2 * Routines for DCERPC over SMB packet disassembly
3 * Copyright 2001-2003 Tim Potter <tpot@samba.org>
5 * $Id: packet-dcerpc-nt.h,v 1.38 2003/02/03 02:00:54 tpot Exp $
7 * Ethereal - Network traffic analyzer
8 * By Gerald Combs <gerald@ethereal.com>
9 * Copyright 1998 Gerald Combs
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 #ifndef __PACKET_DCERPC_NT_H
27 #define __PACKET_DCEPRC_NT_H
30 * ett_ value for Unicode strings.
32 extern gint ett_nt_unicode_string;
34 /* Parse some common RPC structures */
36 char *fake_unicode(tvbuff_t *tvb, int offset, int len);
38 /* Routines for handling deferral of referants in NDR */
40 #define ALIGN_TO_4_BYTES \
41 { dcerpc_info *xzdi; \
42 xzdi=pinfo->private_data; \
43 if(!xzdi->conformant_run) { \
45 offset=(offset&0xfffffffc)+4; \
51 dissect_ndr_counted_string_cb(tvbuff_t *tvb, int offset,
52 packet_info *pinfo, proto_tree *tree,
53 char *drep, int hf_index,
54 dcerpc_callback_fnct_t *callback,
58 dissect_ndr_counted_string_ptr(tvbuff_t *tvb, int offset,
59 packet_info *pinfo, proto_tree *parent_tree,
63 dissect_ndr_counted_string(tvbuff_t *tvb, int offset,
64 packet_info *pinfo, proto_tree *parent_tree,
65 char *drep, int hf_index, int levels);
68 dissect_ndr_nt_acct_ctrl(tvbuff_t *tvb, int offset, packet_info *pinfo,
69 proto_tree *parent_tree, char *drep);
71 dissect_ndr_nt_NTTIME (tvbuff_t *tvb, int offset,
72 packet_info *pinfo, proto_tree *tree,
73 char *drep, int hf_index);
75 dissect_ndr_nt_LOGON_HOURS(tvbuff_t *tvb, int offset,
76 packet_info *pinfo, proto_tree *parent_tree,
79 dissect_ndr_nt_SID(tvbuff_t *tvb, int offset,
80 packet_info *pinfo, proto_tree *tree,
83 dissect_ndr_nt_PSID(tvbuff_t *tvb, int offset,
84 packet_info *pinfo, proto_tree *parent_tree,
87 dissect_ndr_nt_PSID_ARRAY(tvbuff_t *tvb, int offset,
88 packet_info *pinfo, proto_tree *parent_tree,
92 dissect_ndr_nt_SID_AND_ATTRIBUTES_ARRAY(tvbuff_t *tvb, int offset,
93 packet_info *pinfo, proto_tree *parent_tree,
96 dissect_ndr_nt_SID_AND_ATTRIBUTES(tvbuff_t *tvb, int offset,
97 packet_info *pinfo, proto_tree *parent_tree,
101 * Policy handle hashing
104 /* Store open and close packet numbers for a policy handle */
107 dcerpc_smb_store_pol_pkts(e_ctx_hnd *policy_hnd, guint32 open_frame,
108 guint32 close_frame);
110 /* Store a name with a policy handle */
113 dcerpc_smb_store_pol_name(e_ctx_hnd *policy_hnd, char *name);
115 /* Fetch details stored with a policy handle */
118 dcerpc_smb_fetch_pol(e_ctx_hnd *policy_hnd, char **name,
119 guint32 *open_frame, guint32 *close_frame);
121 /* Check for unparsed data at the end of a frame */
124 dcerpc_smb_check_long_frame(tvbuff_t *tvb, int offset,
125 packet_info *pinfo, proto_tree *tree);
127 /* Dissect NT specific things */
130 dissect_ntstatus(tvbuff_t *tvb, gint offset, packet_info *pinfo,
131 proto_tree *tree, char *drep,
132 int hfindex, guint32 *pdata);
135 dissect_doserror(tvbuff_t *tvb, gint offset, packet_info *pinfo,
136 proto_tree *tree, char *drep,
137 int hfindex, guint32 *pdata);
140 dissect_nt_policy_hnd(tvbuff_t *tvb, gint offset, packet_info *pinfo,
141 proto_tree *tree, char *drep, int hfindex,
142 e_ctx_hnd *pdata, gboolean is_open, gboolean is_close);
145 dissect_nt_GUID(tvbuff_t *tvb, int offset,
146 packet_info *pinfo, proto_tree *parent_tree,
150 dissect_nt_LUID(tvbuff_t *tvb, int offset,
151 packet_info *pinfo, proto_tree *tree,
154 /* Stored here instead of packet-dcerpc{,-ndr}.c as they are probably not
155 official NDR representations. */
157 int dissect_dcerpc_uint8s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
158 proto_tree *tree, char *drep,
159 int hfindex, int length, const guint8 **pdata);
161 int dissect_ndr_uint8s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
162 proto_tree *tree, char *drep,
163 int hfindex, int length, const guint8 **pdata);
165 int dissect_dcerpc_uint16s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
166 proto_tree *tree, char *drep,
167 int hfindex, int length);
169 int dissect_ndr_uint16s(tvbuff_t *tvb, gint offset, packet_info *pinfo,
170 proto_tree *tree, char *drep,
171 int hfindex, int length);
173 /* Dissect an NT access mask */
175 typedef void (nt_access_mask_fn_t)(tvbuff_t *tvb, gint offset,
176 proto_tree *tree, guint32 access);
179 dissect_nt_access_mask(tvbuff_t *tvb, gint offset, packet_info *pinfo,
180 proto_tree *tree, char *drep, int hfindex,
181 nt_access_mask_fn_t *specific_rights_fn);
183 int dissect_ndr_str_pointer_item(tvbuff_t *tvb, gint offset,
184 packet_info *pinfo, proto_tree *tree,
185 char *drep, int type, char *text,
186 int hf_index, int levels);
189 * Helper routines for dissecting NDR strings
192 /* Number of levels to go up appending string to pointer item */
193 #define CB_STR_ITEM_LEVELS(x) ((x) & 0xFFFF)
194 #define CB_STR_COL_INFO 0x10000 /* Append string to COL_INFO */
195 #define CB_STR_SAVE 0x20000 /* Save string to dcv->private_data */
197 void cb_str_postprocess(packet_info *pinfo, proto_tree *tree _U_,
198 proto_item *item, tvbuff_t *tvb,
199 int start_offset, int end_offset,
200 void *callback_args);
202 /* Initialise DCERPC over SMB */
204 void dcerpc_smb_init(int proto_dcerpc);
207 dissect_ndr_wchar_array(tvbuff_t *tvb, int offset, packet_info *pinfo,
208 proto_tree *tree, char *drep);
211 dissect_ndr_char_array(tvbuff_t *tvb, int offset, packet_info *pinfo,
212 proto_tree *tree, char *drep);
214 #endif /* packet-dcerpc-nt.h */
git.samba.org / obnox / wireshark / wip.git / blob