packet-dcerpc-nt.h

   1 /* packet-dcerpc-nt.h
   2  * Routines for DCERPC over SMB packet disassembly
   3  * Copyright 2001, Tim Potter <tpot@samba.org>
   4  *
   5  * $Id: packet-dcerpc-nt.h,v 1.22 2002/04/22 09:43:03 guy Exp $
   6  *
   7  * Ethereal - Network traffic analyzer
   8  * By Gerald Combs <gerald@ethereal.com>
   9  * Copyright 1998 Gerald Combs
  10  *
  11  * This program is free software; you can redistribute it and/or
  12  * modify it under the terms of the GNU General Public License
  13  * as published by the Free Software Foundation; either version 2
  14  * of the License, or (at your option) any later version.
  15  *
  16  * This program is distributed in the hope that it will be useful,
  17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19  * GNU General Public License for more details.
  20  *
  21  * You should have received a copy of the GNU General Public License
  22  * along with this program; if not, write to the Free Software
  23  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
  24  */
  25
  26 #ifndef __PACKET_DCERPC_NT_H
  27 #define __PACKET_DCEPRC_NT_H
  28
  29 /*
  30  * ett_ value for Unicode strings.
  31  */
  32 extern gint ett_nt_unicode_string;
  33
  34 /* Routines for parsing simple types */
  35
  36 int prs_align(int offset, int n);
  37
  38 int prs_uint8(tvbuff_t *tvb, int offset, packet_info *pinfo,
  39               proto_tree *tree, guint8 *data, char *name);
  40
  41 int prs_uint8s(tvbuff_t *tvb, int offset, packet_info *pinfo,
  42                proto_tree *tree, int count, int *data_offset, char *name);
  43
  44 int prs_uint16(tvbuff_t *tvb, int offset, packet_info *pinfo,
  45                proto_tree *tree, guint16 *data, char *name);
  46
  47 int prs_uint16s(tvbuff_t *tvb, int offset, packet_info *pinfo,
  48                 proto_tree *tree, int count, int *data_offset, char *name);
  49
  50 int prs_uint32(tvbuff_t *tvb, int offset, packet_info *pinfo,
  51                proto_tree *tree, guint32 *data, char *name);
  52
  53 int prs_uint32s(tvbuff_t *tvb, int offset, packet_info *pinfo,
  54                 proto_tree *tree, int count, int *data_offset, char *name);
  55
  56 /* Parse NT status code */
  57
  58 int prs_ntstatus(tvbuff_t *tvb, int offset, packet_info *pinfo,
  59                  proto_tree *tree);
  60
  61 /* Parse some common RPC structures */
  62
  63 char *fake_unicode(tvbuff_t *tvb, int offset, int len);
  64
  65 int prs_UNISTR2(tvbuff_t *tvb, int offset, packet_info *pinfo,
  66                 proto_tree *tree, int flags, char **data, char *name);
  67
  68 int prs_policy_hnd(tvbuff_t *tvb, int offset, packet_info *pinfo,
  69                    proto_tree *tree, const guint8 **data);
  70
  71 /* Routines for handling deferral of referants in NDR */
  72
  73 #define PARSE_SCALARS 1
  74 #define PARSE_BUFFERS 2
  75
  76 int prs_push_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo,
  77                  proto_tree *tree, GList **ptr_list, char *name);
  78
  79 guint32 prs_pop_ptr(GList **ptr_list, char *name);
  80
  81
  82
  83 #define ALIGN_TO_4_BYTES        {if(offset&0x03)offset=(offset&0xfffffffc)+4;}
  84
  85 int
  86 dissect_ndr_nt_UNICODE_STRING_str(tvbuff_t *tvb, int offset,
  87                         packet_info *pinfo, proto_tree *tree,
  88                         char *drep);
  89 int
  90 dissect_ndr_nt_UNICODE_STRING(tvbuff_t *tvb, int offset,
  91                         packet_info *pinfo, proto_tree *parent_tree,
  92                         char *drep, int hf_index, int levels);
  93 int
  94 dissect_ndr_nt_STRING_string (tvbuff_t *tvb, int offset,
  95                              packet_info *pinfo, proto_tree *tree,
  96                              char *drep);
  97 int
  98 dissect_ndr_nt_STRING (tvbuff_t *tvb, int offset,
  99                         packet_info *pinfo, proto_tree *parent_tree,
 100                         char *drep, int hf_index, int levels);
 101 int
 102 dissect_ndr_nt_acct_ctrl(tvbuff_t *tvb, int offset, packet_info *pinfo,
 103                         proto_tree *parent_tree, char *drep);
 104 int
 105 dissect_ndr_nt_NTTIME (tvbuff_t *tvb, int offset,
 106                         packet_info *pinfo, proto_tree *tree,
 107                         char *drep, int hf_index);
 108 int
 109 dissect_ndr_nt_LOGON_HOURS(tvbuff_t *tvb, int offset,
 110                         packet_info *pinfo, proto_tree *parent_tree,
 111                         char *drep);
 112 int
 113 dissect_ndr_nt_SID(tvbuff_t *tvb, int offset,
 114                         packet_info *pinfo, proto_tree *tree,
 115                         char *drep);
 116 int
 117 dissect_ndr_nt_PSID(tvbuff_t *tvb, int offset,
 118                              packet_info *pinfo, proto_tree *parent_tree,
 119                              char *drep);
 120 int
 121 dissect_ndr_nt_PSID_ARRAY(tvbuff_t *tvb, int offset,
 122                         packet_info *pinfo, proto_tree *parent_tree,
 123                         char *drep);
 124
 125 int
 126 dissect_ndr_nt_SID_AND_ATTRIBUTES_ARRAY(tvbuff_t *tvb, int offset,
 127                         packet_info *pinfo, proto_tree *parent_tree,
 128                         char *drep);
 129 int
 130 dissect_ndr_nt_SID_AND_ATTRIBUTES(tvbuff_t *tvb, int offset,
 131                         packet_info *pinfo, proto_tree *parent_tree,
 132                         char *drep);
 133
 134 /*
 135  * Policy handle hashing
 136  */
 137
 138 gboolean
 139 dcerpc_smb_fetch_pol(const guint8 *policy_hnd, char **name,
 140                      guint32 *open_frame, guint32 *close_frame);
 141 void
 142 dcerpc_smb_store_pol(const guint8 *policy_hnd, char *name,
 143                      guint32 open_frame, guint32 close_frame);
 144
 145 /* Check for unparsed data at the end of a frame */
 146
 147 void
 148 dcerpc_smb_check_long_frame(tvbuff_t *tvb, int offset,
 149                             packet_info *pinfo, proto_tree *tree);
 150
 151 /* Dissect NT specific things */
 152
 153 int
 154 dissect_ntstatus(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 155                  proto_tree *tree, char *drep,
 156                  int hfindex, guint32 *pdata);
 157
 158 int
 159 dissect_nt_policy_hnd(tvbuff_t *tvb, gint offset, packet_info *pinfo,
 160                       proto_tree *tree, char *drep, int hfindex,
 161                       e_ctx_hnd *pdata);
 162
 163 int
 164 dissect_nt_GUID(tvbuff_t *tvb, int offset,
 165                         packet_info *pinfo, proto_tree *parent_tree,
 166                         char *drep);
 167
 168 int
 169 dissect_nt_LUID(tvbuff_t *tvb, int offset,
 170                         packet_info *pinfo, proto_tree *tree,
 171                         char *drep);
 172
 173 #endif /* packet-dcerpc-nt.h */