2 * Stubs for Sun's NFS ACL RPC service (runs on port 2049, and is presumably
3 * handled by the same kernel server code that handles NFS)
5 * Guy Harris <guy@alum.mit.edu>
7 * $Id: packet-nfsacl.c,v 1.11 2003/10/06 20:46:51 guy Exp $
9 * Ethereal - Network traffic analyzer
10 * By Gerald Combs <gerald@ethereal.com>
11 * Copyright 1998 Gerald Combs
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
32 #include "packet-rpc.h"
33 #include "packet-nfs.h"
35 static int proto_nfsacl = -1;
36 static int hf_nfsacl_procedure_v1 = -1;
37 static int hf_nfsacl_procedure_v2 = -1;
38 static int hf_nfsacl_procedure_v3 = -1;
39 static int hf_nfsacl_entry = -1;
40 static int hf_nfsacl_aclcnt = -1;
41 static int hf_nfsacl_dfaclcnt = -1;
42 static int hf_nfsacl2_status = -1;
43 static int hf_nfsacl3_status = -1;
44 static int hf_nfsacl_aclent = -1;
45 static int hf_nfsacl_aclent_type = -1;
46 static int hf_nfsacl_aclent_uid = -1;
47 static int hf_nfsacl_aclent_perm = -1;
48 static int hf_nfsacl_create = -1;
50 static gint ett_nfsacl = -1;
51 static gint ett_nfsacl_mask = -1;
52 static gint ett_nfsacl_entry = -1;
53 static gint ett_nfsacl_aclent = -1;
54 static gint ett_nfsacl_aclent_perm = -1;
55 static gint ett_nfsacl_aclent_entries = -1;
57 #define NFSACL_PROGRAM 100227
59 #define NFSACLPROC_NULL 0
61 #define NFSACLPROC2_GETACL 1
62 #define NFSACLPROC2_SETACL 2
63 #define NFSACLPROC2_GETATTR 3
64 #define NFSACLPROC2_ACCESS 4
65 #define NFSACLPROC2_GETXATTRDIR 5
67 #define NFSACLPROC3_GETACL 1
68 #define NFSACLPROC3_SETACL 2
69 #define NFSACLPROC3_GETXATTRDIR 3
75 dissect_nfsacl_mask(tvbuff_t *tvb, int offset, proto_tree *tree,
79 proto_item *mask_item = NULL;
80 proto_tree *mask_tree = NULL;
82 mask = tvb_get_ntohl(tvb, offset + 0);
86 mask_item = proto_tree_add_text(tree, tvb, offset, 4, "%s: 0x%02x",
90 mask_tree = proto_item_add_subtree(mask_item, ett_nfsacl_mask);
95 proto_tree_add_text(mask_tree, tvb, offset, 4, "%s",
96 decode_boolean_bitfield(mask, 0x01, 8, "ACL entry",
98 proto_tree_add_text(mask_tree, tvb, offset, 4, "%s",
99 decode_boolean_bitfield(mask, 0x02, 8, "ACL count",
101 proto_tree_add_text(mask_tree, tvb, offset, 4, "%s",
102 decode_boolean_bitfield(mask, 0x04, 8, "default ACL entry",
103 "(no default ACL entry)"));
104 proto_tree_add_text(mask_tree, tvb, offset, 4, "%s",
105 decode_boolean_bitfield(mask, 0x08, 8, "default ACL count",
106 "(no default ACL count)"));
117 static const value_string names_nfsacl_aclent_type[] = {
118 #define NA_USER_OBJ 0x1
119 { NA_USER_OBJ, "NA_USER_OBJ" },
121 { NA_USER, "NA_USER" },
122 #define NA_GROUP_OBJ 0x4
123 { NA_GROUP_OBJ, "NA_GROUP_OBJ" },
125 { NA_GROUP, "NA_GROUP" },
126 #define NA_CLASS_OBJ 0x10
127 { NA_CLASS_OBJ, "NA_CLASS_OBJ" },
128 #define NA_OTHER_OBJ 0x20
129 { NA_OTHER_OBJ, "NA_OTHER_OBJ" },
130 #define NA_ACL_DEFAULT 0x1000
131 { NA_ACL_DEFAULT, "NA_ACL_DEFAULT" },
132 { NA_ACL_DEFAULT | NA_USER_OBJ, "Default NA_USER_OBJ" },
133 { NA_ACL_DEFAULT | NA_USER, "Default NA_USER" },
134 { NA_ACL_DEFAULT | NA_GROUP_OBJ, "Default NA_GROUP_OBJ" },
135 { NA_ACL_DEFAULT | NA_GROUP, "Default NA_GROUP" },
136 { NA_ACL_DEFAULT | NA_CLASS_OBJ, "Default NA_CLASS_OBJ" },
137 { NA_ACL_DEFAULT | NA_OTHER_OBJ, "Default NA_OTHER_OBJ" },
142 dissect_nfsacl_aclent(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
145 proto_item *entry_item = NULL;
146 proto_tree *entry_tree = NULL;
148 proto_item *perm_item = NULL;
149 proto_tree *perm_tree = NULL;
153 entry_item = proto_tree_add_item(tree, hf_nfsacl_aclent, tvb,
154 offset + 0, -1, FALSE);
155 entry_tree = proto_item_add_subtree(entry_item, ett_nfsacl_aclent);
158 offset = dissect_rpc_uint32(tvb, entry_tree, hf_nfsacl_aclent_type, offset);
159 offset = dissect_rpc_uint32(tvb, entry_tree, hf_nfsacl_aclent_uid, offset);
161 perm = tvb_get_ntohl(tvb, offset);
163 perm_item = proto_tree_add_uint(entry_tree, hf_nfsacl_aclent_perm,
164 tvb, offset, 4, perm);
167 perm_tree = proto_item_add_subtree(perm_item, ett_nfsacl_aclent_perm);
171 proto_tree_add_text(perm_tree, tvb, offset, 4, "%s",
172 decode_boolean_bitfield(perm, NA_READ, 4, "READ", "no READ"));
174 proto_tree_add_text(perm_tree, tvb, offset, 4, "%s",
175 decode_boolean_bitfield(perm, NA_WRITE, 4, "WRITE", "no WRITE"));
177 proto_tree_add_text(perm_tree, tvb, offset, 4, "%s",
178 decode_boolean_bitfield(perm, NA_EXEC, 4, "EXEC", "no EXEC"));
188 dissect_nfsacl_secattr(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
191 guint32 aclcnt, dfaclcnt;
193 proto_item *entry_item = NULL;
194 proto_tree *entry_tree = NULL;
196 offset = dissect_nfsacl_mask(tvb, offset, tree, "mask");
197 offset = dissect_rpc_uint32(tvb, tree, hf_nfsacl_aclcnt, offset);
199 aclcnt = tvb_get_ntohl(tvb, offset);
201 entry_item = proto_tree_add_text(tree, tvb, offset, 4,
202 "Total ACL entries: %d", aclcnt);
205 entry_tree = proto_item_add_subtree(entry_item,
206 ett_nfsacl_aclent_entries);
212 for (i = 0; i < aclcnt; i++)
213 offset = dissect_nfsacl_aclent(tvb, offset, pinfo, entry_tree);
218 offset = dissect_rpc_uint32(tvb, tree, hf_nfsacl_dfaclcnt, offset);
220 dfaclcnt = tvb_get_ntohl(tvb, offset);
222 entry_item = proto_tree_add_text(tree, tvb, offset, 4,
223 "Total default ACL entries: %d", dfaclcnt);
226 entry_tree = proto_item_add_subtree(entry_item,
227 ett_nfsacl_aclent_entries);
233 for (i = 0; i < dfaclcnt; i++)
234 offset = dissect_nfsacl_aclent(tvb, offset, pinfo, entry_tree);
240 /* proc number, "proc name", dissect_request, dissect_reply */
241 /* NULL as function pointer means: type of arguments is "void". */
242 static const vsff nfsacl1_proc[] = {
243 { NFSACLPROC_NULL, "NULL",
245 { 0, NULL, NULL, NULL }
247 static const value_string nfsacl1_proc_vals[] = {
248 { NFSACLPROC_NULL, "NULL" },
253 dissect_nfsacl2_getacl_call(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
256 offset = dissect_fhandle(tvb, offset, pinfo, tree, "fhandle", NULL);
257 offset = dissect_nfsacl_mask(tvb, offset, tree, "mask");
262 dissect_nfsacl2_getacl_reply(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
267 status = tvb_get_ntohl(tvb, offset + 0);
269 proto_tree_add_uint(tree, hf_nfsacl2_status, tvb, offset + 0, 4, status);
273 if (status == ACL2_OK)
275 offset = dissect_fattr(tvb, offset, tree, "attr");
276 offset = dissect_nfsacl_secattr(tvb, offset, pinfo, tree);
283 dissect_nfsacl2_setacl_call(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
286 offset = dissect_fhandle(tvb, offset, pinfo, tree, "fhandle", NULL);
287 offset = dissect_nfsacl_secattr(tvb, offset, pinfo, tree);
293 dissect_nfsacl2_setacl_reply(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
298 status = tvb_get_ntohl(tvb, offset + 0);
300 proto_tree_add_uint(tree, hf_nfsacl2_status, tvb, offset + 0, 4, status);
304 if (status == ACL2_OK)
305 offset = dissect_fattr(tvb, offset, tree, "attr");
311 dissect_nfsacl2_getattr_call(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
314 offset = dissect_fhandle(tvb, offset, pinfo, tree, "fhandle", NULL);
320 dissect_nfsacl2_getattr_reply(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
323 offset = dissect_fattr(tvb, offset, tree, "attr");
329 dissect_nfsacl2_access_call(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
332 offset = dissect_fhandle(tvb, offset, pinfo, tree, "fhandle", NULL);
333 offset = dissect_access(tvb, offset, tree, "access");
339 dissect_nfsacl2_access_reply(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
344 status = tvb_get_ntohl(tvb, offset + 0);
346 proto_tree_add_uint(tree, hf_nfsacl2_status, tvb, offset + 0, 4, status);
350 if (status == ACL2_OK)
352 offset = dissect_fattr(tvb, offset, tree, "attr");
353 offset = dissect_access(tvb, offset, tree, "access");
360 dissect_nfsacl2_getxattrdir_call(tvbuff_t *tvb, int offset,
361 packet_info *pinfo _U_, proto_tree *tree)
363 offset = dissect_fhandle(tvb, offset, pinfo, tree, "fhandle", NULL);
364 offset = dissect_rpc_bool(tvb, tree, hf_nfsacl_create, offset);
370 dissect_nfsacl2_getxattrdir_reply(tvbuff_t *tvb, int offset,
371 packet_info *pinfo _U_, proto_tree *tree)
375 status = tvb_get_ntohl(tvb, offset + 0);
377 proto_tree_add_uint(tree, hf_nfsacl2_status, tvb, offset + 0, 4, status);
381 if (status == ACL2_OK)
383 offset = dissect_fhandle(tvb, offset, pinfo, tree, "fhandle", NULL);
384 offset = dissect_fattr(tvb, offset, tree, "attr");
390 static const vsff nfsacl2_proc[] = {
391 { NFSACLPROC_NULL, "NULL",
393 { NFSACLPROC2_GETACL, "GETACL",
394 dissect_nfsacl2_getacl_call, dissect_nfsacl2_getacl_reply },
395 { NFSACLPROC2_SETACL, "SETACL",
396 dissect_nfsacl2_setacl_call, dissect_nfsacl2_setacl_reply },
397 { NFSACLPROC2_GETATTR, "GETATTR",
398 dissect_nfsacl2_getattr_call, dissect_nfsacl2_getattr_reply },
399 { NFSACLPROC2_ACCESS, "ACCESS",
400 dissect_nfsacl2_access_call, dissect_nfsacl2_access_reply },
401 { NFSACLPROC2_GETXATTRDIR, "GETXATTRDIR",
402 dissect_nfsacl2_getxattrdir_call, dissect_nfsacl2_getxattrdir_reply },
403 { 0, NULL, NULL, NULL }
405 static const value_string nfsacl2_proc_vals[] = {
406 { NFSACLPROC_NULL, "NULL" },
407 { NFSACLPROC2_GETACL, "GETACL" },
408 { NFSACLPROC2_SETACL, "SETACL" },
409 { NFSACLPROC2_GETATTR, "GETATTR" },
410 { NFSACLPROC2_ACCESS, "ACCESS" },
411 { NFSACLPROC2_GETXATTRDIR, "GETXATTRDIR" },
416 dissect_nfsacl3_getacl_call(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
419 offset = dissect_nfs_fh3(tvb, offset, pinfo, tree, "fhandle", NULL);
420 offset = dissect_nfsacl_mask(tvb, offset, tree, "mask");
426 dissect_nfsacl3_getacl_reply(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
430 proto_item *entry_item = NULL;
431 proto_tree *entry_tree = NULL;
433 status = tvb_get_ntohl(tvb, offset + 0);
436 proto_tree_add_uint(tree, hf_nfsacl3_status, tvb, offset + 0, 4,
443 entry_item = proto_tree_add_item(tree, hf_nfsacl_entry, tvb,
444 offset + 0, -1, FALSE);
446 entry_tree = proto_item_add_subtree(entry_item, ett_nfsacl_entry);
450 offset = dissect_nfs_post_op_attr(tvb, offset, entry_tree, "attr");
452 if (status != ACL3_OK)
456 offset = dissect_nfsacl_secattr(tvb, offset, pinfo, entry_tree);
462 dissect_nfsacl3_setacl_call(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
466 proto_item *acl_item = NULL;
467 proto_tree *acl_tree = NULL;
469 offset = dissect_nfs_fh3(tvb, offset, pinfo, tree, "fhandle", NULL);
473 acl_item = proto_tree_add_item(tree, hf_nfsacl_entry, tvb, offset + 0,
477 acl_tree = proto_item_add_subtree(acl_item, ett_nfsacl_entry);
481 offset = dissect_nfsacl_secattr(tvb, offset, pinfo, acl_tree);
487 dissect_nfsacl3_setacl_reply(tvbuff_t *tvb, int offset, packet_info *pinfo _U_,
490 guint32 status = tvb_get_ntohl(tvb, offset + 0);
493 proto_tree_add_uint(tree, hf_nfsacl3_status, tvb, offset + 0, 4,
498 offset = dissect_nfs_post_op_attr(tvb, offset, tree, "attr");
504 dissect_nfsacl3_getxattrdir_call(tvbuff_t *tvb, int offset,
505 packet_info *pinfo _U_, proto_tree *tree)
508 offset = dissect_nfs_fh3(tvb, offset, pinfo, tree, "fhandle", NULL);
509 offset = dissect_rpc_bool(tvb, tree, hf_nfsacl_create, offset);
515 dissect_nfsacl3_getxattrdir_reply(tvbuff_t *tvb, int offset,
516 packet_info *pinfo _U_, proto_tree *tree)
520 status = tvb_get_ntohl(tvb, offset + 0);
523 proto_tree_add_uint(tree, hf_nfsacl3_status, tvb, offset + 0, 4,
528 if (status == ACL3_OK)
530 offset = dissect_nfs_fh3(tvb, offset, pinfo, tree, "fhandle", NULL);
531 offset = dissect_nfs_post_op_attr(tvb, offset, tree, "attr");
537 static const vsff nfsacl3_proc[] = {
538 { NFSACLPROC_NULL, "NULL",
540 { NFSACLPROC3_GETACL, "GETACL",
541 dissect_nfsacl3_getacl_call, dissect_nfsacl3_getacl_reply },
542 { NFSACLPROC3_SETACL, "SETACL",
543 dissect_nfsacl3_setacl_call, dissect_nfsacl3_setacl_reply },
544 { NFSACLPROC3_GETXATTRDIR, "GETXATTRDIR",
545 dissect_nfsacl3_getxattrdir_call, dissect_nfsacl3_getxattrdir_reply },
546 { 0, NULL, NULL, NULL }
548 static const value_string nfsacl3_proc_vals[] = {
549 { NFSACLPROC_NULL, "NULL" },
550 { NFSACLPROC3_GETACL, "GETACL" },
551 { NFSACLPROC3_SETACL, "SETACL" },
555 static const value_string names_nfsacl2_status[] = {
556 { ACL2_OK, "ACL2_OK" },
560 static const value_string names_nfsacl3_status[] = {
561 { ACL3_OK, "ACL3_OK" },
565 static struct true_false_string yesno = { "Yes", "No" };
568 proto_register_nfsacl(void)
570 static hf_register_info hf[] = {
571 { &hf_nfsacl_procedure_v1, {
572 "V1 Procedure", "nfsacl.procedure_v1", FT_UINT32, BASE_DEC,
573 VALS(nfsacl1_proc_vals), 0, "V1 Procedure", HFILL }},
574 { &hf_nfsacl_procedure_v2, {
575 "V2 Procedure", "nfsacl.procedure_v2", FT_UINT32, BASE_DEC,
576 VALS(nfsacl2_proc_vals), 0, "V2 Procedure", HFILL }},
577 { &hf_nfsacl_procedure_v3, {
578 "V3 Procedure", "nfsacl.procedure_v3", FT_UINT32, BASE_DEC,
579 VALS(nfsacl3_proc_vals), 0, "V3 Procedure", HFILL }},
581 { &hf_nfsacl_entry, {
582 "ACL", "nfsacl.acl", FT_NONE, 0,
583 NULL, 0, "ACL", HFILL }},
584 { &hf_nfsacl_aclcnt, {
585 "ACL count", "nfsacl.aclcnt", FT_UINT32, BASE_DEC,
586 NULL, 0, "ACL count", HFILL }},
587 { &hf_nfsacl_dfaclcnt, {
588 "Default ACL count", "nfsacl.dfaclcnt", FT_UINT32, BASE_DEC,
589 NULL, 0, "Default ACL count", HFILL }},
590 { &hf_nfsacl_aclent, {
591 "ACL Entry", "nfsacl.aclent", FT_NONE, 0,
592 NULL, 0, "ACL", HFILL }},
593 { &hf_nfsacl_aclent_type, {
594 "Type", "nfsacl.aclent.type", FT_UINT32, BASE_DEC,
595 VALS(names_nfsacl_aclent_type), 0, "Type", HFILL }},
596 { &hf_nfsacl_aclent_uid, {
597 "UID", "nfsacl.aclent.uid", FT_UINT32, BASE_DEC,
598 NULL, 0, "UID", HFILL }},
599 { &hf_nfsacl_aclent_perm, {
600 "Permissions", "nfsacl.aclent.perm", FT_UINT32, BASE_DEC,
601 NULL, 0, "Permissions", HFILL }},
603 { &hf_nfsacl2_status, {
604 "Status", "nfsacl.status2", FT_UINT32, BASE_DEC,
605 VALS(names_nfsacl2_status), 0, "Status", HFILL }},
607 { &hf_nfsacl3_status, {
608 "Status", "nfsacl.status3", FT_UINT32, BASE_DEC,
609 VALS(names_nfsacl3_status), 0, "Status", HFILL }},
610 { &hf_nfsacl_create, {
611 "create", "nfsacl.create", FT_BOOLEAN, BASE_NONE,
612 &yesno, 0, "Create?", HFILL }},
615 static gint *ett[] = {
620 &ett_nfsacl_aclent_perm,
621 &ett_nfsacl_aclent_entries
624 proto_nfsacl = proto_register_protocol("NFSACL", "NFSACL", "nfsacl");
625 proto_register_field_array(proto_nfsacl, hf, array_length(hf));
626 proto_register_subtree_array(ett, array_length(ett));
630 proto_reg_handoff_nfsacl(void)
632 /* Register the protocol as RPC */
633 rpc_init_prog(proto_nfsacl, NFSACL_PROGRAM, ett_nfsacl);
634 /* Register the procedure tables */
635 rpc_init_proc_table(NFSACL_PROGRAM, 1, nfsacl1_proc, hf_nfsacl_procedure_v1);
636 rpc_init_proc_table(NFSACL_PROGRAM, 2, nfsacl2_proc, hf_nfsacl_procedure_v2);
637 rpc_init_proc_table(NFSACL_PROGRAM, 3, nfsacl3_proc, hf_nfsacl_procedure_v3);