From e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 10 Apr 2024 22:34:10 +0200 Subject: Adding upstream version 4.2.2. Signed-off-by: Daniel Baumann --- epan/dissectors/asn1/dap/CMakeLists.txt | 52 + .../asn1/dap/DirectoryAccessProtocol.asn | 170 +++ epan/dissectors/asn1/dap/dap.asn | 1304 ++++++++++++++++++++ epan/dissectors/asn1/dap/dap.cnf | 370 ++++++ epan/dissectors/asn1/dap/packet-dap-template.c | 144 +++ epan/dissectors/asn1/dap/packet-dap-template.h | 17 + 6 files changed, 2057 insertions(+) create mode 100644 epan/dissectors/asn1/dap/CMakeLists.txt create mode 100644 epan/dissectors/asn1/dap/DirectoryAccessProtocol.asn create mode 100644 epan/dissectors/asn1/dap/dap.asn create mode 100644 epan/dissectors/asn1/dap/dap.cnf create mode 100644 epan/dissectors/asn1/dap/packet-dap-template.c create mode 100644 epan/dissectors/asn1/dap/packet-dap-template.h (limited to 'epan/dissectors/asn1/dap') diff --git a/epan/dissectors/asn1/dap/CMakeLists.txt b/epan/dissectors/asn1/dap/CMakeLists.txt new file mode 100644 index 00000000..856a6221 --- /dev/null +++ b/epan/dissectors/asn1/dap/CMakeLists.txt @@ -0,0 +1,52 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs +# Copyright 1998 Gerald Combs +# +# SPDX-License-Identifier: GPL-2.0-or-later +# + +set( PROTOCOL_NAME dap ) + +set( PROTO_OPT ) + +set( EXPORT_FILES + ${PROTOCOL_NAME}-exp.cnf +) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + ${PROTOCOL_NAME}.asn + DirectoryAccessProtocol.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b ) + +set( EXTRA_CNF + "${CMAKE_CURRENT_BINARY_DIR}/../acse/acse-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../dop/dop-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../disp/disp-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../dsp/dsp-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../crmf/crmf-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../ros/ros-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../x509af/x509af-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../x509if/x509if-exp.cnf" + "${CMAKE_CURRENT_BINARY_DIR}/../x509sat/x509sat-exp.cnf" +) + +ASN2WRS() diff --git a/epan/dissectors/asn1/dap/DirectoryAccessProtocol.asn b/epan/dissectors/asn1/dap/DirectoryAccessProtocol.asn new file mode 100644 index 00000000..2d558904 --- /dev/null +++ b/epan/dissectors/asn1/dap/DirectoryAccessProtocol.asn @@ -0,0 +1,170 @@ +-- http://www.itu.int/ITU-T/asn1/database/itu-t/x/x519/2001/index.html +-- Module DirectoryAccessProtocol (X.519:02/2001) +DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 4} DEFINITIONS +::= +BEGIN + +-- EXPORTS All +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + -- from ITU-T Rec. X.501 | ISO/IEC 9594-2 + directoryAbstractService, protocolObjectIdentifiers + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 4} + -- from ITU-T Rec. X.511 | ISO/IEC 9594-3 + abandon, addEntry, compare, directoryBind, directoryUnbind, list, modifyDN, + modifyEntry, read, removeEntry, search + FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) + directoryAbstractService(2) 4} + -- from ITU-T Rec. X.519 | ISO/IEC 9594-5 + id-ac-directoryAccessAC, id-as-directoryAccessAS, id-contract-dap, + id-package-dapConnection, id-package-modify, id-package-read, + id-package-search, id-rosObject-dapDSA, id-rosObject-directory, + id-rosObject-dua + FROM ProtocolObjectIdentifiers {joint-iso-itu-t ds(5) module(1) + protocolObjectIdentifiers(4) 4} + -- from ITU-T Rec. X.880 | ISO/IEC 13712-1 + Code, CONNECTION-PACKAGE, CONTRACT, OPERATION, OPERATION-PACKAGE, + ROS-OBJECT-CLASS + FROM Remote-Operations-Information-Objects {joint-iso-itu-t + remote-operations(4) informationObjects(5) version1(0)} + Bind{}, InvokeId, ROS{}, Unbind{} + FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t + remote-operations(4) generic-ROS-PDUs(6) version1(0)} + -- from ITU-T Rec. X.881 | ISO/IEC 13712-2 + APPLICATION-CONTEXT + FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t + remote-operations(4) informationObjects-extensions(8) version1(0)} + -- from ITU-T Rec. X.882 | ISO/IEC 13712-3 + acse, pData + FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4) + realizations(9) version1(0)} + acse-abstract-syntax + FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t + remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)}; + +-- application contexts +directoryAccessAC APPLICATION-CONTEXT ::= { + CONTRACT dapContract + ESTABLISHED BY acse + INFORMATION TRANSFER BY pData + ABSTRACT SYNTAXES + {acse-abstract-syntax | directoryAccessAbstractSyntax} + APPLICATION CONTEXT NAME id-ac-directoryAccessAC +} + +-- ROS objects +dua ROS-OBJECT-CLASS ::= {INITIATES {dapContract} + ID id-rosObject-dua +} + +directory ROS-OBJECT-CLASS ::= { + RESPONDS {dapContract} + ID id-rosObject-directory +} + +dap-dsa ROS-OBJECT-CLASS ::= { + RESPONDS {dapContract} + ID id-rosObject-dapDSA +} + +-- contracts +dapContract CONTRACT ::= { + CONNECTION dapConnectionPackage + INITIATOR CONSUMER OF {readPackage | searchPackage | modifyPackage} + ID id-contract-dap +} + +-- connection package +dapConnectionPackage CONNECTION-PACKAGE ::= { + BIND directoryBind + UNBIND directoryUnbind + ID id-package-dapConnection +} + +-- read package +readPackage OPERATION-PACKAGE ::= { + CONSUMER INVOKES {read | compare | abandon} + ID id-package-read +} + +-- search package +searchPackage OPERATION-PACKAGE ::= { + CONSUMER INVOKES {list | search} + ID id-package-search +} + +-- modify Package +modifyPackage OPERATION-PACKAGE ::= { + CONSUMER INVOKES {addEntry | removeEntry | modifyEntry | modifyDN} + ID id-package-modify +} + +-- abstract syntaxes +directoryAccessAbstractSyntax ABSTRACT-SYNTAX ::= { + DAP-PDUs + IDENTIFIED BY id-as-directoryAccessAS +} + +--DAP-PDUs ::= CHOICE { +-- basicRos ROS{{DAP-InvokeIDSet}, {DAP-Invokable}, {DAP-Returnable}}, +-- bind Bind{directoryBind}, +-- unbind Unbind{directoryUnbind} +--} + +DAP-InvokeIDSet ::= InvokeId --(ALL EXCEPT absent:NULL) + +DAP-Invokable OPERATION ::= + {read | compare | abandon | list | search | addEntry | removeEntry | + modifyEntry | modifyDN} + +DAP-Returnable OPERATION ::= + {read | compare | abandon | list | search | addEntry | removeEntry | + modifyEntry | modifyDN} + +-- remote operation codes +id-opcode-read Code ::= local:1 + +id-opcode-compare Code ::= local:2 + +id-opcode-abandon Code ::= local:3 + +id-opcode-list Code ::= local:4 + +id-opcode-search Code ::= local:5 + +id-opcode-addEntry Code ::= local:6 + +id-opcode-removeEntry Code ::= local:7 + +id-opcode-modifyEntry Code ::= local:8 + +id-opcode-modifyDN Code ::= local:9 + +-- remote error codes +id-errcode-attributeError Code ::= local:1 + +id-errcode-nameError Code ::= local:2 + +id-errcode-serviceError Code ::= local:3 + +id-errcode-referral Code ::= local:4 + +id-errcode-abandoned Code ::= local:5 + +id-errcode-securityError Code ::= local:6 + +id-errcode-abandonFailed Code ::= local:7 + +id-errcode-updateError Code ::= local:8 + +-- remote error code for DSP +id-errcode-dsaReferral Code ::= local:9 + +END -- DirectoryAccessProtocol + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D + diff --git a/epan/dissectors/asn1/dap/dap.asn b/epan/dissectors/asn1/dap/dap.asn new file mode 100644 index 00000000..80083891 --- /dev/null +++ b/epan/dissectors/asn1/dap/dap.asn @@ -0,0 +1,1304 @@ +-- Module DirectoryAbstractService (X.511:08/2005) +DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) + directoryAbstractService(2) 4} DEFINITIONS ::= +BEGIN + +-- EXPORTS All +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + -- from ITU-T Rec. X.501 | ISO/IEC 9594-2 + attributeCertificateDefinitions, authenticationFramework, basicAccessControl, + dap, directoryShadowAbstractService, distributedOperations, + enhancedSecurity, id-at, informationFramework, selectedAttributeTypes, + serviceAdministration, upperBounds + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 4} + Attribute, ATTRIBUTE, AttributeType, AttributeTypeAssertion, AttributeValue, + AttributeValueAssertion, CONTEXT, ContextAssertion, DistinguishedName, RDNSequence, + MATCHING-RULE, -- Name,-- OBJECT-CLASS, RelativeDistinguishedName, + SupportedAttributes, SupportedContexts + FROM InformationFramework {joint-iso-itu-t ds(5) module(1) + informationFramework(1) 4} + RelaxationPolicy + FROM ServiceAdministration {joint-iso-itu-t ds(5) module(1) + serviceAdministration(33) 4} + AttributeTypeAndValue + FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1) + basicAccessControl(24) 4} + OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{} + FROM EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28) + 4} + -- from ITU-T Rec. X.518 | ISO/IEC 9594-4 + AccessPoint, ContinuationReference, Exclusions, OperationProgress, + ReferenceType + FROM DistributedOperations {joint-iso-itu-t ds(5) module(1) + distributedOperations(3) 4} + -- from ITU-T Rec. X.519 | ISO/IEC 9594-5 + id-errcode-abandoned, id-errcode-abandonFailed, id-errcode-attributeError, + id-errcode-nameError, id-errcode-referral, id-errcode-securityError, + id-errcode-serviceError, id-errcode-updateError, id-opcode-abandon, + id-opcode-addEntry, id-opcode-compare, id-opcode-list, id-opcode-modifyDN, + id-opcode-modifyEntry, id-opcode-read, id-opcode-removeEntry, + id-opcode-search + FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 4} + -- from ITU-T Rec. X.520 | ISO/IEC 9594-6 + DirectoryString + FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) + selectedAttributeTypes(5) 4} + ub-domainLocalID + FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4} + -- from ITU-T Rec. X.509 | ISO/IEC 9594-8 + AlgorithmIdentifier, CertificationPath, ENCRYPTED{}, SIGNATURE{}, SIGNED{} + FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) + authenticationFramework(7) 4} + AttributeCertificationPath + FROM AttributeCertificateDefinitions {joint-iso-itu-t ds(5) module(1) + attributeCertificateDefinitions(32) 4} + -- from ITU-T Rec. X.525 | ISO/IEC 9594-9 + AgreementID + FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1) + directoryShadowAbstractService(15) 4} + -- from ITU-T Rec. X.880 | ISO/IEC 13712-1 + Code, ERROR, OPERATION + FROM Remote-Operations-Information-Objects {joint-iso-itu-t + remote-operations(4) informationObjects(5) version1(0)} + emptyUnbind + FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t + remote-operations(4) useful-definitions(7) version1(0)} + InvokeId + FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t + remote-operations(4) generic-ROS-PDUs(6) version1(0)} + -- from RFC 2025 + SPKM-ERROR, SPKM-REP-TI, SPKM-REQ + FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) spkm(1) spkmGssTokens(10)}; + +-- Common data types +CommonArguments ::= SET { + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +FamilyGrouping ::= ENUMERATED { + entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)} + +CommonResults ::= SET { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +CommonResultsSeq ::= SEQUENCE { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +ServiceControls ::= SET { + options [0] ServiceControlOptions DEFAULT {}, + priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium, + timeLimit [2] INTEGER OPTIONAL, + sizeLimit [3] INTEGER OPTIONAL, + scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL, + attributeSizeLimit [5] INTEGER OPTIONAL, + manageDSAITPlaneRef + [6] SEQUENCE {dsaName Name, + agreementID AgreementID} OPTIONAL, + serviceType [7] OBJECT IDENTIFIER OPTIONAL, + userClass [8] INTEGER OPTIONAL +} + +ServiceControlOptions ::= BIT STRING { + preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3), + dontDereferenceAliases(4), subentries(5), copyShallDo(6), + partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9), + noSubtypeSelection(10), countFamily(11), dontSelectFriends(12), dontMatchFriends(13)} + +EntryInformationSelection ::= SET { + attributes + CHOICE {allUserAttributes [0] NULL, + select [1] SET OF AttributeType + -- empty set implies no attributes are requested + } DEFAULT allUserAttributes:NULL, + infoTypes + [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)} + DEFAULT attributeTypesAndValues, + extraAttributes + CHOICE {allOperationalAttributes [3] NULL, + select [4] SET SIZE (1..MAX) OF AttributeType + } OPTIONAL, + contextSelection ContextSelection OPTIONAL, + returnContexts BOOLEAN DEFAULT FALSE, + familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly} +} + +ContextSelection ::= CHOICE { + allContexts NULL, + selectedContexts SET SIZE (1..MAX) OF TypeAndContextAssertion +} + +TypeAndContextAssertion ::= SEQUENCE { + type AttributeType, + contextAssertions + CHOICE {preference SEQUENCE OF ContextAssertion, + all SET OF ContextAssertion} +} + +FamilyReturn ::= SEQUENCE { + memberSelect + ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2), + compoundEntry(3)}, + familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL +} + + +EntryInformation ::= SEQUENCE { + name Name, + fromEntry BOOLEAN DEFAULT TRUE, + information + SET SIZE (1..MAX) OF CHOICE { + attributeType AttributeType, + attribute Attribute} OPTIONAL, + incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems + partialName [4] BOOLEAN DEFAULT FALSE, -- not in 1988 or 1993 edition systems + derivedEntry + [5] BOOLEAN DEFAULT FALSE -- not in pre-2001 edition systems -- +} + +--family-information ATTRIBUTE ::= { +-- WITH SYNTAX FamilyEntries +-- USAGE directoryOperation +-- ID id-at-family-information +--} + +FamilyEntries ::= SEQUENCE { + family-class --OBJECT-CLASS.&id-- OBJECT IDENTIFIER, -- structural object class value + familyEntries SEQUENCE OF FamilyEntry +} + +FamilyEntry ::= SEQUENCE { + rdn RelativeDistinguishedName, + information + SEQUENCE OF CHOICE {attributeType AttributeType, + attribute Attribute}, + family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL +} + +Filter ::= CHOICE { + item [0] FilterItem, + and [1] SetOfFilter, + or [2] SetOfFilter, + not [3] Filter +} + +SetOfFilter ::= SET OF Filter + + +FilterItem ::= CHOICE { + equality [0] AttributeValueAssertion, + substrings + [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}), + strings + SEQUENCE OF + CHOICE {initial + [0] ATTRIBUTE.&Type + ({SupportedAttributes} + {@substrings.type}), + any + [1] ATTRIBUTE.&Type + ({SupportedAttributes} + {@substrings.type}), + final + [2] ATTRIBUTE.&Type + ({SupportedAttributes} + {@substrings.type}), + control Attribute}}, -- Used to specify interpretation of following items + greaterOrEqual [2] AttributeValueAssertion, + lessOrEqual [3] AttributeValueAssertion, + present [4] AttributeType, + approximateMatch [5] AttributeValueAssertion, + extensibleMatch [6] MatchingRuleAssertion, + contextPresent [7] AttributeTypeAssertion +} + +MatchingRuleAssertion ::= SEQUENCE { + matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id, + type [2] AttributeType OPTIONAL, + matchValue + [3] MATCHING-RULE.&AssertionType +-- (CONSTRAINED BY { + -- matchValue shall be a value of type specified by the &AssertionType field of + -- one of the MATCHING-RULE information objects identified by matchingRule }) --, + dnAttributes [4] BOOLEAN DEFAULT FALSE +} + +PagedResultsRequest ::= CHOICE { + newRequest + SEQUENCE {pageSize INTEGER, + sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL, + reverse [1] BOOLEAN DEFAULT FALSE, + unmerged [2] BOOLEAN DEFAULT FALSE}, + queryReference OCTET STRING +} + +SortKey ::= SEQUENCE { + type AttributeType, + orderingRule --MATCHING-RULE.&id-- OBJECT IDENTIFIER OPTIONAL +} + +SecurityParameters ::= SET { + certification-path [0] CertificationPath OPTIONAL, + name [1] DistinguishedName OPTIONAL, + time [2] Time OPTIONAL, + random [3] BIT STRING OPTIONAL, + target [4] ProtectionRequest OPTIONAL, + response [5] BIT STRING OPTIONAL, + operationCode [6] Code OPTIONAL, + attributeCertificationPath [7] AttributeCertificationPath OPTIONAL, + errorProtection [8] ErrorProtectionRequest OPTIONAL, + errorCode [9] Code OPTIONAL +} + +ProtectionRequest ::= INTEGER { + none(0), signed(1), encrypted(2), signed-encrypted(3)} + +Time ::= CHOICE {utcTime UTCTime, + generalizedTime GeneralizedTime +} + +ErrorProtectionRequest ::= INTEGER { + none(0), signed(1), encrypted(2), signed-encrypted(3)} + +-- Bind and unbind operations +directoryBind OPERATION ::= { + ARGUMENT DirectoryBindArgument + RESULT DirectoryBindResult + ERRORS {directoryBindError} + CODE op-ros-bind -- WS: internal operation code +} + +DirectoryBindArgument ::= SET { + credentials [0] Credentials OPTIONAL, + versions [1] Versions DEFAULT {v1} +} + +Credentials ::= CHOICE { + simple [0] SimpleCredentials, + strong [1] StrongCredentials, + externalProcedure [2] EXTERNAL, + spkm [3] SpkmCredentials, + sasl [4] SaslCredentials +} + +SimpleCredentials ::= SEQUENCE { + name [0] DistinguishedName, + validity + [1] SET {time1 [0] CHOICE {utc UTCTime, + gt GeneralizedTime} OPTIONAL, + time2 [1] CHOICE {utc UTCTime, + gt GeneralizedTime} OPTIONAL, + random1 [2] BIT STRING OPTIONAL, + random2 [3] BIT STRING OPTIONAL} OPTIONAL, + password + [2] CHOICE {unprotected OCTET STRING, +-- protected SIGNATURE{OCTET STRING}} OPTIONAL + protected SEQUENCE { + protectedPassword OCTET STRING, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING }} OPTIONAL +} + +StrongCredentials ::= SET { + certification-path [0] CertificationPath OPTIONAL, + bind-token [1] Token, + name [2] DistinguishedName OPTIONAL, + attributeCertificationPath [3] AttributeCertificationPath OPTIONAL +} + +SpkmCredentials ::= CHOICE {req [0] -- SPKM-REQ -- ANY, + rep [1] -- SPKM-REP-TI-- ANY +} + +SaslCredentials ::= SEQUENCE { + mechanism [0] DirectoryString {--ub-sasIMechanism--}, + credentials [1] OCTET STRING OPTIONAL, + saslAbort [2] BOOLEAN DEFAULT FALSE +} + +TokenData ::= +-- SIGNED +-- { --SEQUENCE {algorithm [0] AlgorithmIdentifier, + name [1] DistinguishedName, + time [2] UTCTime, + random [3] BIT STRING, + response [4] BIT STRING OPTIONAL, + bindIntAlgorithm + [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, + bindIntKeyInfo [6] BindKeyInfo OPTIONAL, + bindConfAlgorithm + [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, + bindConfKeyInfo + [8] BindKeyInfo--,-- + OPTIONAL -- dirqop [9] OBJECT IDENTIFIER OPTIONAL-- + } --} + +-- expand SIGNED macro + +Token ::= SEQUENCE { + token-data TokenData, + algorithm-identifier AlgorithmIdentifier, + encrypted BIT STRING +} + +Versions ::= BIT STRING {v1(0), v2(1)} + +DirectoryBindResult ::= DirectoryBindArgument + +directoryBindError ERROR ::= { + PARAMETER -- OPTIONALLY-PROTECTED -- DirectoryBindError +-- {SET {versions [0] Versions DEFAULT {v1}, +-- error +-- CHOICE {serviceError [1] ServiceProblem, +-- securityError [2] SecurityProblem}} } + CODE err-ros-bind -- WS: internal error code +} + +-- expand OPTIONALLY-PROTECTED macro +DirectoryBindError ::= CHOICE { + unsignedDirectoryBindError DirectoryBindErrorData, + signedDirectoryBindError SEQUENCE { + directoryBindError DirectoryBindErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +DirectoryBindErrorData ::= + SET {versions [0] Versions DEFAULT {v1}, + error + CHOICE {serviceError [1] ServiceProblem, + securityError [2] SecurityProblem}, + securityParameters [30] SecurityParameters OPTIONAL +} + + +BindKeyInfo ::= -- ENCRYPTED{-- BIT STRING + +--directoryUnbind OPERATION ::= emptyUnbind + +-- Operations, arguments, and results +read OPERATION ::= { + ARGUMENT ReadArgument + RESULT ReadResult + ERRORS + {attributeError | nameError | serviceError | referral | abandoned | + securityError} + CODE id-opcode-read +} + +ReadArgumentData ::= +-- OPTIONALLY-PROTECTED +-- {-- SET {object [0] Name, + selection [1] EntryInformationSelection DEFAULT {}, + modifyRightsRequest [2] BOOLEAN DEFAULT FALSE, +-- COMPONENTS OF CommonArguments + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +}--} + +Name ::= CHOICE { + rdnSequence RDNSequence +} + + +-- OPTIONALLY-PROTECTED macro expansion +ReadArgument ::= CHOICE { + unsignedReadArgument ReadArgumentData, + signedReadArgument SEQUENCE { + readArgument ReadArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +ReadResultData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {entry [0] EntryInformation, + modifyRights [1] ModifyRights OPTIONAL, +-- COMPONENTS OF CommonResults + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +}--} + +-- OPTIONALLY-PROTECTED macro expansion +ReadResult ::= CHOICE { + unsignedReadResult ReadResultData, + signedReadResult SEQUENCE { + readResult ReadResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +ModifyRights ::= + SET OF + SEQUENCE {item + CHOICE {entry [0] NULL, + attribute [1] AttributeType, + value [2] AttributeValueAssertion}, + permission + [3] BIT STRING {add(0), remove(1), rename(2), move(3)} + } + +compare OPERATION ::= { + ARGUMENT CompareArgument + RESULT CompareResult + ERRORS + {attributeError | nameError | serviceError | referral | abandoned | + securityError} + CODE id-opcode-compare +} + +CompareArgumentData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {object [0] Name, + purported [1] AttributeValueAssertion, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +-- OPTIONALLY-PROTECTED macro expansion +CompareArgument ::= CHOICE { + unsignedCompareArgument CompareArgumentData, + signedCompareArgument SEQUENCE { + compareArgument CompareArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +CompareResultData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {name Name OPTIONAL, + matched [0] BOOLEAN, + fromEntry [1] BOOLEAN DEFAULT TRUE, + matchedSubtype [2] AttributeType OPTIONAL, +-- COMPONENTS OF CommonResults}} + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +-- OPTIONALLY-PROTECTED macro expansion +CompareResult ::= CHOICE { + unsignedCompareResult CompareResultData, + signedCompareResult SEQUENCE { + compareResult CompareResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +abandon OPERATION ::= { + ARGUMENT AbandonArgument + RESULT AbandonResult + ERRORS {abandonFailed} + CODE id-opcode-abandon +} + +AbandonArgumentData ::= +-- OPTIONALLY-PROTECTED-SEQ{--SEQUENCE {invokeID [0] InvokeId}--} + +-- OPTIONALLY-PROTECTED-SEQ macro expansion +AbandonArgument ::= CHOICE { + unsignedAbandonArgument AbandonArgumentData, + signedAbandonArgument [0] SEQUENCE { + abandonArgument AbandonArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +AbandonResultData ::= SEQUENCE { + invokeID InvokeId, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +AbandonResult ::= CHOICE { + null NULL, + information +-- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId, +-- COMPONENTS OF CommonResultsSeq +-- }} + CHOICE { + unsignedAbandonResult AbandonResultData, + signedAbandonResult [0] SEQUENCE { + abandonResult AbandonResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } + } +} + +list OPERATION ::= { + ARGUMENT ListArgument + RESULT ListResult + ERRORS {nameError | serviceError | referral | abandoned | securityError} + CODE id-opcode-list +} + +ListArgumentData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {object [0] Name, + pagedResults [1] PagedResultsRequest OPTIONAL, + listFamily [2] BOOLEAN DEFAULT FALSE, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +-- expand OPTIONALLY-PROTECTED macro +ListArgument ::= CHOICE { + unsignedListArgument ListArgumentData, + signedListArgument SEQUENCE { + listArgument ListArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +ListResultData ::= +-- OPTIONALLY-PROTECTED +-- {--CHOICE {listInfo + SET {name Name OPTIONAL, + subordinates + [1] SET OF + SEQUENCE {rdn RelativeDistinguishedName, + aliasEntry [0] BOOLEAN DEFAULT FALSE, + fromEntry [1] BOOLEAN DEFAULT TRUE + }, + partialOutcomeQualifier + [2] PartialOutcomeQualifier OPTIONAL, +-- COMPONENTS OF CommonResults}, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL + }, + uncorrelatedListInfo [0] SET OF ListResult}--} + +-- expand OPTIONALLY-PROTECTED macro +ListResult ::= CHOICE { + unsignedListResult ListResultData, + signedListResult SEQUENCE { + listResult ListResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +PartialOutcomeQualifier ::= SET { + limitProblem [0] LimitProblem OPTIONAL, + unexplored + [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL, + unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE, + unknownErrors + [3] SET SIZE (1..MAX) OF --ABSTRACT-SYNTAX.&Type-- OBJECT IDENTIFIER OPTIONAL, + queryReference [4] OCTET STRING OPTIONAL, + overspecFilter [5] Filter OPTIONAL, + notification + [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL, + entryCount + CHOICE {bestEstimate [7] INTEGER, + lowEstimate [8] INTEGER, + exact [9] INTEGER} OPTIONAL, + streamedResult [10] BOOLEAN DEFAULT FALSE +} + +LimitProblem ::= INTEGER { + timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2) +} + +search OPERATION ::= { + ARGUMENT SearchArgument + RESULT SearchResult + ERRORS + {attributeError | nameError | serviceError | referral | abandoned | + securityError} + CODE id-opcode-search +} + +SearchArgumentData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {baseObject [0] Name, + subset + [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} + DEFAULT baseObject, + filter [2] Filter DEFAULT and:{}, + searchAliases [3] BOOLEAN DEFAULT TRUE, + selection [4] EntryInformationSelection DEFAULT {}, + pagedResults [5] PagedResultsRequest OPTIONAL, + matchedValuesOnly [6] BOOLEAN DEFAULT FALSE, + extendedFilter [7] Filter OPTIONAL, + checkOverspecified [8] BOOLEAN DEFAULT FALSE, + relaxation [9] RelaxationPolicy OPTIONAL, + extendedArea [10] INTEGER OPTIONAL, + hierarchySelections [11] HierarchySelections DEFAULT {self}, + searchControlOptions + [12] SearchControlOptions DEFAULT {searchAliases}, + joinArguments + [13] SEQUENCE SIZE (1..MAX) OF JoinArgument OPTIONAL, + joinType + [14] ENUMERATED {innerJoin(0), leftOuterJoin(1), fullOuterJoin(2)} + DEFAULT leftOuterJoin, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +-- expand OPTIONALLY-PROTECTED macro +SearchArgument ::= CHOICE { + unsignedSearchArgument SearchArgumentData, + signedSearchArgument SEQUENCE { + searchArgument SearchArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +HierarchySelections ::= BIT STRING { + self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5), + siblings(6), siblingChildren(7), siblingSubtree(8), all(9)} + +SearchControlOptions ::= BIT STRING { + searchAliases(0), matchedValuesOnly(1), checkOverspecified(2), + performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6), + matchOnResidualName(7), entryCount(8), useSubset(9), + separateFamilyMembers(10), searchFamily(11)} + +JoinArgument ::= SEQUENCE { + joinBaseObject [0] Name, + domainLocalID [1] DomainLocalID OPTIONAL, + joinSubset + [2] ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)} + DEFAULT baseObject, + joinFilter [3] Filter OPTIONAL, + joinAttributes [4] SEQUENCE SIZE (1..MAX) OF JoinAttPair OPTIONAL, + joinSelection [5] EntryInformationSelection +} + +DomainLocalID ::= DirectoryString --{ub-domainLocalID}-- + +JoinAttPair ::= SEQUENCE { + baseAtt AttributeType, + joinAtt AttributeType, + joinContext SEQUENCE SIZE (1..MAX) OF JoinContextType OPTIONAL +} + +JoinContextType ::= --CONTEXT.&id({SupportedContexts})-- OBJECT IDENTIFIER + +SearchResultData ::= +-- OPTIONALLY-PROTECTED +-- {--CHOICE {searchInfo + SET {name Name OPTIONAL, + entries [0] SET OF EntryInformation, + partialOutcomeQualifier + [2] PartialOutcomeQualifier OPTIONAL, + altMatching [3] BOOLEAN DEFAULT FALSE, +-- COMPONENTS OF CommonResults}, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX)OF Attribute OPTIONAL}, + uncorrelatedSearchInfo [0] SET OF SearchResult}--} + +-- expand OPTIONALLY-PROTECTED macro +SearchResult ::= CHOICE { + unsignedSearchResult SearchResultData, + signedSearchResult SEQUENCE { + searchResult SearchResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +addEntry OPERATION ::= { + ARGUMENT AddEntryArgument + RESULT AddEntryResult + ERRORS + {attributeError | nameError | serviceError | referral | securityError | + updateError} + CODE id-opcode-addEntry +} + +AddEntryArgumentData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {object [0] Name, + entry [1] SET OF Attribute, + targetSystem [2] AccessPoint OPTIONAL, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +-- expand OPTIONALLY-PROTECTED macro +AddEntryArgument ::= CHOICE { + unsignedAddEntryArgument AddEntryArgumentData, + signedAddEntryArgument SEQUENCE { + addEntryArgument AddEntryArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +AddEntryResultData ::= SEQUENCE { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +AddEntryResult ::= CHOICE { + null NULL, + information +-- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} + CHOICE { + unsignedAddEntryResult AddEntryResultData, + signedAddEntryResult [0] SEQUENCE { + addEntryResult AddEntryResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } + } +} + +removeEntry OPERATION ::= { + ARGUMENT RemoveEntryArgument + RESULT RemoveEntryResult + ERRORS {nameError | serviceError | referral | securityError | updateError} + CODE id-opcode-removeEntry +} + +RemoveEntryArgumentData ::= +-- OPTIONALLY-PROTECTED{--SET {object [0] Name, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +-- OPTIONALLY-PROTECTED macro expansion +RemoveEntryArgument ::= CHOICE { + unsignedRemoveEntryArgument RemoveEntryArgumentData, + signedRemoveEntryArgument SEQUENCE { + removeEntryArgument RemoveEntryArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +RemoveEntryResultData ::= SEQUENCE { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +RemoveEntryResult ::= CHOICE { + null NULL, + information +-- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} + CHOICE { + unsignedRemoveEntryResult RemoveEntryResultData, + signedRemoveEntryResult [0] SEQUENCE { + removeEntryResult RemoveEntryResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } + } +} + +modifyEntry OPERATION ::= { + ARGUMENT ModifyEntryArgument + RESULT ModifyEntryResult + ERRORS + {attributeError | nameError | serviceError | referral | securityError | + updateError} + CODE id-opcode-modifyEntry +} + +ModifyEntryArgumentData ::= +-- OPTIONALLY-PROTECTED +-- {--SET {object [0] Name, + changes [1] SEQUENCE OF EntryModification, + selection [2] EntryInformationSelection OPTIONAL, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +-- OPTIONALLY-PROTECTED macro expansion +ModifyEntryArgument ::= CHOICE { + unsignedModifyEntryArgument ModifyEntryArgumentData, + signedModifyEntryArgument SEQUENCE { + modifyEntryArgument ModifyEntryArgumentData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +ModifyEntryResultData ::= SEQUENCE { + entry [0] EntryInformation OPTIONAL, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +ModifyEntryResult ::= CHOICE { + null NULL, + information +-- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} + CHOICE { + unsignedModifyEntryResult ModifyEntryResultData, + signedModifyEntryResult [0] SEQUENCE { + modifyEntryResult ModifyEntryResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } + } +} + +EntryModification ::= CHOICE { + addAttribute [0] Attribute, + removeAttribute [1] AttributeType, + addValues [2] Attribute, + removeValues [3] Attribute, + alterValues [4] AttributeTypeAndValue, + resetValue [5] AttributeType +} + +modifyDN OPERATION ::= { + ARGUMENT ModifyDNArgument + RESULT ModifyDNResult + ERRORS {nameError | serviceError | referral | securityError | updateError} + CODE id-opcode-modifyDN +} + +ModifyDNArgument ::= +-- OPTIONALLY-PROTECTED +-- {--SET {object [0] DistinguishedName, + newRDN [1] RelativeDistinguishedName, + deleteOldRDN [2] BOOLEAN DEFAULT FALSE, + newSuperior [3] DistinguishedName OPTIONAL, +-- COMPONENTS OF CommonArguments}} + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + exclusions [22] Exclusions OPTIONAL, + nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +ModifyDNResultData ::= SEQUENCE { + newRDN RelativeDistinguishedName, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + + +ModifyDNResult ::= CHOICE { + null NULL, + information +-- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} + CHOICE { + unsignedModifyDNResult ModifyDNResultData, + signedModifyDNResult [0] SEQUENCE { + modifyDNResult ModifyDNResultData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } + } +} + + +-- Errors and parameters + +abandoned ERROR ::= { -- not literally an "error" + PARAMETER --OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}}-- Abandoned + CODE id-errcode-abandoned +} + +AbandonedData ::= SET { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +Abandoned ::= CHOICE { + unsignedAbandoned AbandonedData, + signedAbandoned SEQUENCE { + abandoned AbandonedData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +abandonFailed ERROR ::= { + PARAMETER --OPTIONALLY-PROTECTED-- AbandonFailedError +-- {SET {problem [0] AbandonProblem, +-- operation [1] InvokeId, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-abandonFailed +} + +AbandonFailedErrorData ::= SET { + problem [0] AbandonProblem, + operation [1] InvokeId, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +AbandonFailedError ::= CHOICE { + unsignedAbandonFailedError AbandonFailedErrorData, + signedAbandonFailedError SEQUENCE { + abandonFailedError AbandonFailedErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)} + +attributeError ERROR ::= { + PARAMETER --OPTIONALLY-PROTECTED-- AttributeError +-- {SET {object [0] Name, +-- problems +-- [1] SET OF +-- SEQUENCE {problem [0] AttributeProblem, +-- type [1] AttributeType, +-- value [2] AttributeValue OPTIONAL}, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-attributeError +} + +AttributeErrorData ::= SET { + object [0] Name, + problems + [1] SET OF + SEQUENCE {problem [0] AttributeProblem, + type [1] AttributeType, + value [2] AttributeValue OPTIONAL}, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +AttributeError ::= CHOICE { + unsignedAttributeError AttributeErrorData, + signedAttributeError SEQUENCE { + attributeError AttributeErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +AttributeProblem ::= INTEGER { + noSuchAttributeOrValue(1), invalidAttributeSyntax(2), + undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5), + attributeOrValueAlreadyExists(6), contextViolation(7)} + +nameError ERROR ::= { + PARAMETER --OPTIONALLY-PROTECTED-- NameError +-- {SET {problem [0] NameProblem, +-- matched [1] Name, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-nameError +} + +NameErrorData ::= SET { + problem [0] NameProblem, + matched [1] Name, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + + +NameError ::= CHOICE { + unsignedNameError NameErrorData, + signedNameError SEQUENCE { + nameError NameErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +NameProblem ::= INTEGER { + noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3), + aliasDereferencingProblem(4), contextProblem(5)} + +referral ERROR ::= { -- not literally an "error" + PARAMETER --OPTIONALLY-PROTECTED-- Referral +-- {SET {candidate [0] ContinuationReference, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-referral +} + +ReferralData ::= SET { + candidate [0] ContinuationReference, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL + +} + +Referral ::= CHOICE { + unsignedReferral ReferralData, + signedReferral SEQUENCE { + referral ReferralData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + +securityError ERROR ::= { + PARAMETER --OPTIONALLY-PROTECTED-- SecurityError +-- {SET {problem [0] SecurityProblem, +-- spkmInfo [1] SPKM-ERROR, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-securityError +} + +SecurityErrorData ::= SET { + problem [0] SecurityProblem, + spkmInfo [1] -- SPKM-ERROR -- ANY, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +SecurityError ::= CHOICE { + unsignedSecurityError SecurityErrorData, + signedSecurityError SEQUENCE { + securityError SecurityErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +SecurityProblem ::= INTEGER { + inappropriateAuthentication(1), invalidCredentials(2), + insufficientAccessRights(3), invalidSignature(4), protectionRequired(5), + noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9) +} + + +serviceError ERROR ::= { + PARAMETER --OPTIONALLY-PROTECTED-- ServiceError +-- {SET {problem [0] ServiceProblem, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-serviceError +} + +ServiceErrorData ::= SET { + problem [0] ServiceProblem, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +ServiceError ::= CHOICE { + unsignedServiceError ServiceErrorData, + signedServiceError SEQUENCE { + serviceError ServiceErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +ServiceProblem ::= INTEGER { + busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4), + unableToProceed(5), invalidReference(6), timeLimitExceeded(7), + administrativeLimitExceeded(8), loopDetected(9), + unavailableCriticalExtension(10), outOfScope(11), ditError(12), + invalidQueryReference(13), requestedServiceNotAvailable(14), + unsupportedMatchingUse(15), ambiguousKeyAttributes(16), + saslBindInProgress(17) +} + + +updateError ERROR ::= { + PARAMETER --OPTIONALLY-PROTECTED-- UpdateError +-- {SET {problem [0] UpdateProblem, +-- attributeInfo +-- [1] SET SIZE (1..MAX) OF +-- CHOICE {attributeType AttributeType, +-- attribute Attribute} OPTIONAL, +-- COMPONENTS OF CommonResults}} + CODE id-errcode-updateError +} + +UpdateErrorData ::= SET { + problem [0] UpdateProblem, + attributeInfo + [1] SET SIZE (1..MAX) OF + CHOICE {attributeType AttributeType, + attribute Attribute} OPTIONAL, + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +UpdateError ::= CHOICE { + unsignedUpdateError UpdateErrorData, + signedUpdateError SEQUENCE { + updateError UpdateErrorData, + algorithmIdentifier AlgorithmIdentifier, + encrypted BIT STRING + } +} + + +UpdateProblem ::= INTEGER { + namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3), + notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6), + objectClassModificationProhibited(7), noSuchSuperior(8), notAncestor(9), + parentNotAncestor(10), hierarchyRuleViolation(11), familyRuleViolation(12) +} + +-- attribute types +--id-at-family-information OBJECT IDENTIFIER ::= {id-at 64} + +END -- DirectoryAbstractService + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D + diff --git a/epan/dissectors/asn1/dap/dap.cnf b/epan/dissectors/asn1/dap/dap.cnf new file mode 100644 index 00000000..9c11b4d4 --- /dev/null +++ b/epan/dissectors/asn1/dap/dap.cnf @@ -0,0 +1,370 @@ +#.TYPE_ATTR +# X509AF also exports the type Time. This makes sure asn2wrs uses the locally defined version. +Time TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(dap_Time_vals) BITMASK = 0 +#.END + +#.IMPORT ../x509if/x509if-exp.cnf +#.IMPORT ../x509af/x509af-exp.cnf +#.IMPORT ../x509sat/x509sat-exp.cnf +#.IMPORT ../crmf/crmf-exp.cnf +#.IMPORT ../dsp/dsp-exp.cnf +#.IMPORT ../disp/disp-exp.cnf +#.IMPORT ../ros/ros-exp.cnf +#.IMPORT ../acse/acse-exp.cnf + +#.OMIT_ASSIGNMENT +DAP-InvokeIDSet +#.END + +#.NO_EMIT ONLY_VALS +Name + +#.MODULE_IMPORT +AttributeCertificateDefinitions x509af +BasicAccessControl crmf + +# Forward declaration of classes +#.CLASS CONTEXT +&Type +&Assertion +&id ObjectIdentifierType +#.END + +#.CLASS CONTRACT +&connection ClassReference CONNECTION-PACKAGE +&OperationsOf ClassReference OPERATION-PACKAGE +&InitiatorConsumerOf ClassReference OPERATION-PACKAGE +&InitiatorSupplierOf ClassReference OPERATION-PACKAGE +&id ObjectIdentifierType +#.END + +#.CLASS APPLICATION-CONTEXT +&bind-operation ClassReference OPERATION +&Operations ClassReference OPERATION +&applicationContextName ObjectIdentifierType +#.END + +#.CLASS OBJECT-CLASS +&Superclasses ClassReference OBJECT-CLASS +&kind TypeReference ObjectClassKind +&MandatoryAttributes ClassReference ATTRIBUTE +&OptionalAttributes ClassReference ATTRIBUTE +&id ObjectIdentifierType +#.END + +#.CLASS ATTRIBUTE +&derivation ClassReference ATTRIBUTE +&Type +&equality-match ClassReference MATCHING-RULE +&ordering-match ClassReference MATCHING-RULE +&substrings-match ClassReference MATCHING-RULE +&single-valued BooleanType +&collective BooleanType +&no-user-modification BooleanType +&usage TypeReference AttributeUsage +&id ObjectIdentifierType +#.END + +#.CLASS MATCHING-RULE +&ParentMatchingRules ClassReference MATCHING-RULE +&AssertionType +&uniqueMatchIndicator ClassReference ATTRIBUTE +&id ObjectIdentifierType +#.END + +#.OMIT_ASSIGNMENT +CommonArguments +CommonResults +CommonResultsSeq +#.END + +#.EXPORTS +Filter +Referral +EntryModification +ContextSelection +DirectoryBindArgument +DirectoryBindError +ReadArgument +ReadResult +ListArgument +ListResult +SearchArgument +SearchResult +AddEntryArgument +AddEntryResult +CompareArgument +CompareResult +RemoveEntryArgument +RemoveEntryResult +ModifyEntryArgument +ModifyEntryResult +ModifyDNArgument +ModifyDNResult +AbandonArgument +AbandonResult +AttributeError +NameError +ServiceError +Abandoned +SearchControlOptions +SecurityError +SecurityProblem +SecurityParameters EXTERN WS_DLL +ServiceControlOptions +AbandonFailedError +UpdateError +HierarchySelections +FamilyGrouping +FamilyReturn + +#.TYPE_RENAME +FamilyEntry/information FamilyInformation +AbandonResult/information AbandonInformation +AddEntryResult/information AddEntryInformation +RemoveEntryResult/information RemoveEntryInformation +ModifyEntryResult/information ModifyEntryInformation +ModifyDNResult/information ModifyDNInformation + +EntryInformation/information/_item EntryInformationItem + +#.FIELD_RENAME + +ModifyRights/_item/item/attribute attribute-type + +ModifyRights/_item/item/entry item-entry +AddEntryArgumentData/entry add-entry + +EntryInformation/information entry-information +FamilyEntry/information family-information +AbandonResult/information abandon-information +AddEntryResult/information add-entry-information +RemoveEntryResult/information remove-entry-information +ModifyEntryResult/information modify-entry-information +ModifyDNResult/information modify-dn-information + +EntryInformation/information/_item entry-information-item + +Filter/item filter-item + +NameErrorData/matched matched-name + +SecurityParameters/name distinguished-name +SimpleCredentials/name distinguished-name +StrongCredentials/name distinguished-name + +ModifyDNArgument/object distinguished-name + +AbandonFailedErrorData/problem abandon-failed-problem +ServiceErrorData/problem service-error-problem +AttributeErrorData/problems/_item/problem attribute-error-problem +NameErrorData/problem name-error-problem +SecurityErrorData/problem security-error-problem +UpdateErrorData/problem update-error-problem + +DirectoryBindErrorData/error/securityError securityProblem +SecurityError/signedSecurityError/securityError securityErrorData + +DirectoryBindErrorData/error/serviceError serviceProblem + +FilterItem/substrings/type sunstringType + +ModifyRights/_item/item/value value-assertion + +TokenData/name distinguished-name + +TokenData/time utctime + +PagedResultsRequest/queryReference pagedResultsQueryReference + +EntryInformationSelection/extraAttributes/select extraSelect + +SaslCredentials/credentials saslCredentials + +#.FIELD_ATTR +SaslCredentials/credentials ABBREV=saslCredentials +TokenData/time ABBREV=utctime +NameErrorData/matched ABBREV=matched_name + +# This table creates the value_sting to name DAP operation codes and errors +# in file packet-dap-table.c which is included in the template file +# +#.TABLE_HDR +/* DAP OPERATIONS */ +const value_string dap_opr_code_string_vals[] = { +#.TABLE_BODY OPERATION + { %(&operationCode)s, "%(_ident)s" }, +#.TABLE_FTR + { 0, NULL } +}; +#.END + +#.TABLE_HDR +/* DAP ERRORS */ +static const value_string dap_err_code_string_vals[] = { +#.TABLE_BODY ERROR + { %(&errorCode)s, "%(_ident)s" }, +#.TABLE_FTR + { 0, NULL } +}; +#.END + +# Create a table of opcode and corresponding args and res +#.TABLE11_HDR +static const ros_opr_t dap_opr_tab[] = { +#.TABLE11_BODY OPERATION + /* %(_name)s */ + { %(&operationCode)-25s, %(_argument_pdu)s, %(_result_pdu)s }, +#.TABLE11_FTR + { 0, (dissector_t)(-1), (dissector_t)(-1) }, +}; +#.END + +#.TABLE21_HDR +static const ros_err_t dap_err_tab[] = { +#.TABLE21_BODY ERROR + /* %(_name)s*/ + { %(&errorCode)s, %(_parameter_pdu)s }, +#.TABLE21_FTR + { 0, (dissector_t)(-1) }, +}; +#.END + + +#.PDU +ERROR.&ParameterType +OPERATION.&ArgumentType +OPERATION.&ResultType +#.END + +#.FN_BODY FilterItem/substrings/strings/_item/initial + proto_item *it; + it = proto_tree_add_item(tree, hf_index, tvb, offset, -1, ENC_BIG_ENDIAN); + proto_item_append_text(it," XXX: Not yet implemented!"); + +#.FN_BODY FilterItem/substrings/strings/_item/any + /* XXX: not yet implemented */ + +#.FN_BODY FilterItem/substrings/strings/_item/final + /* XXX: not yet implemented */ + +#.FN_BODY MatchingRuleAssertion/matchValue + /* XXX: not yet implemented */ + +#.FN_BODY SpkmCredentials/req + /* XXX: not yet implemented */ + +#.FN_BODY SpkmCredentials/rep + /* XXX: not yet implemented */ + +#.FN_BODY SecurityErrorData/spkmInfo + /* XXX: not yet implemented */ + +#.FN_BODY DirectoryBindArgument + + guint32 len; + + /* check and see if this is an empty set */ + dissect_ber_length(actx->pinfo, tree, tvb, offset+1, &len, NULL); + + if(len == 0) { + /* it's an empty set - i.e anonymous (assuming version is DEFAULTed) */ + proto_tree_add_expert(tree, actx->pinfo, &ei_dap_anonymous, tvb, offset, -1); + + col_append_str(actx->pinfo->cinfo, COL_INFO, " anonymous"); + + } + /* do the default thing */ + + %(DEFAULT_BODY)s + +#.FN_BODY SimpleCredentials + + %(DEFAULT_BODY)s + + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", x509if_get_last_dn()); + + + + +#.FN_BODY PagedResultsRequest/queryReference VAL_PTR=&out_tvb + tvbuff_t *out_tvb; + int i; + int len; + + %(DEFAULT_BODY)s + + if(out_tvb) { + /* now see if we can add a string representation */ + len = tvb_reported_length(out_tvb); + if(tvb_ascii_isprint(out_tvb, 0, len)) { + if(actx->created_item) { + + proto_item_append_text(actx->created_item," ("); + for(i=0; icreated_item,"%%c",tvb_get_guint8(out_tvb,i)); + proto_item_append_text(actx->created_item,")"); + } + } + } + +#.FN_PARS SecurityProblem + VAL_PTR = &problem + +#.FN_BODY SecurityProblem + guint32 problem; + + %(DEFAULT_BODY)s + + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", val_to_str(problem, dap_SecurityProblem_vals, "SecurityProblem(%%d)")); + +#.FN_PARS ServiceProblem + VAL_PTR = &problem + +#.FN_BODY ServiceProblem + guint32 problem; + + %(DEFAULT_BODY)s + + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", val_to_str(problem, dap_ServiceProblem_vals, "ServiceProblem(%%d)")); + +#.FN_PARS UpdateProblem + VAL_PTR = &problem + +#.FN_BODY UpdateProblem + guint32 problem; + + %(DEFAULT_BODY)s + + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", val_to_str(problem, dap_UpdateProblem_vals, "UpdateProblem(%%d)")); + +#.FN_PARS LimitProblem + VAL_PTR = &problem + +#.FN_BODY LimitProblem + guint32 problem; + + %(DEFAULT_BODY)s + + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", val_to_str(problem, dap_LimitProblem_vals, "LimitProblem(%%d)")); + +#.END + + +#.FN_BODY SearchArgumentData/subset VAL_PTR=&subset + guint32 subset; + + %(DEFAULT_BODY)s + + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", val_to_str(subset, dap_T_subset_vals, "Subset(%%d)")); + + +#.FN_BODY Name + const char *dn; + + %(DEFAULT_BODY)s + + dn = x509if_get_last_dn(); + col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s", (dn && *dn) ? dn : "(root)"); + + diff --git a/epan/dissectors/asn1/dap/packet-dap-template.c b/epan/dissectors/asn1/dap/packet-dap-template.c new file mode 100644 index 00000000..8c14a03b --- /dev/null +++ b/epan/dissectors/asn1/dap/packet-dap-template.c @@ -0,0 +1,144 @@ +/* packet-dap.c + * Routines for X.511 (X.500 Directory Asbtract Service) and X.519 DAP packet dissection + * Graeme Lunt 2005 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "packet-ber.h" +#include "packet-acse.h" +#include "packet-ros.h" +#include "packet-idmp.h" + +#include "packet-x509if.h" +#include "packet-x509af.h" +#include "packet-x509sat.h" +#include "packet-crmf.h" + +#include "packet-dsp.h" +#include "packet-disp.h" +#include "packet-dap.h" +#include + +/* we don't have a separate dissector for X519 - + most of DAP is defined in X511 */ +#define PNAME "X.519 Directory Access Protocol" +#define PSNAME "DAP" +#define PFNAME "dap" + +void proto_register_dap(void); +void proto_reg_handoff_dap(void); + +/* Initialize the protocol and registered fields */ +static int proto_dap = -1; + + +#include "packet-dap-hf.c" + +/* Initialize the subtree pointers */ +static gint ett_dap = -1; +#include "packet-dap-ett.c" + +static expert_field ei_dap_anonymous = EI_INIT; + +#include "packet-dap-val.h" + +#include "packet-dap-table.c" /* operation and error codes */ + +#include "packet-dap-fn.c" + +#include "packet-dap-table11.c" /* operation argument/result dissectors */ +#include "packet-dap-table21.c" /* error dissector */ + +static const ros_info_t dap_ros_info = { + "DAP", + &proto_dap, + &ett_dap, + dap_opr_code_string_vals, + dap_opr_tab, + dap_err_code_string_vals, + dap_err_tab +}; + + +/*--- proto_register_dap -------------------------------------------*/ +void proto_register_dap(void) { + + /* List of fields */ + static hf_register_info hf[] = + { +#include "packet-dap-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { + &ett_dap, +#include "packet-dap-ettarr.c" + }; + + static ei_register_info ei[] = { + { &ei_dap_anonymous, { "dap.anonymous", PI_PROTOCOL, PI_NOTE, "Anonymous", EXPFILL }}, + }; + + module_t *dap_module; + expert_module_t* expert_dap; + + /* Register protocol */ + proto_dap = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_dap, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + expert_dap = expert_register_protocol(proto_dap); + expert_register_field_array(expert_dap, ei, array_length(ei)); + + /* Register our configuration options for DAP, particularly our port */ + + dap_module = prefs_register_protocol_subtree("OSI/X.500", proto_dap, NULL); + + prefs_register_obsolete_preference(dap_module, "tcp.port"); + + prefs_register_static_text_preference(dap_module, "tcp_port_info", + "The TCP ports used by the DAP protocol should be added to the TPKT preference \"TPKT TCP ports\", or the IDMP preference \"IDMP TCP Port\", or by selecting \"TPKT\" as the \"Transport\" protocol in the \"Decode As\" dialog.", + "DAP TCP Port preference moved information"); +} + + +/*--- proto_reg_handoff_dap --- */ +void proto_reg_handoff_dap(void) { + + /* #include "packet-dap-dis-tab.c" */ + + /* APPLICATION CONTEXT */ + + oid_add_from_string("id-ac-directory-access","2.5.3.1"); + + /* ABSTRACT SYNTAXES */ + + /* Register DAP with ROS (with no use of RTSE) */ + register_ros_protocol_info("2.5.9.1", &dap_ros_info, 0, "id-as-directory-access", FALSE); + + register_idmp_protocol_info("2.5.33.0", &dap_ros_info, 0, "dap-ip"); + + /* AttributeValueAssertions */ + x509if_register_fmt(hf_dap_equality, "="); + x509if_register_fmt(hf_dap_greaterOrEqual, ">="); + x509if_register_fmt(hf_dap_lessOrEqual, "<="); + x509if_register_fmt(hf_dap_approximateMatch, "=~"); + /* AttributeTypes */ + x509if_register_fmt(hf_dap_present, "= *"); + +} diff --git a/epan/dissectors/asn1/dap/packet-dap-template.h b/epan/dissectors/asn1/dap/packet-dap-template.h new file mode 100644 index 00000000..048f984a --- /dev/null +++ b/epan/dissectors/asn1/dap/packet-dap-template.h @@ -0,0 +1,17 @@ +/* packet-dap.h + * Routines for X.511 (X.500 Directory Access Protocol) packet dissection + * Graeme Lunt 2005 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef PACKET_DAP_H +#define PACKET_DAP_H + +#include "packet-dap-exp.h" + +#endif /* PACKET_DAP_H */ -- cgit v1.2.3