updated X.500 dissectors to include DOP support.
The "dop" dissector is the renamed "x501" dissector consequently the asn/x501 directory should be removed. The patch includes the changes to epan/dissectors/Makefile.common to reflect this.
As the DOP dissection is not fully tested, I have disabled it by default for now (like DSP) but it can be enabled by the user.
svn path=/trunk/; revision=16726
cmip \
cms \
dap \
+ dop \
disp \
dsp \
ess \
cmip \
cms \
dap \
+ dop \
disp \
dsp \
ess \
cd..
dap::
- cd cms
+ cd dap
+ $(MAKE) /$(MAKEFLAGS) -f Makefile.nmake copy_files
+ cd..
+dop::
+ cd dop
$(MAKE) /$(MAKEFLAGS) -f Makefile.nmake copy_files
cd..
--- /dev/null
+## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
+#
+# $Id$
+
+include ../../config.nmake
+
+UNIX2DOS=$(PERL) ../../tools/unix2dos.pl
+
+PROTOCOL_NAME=dap
+DISSECTOR_FILES=packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+$(DISSECTOR_FILES): ../../tools/asn2eth.py dap.asn packet-$(PROTOCOL_NAME)-template.c packet-$(PROTOCOL_NAME)-template.h $(PROTOCOL_NAME).cnf
+!IFDEF PYTHON
+ $(PYTHON) ../../tools/asn2eth.py -X -b -e -p $(PROTOCOL_NAME) -c $(PROTOCOL_NAME).cnf -s packet-$(PROTOCOL_NAME)-template dap.asn
+!ELSE
+ @echo Error: You need Python to use asn2eth.py
+ @exit 1
+!ENDIF
+
+clean:
+ rm -f parsetab.py $(DISSECTOR_FILES)
+
+# Fix EOL in generated dissectors. Cygwin's python generates files with
+# mixed EOL styles, which can't be commited to the SVN repository.
+# Stuff included from template and "cnf" files has "\r\n" on windows, while
+# the generated stuff has "\n".
+
+fix_eol: generate_dissector
+ move packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).c.tmp
+ move packet-$(PROTOCOL_NAME).h packet-$(PROTOCOL_NAME).h.tmp
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).c.tmp > packet-$(PROTOCOL_NAME).c
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).h.tmp > packet-$(PROTOCOL_NAME).h
+ del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp
+
+copy_files: generate_dissector fix_eol
+ xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y
+ xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y
+
#include "packet-dap.h"
#include <epan/strutil.h>
-
/* we don't have a separate dissector for X519 -
most of DAP is defined in X511 */
#define PNAME "X.519 Directory Access Protocol"
/* Register our configuration options for DAP, particularly our port */
+#ifdef PREFERENCE_GROUPING
+ dap_module = prefs_register_protocol_subtree("OSI/X.500", proto_dap, prefs_register_dap);
+#else
dap_module = prefs_register_protocol(proto_dap, prefs_register_dap);
+#endif
prefs_register_uint_preference(dap_module, "tcp.port", "DAP TCP Port",
"Set the port for DAP operations (if other"
--- /dev/null
+## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
+#
+# $Id$
+
+include ../../config.nmake
+
+UNIX2DOS=$(PERL) ../../tools/unix2dos.pl
+
+PROTOCOL_NAME=disp
+DISSECTOR_FILES=packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+$(DISSECTOR_FILES): ../../tools/asn2eth.py disp.asn packet-$(PROTOCOL_NAME)-template.c packet-$(PROTOCOL_NAME)-template.h $(PROTOCOL_NAME).cnf
+!IFDEF PYTHON
+ $(PYTHON) ../../tools/asn2eth.py -X -b -e -p $(PROTOCOL_NAME) -c $(PROTOCOL_NAME).cnf -s packet-$(PROTOCOL_NAME)-template disp.asn
+!ELSE
+ @echo Error: You need Python to use asn2eth.py
+ @exit 1
+!ENDIF
+
+clean:
+ rm -f parsetab.py $(DISSECTOR_FILES)
+
+# Fix EOL in generated dissectors. Cygwin's python generates files with
+# mixed EOL styles, which can't be commited to the SVN repository.
+# Stuff included from template and "cnf" files has "\r\n" on windows, while
+# the generated stuff has "\n".
+
+fix_eol: generate_dissector
+ move packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).c.tmp
+ move packet-$(PROTOCOL_NAME).h packet-$(PROTOCOL_NAME).h.tmp
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).c.tmp > packet-$(PROTOCOL_NAME).c
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).h.tmp > packet-$(PROTOCOL_NAME).h
+ del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp
+
+copy_files: generate_dissector fix_eol
+ xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y
+ xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y
+
--}
-- types
+
+EstablishParameter ::= NULL
+
ModificationParameter ::= SEQUENCE {
secondaryShadows SET OF SupplierAndConsumers
}
ACSE-1 acse
DirectoryAbstractService dap
DistributedOperations dsp
-DSAOperationalAttributeTypes x501
+DSAOperationalAttributeTypes dop
OperationalBindingManagement dap
-#.INCLUDE ../x501/x501-exp.cnf
#.INCLUDE ../x509if/x509if-exp.cnf
#.INCLUDE ../x509af/x509af-exp.cnf
#.INCLUDE ../dap/dap-exp.cnf
#.INCLUDE ../dsp/dsp-exp.cnf
+#.INCLUDE ../dop/dop-exp.cnf
#.INCLUDE ../acse/acse-exp.cnf
#.TYPE_RENAME
CoordinateShadowUpdateArgumentData/updateStrategy/standard standardUpdate
Information/signedInformation/information information-data
+#.REGISTER
+
+ShadowingAgreementInfo B "dop.agreement.2.5.19.1" "shadow-agreement"
+EstablishParameter B "dop.establish.rolea.2.5.19.1" "shadow-establish-rolea"
+EstablishParameter B "dop.establish.roleb.2.5.19.1" "shadow-establish-roleb"
+ModificationParameter B "dop.modify.rolea.2.5.19.1" "shadow-modify-rolea"
+ModificationParameter B "dop.modify.roleb.2.5.19.1" "shadow-modify-roleb"
+
+# these are useful to Thales DOP
+ShadowingAgreementInfo B "dop.agreement.2.5.1.0.2.1" "shadow-agreement"
+EstablishParameter B "dop.establish.rolea.2.5.1.0.2.1" "shadow-establish-rolea"
+EstablishParameter B "dop.establish.roleb.2.5.1.0.2.1" "shadow-establish-roleb"
+ModificationParameter B "dop.modify.rolea.2.5.1.0.2.1" "shadow-modify-rolea"
+ModificationParameter B "dop.modify.roleb.2.5.1.0.2.1" "shadow-modify-roleb"
+
#.FN_PARS T_standard
VAL_PTR = &update
#include "packet-x509sat.h"
#include "packet-crmf.h"
-#include "packet-x501.h"
+#include "packet-dop.h"
#include "packet-dap.h"
#include "packet-dsp.h"
#include "packet-disp.h"
/* Register our configuration options for DISP, particularly our port */
+#ifdef PREFERENCE_GROUPING
+ disp_module = prefs_register_protocol_subtree("OSI/X.500", proto_disp, prefs_register_disp);
+#else
disp_module = prefs_register_protocol(proto_disp, prefs_register_disp);
+#endif
prefs_register_uint_preference(disp_module, "tcp.port", "DISP TCP Port",
"Set the port for DISP operations (if other"
void proto_reg_handoff_disp(void) {
dissector_handle_t handle = NULL;
- /* #include "packet-disp-dis-tab.c" */
+ #include "packet-disp-dis-tab.c"
/* APPLICATION CONTEXT */
register_rtse_oid_dissector_handle("2.5.9.6", handle, 0, "id-as-directory-reliable-binding", FALSE);
}
+ /* OPERATIONAL BINDING */
+ register_ber_oid_name("2.5.1.0.5.1", "id-op-binding-shadow");
+
tpkt_handle = find_dissector("tpkt");
}
--- /dev/null
+# $Id$
+
+DISSECTOR_FILES=packet-dop.c packet-dop.h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+ASN_EXPORTS=
+
+$(DISSECTOR_FILES): ../../tools/asn2eth.py dop.asn packet-dop-template.c packet-dop-template.h dop.cnf $(ASN_EXPORTS)
+ python ../../tools/asn2eth.py -X -b -e -p dop -c dop.cnf -s packet-dop-template dop.asn
+
+clean:
+ rm -f parsetab.py $(DISSECTOR_FILES) *~
+
+copy_files: generate_dissector
+ cp $(DISSECTOR_FILES) ../../epan/dissectors
+
--- /dev/null
+## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
+#
+# $Id$
+
+include ../../config.nmake
+
+UNIX2DOS=$(PERL) ../../tools/unix2dos.pl
+
+PROTOCOL_NAME=dop
+DISSECTOR_FILES=packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+$(DISSECTOR_FILES): ../../tools/asn2eth.py dop.asn packet-$(PROTOCOL_NAME)-template.c packet-$(PROTOCOL_NAME)-template.h $(PROTOCOL_NAME).cnf
+!IFDEF PYTHON
+ $(PYTHON) ../../tools/asn2eth.py -X -b -e -p $(PROTOCOL_NAME) -c $(PROTOCOL_NAME).cnf -s packet-$(PROTOCOL_NAME)-template dop.asn
+!ELSE
+ @echo Error: You need Python to use asn2eth.py
+ @exit 1
+!ENDIF
+
+clean:
+ rm -f parsetab.py $(DISSECTOR_FILES)
+
+# Fix EOL in generated dissectors. Cygwin's python generates files with
+# mixed EOL styles, which can't be commited to the SVN repository.
+# Stuff included from template and "cnf" files has "\r\n" on windows, while
+# the generated stuff has "\n".
+
+fix_eol: generate_dissector
+ move packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).c.tmp
+ move packet-$(PROTOCOL_NAME).h packet-$(PROTOCOL_NAME).h.tmp
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).c.tmp > packet-$(PROTOCOL_NAME).c
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).h.tmp > packet-$(PROTOCOL_NAME).h
+ del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp
+
+copy_files: generate_dissector fix_eol
+ xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y
+ xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y
+
--- /dev/null
+-- Module DSAOperationalAttributeTypes (X.501:02/2001)
+DSAOperationalAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ dsaOperationalAttributeTypes(22) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ distributedOperations, id-doa, id-kmr, informationFramework,
+ opBindingManagement, selectedAttributeTypes, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ ATTRIBUTE, MATCHING-RULE, Name, Attribute, DistinguishedName,
+ RelativeDistinguishedName
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+-- OperationalBindingID
+-- FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+-- opBindingManagement(18) 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ AccessPoint, MasterAndShadowAccessPoints
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ bitStringMatch
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ PresentationAddress, ProtocolInformation
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ DirectoryBindArgument, DirectoryBindError, SecurityParameters
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 5}
+ -- from ITU-T Rec. X.509 | ISO/IEC 9594-8
+ AlgorithmIdentifier
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 4};
+
+
+
+
+
+-- data types
+DSEType ::= BIT STRING {
+ root(0), -- root DSE
+ glue(1), -- represents knowledge of a name only
+ cp(2), -- context prefix
+ entry(3), -- object entry
+ alias(4), -- alias entry
+ subr(5), -- subordinate reference
+ nssr(6), -- non-specific subordinate reference
+ supr(7), -- superior reference
+ xr(8), -- cross reference
+ admPoint(9), -- administrative point
+ subentry(10), -- subentry
+ shadow(11), -- shadow copy
+ immSupr(13), -- immediate superior reference
+ rhob(14), -- rhob information
+ sa(15), -- subordinate reference to alias entry
+ dsSubentry(16), -- DSA Specific subentry
+ familyMember(17)} -- family member
+
+SupplierOrConsumer ::= SET {
+-- COMPONENTS OF AccessPoint, - - supplier or consumer
+ ae-title [0] Name,
+ address [1] PresentationAddress,
+ protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL,
+ agreementID [3] OperationalBindingID
+}
+
+SupplierInformation ::= SET {
+-- COMPONENTS OF SupplierOrConsumer, - - supplier
+ ae-title [0] Name,
+ address [1] PresentationAddress,
+ protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL,
+ agreementID [3] OperationalBindingID,
+ supplier-is-master [4] BOOLEAN DEFAULT TRUE,
+ non-supplying-master [5] AccessPoint OPTIONAL
+}
+
+ConsumerInformation ::= SupplierOrConsumer -- consumer
+
+SupplierAndConsumers ::= SET {
+-- COMPONENTS OF AccessPoint, - - supplier
+ ae-title [0] Name,
+ address [1] PresentationAddress,
+ protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL,
+ consumers [3] SET OF AccessPoint
+}
+
+-- attribute types
+--dseType ATTRIBUTE ::= {
+-- WITH SYNTAX DSEType
+-- EQUALITY MATCHING RULE bitStringMatch
+-- SINGLE VALUE TRUE
+-- NO USER MODIFICATION TRUE
+-- USAGE dSAOperation
+-- ID id-doa-dseType
+--}
+
+--myAccessPoint ATTRIBUTE ::= {
+-- WITH SYNTAX AccessPoint
+-- EQUALITY MATCHING RULE accessPointMatch
+-- SINGLE VALUE TRUE
+-- NO USER MODIFICATION TRUE
+-- USAGE dSAOperation
+-- ID id-doa-myAccessPoint
+--}
+
+--superiorKnowledge ATTRIBUTE ::= {
+-- WITH SYNTAX AccessPoint
+-- EQUALITY MATCHING RULE accessPointMatch
+-- NO USER MODIFICATION TRUE
+-- USAGE dSAOperation
+-- ID id-doa-superiorKnowledge
+--}
+
+--specificKnowledge ATTRIBUTE ::= {
+-- WITH SYNTAX MasterAndShadowAccessPoints
+-- EQUALITY MATCHING RULE masterAndShadowAccessPointsMatch
+-- SINGLE VALUE TRUE
+-- NO USER MODIFICATION TRUE
+-- USAGE distributedOperation
+-- ID id-doa-specificKnowledge
+--}
+
+--nonSpecificKnowledge ATTRIBUTE ::= {
+-- WITH SYNTAX MasterAndShadowAccessPoints
+-- EQUALITY MATCHING RULE masterAndShadowAccessPointsMatch
+-- NO USER MODIFICATION TRUE
+-- USAGE distributedOperation
+-- ID id-doa-nonSpecificKnowledge
+--}
+
+--supplierKnowledge ATTRIBUTE ::= {
+-- WITH SYNTAX SupplierInformation
+-- EQUALITY MATCHING RULE supplierOrConsumerInformationMatch
+-- NO USER MODIFICATION TRUE
+-- USAGE dSAOperation
+-- ID id-doa-supplierKnowledge
+--}
+
+--consumerKnowledge ATTRIBUTE ::= {
+-- WITH SYNTAX ConsumerInformation
+-- EQUALITY MATCHING RULE supplierOrConsumerInformationMatch
+-- NO USER MODIFICATION TRUE
+-- USAGE dSAOperation
+-- ID id-doa-consumerKnowledge
+--}
+
+--secondaryShadows ATTRIBUTE ::= {
+-- WITH SYNTAX SupplierAndConsumers
+-- EQUALITY MATCHING RULE supplierAndConsumersMatch
+-- NO USER MODIFICATION TRUE
+-- USAGE dSAOperation
+-- ID id-doa-secondaryShadows
+--}
+
+-- matching rules
+--accessPointMatch MATCHING-RULE ::= {
+-- SYNTAX Name
+-- ID id-kmr-accessPointMatch
+--}
+
+--masterAndShadowAccessPointsMatch MATCHING-RULE ::= {
+-- SYNTAX SET OF Name
+-- ID id-kmr-masterShadowMatch
+--}
+
+--supplierOrConsumerInformationMatch MATCHING-RULE ::= {
+-- SYNTAX
+-- SET {ae-title [0] Name,
+-- agreement-identifier [2] INTEGER}
+-- ID id-kmr-supplierConsumerMatch
+--}
+
+--supplierAndConsumersMatch MATCHING-RULE ::= {
+-- SYNTAX Name
+-- ID id-kmr-supplierConsumersMatch
+--}
+
+-- object identifier assignments
+-- dsa operational attributes
+--id-doa-dseType OBJECT IDENTIFIER ::=
+-- {id-doa 0}
+
+--id-doa-myAccessPoint OBJECT IDENTIFIER ::= {id-doa 1}
+
+--id-doa-superiorKnowledge OBJECT IDENTIFIER ::= {id-doa 2}
+
+--id-doa-specificKnowledge OBJECT IDENTIFIER ::= {id-doa 3}
+
+--id-doa-nonSpecificKnowledge OBJECT IDENTIFIER ::= {id-doa 4}
+
+--id-doa-supplierKnowledge OBJECT IDENTIFIER ::= {id-doa 5}
+
+--id-doa-consumerKnowledge OBJECT IDENTIFIER ::= {id-doa 6}
+
+--id-doa-secondaryShadows OBJECT IDENTIFIER ::= {id-doa 7}
+
+-- knowledge matching rules
+--id-kmr-accessPointMatch OBJECT IDENTIFIER ::=
+-- {id-kmr 0}
+
+--id-kmr-masterShadowMatch OBJECT IDENTIFIER ::= {id-kmr 1}
+
+--id-kmr-supplierConsumerMatch OBJECT IDENTIFIER ::= {id-kmr 2}
+
+--id-kmr-supplierConsumersMatch OBJECT IDENTIFIER ::= {id-kmr 3}
+
+--END DSAOperationalAttributeTypes
+
+-- we include this here to reduce the number of dissectors
+-- Module OperationalBindingManagement (X.501:08/2005)
+--OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+-- opBindingManagement(18) 5} DEFINITIONS ::=
+--BEGIN
+
+-- EXPORTS All
+--ÿThe types and values defined in this module are exported for use in the other ASN.1 modules contained
+--ÿwithin the Directory Specifications, and for the use of other applications which will use them to access
+--ÿDirectory services. Other applications may use them for their own purposes, but this will not constrain
+--ÿextensions and modifications needed to maintain or improve the Directory service.
+--IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+-- directoryAbstractService, directoryShadowAbstractService,
+-- distributedOperations, directoryOSIProtocols, enhancedSecurity,
+-- hierarchicalOperationalBindings, commonProtocolSpecification
+-- FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+-- usefulDefinitions(0) 5}
+-- OPTIONALLY-PROTECTED-SEQ
+-- FROM EnhancedSecurity {joint-iso-itu-t ds(5) modules(1)
+-- enhancedSecurity(28) 5}
+-- hierarchicalOperationalBinding, nonSpecificHierarchicalOperationalBinding
+-- FROM HierarchicalOperationalBindings hierarchicalOperationalBindings
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+-- CommonResultsSeq, directoryBind, directoryUnbind, securityError,
+-- SecurityParameters
+-- FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+-- directoryAbstractService(2) 5}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+-- AccessPoint
+-- FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+-- distributedOperations(3) 5}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+-- id-err-operationalBindingError, id-op-establishOperationalBinding,
+-- id-op-modifyOperationalBinding, id-op-terminateOperationalBinding,
+-- OPERATION, ERROR
+-- FROM CommonProtocolSpecification commonProtocolSpecification
+-- APPLICATION-CONTEXT
+-- FROM DirectoryOSIProtocols directoryOSIProtocols
+ -- from ITU-T Rec. X.525 | ISO/IEC 9594-9
+-- shadowOperationalBinding
+-- FROM DirectoryShadowAbstractService directoryShadowAbstractService;
+
+-- bind and unbind
+dSAOperationalBindingManagementBind OPERATION ::=
+ directoryBind
+
+DSAOperationalManagementBindArgument ::= DirectoryBindArgument
+DSAOperationalManagementBindResult ::= DirectoryBindArgument
+DSAOperationalManagementBindError ::= DirectoryBindError
+
+dSAOperationalBindingManagementUnbind OPERATION ::= directoryUnbind
+
+-- operations, arguments and results
+--establishOperationalBinding OPERATION ::= {
+-- ARGUMENT EstablishOperationalBindingArgument
+-- RESULT EstablishOperationalBindingResult
+-- ERRORS {operationalBindingError | securityError}
+-- CODE id-op-establishOperationalBinding
+--}
+
+EstablishOperationalBindingArgumentData ::=
+-- OPTIONALLY-PROTECTED-SEQ
+-- {-- SEQUENCE {bindingType [0] --OPERATIONAL-BINDING.&id({OpBindingSet}) -- OBJECT IDENTIFIER,
+-- The following line, whilst wrong, helps with Thales DOP dissection
+-- bindingID [1] IMPLICIT OperationalBindingID OPTIONAL,
+ bindingID [1] OperationalBindingID OPTIONAL,
+ accessPoint [2] AccessPoint,
+ -- symmetric, Role A initiates, or Role B initiates
+ initiator
+ CHOICE {symmetric
+ [3] -- OPERATIONAL-BINDING.&both.&EstablishParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleA-initiates
+ [4] -- OPERATIONAL-BINDING.&roleA.&EstablishParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleB-initiates
+ [5] -- OPERATIONAL-BINDING.&roleB.&EstablishParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY } OPTIONAL,
+ agreement
+ [6] -- OPERATIONAL-BINDING.&Agreement
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ valid [7] Validity DEFAULT {},
+ securityParameters [8] SecurityParameters OPTIONAL} --}
+
+-- expand OPTIONALLY-PROTECTED macro
+EstablishOperationalBindingArgument ::= CHOICE {
+ unsignedEstablishOperationalBindingArgument EstablishOperationalBindingArgumentData,
+ signedEstablishOperationalBindingArgument SEQUENCE {
+ establishOperationalBindingArgument EstablishOperationalBindingArgumentData,
+ algorithmIdentifier AlgorithmIdentifier,
+ encrypted BIT STRING
+ }
+}
+
+OperationalBindingID ::= SEQUENCE {identifier INTEGER,
+ version INTEGER
+}
+
+Validity ::= SEQUENCE {
+ validFrom [0] CHOICE {now [0] NULL,
+ time [1] Time} -- DEFAULT now:NULL --,
+ validUntil
+ [1] CHOICE {explicitTermination [0] NULL,
+ time [1] Time
+ } -- DEFAULT explicitTermination:NULL
+}
+
+Time ::= CHOICE {utcTime UTCTime,
+ generalizedTime GeneralizedTime
+}
+
+EstablishOperationalBindingResult ::=
+-- OPTIONALLY-PROTECTED-SEQ
+-- {-- SEQUENCE {bindingType [0] --OPERATIONAL-BINDING.&id({OpBindingSet}) -- OBJECT IDENTIFIER,
+-- The following line, whilst wrong, helps with Thales DOP dissection
+-- bindingID [1] IMPLICIT OperationalBindingID OPTIONAL,
+ bindingID [1] OperationalBindingID OPTIONAL,
+ accessPoint [2] AccessPoint,
+ -- symmetric, Role A replies , or Role B replies
+ initiator
+ CHOICE {symmetric
+ [3] -- OPERATIONAL-BINDING.&both.&EstablishParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleA-replies
+ [4] -- OPERATIONAL-BINDING.&roleA.&EstablishParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleB-replies
+ [5] -- OPERATIONAL-BINDING.&roleB.&EstablishParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY } OPTIONAL,
+-- COMPONENTS OF CommonResultsSeq}}
+ securityParameters [30] SecurityParameters OPTIONAL,
+ performer [29] DistinguishedName OPTIONAL,
+ aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
+ notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL}
+
+
+--modifyOperationalBinding OPERATION ::= {
+-- ARGUMENT ModifyOperationalBindingArgument
+-- RESULT ModifyOperationalBindingResult
+-- ERRORS {operationalBindingError | securityError}
+-- CODE id-op-modifyOperationalBinding
+--}
+
+ModifyOperationalBindingArgumentData ::=
+-- OPTIONALLY-PROTECTED-SEQ
+-- {--SEQUENCE {bindingType [0] --OPERATIONAL-BINDING.&id({OpBindingSet})-- OBJECT IDENTIFIER,
+-- The following line, whilst wrong, helps with Thales DOP dissection
+-- bindingID [1] IMPLICIT OperationalBindingID,
+ bindingID [1] OperationalBindingID,
+ accessPoint [2] AccessPoint OPTIONAL,
+ -- symmetric, Role A initiates, or Role B initiates
+ initiator
+ CHOICE {symmetric
+ [3] -- OPERATIONAL-BINDING.&both.&ModifyParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleA-initiates
+ [4] -- OPERATIONAL-BINDING.&roleA.&ModifyParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleB-initiates
+ [5] -- OPERATIONAL-BINDING.&roleB.&ModifyParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY } OPTIONAL,
+ newBindingID [6] OperationalBindingID,
+ newAgreement
+ [7] -- OPERATIONAL-BINDING.&Agreement
+ -- ({OpBindingSet}{@bindingType}) -- ANY OPTIONAL,
+ valid [8] Validity OPTIONAL,
+ securityParameters [9] SecurityParameters OPTIONAL} -- }
+
+
+ModifyOperationalBindingArgument ::= CHOICE {
+ unsignedModifyOperationalBindingArgument ModifyOperationalBindingArgumentData,
+ signedModifyOperationalBindingArgument SEQUENCE {
+ modifyOperationalBindingArgument ModifyOperationalBindingArgumentData,
+ algorithmIdentifier AlgorithmIdentifier,
+ encrypted BIT STRING
+ }
+}
+
+ModifyOperationalBindingResult ::= CHOICE {
+ null [0] NULL,
+ protected [1] SEQUENCE {
+ modifyOperationalBindingResultData ModifyOperationalBindingResultData,
+ algorithmIdentifier AlgorithmIdentifier,
+ encrypted BIT STRING
+ }
+}
+
+ModifyOperationalBindingResultData ::= SEQUENCE {
+ newBindingID OperationalBindingID,
+ bindingType
+ -- OPERATIONAL-BINDING.&id
+ -- ({OpBindingSet}) -- OBJECT IDENTIFIER,
+ newAgreement
+ -- OPERATIONAL-BINDING.&Agreement
+ -- ({OpBindingSet}{@.bindingType}) -- ANY,
+ valid Validity OPTIONAL,
+ --COMPONENTS OF CommonResultsSeq
+ securityParameters [30] SecurityParameters OPTIONAL,
+ performer [29] DistinguishedName OPTIONAL,
+ aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
+ notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
+ -- }}
+}
+
+--terminateOperationalBinding OPERATION ::= {
+-- ARGUMENT TerminateOperationalBindingArgument
+-- RESULT TerminateOperationalBindingResult
+-- ERRORS {operationalBindingError | securityError}
+-- CODE id-op-terminateOperationalBinding
+--}
+
+TerminateOperationalBindingArgumentData ::=
+-- OPTIONALLY-PROTECTED-SEQ
+-- {-- SEQUENCE {bindingType [0] --OPERATIONAL-BINDING.&id({OpBindingSet})-- OBJECT IDENTIFIER,
+-- The following line, whilst wrong, helps with Thales DOP dissection
+-- bindingID [1] IMPLICIT OperationalBindingID,
+ bindingID [1] OperationalBindingID,
+ -- symmetric, Role A initiates, or Role B initiates
+ initiator
+ CHOICE {symmetric
+ [2] -- OPERATIONAL-BINDING.&both.&TerminateParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleA-initiates
+ [3] -- OPERATIONAL-BINDING.&roleA.&TerminateParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY,
+ roleB-initiates
+ [4] -- OPERATIONAL-BINDING.&roleB.&TerminateParam
+ -- ({OpBindingSet}{@bindingType}) -- ANY } OPTIONAL,
+ terminateAt [5] Time OPTIONAL,
+ securityParameters [6] SecurityParameters OPTIONAL} --}
+
+
+TerminateOperationalBindingArgument ::= CHOICE {
+ unsignedTerminateOperationalBindingArgument TerminateOperationalBindingArgumentData,
+ signedTerminateOperationalBindingArgument SEQUENCE {
+ terminateOperationalBindingArgument TerminateOperationalBindingArgumentData,
+ algorithmIdentifier AlgorithmIdentifier,
+ encrypted BIT STRING
+ }
+}
+
+TerminateOperationalBindingResult ::= CHOICE {
+ null [0] NULL,
+ protected [1] SEQUENCE {
+ terminateOperationalBindingResultData TerminateOperationalBindingResultData,
+ algorithmIdentifier AlgorithmIdentifier,
+ encrypted BIT STRING
+ }
+}
+
+TerminateOperationalBindingResultData ::= SEQUENCE {
+ bindingID OperationalBindingID,
+ bindingType
+ -- OPERATIONAL-BINDING.&id
+ -- ({OpBindingSet}) -- OBJECT IDENTIFIER,
+ terminateAt GeneralizedTime OPTIONAL,
+ --COMPONENTS OF CommonResultsSeq
+ securityParameters [30] SecurityParameters OPTIONAL,
+ performer [29] DistinguishedName OPTIONAL,
+ aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
+ notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
+-- }}
+}
+
+-- errors and parameters
+--operationalBindingError ERROR ::= {
+-- PARAMETER OPTIONALLY-PROTECTED-SEQ {OpBindingErrorParam}
+-- CODE id-err-operationalBindingError
+--}
+
+OpBindingErrorParam ::= SEQUENCE {
+ problem
+ [0] ENUMERATED {invalidID(0), duplicateID(1), unsupportedBindingType(2),
+ notAllowedForRole(3), parametersMissing(4),
+ roleAssignment(5), invalidStartTime(6), invalidEndTime(7),
+ invalidAgreement(8), currentlyNotDecidable(9),
+ modificationNotAllowed(10)},
+ bindingType [1] --OPERATIONAL-BINDING.&id({OpBindingSet})-- OBJECT IDENTIFIER OPTIONAL,
+ agreementProposal
+ [2] -- OPERATIONAL-BINDING.&Agreement({OpBindingSet}{@bindingType})-- ANY OPTIONAL,
+ retryAt [3] Time OPTIONAL,
+-- COMPONENTS OF CommonResultsSeq
+ securityParameters [30] SecurityParameters OPTIONAL,
+ performer [29] DistinguishedName OPTIONAL,
+ aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
+ notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
+
+}
+
+-- information object classes
+--OPERATIONAL-BINDING ::= CLASS {
+-- &Agreement ,
+-- &Cooperation OP-BINDING-COOP,
+-- &both OP-BIND-ROLE OPTIONAL,
+-- &roleA OP-BIND-ROLE OPTIONAL,
+-- &roleB OP-BIND-ROLE OPTIONAL,
+-- &id OBJECT IDENTIFIER UNIQUE
+--}
+--WITH SYNTAX {
+-- AGREEMENT &Agreement
+-- APPLICATION CONTEXTS &Cooperation
+-- [SYMMETRIC &both]
+-- [ASYMMETRIC
+-- [ROLE-A &roleA]
+-- [ROLE-B &roleB]]
+-- ID &id
+--}
+
+--OP-BINDING-COOP ::= CLASS {
+-- &applContext APPLICATION-CONTEXT,
+-- &Operations OPERATION OPTIONAL
+--}WITH SYNTAX {&applContext
+-- [APPLIES TO &Operations]
+--}
+
+--OP-BIND-ROLE ::= CLASS {
+-- &establish BOOLEAN DEFAULT FALSE,
+-- &EstablishParam OPTIONAL,
+-- &modify BOOLEAN DEFAULT FALSE,
+-- &ModifyParam OPTIONAL,
+-- &terminate BOOLEAN DEFAULT FALSE,
+-- &TerminateParam OPTIONAL
+--}
+--WITH SYNTAX {
+-- [ESTABLISHMENT-INITIATOR &establish]
+-- [ESTABLISHMENT-PARAMETER &EstablishParam]
+-- [MODIFICATION-INITIATOR &modify]
+-- [MODIFICATION-PARAMETER &ModifyParam]
+-- [TERMINATION-INITIATOR &terminate]
+-- [TERMINATION-PARAMETER &TerminateParam]
+--}
+
+--OpBindingSet OPERATIONAL-BINDING ::=
+-- {shadowOperationalBinding | hierarchicalOperationalBinding |
+-- nonSpecificHierarchicalOperationalBinding}
+
+--END - - OperationalBindingManagement
+
+-- Module HierarchicalOperationalBindings (X.518:08/2005)
+--HierarchicalOperationalBindings {joint-iso-itu-t ds(5) module(1)
+-- hierarchicalOperationalBindings(20) 5} DEFINITIONS ::=
+--BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+--IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+-- directoryOperationalBindingTypes, directoryOSIProtocols,
+-- distributedOperations, informationFramework, opBindingManagement
+-- FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+-- usefulDefinitions(0) 5}
+-- Attribute, DistinguishedName, RelativeDistinguishedName
+-- FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+-- informationFramework(1) 5}
+-- OPERATIONAL-BINDING
+-- FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+-- opBindingManagement(18) 5}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+-- MasterAndShadowAccessPoints
+-- FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+-- distributedOperations(3) 5}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+-- directorySystemAC
+-- FROM DirectoryOSIProtocols {joint-iso-itu-t ds(5) module(1)
+-- directoryOSIProtocols(37) 5}
+-- id-op-binding-hierarchical, id-op-binding-non-specific-hierarchical
+-- FROM DirectoryOperationalBindingTypes {joint-iso-itu-t ds(5) module(1)
+-- directoryOperationalBindingTypes(25) 5};
+
+-- types
+HierarchicalAgreement ::= SEQUENCE {
+ rdn [0] RelativeDistinguishedName,
+ immediateSuperior [1] DistinguishedName
+}
+
+SuperiorToSubordinate ::= SEQUENCE {
+ contextPrefixInfo [0] DITcontext,
+ entryInfo [1] SET --SIZE (1..MAX)-- OF Attribute OPTIONAL,
+ immediateSuperiorInfo [2] SET --SIZE (1..MAX)-- OF Attribute OPTIONAL
+}
+
+DITcontext ::= SEQUENCE OF Vertex
+
+Vertex ::= SEQUENCE {
+ rdn [0] RelativeDistinguishedName,
+ admPointInfo [1] SET --SIZE (1..MAX)-- OF Attribute OPTIONAL,
+ subentries [2] SET --SIZE (1..MAX)-- OF SubentryInfo OPTIONAL,
+ accessPoints [3] MasterAndShadowAccessPoints OPTIONAL
+}
+
+SubentryInfo ::= SEQUENCE {
+ rdn [0] RelativeDistinguishedName,
+ info [1] SET OF Attribute
+}
+
+SubordinateToSuperior ::= SEQUENCE {
+ accessPoints [0] MasterAndShadowAccessPoints OPTIONAL,
+ alias [1] BOOLEAN DEFAULT FALSE,
+ entryInfo [2] SET --SIZE (1..MAX)-- OF Attribute OPTIONAL,
+ subentries [3] SET --SIZE (1..MAX)-- OF SubentryInfo OPTIONAL
+}
+
+SuperiorToSubordinateModification ::=
+-- SuperiorToSubordinate(WITH COMPONENTS {
+-- ...,
+-- entryInfo ABSENT
+-- })
+ SEQUENCE {
+ contextPrefixInfo [0] DITcontext,
+ immediateSuperiorInfo [2] SET --SIZE (1..MAX)-- OF Attribute OPTIONAL
+}
+
+NonSpecificHierarchicalAgreement ::= SEQUENCE {
+ immediateSuperior [1] DistinguishedName
+}
+
+NHOBSuperiorToSubordinate ::=
+-- SuperiorToSubordinate(WITH COMPONENTS {
+-- ...,
+-- entryInfo ABSENT
+-- })
+ SEQUENCE {
+ contextPrefixInfo [0] DITcontext,
+ immediateSuperiorInfo [2] SET --SIZE (1..MAX)-- OF Attribute OPTIONAL
+}
+
+NHOBSubordinateToSuperior ::= SEQUENCE {
+ accessPoints [0] MasterAndShadowAccessPoints OPTIONAL,
+ subentries [3] SET --SIZE (1..MAX)-- OF SubentryInfo OPTIONAL
+}
+
+-- operational binding information objects
+--hierarchicalOperationalBinding OPERATIONAL-BINDING ::= {
+-- AGREEMENT HierarchicalAgreement
+-- APPLICATION CONTEXTS {{directorySystemAC}}
+-- ASYMMETRIC ROLE-A - - superior DSA - -
+-- {ESTABLISHMENT-INITIATOR TRUE
+-- ESTABLISHMENT-PARAMETER SuperiorToSubordinate
+-- MODIFICATION-INITIATOR TRUE
+-- MODIFICATION-PARAMETER SuperiorToSubordinateModification
+-- TERMINATION-INITIATOR TRUE}
+-- ROLE-B - - subordinate DSA - -
+-- {ESTABLISHMENT-INITIATOR TRUE
+-- ESTABLISHMENT-PARAMETER SubordinateToSuperior
+-- MODIFICATION-INITIATOR TRUE
+-- MODIFICATION-PARAMETER SubordinateToSuperior
+-- TERMINATION-INITIATOR TRUE}
+-- ID id-op-binding-hierarchical
+--}
+
+--nonSpecificHierarchicalOperationalBinding OPERATIONAL-BINDING ::= {
+-- AGREEMENT NonSpecificHierarchicalAgreement
+-- APPLICATION CONTEXTS {{directorySystemAC}}
+-- ASYMMETRIC ROLE-A - - superior DSA - -
+-- {ESTABLISHMENT-PARAMETER NHOBSuperiorToSubordinate
+-- MODIFICATION-INITIATOR TRUE
+-- MODIFICATION-PARAMETER NHOBSuperiorToSubordinate
+-- TERMINATION-INITIATOR TRUE}
+-- ROLE-B - - subordinate DSA - -
+-- {ESTABLISHMENT-INITIATOR TRUE
+-- ESTABLISHMENT-PARAMETER NHOBSubordinateToSuperior
+-- MODIFICATION-INITIATOR TRUE
+-- MODIFICATION-PARAMETER NHOBSubordinateToSuperior
+-- TERMINATION-INITIATOR TRUE}
+-- ID id-op-binding-non-specific-hierarchical
+--}
+
+END -- HierarchicalOperationalBindings
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
--- /dev/null
+#.MODULE_IMPORT
+SelectedAttributeTypes x509sat
+DistributedOperations dsp
+DirectoryAbstractService dap
+InformationFramework x509if
+AuthenticationFramework x509af
+
+#.INCLUDE ../x509sat/x509sat-exp.cnf
+#.INCLUDE ../x509if/x509if-exp.cnf
+#.INCLUDE ../x509af/x509af-exp.cnf
+#.INCLUDE ../dsp/dsp-exp.cnf
+#.INCLUDE ../dap/dap-exp.cnf
+
+#.EXPORTS
+DSEType
+SupplierAndConsumers
+
+#.TYPE_RENAME
+EstablishOperationalBindingArgumentData/initiator EstablishArgumentInitiator
+ModifyOperationalBindingArgumentData/initiator ModifyArgumentInitiator
+TerminateOperationalBindingArgumentData/initiator TerminateArgumentInitiator
+
+ModifyOperationalBindingArgumentData/newAgreement ArgumentNewAgreement
+ModifyOperationalBindingResultData/newAgreement ResultNewAgreement
+
+ModifyOperationalBindingResult/protected ProtectedModifyResult
+TerminateOperationalBindingResult/protected ProtectedTerminateResult
+
+EstablishOperationalBindingArgumentData/initiator/roleA-initiates EstablishRoleAInitiates
+ModifyOperationalBindingArgumentData/initiator/roleA-initiates ModifyRoleAInitiates
+TerminateOperationalBindingArgumentData/initiator/roleA-initiates TerminateRoleAInitiates
+
+EstablishOperationalBindingArgumentData/initiator/roleB-initiates EstablishRoleBInitiates
+ModifyOperationalBindingArgumentData/initiator/roleB-initiates ModifyRoleBInitiates
+TerminateOperationalBindingArgumentData/initiator/roleB-initiates TerminateRoleBInitiates
+
+EstablishOperationalBindingArgumentData/initiator/symmetric EstablishSymmetric
+ModifyOperationalBindingArgumentData/initiator/symmetric ModifySymmetric
+TerminateOperationalBindingArgumentData/initiator/symmetric TerminateSymmetric
+
+
+#.FIELD_RENAME
+EstablishOperationalBindingArgumentData/initiator establishInitiator
+ModifyOperationalBindingArgumentData/initiator modifyInitiator
+TerminateOperationalBindingArgumentData/initiator terminateInitiator
+
+ModifyOperationalBindingArgumentData/newAgreement argumentNewAgreement
+ModifyOperationalBindingResultData/newAgreement resultNewAgreement
+
+ModifyOperationalBindingResult/protected protectedModifyResult
+TerminateOperationalBindingResult/protected protectedTerminateResult
+
+EstablishOperationalBindingArgumentData/initiator/roleA-initiates establishRoleAInitiates
+ModifyOperationalBindingArgumentData/initiator/roleA-initiates modifyRoleAInitiates
+TerminateOperationalBindingArgumentData/initiator/roleA-initiates terminateRoleAInitiates
+
+EstablishOperationalBindingArgumentData/initiator/roleB-initiates establishRoleBInitiates
+ModifyOperationalBindingArgumentData/initiator/roleB-initiates modifyRoleBInitiates
+TerminateOperationalBindingArgumentData/initiator/roleB-initiates terminateRoleBInitiates
+
+EstablishOperationalBindingArgumentData/initiator/symmetric establishSymmetric
+ModifyOperationalBindingArgumentData/initiator/symmetric modifySymmetric
+TerminateOperationalBindingArgumentData/initiator/symmetric terminateSymmetric
+
+TerminateOperationalBindingArgumentData/terminateAt terminateAtTime
+TerminateOperationalBindingResultData/terminateAt terminateAtGeneralizedTime
+
+
+#.REGISTER
+DSEType B "2.5.12.0" "id-doa-dseType"
+SupplierInformation B "2.5.12.5" "id-doa-supplierKnowledge"
+ConsumerInformation B "2.5.12.6" "id-doa-consumerKnowledge"
+SupplierAndConsumers B "2.5.12.7" "id-doa-secondaryShadows"
+
+HierarchicalAgreement B "dop.agreement.2.5.19.2" "hierarchical-agreement"
+SuperiorToSubordinate B "dop.establish.rolea.2.5.19.2" "hierarchical-establish-rolea"
+SuperiorToSubordinateModification B "dop.modify.rolea.2.5.19.2" "hierarchical-modify-rolea"
+SubordinateToSuperior B "dop.establish.roleb.2.5.19.2" "hierarchical-establish-roleb"
+SubordinateToSuperior B "dop.modify.roleb.2.5.19.2" "hierarchical-modify-roleb"
+
+NonSpecificHierarchicalAgreement B "dop.agreement.2.5.19.3" "non-specific-hierarchical-agreement"
+NHOBSuperiorToSubordinate B "dop.establish.rolea.2.5.19.3" "non-specific-hierarchical-establish-rolea"
+NHOBSuperiorToSubordinate B "dop.modify.rolea.2.5.19.3" "non-specific-hierarchical-modify-rolea"
+NHOBSubordinateToSuperior B "dop.establish.roleb.2.5.19.3" "non-specific-hierarchical-establish-roleb"
+NHOBSubordinateToSuperior B "dop.modify.roleb.2.5.19.3" "non-specific-hierarchical-modify-roleb"
+
+#.FN_PARS OBJECT_IDENTIFIER
+ FN_VARIANT = _str VAL_PTR = &binding_type
+
+#.FN_BODY EstablishSymmetric
+
+ offset = call_dop_oid_callback("dop.establish.symmetric", tvb, offset, pinfo, tree);
+
+#.FN_BODY EstablishRoleAInitiates
+
+ offset = call_dop_oid_callback("dop.establish.rolea", tvb, offset, pinfo, tree);
+
+#.FN_BODY EstablishRoleBInitiates
+
+ offset = call_dop_oid_callback("dop.establish.roleb", tvb, offset, pinfo, tree);
+
+#.FN_BODY ModifySymmetric
+
+ offset = call_dop_oid_callback("dop.modify.symmetric", tvb, offset, pinfo, tree);
+
+#.FN_BODY ModifyRoleAInitiates
+
+ offset = call_dop_oid_callback("dop.modify.rolea", tvb, offset, pinfo, tree);
+
+#.FN_BODY ModifyRoleBInitiates
+
+ offset = call_dop_oid_callback("dop.modify.roleb", tvb, offset, pinfo, tree);
+
+#.FN_BODY TerminateSymmetric
+
+ offset = call_dop_oid_callback("dop.terminate.symmetric", tvb, offset, pinfo, tree);
+
+#.FN_BODY TerminateRoleAInitiates
+
+ offset = call_dop_oid_callback("dop.terminate.rolea", tvb, offset, pinfo, tree);
+
+#.FN_BODY TerminateRoleBInitiates
+
+ offset = call_dop_oid_callback("dop.terminate.roleb", tvb, offset, pinfo, tree);
+
+#.FN_BODY T_agreement
+
+ offset = call_dop_oid_callback("dop.agreement", tvb, offset, pinfo, tree);
+
+#.FN_BODY T_symmetric
+
+ offset = call_dop_oid_callback("dop.establish.symmetric", tvb, offset, pinfo, tree);
+
+#.FN_BODY T_roleA_replies
+
+ offset = call_dop_oid_callback("dop.establish.rolea", tvb, offset, pinfo, tree);
+
+#.FN_BODY T_roleB_replies
+
+ offset = call_dop_oid_callback("dop.establish.roleb", tvb, offset, pinfo, tree);
+
+#.FN_BODY T_agreementProposal
+
+ offset = call_dop_oid_callback("dop.agreement", tvb, offset, pinfo, tree);
+
+#.FN_BODY ResultNewAgreement
+
+ offset = call_dop_oid_callback("dop.agreement", tvb, offset, pinfo, tree);
+
+#.FN_BODY ArgumentNewAgreement
+
+ offset = call_dop_oid_callback("dop.agreement", tvb, offset, pinfo, tree);
--- /dev/null
+/* packet-dop.c
+ * Routines for X.501 (DSA Operational Attributes) packet dissection
+ * Graeme Lunt 2005
+ *
+ * $Id$
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@ethereal.com>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <glib.h>
+#include <epan/packet.h>
+#include <epan/prefs.h>
+#include <epan/conversation.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "packet-ber.h"
+#include "packet-acse.h"
+#include "packet-ros.h"
+
+#include "packet-x509sat.h"
+#include "packet-x509af.h"
+#include "packet-x509if.h"
+#include "packet-dap.h"
+#include "packet-dsp.h"
+
+
+#include "packet-dop.h"
+
+#define PNAME "X.501 Directory Operational Binding Management Protocol"
+#define PSNAME "DOP"
+#define PFNAME "dop"
+
+static guint global_dop_tcp_port = 102;
+static guint tcp_port = 0;
+static dissector_handle_t tpkt_handle = NULL;
+void prefs_register_dop(void); /* forwad declaration for use in preferences registration */
+
+/* Initialize the protocol and registered fields */
+int proto_dop = -1;
+
+static struct SESSION_DATA_STRUCTURE* session = NULL;
+static const char *binding_type = NULL; /* binding_type */
+
+static int call_dop_oid_callback(char *base_oid, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
+
+#include "packet-dop-hf.c"
+
+/* Initialize the subtree pointers */
+static gint ett_dop = -1;
+#include "packet-dop-ett.c"
+
+#include "packet-dop-fn.c"
+
+static int
+call_dop_oid_callback(char *base_oid, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
+{
+ char *name = NULL;
+ char binding_param[BER_MAX_OID_STR_LEN];
+
+ sprintf(binding_param, "%s.%s", base_oid, binding_type ? binding_type : "");
+
+ name = get_ber_oid_name(binding_param);
+ proto_item_append_text(tree, " (%s)", name ? name : binding_param);
+
+ return call_ber_oid_callback(binding_param, tvb, offset, pinfo, tree);
+
+}
+
+
+/*
+* Dissect DOP PDUs inside a ROS PDUs
+*/
+static void
+dissect_dop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
+{
+ int offset = 0;
+ int old_offset;
+ proto_item *item=NULL;
+ proto_tree *tree=NULL;
+ int (*dop_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, int hf_index _U_) = NULL;
+ char *dop_op_name;
+
+ /* do we have operation information from the ROS dissector? */
+ if( !pinfo->private_data ){
+ if(parent_tree){
+ proto_tree_add_text(parent_tree, tvb, offset, -1,
+ "Internal error: can't get operation information from ROS dissector.");
+ }
+ return ;
+ } else {
+ session = ( (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data) );
+ }
+
+ if(parent_tree){
+ item = proto_tree_add_item(parent_tree, proto_dop, tvb, 0, -1, FALSE);
+ tree = proto_item_add_subtree(item, ett_dop);
+ }
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "DOP");
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_clear(pinfo->cinfo, COL_INFO);
+
+ switch(session->ros_op & ROS_OP_MASK) {
+ case (ROS_OP_BIND | ROS_OP_ARGUMENT): /* BindInvoke */
+ dop_dissector = dissect_dop_DSAOperationalManagementBindArgument;
+ dop_op_name = "DSA-Operational-Bind-Argument";
+ break;
+ case (ROS_OP_BIND | ROS_OP_RESULT): /* BindResult */
+ dop_dissector = dissect_dop_DSAOperationalManagementBindResult;
+ dop_op_name = "DSA-Operational-Bind-Result";
+ break;
+ case (ROS_OP_BIND | ROS_OP_ERROR): /* BindError */
+ dop_dissector = dissect_dop_DSAOperationalManagementBindError;
+ dop_op_name = "DSA-Operational-Management-Bind-Error";
+ break;
+ case (ROS_OP_INVOKE | ROS_OP_ARGUMENT): /* Invoke Argument */
+ switch(session->ros_op & ROS_OP_OPCODE_MASK) {
+ case 100: /* establish */
+ dop_dissector = dissect_dop_EstablishOperationalBindingArgument;
+ dop_op_name = "Establish-Operational-Binding-Argument";
+ break;
+ case 101: /* terminate */
+ dop_dissector = dissect_dop_TerminateOperationalBindingArgument;
+ dop_op_name = "Terminate-Operational-Binding-Argument";
+ break;
+ case 102: /* modify */
+ dop_dissector = dissect_dop_ModifyOperationalBindingArgument;
+ dop_op_name = "Modify-Operational-Binding-Argument";
+ break;
+ default:
+ proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP Argument opcode (%d)",
+ session->ros_op & ROS_OP_OPCODE_MASK);
+ break;
+ }
+ break;
+ case (ROS_OP_INVOKE | ROS_OP_RESULT): /* Return Result */
+ switch(session->ros_op & ROS_OP_OPCODE_MASK) {
+ case 100: /* establish */
+ dop_dissector = dissect_dop_EstablishOperationalBindingResult;
+ dop_op_name = "Establish-Operational-Binding-Result";
+ break;
+ case 101: /* terminate */
+ dop_dissector = dissect_dop_TerminateOperationalBindingResult;
+ dop_op_name = "Terminate-Operational-Binding-Result";
+ break;
+ case 102: /* modify */
+ dop_dissector = dissect_dop_ModifyOperationalBindingResult;
+ dop_op_name = "Modify-Operational-Binding-Result";
+ break;
+ default:
+ proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP Result opcode (%d)",
+ session->ros_op & ROS_OP_OPCODE_MASK);
+ break;
+ }
+ break;
+ case (ROS_OP_INVOKE | ROS_OP_ERROR): /* Return Error */
+ switch(session->ros_op & ROS_OP_OPCODE_MASK) {
+ case 100: /* operational-binding */
+ dop_dissector = dissect_dop_OpBindingErrorParam;
+ dop_op_name = "Operational-Binding-Error";
+ break;
+ default:
+ proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP Error opcode (%d)",
+ session->ros_op & ROS_OP_OPCODE_MASK);
+ break;
+ }
+ break;
+ default:
+ proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP PDU");
+ return;
+ }
+
+ if(dop_dissector) {
+ if (check_col(pinfo->cinfo, COL_INFO))
+ col_add_str(pinfo->cinfo, COL_INFO, dop_op_name);
+
+ while (tvb_reported_length_remaining(tvb, offset) > 0){
+ old_offset=offset;
+ offset=(*dop_dissector)(FALSE, tvb, offset, pinfo , tree, -1);
+ if(offset == old_offset){
+ proto_tree_add_text(tree, tvb, offset, -1,"Internal error, zero-byte DOP PDU");
+ offset = tvb_length(tvb);
+ break;
+ }
+ }
+ }
+}
+
+
+
+/*--- proto_register_dop -------------------------------------------*/
+void proto_register_dop(void) {
+
+ /* List of fields */
+ static hf_register_info hf[] =
+ {
+#include "packet-dop-hfarr.c"
+ };
+
+ /* List of subtrees */
+ static gint *ett[] = {
+ &ett_dop,
+#include "packet-dop-ettarr.c"
+ };
+
+ module_t *dop_module;
+
+ /* Register protocol */
+ proto_dop = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+ /* initially disable the protocol */
+ proto_set_decoding(proto_dop, FALSE);
+
+ register_dissector("dop", dissect_dop, proto_dop);
+
+ /* Register fields and subtrees */
+ proto_register_field_array(proto_dop, hf, array_length(hf));
+ proto_register_subtree_array(ett, array_length(ett));
+
+ /* Register our configuration options for DOP, particularly our port */
+
+#ifdef PREFERENCE_GROUPING
+ dop_module = prefs_register_protocol_subtree("OSI/X.500", proto_dop, prefs_register_dop);
+#else
+ dop_module = prefs_register_protocol(proto_dop, prefs_register_dop);
+#endif
+
+ prefs_register_uint_preference(dop_module, "tcp.port", "DOP TCP Port",
+ "Set the port for DOP operations (if other"
+ " than the default of 102)",
+ 10, &global_dop_tcp_port);
+
+
+}
+
+
+/*--- proto_reg_handoff_dop --- */
+void proto_reg_handoff_dop(void) {
+ dissector_handle_t handle = NULL;
+
+#include "packet-dop-dis-tab.c"
+ /* APPLICATION CONTEXT */
+
+ register_ber_oid_name("2.5.3.3", "id-ac-directory-operational-binding-management");
+
+ /* ABSTRACT SYNTAXES */
+
+ /* Register DOP with ROS (with no use of RTSE) */
+ if((handle = find_dissector("dop"))) {
+ register_ros_oid_dissector_handle("2.5.9.4", handle, 0, "id-as-directory-operational-binding-management", FALSE);
+ }
+
+ /* remember the tpkt handler for change in preferences */
+ tpkt_handle = find_dissector("tpkt");
+
+}
+
+void prefs_register_dop(void) {
+
+ /* de-register the old port */
+ /* port 102 is registered by TPKT - don't undo this! */
+ if((tcp_port != 102) && tpkt_handle)
+ dissector_delete("tcp.port", tcp_port, tpkt_handle);
+
+ /* Set our port number for future use */
+ tcp_port = global_dop_tcp_port;
+
+ if((tcp_port > 0) && (tcp_port != 102) && tpkt_handle)
+ dissector_add("tcp.port", global_dop_tcp_port, tpkt_handle);
+
+}
#ifndef PACKET_X501_H
#define PACKET_X501_H
-#include "packet-x501-exp.h"
+#include "packet-dop-exp.h"
#endif /* PACKET_X501_H */
--- /dev/null
+## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
+#
+# $Id$
+
+include ../../config.nmake
+
+UNIX2DOS=$(PERL) ../../tools/unix2dos.pl
+
+PROTOCOL_NAME=dsp
+DISSECTOR_FILES=packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).h
+
+all: generate_dissector
+
+generate_dissector: $(DISSECTOR_FILES)
+
+$(DISSECTOR_FILES): ../../tools/asn2eth.py dsp.asn packet-$(PROTOCOL_NAME)-template.c packet-$(PROTOCOL_NAME)-template.h $(PROTOCOL_NAME).cnf
+!IFDEF PYTHON
+ $(PYTHON) ../../tools/asn2eth.py -X -b -e -p $(PROTOCOL_NAME) -c $(PROTOCOL_NAME).cnf -s packet-$(PROTOCOL_NAME)-template dsp.asn
+!ELSE
+ @echo Error: You need Python to use asn2eth.py
+ @exit 1
+!ENDIF
+
+clean:
+ rm -f parsetab.py $(DISSECTOR_FILES)
+
+# Fix EOL in generated dissectors. Cygwin's python generates files with
+# mixed EOL styles, which can't be commited to the SVN repository.
+# Stuff included from template and "cnf" files has "\r\n" on windows, while
+# the generated stuff has "\n".
+
+fix_eol: generate_dissector
+ move packet-$(PROTOCOL_NAME).c packet-$(PROTOCOL_NAME).c.tmp
+ move packet-$(PROTOCOL_NAME).h packet-$(PROTOCOL_NAME).h.tmp
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).c.tmp > packet-$(PROTOCOL_NAME).c
+ $(UNIX2DOS) < packet-$(PROTOCOL_NAME).h.tmp > packet-$(PROTOCOL_NAME).h
+ del /f packet-$(PROTOCOL_NAME).c.tmp packet-$(PROTOCOL_NAME).h.tmp
+
+copy_files: generate_dissector fix_eol
+ xcopy packet-$(PROTOCOL_NAME).c ..\..\epan\dissectors /d /y
+ xcopy packet-$(PROTOCOL_NAME).h ..\..\epan\dissectors /d /y
+
OperationProgress BER_CLASS_UNI BER_UNI_TAG_SET
ReferenceType BER_CLASS_UNI BER_UNI_TAG_ENUMERATED
AccessPoint BER_CLASS_UNI BER_UNI_TAG_SET
+MasterAndShadowAccessPoints BER_CLASS_UNI BER_UNI_TAG_SET
ContinuationReference BER_CLASS_UNI BER_UNI_TAG_SET
#.END
OperationProgress TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
ReferenceType TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(dsp_ReferenceType_vals) BITMASK = 0
AccessPoint TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
+MasterAndShadowAccessPoints TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = NULL BITMASK = 0
ContinuationReference TYPE = FT_NONE DISPLAY = BASE_NONE STRINGS = NULL BITMASK = 0
#.END
supplier(5), master(6), immediateSuperior(7), self(8)}
AccessPoint ::= SET {
+-- The following line, whilst wrong, helps with Thales DOP dissection
+-- ae-title [0] IMPLICIT NULL,
ae-title [0] Name,
address [1] PresentationAddress,
protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL
ReferenceType
ContinuationReference
AccessPoint
+MasterAndShadowAccessPoints
#.TYPE_RENAME
/* Register our configuration options for DSP, particularly our port */
+#ifdef PREFERENCE_GROUPING
+ dsp_module = prefs_register_protocol_subtree("OSI/X.500", proto_dsp, prefs_register_dsp);
+#else
dsp_module = prefs_register_protocol(proto_dsp, prefs_register_dsp);
+#endif
prefs_register_uint_preference(dsp_module, "tcp.port", "DSP TCP Port",
"Set the port for DSP operations (if other"
+++ /dev/null
-# $Id$
-
-DISSECTOR_FILES=packet-x501.c packet-x501.h
-
-all: generate_dissector
-
-generate_dissector: $(DISSECTOR_FILES)
-
-ASN_EXPORTS=
-
-$(DISSECTOR_FILES): ../../tools/asn2eth.py x501.asn packet-x501-template.c packet-x501-template.h x501.cnf $(ASN_EXPORTS)
- python ../../tools/asn2eth.py -X -b -e -p x501 -c x501.cnf -s packet-x501-template x501.asn
-
-clean:
- rm -f parsetab.py $(DISSECTOR_FILES) *~
-
-copy_files: generate_dissector
- cp $(DISSECTOR_FILES) ../../epan/dissectors
-
+++ /dev/null
-/* packet-x501.c
- * Routines for X.501 (DSA Operational Attributes) packet dissection
- * Graeme Lunt 2005
- *
- * $Id$
- *
- * Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@ethereal.com>
- * Copyright 1998 Gerald Combs
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- */
-
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include <glib.h>
-#include <epan/packet.h>
-#include <epan/conversation.h>
-
-#include <stdio.h>
-#include <string.h>
-
-#include "packet-ber.h"
-
-#include "packet-x509sat.h"
-#include "packet-x509if.h"
-#include "packet-dap.h"
-#include "packet-dsp.h"
-
-
-#include "packet-x501.h"
-
-#define PNAME "X.501 Operational Attributes"
-#define PSNAME "X501"
-#define PFNAME "x501"
-
-/* Initialize the protocol and registered fields */
-int proto_x501 = -1;
-
-#include "packet-x501-hf.c"
-
-/* Initialize the subtree pointers */
-static gint ett_x501 = -1;
-#include "packet-x501-ett.c"
-
-#include "packet-x501-fn.c"
-
-/*--- proto_register_x501 -------------------------------------------*/
-void proto_register_x501(void) {
-
- /* List of fields */
- static hf_register_info hf[] =
- {
-#include "packet-x501-hfarr.c"
- };
-
- /* List of subtrees */
- static gint *ett[] = {
- &ett_x501,
-#include "packet-x501-ettarr.c"
- };
-
- /* Register protocol */
- proto_x501 = proto_register_protocol(PNAME, PSNAME, PFNAME);
-
- /* Register fields and subtrees */
- proto_register_field_array(proto_x501, hf, array_length(hf));
- proto_register_subtree_array(ett, array_length(ett));
-
-}
-
-
-/*--- proto_reg_handoff_x501 --- */
-void proto_reg_handoff_x501(void) {
-
-#include "packet-x501-dis-tab.c"
-
-}
+++ /dev/null
--- Module DSAOperationalAttributeTypes (X.501:02/2001)
-DSAOperationalAttributeTypes {joint-iso-itu-t ds(5) module(1)
- dsaOperationalAttributeTypes(22) 4} DEFINITIONS ::=
-BEGIN
-
--- EXPORTS All
--- The types and values defined in this module are exported for use in the other ASN.1 modules contained
--- within the Directory Specifications, and for the use of other applications which will use them to access
--- Directory services. Other applications may use them for their own purposes, but this will not constrain
--- extensions and modifications needed to maintain or improve the Directory service.
-IMPORTS
- -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
- distributedOperations, id-doa, id-kmr, informationFramework,
- opBindingManagement, selectedAttributeTypes, upperBounds
- FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
- usefulDefinitions(0) 4}
- ATTRIBUTE, MATCHING-RULE, Name
- FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
- informationFramework(1) 4}
- OperationalBindingID
- FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
- opBindingManagement(18) 4}
- -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
- AccessPoint, MasterAndShadowAccessPoints
- FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
- distributedOperations(3) 4}
- -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
- bitStringMatch
- FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
- selectedAttributeTypes(5) 4}
- PresentationAddress, ProtocolInformation
- FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
- selectedAttributeTypes(5) 4};
-
-
--- data types
-DSEType ::= BIT STRING {
- root(0), -- root DSE
- glue(1), -- represents knowledge of a name only
- cp(2), -- context prefix
- entry(3), -- object entry
- alias(4), -- alias entry
- subr(5), -- subordinate reference
- nssr(6), -- non-specific subordinate reference
- supr(7), -- superior reference
- xr(8), -- cross reference
- admPoint(9), -- administrative point
- subentry(10), -- subentry
- shadow(11), -- shadow copy
- immSupr(13), -- immediate superior reference
- rhob(14), -- rhob information
- sa(15), -- subordinate reference to alias entry
- dsSubentry(16), -- DSA Specific subentry
- familyMember(17)} -- family member
-
-SupplierOrConsumer ::= SET {
--- COMPONENTS OF AccessPoint, - - supplier or consumer
- ae-title [0] Name,
- address [1] PresentationAddress,
- protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL,
- agreementID [3] OperationalBindingID
-}
-
-SupplierInformation ::= SET {
--- COMPONENTS OF SupplierOrConsumer, - - supplier
- ae-title [0] Name,
- address [1] PresentationAddress,
- protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL,
- agreementID [3] OperationalBindingID,
- supplier-is-master [4] BOOLEAN DEFAULT TRUE,
- non-supplying-master [5] AccessPoint OPTIONAL
-}
-
-ConsumerInformation ::= SupplierOrConsumer -- consumer
-
-SupplierAndConsumers ::= SET {
--- COMPONENTS OF AccessPoint, - - supplier
- ae-title [0] Name,
- address [1] PresentationAddress,
- protocolInformation [2] SET --SIZE (1..MAX)-- OF ProtocolInformation OPTIONAL,
- consumers [3] SET OF AccessPoint
-}
-
--- attribute types
---dseType ATTRIBUTE ::= {
--- WITH SYNTAX DSEType
--- EQUALITY MATCHING RULE bitStringMatch
--- SINGLE VALUE TRUE
--- NO USER MODIFICATION TRUE
--- USAGE dSAOperation
--- ID id-doa-dseType
---}
-
---myAccessPoint ATTRIBUTE ::= {
--- WITH SYNTAX AccessPoint
--- EQUALITY MATCHING RULE accessPointMatch
--- SINGLE VALUE TRUE
--- NO USER MODIFICATION TRUE
--- USAGE dSAOperation
--- ID id-doa-myAccessPoint
---}
-
---superiorKnowledge ATTRIBUTE ::= {
--- WITH SYNTAX AccessPoint
--- EQUALITY MATCHING RULE accessPointMatch
--- NO USER MODIFICATION TRUE
--- USAGE dSAOperation
--- ID id-doa-superiorKnowledge
---}
-
---specificKnowledge ATTRIBUTE ::= {
--- WITH SYNTAX MasterAndShadowAccessPoints
--- EQUALITY MATCHING RULE masterAndShadowAccessPointsMatch
--- SINGLE VALUE TRUE
--- NO USER MODIFICATION TRUE
--- USAGE distributedOperation
--- ID id-doa-specificKnowledge
---}
-
---nonSpecificKnowledge ATTRIBUTE ::= {
--- WITH SYNTAX MasterAndShadowAccessPoints
--- EQUALITY MATCHING RULE masterAndShadowAccessPointsMatch
--- NO USER MODIFICATION TRUE
--- USAGE distributedOperation
--- ID id-doa-nonSpecificKnowledge
---}
-
---supplierKnowledge ATTRIBUTE ::= {
--- WITH SYNTAX SupplierInformation
--- EQUALITY MATCHING RULE supplierOrConsumerInformationMatch
--- NO USER MODIFICATION TRUE
--- USAGE dSAOperation
--- ID id-doa-supplierKnowledge
---}
-
---consumerKnowledge ATTRIBUTE ::= {
--- WITH SYNTAX ConsumerInformation
--- EQUALITY MATCHING RULE supplierOrConsumerInformationMatch
--- NO USER MODIFICATION TRUE
--- USAGE dSAOperation
--- ID id-doa-consumerKnowledge
---}
-
---secondaryShadows ATTRIBUTE ::= {
--- WITH SYNTAX SupplierAndConsumers
--- EQUALITY MATCHING RULE supplierAndConsumersMatch
--- NO USER MODIFICATION TRUE
--- USAGE dSAOperation
--- ID id-doa-secondaryShadows
---}
-
--- matching rules
---accessPointMatch MATCHING-RULE ::= {
--- SYNTAX Name
--- ID id-kmr-accessPointMatch
---}
-
---masterAndShadowAccessPointsMatch MATCHING-RULE ::= {
--- SYNTAX SET OF Name
--- ID id-kmr-masterShadowMatch
---}
-
---supplierOrConsumerInformationMatch MATCHING-RULE ::= {
--- SYNTAX
--- SET {ae-title [0] Name,
--- agreement-identifier [2] INTEGER}
--- ID id-kmr-supplierConsumerMatch
---}
-
---supplierAndConsumersMatch MATCHING-RULE ::= {
--- SYNTAX Name
--- ID id-kmr-supplierConsumersMatch
---}
-
--- object identifier assignments
--- dsa operational attributes
---id-doa-dseType OBJECT IDENTIFIER ::=
--- {id-doa 0}
-
---id-doa-myAccessPoint OBJECT IDENTIFIER ::= {id-doa 1}
-
---id-doa-superiorKnowledge OBJECT IDENTIFIER ::= {id-doa 2}
-
---id-doa-specificKnowledge OBJECT IDENTIFIER ::= {id-doa 3}
-
---id-doa-nonSpecificKnowledge OBJECT IDENTIFIER ::= {id-doa 4}
-
---id-doa-supplierKnowledge OBJECT IDENTIFIER ::= {id-doa 5}
-
---id-doa-consumerKnowledge OBJECT IDENTIFIER ::= {id-doa 6}
-
---id-doa-secondaryShadows OBJECT IDENTIFIER ::= {id-doa 7}
-
--- knowledge matching rules
---id-kmr-accessPointMatch OBJECT IDENTIFIER ::=
--- {id-kmr 0}
-
---id-kmr-masterShadowMatch OBJECT IDENTIFIER ::= {id-kmr 1}
-
---id-kmr-supplierConsumerMatch OBJECT IDENTIFIER ::= {id-kmr 2}
-
---id-kmr-supplierConsumersMatch OBJECT IDENTIFIER ::= {id-kmr 3}
-
-END -- DSAOperationalAttributeTypes
-
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
-
+++ /dev/null
-#.MODULE_IMPORT
-SelectedAttributeTypes x509sat
-DistributedOperations dsp
-OperationalBindingManagement dap
-InformationFramework x509if
-
-#.INCLUDE ../x509sat/x509sat-exp.cnf
-#.INCLUDE ../dap/dap-exp.cnf
-#.INCLUDE ../dsp/dsp-exp.cnf
-
-#.EXPORTS
-DSEType
-SupplierAndConsumers
-
-#.REGISTER
-DSEType B "2.5.12.0" "id-doa-dseType"
-SupplierInformation B "2.5.12.5" "id-doa-supplierKnowledge"
-ConsumerInformation B "2.5.12.6" "id-doa-consumerKnowledge"
-SupplierAndConsumers B "2.5.12.7" "id-doa-secondaryShadows"
git.samba.org / metze / wireshark / wip.git / commitdiff