delete_resp (tvbuff_t * tvb, int offset,
1092 packet_info * pinfo, proto_tree * tree,
1096 guint32 buff_remain;
1098 di = pinfo->private_data;
1099 if (di->conformant_run)
1105 [out] rs_cache_data_t *cache_info,
1106 [out] error_status_t *status
1108 buff_remain = tvb_length_remaining(tvb, offset);
1110 /* found several add_member responses that had 8 bytes of data. first was 4 0's and last was 3 zeros and a 1 */
1112 if (buff_remain > 8) {
1114 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1115 dissect_rs_cache_data_t, NDR_POINTER_REF,
1120 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1121 dissect_error_status_t, NDR_POINTER_REF, "status:",
1128 rs_pgo_dissect_replace_rqst (tvbuff_t * tvb, int offset,
1129 packet_info * pinfo, proto_tree * tree,
1134 di = pinfo->private_data;
1135 if (di->conformant_run)
1141 [in] sec_rgy_domain_t name_domain,
1142 [in] sec_rgy_name_t pgo_name,
1143 [in] sec_rgy_pgo_item_t *pgo_item,
1145 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1146 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1148 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1149 dissect_sec_rgy_pgo_item_t, NDR_POINTER_REF,
1156 rs_pgo_dissect_replace_resp (tvbuff_t * tvb, int offset,
1157 packet_info * pinfo, proto_tree * tree,
1162 di = pinfo->private_data;
1163 if (di->conformant_run)
1169 [out] rs_cache_data_t *cache_info,
1170 [out] error_status_t *status
1175 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1176 dissect_rs_cache_data_t, NDR_POINTER_REF,
1179 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1180 dissect_error_status_t, NDR_POINTER_REF, "status:",
1188 rs_pgo_dissect_add_member_rqst (tvbuff_t * tvb, int offset,
1189 packet_info * pinfo, proto_tree * tree,
1195 di = pinfo->private_data;
1196 if (di->conformant_run)
1204 [in] sec_rgy_domain_t name_domain,
1205 [in] sec_rgy_name_t go_name,
1206 [in] sec_rgy_name_t person_name,
1209 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1210 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1211 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1218 rs_pgo_dissect_rename_rqst (tvbuff_t * tvb, int offset,
1219 packet_info * pinfo, proto_tree * tree,
1224 di = pinfo->private_data;
1225 if (di->conformant_run)
1231 [in] sec_rgy_domain_t name_domain,
1232 [in] sec_rgy_name_t old_name,
1233 [in] sec_rgy_name_t new_name,
1235 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1236 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1237 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1244 rs_pgo_dissect_rename_resp (tvbuff_t * tvb, int offset,
1245 packet_info * pinfo, proto_tree * tree,
1250 di = pinfo->private_data;
1251 if (di->conformant_run)
1257 [out] rs_cache_data_t *cache_info,
1258 [out] error_status_t *status
1261 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1262 dissect_rs_cache_data_t, NDR_POINTER_REF,
1265 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1266 dissect_error_status_t, NDR_POINTER_REF, "status:",
1274 rs_pgo_dissect_add_member_resp (tvbuff_t * tvb, int offset,
1275 packet_info * pinfo, proto_tree * tree,
1279 guint32 buff_remain;
1281 di = pinfo->private_data;
1282 if (di->conformant_run)
1288 [out] rs_cache_data_t *cache_info,
1289 [out] error_status_t *status
1292 buff_remain = tvb_length_remaining(tvb, offset);
1294 /* found several add responses that had 8 bytes of data. first was 4 0's and last was 3 zeros and a 1 */
1295 if (buff_remain > 8) {
1298 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1299 dissect_rs_cache_data_t, NDR_POINTER_REF,
1303 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1304 dissect_error_status_t, NDR_POINTER_REF, "status:",
1312 rs_pgo_dissect_delete_member_rqst (tvbuff_t * tvb, int offset,
1313 packet_info * pinfo, proto_tree * tree,
1318 di = pinfo->private_data;
1319 if (di->conformant_run)
1325 void rs_pgo_delete_member (
1326 [in] sec_rgy_domain_t name_domain,
1327 [in] sec_rgy_name_t go_name,
1328 [in] sec_rgy_name_t person_name,
1332 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1333 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1334 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1342 rs_pgo_dissect_get_members_rqst (tvbuff_t * tvb, int offset,
1343 packet_info * pinfo, proto_tree * tree,
1347 guint32 max_members;
1350 di = pinfo->private_data;
1351 if (di->conformant_run)
1357 [in] sec_rgy_domain_t name_domain,
1358 [in] sec_rgy_name_t go_name,
1359 [in, out] sec_rgy_cursor_t *member_cursor,
1360 [in] signed32 max_members,
1363 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1365 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1367 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1368 dissect_sec_rgy_cursor_t, NDR_POINTER_REF,
1369 "member_cursor:", -1);
1371 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep, hf_rs_var1,
1374 if (check_col (pinfo->cinfo, COL_INFO))
1375 col_append_fstr (pinfo->cinfo, COL_INFO, " :max_members:%u", max_members);
1381 rs_pgo_dissect_key_transfer_rqst (tvbuff_t * tvb, int offset,
1382 packet_info * pinfo, proto_tree * tree,
1387 di = pinfo->private_data;
1388 if (di->conformant_run)
1394 [in] sec_rgy_domain_t name_domain,
1395 [in] rs_pgo_query_t requested_result_type,
1396 [in, out] rs_pgo_query_key_t *key,
1400 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1401 offset = dissect_rs_pgo_query_t (tvb, offset, pinfo, tree, drep);
1403 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1404 dissect_rs_pgo_query_key_t, NDR_POINTER_REF, "key:",
1411 rs_pgo_dissect_key_transfer_resp (tvbuff_t * tvb, int offset,
1412 packet_info * pinfo, proto_tree * tree,
1417 di = pinfo->private_data;
1418 if (di->conformant_run)
1424 [in, out] rs_pgo_query_key_t *key,
1425 [out] rs_cache_data_t *cache_info,
1426 [out] error_status_t *status
1430 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1431 dissect_rs_pgo_query_key_t, NDR_POINTER_REF, "key:",
1434 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1435 dissect_rs_cache_data_t, NDR_POINTER_REF,
1438 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1439 dissect_error_status_t, NDR_POINTER_REF, "status:",
1447 rs_pgo_dissect_is_member_resp (tvbuff_t * tvb, int offset,
1448 packet_info * pinfo, proto_tree * tree,
1453 di = pinfo->private_data;
1454 if (di->conformant_run)
1460 [out] rs_cache_data_t *cache_info,
1461 [out] error_status_t *status
1464 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1465 dissect_rs_cache_data_t, NDR_POINTER_REF,
1468 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1469 dissect_error_status_t, NDR_POINTER_REF, "status:",
1476 rs_pgo_dissect_is_member_rqst (tvbuff_t * tvb, int offset,
1477 packet_info * pinfo, proto_tree * tree,
1482 [in] sec_rgy_domain_t name_domain,
1483 [in] sec_rgy_name_t go_name,
1484 [in] sec_rgy_name_t person_name,
1488 di = pinfo->private_data;
1489 if (di->conformant_run)
1495 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1496 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1498 offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, drep);
1507 rs_pgo_dissect_get_rqst (tvbuff_t * tvb, int offset,
1508 packet_info * pinfo, proto_tree * tree,
1512 guint32 allow_aliases;
1514 di = pinfo->private_data;
1515 if (di->conformant_run)
1521 [in] sec_rgy_domain_t name_domain,
1522 [in] rs_pgo_query_key_t *key,
1523 [in] boolean32 allow_aliases,
1524 [in, out] sec_rgy_cursor_t *item_cursor,
1527 offset = dissect_sec_rgy_domain_t (tvb, offset, pinfo, tree, drep);
1529 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1530 dissect_rs_pgo_query_key_t, NDR_POINTER_REF, "key:",
1533 dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep, hf_rs_var1,
1536 if (check_col (pinfo->cinfo, COL_INFO))
1537 col_append_fstr (pinfo->cinfo, COL_INFO, " :allow_aliases:%u",
1541 offset += 4; /* XXX */
1544 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1545 dissect_sec_rgy_cursor_t, NDR_POINTER_REF,
1546 "item_cursor:", -1);
1552 rs_pgo_dissect_get_resp (tvbuff_t * tvb, int offset,
1553 packet_info * pinfo, proto_tree * tree,
1559 di = pinfo->private_data;
1560 if (di->conformant_run)
1566 [in, out] sec_rgy_cursor_t *item_cursor,
1567 [out] rs_cache_data_t *cache_info,
1568 [out] rs_pgo_query_result_t *result
1572 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1573 dissect_sec_rgy_cursor_t, NDR_POINTER_REF,
1574 "item_cursor:", -1);
1576 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1577 dissect_rs_cache_data_t, NDR_POINTER_REF,
1580 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1581 dissect_rs_pgo_query_result_t, NDR_POINTER_REF,
1589 rs_pgo_dissect_delete_member_resp (tvbuff_t * tvb, int offset,
1590 packet_info * pinfo, proto_tree * tree,
1596 di = pinfo->private_data;
1597 if (di->conformant_run)
1603 [out] rs_cache_data_t *cache_info,
1604 [out] error_status_t *status
1609 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1610 dissect_rs_cache_data_t, NDR_POINTER_REF,
1613 dissect_ndr_pointer (tvb, offset, pinfo, tree, drep,
1614 dissect_error_status_t, NDR_POINTER_REF, "status:",
1622 static dcerpc_sub_dissector rs_pgo_dissectors[] = {
1623 {0, "add", rs_pgo_dissect_add_rqst, rs_pgo_dissect_add_resp},
1624 {1, "delete", rs_pgo_dissect_delete_rqst, rs_pgo_dissect_delete_resp},
1625 {2, "replace", rs_pgo_dissect_replace_rqst, rs_pgo_dissect_replace_resp},
1626 {3, "rename", rs_pgo_dissect_rename_rqst, rs_pgo_dissect_rename_resp},
1627 {4, "get", rs_pgo_dissect_get_rqst, rs_pgo_dissect_get_resp},
1628 {5, "key_transfer", rs_pgo_dissect_key_transfer_rqst,
1629 rs_pgo_dissect_key_transfer_resp},
1630 {6, "add_member", rs_pgo_dissect_add_member_rqst,
1631 rs_pgo_dissect_add_member_resp},
1632 {7, "delete_member", rs_pgo_dissect_delete_member_rqst,
1633 rs_pgo_dissect_delete_member_resp},
1634 {8, "is_member", rs_pgo_dissect_is_member_rqst,
1635 rs_pgo_dissect_is_member_resp},
1636 {9, "get_members", rs_pgo_dissect_get_members_rqst, NULL},
1637 {0, NULL, NULL, NULL},
1642 proto_register_rs_pgo (void)
1644 static hf_register_info hf[] = {
1646 {"Operation", "rs_pgo.opnum", FT_UINT16, BASE_DEC, NULL, 0x0,
1648 {&hf_error_status_t,
1649 {"Error status", "rs_pgo.error_status", FT_UINT32, BASE_DEC, NULL,
1651 {&hf_rs_pgo_query_key_t,
1652 {"Query key", "rs_pgo.query_key", FT_UINT32, BASE_DEC,
1653 NULL, 0x0, NULL, HFILL}},
1654 {&hf_rs_pgo_query_result_t,
1655 {"Query result", "rs_pgo.query_result", FT_UINT32,
1656 BASE_DEC, NULL, 0x0, NULL, HFILL}},
1657 {&hf_rs_pgo_query_t,
1658 {"Query", "rs_pgo.query", FT_UINT32, BASE_DEC, NULL,
1660 {&hf_rs_sec_rgy_pgo_item_t_quota,
1661 {"Quota", "rs_pgo.quota",
1662 FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL}},
1663 {&hf_rs_sec_rgy_pgo_item_t_unix_num,
1665 "rs_pgo.unix_num", FT_UINT32, BASE_DEC, NULL, 0x0, NULL,
1668 {"Timeval", "rs_pgo.timeval", FT_RELATIVE_TIME, BASE_NONE, NULL,
1671 {"Uuid1", "rs_pgo.uuid1", FT_GUID, BASE_NONE, NULL, 0x0, NULL, HFILL}},
1673 {"Var1", "rs_pgo.var1", FT_UINT32, BASE_DEC, NULL, 0x0, NULL,
1675 {&hf_sec_rgy_domain_t,
1676 {"Domain", "rs_pgo.domain", FT_UINT32, BASE_DEC,
1677 NULL, 0x0, NULL, HFILL}},
1678 {&hf_sec_rgy_name_t_principalName_string,
1679 {"Name principalName", "rs_pgo.name_principalName", FT_STRING, BASE_NONE, NULL,
1681 {&hf_sec_rgy_name_t_size,
1682 {"Name_t size", "rs_pgo.name_t_size", FT_UINT32,
1683 BASE_DEC, NULL, 0x0, NULL, HFILL}},
1684 {&hf_sec_rgy_pgo_flags_t,
1685 {"Flags", "rs_pgo.flags", FT_UINT32,
1686 BASE_HEX, NULL, 0x0, NULL, HFILL}},
1687 {&hf_sec_rgy_pname_t_size,
1688 {"Pname_t size", "rs_pgo.pname_t_size", FT_UINT32, BASE_DEC, NULL,
1690 {&hf_sec_rgy_pname_t_principalName_string,
1691 {"Pname principalName", "rs_pgo.pname_principalName", FT_STRING,
1692 BASE_NONE, NULL, 0x0, NULL, HFILL}},
1693 {&hf_rs_pgo_unix_num_key_t,
1694 {"Unix num key", "rs_pgo.unix_num_key_t", FT_UINT32,
1696 NULL, 0x0, NULL, HFILL}}
1699 static gint *ett[] = {
1700 &ett_error_status_t,
1701 &ett_rgy_acct_user_flags_t,
1703 &ett_rs_pgo_id_key_t,
1704 &ett_rs_pgo_query_key_t,
1705 &ett_rs_pgo_query_result_t,
1706 &ett_rs_pgo_query_t,
1707 &ett_rs_pgo_result_t,
1708 &ett_rs_pgo_unix_num_key_t,
1709 &ett_sec_attr_component_name_t,
1710 &ett_sec_passwd_type_t,
1711 &ett_sec_rgy_acct_admin_flags_t,
1712 &ett_sec_rgy_acct_admin_t,
1713 &ett_sec_rgy_acct_auth_flags_t,
1714 &ett_sec_rgy_acct_key_t,
1715 &ett_sec_rgy_acct_user_t,
1716 &ett_sec_rgy_cursor_t,
1717 &ett_sec_rgy_foreign_id_t,
1718 &ett_sec_rgy_login_name_t,
1719 &ett_sec_rgy_name_t,
1720 &ett_sec_rgy_domain_t,
1721 &ett_sec_rgy_pgo_flags_t,
1722 &ett_sec_rgy_pgo_item_t,
1723 &ett_sec_rgy_pname_t,
1725 &ett_sec_rgy_unix_passwd_buf_t,
1726 &ett_sec_rgy_unix_sid_t,
1727 &ett_sec_timeval_sec_t,
1728 &ett_rs_cache_data_t,
1731 proto_register_protocol ("DCE Name Service", "RS_PGO", "rs_pgo");
1732 proto_register_field_array (proto_rs_pgo, hf, array_length (hf));
1733 proto_register_subtree_array (ett, array_length (ett));
1737 proto_reg_handoff_rs_pgo (void)
1739 /* Register the protocol as dcerpc */
1740 dcerpc_init_uuid (proto_rs_pgo, ett_rs_pgo, &uuid_rs_pgo, ver_rs_pgo,
1741 rs_pgo_dissectors, hf_rs_pgo_opnum);