diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-09-19 04:14:53 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-09-19 04:14:53 +0000 |
| commit | a86c5f7cae7ec9a3398300555a0b644689d946a1 (patch) | |
| tree | 39fe4b107c71174fd1e8a8ceb9a4d2aa14116248 /epan/dissectors/pidl | |
| parent | Releasing progress-linux version 4.2.6-1~progress7.99u1. (diff) | |
| download | wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.tar.xz wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.zip | |
Merging upstream version 4.4.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'epan/dissectors/pidl')
35 files changed, 2044 insertions, 757 deletions
diff --git a/epan/dissectors/pidl/CMakeLists.txt b/epan/dissectors/pidl/CMakeLists.txt index 2e4dc7ba..556f6622 100644 --- a/epan/dissectors/pidl/CMakeLists.txt +++ b/epan/dissectors/pidl/CMakeLists.txt @@ -7,12 +7,12 @@ # SPDX-License-Identifier: GPL-2.0-or-later # -# TODO fix srvsvc wkssvc set(PIDL_DISSECTOR_NAMES atsvc + browser clusapi - dfs dnsserver + dfs drsuapi dssetup efs @@ -22,6 +22,9 @@ set(PIDL_DISSECTOR_NAMES fsrvp initshutdown iwbemlevel1login + iwbemloginclientid + iwbemloginclientidex + iwbemservices lsa mapi mdssvc @@ -29,20 +32,45 @@ set(PIDL_DISSECTOR_NAMES nspi rfr samr - #srvsvc + srvsvc svcctl winreg winspool witness - #wkssvc + wkssvc wzcsvc ) +# +# These can give some (not-fatal) errors building from source: +# +# dnsserver - "dnsserver.idl:159: error: Inline arrays not supported" +# eventlog - "eventlog.idl:54: error: Inline arrays not supported" +# nspi - "nspi.idl:154: error: Syntax error near '/'" +# mapi - includes nspi.idl, so it gets the above error +# winspool - we have a hand-written spoolss dissector we use instead of spoolss.idl +# +# XXX - the "Syntax error near '/'" errors show up if cpp doesn't strip +# C99/C++ comments and the file in question - nspi.idl - contains +# C99/C++ comments, because the parser runs cpp, by default, to strip +# comments and proccess #includes. Those errors may cause +# packet-dcerpc-nspi.c, and possibly packet-dcerpc-mapi.c not to be +# generated. GCC's cpp appears to strip them by default, but Xcode's +# cpp, at least as of Xcode 15.2, does not - cc -E does, however, +# strip them. (Both of them strip "classic C" /* ... */ comments.) +# + +set(PIDL_DISSECTOR_browser_EXTRA_DEPS + srvsvc/srvsvc.idl +) set(PIDL_DISSECTOR_clusapi_EXTRA_DEPS - clusapi/clusapi.idl + winreg/winreg.idl + misc/misc.idl ) set(PIDL_DISSECTOR_drsuapi_EXTRA_DEPS misc/misc.idl + lsa/lsa.idl + samr/samr.idl ) set(PIDL_DISSECTOR_dssetup_EXTRA_DEPS misc/misc.idl @@ -68,11 +96,21 @@ set(PIDL_DISSECTOR_initshutdown_EXTRA_DEPS set(PIDL_DISSECTOR_iwbemlevel1login_EXTRA_DEPS idl_types.h ) +set(PIDL_DISSECTOR_iwbemloginclientid_EXTRA_DEPS + idl_types.h +) +set(PIDL_DISSECTOR_iwbemloginclientidex_EXTRA_DEPS + idl_types.h +) +set(PIDL_DISSECTOR_iwbemservices_EXTRA_DEPS + idl_types.h +) set(PIDL_DISSECTOR_lsa_EXTRA_DEPS idl_types.h ) set(PIDL_DISSECTOR_mapi_EXTRA_DEPS idl_types.h + nspi/nspi.idl mapicodes_enum.h mapitags_enum.h ) @@ -93,6 +131,8 @@ set(PIDL_DISSECTOR_rfr_EXTRA_DEPS ) set(PIDL_DISSECTOR_samr_EXTRA_DEPS idl_types.h + misc/misc.idl + lsa/lsa.idl ) set(PIDL_DISSECTOR_srvsvc_EXTRA_DEPS idl_types.h @@ -103,6 +143,9 @@ set(PIDL_DISSECTOR_winreg_EXTRA_DEPS set(PIDL_DISSECTOR_winspool_EXTRA_DEPS idl_types.h misc/misc.idl + winreg/winreg.idl + # Wireshark supplies the spoolss elements through a hand-written dissector + #spoolss/spoolss.idl ) set(PIDL_DISSECTOR_witness_EXTRA_DEPS misc/misc.idl @@ -117,13 +160,32 @@ set(PIDL_DISSECTOR_wkssvc_EXTRA_DEPS set(PIDL_DISSECTOR_TARGETS) foreach(PROTOCOL_NAME IN LISTS PIDL_DISSECTOR_NAMES) + # + # Construct, from the list of extra dependencies for + # this dissector, a list of --includedir options + # for all the directories in which those dependencies + # reside. We add --includedir .. for all targets. + # + set(INCLUDE_DIRS "") + list(APPEND INCLUDE_DIRS --includedir ..) + foreach(DEPENDENCY in ${PIDL_DISSECTOR_${PROTOCOL_NAME}_EXTRA_DEPS}) + get_filename_component(PARENT_DIR ${DEPENDENCY} DIRECTORY) + if (NOT PARENT_DIR STREQUAL "") + list(APPEND INCLUDE_DIRS --includedir ../${PARENT_DIR}) + endif() + endforeach() + # + # COMMAND_EXPAND_LISTS is required to cause the list + # INCLUDE_DIRS to be expanded into a set of individual + # arguments to the pidl command. + # add_custom_command( OUTPUT packet-dcerpc-${PROTOCOL_NAME}-stamp COMMAND "${PERL_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/tools/pidl/pidl" --ws-parser --outputdir ../.. - --includedir .. + ${INCLUDE_DIRS} -- ${PROTOCOL_NAME}.idl COMMAND @@ -132,10 +194,12 @@ foreach(PROTOCOL_NAME IN LISTS PIDL_DISSECTOR_NAMES) WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/${PROTOCOL_NAME}" DEPENDS "${CMAKE_SOURCE_DIR}/tools/pidl/pidl" + "${CMAKE_SOURCE_DIR}/tools/pidl/lib/Parse/Pidl/Wireshark/NDR.pm" ${PROTOCOL_NAME}/${PROTOCOL_NAME}.idl ${PROTOCOL_NAME}/${PROTOCOL_NAME}.cnf ${PIDL_DISSECTOR_${PROTOCOL_NAME}_EXTRA_DEPS} VERBATIM + COMMAND_EXPAND_LISTS ) add_custom_target(generate_dissector-dcerpc-${PROTOCOL_NAME} DEPENDS packet-dcerpc-${PROTOCOL_NAME}-stamp diff --git a/epan/dissectors/pidl/Makefile.pidl b/epan/dissectors/pidl/Makefile.pidl index 458c4de4..ae130010 100644 --- a/epan/dissectors/pidl/Makefile.pidl +++ b/epan/dissectors/pidl/Makefile.pidl @@ -36,6 +36,9 @@ SUBDIRS = \ fsrvp \ initshutdown \ iwbemlevel1login \ + iwbemloginclientid \ + iwbemloginclientidex \ + iwbemservices \ lsa \ mapi \ mdssvc \ @@ -116,6 +119,24 @@ $(SUBDIRS) $(DONT_BUILD_SUBDIRS): %: ../packet-dcerpc-%.c ../packet-dcerpc-%.h idl_types.h cd $(<D) && $(PIDL) $(pidl_out) $(pidl_inc) -- $(<F) +../packet-dcerpc-iwbemloginclientid.c \ +../packet-dcerpc-iwbemloginclientid.h: iwbemloginclientid/iwbemloginclientid.idl \ + iwbemloginclientid/iwbemloginclientid.cnf \ + idl_types.h + cd $(<D) && $(PIDL) $(pidl_out) $(pidl_inc) -- $(<F) + +../packet-dcerpc-iwbemloginclientidex.c \ +../packet-dcerpc-iwbemloginclientidex.h: iwbemloginclientidex/iwbemloginclientidex.idl \ + iwbemloginclientidex/iwbemloginclientidex.cnf \ + idl_types.h + cd $(<D) && $(PIDL) $(pidl_out) $(pidl_inc) -- $(<F) + +../packet-dcerpc-iwbemservices.c \ +../packet-dcerpc-iwbemservices.h: iwbemservices/iwbemservices.idl \ + iwbemservices/iwbemservices.cnf \ + idl_types.h + cd $(<D) && $(PIDL) $(pidl_out) $(pidl_inc) -- $(<F) + ../packet-dcerpc-lsa.c \ ../packet-dcerpc-lsa.h: lsa/lsa.idl lsa/lsa.cnf idl_types.h cd $(<D) && $(PIDL) $(pidl_out) $(pidl_inc) -- $(<F) diff --git a/epan/dissectors/pidl/README b/epan/dissectors/pidl/README index d9677b70..614b660d 100644 --- a/epan/dissectors/pidl/README +++ b/epan/dissectors/pidl/README @@ -27,6 +27,9 @@ The following files: ../packet-dcerpc-frstrans.h ../packet-dcerpc-initshutdown.h ../packet-dcerpc-iwbemlevel1login.h +../packet-dcerpc-iwbemloginclientid.h +../packet-dcerpc-iwbemloginclientidex.h +../packet-dcerpc-iwbemservices.h ../packet-dcerpc-lsa.h ../packet-dcerpc-mapi.h ../packet-dcerpc-misc.h @@ -99,9 +102,19 @@ and compiling: pidl complains that inline arrays aren't supported for these: - dnsserver.idl - eventlog.idl + dnsserver/dnsserver.idl + eventlog/eventlog.idl + +pidl complains about a syntax error due to a line commented out with a +// comment for these: + + nspi/nspi.idl pidl generates possibly-incorrect code for these - this needs checking: rfr/rfr.idl + +pidl complains about not being able to open include files for these: + + samr/samr.idl + winspool/winspool.idl diff --git a/epan/dissectors/pidl/browser/browser.cnf b/epan/dissectors/pidl/browser/browser.cnf new file mode 100644 index 00000000..e35c861a --- /dev/null +++ b/epan/dissectors/pidl/browser/browser.cnf @@ -0,0 +1,8 @@ +# Conformance file for Browser + +# Avoid conflict with SMB Browser +PROTOCOL browser "RPC Browser" "RPC_BROWSER" "rpc_browser" + +IMPORT srvsvc_NetSrvInfo100 offset = srvsvc_dissect_struct_NetSrvInfo100(tvb, offset, pinfo, tree, di, drep, hf_browser_BrowserrSrvInfo100Ctr_entries, 0); + +IMPORT srvsvc_NetSrvInfo101 offset = srvsvc_dissect_struct_NetSrvInfo101(tvb, offset, pinfo, tree, di, drep, hf_browser_BrowserrSrvInfo100Ctr_entries, 0); diff --git a/epan/dissectors/pidl/browser/browser.idl b/epan/dissectors/pidl/browser/browser.idl new file mode 100644 index 00000000..e2d1a2df --- /dev/null +++ b/epan/dissectors/pidl/browser/browser.idl @@ -0,0 +1,194 @@ +import "srvsvc.idl"; + +[ + uuid("6bffd098-a112-3610-9833-012892020162"), + version(0.0), + helpstring("Browsing"), + pointer_default(unique), + endpoint("ncacn_np:[\\pipe\\browser]", "ncacn_ip_tcp:", "ncalrpc:") +] interface browser +{ + + /******************/ + /* Function 0x00 */ + + WERROR BrowserrServerEnum( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in,unique] [string,charset(UTF16)] uint16 *unknown2, + [in,unique] [string,charset(UTF16)] uint16 *unknown3, + [in,out,ref] BrowserrSrvInfo *info, + [in] long unknown4, + [out] long *unknown5, + [in] long unknown6, + [in,unique] [string,charset(UTF16)] uint16 *unknown7, + [in,out] [unique] long *unknown8 + ); + + /******************/ + /* Function 0x01 */ + + WERROR BrowserrDebugCall( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in] long unknown2, + [in] long unknown3 + ); + + /******************/ + /* Function 0x02 */ + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] srvsvc_NetSrvInfo100 *entries; + } BrowserrSrvInfo100Ctr; + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] srvsvc_NetSrvInfo101 *entries; + } BrowserrSrvInfo101Ctr; + + typedef [switch_type(uint32)] union { + [case(100)] [unique] BrowserrSrvInfo100Ctr *info100; + [case(101)] [unique] BrowserrSrvInfo101Ctr *info101; + [default] ; + } BrowserrSrvInfoUnion; + + typedef struct { + uint32 level; + [switch_is(level)] BrowserrSrvInfoUnion info; + } BrowserrSrvInfo; + + WERROR BrowserrQueryOtherDomains( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,out,ref] BrowserrSrvInfo *info, + [out,ref] uint32 *total_entries + ); + + /******************/ + /* Function 0x03 */ + + WERROR BrowserrResetNetlogonState( + [in,unique] [string,charset(UTF16)] uint16 *unknown + ); + + /******************/ + /* Function 0x04 */ + + WERROR BrowserrDebugTrace( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in] [string] char *unknown2 + ); + + /******************/ + /* Function 0x05 */ + + typedef struct { + hyper unknown; + } TYPE_1; + + typedef struct { + TYPE_1 unknown1; + TYPE_1 unknown2; + TYPE_1 unknown3; + long unknown4; + long unknown5; + long unknown6; + long unknown7; + long unknown8; + long unknown9; + long unknown10; + long unknown11; + long unknown12; + long unknown13; + long unknown14; + long unknown15; + long unknown16; + long unknown17; + long unknown18; + TYPE_1 unknown19; + } TYPE_2; + + WERROR BrowserrQueryStatistics( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [out] [ref] TYPE_2 **unknown2 + ); + + /******************/ + /* Function 0x06 */ + + WERROR BrowserrResetStatistics( + [in,unique] [string,charset(UTF16)] uint16 *unknown + ); + + /******************/ + /* Function 0x07 */ + + WERROR NetrBrowserStatisticsClear( + [in,unique] [string,charset(UTF16)] uint16 *unknown + ); + + typedef struct { + TYPE_1 unknown1; + TYPE_1 unknown2; + TYPE_1 unknown3; + long unknown4; + long unknown5; + long unknown6; + TYPE_1 unknown7; + long unknown8; + long unknown9; + long unknown10; + long unknown11; + long unknown12; + long unknown13; + long unknown14; + long unknown15; + long unknown16; + } TYPE_3; + + /******************/ + /* Function 0x08 */ + + WERROR NetrBrowserStatisticsGet( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in] long unknown2, + [in,out] [ref] BrowserrSrvInfo *unknown3 + ); + + /******************/ + /* Function 0x09 */ + + WERROR BrowserrSetNetlogonState( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in,ref] [string,charset(UTF16)] uint16 *unknown2, + [in,unique] [string,charset(UTF16)] uint16 *unknown3, + [in] long unknown4 + ); + + /******************/ + /* Function 0x0a */ + + typedef struct { + long unknown1; + [size_is(unknown82)] [unique] uint8 *unknown2; + } TYPE_4; + + WERROR BrowserrQueryEmulatedDomains( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in,out] [ref] TYPE_4 *unknown2 + ); + + /******************/ + /* Function 0x0b */ + + WERROR BrowserrServerEnumEx( + [in,unique] [string,charset(UTF16)] uint16 *unknown1, + [in,unique] [string,charset(UTF16)] uint16 *unknown2, + [in,unique] [string,charset(UTF16)] uint16 *unknown3, + [in,out,ref] BrowserrSrvInfo *info, + [in] long unknown4, + [out] long *unknown5, + [in] long unknown6, + [in,unique] [string,charset(UTF16)] uint16 *unknown7, + [in,unique] [string,charset(UTF16)] uint16 *unknown8 + ); +} diff --git a/epan/dissectors/pidl/clusapi/clusapi.cnf b/epan/dissectors/pidl/clusapi/clusapi.cnf index 2a413e91..9f254fc7 100644 --- a/epan/dissectors/pidl/clusapi/clusapi.cnf +++ b/epan/dissectors/pidl/clusapi/clusapi.cnf @@ -7,12 +7,12 @@ TYPE winreg_AccessMask "offset = winreg_dissect_bitmap_AccessMask(tvb, offset, p #CODE START # #int -#clusapi_dissect_struct_PROPERTY_LIST(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +#clusapi_dissect_struct_PROPERTY_LIST(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) #{ # proto_item *item = NULL; # proto_tree *tree = NULL; # int old_offset; -# guint32 i, count; +# uint32_t i, count; # # ALIGN_TO_4_BYTES; # diff --git a/epan/dissectors/pidl/dnsserver/dnsserver.cnf b/epan/dissectors/pidl/dnsserver/dnsserver.cnf index ab89c333..29032784 100644 --- a/epan/dissectors/pidl/dnsserver/dnsserver.cnf +++ b/epan/dissectors/pidl/dnsserver/dnsserver.cnf @@ -19,12 +19,12 @@ NOEMIT dnsserver_dissect_element_DNS_RPC_NAME_Name_ CODE START int -dnsserver_dissect_struct_DNS_RPC_NAME(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +dnsserver_dissect_struct_DNS_RPC_NAME(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; - guint8 len; + uint8_t len; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -36,7 +36,7 @@ dnsserver_dissect_struct_DNS_RPC_NAME(tvbuff_t *tvb _U_, int offset _U_, packet_ old_offset = offset; if (parent_tree) { - item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE); + item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_dnsserver_DNS_RPC_NAME); } @@ -51,10 +51,10 @@ dnsserver_dissect_struct_DNS_RPC_NAME(tvbuff_t *tvb _U_, int offset _U_, packet_ } -static guint16 node_record_count; +static uint16_t node_record_count; static int -dnsserver_dissect_element_DNS_RPC_NODE_RecordCount(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +dnsserver_dissect_element_DNS_RPC_NODE_RecordCount(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -67,7 +67,7 @@ dnsserver_dissect_element_DNS_RPC_NODE_RecordCount(tvbuff_t *tvb _U_, int offset } static int -dnsserver_dissect_element_DNS_RPC_NODE_records(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +dnsserver_dissect_element_DNS_RPC_NODE_records(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ diff --git a/epan/dissectors/pidl/drsuapi/drsuapi.cnf b/epan/dissectors/pidl/drsuapi/drsuapi.cnf index 305e6907..b94b10e0 100644 --- a/epan/dissectors/pidl/drsuapi/drsuapi.cnf +++ b/epan/dissectors/pidl/drsuapi/drsuapi.cnf @@ -16,7 +16,7 @@ TYPE lsa_String "offset=dissect_ndr_counted_string(tvb, offset, pinfo, tree, di, CODE START static int -drsuapi_dissect_element_DsBindInfoCtr_length(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, guint3264 *length _U_) +drsuapi_dissect_element_DsBindInfoCtr_length(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, uint3264_t *length _U_) { offset = dissect_ndr_uint3264(tvb, offset, pinfo, tree, di, drep, hf_drsuapi_drsuapi_DsBindInfoCtr_length, NULL); @@ -24,22 +24,22 @@ drsuapi_dissect_element_DsBindInfoCtr_length(tvbuff_t *tvb _U_, int offset _U_, } static int -drsuapi_dissect_DsBindInfo(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_); +drsuapi_dissect_DsBindInfo(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_); static int -drsuapi_dissect_element_DsBindInfoCtr_info(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, guint3264 *length) +drsuapi_dissect_element_DsBindInfoCtr_info(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, uint3264_t *length) { if(di->conformant_run){ return offset; } - offset = drsuapi_dissect_DsBindInfo(tvb, offset, pinfo, tree, di, drep, hf_drsuapi_drsuapi_DsBindInfoCtr_info, (guint32)*length); + offset = drsuapi_dissect_DsBindInfo(tvb, offset, pinfo, tree, di, drep, hf_drsuapi_drsuapi_DsBindInfoCtr_info, (uint32_t)*length); return offset; } static int -drsuapi_dissect_DsNameCtr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_); +drsuapi_dissect_DsNameCtr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_); static int -drsuapi_dissect_element_DsCrackNames_ctr_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +drsuapi_dissect_element_DsCrackNames_ctr_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { ALIGN_TO_5_BYTES; offset = drsuapi_dissect_DsNameCtr(tvb, offset, pinfo, tree, di, drep, hf_drsuapi_drsuapi_DsCrackNames_ctr, 0); @@ -48,7 +48,7 @@ drsuapi_dissect_element_DsCrackNames_ctr_(tvbuff_t *tvb _U_, int offset _U_, pac } static int -drsuapi_dissect_element_DsAddEntry_AttrErrListItem_V1_next_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +drsuapi_dissect_element_DsAddEntry_AttrErrListItem_V1_next_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = drsuapi_dissect_struct_DsAddEntry_AttrErrListItem_V1(tvb,offset,pinfo,tree,di,drep,hf_drsuapi_drsuapi_DsAddEntry_AttrErrListItem_V1_next,0); @@ -56,7 +56,7 @@ drsuapi_dissect_element_DsAddEntry_AttrErrListItem_V1_next_(tvbuff_t *tvb _U_, i } static int -drsuapi_dissect_element_DsReplicaObjectListItemEx_next_object_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +drsuapi_dissect_element_DsReplicaObjectListItemEx_next_object_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = drsuapi_dissect_struct_DsReplicaObjectListItemEx(tvb,offset,pinfo,tree,di,drep,hf_drsuapi_drsuapi_DsGetNCChangesCtr1_first_object,0); @@ -64,7 +64,7 @@ drsuapi_dissect_element_DsReplicaObjectListItemEx_next_object_(tvbuff_t *tvb _U_ } static int -drsuapi_dissect_element_DsReplicaObjectListItem_next_object_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +drsuapi_dissect_element_DsReplicaObjectListItem_next_object_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = drsuapi_dissect_struct_DsReplicaObjectListItem(tvb,offset,pinfo,tree,di,drep,hf_drsuapi_drsuapi_DsAddEntryRequest2_first_object,0); @@ -72,7 +72,7 @@ drsuapi_dissect_element_DsReplicaObjectListItem_next_object_(tvbuff_t *tvb _U_, } static int -drsuapi_dissect_element_DsaAddressListItem_V1_next_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +drsuapi_dissect_element_DsaAddressListItem_V1_next_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = drsuapi_dissect_struct_DsaAddressListItem_V1(tvb,offset,pinfo,tree,di,drep,hf_drsuapi_drsuapi_DsAddEntry_RefErrListItem_V1_addr_list,0); @@ -80,7 +80,7 @@ drsuapi_dissect_element_DsaAddressListItem_V1_next_(tvbuff_t *tvb _U_, int offse } static int -drsuapi_dissect_element_DsAddEntry_RefErrListItem_V1_next_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +drsuapi_dissect_element_DsAddEntry_RefErrListItem_V1_next_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = drsuapi_dissect_struct_DsAddEntry_RefErrListItem_V1(tvb,offset,pinfo,tree,di,drep,hf_drsuapi_drsuapi_DsAddEntryErrorInfo_Referr_V1_refer,0); @@ -88,12 +88,12 @@ drsuapi_dissect_element_DsAddEntry_RefErrListItem_V1_next_(tvbuff_t *tvb _U_, in } static int -drsuapi_dissect_ReadNgcKeyReply(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +drsuapi_dissect_ReadNgcKeyReply(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; - guint32 level; + uint32_t level; ALIGN_TO_5_BYTES; diff --git a/epan/dissectors/pidl/efs/efs.cnf b/epan/dissectors/pidl/efs/efs.cnf index cac75869..377efde8 100644 --- a/epan/dissectors/pidl/efs/efs.cnf +++ b/epan/dissectors/pidl/efs/efs.cnf @@ -13,7 +13,7 @@ PARAM_VALUE efs_dissect_element_EfsRpcCloseRaw_pvContext_ PIDL_POLHND_CLOSE CODE START static int -efs_dissect_struct_dom_sid(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info* di, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +efs_dissect_struct_dom_sid(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info* di, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { if(di->conformant_run){ /* just a run to handle conformant arrays, no scalars to dissect */ diff --git a/epan/dissectors/pidl/eventlog/eventlog.cnf b/epan/dissectors/pidl/eventlog/eventlog.cnf index f9182117..12808379 100644 --- a/epan/dissectors/pidl/eventlog/eventlog.cnf +++ b/epan/dissectors/pidl/eventlog/eventlog.cnf @@ -36,9 +36,9 @@ TYPE lsa_String "offset=dissect_ndr_counted_string(tvb, offset, pinfo, tree, di, CODE START static int -eventlog_dissect_element_ReadEventLogW_data_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) +eventlog_dissect_element_ReadEventLogW_data_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) { - guint32 len; + uint32_t len; tvbuff_t *record_tvb; if(di->conformant_run){ @@ -54,7 +54,7 @@ eventlog_dissect_element_ReadEventLogW_data_(tvbuff_t *tvb, int offset, packet_i * NDR encoded at all and there are byte offsets into this buffer * encoded therein. */ - record_tvb=tvb_new_subset_length_caplen(tvb, offset, MIN((gint)len, tvb_captured_length_remaining(tvb, offset)), len); + record_tvb=tvb_new_subset_length_caplen(tvb, offset, MIN((int)len, tvb_captured_length_remaining(tvb, offset)), len); eventlog_dissect_struct_Record(record_tvb, 0, pinfo, tree, di, drep, hf_eventlog_Record, 0); offset+=len; @@ -64,9 +64,9 @@ eventlog_dissect_element_ReadEventLogW_data_(tvbuff_t *tvb, int offset, packet_i /* sid_length and sid_offset handled by manual code since this is not NDR and we want to dissect the sid from the data blob */ -static guint32 sid_length; +static uint32_t sid_length; static int -eventlog_dissect_element_Record_sid_length(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) +eventlog_dissect_element_Record_sid_length(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) { sid_length=0; offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_eventlog_eventlog_Record_sid_length,&sid_length); @@ -74,9 +74,9 @@ eventlog_dissect_element_Record_sid_length(tvbuff_t *tvb, int offset, packet_inf return offset; } static int -eventlog_dissect_element_Record_sid_offset(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) +eventlog_dissect_element_Record_sid_offset(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) { - guint32 sid_offset=0; + uint32_t sid_offset=0; offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_eventlog_eventlog_Record_sid_offset,&sid_offset); if(sid_offset && sid_length){ @@ -85,7 +85,7 @@ eventlog_dissect_element_Record_sid_offset(tvbuff_t *tvb, int offset, packet_inf /* this blob contains an NT SID. * tvb starts at the beginning of the record. */ - sid_tvb=tvb_new_subset_length_caplen(tvb, sid_offset, MIN((gint)sid_length, tvb_captured_length_remaining(tvb, offset)), sid_length); + sid_tvb=tvb_new_subset_length_caplen(tvb, sid_offset, MIN((int)sid_length, tvb_captured_length_remaining(tvb, offset)), sid_length); dissect_nt_sid(sid_tvb, 0, tree, "SID", NULL, -1); } @@ -93,9 +93,9 @@ eventlog_dissect_element_Record_sid_offset(tvbuff_t *tvb, int offset, packet_inf } static int -eventlog_dissect_element_Record_source_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info *di _U_, guint8 *drep _U_) +eventlog_dissect_element_Record_source_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info *di _U_, uint8_t *drep _U_) { - guint len; + unsigned len; len=tvb_unicode_strsize(tvb, offset); proto_tree_add_item(tree, hf_eventlog_Record_source_name, tvb, offset, len, ENC_UTF_16|ENC_LITTLE_ENDIAN); @@ -105,9 +105,9 @@ eventlog_dissect_element_Record_source_name(tvbuff_t *tvb, int offset, packet_in } static int -eventlog_dissect_element_Record_computer_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info *di _U_, guint8 *drep _U_) +eventlog_dissect_element_Record_computer_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info *di _U_, uint8_t *drep _U_) { - guint len; + unsigned len; len=tvb_unicode_strsize(tvb, offset); proto_tree_add_item(tree, hf_eventlog_Record_computer_name, tvb, offset, len, ENC_UTF_16|ENC_LITTLE_ENDIAN); @@ -116,10 +116,10 @@ eventlog_dissect_element_Record_computer_name(tvbuff_t *tvb, int offset, packet_ return offset; } -static guint16 num_of_strings; +static uint16_t num_of_strings; static int -eventlog_dissect_element_Record_num_of_strings(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) +eventlog_dissect_element_Record_num_of_strings(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) { num_of_strings=0; offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, di, drep, hf_eventlog_eventlog_Record_num_of_strings,&num_of_strings); @@ -127,10 +127,10 @@ eventlog_dissect_element_Record_num_of_strings(tvbuff_t *tvb, int offset, packet return offset; } -static guint32 string_offset; +static uint32_t string_offset; static int -eventlog_dissect_element_Record_stringoffset(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) +eventlog_dissect_element_Record_stringoffset(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) { string_offset=0; offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_eventlog_eventlog_Record_stringoffset,&string_offset); @@ -139,10 +139,10 @@ eventlog_dissect_element_Record_stringoffset(tvbuff_t *tvb, int offset, packet_i } static int -eventlog_dissect_element_Record_strings(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info *di _U_, guint8 *drep _U_) +eventlog_dissect_element_Record_strings(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info *di _U_, uint8_t *drep _U_) { while(string_offset && num_of_strings){ - guint len; + unsigned len; len=tvb_unicode_strsize(tvb, string_offset); proto_tree_add_item(tree, hf_eventlog_Record_string, tvb, string_offset, len, ENC_UTF_16|ENC_LITTLE_ENDIAN); diff --git a/epan/dissectors/pidl/eventlog/eventlog.idl b/epan/dissectors/pidl/eventlog/eventlog.idl index cef3c388..6cf68a7a 100644 --- a/epan/dissectors/pidl/eventlog/eventlog.idl +++ b/epan/dissectors/pidl/eventlog/eventlog.idl @@ -12,19 +12,19 @@ ] interface eventlog { typedef bitmap { - EVENTLOG_SEQUENTIAL_READ = 0x0001, - EVENTLOG_SEEK_READ = 0x0002, - EVENTLOG_FORWARDS_READ = 0x0004, - EVENTLOG_BACKWARDS_READ = 0x0008 + EVENTLOG_SEQUENTIAL_READ = 0x00000001, + EVENTLOG_SEEK_READ = 0x00000002, + EVENTLOG_FORWARDS_READ = 0x00000004, + EVENTLOG_BACKWARDS_READ = 0x00000008 } eventlogReadFlags; typedef bitmap { - EVENTLOG_SUCCESS = 0x0000, - EVENTLOG_ERROR_TYPE = 0x0001, - EVENTLOG_WARNING_TYPE = 0x0002, - EVENTLOG_INFORMATION_TYPE = 0x0004, - EVENTLOG_AUDIT_SUCCESS = 0x0008, - EVENTLOG_AUDIT_FAILURE = 0x0010 + EVENTLOG_SUCCESS = 0x00000000, + EVENTLOG_ERROR_TYPE = 0x00000001, + EVENTLOG_WARNING_TYPE = 0x00000002, + EVENTLOG_INFORMATION_TYPE = 0x00000004, + EVENTLOG_AUDIT_SUCCESS = 0x00000008, + EVENTLOG_AUDIT_FAILURE = 0x00000010 } eventlogEventTypes; typedef struct { @@ -208,7 +208,7 @@ /*****************/ /* Function 0x16 */ - NTSTATUS eventlog_GetLogIntormation( + NTSTATUS eventlog_GetLogInformation( [in] policy_handle *handle, [in] uint32 dwInfoLevel, [out] [size_is(cbBufSize)] char lpBuffer[*], diff --git a/epan/dissectors/pidl/frsrpc/frsrpc.cnf b/epan/dissectors/pidl/frsrpc/frsrpc.cnf index a0116f30..7af5a8af 100644 --- a/epan/dissectors/pidl/frsrpc/frsrpc.cnf +++ b/epan/dissectors/pidl/frsrpc/frsrpc.cnf @@ -12,12 +12,12 @@ MANUAL frsrpc_dissect_struct_CommPktChunk CODE START static int -frsrpc_dissect_element_CommPktChangeOrderCommand_file_name(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +frsrpc_dissect_element_CommPktChangeOrderCommand_file_name(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { int conformant = di->conformant_run; if (!conformant) { - guint32 soffset = dissect_null_term_wstring(tvb, offset, pinfo, tree, drep, hf_frsrpc_CommPktChangeOrderCommand_file_name, 0); + uint32_t soffset = dissect_null_term_wstring(tvb, offset, pinfo, tree, drep, hf_frsrpc_CommPktChangeOrderCommand_file_name, 0); /* The difference has to be 4 due to the uint16 of the length + null terminator utf16*/ DISSECTOR_ASSERT(soffset - offset < 261); offset += 261; @@ -27,9 +27,9 @@ frsrpc_dissect_element_CommPktChangeOrderCommand_file_name(tvbuff_t *tvb _U_, in } int -frsrpc_dissect_struct_CommPktChunk(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +frsrpc_dissect_struct_CommPktChunk(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { - guint1632 type = 0; + uint1632_t type = 0; int i = 0; const char *s = NULL; proto_item *item = NULL; @@ -40,7 +40,7 @@ frsrpc_dissect_struct_CommPktChunk(tvbuff_t *tvb _U_, int offset _U_, packet_inf old_offset = offset; if (parent_tree) { - item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE); + item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_frsrpc_frsrpc_CommPktChunk); } @@ -67,13 +67,13 @@ frsrpc_dissect_struct_CommPktChunk(tvbuff_t *tvb _U_, int offset _U_, packet_inf } int -frsrpc_dissect_enum_CommPktCommand(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_) +frsrpc_dissect_enum_CommPktCommand(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_, int hf_index _U_, uint32_t *param _U_) { - guint32 parameter=0; + uint32_t parameter=0; int i = 0; const char *s = NULL; if(param){ - parameter=(guint32)*param; + parameter=(uint32_t)*param; } offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_index, ¶meter); @@ -87,20 +87,20 @@ frsrpc_dissect_enum_CommPktCommand(tvbuff_t *tvb _U_, int offset _U_, packet_inf s); if(param){ - *param=(guint32)parameter; + *param=(uint32_t)parameter; } return offset; } static int -frsrpc_dissect_struct_frsrpc_CommPktChunkCtr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep _U_, int hf_index, guint32 param _U_) +frsrpc_dissect_struct_frsrpc_CommPktChunkCtr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep _U_, int hf_index, uint32_t param _U_) { - guint32 remaining = tvb_reported_length_remaining(tvb, offset); + uint32_t remaining = tvb_reported_length_remaining(tvb, offset); int align_status = di->no_align; if (remaining > 0) { - proto_item *item = proto_tree_add_item(tree, hf_index, tvb, offset, -1, TRUE); + proto_item *item = proto_tree_add_item(tree, hf_index, tvb, offset, -1, ENC_NA); proto_tree *subtree = proto_item_add_subtree(item, ett_ChunkCtr); di->no_align = 1; while (remaining > 0) { diff --git a/epan/dissectors/pidl/frsrpc/frsrpc.idl b/epan/dissectors/pidl/frsrpc/frsrpc.idl index 3d2feddf..46aac115 100644 --- a/epan/dissectors/pidl/frsrpc/frsrpc.idl +++ b/epan/dissectors/pidl/frsrpc/frsrpc.idl @@ -249,7 +249,7 @@ interface frsrpc FRSRPC_COMM_PKT_CHUNK_REMOTE_CO = 0x000D, FRSRPC_COMM_PKT_CHUNK_CO_EXT_WIN2K = 0x0016, - FRSRPC_COMM_PKT_CHUNK_CO_EXTENTION_2 = 0x0017, + FRSRPC_COMM_PKT_CHUNK_CO_EXTENSION_2 = 0x0017, FRSRPC_COMM_PKT_CHUNK_EOP = 0x0013 } frsrpc_CommPktChunkType; @@ -293,12 +293,12 @@ interface frsrpc [case(FRSRPC_COMM_PKT_CHUNK_CO_GUID)][subcontext(4)] GUID co_guid; [case(FRSRPC_COMM_PKT_CHUNK_CO_SEQUENCE_NUMBER)] - uint32 co_sequnence_number; + uint32 co_sequence_number; [case(FRSRPC_COMM_PKT_CHUNK_REMOTE_CO)][subcontext(4)] frsrpc_CommPktChangeOrderCommand remote_co; [case(FRSRPC_COMM_PKT_CHUNK_CO_EXT_WIN2K)][subcontext(4)] frsrpc_CommPktCoRecordExtensionWin2k co_ext_win2k; - [case(FRSRPC_COMM_PKT_CHUNK_CO_EXTENTION_2)] + [case(FRSRPC_COMM_PKT_CHUNK_CO_EXTENSION_2)] frsrpc_CommPktChangeOrderRecordExtension co_extension2; [case(FRSRPC_COMM_PKT_CHUNK_EOP)] [value(0xFFFFFFFF)] uint32 bopend; diff --git a/epan/dissectors/pidl/frstrans/frstrans.cnf b/epan/dissectors/pidl/frstrans/frstrans.cnf index a1613776..dccbe3aa 100644 --- a/epan/dissectors/pidl/frstrans/frstrans.cnf +++ b/epan/dissectors/pidl/frstrans/frstrans.cnf @@ -5,7 +5,7 @@ TYPE hyper "offset=cnf_dissect_hyper(tvb, offset, pinfo, tree, di, drep, @PARAM@ CODE START static int -cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex) +cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex) { offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, di, drep, hfindex, NULL); diff --git a/epan/dissectors/pidl/frstrans/frstrans.idl b/epan/dissectors/pidl/frstrans/frstrans.idl index 761c3eec..ec4fd4a8 100644 --- a/epan/dissectors/pidl/frstrans/frstrans.idl +++ b/epan/dissectors/pidl/frstrans/frstrans.idl @@ -105,7 +105,7 @@ interface frstrans /*****************/ /* Function 0x04 */ typedef enum { - FRSTRANS_VERSION_REQUEST_NORNAL_SYNC = 0x0000, + FRSTRANS_VERSION_REQUEST_NORMAL_SYNC = 0x0000, FRSTRANS_VERSION_REQUEST_SLOW_SYNC = 0x0001, FRSTRANS_VERSION_REQUEST_SLAVE_SYNC = 0x0002 } frstrans_VersionRequestType; diff --git a/epan/dissectors/pidl/fsrvp/fsrvp.cnf b/epan/dissectors/pidl/fsrvp/fsrvp.cnf index f77001d5..1bfea916 100644 --- a/epan/dissectors/pidl/fsrvp/fsrvp.cnf +++ b/epan/dissectors/pidl/fsrvp/fsrvp.cnf @@ -14,7 +14,7 @@ MANUAL fsrvp_dissect_PrepareShadowCopySet_request CODE START static int -fsrvp_dissect_SetContext_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_SetContext_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="SetContext"; offset = fsrvp_dissect_element_SetContext_Context(tvb, offset, pinfo, tree, di, drep); @@ -22,7 +22,7 @@ fsrvp_dissect_SetContext_request(tvbuff_t *tvb _U_, int offset _U_, packet_info } static int -fsrvp_dissect_StartShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_StartShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="StartShadowCopySet"; offset = fsrvp_dissect_element_StartShadowCopySet_ClientShadowCopySetId(tvb, offset, pinfo, tree, di, drep); @@ -30,7 +30,7 @@ fsrvp_dissect_StartShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, pack } static int -fsrvp_dissect_AddToShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_AddToShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="AddToShadowCopySet"; offset = fsrvp_dissect_element_AddToShadowCopySet_ClientShadowCopyId(tvb, offset, pinfo, tree, di, drep); @@ -41,7 +41,7 @@ fsrvp_dissect_AddToShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, pack } static int -fsrvp_dissect_CommitShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_CommitShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="CommitShadowCopySet"; offset = fsrvp_dissect_element_CommitShadowCopySet_ShadowCopySetId(tvb, offset, pinfo, tree, di, drep); @@ -50,7 +50,7 @@ fsrvp_dissect_CommitShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, pac } static int -fsrvp_dissect_ExposeShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_ExposeShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="ExposeShadowCopySet"; offset = fsrvp_dissect_element_ExposeShadowCopySet_ShadowCopySetId(tvb, offset, pinfo, tree, di, drep); @@ -59,7 +59,7 @@ fsrvp_dissect_ExposeShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, pac } static int -fsrvp_dissect_RecoveryCompleteShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_RecoveryCompleteShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="RecoveryCompleteShadowCopySet"; offset = fsrvp_dissect_element_RecoveryCompleteShadowCopySet_ShadowCopySetId(tvb, offset, pinfo, tree, di, drep); @@ -67,7 +67,7 @@ fsrvp_dissect_RecoveryCompleteShadowCopySet_request(tvbuff_t *tvb _U_, int offse } static int -fsrvp_dissect_AbortShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_AbortShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="AbortShadowCopySet"; offset = fsrvp_dissect_element_AbortShadowCopySet_ShadowCopySetId(tvb, offset, pinfo, tree, di, drep); @@ -75,7 +75,7 @@ fsrvp_dissect_AbortShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, pack } static int -fsrvp_dissect_GetShareMapping_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_GetShareMapping_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="GetShareMapping"; offset = fsrvp_dissect_element_GetShareMapping_ShadowCopyId(tvb, offset, pinfo, tree, di, drep); @@ -87,7 +87,7 @@ fsrvp_dissect_GetShareMapping_request(tvbuff_t *tvb _U_, int offset _U_, packet_ } static int -fsrvp_dissect_DeleteShareMapping_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_DeleteShareMapping_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="DeleteShareMapping"; offset = fsrvp_dissect_element_DeleteShareMapping_ShadowCopySetId(tvb, offset, pinfo, tree, di, drep); @@ -98,7 +98,7 @@ fsrvp_dissect_DeleteShareMapping_request(tvbuff_t *tvb _U_, int offset _U_, pack } static int -fsrvp_dissect_PrepareShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +fsrvp_dissect_PrepareShadowCopySet_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { di->dcerpc_procedure_name="PrepareShadowCopySet"; offset = fsrvp_dissect_element_PrepareShadowCopySet_ShadowCopySetId(tvb, offset, pinfo, tree, di, drep); diff --git a/epan/dissectors/pidl/iwbemlevel1login/iwbemlevel1login.cnf b/epan/dissectors/pidl/iwbemlevel1login/iwbemlevel1login.cnf index 1fd19e09..f761832f 100644 --- a/epan/dissectors/pidl/iwbemlevel1login/iwbemlevel1login.cnf +++ b/epan/dissectors/pidl/iwbemlevel1login/iwbemlevel1login.cnf @@ -27,7 +27,7 @@ CODE START /* EstablishPosition */ static int -IWbemLevel1Login_dissect_element_EstablishPosition_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_EstablishPosition_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -41,7 +41,7 @@ IWbemLevel1Login_dissect_element_EstablishPosition_orpcthis(tvbuff_t *tvb _U_, i } static int -IWbemLevel1Login_dissect_element_EstablishPosition_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_EstablishPosition_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -56,7 +56,7 @@ IWbemLevel1Login_dissect_element_EstablishPosition_orpcthat_(tvbuff_t *tvb _U_, /* RequestChallenge */ static int -IWbemLevel1Login_dissect_element_RequestChallenge_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_RequestChallenge_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -70,7 +70,7 @@ IWbemLevel1Login_dissect_element_RequestChallenge_orpcthis(tvbuff_t *tvb _U_, in } static int -IWbemLevel1Login_dissect_element_RequestChallenge_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_RequestChallenge_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -85,7 +85,7 @@ IWbemLevel1Login_dissect_element_RequestChallenge_orpcthat_(tvbuff_t *tvb _U_, i /* WBEMLogin */ static int -IWbemLevel1Login_dissect_element_WBEMLogin_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_WBEMLogin_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -99,7 +99,7 @@ IWbemLevel1Login_dissect_element_WBEMLogin_orpcthis(tvbuff_t *tvb _U_, int offse } static int -IWbemLevel1Login_dissect_element_WBEMLogin_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_WBEMLogin_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -114,7 +114,7 @@ IWbemLevel1Login_dissect_element_WBEMLogin_orpcthat_(tvbuff_t *tvb _U_, int offs /* NTLMLogin */ static int -IWbemLevel1Login_dissect_element_NTLMLogin_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_NTLMLogin_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -128,7 +128,7 @@ IWbemLevel1Login_dissect_element_NTLMLogin_orpcthis(tvbuff_t *tvb _U_, int offse } static int -IWbemLevel1Login_dissect_element_NTLMLogin_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_NTLMLogin_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; @@ -142,11 +142,11 @@ IWbemLevel1Login_dissect_element_NTLMLogin_orpcthat_(tvbuff_t *tvb _U_, int offs } static int -IWbemLevel1Login_dissect_element_IWbemServices_services_(tvbuff_t *tvb, int offset, int length _U_, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_IWbemServices_services_(tvbuff_t *tvb, int offset, int length _U_, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep _U_) ; static int -IWbemLevel1Login_dissect_element_IWbemServices_services(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_IWbemServices_services(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = dissect_ndr_ucarray_block(tvb, offset, pinfo, tree, di, drep, &IWbemLevel1Login_dissect_element_IWbemServices_services_); @@ -154,7 +154,7 @@ IWbemLevel1Login_dissect_element_IWbemServices_services(tvbuff_t *tvb _U_, int o } static int -IWbemLevel1Login_dissect_element_IWbemServices_services_(tvbuff_t *tvb, int offset, int length _U_, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep _U_) +IWbemLevel1Login_dissect_element_IWbemServices_services_(tvbuff_t *tvb, int offset, int length _U_, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep _U_) { proto_item *sub_item; proto_tree *sub_tree; diff --git a/epan/dissectors/pidl/iwbemloginclientid/iwbemloginclientid.cnf b/epan/dissectors/pidl/iwbemloginclientid/iwbemloginclientid.cnf new file mode 100644 index 00000000..feca4f40 --- /dev/null +++ b/epan/dissectors/pidl/iwbemloginclientid/iwbemloginclientid.cnf @@ -0,0 +1,42 @@ +# Conformance file for iwbemloginclientid + +MANUAL IWbemLoginClientID_dissect_element_SetClientInfo_orpcthis +MANUAL IWbemLoginClientID_dissect_element_SetClientInfo_orpcthat_ + +ETT_FIELD ett_IWbemLoginClientID_SetClientInfo_orpcthis +ETT_FIELD ett_IWbemLoginClientID_SetClientInfo_orpcthat + +CODE START + + #include "packet-dcom.h" + +/* SetClientInfo */ +static int +IWbemLoginClientID_dissect_element_SetClientInfo_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + sub_item = proto_tree_add_item(tree, hf_IWbemLoginClientID_SetClientInfo_orpcthis, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemLoginClientID_SetClientInfo_orpcthis); + + offset = dissect_dcom_this(tvb, offset, pinfo, sub_tree, di, drep); + + return offset; +} + +static int +IWbemLoginClientID_dissect_element_SetClientInfo_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + sub_item = proto_tree_add_item(tree, hf_IWbemLoginClientID_SetClientInfo_orpcthat, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemLoginClientID_SetClientInfo_orpcthat); + + offset = dissect_dcom_that(tvb, offset, pinfo, sub_tree, di, drep); + + return offset; +} + +CODE END
\ No newline at end of file diff --git a/epan/dissectors/pidl/iwbemloginclientid/iwbemloginclientid.idl b/epan/dissectors/pidl/iwbemloginclientid/iwbemloginclientid.idl new file mode 100644 index 00000000..933605f7 --- /dev/null +++ b/epan/dissectors/pidl/iwbemloginclientid/iwbemloginclientid.idl @@ -0,0 +1,44 @@ +#include "idl_types.h" + +/* + IWbemLoginClientID interface definitions +*/ +[ uuid("d4781cd6-e5d3-44df-ad94-930efe48a887"), + restricted, + pointer_default(unique) +] +interface IWbemLoginClientID +{ + /*****************/ + /* Function 0x00 */ + [todo] WERROR iwbemloginclientid_opnum0( + ); + + /*****************/ + /* Function 0x01 */ + [todo] WERROR iwbemloginclientid_opnum1( + ); + + /*****************/ + /* Function 0x02 */ + [todo] WERROR iwbemloginclientid_opnum2( + ); + + typedef [public] struct + { + } ORPCTHIS; + + typedef [public] struct + { + } ORPCTHAT; + + /*****************/ + /* Function 0x03 */ + WERROR SetClientInfo( + [in] ORPCTHIS orpcthis, + [in, unique, string, charset(UTF16)] uint16* wszClientMachine, + [in] uint32 lClientProcId, + [in] uint32 lReserved, + [out] ORPCTHAT* orpcthat + ); +};
\ No newline at end of file diff --git a/epan/dissectors/pidl/iwbemloginclientidex/iwbemloginclientidex.cnf b/epan/dissectors/pidl/iwbemloginclientidex/iwbemloginclientidex.cnf new file mode 100644 index 00000000..1664269c --- /dev/null +++ b/epan/dissectors/pidl/iwbemloginclientidex/iwbemloginclientidex.cnf @@ -0,0 +1,42 @@ +# Conformance file for iwbemloginclientidex + +MANUAL IWbemLoginClientIDEx_dissect_element_SetClientInfoEx_orpcthis +MANUAL IWbemLoginClientIDEx_dissect_element_SetClientInfoEx_orpcthat_ + +ETT_FIELD ett_IWbemLoginClientIDEx_SetClientInfoEx_orpcthis +ETT_FIELD ett_IWbemLoginClientIDEx_SetClientInfoEx_orpcthat + +CODE START + + #include "packet-dcom.h" + +/* SetClientInfoEx */ +static int +IWbemLoginClientIDEx_dissect_element_SetClientInfoEx_orpcthis(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + sub_item = proto_tree_add_item(tree, hf_IWbemLoginClientIDEx_SetClientInfoEx_orpcthis, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemLoginClientIDEx_SetClientInfoEx_orpcthis); + + offset = dissect_dcom_this(tvb, offset, pinfo, sub_tree, di, drep); + + return offset; +} + +static int +IWbemLoginClientIDEx_dissect_element_SetClientInfoEx_orpcthat_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + sub_item = proto_tree_add_item(tree, hf_IWbemLoginClientIDEx_SetClientInfoEx_orpcthat, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemLoginClientIDEx_SetClientInfoEx_orpcthat); + + offset = dissect_dcom_that(tvb, offset, pinfo, sub_tree, di, drep); + + return offset; +} + +CODE END
\ No newline at end of file diff --git a/epan/dissectors/pidl/iwbemloginclientidex/iwbemloginclientidex.idl b/epan/dissectors/pidl/iwbemloginclientidex/iwbemloginclientidex.idl new file mode 100644 index 00000000..f39a586c --- /dev/null +++ b/epan/dissectors/pidl/iwbemloginclientidex/iwbemloginclientidex.idl @@ -0,0 +1,51 @@ +#include "idl_types.h" + +/* + IWbemLoginClientIDEx interface definitions +*/ +[ uuid("9f6c78ef-fce5-42fa-abea-3e7df91921dc"), + restricted, + pointer_default(unique) +] +interface IWbemLoginClientIDEx +{ + /*****************/ + /* Function 0x00 */ + [todo] WERROR iwbemloginclientidex_opnum0( + ); + + /*****************/ + /* Function 0x01 */ + [todo] WERROR iwbemloginclientidex_opnum1( + ); + + /*****************/ + /* Function 0x02 */ + [todo] WERROR iwbemloginclientidex_opnum2( + ); + + typedef [public] struct + { + } ORPCTHIS; + + typedef [public] struct + { + } ORPCTHAT; + + typedef struct { + uint32 dwLowDateTime; + uint32 dwHighDateTime; + } FILETIME; + + /*****************/ + /* Function 0x03 */ + WERROR SetClientInfoEx( + [in] ORPCTHIS orpcthis, + [in, unique, string, charset(UTF16)] uint16* ClientMachine, + [in, unique, string, charset(UTF16)] uint16* ClientMachineFQDN, + [in] uint32 ClientProcId, + [in] FILETIME ClientProcessCreationTime, + [in] uint32 Reserved, + [out] ORPCTHAT* orpcthat + ); +};
\ No newline at end of file diff --git a/epan/dissectors/pidl/iwbemservices/iwbemservices.cnf b/epan/dissectors/pidl/iwbemservices/iwbemservices.cnf new file mode 100644 index 00000000..c35df28c --- /dev/null +++ b/epan/dissectors/pidl/iwbemservices/iwbemservices.cnf @@ -0,0 +1,111 @@ +# Conformance file for iwbemservices + +MANUAL IWbemServices_dissect_element_GetObject_orpcthis +MANUAL IWbemServices_dissect_element_GetObject_orpcthat_ + +MANUAL IWbemServices_dissect_element_ExecMethod_orpcthis +MANUAL IWbemServices_dissect_element_ExecMethod_orpcthat_ + +MANUAL IWbemServices_dissect_element_IWbemClassObject_objects +NOEMIT IWbemServices_dissect_element_IWbemClassObject_objects_ +NOEMIT IWbemServices_dissect_element_GetObject_strObjectPath_ + +ETT_FIELD ett_IWbemServices_GetObject_orpcthis +ETT_FIELD ett_IWbemServices_GetObject_orpcthat + +ETT_FIELD ett_IWbemServices_ExecMethod_orpcthis +ETT_FIELD ett_IWbemServices_ExecMethod_orpcthat + +CODE START + + #include "packet-dcom.h" + +static int +IWbemServices_dissect_element_IWbemClassObject_objects_(tvbuff_t *tvb, int offset, int length, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep); +static int +IWbemServices_dissect_element_GetObject_strObjectPath_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep); + +extern void register_dcom_wmio (void); + +/* GetObject */ +static int +IWbemServices_dissect_element_GetObject_orpcthis(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + sub_item = proto_tree_add_item(tree, hf_IWbemServices_GetObject_orpcthis, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_GetObject_orpcthis); + + return dissect_dcom_this(tvb, offset, pinfo, sub_tree, di, drep); +} + +static int +IWbemServices_dissect_element_GetObject_orpcthat_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + register_dcom_wmio(); + + sub_item = proto_tree_add_item(tree, hf_IWbemServices_GetObject_orpcthat, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_GetObject_orpcthat); + + return dissect_dcom_that(tvb, offset, pinfo, sub_tree, di, drep); +} + +/* ExecMethod */ +static int +IWbemServices_dissect_element_ExecMethod_orpcthis(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + sub_item = proto_tree_add_item(tree, hf_IWbemServices_ExecMethod_orpcthis, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_ExecMethod_orpcthis); + + return dissect_dcom_this(tvb, offset, pinfo, sub_tree, di, drep); +} + +static int +IWbemServices_dissect_element_ExecMethod_orpcthat_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) +{ + proto_item *sub_item; + proto_tree *sub_tree; + + register_dcom_wmio(); + + sub_item = proto_tree_add_item(tree, hf_IWbemServices_ExecMethod_orpcthat, tvb, offset, 0, ENC_NA); + sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_ExecMethod_orpcthat); + + return dissect_dcom_that(tvb, offset, pinfo, sub_tree, di, drep); +} + +static int +IWbemServices_dissect_element_IWbemClassObject_objects(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) +{ + return dissect_ndr_ucarray_block(tvb, offset, pinfo, tree, di, drep, &IWbemServices_dissect_element_IWbemClassObject_objects_); +} + +static int +IWbemServices_dissect_element_IWbemClassObject_objects_(tvbuff_t *tvb, int offset, int length, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) +{ + dissect_dcom_OBJREF(tvb, offset, pinfo, tree, di, drep, hf_IWbemServices_IWbemClassObject_objects, NULL); + return offset + length; +} + +static int +IWbemServices_dissect_element_GetObject_strObjectPath_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) +{ + char *data = NULL; + + offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint16_t), hf_IWbemServices_GetObject_strObjectPath, false, &data); + if (data){ + proto_item_append_text(tree, ": %s", data); + col_append_fstr(pinfo->cinfo, COL_INFO, " Object=%s", data); + } + + return offset; +} + +CODE END
\ No newline at end of file diff --git a/epan/dissectors/pidl/iwbemservices/iwbemservices.idl b/epan/dissectors/pidl/iwbemservices/iwbemservices.idl new file mode 100644 index 00000000..c4de5c55 --- /dev/null +++ b/epan/dissectors/pidl/iwbemservices/iwbemservices.idl @@ -0,0 +1,158 @@ +#include "idl_types.h" + +/* + IWbemServices interface definitions +*/ +[ uuid("9556dc99-828c-11cf-a37e-00aa003240c7"), + restricted, + pointer_default(unique) +] +interface IWbemServices +{ + typedef struct + { + } ORPCTHIS; + + typedef struct + { + } ORPCTHAT; + + typedef struct + { + } IWbemCallResult; + + /*****************/ + /* Function 0 */ + [todo] WERROR iwbemservices_opnum0( + ); + /*****************/ + /* Function 1 */ + [todo] WERROR iwbemservices_opnum1( + ); + /*****************/ + /* Function 2 */ + [todo] WERROR iwbemservices_opnum2( + ); + /*****************/ + /* Function 3 */ + [todo] WERROR iwbemservices_OpenNamespace( + ); + /*****************/ + /* Function 4 */ + [todo] WERROR iwbemservices_CancelAsyncCall( + ); + /*****************/ + /* Function 5 */ + [todo] WERROR iwbemservices_QueryObjectSink( + ); + + typedef struct + { + uint32 count; + [size_is(count)] uint8 objects[]; + } IWbemClassObject; + + typedef struct + { + uint32 ulCntData; + [size_is(count)] uint8 abData[]; + } MInterfacePointer; + + typedef struct + { + uint32 u; + MInterfacePointer *intPtr; + } IWbemContext; + + /*****************/ + /* Function 6 */ + WERROR GetObject( + [in] ORPCTHIS orpcthis, + [in, unique, string, charset(UTF16)] uint16* strObjectPath, + [in] uint32 lFlags, + [in] IWbemContext* pCtx, + [out] ORPCTHAT* orpcthat, + [out, in, unique] IWbemClassObject** ppObject, + [out, in, unique] IWbemCallResult** ppCallResult + ); + + /*****************/ + /* Function 7 */ + [todo] WERROR iwbemservices_opnum7( + ); + /*****************/ + /* Function 8 */ + [todo] WERROR iwbemservices_opnum8( + ); + /*****************/ + /* Function 9 */ + [todo] WERROR iwbemservices_opnum9( + ); + /*****************/ + /* Function 10 */ + [todo] WERROR iwbemservices_opnum10( + ); + /*****************/ + /* Function 11 */ + [todo] WERROR iwbemservices_opnum11( + ); + /*****************/ + /* Function 12 */ + [todo] WERROR iwbemservices_opnum12( + ); + /*****************/ + /* Function 13 */ + [todo] WERROR iwbemservices_opnum13( + ); + /*****************/ + /* Function 14 */ + [todo] WERROR iwbemservices_opnum14( + ); + /*****************/ + /* Function 15 */ + [todo] WERROR iwbemservices_opnum15( + ); + /*****************/ + /* Function 16 */ + [todo] WERROR iwbemservices_opnum16( + ); + /*****************/ + /* Function 17 */ + [todo] WERROR iwbemservices_opnum17( + ); + /*****************/ + /* Function 18 */ + [todo] WERROR iwbemservices_opnum18( + ); + /*****************/ + /* Function 19 */ + [todo] WERROR iwbemservices_opnum19( + ); + /*****************/ + /* Function 20 */ + [todo] WERROR iwbemservices_opnum20( + ); + /*****************/ + /* Function 21 */ + [todo] WERROR iwbemservices_opnum21( + ); + /*****************/ + /* Function 22 */ + [todo] WERROR iwbemservices_opnum22( + ); + /*****************/ + /* Function 23 */ + [todo] WERROR iwbemservices_opnum23( + ); + + /*****************/ + /* Function 24 */ + WERROR ExecMethod( + [in] ORPCTHIS orpcthis, + [in, unique, string, charset(UTF16)] uint16* strObjectPath, + [in, unique, string, charset(UTF16)] uint16* strMethodName, + [in] uint32 lFlags, + [out] ORPCTHAT* orpcthat + ); + +};
\ No newline at end of file diff --git a/epan/dissectors/pidl/lsa/lsa.cnf b/epan/dissectors/pidl/lsa/lsa.cnf index 4453f7fe..513fefd8 100644 --- a/epan/dissectors/pidl/lsa/lsa.cnf +++ b/epan/dissectors/pidl/lsa/lsa.cnf @@ -63,7 +63,7 @@ CODE START static void -lsarpc_policy_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +lsarpc_policy_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_lsarpc_lsa_PolicyAccessMask_LSA_POLICY_NOTIFICATION, @@ -86,7 +86,7 @@ lsarpc_policy_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guin } static void -lsarpc_account_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +lsarpc_account_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_lsarpc_lsa_AccountAccessMask_LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS, @@ -100,7 +100,7 @@ lsarpc_account_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, gui } static void -lsarpc_secret_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +lsarpc_secret_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_lsarpc_lsa_SecretAccessMask_LSA_SECRET_QUERY_VALUE, @@ -112,16 +112,16 @@ lsarpc_secret_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guin } static void -lsarpc_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +lsarpc_domain_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_AUTH, - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_SET_AUTH, - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_SET_POSIX, - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_POSIX, - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_SET_CONTROLLERS, - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_CONTROLLERS, - &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_DOMAIN_NAME, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_AUTH, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_SET_AUTH, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_SET_POSIX, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_POSIX, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_SET_CONTROLLERS, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_CONTROLLERS, + &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_DOMAIN_NAME, NULL }; @@ -129,28 +129,28 @@ lsarpc_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guin } -struct access_mask_info lsarpc_policy_access_mask_info = { +static struct access_mask_info lsarpc_policy_access_mask_info = { "LSA Policy", /* Name of specific rights */ lsarpc_policy_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ NULL /* Standard mapping table */ }; -struct access_mask_info lsarpc_account_access_mask_info = { +static struct access_mask_info lsarpc_account_access_mask_info = { "LSA Account", /* Name of specific rights */ lsarpc_account_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ NULL /* Standard mapping table */ }; -struct access_mask_info lsarpc_secret_access_mask_info = { +static struct access_mask_info lsarpc_secret_access_mask_info = { "LSA Secret", /* Name of specific rights */ lsarpc_secret_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ NULL /* Standard mapping table */ }; -struct access_mask_info lsarpc_domain_access_mask_info = { +static struct access_mask_info lsarpc_domain_access_mask_info = { "LSA Domain", /* Name of specific rights */ lsarpc_domain_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -158,7 +158,7 @@ struct access_mask_info lsarpc_domain_access_mask_info = { }; int -lsarpc_dissect_bitmap_lsa_PolicyAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +lsarpc_dissect_bitmap_lsa_PolicyAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_lsarpc_policy_access_mask, @@ -167,7 +167,7 @@ lsarpc_dissect_bitmap_lsa_PolicyAccessMask(tvbuff_t *tvb, int offset, packet_inf } int -lsarpc_dissect_bitmap_lsa_AccountAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +lsarpc_dissect_bitmap_lsa_AccountAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_lsarpc_account_access_mask, @@ -176,7 +176,7 @@ lsarpc_dissect_bitmap_lsa_AccountAccessMask(tvbuff_t *tvb, int offset, packet_in } int -lsarpc_dissect_bitmap_lsa_SecretAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +lsarpc_dissect_bitmap_lsa_SecretAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_lsarpc_secret_access_mask, @@ -184,8 +184,9 @@ lsarpc_dissect_bitmap_lsa_SecretAccessMask(tvbuff_t *tvb, int offset, packet_inf return offset; } +/* TODO: not called, so couldn't make static. Delete? */ int -lsarpc_dissect_bitmap_lsa_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +lsarpc_dissect_bitmap_lsa_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_lsarpc_domain_access_mask, @@ -194,12 +195,12 @@ lsarpc_dissect_bitmap_lsa_DomainAccessMask(tvbuff_t *tvb, int offset, packet_inf } static int -cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint32 len; + uint32_t len; e_ctx_hnd *polhnd = NULL; dcerpc_call_value *dcv = NULL; - guint32 type=0; + uint32_t type=0; struct access_mask_info *ami=NULL; if(di->conformant_run){ @@ -233,7 +234,7 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t break; } - dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, TRUE, len, ami); + dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, true, len, ami); offset += len; @@ -241,9 +242,9 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t } static int -cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint32 len; + uint32_t len; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -262,25 +263,25 @@ cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr int -lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep){ +lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep){ return cnf_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep); } static int -lsarpc_dissect_struct_security_descriptor(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_, int unused1 _U_, int unused2 _U_){ +lsarpc_dissect_struct_security_descriptor(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_, int unused1 _U_, int unused2 _U_){ return cnf_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep); } int -lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_, int unused1 _U_, int unused2 _U_) { +lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_, int unused1 _U_, int unused2 _U_) { /* sid */ return dissect_ndr_nt_SID(tvb, offset, pinfo, tree, di, drep); } static int -cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex) +cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex) { offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, di, drep, hfindex, NULL); @@ -290,7 +291,7 @@ cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tre # PIDL cant handle top level arrays so we must explicitely go through a # ref pointer here static int -lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, uint8_t *drep _U_) { proto_item *item = NULL; proto_tree *tree = NULL; @@ -308,28 +309,28 @@ lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U } static int -lsarpc_dissect_element_lsa_LookupNames_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_LookupNames_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names); return offset; } static int -lsarpc_dissect_element_lsa_LookupNames2_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_LookupNames2_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names); return offset; } static int -lsarpc_dissect_element_lsa_LookupNames3_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_LookupNames3_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names); return offset; } static int -lsarpc_dissect_element_lsa_LookupNames4_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_LookupNames4_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names); @@ -339,22 +340,22 @@ lsarpc_dissect_element_lsa_LookupNames4_names(tvbuff_t *tvb _U_, int offset _U_, static int -lsarpc_dissect_element_lsa_String_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_String_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { char *data; - offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(guint16), hf_lsarpc_String_name, FALSE, &data); + offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint16_t), hf_lsarpc_String_name, false, &data); proto_item_append_text(tree, ": %s", data); return offset; } static int -lsarpc_dissect_element_lsa_StringLarge_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_StringLarge_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { char *data; - offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(guint16), hf_lsarpc_String_name, FALSE, &data); + offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint16_t), hf_lsarpc_String_name, false, &data); proto_item_append_text(tree, ": %s", data); return offset; @@ -363,10 +364,10 @@ lsarpc_dissect_element_lsa_StringLarge_string_(tvbuff_t *tvb _U_, int offset _U_ static int -lsarpc_dissect_element_lsa_DomainInfoEfs_efs_blob_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_) +lsarpc_dissect_element_lsa_DomainInfoEfs_efs_blob_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_) { tvbuff_t *next_tvb; - gint len, reported_len; + int len, reported_len; dissector_handle_t efsblob_handle; if(di->conformant_run){ @@ -400,8 +401,8 @@ CODE END HEADER START extern int -lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep); +lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep); extern int -lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int unused1, int unused2); +lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int unused1, int unused2); HEADER END diff --git a/epan/dissectors/pidl/lsa/lsa.idl b/epan/dissectors/pidl/lsa/lsa.idl index f7535d6a..e21b1f57 100644 --- a/epan/dissectors/pidl/lsa/lsa.idl +++ b/epan/dissectors/pidl/lsa/lsa.idl @@ -8,50 +8,14 @@ [ uuid("12345778-1234-abcd-ef00-0123456789ab"), version(0.0), - endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"), + endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"), + pyhelper("librpc/ndr/py_lsa.c"), pointer_default(unique), helpstring("Local Security Authority") ] interface lsarpc { - typedef [bitmap32bit] bitmap { - LSA_POLICY_NOTIFICATION = 0x00001000, - LSA_POLICY_LOOKUP_NAMES = 0x00000800, - LSA_POLICY_SERVER_ADMIN = 0x00000400, - LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200, - LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100, - LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080, - LSA_POLICY_CREATE_PRIVILEGE = 0x00000040, - LSA_POLICY_CREATE_SECRET = 0x00000020, - LSA_POLICY_CREATE_ACCOUNT = 0x00000010, - LSA_POLICY_TRUST_ADMIN = 0x00000008, - LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004, - LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002, - LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001 - } lsa_PolicyAccessMask; - - typedef [bitmap32bit] bitmap { - LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS = 0x00000008, - LSA_ACCOUNT_ADJUST_QUOTAS = 0x00000004, - LSA_ACCOUNT_ADJUST_PRIVILEGES = 0x00000002, - LSA_ACCOUNT_VIEW = 0x00000001 - } lsa_AccountAccessMask; - - typedef [bitmap32bit] bitmap { - LSA_DOMAIN_QUERY_AUTH = 0x00000040, - LSA_DOMAIN_SET_AUTH = 0x00000020, - LSA_DOMAIN_SET_POSIX = 0x00000010, - LSA_DOMAIN_QUERY_POSIX = 0x00000008, - LSA_DOMAIN_SET_CONTROLLERS = 0x00000004, - LSA_DOMAIN_QUERY_CONTROLLERS = 0x00000002, - LSA_DOMAIN_QUERY_DOMAIN_NAME = 0x00000001 - } lsa_DomainAccessMask; - - typedef [bitmap32bit] bitmap { - LSA_SECRET_QUERY_VALUE = 0x00000002, - LSA_SECRET_SET_VALUE = 0x00000001 - } lsa_SecretAccessMask; - typedef bitmap security_secinfo security_secinfo; + typedef bitmap kerb_EncTypes kerb_EncTypes; typedef [public] struct { [value(2*strlen_m(string))] uint16 length; @@ -82,12 +46,18 @@ [charset(DOS),size_is(size),length_is(length)] uint8 *string; } lsa_AsciiStringLarge; + typedef [public] struct { + uint16 length; + uint16 size; + [size_is(size/2),length_is(length/2)] uint16 *array; + } lsa_BinaryString; + /******************/ /* Function: 0x00 */ NTSTATUS lsa_Close ( [in,out] policy_handle *handle ); - + /******************/ /* Function: 0x01 */ @@ -102,7 +72,7 @@ uint32 low; uint32 high; } lsa_LUID; - + typedef struct { lsa_StringLarge name; lsa_LUID luid; @@ -114,26 +84,27 @@ } lsa_PrivArray; [public] NTSTATUS lsa_EnumPrivs ( - [in] policy_handle *handle, - [in,out] uint32 *resume_handle, - [in] uint32 max_count, - [out] lsa_PrivArray *privs + [in] policy_handle *handle, + [in,out,ref] uint32 *resume_handle, + [out,ref] lsa_PrivArray *privs, + [in] uint32 max_count ); /******************/ /* Function: 0x03 */ - NTSTATUS lsa_QuerySecurity ( - [in] policy_handle *handle, - [in] security_secinfo sec_info, - [out] sec_desc_buf **sdbuf + [in] policy_handle *handle, + [in] security_secinfo sec_info, + [out,ref] sec_desc_buf **sdbuf ); - /******************/ /* Function: 0x04 */ - [todo] NTSTATUS lsa_SetSecObj (); - + NTSTATUS lsa_SetSecObj( + [in] policy_handle *handle, + [in] security_secinfo sec_info, + [in,ref] sec_desc_buf *sdbuf + ); /******************/ /* Function: 0x05 */ @@ -144,21 +115,21 @@ /* Function: 0x06 */ typedef enum { - LSA_SECURITY_ANONYMOUS = 0, - LSA_SECURITY_IDENTIFICATION = 1, - LSA_SECURITY_IMPERSONATION = 2, - LSA_SECURITY_DELEGATION = 3 + LSA_SECURITY_ANONYMOUS = 0, + LSA_SECURITY_IDENTIFICATION = 1, + LSA_SECURITY_IMPERSONATION = 2, + LSA_SECURITY_DELEGATION = 3 } lsa_SecurityImpersonationLevel; typedef struct { - uint32 len; /* ignored */ - lsa_SecurityImpersonationLevel impersonation_level; + uint3264 len; /* ignored */ + lsa_SecurityImpersonationLevel impersonation_level; uint8 context_mode; uint8 effective_only; } lsa_QosInfo; - + typedef struct { - uint32 len; /* ignored */ + uint3264 len; /* ignored */ uint8 *root_dir; [string,charset(UTF16)] uint16 *object_name; uint32 attributes; @@ -166,7 +137,151 @@ lsa_QosInfo *sec_qos; } lsa_ObjectAttribute; - /* notice the screwup with the system_name - thats why MS created + typedef [public,bitmap32bit] bitmap { + LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001, + LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002, + LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004, + LSA_POLICY_TRUST_ADMIN = 0x00000008, + LSA_POLICY_CREATE_ACCOUNT = 0x00000010, + LSA_POLICY_CREATE_SECRET = 0x00000020, + LSA_POLICY_CREATE_PRIVILEGE = 0x00000040, + LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080, + LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100, + LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200, + LSA_POLICY_SERVER_ADMIN = 0x00000400, + LSA_POLICY_LOOKUP_NAMES = 0x00000800, + LSA_POLICY_NOTIFICATION = 0x00001000 + } lsa_PolicyAccessMask; + + const int LSA_POLICY_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + LSA_POLICY_VIEW_LOCAL_INFORMATION | + LSA_POLICY_VIEW_AUDIT_INFORMATION | + LSA_POLICY_GET_PRIVATE_INFORMATION | + LSA_POLICY_TRUST_ADMIN | + LSA_POLICY_CREATE_ACCOUNT | + LSA_POLICY_CREATE_SECRET | + LSA_POLICY_CREATE_PRIVILEGE | + LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS | + LSA_POLICY_SET_AUDIT_REQUIREMENTS | + LSA_POLICY_AUDIT_LOG_ADMIN | + LSA_POLICY_SERVER_ADMIN | + LSA_POLICY_LOOKUP_NAMES | + LSA_POLICY_NOTIFICATION); + + const int LSA_POLICY_READ = + (STANDARD_RIGHTS_READ_ACCESS | + LSA_POLICY_VIEW_LOCAL_INFORMATION | + LSA_POLICY_VIEW_AUDIT_INFORMATION | + LSA_POLICY_GET_PRIVATE_INFORMATION); + + const int LSA_POLICY_WRITE = + (STANDARD_RIGHTS_READ_ACCESS | + LSA_POLICY_TRUST_ADMIN | + LSA_POLICY_CREATE_ACCOUNT | + LSA_POLICY_CREATE_SECRET | + LSA_POLICY_CREATE_PRIVILEGE | + LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS | + LSA_POLICY_SET_AUDIT_REQUIREMENTS | + LSA_POLICY_AUDIT_LOG_ADMIN | + LSA_POLICY_SERVER_ADMIN); + + const int LSA_POLICY_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS | + LSA_POLICY_VIEW_LOCAL_INFORMATION | + LSA_POLICY_LOOKUP_NAMES); + + typedef [public,bitmap32bit] bitmap { + LSA_ACCOUNT_VIEW = 0x00000001, + LSA_ACCOUNT_ADJUST_PRIVILEGES = 0x00000002, + LSA_ACCOUNT_ADJUST_QUOTAS = 0x00000004, + LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS = 0x00000008 + } lsa_AccountAccessMask; + + const int LSA_ACCOUNT_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + LSA_ACCOUNT_VIEW | + LSA_ACCOUNT_ADJUST_PRIVILEGES | + LSA_ACCOUNT_ADJUST_QUOTAS | + LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS); + + const int LSA_ACCOUNT_READ = + (STANDARD_RIGHTS_READ_ACCESS | + LSA_ACCOUNT_VIEW); + + const int LSA_ACCOUNT_WRITE = + (STANDARD_RIGHTS_READ_ACCESS | + LSA_ACCOUNT_ADJUST_PRIVILEGES | + LSA_ACCOUNT_ADJUST_QUOTAS | + LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS); + + const int LSA_ACCOUNT_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS); + + typedef [public,bitmap32bit] bitmap { + LSA_SECRET_SET_VALUE = 0x00000001, + LSA_SECRET_QUERY_VALUE = 0x00000002 + } lsa_SecretAccessMask; + + const int LSA_SECRET_ALL_ACCESS = + (LSA_SECRET_QUERY_VALUE | + LSA_SECRET_SET_VALUE | + SEC_STD_DELETE | + STANDARD_RIGHTS_READ_ACCESS | + SEC_STD_WRITE_DAC | + SEC_STD_WRITE_OWNER); /* 0x000F0003 */ + + const int LSA_SECRET_READ = + (LSA_SECRET_QUERY_VALUE | + STANDARD_RIGHTS_READ_ACCESS); /* 0x00020002 */ + + const int LSA_SECRET_WRITE = + (LSA_SECRET_SET_VALUE | + STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */ + + const int LSA_SECRET_EXECUTE = + (STANDARD_RIGHTS_READ_ACCESS); /* 0x00020000 */ + + typedef [public,bitmap32bit] bitmap { + LSA_TRUSTED_QUERY_DOMAIN_NAME = 0x00000001, + LSA_TRUSTED_QUERY_CONTROLLERS = 0x00000002, + LSA_TRUSTED_SET_CONTROLLERS = 0x00000004, + LSA_TRUSTED_QUERY_POSIX = 0x00000008, + LSA_TRUSTED_SET_POSIX = 0x00000010, + LSA_TRUSTED_SET_AUTH = 0x00000020, + LSA_TRUSTED_QUERY_AUTH = 0x00000040 + } lsa_TrustedAccessMask; + + const int LSA_TRUSTED_DOMAIN_ALL_ACCESS = + (LSA_TRUSTED_QUERY_DOMAIN_NAME | + LSA_TRUSTED_QUERY_CONTROLLERS | + LSA_TRUSTED_SET_CONTROLLERS | + LSA_TRUSTED_QUERY_POSIX | + LSA_TRUSTED_SET_POSIX | + LSA_TRUSTED_SET_AUTH | + LSA_TRUSTED_QUERY_AUTH | + SEC_STD_DELETE | + STANDARD_RIGHTS_READ_ACCESS | + SEC_STD_WRITE_DAC | + SEC_STD_WRITE_OWNER); /* 0x000F007F */ + + const int LSA_TRUSTED_DOMAIN_READ = + (LSA_TRUSTED_QUERY_DOMAIN_NAME | + STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */ + + const int LSA_TRUSTED_DOMAIN_WRITE = + (LSA_TRUSTED_SET_CONTROLLERS | + LSA_TRUSTED_SET_POSIX | + LSA_TRUSTED_SET_AUTH | + STANDARD_RIGHTS_READ_ACCESS); /* 0x00020034 */ + + const int LSA_TRUSTED_DOMAIN_EXECUTE = + (LSA_TRUSTED_QUERY_DOMAIN_NAME | + LSA_TRUSTED_QUERY_POSIX | + STANDARD_RIGHTS_READ_ACCESS); /* 0x0002000C */ + + + /* notice the screwup with the system_name - that's why MS created OpenPolicy2 */ [public] NTSTATUS lsa_OpenPolicy ( [in,unique] uint16 *system_name, @@ -174,7 +289,7 @@ [in] lsa_PolicyAccessMask access_mask, [out] policy_handle *handle ); - + /******************/ @@ -182,12 +297,11 @@ typedef struct { uint32 percent_full; - uint32 log_size; - NTTIME retention_time; + uint32 maximum_log_size; + hyper retention_time; uint8 shutdown_in_progress; - NTTIME time_to_shutdown; + hyper time_to_shutdown; uint32 next_audit_record; - uint32 unknown; } lsa_AuditLogInfo; typedef [v1_enum] enum { @@ -203,7 +317,7 @@ LSA_AUDIT_CATEGORY_LOGON = 1, LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2, LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3, - LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4, + LSA_AUDIT_CATEGORY_PROCESS_TRACKING = 4, LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5, LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6, LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */ @@ -225,13 +339,13 @@ lsa_String name; } lsa_PDAccountInfo; - typedef enum { - LSA_POLICY_ROLE_BACKUP = 2, - LSA_POLICY_ROLE_PRIMARY = 3 - } lsa_PolicyServerRole; + typedef [v1_enum] enum { + LSA_ROLE_BACKUP=2, + LSA_ROLE_PRIMARY=3 + } lsa_Role; typedef struct { - lsa_PolicyServerRole role; + lsa_Role role; } lsa_ServerRole; typedef struct { @@ -250,7 +364,7 @@ typedef struct { hyper modified_id; - NTTIME db_create_time; + NTTIME_hyper db_create_time; } lsa_ModificationInfo; typedef struct { @@ -258,12 +372,11 @@ } lsa_AuditFullSetInfo; typedef struct { - uint16 unknown; /* an midl padding bug? */ uint8 shutdown_on_full; uint8 log_is_full; } lsa_AuditFullQueryInfo; - typedef struct { + typedef [public] struct { /* it's important that we use the lsa_StringLarge here, * because otherwise windows clients result with such dns hostnames * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org @@ -286,12 +399,12 @@ LSA_POLICY_INFO_ROLE=6, LSA_POLICY_INFO_REPLICA=7, LSA_POLICY_INFO_QUOTA=8, - LSA_POLICY_INFO_DB=9, + LSA_POLICY_INFO_MOD=9, LSA_POLICY_INFO_AUDIT_FULL_SET=10, LSA_POLICY_INFO_AUDIT_FULL_QUERY=11, LSA_POLICY_INFO_DNS=12, LSA_POLICY_INFO_DNS_INT=13, - LSA_POLICY_INFO_LOCAL_ACCOUNT_DOMAIN=14 + LSA_POLICY_INFO_L_ACCOUNT_DOMAIN=14 } lsa_PolicyInfo; typedef [switch_type(uint16)] union { @@ -303,16 +416,18 @@ [case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role; [case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica; [case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota; - [case(LSA_POLICY_INFO_DB)] lsa_ModificationInfo db; + [case(LSA_POLICY_INFO_MOD)] lsa_ModificationInfo mod; [case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset; [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery; [case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns; + [case(LSA_POLICY_INFO_DNS_INT)] lsa_DnsDomainInfo dns_int; + [case(LSA_POLICY_INFO_L_ACCOUNT_DOMAIN)] lsa_DomainInfo l_account_domain; } lsa_PolicyInformation; - NTSTATUS lsa_QueryInfoPolicy ( + NTSTATUS lsa_QueryInfoPolicy( [in] policy_handle *handle, [in] lsa_PolicyInfo level, - [out,switch_is(level)] lsa_PolicyInformation **info + [out,ref,switch_is(level)] lsa_PolicyInformation **info ); /******************/ @@ -331,40 +446,39 @@ /* Function: 0x0a */ [public] NTSTATUS lsa_CreateAccount ( [in] policy_handle *handle, - [in] dom_sid2 *sid, + [in,ref] dom_sid2 *sid, [in] lsa_AccountAccessMask access_mask, [out] policy_handle *acct_handle ); /******************/ /* NOTE: This only returns accounts that have at least - one privilege set + one privilege set */ /* Function: 0x0b */ typedef struct { dom_sid2 *sid; } lsa_SidPtr; - + typedef [public] struct { - [range(0,1000)] uint32 num_sids; + [range(0,20480)] uint32 num_sids; [size_is(num_sids)] lsa_SidPtr *sids; } lsa_SidArray; - [public] NTSTATUS lsa_EnumAccounts ( + [public] NTSTATUS lsa_EnumAccounts( [in] policy_handle *handle, - [in,out] uint32 *resume_handle, - [in,range(0,8192)] uint32 num_entries, - [out] lsa_SidArray *sids + [in,out,ref] uint32 *resume_handle, + [out,ref] lsa_SidArray *sids, + [in,range(0,8192)] uint32 num_entries ); - /*************************************************/ /* Function: 0x0c */ [public] NTSTATUS lsa_CreateTrustedDomain( - [in] policy_handle *handle, + [in] policy_handle *policy_handle, [in] lsa_DomainInfo *info, - [in] lsa_DomainAccessMask access_mask, + [in] lsa_TrustedAccessMask access_mask, [out] policy_handle *trustdom_handle ); @@ -380,11 +494,11 @@ [size_is(count)] lsa_DomainInfo *domains; } lsa_DomainList; - NTSTATUS lsa_EnumTrustDom ( + NTSTATUS lsa_EnumTrustDom( [in] policy_handle *handle, - [in,out] uint32 *resume_handle, - [in] uint32 max_size, - [out] lsa_DomainList *domains + [in,out,ref] uint32 *resume_handle, + [out,ref] lsa_DomainList *domains, + [in] uint32 max_size ); @@ -400,7 +514,8 @@ SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */ SID_NAME_INVALID = 7, /* invalid account */ SID_NAME_UNKNOWN = 8, /* oops. */ - SID_NAME_COMPUTER = 9 /* machine */ + SID_NAME_COMPUTER = 9, /* machine */ + SID_NAME_LABEL = 10 /* Mandatory Label */ } lsa_SidType; typedef struct { @@ -415,7 +530,7 @@ } lsa_TransSidArray; const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32; - typedef struct { + typedef [public] struct { [range(0,1000)] uint32 count; [size_is(count)] lsa_DomainInfo *domains; uint32 max_size; @@ -429,23 +544,24 @@ * Level 6: Like 4 */ - typedef enum { + typedef [public] enum { LSA_LOOKUP_NAMES_ALL = 1, LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2, LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3, LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4, LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5, - LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6 + LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6, + LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC = 7 } lsa_LookupNamesLevel; [public] NTSTATUS lsa_LookupNames ( [in] policy_handle *handle, [in,range(0,1000)] uint32 num_names, [in,size_is(num_names)] lsa_String names[], - [out] lsa_RefDomainList **domains, - [in,out] lsa_TransSidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransSidArray *sids, [in] lsa_LookupNamesLevel level, - [in,out] uint32 *count + [in,out,ref] uint32 *count ); @@ -458,18 +574,18 @@ uint32 sid_index; } lsa_TranslatedName; - typedef struct { - [range(0,1000)] uint32 count; + typedef [public] struct { + [range(0,20480)] uint32 count; [size_is(count)] lsa_TranslatedName *names; } lsa_TransNameArray; - [public] NTSTATUS lsa_LookupSids ( + [public] NTSTATUS lsa_LookupSids( [in] policy_handle *handle, - [in] lsa_SidArray *sids, - [out] lsa_RefDomainList *domains, - [in,out] lsa_TransNameArray *names, - [in] uint16 level, - [in,out] uint32 *count + [in,ref] lsa_SidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransNameArray *names, + [in] lsa_LookupNamesLevel level, + [in,out,ref] uint32 *count ); @@ -484,9 +600,9 @@ /*****************************************/ /* Function: 0x11 */ - NTSTATUS lsa_OpenAccount ( + NTSTATUS lsa_OpenAccount( [in] policy_handle *handle, - [in] dom_sid2 *sid, + [in,ref] dom_sid2 *sid, [in] lsa_AccountAccessMask access_mask, [out] policy_handle *acct_handle ); @@ -499,16 +615,16 @@ lsa_LUID luid; uint32 attribute; } lsa_LUIDAttribute; - + typedef struct { [range(0,1000)] uint32 count; uint32 unknown; [size_is(count)] lsa_LUIDAttribute set[*]; } lsa_PrivilegeSet; - - NTSTATUS lsa_EnumPrivsAccount ( + + NTSTATUS lsa_EnumPrivsAccount( [in] policy_handle *handle, - [out] lsa_PrivilegeSet **privs + [out,ref] lsa_PrivilegeSet **privs ); @@ -516,9 +632,9 @@ /* Function: 0x13 */ NTSTATUS lsa_AddPrivilegesToAccount( [in] policy_handle *handle, - [in] lsa_PrivilegeSet *privs + [in,ref] lsa_PrivilegeSet *privs ); - + /****************************************/ /* Function: 0x14 */ @@ -530,26 +646,33 @@ /* Function: 0x15 */ [todo] NTSTATUS lsa_GetQuotasForAccount(); - + /* Function: 0x16 */ [todo] NTSTATUS lsa_SetQuotasForAccount(); - + /* Function: 0x17 */ - [todo] NTSTATUS lsa_GetSystemAccessAccount(); + NTSTATUS lsa_GetSystemAccessAccount( + [in] policy_handle *handle, + [out,ref] lsa_AccountAccessMask *access_mask + ); + /* Function: 0x18 */ - [todo] NTSTATUS lsa_SetSystemAccessAccount(); + NTSTATUS lsa_SetSystemAccessAccount( + [in] policy_handle *handle, + [in] lsa_AccountAccessMask access_mask + ); /* Function: 0x19 */ NTSTATUS lsa_OpenTrustedDomain( [in] policy_handle *handle, [in] dom_sid2 *sid, - [in] lsa_DomainAccessMask access_mask, + [in] lsa_TrustedAccessMask access_mask, [out] policy_handle *trustdom_handle ); typedef [flag(NDR_PAHEX)] struct { - uint32 length; - uint32 size; + uint3264 length; + uint3264 size; [size_is(size),length_is(length)] uint8 *data; } lsa_DATA_BUF; @@ -559,22 +682,59 @@ } lsa_DATA_BUF2; typedef enum { - LSA_TRUSTED_DOMAIN_INFO_NAME = 1, - LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2, - LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3, - LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4, - LSA_TRUSTED_DOMAIN_INFO_BASIC = 5, - LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6, - LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7, - LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8, - LSA_TRUSTED_DOMAIN_INFO_11 = 11, - LSA_TRUSTED_DOMAIN_INFO_INFO_ALL = 12 + LSA_TRUSTED_DOMAIN_INFO_NAME = 1, + LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS = 2, + LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3, + LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4, + LSA_TRUSTED_DOMAIN_INFO_BASIC = 5, + LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6, + LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8, + LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL = 9, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL = 10, + LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL = 11, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL = 12, + LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES = 13, + LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL_AES= 14, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL_AES= 15 } lsa_TrustDomInfoEnum; + typedef [public,bitmap32bit] bitmap { + LSA_TRUST_DIRECTION_INBOUND = 0x00000001, + LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002 + } lsa_TrustDirection; + + typedef [public,v1_enum] enum { + LSA_TRUST_TYPE_DOWNLEVEL = 0x00000001, + LSA_TRUST_TYPE_UPLEVEL = 0x00000002, + LSA_TRUST_TYPE_MIT = 0x00000003, + LSA_TRUST_TYPE_DCE = 0x00000004 + } lsa_TrustType; + + typedef [public,bitmap32bit] bitmap { + LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001, + LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002, + LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004, + LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008, + LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010, + LSA_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020, + LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040, + LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION = 0x00000080, + LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION = 0x00000200, + LSA_TRUST_ATTRIBUTE_PIM_TRUST = 0x00000400, + LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION = 0x00000800 + } lsa_TrustAttributes; + typedef struct { lsa_StringLarge netbios_name; } lsa_TrustDomainInfoName; + + typedef struct { + uint32 entries; + [size_is(entries)] lsa_StringLarge *netbios_names; + } lsa_TrustDomainInfoControllers; + typedef struct { uint32 posix_offset; } lsa_TrustDomainInfoPosixOffset; @@ -589,22 +749,29 @@ dom_sid2 *sid; } lsa_TrustDomainInfoBasic; - typedef struct { + typedef [public] struct { lsa_StringLarge domain_name; lsa_StringLarge netbios_name; - dom_sid2 *sid; - uint32 trust_direction; - uint32 trust_type; - uint32 trust_attributes; + dom_sid2 *sid; + lsa_TrustDirection trust_direction; + lsa_TrustType trust_type; + lsa_TrustAttributes trust_attributes; } lsa_TrustDomainInfoInfoEx; + typedef [public,v1_enum] enum { + TRUST_AUTH_TYPE_NONE = 0, + TRUST_AUTH_TYPE_NT4OWF = 1, + TRUST_AUTH_TYPE_CLEAR = 2, + TRUST_AUTH_TYPE_VERSION = 3 + } lsa_TrustAuthType; + typedef struct { NTTIME_hyper last_update_time; - uint32 secret_type; + lsa_TrustAuthType AuthType; lsa_DATA_BUF2 data; } lsa_TrustDomainInfoBuffer; - typedef struct { + typedef [public] struct { uint32 incoming_count; lsa_TrustDomainInfoBuffer *incoming_current_auth_info; lsa_TrustDomainInfoBuffer *incoming_previous_auth_info; @@ -620,38 +787,89 @@ } lsa_TrustDomainInfoFullInfo; typedef struct { - lsa_TrustDomainInfoInfoEx info_ex; - lsa_DATA_BUF2 data1; - } lsa_TrustDomainInfo11; + lsa_DATA_BUF2 auth_blob; + } lsa_TrustDomainInfoAuthInfoInternal; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_TrustDomainInfoPosixOffset posix_offset; + lsa_TrustDomainInfoAuthInfoInternal auth_info; + } lsa_TrustDomainInfoFullInfoInternal; + + typedef struct { + uint8 auth_data[64]; + uint8 salt[16]; + lsa_DATA_BUF2 cipher; + } lsa_TrustDomainInfoAuthInfoInternalAES; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_TrustDomainInfoPosixOffset posix_offset; + lsa_TrustDomainInfoAuthInfoInternalAES auth_info; + } lsa_TrustDomainInfoFullInfoInternalAES; typedef struct { lsa_TrustDomainInfoInfoEx info_ex; - lsa_DATA_BUF2 data1; + uint32 forest_trust_length; + [size_is(forest_trust_length)] uint8 *forest_trust_data; + } lsa_TrustDomainInfoInfoEx2Internal; + + typedef struct { + lsa_TrustDomainInfoInfoEx2Internal info; lsa_TrustDomainInfoPosixOffset posix_offset; lsa_TrustDomainInfoAuthInfo auth_info; - } lsa_TrustDomainInfoInfoAll; + } lsa_TrustDomainInfoFullInfo2Internal; + + typedef struct { + kerb_EncTypes enc_types; + } lsa_TrustDomainInfoSupportedEncTypes; typedef [switch_type(lsa_TrustDomInfoEnum)] union { - [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name; - [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset; - [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password; - [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] lsa_TrustDomainInfoBasic info_basic; - [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoEx info_ex; - [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info; - [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info; - [case(LSA_TRUSTED_DOMAIN_INFO_11)] lsa_TrustDomainInfo11 info11; - [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all; + [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] + lsa_TrustDomainInfoName name; + [case(LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS)] + lsa_TrustDomainInfoControllers controllers; + [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] + lsa_TrustDomainInfoPosixOffset posix_offset; + [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] + lsa_TrustDomainInfoPassword password; + [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] + lsa_TrustDomainInfoBasic info_basic; + [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] + lsa_TrustDomainInfoInfoEx info_ex; + [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] + lsa_TrustDomainInfoAuthInfo auth_info; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] + lsa_TrustDomainInfoFullInfo full_info; + [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)] + lsa_TrustDomainInfoAuthInfoInternal auth_info_internal; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)] + lsa_TrustDomainInfoFullInfoInternal full_info_internal; + [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)] + lsa_TrustDomainInfoInfoEx2Internal info_ex2_internal; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)] + lsa_TrustDomainInfoFullInfo2Internal full_info2_internal; + [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES)] + lsa_TrustDomainInfoSupportedEncTypes enc_types; + [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL_AES)] + lsa_TrustDomainInfoAuthInfoInternalAES auth_info_internal_aes; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL_AES)] + lsa_TrustDomainInfoFullInfoInternalAES full_info_internal_aes; } lsa_TrustedDomainInfo; /* Function: 0x1a */ NTSTATUS lsa_QueryTrustedDomainInfo( [in] policy_handle *trustdom_handle, - [in] lsa_TrustDomInfoEnum level, - [out,switch_is(level)] lsa_TrustedDomainInfo **info + [in] lsa_TrustDomInfoEnum level, + [out,switch_is(level),ref] lsa_TrustedDomainInfo **info ); /* Function: 0x1b */ - [todo] NTSTATUS lsa_SetInformationTrustedDomain(); + NTSTATUS lsa_SetInformationTrustedDomain( + [in] policy_handle *trustdom_handle, + [in] lsa_TrustDomInfoEnum level, + [in,switch_is(level)] lsa_TrustedDomainInfo *info + ); /* Function: 0x1c */ [public] NTSTATUS lsa_OpenSecret( @@ -685,35 +903,38 @@ /* Function: 0x1f */ NTSTATUS lsa_LookupPrivValue( [in] policy_handle *handle, - [in] lsa_String *name, - [out] lsa_LUID *luid + [in,ref] lsa_String *name, + [out,ref] lsa_LUID *luid ); /* Function: 0x20 */ - NTSTATUS lsa_LookupPrivName ( + NTSTATUS lsa_LookupPrivName( [in] policy_handle *handle, - [in] lsa_LUID *luid, - [out] lsa_StringLarge **name + [in,ref] lsa_LUID *luid, + [out,ref] lsa_StringLarge **name ); /*******************/ /* Function: 0x21 */ - NTSTATUS lsa_LookupPrivDisplayName ( - [in] policy_handle *handle, - [in] lsa_String *name, - [out] lsa_StringLarge **disp_name, + NTSTATUS lsa_LookupPrivDisplayName( + [in] policy_handle *handle, + [in,ref] lsa_String *name, + [in] uint16 language_id, + [in] uint16 language_id_sys, + [out,ref] lsa_StringLarge **disp_name, /* see http://www.microsoft.com/globaldev/nlsweb/ for language definitions */ - [in,out] uint16 *language_id, - [in] uint16 unknown + [out,ref] uint16 *returned_language_id ); - /* Function: 0x22 */ - [todo] NTSTATUS lsa_DeleteObject(); + /*******************/ + /* Function: 0x22 */ + NTSTATUS lsa_DeleteObject ( + [in,out] policy_handle *handle + ); - /*******************/ /* Function: 0x23 */ NTSTATUS lsa_EnumAccountsWithUserRight ( @@ -726,16 +947,16 @@ typedef struct { [string,charset(UTF16)] uint16 *name; } lsa_RightAttribute; - + typedef struct { - uint32 count; + [range(0,256)] uint32 count; [size_is(count)] lsa_StringLarge *names; } lsa_RightSet; - + NTSTATUS lsa_EnumAccountRights ( [in] policy_handle *handle, - [in] dom_sid2 *sid, - [out] lsa_RightSet *rights + [in,ref] dom_sid2 *sid, + [out,ref] lsa_RightSet *rights ); @@ -743,29 +964,35 @@ /* Function: 0x25 */ NTSTATUS lsa_AddAccountRights ( [in] policy_handle *handle, - [in] dom_sid2 *sid, - [in] lsa_RightSet *rights + [in,ref] dom_sid2 *sid, + [in,ref] lsa_RightSet *rights ); - + /**********************/ /* Function: 0x26 */ NTSTATUS lsa_RemoveAccountRights ( [in] policy_handle *handle, - [in] dom_sid2 *sid, - [in] uint32 unknown, - [in] lsa_RightSet *rights + [in,ref] dom_sid2 *sid, + [in] uint8 remove_all, + [in,ref] lsa_RightSet *rights ); /* Function: 0x27 */ NTSTATUS lsa_QueryTrustedDomainInfoBySid( [in] policy_handle *handle, - [in] dom_sid2 *dom_sid, - [in] lsa_TrustDomInfoEnum level, - [out,switch_is(level)] lsa_TrustedDomainInfo **info + [in,ref] dom_sid2 *dom_sid, + [in] lsa_TrustDomInfoEnum level, + [out,switch_is(level),ref] lsa_TrustedDomainInfo **info ); /* Function: 0x28 */ - [todo] NTSTATUS lsa_SetTrustedDomainInfo(); + NTSTATUS lsa_SetTrustedDomainInfo( + [in] policy_handle *handle, + [in] dom_sid2 *dom_sid, + [in] lsa_TrustDomInfoEnum level, + [in,switch_is(level)] lsa_TrustedDomainInfo *info + ); + /* Function: 0x29 */ NTSTATUS lsa_DeleteTrustedDomain( [in] policy_handle *handle, @@ -773,10 +1000,18 @@ ); /* Function: 0x2a */ - [todo] NTSTATUS lsa_StorePrivateData(); - /* Function: 0x2b */ - [todo] NTSTATUS lsa_RetrievePrivateData(); + NTSTATUS lsa_StorePrivateData( + [in] policy_handle *handle, + [in,ref] lsa_String *name, + [in,unique] lsa_DATA_BUF *val + ); + /* Function: 0x2b */ + NTSTATUS lsa_RetrievePrivateData( + [in] policy_handle *handle, + [in,ref] lsa_String *name, + [in,out,ref] lsa_DATA_BUF **val + ); /**********************/ /* Function: 0x2c */ @@ -789,23 +1024,19 @@ /**********************/ /* Function: 0x2d */ - typedef struct { - lsa_String *string; - } lsa_StringPointer; - NTSTATUS lsa_GetUserName( [in,unique] [string,charset(UTF16)] uint16 *system_name, - [in,out,unique] lsa_String *account_name, - [in,out,unique] lsa_StringPointer *authority_name + [in,out,ref] lsa_String **account_name, + [in,out,unique] lsa_String **authority_name ); /**********************/ /* Function: 0x2e */ NTSTATUS lsa_QueryInfoPolicy2( - [in] policy_handle *handle, - [in] lsa_PolicyInfo level, - [out,switch_is(level)] lsa_PolicyInformation **info + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [out,ref,switch_is(level)] lsa_PolicyInformation **info ); /* Function 0x2f */ @@ -818,19 +1049,19 @@ /**********************/ /* Function 0x30 */ NTSTATUS lsa_QueryTrustedDomainInfoByName( - [in] policy_handle *handle, - [in] lsa_String trusted_domain, - [in] lsa_TrustDomInfoEnum level, - [out,switch_is(level)] lsa_TrustedDomainInfo **info + [in] policy_handle *handle, + [in,ref] lsa_String *trusted_domain, + [in] lsa_TrustDomInfoEnum level, + [out,ref,switch_is(level)] lsa_TrustedDomainInfo **info ); /**********************/ /* Function 0x31 */ - NTSTATUS lsa_SetTrustedDomainInfoByName( + [public] NTSTATUS lsa_SetTrustedDomainInfoByName( [in] policy_handle *handle, - [in] lsa_String trusted_domain, - [in] lsa_TrustDomInfoEnum level, - [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info + [in,ref] lsa_String *trusted_domain, + [in] lsa_TrustDomInfoEnum level, + [in,ref,switch_is(level)] lsa_TrustedDomainInfo *info ); /* Function 0x32 */ @@ -850,9 +1081,15 @@ [in] uint32 max_size ); - /* Function 0x33 */ - [todo] NTSTATUS lsa_CreateTrustedDomainEx(); + NTSTATUS lsa_CreateTrustedDomainEx( + [in] policy_handle *policy_handle, + [in] lsa_TrustDomainInfoInfoEx *info, + [in] lsa_TrustDomainInfoAuthInfo *auth_info, + [in] lsa_TrustedAccessMask access_mask, + [out] policy_handle *trustdom_handle + ); + /* Function 0x34 */ NTSTATUS lsa_CloseTrustedDomainEx( @@ -860,16 +1097,23 @@ ); /* Function 0x35 */ + typedef struct { + uint32 quality_of_service; + } lsa_DomainInfoQoS; - /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000 - for unknown6 - gd */ + typedef [bitmap32bit] bitmap { + LSA_POLICY_KERBEROS_VALIDATE_CLIENT = 0x00000080 + } lsa_krbAuthenticationOptions; + + /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000 + for reserved - gd */ typedef struct { - uint32 enforce_restrictions; + lsa_krbAuthenticationOptions authentication_options; hyper service_tkt_lifetime; hyper user_tkt_lifetime; hyper user_tkt_renewaltime; hyper clock_skew; - hyper unknown6; + hyper reserved; } lsa_DomainInfoKerberos; typedef struct { @@ -883,7 +1127,8 @@ LSA_DOMAIN_INFO_POLICY_KERBEROS=3 } lsa_DomainInfoEnum; - typedef [switch_type(uint16)] union { + typedef [switch_type(lsa_DomainInfoEnum)] union { + [case(LSA_DOMAIN_INFO_POLICY_QOS)] lsa_DomainInfoQoS qos_info; [case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info; [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info; } lsa_DomainInformationPolicy; @@ -891,7 +1136,7 @@ NTSTATUS lsa_QueryDomainInformationPolicy( [in] policy_handle *handle, [in] lsa_DomainInfoEnum level, - [out,switch_is(level)] lsa_DomainInformationPolicy **info + [out,ref,switch_is(level)] lsa_DomainInformationPolicy **info ); /* Function 0x36 */ @@ -906,7 +1151,7 @@ NTSTATUS lsa_OpenTrustedDomainByName( [in] policy_handle *handle, [in] lsa_String name, - [in] lsa_DomainAccessMask access_mask, + [in] lsa_TrustedAccessMask access_mask, [out] policy_handle *trustdom_handle ); @@ -928,15 +1173,25 @@ [size_is(count)] lsa_TranslatedName2 *names; } lsa_TransNameArray2; + typedef [v1_enum] enum { + LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES = 0x00000000, + LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES_LOCAL = 0x80000000 + } lsa_LookupOptions; + + typedef [v1_enum] enum { + LSA_CLIENT_REVISION_1 = 0x00000001, + LSA_CLIENT_REVISION_2 = 0x00000002 + } lsa_ClientRevision; + [public] NTSTATUS lsa_LookupSids2( [in] policy_handle *handle, - [in] lsa_SidArray *sids, - [out] lsa_RefDomainList **domains, - [in,out] lsa_TransNameArray2 *names, - [in] uint16 level, - [in,out] uint32 *count, - [in] uint32 unknown1, - [in] uint32 unknown2 + [in,ref] lsa_SidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransNameArray2 *names, + [in] lsa_LookupNamesLevel level, + [in,out,ref] uint32 *count, + [in] lsa_LookupOptions lookup_options, + [in] lsa_ClientRevision client_revision ); /**********************/ @@ -958,16 +1213,22 @@ [in] policy_handle *handle, [in,range(0,1000)] uint32 num_names, [in,size_is(num_names)] lsa_String names[], - [out] lsa_RefDomainList **domains, - [in,out] lsa_TransSidArray2 *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransSidArray2 *sids, [in] lsa_LookupNamesLevel level, - [in,out] uint32 *count, - [in] uint32 unknown1, - [in] uint32 unknown2 + [in,out,ref] uint32 *count, + [in] lsa_LookupOptions lookup_options, + [in] lsa_ClientRevision client_revision ); /* Function 0x3b */ - [todo] NTSTATUS lsa_CreateTrustedDomainEx2(); + NTSTATUS lsa_CreateTrustedDomainEx2( + [in] policy_handle *policy_handle, + [in] lsa_TrustDomainInfoInfoEx *info, + [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info_internal, + [in] lsa_TrustedAccessMask access_mask, + [out] policy_handle *trustdom_handle + ); /* Function 0x3c */ [todo] NTSTATUS lsa_CREDRWRITE(); @@ -999,7 +1260,7 @@ lsa_SidType sid_type; dom_sid2 *sid; uint32 sid_index; - uint32 unknown; + uint32 flags; } lsa_TranslatedSid3; typedef struct { @@ -1011,12 +1272,12 @@ [in] policy_handle *handle, [in,range(0,1000)] uint32 num_names, [in,size_is(num_names)] lsa_String names[], - [out] lsa_RefDomainList **domains, - [in,out] lsa_TransSidArray3 *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransSidArray3 *sids, [in] lsa_LookupNamesLevel level, - [in,out] uint32 *count, - [in] uint32 unknown1, - [in] uint32 unknown2 + [in,out,ref] uint32 *count, + [in] lsa_LookupOptions lookup_options, + [in] lsa_ClientRevision client_revision ); /* Function 0x45 */ @@ -1032,8 +1293,44 @@ [todo] NTSTATUS lsa_LSARUNREGISTERAUDITEVENT(); /* Function 0x49 */ + typedef [bitmap32bit,public] bitmap { + /* these apply to LSA_FOREST_TRUST_TOP_LEVEL_NAME */ + LSA_TLN_DISABLED_NEW = 0x00000001, + LSA_TLN_DISABLED_ADMIN = 0x00000002, + LSA_TLN_DISABLED_CONFLICT = 0x00000004, + + /* these apply to LSA_FOREST_TRUST_DOMAIN_INFO */ + LSA_SID_DISABLED_ADMIN = 0x00000001, + LSA_SID_DISABLED_CONFLICT = 0x00000002, + LSA_NB_DISABLED_ADMIN = 0x00000004, + LSA_NB_DISABLED_CONFLICT = 0x00000008 + } lsa_ForestTrustRecordFlags; + + const uint32 LSA_TLN_DISABLED_MASK = ( + LSA_TLN_DISABLED_NEW | + LSA_TLN_DISABLED_ADMIN | + LSA_TLN_DISABLED_CONFLICT); + const uint32 LSA_SID_DISABLED_MASK = ( + LSA_SID_DISABLED_ADMIN | + LSA_SID_DISABLED_CONFLICT); + const uint32 LSA_NB_DISABLED_MASK = ( + LSA_NB_DISABLED_ADMIN | + LSA_NB_DISABLED_CONFLICT); + + typedef enum { + LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0, + LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1, + LSA_FOREST_TRUST_DOMAIN_INFO = 2, + LSA_FOREST_TRUST_BINARY_DATA = 3, + LSA_FOREST_TRUST_SCANNER_INFO = 4 + } lsa_ForestTrustRecordType; + const uint32 LSA_FOREST_TRUST_RECORD_TYPE_LAST = + LSA_FOREST_TRUST_BINARY_DATA; + const uint32 LSA_FOREST_TRUST_RECORD2_TYPE_LAST = + LSA_FOREST_TRUST_SCANNER_INFO; + typedef struct { - [range(0,131072)] uint32 length; + [range(0,131072)] uint3264 length; [size_is(length)] uint8 *data; } lsa_ForestTrustBinaryData; @@ -1043,25 +1340,18 @@ lsa_StringLarge netbios_domain_name; } lsa_ForestTrustDomainInfo; - typedef [switch_type(uint32)] union { - [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name; + typedef [switch_type(lsa_ForestTrustRecordType)] union { + [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_StringLarge top_level_name; [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex; [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info; [default] lsa_ForestTrustBinaryData data; } lsa_ForestTrustData; - typedef [v1_enum] enum { - LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0, - LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1, - LSA_FOREST_TRUST_DOMAIN_INFO = 2, - LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3 - } lsa_ForestTrustRecordType; - typedef struct { - uint32 flags; - lsa_ForestTrustRecordType level; - hyper unknown; - [switch_is(level)] lsa_ForestTrustData forest_trust_data; + lsa_ForestTrustRecordFlags flags; + lsa_ForestTrustRecordType type; + NTTIME_hyper time; + [switch_is(type)] lsa_ForestTrustData forest_trust_data; } lsa_ForestTrustRecord; typedef [public] struct { @@ -1069,15 +1359,42 @@ [size_is(count)] lsa_ForestTrustRecord **entries; } lsa_ForestTrustInformation; - NTSTATUS lsa_lsaRQueryForestTrustInformation( + [public] NTSTATUS lsa_lsaRQueryForestTrustInformation( [in] policy_handle *handle, [in,ref] lsa_String *trusted_domain_name, - [in] uint16 unknown, /* level ? */ + [in] lsa_ForestTrustRecordType highest_record_type, [out,ref] lsa_ForestTrustInformation **forest_trust_info ); - /* Function 0x4a */ - [todo] NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION(); + /***************** + * Function 0x4a */ + + typedef [v1_enum] enum { + LSA_FOREST_TRUST_COLLISION_TDO = 0, + LSA_FOREST_TRUST_COLLISION_XREF = 1, + LSA_FOREST_TRUST_COLLISION_OTHER = 2 + } lsa_ForestTrustCollisionRecordType; + + typedef [public] struct { + uint32 index; + lsa_ForestTrustCollisionRecordType type; + lsa_ForestTrustRecordFlags flags; + lsa_String name; + } lsa_ForestTrustCollisionRecord; + + typedef [public] struct { + uint32 count; + [size_is(count)] lsa_ForestTrustCollisionRecord **entries; + } lsa_ForestTrustCollisionInfo; + + [public] NTSTATUS lsa_lsaRSetForestTrustInformation( + [in] policy_handle *handle, + [in,ref] lsa_StringLarge *trusted_domain_name, + [in] lsa_ForestTrustRecordType highest_record_type, + [in,ref] lsa_ForestTrustInformation *forest_trust_info, + [in] boolean8 check_only, + [out,ref] lsa_ForestTrustCollisionInfo **collision_info + ); /* Function 0x4b */ [todo] NTSTATUS lsa_CREDRRENAME(); @@ -1086,25 +1403,30 @@ /* Function 0x4c */ [public] NTSTATUS lsa_LookupSids3( - [in] lsa_SidArray *sids, - [out] lsa_RefDomainList **domains, - [in,out] lsa_TransNameArray2 *names, - [in] uint16 level, - [in,out] uint32 *count, - [in] uint32 unknown1, - [in] uint32 unknown2 + [in,ref] lsa_SidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransNameArray2 *names, + [in] lsa_LookupNamesLevel level, + [in,out,ref] uint32 *count, + [in] lsa_LookupOptions lookup_options, + [in] lsa_ClientRevision client_revision ); + const int LSA_CLIENT_REVISION_NO_DNS = 0x00000001; + const int LSA_CLIENT_REVISION_DNS = 0x00000002; + + const int LSA_LOOKUP_OPTIONS_NO_ISOLATED = 0x80000000; + /* Function 0x4d */ NTSTATUS lsa_LookupNames4( [in,range(0,1000)] uint32 num_names, [in,size_is(num_names)] lsa_String names[], - [out] lsa_RefDomainList **domains, - [in,out] lsa_TransSidArray3 *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransSidArray3 *sids, [in] lsa_LookupNamesLevel level, - [in,out] uint32 *count, - [in] uint32 unknown1, - [in] uint32 unknown2 + [in,out,ref] uint32 *count, + [in] lsa_LookupOptions lookup_options, + [in] lsa_ClientRevision client_revision ); /* Function 0x4e */ @@ -1119,175 +1441,229 @@ /* Function 0x51 */ [todo] NTSTATUS lsa_LSARADTREPORTSECURITYEVENT(); - /* Function 0x52 */ - [todo] NTSTATUS Opnum82NotUsedOnWire(void); + /* Function 0x52 (82) */ + [todo] void lsa_Opnum82NotUsedOnWire(void); - /* Function 0x53 */ - [todo] NTSTATUS Opnum83NotUsedOnWire(void); + /* Function 0x53 (83) */ + [todo] void lsa_Opnum83NotUsedOnWire(void); - /* Function 0x54 */ - [todo] NTSTATUS Opnum84NotUsedOnWire(void); + /* Function 0x54 (84) */ + [todo] void lsa_Opnum84NotUsedOnWire(void); - /* Function 0x55 */ - [todo] NTSTATUS Opnum85NotUsedOnWire(void); + /* Function 0x55 (85) */ + [todo] void lsa_Opnum85NotUsedOnWire(void); - /* Function 0x56 */ - [todo] NTSTATUS Opnum86NotUsedOnWire(void); + /* Function 0x56 (86) */ + [todo] void lsa_Opnum86NotUsedOnWire(void); - /* Function 0x57 */ - [todo] NTSTATUS Opnum87NotUsedOnWire(void); + /* Function 0x57 (87) */ + [todo] void lsa_Opnum87NotUsedOnWire(void); - /* Function 0x58 */ - [todo] NTSTATUS Opnum88NotUsedOnWire(void); + /* Function 0x58 (88) */ + [todo] void lsa_Opnum88NotUsedOnWire(void); - /* Function 0x59 */ - [todo] NTSTATUS Opnum89NotUsedOnWire(void); + /* Function 0x59 (89) */ + [todo] void lsa_Opnum89NotUsedOnWire(void); - /* Function 0x5A */ - [todo] NTSTATUS Opnum90NotUsedOnWire(void); + /* Function 0x5A (90) */ + [todo] void lsa_Opnum90NotUsedOnWire(void); - /* Function 0x5B */ - [todo] NTSTATUS Opnum91NotUsedOnWire(void); + /* Function 0x5B (91) */ + [todo] void lsa_Opnum91NotUsedOnWire(void); - /* Function 0x5C */ - [todo] NTSTATUS Opnum92NotUsedOnWire(void); + /* Function 0x5C (92) */ + [todo] void lsa_Opnum92NotUsedOnWire(void); - /* Function 0x5D */ - [todo] NTSTATUS Opnum93NotUsedOnWire(void); + /* Function 0x5D (93) */ + [todo] void lsa_Opnum93NotUsedOnWire(void); - /* Function 0x5E */ - [todo] NTSTATUS Opnum94NotUsedOnWire(void); + /* Function 0x5E (94) */ + [todo] void lsa_Opnum94NotUsedOnWire(void); - /* Function 0x5F */ - [todo] NTSTATUS Opnum95NotUsedOnWire(void); + /* Function 0x5F (95) */ + [todo] void lsa_Opnum95NotUsedOnWire(void); - /* Function 0x60 */ - [todo] NTSTATUS Opnum96NotUsedOnWire(void); + /* Function 0x60 (96) */ + [todo] void lsa_Opnum96NotUsedOnWire(void); - /* Function 0x61 */ - [todo] NTSTATUS Opnum97NotUsedOnWire(void); + /* Function 0x61 (97) */ + [todo] void lsa_Opnum97NotUsedOnWire(void); - /* Function 0x62 */ - [todo] NTSTATUS Opnum98NotUsedOnWire(void); + /* Function 0x62 (98) */ + [todo] void lsa_Opnum98NotUsedOnWire(void); - /* Function 0x63 */ - [todo] NTSTATUS Opnum99NotUsedOnWire(void); + /* Function 0x63 (99) */ + [todo] void lsa_Opnum99NotUsedOnWire(void); - /* Function 0x64 */ - [todo] NTSTATUS Opnum100NotUsedOnWire(void); + /* Function 0x64 (100) */ + [todo] void lsa_Opnum100NotUsedOnWire(void); - /* Function 0x65 */ - [todo] NTSTATUS Opnum101NotUsedOnWire(void); + /* Function 0x65 (101) */ + [todo] void lsa_Opnum101NotUsedOnWire(void); - /* Function 0x66 */ - [todo] NTSTATUS Opnum102NotUsedOnWire(void); + /* Function 0x66 (102) */ + [todo] void lsa_Opnum102NotUsedOnWire(void); - /* Function 0x67 */ - [todo] NTSTATUS Opnum103NotUsedOnWire(void); + /* Function 0x67 (103) */ + [todo] void lsa_Opnum103NotUsedOnWire(void); - /* Function 0x68 */ - [todo] NTSTATUS Opnum104NotUsedOnWire(void); + /* Function 0x68 (104) */ + [todo] void lsa_Opnum104NotUsedOnWire(void); - /* Function 0x69 */ - [todo] NTSTATUS Opnum105NotUsedOnWire(void); + /* Function 0x69 (105) */ + [todo] void lsa_Opnum105NotUsedOnWire(void); - /* Function 0x6A */ - [todo] NTSTATUS Opnum106NotUsedOnWire(void); + /* Function 0x6A (106) */ + [todo] void lsa_Opnum106NotUsedOnWire(void); - /* Function 0x6B */ - [todo] NTSTATUS Opnum107NotUsedOnWire(void); + /* Function 0x6B (107) */ + [todo] void lsa_Opnum107NotUsedOnWire(void); - /* Function 0x6C */ - [todo] NTSTATUS Opnum108NotUsedOnWire(void); + /* Function 0x6C (108) */ + [todo] void lsa_Opnum108NotUsedOnWire(void); - /* Function 0x6D */ - [todo] NTSTATUS Opnum109NotUsedOnWire(void); + /* Function 0x6D (109) */ + [todo] void lsa_Opnum109NotUsedOnWire(void); - /* Function 0x6E */ - [todo] NTSTATUS Opnum110NotUsedOnWire(void); + /* Function 0x6E (110) */ + [todo] void lsa_Opnum110NotUsedOnWire(void); - /* Function 0x6F */ - [todo] NTSTATUS Opnum111NotUsedOnWire(void); + /* Function 0x6F (111) */ + [todo] void lsa_Opnum111NotUsedOnWire(void); - /* Function 0x70 */ - [todo] NTSTATUS Opnum112NotUsedOnWire(void); + /* Function 0x70 (112) */ + [todo] void lsa_Opnum112NotUsedOnWire(void); - /* Function 0x71 */ - [todo] NTSTATUS Opnum113NotUsedOnWire(void); + /* Function 0x71 (113) */ + [todo] void lsa_Opnum113NotUsedOnWire(void); - /* Function 0x72 */ - [todo] NTSTATUS Opnum114NotUsedOnWire(void); + /* Function 0x72 (114) */ + [todo] void lsa_Opnum114NotUsedOnWire(void); - /* Function 0x73 */ - [todo] NTSTATUS Opnum115NotUsedOnWire(void); + /* Function 0x73 (115) */ + [todo] void lsa_Opnum115NotUsedOnWire(void); - /* Function 0x74 */ - [todo] NTSTATUS Opnum116NotUsedOnWire(void); + /* Function 0x74 (116) */ + [todo] void lsa_Opnum116NotUsedOnWire(void); - /* Function 0x75 */ - [todo] NTSTATUS Opnum117NotUsedOnWire(void); + /* Function 0x75 (117) */ + [todo] void lsa_Opnum117NotUsedOnWire(void); - /* Function 0x76 */ - [todo] NTSTATUS Opnum118NotUsedOnWire(void); + /* Function 0x76 (118) */ + [todo] void lsa_Opnum118NotUsedOnWire(void); - /* Function 0x77 */ - [todo] NTSTATUS Opnum119NotUsedOnWire(void); + /* Function 0x77 (119) */ + [todo] void lsa_Opnum119NotUsedOnWire(void); - /* Function 0x78 */ - [todo] NTSTATUS Opnum120NotUsedOnWire(void); + /* Function 0x78 (120) */ + [todo] void lsa_Opnum120NotUsedOnWire(void); - /* Function 0x79 */ - [todo] NTSTATUS Opnum121NotUsedOnWire(void); + /* Function 0x79 (121) */ + [todo] void lsa_Opnum121NotUsedOnWire(void); - /* Function 0x7A */ - [todo] NTSTATUS Opnum122NotUsedOnWire(void); + /* Function 0x7A (122) */ + [todo] void lsa_Opnum122NotUsedOnWire(void); - /* Function 0x7B */ - [todo] NTSTATUS Opnum123NotUsedOnWire(void); + /* Function 0x7B (123) */ + [todo] void lsa_Opnum123NotUsedOnWire(void); - /* Function 0x7C */ - [todo] NTSTATUS Opnum124NotUsedOnWire(void); + /* Function 0x7C (124) */ + [todo] void lsa_Opnum124NotUsedOnWire(void); - /* Function 0x7D */ - [todo] NTSTATUS Opnum125NotUsedOnWire(void); + /* Function 0x7D (125) */ + [todo] void lsa_Opnum125NotUsedOnWire(void); - /* Function 0x7E */ - [todo] NTSTATUS Opnum126NotUsedOnWire(void); + /* Function 0x7E (126) */ + [todo] void lsa_Opnum126NotUsedOnWire(void); - /* Function 0x7F */ - [todo] NTSTATUS Opnum127NotUsedOnWire(void); + /* Function 0x7F (127) */ + [todo] void lsa_Opnum127NotUsedOnWire(void); - /* Function 0x80 */ - [todo] NTSTATUS Opnum128NotUsedOnWire(void); + /* Function 0x80 (128) */ + [todo] void lsa_Opnum128NotUsedOnWire(void); - /* Function 0x81 */ - [todo] NTSTATUS lsa_LsarCreateTrustedDomainEx3(void); + /***********************/ + /* Function 0x81 (129) */ - /*****************/ - /* Function 0x82 */ + NTSTATUS lsa_CreateTrustedDomainEx3( + [in] policy_handle *policy_handle, + [in] lsa_TrustDomainInfoInfoEx *info, + [in] lsa_TrustDomainInfoAuthInfoInternalAES *auth_info_internal, + [in] lsa_TrustedAccessMask access_mask, + [out] policy_handle *trustdom_handle + ); - typedef [v1_enum] enum { - LSAPR_REVISION_VERSION_1 = 0x00000001 - } LSAPR_REVISION_VERSION; + /***********************/ + /* Function 0x82 (130) */ - typedef struct _LSAPR_REVISION_INFO_V1 - { - uint32 Revision; - uint32 SupportedFeatures; - } LSAPR_REVISION_INFO_V1; + typedef [bitmap32bit] bitmap { + LSA_FEATURE_TDO_AUTH_INFO_AES_CIPHER = 0x00000001 + } lsa_RevisionSupportedFeature; - typedef [switch_type(LSAPR_REVISION_VERSION)] union { - [case(LSAPR_REVISION_VERSION_1)] LSAPR_REVISION_INFO_V1 revision_info_v1; - } LSAPR_REVISION_INFO; + typedef struct { + uint32 revision; + lsa_RevisionSupportedFeature supported_features; + } lsa_revision_info1; + + typedef [switch_type(uint32)] union { + [case(1)] lsa_revision_info1 info1; + } lsa_revision_info; - NTSTATUS lsa_LsarOpenPolicy3( + [public] NTSTATUS lsa_OpenPolicy3 ( [in,unique] [string,charset(UTF16)] uint16 *system_name, - [in] lsa_ObjectAttribute *ObjectAttributes, - [in] lsa_PolicyAccessMask DesiredAccess, - [in] uint32 InVersion, - [in] [switch_is(InVersion)] LSAPR_REVISION_INFO* InRevisionInfo, - [out] uint32 *OutVersion, - [out] [switch_is(*OutVersion)] LSAPR_REVISION_INFO* OutRevisionInfo, - [out] policy_handle *handle - ); + [in] lsa_ObjectAttribute *attr, + [in] lsa_PolicyAccessMask access_mask, + [in] uint32 in_version, + [in,ref][switch_is(in_version)] lsa_revision_info *in_revision_info, + [out,ref] uint32 *out_version, + [out,ref][switch_is(*out_version)] lsa_revision_info *out_revision_info, + [out,ref] policy_handle *handle + ); + + /* Function 0x83 (131) */ + [todo] void lsa_Opnum131NotUsedOnWire(void); + + /***********************/ + /* Function 0x84 (132) */ + typedef [switch_type(lsa_ForestTrustRecordType)] union { + [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_StringLarge top_level_name; + [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex; + [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info; + [case(LSA_FOREST_TRUST_BINARY_DATA)] lsa_ForestTrustBinaryData data; + /* + * lsa_ForestTrustScannerInfo would have the same + * definition as lsa_ForestTrustDomainInfo + */ + [case(LSA_FOREST_TRUST_SCANNER_INFO)] lsa_ForestTrustDomainInfo scanner_info; + } lsa_ForestTrustData2; + + typedef struct { + lsa_ForestTrustRecordFlags flags; + lsa_ForestTrustRecordType type; + NTTIME_hyper time; + [switch_is(type)] lsa_ForestTrustData2 forest_trust_data; + } lsa_ForestTrustRecord2; + + typedef [public] struct { + [range(0,4000)] uint32 count; + [size_is(count)] lsa_ForestTrustRecord2 **entries; + } lsa_ForestTrustInformation2; + + [public] NTSTATUS lsa_lsaRQueryForestTrustInformation2( + [in] policy_handle *handle, + [in,ref] lsa_String *trusted_domain_name, + [in] lsa_ForestTrustRecordType highest_record_type, + [out,ref] lsa_ForestTrustInformation2 **forest_trust_info + ); + + /***********************/ + /* Function 0x85 (133) */ + [public] NTSTATUS lsa_lsaRSetForestTrustInformation2( + [in] policy_handle *handle, + [in,ref] lsa_StringLarge *trusted_domain_name, + [in] lsa_ForestTrustRecordType highest_record_type, + [in,ref] lsa_ForestTrustInformation2 *forest_trust_info, + [in] boolean8 check_only, + [out,ref] lsa_ForestTrustCollisionInfo **collision_info + ); } diff --git a/epan/dissectors/pidl/mapi/mapi.cnf b/epan/dissectors/pidl/mapi/mapi.cnf index c817bbca..d1f5ab35 100644 --- a/epan/dissectors/pidl/mapi/mapi.cnf +++ b/epan/dissectors/pidl/mapi/mapi.cnf @@ -382,28 +382,28 @@ NOEMIT mapi_dissect_element_EcDoRpcExt_rgbOut__ CODE START -tvbuff_t * -mapi_deobfuscate(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 size) +static tvbuff_t * +mapi_deobfuscate(tvbuff_t *tvb, int offset, packet_info *pinfo, uint32_t size) { tvbuff_t *deob_tvb = NULL; - guint8 *decrypted_data; - const guint8 *ptr; - gint reported_len; + uint8_t *decrypted_data; + const uint8_t *ptr; + int reported_len; reported_len = tvb_reported_length_remaining(tvb, offset); - if ((guint32) reported_len > size) { + if ((uint32_t) reported_len > size) { reported_len = size; } - if (size > (guint32) reported_len) { + if (size > (uint32_t) reported_len) { size = reported_len; } ptr = tvb_get_ptr(tvb, offset, size); - decrypted_data = (guint8 *)wmem_alloc0(pinfo->pool, size); - for (guint32 i = 0; i < size; i++) { + decrypted_data = (uint8_t *)wmem_alloc0(pinfo->pool, size); + for (uint32_t i = 0; i < size; i++) { decrypted_data[i] = ptr[i] ^ 0xA5; } @@ -415,10 +415,10 @@ mapi_deobfuscate(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 size) /* [MS-OXCRPC] 3.1.4.1.3.1 Version Number Comparison */ static int -normalize_version(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree, int hf_index, const gchar * str) +normalize_version(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree, int hf_index, const char * str) { - guint16 version_0, build_major, product_major, product_minor; - gchar *value; + uint16_t version_0, build_major, product_major, product_minor; + char *value; version_0= tvb_get_letohs(tvb, offset); build_major= tvb_get_letohs(tvb, offset + 2); @@ -453,50 +453,50 @@ normalize_version(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tre } static int -mapi_dissect_element_EcDoConnect_rgwClientVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnect_rgwClientVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return normalize_version(tvb, pinfo, offset, tree, hf_mapi_mapi_EcDoConnect_rgwClientVersion, "rgwClientVersion"); } static int -mapi_dissect_element_EcDoConnect_rgwServerVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnect_rgwServerVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return normalize_version(tvb, pinfo, offset, tree, hf_mapi_mapi_EcDoConnect_rgwServerVersion, "rgwServerVersion"); } static int -mapi_dissect_element_EcDoConnect_rgwBestVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnect_rgwBestVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return normalize_version(tvb, pinfo, offset, tree, hf_mapi_mapi_EcDoConnect_rgwBestVersion, "rgwBestVersion"); } static int -mapi_dissect_element_EcDoConnectEx_rgwClientVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnectEx_rgwClientVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return normalize_version(tvb, pinfo, offset, tree, hf_mapi_mapi_EcDoConnectEx_rgwClientVersion, "rgwClientVersion"); } static int -mapi_dissect_element_EcDoConnectEx_rgwServerVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnectEx_rgwServerVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return normalize_version(tvb, pinfo, offset, tree, hf_mapi_mapi_EcDoConnectEx_rgwServerVersion, "rgwServerVersion"); } static int -mapi_dissect_element_EcDoConnectEx_rgwBestVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnectEx_rgwBestVersion(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return normalize_version(tvb, pinfo, offset, tree, hf_mapi_mapi_EcDoConnectEx_rgwBestVersion, "rgwBestVersion"); } static int -mapi_dissect_element_EcDoRpc_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoRpc_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return mapi_dissect_struct_request(tvb, offset, pinfo, tree, di, drep, hf_mapi_mapi_EcDoRpc_mapi_request, 0); } static int -mapi_dissect_element_EcDoRpc_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoRpc_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return mapi_dissect_struct_response(tvb, offset, pinfo, tree, di, drep, hf_mapi_mapi_EcDoRpc_mapi_response, 0); } @@ -505,11 +505,11 @@ mapi_dissect_element_EcDoRpc_response(tvbuff_t *tvb _U_, int offset _U_, packet_ * Analyze mapi_request MAPI Handles */ static int -mapi_dissect_element_handles_cnf(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, int hf_index _U_, guint8 *drep _U_) +mapi_dissect_element_handles_cnf(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, int hf_index _U_, uint8_t *drep _U_) { - gint reported_len; - gint handles_cnt = 0; - guint32 value; + int reported_len; + int handles_cnt = 0; + uint32_t value; proto_tree *tr = NULL; reported_len = tvb_reported_length_remaining(tvb, offset); @@ -518,7 +518,7 @@ mapi_dissect_element_handles_cnf(tvbuff_t *tvb _U_, int offset _U_, packet_info tr = proto_tree_add_subtree_format(tree, tvb, offset, reported_len, ett_mapi_mapi_request, NULL, "MAPI Handles: %d", handles_cnt); - for (gint i = 0; i < handles_cnt; i++) { + for (int i = 0; i < handles_cnt; i++) { value = tvb_get_letohl(tvb, offset); proto_tree_add_uint_format(tr, hf_index, tvb, offset, 4, value, "[%.2d] MAPI handle: 0x%.8x", i, value); offset += 4; @@ -528,14 +528,14 @@ mapi_dissect_element_handles_cnf(tvbuff_t *tvb _U_, int offset _U_, packet_info } int -mapi_dissect_struct_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int start_offset = offset; tvbuff_t *decrypted_tvb; - guint32 size; - guint16 pdu_len; + uint32_t size; + uint16_t pdu_len; ALIGN_TO_5_BYTES; @@ -560,11 +560,11 @@ mapi_dissect_struct_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pin tree = proto_tree_add_subtree(tree, decrypted_tvb, 0, size, ett_mapi_mapi_response, NULL, "Decrypted MAPI Response PDU"); pdu_len = tvb_get_letohs(decrypted_tvb, 0); - proto_tree_add_uint(tree, hf_mapi_mapi_response_length, decrypted_tvb, 0, sizeof(guint16), pdu_len); - proto_tree_add_item(tree, hf_mapi_decrypted_data, decrypted_tvb, sizeof(guint16), pdu_len - sizeof(guint16), ENC_NA); + proto_tree_add_uint(tree, hf_mapi_mapi_response_length, decrypted_tvb, 0, sizeof(uint16_t), pdu_len); + proto_tree_add_item(tree, hf_mapi_decrypted_data, decrypted_tvb, sizeof(uint16_t), pdu_len - sizeof(uint16_t), ENC_NA); /* analyze contents */ - mapi_dissect_element_response_rpcResponse(decrypted_tvb, sizeof(guint16), pinfo, tree, di, drep); + mapi_dissect_element_response_rpcResponse(decrypted_tvb, sizeof(uint16_t), pinfo, tree, di, drep); mapi_dissect_element_handles_cnf(decrypted_tvb, pdu_len, pinfo, tree, di, hf_mapi_mapi_response_handles, drep); } @@ -576,23 +576,23 @@ mapi_dissect_struct_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pin } static int -mapi_dissect_element_AuxInfo_auxHeader(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_AuxInfo_auxHeader(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { - guint total_length = tvb_reported_length(tvb); + unsigned total_length = tvb_reported_length(tvb); if(di->conformant_run){ return offset; } - while(offset >= 0 && (guint)offset < total_length){ + while(offset >= 0 && (unsigned)offset < total_length){ offset = mapi_dissect_struct_AUX_HEADER(tvb,offset,pinfo,tree,di,drep,di->ptype == PDU_REQ ? hf_mapi_AuxInfo_auxHeader : hf_mapi_AuxInfoOut_auxHeader ,0); } return offset; } -int -dissect_EcDoConnectEx_AuxInfoOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +static int +dissect_EcDoConnectEx_AuxInfoOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { if (length == 0){ return offset; @@ -601,13 +601,13 @@ dissect_EcDoConnectEx_AuxInfoOut(tvbuff_t *tvb _U_, int offset _U_, int length _ } static int -mapi_dissect_element_EcDoConnectEx_rgbAuxOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnectEx_rgbAuxOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return dissect_ndr_ucvarray_block(tvb, offset, pinfo, tree, di, drep, &dissect_EcDoConnectEx_AuxInfoOut); } -int -dissect_EcDoRpcExt2_AuxInfoOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +static int +dissect_EcDoRpcExt2_AuxInfoOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { if (length == 0){ return offset; @@ -616,29 +616,29 @@ dissect_EcDoRpcExt2_AuxInfoOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_ } static int -mapi_dissect_element_EcDoRpcExt2_rgbAuxOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoRpcExt2_rgbAuxOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return dissect_ndr_ucvarray_block(tvb, offset, pinfo, tree, di, drep, &dissect_EcDoRpcExt2_AuxInfoOut); } int -mapi_dissect_struct_AUX_PERF_CLIENTINFO(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_AUX_PERF_CLIENTINFO(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset, cur_end_offset; - guint16 MachineNameOffset; - guint16 UserNameOffset; - guint16 ClientIPSize; - guint16 ClientIPOffset; - guint16 ClientIPMaskSize; - guint16 ClientIPMaskOffset; - guint16 AdapterNameOffset; - guint16 MacAddressSize; - guint16 MacAddressOffset; - - di->no_align = TRUE; + uint16_t MachineNameOffset; + uint16_t UserNameOffset; + uint16_t ClientIPSize; + uint16_t ClientIPOffset; + uint16_t ClientIPMaskSize; + uint16_t ClientIPMaskOffset; + uint16_t AdapterNameOffset; + uint16_t MacAddressSize; + uint16_t MacAddressOffset; + + di->no_align = true; old_offset = offset; @@ -732,13 +732,13 @@ mapi_dissect_struct_AUX_PERF_CLIENTINFO(tvbuff_t *tvb _U_, int offset _U_, packe } static int -mapi_dissect_AuxDataVersion1(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_); +mapi_dissect_AuxDataVersion1(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_); static int -mapi_dissect_AuxDataVersion2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_); +mapi_dissect_AuxDataVersion2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_); static int -mapi_dissect_AUX_DATA(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, guint8 Version, int hf_index _U_, guint8 hdrType) +mapi_dissect_AUX_DATA(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, uint8_t Version, int hf_index _U_, uint8_t hdrType) { switch(Version) { case AUX_VERSION_1: @@ -750,8 +750,8 @@ mapi_dissect_AUX_DATA(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, } } -int -mapi_dissect_AUX_HEADER_TYPE_ENUM(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, guint8 Version, int hf_index _U_, guint8 *hdrType) +static int +mapi_dissect_AUX_HEADER_TYPE_ENUM(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, uint8_t Version, int hf_index _U_, uint8_t *hdrType) { switch(Version) { case AUX_VERSION_1: @@ -764,16 +764,16 @@ mapi_dissect_AUX_HEADER_TYPE_ENUM(tvbuff_t *tvb _U_, int offset _U_, packet_info } int -mapi_dissect_struct_AUX_HEADER(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_AUX_HEADER(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { - guint16 auxSize = 0; - guint8 Version = 0; - guint8 hdrType = 0; + uint16_t auxSize = 0; + uint8_t Version = 0; + uint8_t hdrType = 0; proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; - di->no_align = TRUE; + di->no_align = true; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); @@ -793,15 +793,15 @@ mapi_dissect_struct_AUX_HEADER(tvbuff_t *tvb _U_, int offset _U_, packet_info *p } int -mapi_dissect_struct_EcDoRpcMapiRequest(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_EcDoRpcMapiRequest(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, uint32_t param) { - guint8 opnum = 0; + uint8_t opnum = 0; proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset; - di->no_align = TRUE; + di->no_align = true; old_offset = offset; @@ -812,7 +812,7 @@ mapi_dissect_struct_EcDoRpcMapiRequest(tvbuff_t *tvb _U_, int offset _U_, packet offset = PIDL_dissect_uint8_val(tvb, offset, pinfo, tree, di, drep, hf_mapi_EcDoRpcMapiRequest_opnum, param, &opnum); - col_append_fstr(pinfo->cinfo, COL_INFO, " + %s", val_to_str(opnum, mapi_ROP_OPNUM_vals, "Unknown MAPI operation")); + col_append_fstr(pinfo->cinfo, COL_INFO, " + %s", val_to_str_const(opnum, mapi_ROP_OPNUM_vals, "Unknown MAPI operation")); offset = mapi_dissect_element_EcDoRpcMapiRequest_u(tvb, offset, pinfo, tree, di, drep, &opnum); @@ -824,14 +824,14 @@ mapi_dissect_struct_EcDoRpcMapiRequest(tvbuff_t *tvb _U_, int offset _U_, packet } int -mapi_dissect_struct_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_request(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; - int start_offset = offset;; + int start_offset = offset; tvbuff_t *decrypted_tvb = NULL; - guint16 pdu_len; - guint32 size; + uint16_t pdu_len; + uint32_t size; ALIGN_TO_5_BYTES; @@ -873,11 +873,11 @@ mapi_dissect_struct_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinf } static int -mapi_dissect_element_EcDoConnect_szUserDN(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnect_szUserDN(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { char *data= NULL; - offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(guint8), hf_mapi_mapi_EcDoConnect_szUserDN, FALSE, &data); + offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint8_t), hf_mapi_mapi_EcDoConnect_szUserDN, false, &data); proto_item_append_text(tree, ": %s", data); col_append_fstr(pinfo->cinfo, COL_INFO, " DN: %s", data); @@ -885,11 +885,11 @@ mapi_dissect_element_EcDoConnect_szUserDN(tvbuff_t *tvb _U_, int offset _U_, pac } static int -mapi_dissect_element_EcDoConnectEx_szUserDN(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoConnectEx_szUserDN(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { char *data= NULL; - offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(guint8), hf_mapi_mapi_EcDoConnectEx_szUserDN, FALSE, &data); + offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint8_t), hf_mapi_mapi_EcDoConnectEx_szUserDN, false, &data); proto_item_append_text(tree, ": %s", data); col_append_fstr(pinfo->cinfo, COL_INFO, " DN: %s", data); @@ -898,15 +898,15 @@ mapi_dissect_element_EcDoConnectEx_szUserDN(tvbuff_t *tvb _U_, int offset _U_, p } int -mapi_dissect_struct_EcDoRpcMapiResponse(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_EcDoRpcMapiResponse(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, uint32_t param) { - guint8 opnum = 0; + uint8_t opnum = 0; proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset= offset; - di->no_align = TRUE; + di->no_align = true; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); @@ -914,7 +914,7 @@ mapi_dissect_struct_EcDoRpcMapiResponse(tvbuff_t *tvb _U_, int offset _U_, packe } offset = PIDL_dissect_uint8_val(tvb, offset, pinfo, tree, di, drep, hf_mapi_EcDoRpcMapiResponse_opnum, param, &opnum); - col_append_fstr(pinfo->cinfo, COL_INFO, " + %s", val_to_str(opnum, mapi_ROP_OPNUM_vals, "Unknown MAPI operation")); + col_append_fstr(pinfo->cinfo, COL_INFO, " + %s", val_to_str_const(opnum, mapi_ROP_OPNUM_vals, "Unknown MAPI operation")); offset = mapi_dissect_element_EcDoRpcMapiResponse_u(tvb, offset, pinfo, tree, di, drep, &opnum); @@ -925,10 +925,10 @@ mapi_dissect_struct_EcDoRpcMapiResponse(tvbuff_t *tvb _U_, int offset _U_, packe return offset; } -int -uint32_size_uint8_buffer(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_size_index, int hf_buffer_index, guint32 param) +static int +uint32_size_uint8_buffer(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_size_index, int hf_buffer_index, uint32_t param) { - guint32 size= 0; + uint32_t size= 0; offset = PIDL_dissect_uint32_val(tvb, offset, pinfo, parent_tree, di, drep, hf_size_index, param, &size); @@ -938,14 +938,14 @@ uint32_size_uint8_buffer(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr } int -mapi_dissect_struct_SyncUploadStateStreamContinue_req(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_SyncUploadStateStreamContinue_req(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset= offset; - di->no_align = TRUE; + di->no_align = true; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); @@ -966,14 +966,14 @@ mapi_dissect_struct_SyncUploadStateStreamContinue_req(tvbuff_t *tvb _U_, int off } int -mapi_dissect_struct_SyncImportMessageMove_req(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_SyncImportMessageMove_req(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset = offset; - di->no_align = TRUE; + di->no_align = true; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); @@ -1006,7 +1006,7 @@ mapi_dissect_struct_SyncImportMessageMove_req(tvbuff_t *tvb _U_, int offset _U_, /* IDL: } */ int -mapi_dissect_bitmap_OpenFlags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_bitmap_OpenFlags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item= NULL; static int * const mapi_OpenFlags_fields[] = { @@ -1019,7 +1019,7 @@ mapi_dissect_bitmap_OpenFlags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pi &hf_mapi_OpenFlags_USE_PER_MDB_REPLID_MAPPING, NULL }; - guint32 flags; + uint32_t flags; item = proto_tree_add_bitmask_with_flags(parent_tree, tvb, offset, hf_index, ett_mapi_OpenFlags, mapi_OpenFlags_fields, DREP_ENC_INTEGER(drep), BMT_NO_FALSE); @@ -1038,14 +1038,14 @@ mapi_dissect_bitmap_OpenFlags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pi } int -mapi_dissect_bitmap_StoreState(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_bitmap_StoreState(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item; static int * const mapi_StoreState_fields[] = { &hf_mapi_StoreState_STORE_HAS_SEARCHES, NULL }; - guint32 flags; + uint32_t flags; item = proto_tree_add_bitmask_with_flags(parent_tree, tvb, offset, hf_index, ett_mapi_StoreState, mapi_StoreState_fields, DREP_ENC_INTEGER(drep), BMT_NO_FALSE); @@ -1064,15 +1064,15 @@ mapi_dissect_bitmap_StoreState(tvbuff_t *tvb _U_, int offset _U_, packet_info *p } int -mapi_dissect_struct_Logon_repl(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_Logon_repl(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset= offset; - guint32 returnValue; + uint32_t returnValue; - di->no_align = TRUE; + di->no_align = true; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); @@ -1085,7 +1085,7 @@ mapi_dissect_struct_Logon_repl(tvbuff_t *tvb _U_, int offset _U_, packet_info *p if (returnValue == 0x0){ // 2.2.3.1.2 RopLogon ROP Success Response Buffer - guint8 LogonFlags= 0; + uint8_t LogonFlags= 0; offset = mapi_dissect_enum_LogonFlags(tvb, offset, pinfo, tree, di, drep, hf_mapi_Logon_repl_LogonFlags, &LogonFlags); @@ -1124,12 +1124,13 @@ mapi_dissect_struct_Logon_repl(tvbuff_t *tvb _U_, int offset _U_, packet_info *p #define RHEF_XorMagic 0x0002 #define RHEF_Last 0x0004 -int dissect_RPC_HEADER_EXT(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index, tvbuff_t **ppUncomp_tvb) +static +int dissect_RPC_HEADER_EXT(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, tvbuff_t **ppUncomp_tvb) { proto_tree *hTree = NULL; proto_item *rpcItem = NULL; - guint16 flags; - guint16 compressedSize= 0, uncompressedSize= 0; + uint16_t flags; + uint16_t compressedSize= 0, uncompressedSize= 0; int old_offset= offset; ALIGN_TO_2_BYTES; @@ -1210,7 +1211,7 @@ int dissect_RPC_HEADER_EXT(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_ } int -mapi_dissect_struct_AuxInfo(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_AuxInfo(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; @@ -1255,8 +1256,8 @@ mapi_dissect_struct_AuxInfo(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinf return offset; } -int -mapi_dissect_RgbInOut(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index) +static int +mapi_dissect_RgbInOut(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index) { proto_item *item = NULL; proto_tree *tree = NULL; @@ -1284,14 +1285,14 @@ mapi_dissect_RgbInOut(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree { int uncompressed_offset= 0; - guint16 total_length; + uint16_t total_length; item = proto_tree_add_item(tree, di->ptype == PDU_REQ ? hf_mapi_RgbIn_ropIn : hf_mapi_RgbOut_ropOut, uncomp_tvb, 0, tvb_reported_length(uncomp_tvb), ENC_NA); tree = proto_item_add_subtree(item, di->ptype == PDU_REQ ? ett_mapi_RgbIn : ett_mapi_RgbOut); uncompressed_offset = PIDL_dissect_uint16_val(uncomp_tvb, uncompressed_offset, pinfo, tree, di, drep, di->ptype == PDU_REQ ? hf_mapi_ROPInputBuffer_ropSize : hf_mapi_ROPOutputBuffer_ropSize, 0, &total_length); - while((guint)(uncompressed_offset) < total_length){ + while((unsigned)(uncompressed_offset) < total_length){ if (di->ptype == PDU_REQ){ uncompressed_offset = mapi_dissect_struct_RopInput(uncomp_tvb, uncompressed_offset,pinfo,tree,di,drep,hf_mapi_ROPInputBuffer_rop,0); } else { @@ -1307,13 +1308,13 @@ mapi_dissect_RgbInOut(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree int -mapi_dissect_struct_RgbIn(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index, guint32 param _U_) +mapi_dissect_struct_RgbIn(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, uint32_t param _U_) { return mapi_dissect_RgbInOut(tvb, offset, pinfo, parent_tree, di, drep, hf_index); } -int -dissect_EcDoRpcExt2_RgbOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +static int +dissect_EcDoRpcExt2_RgbOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { if (length == 0){ return offset; @@ -1322,13 +1323,13 @@ dissect_EcDoRpcExt2_RgbOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, pa } static int -mapi_dissect_element_EcDoRpcExt2_rgbOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoRpcExt2_rgbOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return dissect_ndr_ucvarray_block(tvb, offset, pinfo, tree, di, drep, &dissect_EcDoRpcExt2_RgbOut); } -int -dissect_EcDoRpcExt_RgbOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +static int +dissect_EcDoRpcExt_RgbOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { if (length == 0){ return offset; @@ -1337,15 +1338,15 @@ dissect_EcDoRpcExt_RgbOut(tvbuff_t *tvb _U_, int offset _U_, int length _U_, pac } static int -mapi_dissect_element_EcDoRpcExt_rgbOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +mapi_dissect_element_EcDoRpcExt_rgbOut_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return dissect_ndr_ucvarray_block(tvb, offset, pinfo, tree, di, drep, &dissect_EcDoRpcExt_RgbOut); } int -mapi_dissect_struct_RgbOut(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +mapi_dissect_struct_RgbOut(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { return mapi_dissect_RgbInOut(tvb, offset, pinfo, parent_tree, di, drep, hf_index); } -CODE END
\ No newline at end of file +CODE END diff --git a/epan/dissectors/pidl/mdssvc/mdssvc.cnf b/epan/dissectors/pidl/mdssvc/mdssvc.cnf index d041f747..1e442b61 100644 --- a/epan/dissectors/pidl/mdssvc/mdssvc.cnf +++ b/epan/dissectors/pidl/mdssvc/mdssvc.cnf @@ -4,7 +4,7 @@ NOEMIT mdssvc_dissect_element_blob_spotlight_blob_ CODE START static int -mdssvc_dissect_element_blob_spotlight_blob(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep _U_) +mdssvc_dissect_element_blob_spotlight_blob(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep _U_) { tvbuff_t *spotlight_tvb; dissector_handle_t spotlight_handle; diff --git a/epan/dissectors/pidl/samr/samr.cnf b/epan/dissectors/pidl/samr/samr.cnf index 07ca73de..98cf86cd 100644 --- a/epan/dissectors/pidl/samr/samr.cnf +++ b/epan/dissectors/pidl/samr/samr.cnf @@ -154,6 +154,7 @@ TYPE lsa_String "offset=dissect_ndr_lsa_String(tvb, offset, pinfo, tree, di, dre TYPE lsa_AsciiString "offset=cnf_dissect_lsa_AsciiString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5 TYPE lsa_StringLarge "offset=dissect_ndr_lsa_String(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5 TYPE lsa_AsciiStringLarge "offset=cnf_dissect_lsa_AsciiString(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_STRING BASE_NONE 0 NULL 5 +TYPE lsa_BinaryString "offset=lsarpc_dissect_struct_lsa_BinaryString(tvb, offset, pinfo, tree, di, drep, @HF@, @PARAM@);" FT_STRING BASE_NONE 0 NULL 5 TYPE hyper "offset=cnf_dissect_hyper(tvb, offset, pinfo, tree, di, drep, @PARAM@, @HF@);" FT_UINT64 BASE_DEC 0 NULL 8 @@ -209,7 +210,7 @@ HF_RENAME hf_samr_samr_OpenAlias_access_mask hf_samr_alias_access_mask CODE START static void -samr_connect_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +samr_connect_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_samr_samr_ConnectAccessMask_SAMR_ACCESS_LOOKUP_DOMAIN, @@ -224,7 +225,7 @@ samr_connect_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info samr_connect_access_mask_info = { +static struct access_mask_info samr_connect_access_mask_info = { "SAMR Connect", /* Name of specific rights */ samr_connect_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -232,7 +233,7 @@ struct access_mask_info samr_connect_access_mask_info = { }; int -samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_samr_connect_access_mask, @@ -242,7 +243,7 @@ samr_dissect_bitmap_ConnectAccessMask(tvbuff_t *tvb, int offset, packet_info *pi static void -samr_alias_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +samr_alias_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_samr_samr_AliasAccessMask_SAMR_ALIAS_ACCESS_ADD_MEMBER, @@ -256,7 +257,7 @@ samr_alias_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info samr_alias_access_mask_info = { +static struct access_mask_info samr_alias_access_mask_info = { "SAMR Alias", /* Name of specific rights */ samr_alias_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -264,7 +265,7 @@ struct access_mask_info samr_alias_access_mask_info = { }; int -samr_dissect_bitmap_AliasAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +samr_dissect_bitmap_AliasAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_samr_alias_access_mask, @@ -274,7 +275,7 @@ samr_dissect_bitmap_AliasAccessMask(tvbuff_t *tvb, int offset, packet_info *pinf static void -samr_group_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +samr_group_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_samr_samr_GroupAccessMask_SAMR_GROUP_ACCESS_GET_MEMBERS, @@ -288,7 +289,7 @@ samr_group_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info samr_group_access_mask_info = { +static struct access_mask_info samr_group_access_mask_info = { "SAMR Group", /* Name of specific rights */ samr_group_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -296,7 +297,7 @@ struct access_mask_info samr_group_access_mask_info = { }; int -samr_dissect_bitmap_GroupAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +samr_dissect_bitmap_GroupAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_samr_group_access_mask, @@ -306,7 +307,7 @@ samr_dissect_bitmap_GroupAccessMask(tvbuff_t *tvb, int offset, packet_info *pinf static void -samr_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +samr_domain_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_samr_samr_DomainAccessMask_SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1, @@ -326,7 +327,7 @@ samr_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint3 proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info samr_domain_access_mask_info = { +static struct access_mask_info samr_domain_access_mask_info = { "SAMR Domain", /* Name of specific rights */ samr_domain_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -334,7 +335,7 @@ struct access_mask_info samr_domain_access_mask_info = { }; int -samr_dissect_bitmap_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +samr_dissect_bitmap_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_samr_domain_access_mask, @@ -344,7 +345,7 @@ samr_dissect_bitmap_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pin static void -samr_user_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +samr_user_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_samr_samr_UserAccessMask_SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP, @@ -364,7 +365,7 @@ samr_user_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info samr_user_access_mask_info = { +static struct access_mask_info samr_user_access_mask_info = { "SAMR User", /* Name of specific rights */ samr_user_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -372,7 +373,7 @@ struct access_mask_info samr_user_access_mask_info = { }; int -samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_samr_user_access_mask, @@ -382,7 +383,7 @@ samr_dissect_bitmap_UserAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo static int -cnf_dissect_lsa_AsciiString(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex) +cnf_dissect_lsa_AsciiString(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex) { offset = dissect_ndr_counted_ascii_string(tvb, offset, pinfo, tree, di, drep, hfindex, 0); @@ -391,7 +392,7 @@ cnf_dissect_lsa_AsciiString(tvbuff_t *tvb, int offset, packet_info *pinfo, proto } static int -cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex) +cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex) { offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, di, drep, hfindex, NULL); @@ -402,12 +403,12 @@ cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tre static int -cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint64 len; + uint64_t len; e_ctx_hnd *polhnd = NULL; dcerpc_call_value *dcv = NULL; - guint32 type=0; + uint32_t type=0; struct access_mask_info *ami=NULL; if(di->conformant_run){ @@ -444,7 +445,7 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t break; } - dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, TRUE, (int)len, ami); + dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, true, (int)len, ami); offset += (int)len; @@ -452,9 +453,9 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t } static int -cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint64 len; + uint64_t len; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -474,7 +475,7 @@ cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr static int -cnf_dissect_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +cnf_dissect_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { offset = dissect_ndr_nt_SID(tvb, offset, pinfo, tree, di, drep); @@ -482,7 +483,7 @@ cnf_dissect_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree * } static int -cnf_dissect_lsa_SidArray(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +cnf_dissect_lsa_SidArray(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { offset = dissect_ndr_nt_PSID_ARRAY(tvb, offset, pinfo, tree, di, drep); @@ -491,7 +492,7 @@ cnf_dissect_lsa_SidArray(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr static int -cnf_dissect_samr_security_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, guint8 *drep _U_) +cnf_dissect_samr_security_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, uint8_t *drep _U_) { offset = dissect_nt_security_information(tvb, offset, tree); diff --git a/epan/dissectors/pidl/samr/samr.idl b/epan/dissectors/pidl/samr/samr.idl index 18e3d601..f09fff01 100644 --- a/epan/dissectors/pidl/samr/samr.idl +++ b/epan/dissectors/pidl/samr/samr.idl @@ -4,6 +4,7 @@ samr interface definition */ /* import "misc.idl", "lsa.idl", "security.idl";*/ +import "misc.idl", "lsa.idl"; /* Thanks to Todd Sabin for some information from his samr.idl in acltools @@ -35,15 +36,6 @@ SID_NAME_COMPUTER = 9 /* machine */ } lsa_SidType; - typedef [public,v1_enum] enum { - SAMR_REJECT_OTHER = 0, - SAMR_REJECT_TOO_SHORT = 1, - SAMR_REJECT_IN_HISTORY = 2, - SAMR_REJECT_COMPLEXITY = 5 - } samr_RejectReason; - - - /* account control (acct_flags) bits */ typedef [public,bitmap32bit] bitmap { ACB_DISABLED = 0x00000001, /* 1 = User account disabled */ @@ -64,8 +56,10 @@ ACB_USE_DES_KEY_ONLY = 0x00008000, /* 1 = Use DES key only */ ACB_DONT_REQUIRE_PREAUTH = 0x00010000, /* 1 = Preauth not required */ ACB_PW_EXPIRED = 0x00020000, /* 1 = Password Expired */ - ACB_TRUST_AUTH_DELEGAT = 0x00040000, /* 1 = Trusted to authenticate for delegation */ - ACB_NO_AUTH_DATA_REQD = 0x00080000 /* 1 = No authorization data required */ + ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x00040000, + ACB_NO_AUTH_DATA_REQD = 0x00080000, /* 1 = No authorization data required */ + ACB_PARTIAL_SECRETS_ACCOUNT = 0x00100000, + ACB_USE_AES_KEYS = 0x00200000 } samr_AcctFlags; /* SAM server specific access rights */ @@ -116,6 +110,35 @@ SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP = 0x00000400 } samr_UserAccessMask; + const int SAMR_USER_ACCESS_ALL_ACCESS = 0x000007FF; + + const int GENERIC_RIGHTS_USER_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + SAMR_USER_ACCESS_ALL_ACCESS); /* 0x000f07ff */ + + const int GENERIC_RIGHTS_USER_READ = + (STANDARD_RIGHTS_READ_ACCESS | + SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP | + SAMR_USER_ACCESS_GET_GROUPS | + SAMR_USER_ACCESS_GET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_LOCALE); /* 0x0002031a */ + + const int GENERIC_RIGHTS_USER_WRITE = + (STANDARD_RIGHTS_WRITE_ACCESS | + SAMR_USER_ACCESS_CHANGE_PASSWORD | + SAMR_USER_ACCESS_SET_LOC_COM | + SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_SET_PASSWORD | + SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP); /* 0x000204e4 */ + + const int GENERIC_RIGHTS_USER_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS | + SAMR_USER_ACCESS_CHANGE_PASSWORD | + SAMR_USER_ACCESS_GET_NAME_ETC); /* 0x00020041 */ + + /* Domain Object specific access rights */ + typedef [bitmap32bit] bitmap { SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x00000001, SAMR_DOMAIN_ACCESS_SET_INFO_1 = 0x00000002, @@ -130,6 +153,34 @@ SAMR_DOMAIN_ACCESS_SET_INFO_3 = 0x00000400 } samr_DomainAccessMask; + const int SAMR_DOMAIN_ACCESS_ALL_ACCESS = 0x000007FF; + + const int GENERIC_RIGHTS_DOMAIN_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + SAMR_DOMAIN_ACCESS_ALL_ACCESS); + + const int GENERIC_RIGHTS_DOMAIN_READ = + (STANDARD_RIGHTS_READ_ACCESS | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS | + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2); + + const int GENERIC_RIGHTS_DOMAIN_WRITE = + (STANDARD_RIGHTS_WRITE_ACCESS | + SAMR_DOMAIN_ACCESS_SET_INFO_3 | + SAMR_DOMAIN_ACCESS_CREATE_ALIAS | + SAMR_DOMAIN_ACCESS_CREATE_GROUP | + SAMR_DOMAIN_ACCESS_CREATE_USER | + SAMR_DOMAIN_ACCESS_SET_INFO_2 | + SAMR_DOMAIN_ACCESS_SET_INFO_1); + + const int GENERIC_RIGHTS_DOMAIN_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1); + + /* Group Object specific access rights */ + typedef [bitmap32bit] bitmap { SAMR_GROUP_ACCESS_LOOKUP_INFO = 0x00000001, SAMR_GROUP_ACCESS_SET_INFO = 0x00000002, @@ -137,13 +188,28 @@ SAMR_GROUP_ACCESS_REMOVE_MEMBER = 0x00000008, SAMR_GROUP_ACCESS_GET_MEMBERS = 0x00000010 } samr_GroupAccessMask; - /* these bits are invalid and return ACCESS_DENIED */ - const int SAMR_GROUP_ACCESS_MASK_INVALID = 0x0000ffe0; - /* generic access */ - const int SAMR_GROUP_ACCESS_ALL_ACCESS = 0x000f001f; - const int SAMR_GROUP_ACCESS_ALL_READ = 0x00020010; - const int SAMR_GROUP_ACCESS_ALL_WRITE = 0x0002000e; - const int SAMR_GROUP_ACCESS_ALL_EXECUTE = 0x00020001; + + const int SAMR_GROUP_ACCESS_ALL_ACCESS = 0x0000001F; + + const int GENERIC_RIGHTS_GROUP_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + SAMR_GROUP_ACCESS_ALL_ACCESS); /* 0x000f001f */ + + const int GENERIC_RIGHTS_GROUP_READ = + (STANDARD_RIGHTS_READ_ACCESS | + SAMR_GROUP_ACCESS_GET_MEMBERS); /* 0x00020010 */ + + const int GENERIC_RIGHTS_GROUP_WRITE = + (STANDARD_RIGHTS_WRITE_ACCESS | + SAMR_GROUP_ACCESS_REMOVE_MEMBER | + SAMR_GROUP_ACCESS_ADD_MEMBER | + SAMR_GROUP_ACCESS_SET_INFO); /* 0x0002000e */ + + const int GENERIC_RIGHTS_GROUP_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS | + SAMR_GROUP_ACCESS_LOOKUP_INFO); /* 0x00020001 */ + + /* Alias Object specific access rights */ typedef [bitmap32bit] bitmap { SAMR_ALIAS_ACCESS_ADD_MEMBER = 0x00000001, @@ -153,6 +219,26 @@ SAMR_ALIAS_ACCESS_SET_INFO = 0x00000010 } samr_AliasAccessMask; + const int SAMR_ALIAS_ACCESS_ALL_ACCESS = 0x0000001F; + + const int GENERIC_RIGHTS_ALIAS_ALL_ACCESS = + (STANDARD_RIGHTS_REQUIRED_ACCESS | + SAMR_ALIAS_ACCESS_ALL_ACCESS); /* 0x000f001f */ + + const int GENERIC_RIGHTS_ALIAS_READ = + (STANDARD_RIGHTS_READ_ACCESS | + SAMR_ALIAS_ACCESS_GET_MEMBERS); /* 0x00020004 */ + + const int GENERIC_RIGHTS_ALIAS_WRITE = + (STANDARD_RIGHTS_WRITE_ACCESS | + SAMR_ALIAS_ACCESS_REMOVE_MEMBER | + SAMR_ALIAS_ACCESS_ADD_MEMBER | + SAMR_ALIAS_ACCESS_SET_INFO); /* 0x00020013 */ + + const int GENERIC_RIGHTS_ALIAS_EXECUTE = + (STANDARD_RIGHTS_EXECUTE_ACCESS | + SAMR_ALIAS_ACCESS_LOOKUP_INFO); /* 0x00020008 */ + /******************/ /* Function: 0x00 */ NTSTATUS samr_Connect ( @@ -279,7 +365,7 @@ DOMAIN_SERVER_DISABLED = 2 } samr_DomainServerState; - typedef struct { + typedef [public] struct { uint16 min_password_length; uint16 password_history_length; samr_PasswordProperties password_properties; @@ -473,7 +559,7 @@ [public] NTSTATUS samr_LookupNames( [in,ref] policy_handle *domain_handle, [in,range(0,1000)] uint32 num_names, - [in,size_is(1000),length_is(num_names),ref] lsa_String *names, + [in,size_is(1000),length_is(num_names)] lsa_String names[], [out,ref] samr_Ids *rids, [out,ref] samr_Ids *types ); @@ -722,7 +808,9 @@ UserInternal4Information = 23, UserInternal5Information = 24, UserInternal4InformationNew = 25, - UserInternal5InformationNew = 26 + UserInternal5InformationNew = 26, + UserInternal7InformationNew = 31, + UserInternal8InformationNew = 32 } samr_UserInfoLevel; typedef struct { @@ -735,7 +823,7 @@ typedef struct { lsa_String comment; - lsa_String unknown; /* settable, but doesn't stick. probably obsolete */ + lsa_String reserved; /* settable, but doesn't stick. probably obsolete */ uint16 country_code; uint16 code_page; } samr_UserInfo2; @@ -851,7 +939,7 @@ } samr_UserInfo18; typedef struct { - lsa_String parameters; + lsa_BinaryString parameters; } samr_UserInfo20; /* this defines the bits used for fields_present in info21 */ @@ -908,10 +996,10 @@ lsa_String description; lsa_String workstations; lsa_String comment; - lsa_String parameters; - lsa_String lm_password; - lsa_String nt_password; - lsa_String private; + lsa_BinaryString parameters; + lsa_BinaryString lm_owf_password; + lsa_BinaryString nt_owf_password; + lsa_String private_data; uint32 buf_count; [size_is(buf_count)] uint8 *buffer; uint32 rid; @@ -926,7 +1014,7 @@ uint8 lm_password_set; uint8 nt_password_set; uint8 password_expired; - uint8 unknown4; + uint8 private_data_sensitive; } samr_UserInfo21; typedef [public, flag(NDR_PAHEX)] struct { @@ -957,6 +1045,24 @@ uint8 password_expired; } samr_UserInfo26; + typedef struct { + uint8 auth_data[64]; + uint8 salt[16]; + uint32 cipher_len; + [size_is(cipher_len)] uint8 *cipher; + hyper PBKDF2Iterations; + } samr_EncryptedPasswordAES; + + typedef struct { + samr_EncryptedPasswordAES password; + uint8 password_expired; + } samr_UserInfo31; + + typedef struct { + samr_UserInfo21 info; + samr_EncryptedPasswordAES password; + } samr_UserInfo32; + typedef [switch_type(uint16)] union { [case(1)] samr_UserInfo1 info1; [case(2)] samr_UserInfo2 info2; @@ -981,6 +1087,8 @@ [case(24)] samr_UserInfo24 info24; [case(25)] samr_UserInfo25 info25; [case(26)] samr_UserInfo26 info26; + [case(31)] samr_UserInfo31 info31; + [case(32)] samr_UserInfo32 info32; } samr_UserInfo; [public] NTSTATUS samr_QueryUserInfo( @@ -1375,13 +1483,24 @@ /************************/ /* Function 0x3f */ + typedef [public,v1_enum] enum { + SAM_PWD_CHANGE_NO_ERROR = 0, + SAM_PWD_CHANGE_PASSWORD_TOO_SHORT = 1, + SAM_PWD_CHANGE_PWD_IN_HISTORY = 2, + SAM_PWD_CHANGE_USERNAME_IN_PASSWORD = 3, + SAM_PWD_CHANGE_FULLNAME_IN_PASSWORD = 4, + SAM_PWD_CHANGE_NOT_COMPLEX = 5, + SAM_PWD_CHANGE_MACHINE_NOT_DEFAULT = 6, + SAM_PWD_CHANGE_FAILED_BY_FILTER = 7, + SAM_PWD_CHANGE_PASSWORD_TOO_LONG = 8 + } samPwdChangeReason; + typedef struct { - samr_RejectReason reason; - uint32 unknown1; - uint32 unknown2; - } samr_ChangeReject; + samPwdChangeReason extendedFailureReason; + lsa_String filterModuleName; + } userPwdChangeFailureInformation; - NTSTATUS samr_ChangePasswordUser3( + [public] NTSTATUS samr_ChangePasswordUser3( [in,unique] lsa_String *server, [in,ref] lsa_String *account, [in,unique] samr_CryptPassword *nt_password, @@ -1391,15 +1510,22 @@ [in,unique] samr_Password *lm_verifier, [in,unique] samr_CryptPassword *password3, [out,ref] samr_DomInfo1 **dominfo, - [out,ref] samr_ChangeReject **reject + [out,ref] userPwdChangeFailureInformation **reject ); /************************/ /* Function 0x40 */ + typedef [v1_enum] enum { + SAMR_CONNECT_FEATURE_RID_ONLY = 0x00000001, + SAMR_CONNECT_FEATURE_RESRVED1 = 0x00000002, + SAMR_CONNECT_FEATURE_RESRVED2 = 0x00000004, + SAMR_CONNECT_FEATURE_USE_AES = 0x00000010 + } samr_SupportedFeatures; + typedef struct { samr_ConnectVersion client_version; /* w2k3 gives 3 */ - uint32 unknown2; /* w2k3 gives 0 */ + samr_SupportedFeatures supported_features; } samr_ConnectInfo1; typedef union { @@ -1539,4 +1665,38 @@ [in,switch_is(level)] samr_ValidatePasswordReq *req, [out,ref,switch_is(level)] samr_ValidatePasswordRep **rep ); + + /************************/ + /* Function 0x44 */ + /************************/ + [todo] void samr_Opnum68NotUsedOnWire(void); + + /************************/ + /* Function 0x45 */ + /************************/ + [todo] void samr_Opnum69NotUsedOnWire(void); + + /************************/ + /* Function 0x46 */ + /************************/ + [todo] void samr_Opnum70NotUsedOnWire(void); + + /************************/ + /* Function 0x47 */ + /************************/ + [todo] void samr_Opnum71NotUsedOnWire(void); + + /************************/ + /* Function 0x48 */ + /************************/ + [todo] void samr_Opnum72NotUsedOnWire(void); + + /************************/ + /* Function 0x49 */ + /************************/ + [public] NTSTATUS samr_ChangePasswordUser4( + [in,unique] lsa_String *server, + [in,ref] lsa_String *account, + [in,ref] samr_EncryptedPasswordAES *password + ); } diff --git a/epan/dissectors/pidl/srvsvc/srvsvc.cnf b/epan/dissectors/pidl/srvsvc/srvsvc.cnf index 0b0333d4..e5a7468a 100644 --- a/epan/dissectors/pidl/srvsvc/srvsvc.cnf +++ b/epan/dissectors/pidl/srvsvc/srvsvc.cnf @@ -43,9 +43,9 @@ CODE START #include "packet-smb-browse.h" static int -srvsvc_dissect_NetShareCtr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_); +srvsvc_dissect_NetShareCtr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_); static int -srvsvc_dissect_element_NetShareInfoCtr_ctr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, guint32 *level) +srvsvc_dissect_element_NetShareInfoCtr_ctr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, uint32_t *level) { ALIGN_TO_5_BYTES offset = srvsvc_dissect_NetShareCtr(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetShareInfoCtr_ctr, *level); @@ -55,11 +55,11 @@ srvsvc_dissect_element_NetShareInfoCtr_ctr(tvbuff_t *tvb _U_, int offset _U_, pa static int -srvsvc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index); +srvsvc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index); static int -srvsvc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_) +srvsvc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_) { - guint32 len; + uint32_t len; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -69,7 +69,7 @@ srvsvc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_srvsvc_sec_desc_buf_len, &len); - dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, TRUE, len, + dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, true, len, NULL); offset += len; @@ -77,32 +77,32 @@ srvsvc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto return offset; } static int -srvsvc_dissect_element_NetShareInfo_info1501_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetShareInfo_info1501_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetShareInfo_info1501); } static int -srvsvc_dissect_element_NetGetFileSecurity_sd_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetGetFileSecurity_sd_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetGetFileSecurity_sd_buf); } static int -srvsvc_dissect_element_NetSetFileSecurity_sd_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetSetFileSecurity_sd_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetSetFileSecurity_sd_buf); } static int -srvsvc_dissect_element_NetShareCtr1501_array__(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetShareCtr1501_array__(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetShareCtr1501_array); } static int -srvsvc_dissect_element_NetShareInfo502_sd_buf(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +srvsvc_dissect_element_NetShareInfo502_sd_buf(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { return srvsvc_dissect_sec_desc_buf(tvb,offset,pinfo,tree,di,drep, hf_srvsvc_srvsvc_NetShareInfo502_sd_buf); } static int -srvsvc_dissect_ServerType(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_ServerType(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -114,18 +114,18 @@ srvsvc_dissect_ServerType(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t return offset; } static int -srvsvc_dissect_element_NetSrvInfo101_server_type(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetSrvInfo101_server_type(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_ServerType(tvb, offset, pinfo, tree, di, drep); } static int -srvsvc_dissect_element_NetSrvInfo102_server_type(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetSrvInfo102_server_type(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_ServerType(tvb, offset, pinfo, tree, di, drep); } static int -srvsvc_dissect_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info* di, guint8 *drep _U_, int hf_index _U_) +srvsvc_dissect_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree, dcerpc_info* di, uint8_t *drep _U_, int hf_index _U_) { if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -137,12 +137,12 @@ srvsvc_dissect_secinfo(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_ return offset; } static int -srvsvc_dissect_element_NetGetFileSecurity_securityinformation(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetGetFileSecurity_securityinformation(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_secinfo(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetGetFileSecurity_securityinformation); } static int -srvsvc_dissect_element_NetSetFileSecurity_securityinformation(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +srvsvc_dissect_element_NetSetFileSecurity_securityinformation(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { return srvsvc_dissect_secinfo(tvb, offset, pinfo, tree, di, drep, hf_srvsvc_srvsvc_NetSetFileSecurity_securityinformation); } diff --git a/epan/dissectors/pidl/svcctl/svcctl.cnf b/epan/dissectors/pidl/svcctl/svcctl.cnf index ce624d55..685d3599 100644 --- a/epan/dissectors/pidl/svcctl/svcctl.cnf +++ b/epan/dissectors/pidl/svcctl/svcctl.cnf @@ -19,15 +19,15 @@ CODE START https://github.com/fortra/impacket/blob/4888172ce638910104da4bda2c3301c24e17564c/impacket/dcerpc/v5/scmr.py#L1274 */ static int -svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index, gint starting_offset); +svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, int starting_offset); static int -svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, int hf_index, gint starting_offset) +svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, int hf_index, int starting_offset) { proto_item *item = NULL; proto_tree *tree = NULL; proto_tree *tr = NULL; int old_offset; - guint32 _referent_id = 0; + uint32_t _referent_id = 0; ALIGN_TO_5_BYTES; @@ -64,15 +64,15 @@ svcctl_dissect_struct_ENUM_SERVICE_STATUSW_ptr(tvbuff_t *tvb, int offset, packet https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/22b4ff3d-29c6-481f-b598-8ce66a46944a */ static int -svcctl_dissect_EnumServicesStatusW_response(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +svcctl_dissect_EnumServicesStatusW_response(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint32 status; - guint32 services_returned= 0; + uint32_t status; + uint32_t services_returned= 0; proto_item *item; proto_tree *tr = NULL; - gint services_buffer_offset; - gint payload_starting_offset = offset; - guint64 buffer_size = 0; + int services_buffer_offset; + int payload_starting_offset = offset; + uint64_t buffer_size = 0; ALIGN_TO_5_BYTES @@ -119,7 +119,7 @@ svcctl_dissect_EnumServicesStatusW_response(tvbuff_t *tvb, int offset, packet_in offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_svcctl_werror, &status); if (status != 0) - col_append_fstr(pinfo->cinfo, COL_INFO, ", Error: %s", val_to_str(status, WERR_errors, "Unknown DOS error 0x%08x")); + col_append_fstr(pinfo->cinfo, COL_INFO, ", Error: %s", val_to_str_ext(status, &WERR_errors_ext, "Unknown DOS error 0x%08x")); return offset; } diff --git a/epan/dissectors/pidl/winreg/winreg.cnf b/epan/dissectors/pidl/winreg/winreg.cnf index 1a0fa396..9e9060a1 100644 --- a/epan/dissectors/pidl/winreg/winreg.cnf +++ b/epan/dissectors/pidl/winreg/winreg.cnf @@ -136,7 +136,7 @@ MANUAL winreg_dissect_bitmap_AccessMask CODE START #include "packet-dcerpc-lsa.h" static void -winreg_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +winreg_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int* const access_flags[] = { &hf_winreg_winreg_AccessMask_KEY_WOW64_32KEY, @@ -153,7 +153,7 @@ winreg_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 acc proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info winreg_access_mask_info = { +static struct access_mask_info winreg_access_mask_info = { "WINREG", /* Name of specific rights */ winreg_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -161,9 +161,9 @@ struct access_mask_info winreg_access_mask_info = { }; static int -winreg_dissect_element_KeySecurityData_data_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +winreg_dissect_element_KeySecurityData_data_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint32 len; + uint32_t len; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -175,7 +175,7 @@ winreg_dissect_element_KeySecurityData_data_(tvbuff_t *tvb, int offset, packet_i offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_winreg_sd_offset, NULL); offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, di, drep, hf_winreg_sd_actual_size, &len); - dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, TRUE, len, + dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, true, len, &winreg_access_mask_info); offset += len; @@ -184,7 +184,7 @@ winreg_dissect_element_KeySecurityData_data_(tvbuff_t *tvb, int offset, packet_i } int -winreg_dissect_bitmap_AccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_) +winreg_dissect_bitmap_AccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_) { offset = dissect_nt_access_mask( tvb, offset, pinfo, tree, di, drep, hf_winreg_access_mask, @@ -200,7 +200,7 @@ winreg_dissect_bitmap_AccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, * } winreg_String; */ static int -cnf_dissect_winreg_String(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, guint32 param, int hfindex) +cnf_dissect_winreg_String(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, uint32_t param, int hfindex) { proto_item *item = NULL; proto_tree *tree = NULL; diff --git a/epan/dissectors/pidl/winspool/winspool.cnf b/epan/dissectors/pidl/winspool/winspool.cnf index 9a2fdd6c..6a095515 100644 --- a/epan/dissectors/pidl/winspool/winspool.cnf +++ b/epan/dissectors/pidl/winspool/winspool.cnf @@ -34,9 +34,9 @@ CODE START extern struct access_mask_info spoolss_printer_access_mask_info; static int -iremotewinspool_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep) +iremotewinspool_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep) { - guint32 len; + uint32_t len; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -47,7 +47,7 @@ iremotewinspool_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pin hf_iremotewinspool_sec_desc_buf_len, &len); dissect_nt_sec_desc( - tvb, offset, pinfo, tree, drep, TRUE, len, + tvb, offset, pinfo, tree, drep, true, len, &spoolss_printer_access_mask_info); offset += len; diff --git a/epan/dissectors/pidl/witness/witness.cnf b/epan/dissectors/pidl/witness/witness.cnf index 76d255e4..474e9a9d 100644 --- a/epan/dissectors/pidl/witness/witness.cnf +++ b/epan/dissectors/pidl/witness/witness.cnf @@ -18,20 +18,20 @@ CODE START #include "to_str.h" static int -witness_dissect_notifyResponse_message(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_); +witness_dissect_notifyResponse_message(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_); static int witness_dissect_notifyResponse_message_(tvbuff_t *tvb, int offset, int length _U_, packet_info *pinfo, - proto_tree *tree, dcerpc_info *di, guint8 *drep _U_) + proto_tree *tree, dcerpc_info *di, uint8_t *drep _U_) { - guint32 *type = (guint32 *)di->private_data; - guint8 le_drep[4] = { DREP_LITTLE_ENDIAN, }; + uint32_t *type = (uint32_t *)di->private_data; + uint8_t le_drep[4] = { DREP_LITTLE_ENDIAN, }; return witness_dissect_notifyResponse_message(tvb, offset, pinfo, tree, di, le_drep, hf_witness_witness_notifyResponse_messages_, *type); } static int -witness_dissect_element_notifyResponse_messages(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info *di _U_, guint8 *drep _U_) +witness_dissect_element_notifyResponse_messages(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info *di _U_, uint8_t *drep _U_) { offset = dissect_ndr_ucarray_block(tvb, offset, pinfo, tree, di, drep, witness_dissect_notifyResponse_message_); @@ -39,9 +39,9 @@ witness_dissect_element_notifyResponse_messages(tvbuff_t *tvb _U_, int offset _U } int -witness_dissect_struct_notifyResponse(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +witness_dissect_struct_notifyResponse(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { - guint32 *type = NULL; + uint32_t *type = NULL; proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; @@ -57,7 +57,7 @@ witness_dissect_struct_notifyResponse(tvbuff_t *tvb _U_, int offset _U_, packet_ tree = proto_item_add_subtree(item, ett_witness_witness_notifyResponse); } - type = wmem_new0(pinfo->pool, guint32); + type = wmem_new0(pinfo->pool, uint32_t); offset = witness_dissect_element_notifyResponse_type(tvb, offset, pinfo, tree, di, drep, type); @@ -81,7 +81,7 @@ witness_dissect_struct_notifyResponse(tvbuff_t *tvb _U_, int offset _U_, packet_ } static int -witness_dissect_element_IPaddrInfoList_addr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) +witness_dissect_element_IPaddrInfoList_addr(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_) { offset = witness_dissect_struct_IPaddrInfo(tvb,offset,pinfo,tree,di,drep,hf_witness_witness_IPaddrInfoList_addr,0); @@ -89,15 +89,15 @@ witness_dissect_element_IPaddrInfoList_addr(tvbuff_t *tvb _U_, int offset _U_, p } int -witness_dissect_struct_IPaddrInfoList(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) +witness_dissect_struct_IPaddrInfoList(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, uint8_t *drep _U_, int hf_index _U_, uint32_t param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; - gboolean oldalign = di->no_align; + bool oldalign = di->no_align; int old_offset; - guint32 i, num; + uint32_t i, num; - di->no_align = TRUE; + di->no_align = true; old_offset = offset; @@ -126,7 +126,7 @@ witness_dissect_struct_IPaddrInfoList(tvbuff_t *tvb _U_, int offset _U_, packet_ } static int -witness_dissect_element_interfaceInfo_group_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *parent_tree, dcerpc_info *di _U_, guint8 *drep _U_) +witness_dissect_element_interfaceInfo_group_name(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *parent_tree, dcerpc_info *di _U_, uint8_t *drep _U_) { int totlen, stringlen; char *str; @@ -185,7 +185,7 @@ witness_dissect_element_interfaceInfo_group_name(tvbuff_t *tvb, int offset, pack } static int -PIDL_dissect_ipv4address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep _U_, int hfindex, guint32 param) +PIDL_dissect_ipv4address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep _U_, int hfindex, uint32_t param) { if (di->conformant_run) { /* just a run to handle conformant arrays, no scalars to dissect */ @@ -211,7 +211,7 @@ PIDL_dissect_ipv4address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr } static int -PIDL_dissect_ipv6address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep _U_, int hfindex, guint32 param) +PIDL_dissect_ipv6address(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep _U_, int hfindex, uint32_t param) { if (di->conformant_run) { /* just a run to handle conformant arrays, no scalars to dissect */ diff --git a/epan/dissectors/pidl/wkssvc/wkssvc.cnf b/epan/dissectors/pidl/wkssvc/wkssvc.cnf index ba15ffaa..1d15b3d4 100644 --- a/epan/dissectors/pidl/wkssvc/wkssvc.cnf +++ b/epan/dissectors/pidl/wkssvc/wkssvc.cnf @@ -38,7 +38,7 @@ TYPE hyper "offset=cnf_dissect_hyper(tvb, offset, pinfo, tree, di, drep, @PARAM@ CODE START static int -cnf_dissect_lsa_String(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, guint8 *drep, guint32 param, int hfindex) +cnf_dissect_lsa_String(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, dcerpc_info* di, uint8_t *drep, uint32_t param, int hfindex) { proto_item *item = NULL; proto_tree *tree = NULL; @@ -69,7 +69,7 @@ cnf_dissect_lsa_String(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree } static int -cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex) +cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex) { offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, di, drep, hfindex, NULL); |