Merging upstream version 4.4.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-09-19 04:14:33 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-09-19 04:14:33 +0000
commit: 9f153fbfec0fb9c9ce38e749a7c6f4a5e115d4e9 (patch)
tree: 2784370cda9bbf2da9114d70f05399c0b229d28c /epan/dissectors/pidl/samr
parent: Adding debian version 4.2.6-1. (diff)
download: wireshark-9f153fbfec0fb9c9ce38e749a7c6f4a5e115d4e9.tar.xz
wireshark-9f153fbfec0fb9c9ce38e749a7c6f4a5e115d4e9.zip
2 files changed, 222 insertions, 61 deletions
diff --git a/epan/dissectors/pidl/samr/samr.cnf b/epan/dissectors/pidl/samr/samr.cnf
index 07ca73de..98cf86cd 100644
--- a/epan/dissectors/pidl/samr/samr.cnf
+++ b/epan/dissectors/pidl/samr/samr.cnf
@@ -154,6 +154,7 @@ TYPE lsa_String "offset=dissect_ndr_lsa_String(tvb, offset, pinfo, tree, di, dre
 TYPE lsa_AsciiString "offset=cnf_dissect_lsa_AsciiString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
 TYPE lsa_StringLarge "offset=dissect_ndr_lsa_String(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
 TYPE lsa_AsciiStringLarge "offset=cnf_dissect_lsa_AsciiString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5
+TYPE lsa_BinaryString "offset=lsarpc_dissect_struct_lsa_BinaryString(tvb, offset, pinfo, tree, di, drep, @HF@, @PARAM@);" FT_STRING BASE_NONE 0 NULL 5
 TYPE hyper "offset=cnf_dissect_hyper(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_UINT64 BASE_DEC 0 NULL 8 
 
 
@@ -209,7 +210,7 @@ HF_RENAME hf_samr_samr_OpenAlias_access_mask hf_samr_alias_access_mask
 CODE START
 
 static void
-samr_connect_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+samr_connect_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
 {
 	static int* const access_flags[] = {
 		&hf_samr_samr_ConnectAccessMask_SAMR_ACCESS_LOOKUP_DOMAIN,
@@ -224,7 +225,7 @@ samr_connect_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint
 	proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access);
 }
 
-struct access_mask_info samr_connect_access_mask_info = {
+static struct access_mask_info samr_connect_access_mask_info = {
 	"SAMR Connect",			/* Name of specific rights */
 	samr_connect_specific_rights,	/* Dissection function */
 	NULL,				/* Generic mapping table */
@@ -232,7 +233,7 @@ struct access_mask_info samr_connect_access_mask_info = {
 };
 
 int
-samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
 {
 	offset = dissect_nt_access_mask(
 		tvb, offset, pinfo, tree, di, drep, hf_samr_connect_access_mask,
@@ -242,7 +243,7 @@ samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb, int offset, packet_info *pi
 
 
 static void
-samr_alias_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+samr_alias_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
 {
 	static int* const access_flags[] = {
 		&hf_samr_samr_AliasAccessMask_SAMR_ALIAS_ACCESS_ADD_MEMBER,
@@ -256,7 +257,7 @@ samr_alias_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32
 	proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access);
 }
 
-struct access_mask_info samr_alias_access_mask_info = {
+static struct access_mask_info samr_alias_access_mask_info = {
 	"SAMR Alias",			/* Name of specific rights */
 	samr_alias_specific_rights,	/* Dissection function */
 	NULL,				/* Generic mapping table */
@@ -264,7 +265,7 @@ struct access_mask_info samr_alias_access_mask_info = {
 };
 
 int
-samr_dissect_bitmap_AliasAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+samr_dissect_bitmap_AliasAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
 {
 	offset = dissect_nt_access_mask(
 		tvb, offset, pinfo, tree, di, drep, hf_samr_alias_access_mask,
@@ -274,7 +275,7 @@ samr_dissect_bitmap_AliasAccessMask(tvbuff_t *tvb, int offset, packet_info *pinf
 
 
 static void
-samr_group_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+samr_group_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
 {
 	static int* const access_flags[] = {
 		&hf_samr_samr_GroupAccessMask_SAMR_GROUP_ACCESS_GET_MEMBERS,
@@ -288,7 +289,7 @@ samr_group_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32
 	proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access);
 }
 
-struct access_mask_info samr_group_access_mask_info = {
+static struct access_mask_info samr_group_access_mask_info = {
 	"SAMR Group",			/* Name of specific rights */
 	samr_group_specific_rights,	/* Dissection function */
 	NULL,				/* Generic mapping table */
@@ -296,7 +297,7 @@ struct access_mask_info samr_group_access_mask_info = {
 };
 
 int
-samr_dissect_bitmap_GroupAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+samr_dissect_bitmap_GroupAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
 {
 	offset = dissect_nt_access_mask(
 		tvb, offset, pinfo, tree, di, drep, hf_samr_group_access_mask,
@@ -306,7 +307,7 @@ samr_dissect_bitmap_GroupAccessMask(tvbuff_t *tvb, int offset, packet_info *pinf
 
 
 static void
-samr_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+samr_domain_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
 {
 	static int* const access_flags[] = {
 		&hf_samr_samr_DomainAccessMask_SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1,
@@ -326,7 +327,7 @@ samr_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint3
 	proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access);
 }
 
-struct access_mask_info samr_domain_access_mask_info = {
+static struct access_mask_info samr_domain_access_mask_info = {
 	"SAMR Domain",			/* Name of specific rights */
 	samr_domain_specific_rights,	/* Dissection function */
 	NULL,				/* Generic mapping table */
@@ -334,7 +335,7 @@ struct access_mask_info samr_domain_access_mask_info = {
 };
 
 int
-samr_dissect_bitmap_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+samr_dissect_bitmap_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
 {
 	offset = dissect_nt_access_mask(
 		tvb, offset, pinfo, tree, di, drep, hf_samr_domain_access_mask,
@@ -344,7 +345,7 @@ samr_dissect_bitmap_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pin
 
 
 static void
-samr_user_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+samr_user_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
 {
 	static int* const access_flags[] = {
 		&hf_samr_samr_UserAccessMask_SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP,
@@ -364,7 +365,7 @@ samr_user_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32
 	proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access);
 }
 
-struct access_mask_info samr_user_access_mask_info = {
+static struct access_mask_info samr_user_access_mask_info = {
 	"SAMR User",			/* Name of specific rights */
 	samr_user_specific_rights,	/* Dissection function */
 	NULL,				/* Generic mapping table */
@@ -372,7 +373,7 @@ struct access_mask_info samr_user_access_mask_info = {
 };
 
 int
-samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
 {
 	offset = dissect_nt_access_mask(
 		tvb, offset, pinfo, tree, di, drep, hf_samr_user_access_mask,
@@ -382,7 +383,7 @@ samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo
 
 
 static int
-cnf_dissect_lsa_AsciiString(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex)
+cnf_dissect_lsa_AsciiString(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex)
 {
 	offset = dissect_ndr_counted_ascii_string(tvb, offset, pinfo, tree, di, drep,
 		hfindex, 0);
@@ -391,7 +392,7 @@ cnf_dissect_lsa_AsciiString(tvbuff_t *tvb, int offset, packet_info *pinfo, proto
 }
 
 static int
-cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex)
+cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex)
 {
 	offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, di, drep, hfindex, NULL);
 
@@ -402,12 +403,12 @@ cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tre
 
 
 static int
-cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep)
+cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
 {
-	guint64 len;
+	uint64_t len;
 	e_ctx_hnd *polhnd = NULL;
 	dcerpc_call_value *dcv = NULL;
-	guint32 type=0;
+	uint32_t type=0;
 	struct access_mask_info *ami=NULL;
 
 	if(di->conformant_run){
@@ -444,7 +445,7 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t
 		break;
 	}
 
-	dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, TRUE, (int)len, ami);
+	dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, true, (int)len, ami);
 
 	offset += (int)len;
 
@@ -452,9 +453,9 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t
 }
 
 static int
-cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep)
+cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
 {
-	guint64 len;
+	uint64_t len;
 
 	if(di->conformant_run){
 		/*just a run to handle conformant arrays, nothing to dissect */
@@ -474,7 +475,7 @@ cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr
 
 
 static int
-cnf_dissect_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep)
+cnf_dissect_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
 {
 	offset = dissect_ndr_nt_SID(tvb, offset, pinfo, tree, di, drep);
 
@@ -482,7 +483,7 @@ cnf_dissect_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *
 }
 
 static int
-cnf_dissect_lsa_SidArray(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep)
+cnf_dissect_lsa_SidArray(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
 {
 	offset = dissect_ndr_nt_PSID_ARRAY(tvb, offset, pinfo, tree, di, drep);
 
@@ -491,7 +492,7 @@ cnf_dissect_lsa_SidArray(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr
 
 
 static int
-cnf_dissect_samr_security_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, guint8 *drep _U_)
+cnf_dissect_samr_security_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, uint8_t *drep _U_)
 {
 	offset = dissect_nt_security_information(tvb, offset, tree);
 
diff --git a/epan/dissectors/pidl/samr/samr.idl b/epan/dissectors/pidl/samr/samr.idl
index 18e3d601..f09fff01 100644
--- a/epan/dissectors/pidl/samr/samr.idl
+++ b/epan/dissectors/pidl/samr/samr.idl
@@ -4,6 +4,7 @@
   samr interface definition
 */
 /* import "misc.idl", "lsa.idl", "security.idl";*/
+import "misc.idl", "lsa.idl";
 
 /*
   Thanks to Todd Sabin for some information from his samr.idl in acltools
@@ -35,15 +36,6 @@
 		SID_NAME_COMPUTER = 9  /* machine */
 	} lsa_SidType;
 
-	typedef [public,v1_enum] enum {
-		SAMR_REJECT_OTHER      = 0,
-		SAMR_REJECT_TOO_SHORT  = 1,
-		SAMR_REJECT_IN_HISTORY = 2,
-		SAMR_REJECT_COMPLEXITY = 5
-	} samr_RejectReason;
-
-
-
 	/* account control (acct_flags) bits */
 	typedef [public,bitmap32bit] bitmap {
 		ACB_DISABLED			= 0x00000001,  /* 1 = User account disabled */
@@ -64,8 +56,10 @@
 		ACB_USE_DES_KEY_ONLY		= 0x00008000,  /* 1 = Use DES key only */
 		ACB_DONT_REQUIRE_PREAUTH	= 0x00010000,  /* 1 = Preauth not required */
 		ACB_PW_EXPIRED                  = 0x00020000,  /* 1 = Password Expired */
-		ACB_TRUST_AUTH_DELEGAT		= 0x00040000,  /* 1 = Trusted to authenticate for delegation */
-		ACB_NO_AUTH_DATA_REQD		= 0x00080000   /* 1 = No authorization data required */
+		ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x00040000,
+		ACB_NO_AUTH_DATA_REQD		= 0x00080000,  /* 1 = No authorization data required */
+		ACB_PARTIAL_SECRETS_ACCOUNT	= 0x00100000,
+		ACB_USE_AES_KEYS		= 0x00200000
 	} samr_AcctFlags;
 
 	/* SAM server specific access rights */
@@ -116,6 +110,35 @@
 		SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP  = 0x00000400
 	} samr_UserAccessMask;
 
+	const int SAMR_USER_ACCESS_ALL_ACCESS = 0x000007FF;
+
+	const int GENERIC_RIGHTS_USER_ALL_ACCESS =
+		(STANDARD_RIGHTS_REQUIRED_ACCESS	|
+		 SAMR_USER_ACCESS_ALL_ACCESS);	/* 0x000f07ff */
+
+	const int GENERIC_RIGHTS_USER_READ =
+		(STANDARD_RIGHTS_READ_ACCESS		|
+		 SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP	|
+		 SAMR_USER_ACCESS_GET_GROUPS		|
+		 SAMR_USER_ACCESS_GET_ATTRIBUTES	|
+		 SAMR_USER_ACCESS_GET_LOGONINFO		|
+		 SAMR_USER_ACCESS_GET_LOCALE);	/* 0x0002031a */
+
+	const int GENERIC_RIGHTS_USER_WRITE =
+		(STANDARD_RIGHTS_WRITE_ACCESS		|
+		 SAMR_USER_ACCESS_CHANGE_PASSWORD	|
+		 SAMR_USER_ACCESS_SET_LOC_COM		|
+		 SAMR_USER_ACCESS_SET_ATTRIBUTES	|
+		 SAMR_USER_ACCESS_SET_PASSWORD		|
+		 SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP);	/* 0x000204e4 */
+
+	const int GENERIC_RIGHTS_USER_EXECUTE =
+		(STANDARD_RIGHTS_EXECUTE_ACCESS		|
+		 SAMR_USER_ACCESS_CHANGE_PASSWORD	|
+		 SAMR_USER_ACCESS_GET_NAME_ETC);	/* 0x00020041 */
+
+	/* Domain Object specific access rights */
+
 	typedef [bitmap32bit] bitmap {
 		SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1  = 0x00000001,
 		SAMR_DOMAIN_ACCESS_SET_INFO_1     = 0x00000002,
@@ -130,6 +153,34 @@
 		SAMR_DOMAIN_ACCESS_SET_INFO_3     = 0x00000400
 	} samr_DomainAccessMask;
 
+	const int SAMR_DOMAIN_ACCESS_ALL_ACCESS	= 0x000007FF;
+
+	const int GENERIC_RIGHTS_DOMAIN_ALL_ACCESS =
+		(STANDARD_RIGHTS_REQUIRED_ACCESS	|
+		 SAMR_DOMAIN_ACCESS_ALL_ACCESS);
+
+	const int GENERIC_RIGHTS_DOMAIN_READ =
+		(STANDARD_RIGHTS_READ_ACCESS		|
+		 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS	|
+		 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2);
+
+	const int GENERIC_RIGHTS_DOMAIN_WRITE =
+		(STANDARD_RIGHTS_WRITE_ACCESS		|
+		 SAMR_DOMAIN_ACCESS_SET_INFO_3		|
+		 SAMR_DOMAIN_ACCESS_CREATE_ALIAS	|
+		 SAMR_DOMAIN_ACCESS_CREATE_GROUP	|
+		 SAMR_DOMAIN_ACCESS_CREATE_USER		|
+		 SAMR_DOMAIN_ACCESS_SET_INFO_2		|
+		 SAMR_DOMAIN_ACCESS_SET_INFO_1);
+
+	const int GENERIC_RIGHTS_DOMAIN_EXECUTE =
+		(STANDARD_RIGHTS_EXECUTE_ACCESS		|
+		 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT	|
+		 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS	|
+		 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1);
+
+	/* Group Object specific access rights */
+
 	typedef [bitmap32bit] bitmap {
 		SAMR_GROUP_ACCESS_LOOKUP_INFO     = 0x00000001,
 		SAMR_GROUP_ACCESS_SET_INFO        = 0x00000002,
@@ -137,13 +188,28 @@
 		SAMR_GROUP_ACCESS_REMOVE_MEMBER   = 0x00000008,
 		SAMR_GROUP_ACCESS_GET_MEMBERS     = 0x00000010
 	} samr_GroupAccessMask;
-	/* these bits are invalid and return ACCESS_DENIED */
-	const int SAMR_GROUP_ACCESS_MASK_INVALID  = 0x0000ffe0; 
-	/* generic access */
-	const int SAMR_GROUP_ACCESS_ALL_ACCESS	  = 0x000f001f;
-	const int SAMR_GROUP_ACCESS_ALL_READ	  = 0x00020010;
-	const int SAMR_GROUP_ACCESS_ALL_WRITE	  = 0x0002000e;
-	const int SAMR_GROUP_ACCESS_ALL_EXECUTE	  = 0x00020001;
+
+	const int SAMR_GROUP_ACCESS_ALL_ACCESS = 0x0000001F;
+
+	const int GENERIC_RIGHTS_GROUP_ALL_ACCESS =
+		(STANDARD_RIGHTS_REQUIRED_ACCESS	|
+		 SAMR_GROUP_ACCESS_ALL_ACCESS);	/* 0x000f001f */
+
+	const int GENERIC_RIGHTS_GROUP_READ =
+		(STANDARD_RIGHTS_READ_ACCESS		|
+		 SAMR_GROUP_ACCESS_GET_MEMBERS);	/* 0x00020010 */
+
+	const int GENERIC_RIGHTS_GROUP_WRITE =
+		(STANDARD_RIGHTS_WRITE_ACCESS		|
+		 SAMR_GROUP_ACCESS_REMOVE_MEMBER	|
+		 SAMR_GROUP_ACCESS_ADD_MEMBER		|
+		 SAMR_GROUP_ACCESS_SET_INFO);	/* 0x0002000e */
+
+	const int GENERIC_RIGHTS_GROUP_EXECUTE =
+		(STANDARD_RIGHTS_EXECUTE_ACCESS		|
+		 SAMR_GROUP_ACCESS_LOOKUP_INFO);	/* 0x00020001 */
+
+	/* Alias Object specific access rights */
 
 	typedef [bitmap32bit] bitmap {
 		SAMR_ALIAS_ACCESS_ADD_MEMBER      = 0x00000001,
@@ -153,6 +219,26 @@
 		SAMR_ALIAS_ACCESS_SET_INFO        = 0x00000010
 	} samr_AliasAccessMask;
 
+	const int SAMR_ALIAS_ACCESS_ALL_ACCESS = 0x0000001F;
+
+	const int GENERIC_RIGHTS_ALIAS_ALL_ACCESS =
+		(STANDARD_RIGHTS_REQUIRED_ACCESS	|
+		 SAMR_ALIAS_ACCESS_ALL_ACCESS);	/* 0x000f001f */
+
+	const int GENERIC_RIGHTS_ALIAS_READ =
+		(STANDARD_RIGHTS_READ_ACCESS		|
+		 SAMR_ALIAS_ACCESS_GET_MEMBERS);	/* 0x00020004 */
+
+	const int GENERIC_RIGHTS_ALIAS_WRITE =
+		(STANDARD_RIGHTS_WRITE_ACCESS		|
+		 SAMR_ALIAS_ACCESS_REMOVE_MEMBER	|
+		 SAMR_ALIAS_ACCESS_ADD_MEMBER		|
+		 SAMR_ALIAS_ACCESS_SET_INFO);	/* 0x00020013 */
+
+	const int GENERIC_RIGHTS_ALIAS_EXECUTE =
+		(STANDARD_RIGHTS_EXECUTE_ACCESS		|
+		 SAMR_ALIAS_ACCESS_LOOKUP_INFO);	/* 0x00020008 */
+
 	/******************/
 	/* Function: 0x00 */
 	NTSTATUS samr_Connect (
@@ -279,7 +365,7 @@
 		DOMAIN_SERVER_DISABLED = 2
 	} samr_DomainServerState;
 
-	typedef struct {
+	typedef [public] struct {
 		uint16 min_password_length;
 		uint16 password_history_length;
 		samr_PasswordProperties password_properties;
@@ -473,7 +559,7 @@
 	[public] NTSTATUS samr_LookupNames(
 		[in,ref]      policy_handle *domain_handle,
 		[in,range(0,1000)] uint32 num_names,
-		[in,size_is(1000),length_is(num_names),ref] lsa_String *names,
+		[in,size_is(1000),length_is(num_names)] lsa_String names[],
 		[out,ref]     samr_Ids *rids,
 		[out,ref]     samr_Ids *types
 		);
@@ -722,7 +808,9 @@
 		UserInternal4Information	= 23,
 		UserInternal5Information	= 24,
 		UserInternal4InformationNew	= 25,
-		UserInternal5InformationNew	= 26
+		UserInternal5InformationNew	= 26,
+		UserInternal7InformationNew	= 31,
+		UserInternal8InformationNew	= 32
 	} samr_UserInfoLevel;
 
 	typedef struct {
@@ -735,7 +823,7 @@
 
 	typedef struct {
 		lsa_String comment;
-		lsa_String unknown; /* settable, but doesn't stick. probably obsolete */
+		lsa_String reserved; /* settable, but doesn't stick. probably obsolete */
 		uint16 country_code;
 		uint16 code_page;
 	} samr_UserInfo2;
@@ -851,7 +939,7 @@
 	} samr_UserInfo18;
 
 	typedef struct {
-		lsa_String parameters;
+		lsa_BinaryString parameters;
 	} samr_UserInfo20;
 
 	/* this defines the bits used for fields_present in info21 */
@@ -908,10 +996,10 @@
 		lsa_String description;
 		lsa_String workstations;
 		lsa_String comment;
-		lsa_String parameters;
-		lsa_String lm_password;
-		lsa_String nt_password;
-		lsa_String private;
+		lsa_BinaryString parameters;
+		lsa_BinaryString lm_owf_password;
+		lsa_BinaryString nt_owf_password;
+		lsa_String private_data;
 		uint32 buf_count;
 		[size_is(buf_count)] uint8 *buffer;
 		uint32 rid;
@@ -926,7 +1014,7 @@
 		uint8  lm_password_set;
 		uint8  nt_password_set;
 		uint8  password_expired;
-		uint8  unknown4;
+		uint8  private_data_sensitive;
 	} samr_UserInfo21;
 
 	typedef [public, flag(NDR_PAHEX)] struct {
@@ -957,6 +1045,24 @@
 		uint8 password_expired;
 	} samr_UserInfo26;
 
+	typedef struct {
+		uint8 auth_data[64];
+		uint8 salt[16];
+		uint32 cipher_len;
+		[size_is(cipher_len)] uint8 *cipher;
+		hyper PBKDF2Iterations;
+	} samr_EncryptedPasswordAES;
+
+	typedef struct {
+		samr_EncryptedPasswordAES password;
+		uint8 password_expired;
+	} samr_UserInfo31;
+
+	typedef struct {
+		samr_UserInfo21 info;
+		samr_EncryptedPasswordAES password;
+	} samr_UserInfo32;
+
 	typedef [switch_type(uint16)] union {
 		[case(1)] samr_UserInfo1 info1;
 		[case(2)] samr_UserInfo2 info2;
@@ -981,6 +1087,8 @@
 		[case(24)] samr_UserInfo24 info24;
 		[case(25)] samr_UserInfo25 info25;
 		[case(26)] samr_UserInfo26 info26;
+		[case(31)] samr_UserInfo31 info31;
+		[case(32)] samr_UserInfo32 info32;
 	} samr_UserInfo;
 
 	[public] NTSTATUS samr_QueryUserInfo(
@@ -1375,13 +1483,24 @@
 	/************************/
 	/* Function    0x3f     */
 
+	typedef [public,v1_enum] enum {
+		SAM_PWD_CHANGE_NO_ERROR             = 0,
+		SAM_PWD_CHANGE_PASSWORD_TOO_SHORT   = 1,
+		SAM_PWD_CHANGE_PWD_IN_HISTORY       = 2,
+		SAM_PWD_CHANGE_USERNAME_IN_PASSWORD = 3,
+		SAM_PWD_CHANGE_FULLNAME_IN_PASSWORD = 4,
+		SAM_PWD_CHANGE_NOT_COMPLEX          = 5,
+		SAM_PWD_CHANGE_MACHINE_NOT_DEFAULT  = 6,
+		SAM_PWD_CHANGE_FAILED_BY_FILTER     = 7,
+		SAM_PWD_CHANGE_PASSWORD_TOO_LONG    = 8
+	} samPwdChangeReason;
+
 	typedef struct {
-		samr_RejectReason reason;
-		uint32 unknown1;
-		uint32 unknown2;
-	} samr_ChangeReject;
+		samPwdChangeReason extendedFailureReason;
+		lsa_String filterModuleName;
+	} userPwdChangeFailureInformation;
 
-	NTSTATUS samr_ChangePasswordUser3(
+	[public] NTSTATUS samr_ChangePasswordUser3(
 		[in,unique]       lsa_String *server,
 		[in,ref]          lsa_String *account,
 		[in,unique]       samr_CryptPassword *nt_password,
@@ -1391,15 +1510,22 @@
 		[in,unique]       samr_Password *lm_verifier,
 		[in,unique]       samr_CryptPassword *password3,
 		[out,ref]         samr_DomInfo1 **dominfo,
-		[out,ref]         samr_ChangeReject **reject
+		[out,ref]         userPwdChangeFailureInformation **reject
 		);
 
 	/************************/
 	/* Function    0x40      */
 
+	typedef [v1_enum] enum {
+		SAMR_CONNECT_FEATURE_RID_ONLY = 0x00000001,
+		SAMR_CONNECT_FEATURE_RESRVED1 = 0x00000002,
+		SAMR_CONNECT_FEATURE_RESRVED2 = 0x00000004,
+		SAMR_CONNECT_FEATURE_USE_AES  = 0x00000010
+	} samr_SupportedFeatures;
+
 	typedef struct {
 		samr_ConnectVersion client_version; /* w2k3 gives 3 */
-		uint32         unknown2; /* w2k3 gives 0 */
+		samr_SupportedFeatures supported_features;
 	} samr_ConnectInfo1;
 
 	typedef union {
@@ -1539,4 +1665,38 @@
 		[in,switch_is(level)] samr_ValidatePasswordReq *req,
 		[out,ref,switch_is(level)] samr_ValidatePasswordRep **rep
 		);
+
+	/************************/
+	/* Function    0x44     */
+	/************************/
+	[todo] void samr_Opnum68NotUsedOnWire(void);
+
+	/************************/
+	/* Function    0x45     */
+	/************************/
+	[todo] void samr_Opnum69NotUsedOnWire(void);
+
+	/************************/
+	/* Function    0x46     */
+	/************************/
+	[todo] void samr_Opnum70NotUsedOnWire(void);
+
+	/************************/
+	/* Function    0x47     */
+	/************************/
+	[todo] void samr_Opnum71NotUsedOnWire(void);
+
+	/************************/
+	/* Function    0x48     */
+	/************************/
+	[todo] void samr_Opnum72NotUsedOnWire(void);
+
+	/************************/
+	/* Function    0x49     */
+	/************************/
+	[public] NTSTATUS samr_ChangePasswordUser4(
+		[in,unique] lsa_String *server,
+		[in,ref]    lsa_String *account,
+		[in,ref]    samr_EncryptedPasswordAES *password
+		);
 }
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-09-19 04:14:33 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-09-19 04:14:33 +0000
commit	9f153fbfec0fb9c9ce38e749a7c6f4a5e115d4e9 (patch)
tree	2784370cda9bbf2da9114d70f05399c0b229d28c /epan/dissectors/pidl/samr
parent	Adding debian version 4.2.6-1. (diff)
download	wireshark-9f153fbfec0fb9c9ce38e749a7c6f4a5e115d4e9.tar.xz wireshark-9f153fbfec0fb9c9ce38e749a7c6f4a5e115d4e9.zip