diff options
| author | Michael Mann <mmann78@netscape.net> | 2013-10-21 19:41:54 +0000 |
|---|---|---|
| committer | Michael Mann <mmann78@netscape.net> | 2013-10-21 19:41:54 +0000 |
| commit | 87e55cb9e046e4d7749333c67862e5bf935ed6a1 (patch) | |
| tree | e984e35b5eed1a6a0eaea7ea19189c1ad72c17e6 /epan/dissectors/pidl | |
| parent | 15294a1261961d7ac2ad4316eb83b0e413effc47 (diff) | |
Sync with latest SAMBA PIDL source per http://www.wireshark.org/lists/wireshark-dev/201310/msg00217.html
Didn't integrate
0010-frsrpc-Regenerate-frsrpc-due-to-changes-in-the-pidl-.patch
0016-Regenerate-the-dnserver.patch
due to compilation errors on Windows.
svn path=/trunk/; revision=52744
Diffstat (limited to 'epan/dissectors/pidl')
| -rw-r--r-- | epan/dissectors/pidl/README | 127 | ||||
| -rw-r--r-- | epan/dissectors/pidl/dnsserver.cnf | 6 | ||||
| -rw-r--r-- | epan/dissectors/pidl/dssetup.idl | 35 | ||||
| -rw-r--r-- | epan/dissectors/pidl/frsrpc.cnf | 6 | ||||
| -rw-r--r-- | epan/dissectors/pidl/frsrpc.idl | 28 | ||||
| -rw-r--r-- | epan/dissectors/pidl/initshutdown.cnf | 1 | ||||
| -rw-r--r-- | epan/dissectors/pidl/initshutdown.idl | 71 | ||||
| -rw-r--r-- | epan/dissectors/pidl/lsa.cnf | 8 | ||||
| -rw-r--r-- | epan/dissectors/pidl/misc.cnf | 28 | ||||
| -rw-r--r-- | epan/dissectors/pidl/misc.idl | 6 | ||||
| -rw-r--r-- | epan/dissectors/pidl/samr.cnf | 4 | ||||
| -rw-r--r-- | epan/dissectors/pidl/winreg.cnf | 16 | ||||
| -rw-r--r-- | epan/dissectors/pidl/winreg.idl | 199 |
13 files changed, 363 insertions, 172 deletions
diff --git a/epan/dissectors/pidl/README b/epan/dissectors/pidl/README index 33b55c27a6..6426112bf3 100644 --- a/epan/dissectors/pidl/README +++ b/epan/dissectors/pidl/README @@ -1,41 +1,104 @@ -The REAMDE specific to the Wireshark "copy" of the pidl sources -============================================================== +A note about PIDL generated files +================================= + +Quick guide +=========== + rsync -av rsync.samba.org::ftp/pub/unpacked/samba_4_0_test/pidl . + + for file in *.idl; do + echo "Generating dissector for $file" + ./pidl/pidl --ws-parser -- $file; + done + cp packet-dcerpc*.* .. + +Complete infos +============== + +The following files: +../packet-dcerpc-atsvc.h +../packet-dcerpc-budb.c +../packet-dcerpc-budb.h +../packet-dcerpc-butc.c +../packet-dcerpc-butc.h +../packet-dcerpc-dfs.h +../packet-dcerpc-dnsserver.h +../packet-dcerpc-drsuapi.c +../packet-dcerpc-drsuapi.h +../packet-dcerpc-dssetup.h +../packet-dcerpc-efs.h +../packet-dcerpc-eventlog.h +../packet-dcerpc-frsrpc.h +../packet-dcerpc-frstrans.h +../packet-dcerpc-initshutdown.h +../packet-dcerpc-lsa.h +../packet-dcerpc-mapi.h +../packet-dcerpc-misc.h +../packet-dcerpc-nspi.h +../packet-dcerpc-rfr.h +../packet-dcerpc-samr.h +../packet-dcerpc-srvsvc.h +../packet-dcerpc-winreg.h +../packet-dcerpc-wkssvc.h +../packet-dcerpc-wzcsvc.h + +Are automatically generated via a tool called "pidl", you shouldn't modify them manually. + +The pidl tool is maintained by the Samba project (http://samba.org, samba-technical@samba.org) +We recommend to fetch a copy of the git tree of Samba to get the tool: + git clone git://git.samba.org/samba.git + +Or if you are just interested to run pidl you could fetch it via rsync: + rsync -av rsync.samba.org::ftp/pub/unpacked/samba_4_0_test/pidl . + +If both solution are not applicable you can use the copy that is located in the +tool folder but it might be a bit outdated. + +Running pidl +============ + +You have to run the pidl command inside the pidl folder of the wireshark source tree + +The command to compile file: + <path_to_pidl>pidl --ws-parser -- <idl-file> + ^^^ + This is *VERY* important +The command generate 2 files: + packet-dcerpc-<interfacename>.h + packet-dcerpc-<interfacename>.c + +For instance with a pidl copy in /usr/local/src/samba/pidl and the atsvc.idl, the +command will be: + + /usr/local/src/samba/pidl/pidl --ws-parser -- atsvc.idl + +This will generate 2 files: + packet-dcerpc-atsvc.h + packet-dcerpc-atsvc.c -The tree tools/pidl is a direct extract from +If you run outside the dissectors/pidl directory, this *will* result in a +warning such as: + + atsvc.idl:5:23: idl_types.h: No such file or directory + +and *may* result in additional warnings such as: - svn://svnanon.samba.org/samba/branches/SAMBA_4_0/source/pidl + Warning: No conformance file `initshutdown.cnf' + Unable to handle string with flags STR_LEN4|STR_NOTERM at /usr/lib/perl5/site_perl/5.8.6/Parse/Pidl/Wireshark/NDR.pm line 283. -to allow building Wireshark pidl dissectors without having to -*explicitly* access a remote svn repository. +Notes about the in-tree pidl +============================ + +To allow building Wireshark pidl dissectors without having to +*explicitly* access a remote svn repository a copy of pidl is located in tools/pidl Don't do changes in the tools/pidl directory, do them at the samba tree! Changes to this tree will be overwritten the next time the sources from the samba tree are updated, which is basically every time you do an svn up in the Wireshark toplevel dir. -In order to build, install yapp, then do - - perl Makefile.PL && make && && make install - -This will build and install the binaries and the manpage (pidl.1). - -Yapp can be found in CPAN at - - http://search.cpan.org/~fdesar/Parse-Yapp/ - -If you are using Linux, there may be a package for Yapp for your -distribution; on SUSE, the package is an rpm named perl-Parse-Yapp. - -Run pidl with: - - pidl --ws-parser -- <idl-file> (don't forget the "--") - -If you run outside the dissectors/pidl directory, this *will* result in a -warning such as: - - atsvc.idl:5:23: idl_types.h: No such file or directory - -and *may* result in additional warnings such as: - - Warning: No conformance file `initshutdown.cnf' - Unable to handle string with flags STR_LEN4|STR_NOTERM at /usr/lib/perl5/site_perl/5.8.6/Parse/Pidl/Wireshark/NDR.pm line 283. +Not compiling idl +================= +As of October 2013, the following idl have issues when generating and compiling: +dfs.idl +srvsvc.idl +wkssvc.cnf diff --git a/epan/dissectors/pidl/dnsserver.cnf b/epan/dissectors/pidl/dnsserver.cnf index d0381c7774..21bbda84e8 100644 --- a/epan/dissectors/pidl/dnsserver.cnf +++ b/epan/dissectors/pidl/dnsserver.cnf @@ -27,7 +27,7 @@ dnsserver_dissect_struct_DNS_RPC_NAME(tvbuff_t *tvb _U_, int offset _U_, packet_ int dn_len = 0; guint16 bc; - di=pinfo->private_data; + di=(dcerpc_info *)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; @@ -65,7 +65,7 @@ dnsserver_dissect_element_DNS_RPC_NODE_RecordCount(tvbuff_t *tvb _U_, int offset { dcerpc_info *di = NULL; - di=pinfo->private_data; + di=(dcerpc_info *)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; @@ -81,7 +81,7 @@ dnsserver_dissect_element_DNS_RPC_NODE_records(tvbuff_t *tvb _U_, int offset _U_ { dcerpc_info *di = NULL; - di=pinfo->private_data; + di=(dcerpc_info *)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; diff --git a/epan/dissectors/pidl/dssetup.idl b/epan/dissectors/pidl/dssetup.idl index 1164427185..14de9f7633 100644 --- a/epan/dissectors/pidl/dssetup.idl +++ b/epan/dissectors/pidl/dssetup.idl @@ -1,17 +1,14 @@ -#include "idl_types.h" - -#define unistr [string] wchar_t * - /* dssetup interface definition */ +import "misc.idl"; + [ uuid("3919286a-b10c-11d0-9ba8-00c04fd92ef5"), version(0.0), endpoint("ncacn_np:[\\pipe\\lsarpc]", "ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"), pointer_default(unique), - pointer_default_top(unique), helpstring("Active Directory Setup") ] interface dssetup { @@ -37,9 +34,9 @@ typedef struct { dssetup_DsRole role; dssetup_DsRoleFlags flags; - unistr *domain; - unistr *dns_domain; - unistr *forest; + [charset(UTF16),string] uint16 *domain; + [charset(UTF16),string] uint16 *dns_domain; + [charset(UTF16),string] uint16 *forest; GUID domain_guid; } dssetup_DsRolePrimaryDomInfoBasic; @@ -83,7 +80,7 @@ WERROR dssetup_DsRoleGetPrimaryDomainInformation( [in] dssetup_DsRoleInfoLevel level, - [out,switch_is(level)] dssetup_DsRoleInfo *info + [out,switch_is(level),unique] dssetup_DsRoleInfo *info ); /* @@ -91,14 +88,14 @@ These stubs are left here only as a way of documenting the names of the calls in case they ever turn up on the wire. */ - WERROR dssetup_DsRoleDnsNameToFlatName(); - WERROR dssetup_DsRoleDcAsDc(); - WERROR dssetup_DsRoleDcAsReplica(); - WERROR dssetup_DsRoleDemoteDc(); - WERROR dssetup_DsRoleGetDcOperationProgress(); - WERROR dssetup_DsRoleGetDcOperationResults(); - WERROR dssetup_DsRoleCancel(); - WERROR dssetup_DsRoleServerSaveStateForUpgrade(); - WERROR dssetup_DsRoleUpgradeDownlevelServer(); - WERROR dssetup_DsRoleAbortDownlevelServerUpgrade(); + [todo] WERROR dssetup_DsRoleDnsNameToFlatName(); + [todo] WERROR dssetup_DsRoleDcAsDc(); + [todo] WERROR dssetup_DsRoleDcAsReplica(); + [todo] WERROR dssetup_DsRoleDemoteDc(); + [todo] WERROR dssetup_DsRoleGetDcOperationProgress(); + [todo] WERROR dssetup_DsRoleGetDcOperationResults(); + [todo] WERROR dssetup_DsRoleCancel(); + [todo] WERROR dssetup_DsRoleServerSaveStateForUpgrade(); + [todo] WERROR dssetup_DsRoleUpgradeDownlevelServer(); + [todo] WERROR dssetup_DsRoleAbortDownlevelServerUpgrade(); } diff --git a/epan/dissectors/pidl/frsrpc.cnf b/epan/dissectors/pidl/frsrpc.cnf index d49aa7cf53..72d2754e46 100644 --- a/epan/dissectors/pidl/frsrpc.cnf +++ b/epan/dissectors/pidl/frsrpc.cnf @@ -14,7 +14,7 @@ CODE START static int frsrpc_dissect_element_CommPktChangeOrderCommand_file_name(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_) { - dcerpc_info *di = pinfo->private_data; + dcerpc_info *di = (dcerpc_info *)pinfo->private_data; int conformant = di->conformant_run; if (!conformant) { @@ -35,7 +35,7 @@ frsrpc_dissect_struct_CommPktChunk(tvbuff_t *tvb _U_, int offset _U_, packet_inf const char *s = NULL; proto_item *item = NULL; proto_tree *tree = NULL; - dcerpc_info *di = pinfo->private_data; + dcerpc_info *di = (dcerpc_info *)pinfo->private_data; int old_offset; @@ -100,7 +100,7 @@ frsrpc_dissect_struct_frsrpc_CommPktChunkCtr(tvbuff_t *tvb, int offset, packet_i { guint32 nb_chunk = 0; guint32 remaining = tvb_length_remaining(tvb, offset); - dcerpc_info *di = pinfo->private_data; + dcerpc_info *di = (dcerpc_info *)pinfo->private_data; int align_status = di->no_align; if (remaining > 0) { diff --git a/epan/dissectors/pidl/frsrpc.idl b/epan/dissectors/pidl/frsrpc.idl index 5dad888122..a235702563 100644 --- a/epan/dissectors/pidl/frsrpc.idl +++ b/epan/dissectors/pidl/frsrpc.idl @@ -281,7 +281,7 @@ interface frsrpc [case(FRSRPC_COMM_PKT_CHUNK_COMPRESSION_GUID)] GUID compression_guid; [case(FRSRPC_COMM_PKT_CHUNK_BLOCK)] - DATA_BLOB block; + [flag(NDR_REMAINING)] DATA_BLOB block; [case(FRSRPC_COMM_PKT_CHUNK_BLOCK_SIZE)] hyper block_size; [case(FRSRPC_COMM_PKT_CHUNK_FILE_SIZE)] @@ -343,8 +343,8 @@ interface frsrpc [value(0)] uint32 upk_len; [subcontext(4),subcontext_size(pkt_len)] frsrpc_CommPktChunkCtr *ctr; - [value(0)] uint32 data_name; - [value(0)] uint32 data_handle; + [value(0)] uint3264 data_name; + [value(0)] uint3264 data_handle; } frsrpc_FrsSendCommPktReq; WERROR frsrpc_FrsSendCommPkt( @@ -392,39 +392,31 @@ interface frsrpc /* Function 0x03 */ WERROR frsrpc_FrsNOP(); - /* - *For Op from 4 to 10 Microsoft use - *the notation OpnumxxNotUsedOnWire - *where xx is the number of the OP. - *They are only declared in the IDL of MS-FRS1.pdf. - *Not in the core of the document. - */ - /*****************/ /* Function 0x04 */ - /*[todo] void FRSRPC_BACKUP_COMPLETE();*/ + [todo] void FRSRPC_BACKUP_COMPLETE(); /*****************/ /* Function 0x05 */ - /*[todo] void FRSRPC_BACKUP_COMPLETE_5();*/ + [todo] void FRSRPC_BACKUP_COMPLETE_5(); /*****************/ /* Function 0x06 */ - /*[todo] void FRSRPC_BACKUP_COMPLETE_6();*/ + [todo] void FRSRPC_BACKUP_COMPLETE_6(); /*****************/ /* Function 0x07 */ - /*[todo] void FRSRPC_BACKUP_COMPLETE_7();*/ + [todo] void FRSRPC_BACKUP_COMPLETE_7(); /*****************/ /* Function 0x08 */ - /*[todo] void FRSRPC_BACKUP_COMPLETE_8();*/ + [todo] void FRSRPC_BACKUP_COMPLETE_8(); /*****************/ /* Function 0x09 */ - /*[todo] void FRSRPC_BACKUP_COMPLETE_9();*/ + [todo] void FRSRPC_BACKUP_COMPLETE_9(); /*****************/ /* Function 0x0a */ - /*[todo] void FRSRPC_VERIFY_PROMOTION_PARENT_EX();*/ + [todo] void FRSRPC_VERIFY_PROMOTION_PARENT_EX(); } diff --git a/epan/dissectors/pidl/initshutdown.cnf b/epan/dissectors/pidl/initshutdown.cnf new file mode 100644 index 0000000000..82949185a3 --- /dev/null +++ b/epan/dissectors/pidl/initshutdown.cnf @@ -0,0 +1 @@ +TYPE lsa_StringLarge "offset=lsarpc_dissect_struct_lsa_StringLarge(tvb, offset, pinfo, tree, drep, @HF@, @PARAM@);" FT_NONE BASE_NONE 0 NULL NULL
diff --git a/epan/dissectors/pidl/initshutdown.idl b/epan/dissectors/pidl/initshutdown.idl index 868e48e28a..13a1362205 100644 --- a/epan/dissectors/pidl/initshutdown.idl +++ b/epan/dissectors/pidl/initshutdown.idl @@ -4,6 +4,8 @@ initshutdown interface definition */ +import "lsa.idl"; + [ uuid("894de0c0-0d55-11d3-a322-00c04fa321a1"), version(1.0), @@ -12,23 +14,62 @@ helpstring("Init shutdown service") ] interface initshutdown { - typedef struct { - [value(strlen_m_term(name))] uint32 name_size; - [flag(STR_LEN4|STR_NOTERM)] string name; - } initshutdown_String_sub; + typedef [v1_enum] enum { + SHTDN_REASON_MAJOR_OTHER = 0x00000000, + SHTDN_REASON_MAJOR_HARDWARE = 0x00010000, + SHTDN_REASON_MAJOR_OPERATINGSYSTEM = 0x00020000, + SHTDN_REASON_MAJOR_SOFTWARE = 0x00030000, + SHTDN_REASON_MAJOR_APPLICATION = 0x00040000, + SHTDN_REASON_MAJOR_SYSTEM = 0x00050000, + SHTDN_REASON_MAJOR_POWER = 0x00060000, + SHTDN_REASON_MAJOR_LEGACY_API = 0x00070000 + } initshutdown_ReasonMajor; + + typedef [v1_enum] enum { + SHTDN_REASON_MINOR_OTHER = 0x00000000, + SHTDN_REASON_MINOR_MAINTENANCE = 0x00000001, + SHTDN_REASON_MINOR_INSTALLATION = 0x00000002, + SHTDN_REASON_MINOR_UPGRADE = 0x00000003, + SHTDN_REASON_MINOR_RECONFIG = 0x00000004, + SHTDN_REASON_MINOR_HUNG = 0x00000005, + SHTDN_REASON_MINOR_UNSTABLE = 0x00000006, + SHTDN_REASON_MINOR_DISK = 0x00000007, + SHTDN_REASON_MINOR_PROCESSOR = 0x00000008, + SHTDN_REASON_MINOR_NETWORKCARD = 0x00000009, + SHTDN_REASON_MINOR_POWER_SUPPLY = 0x0000000a, + SHTDN_REASON_MINOR_CORDUNPLUGGED = 0x0000000b, + SHTDN_REASON_MINOR_ENVIRONMENT = 0x0000000c, + SHTDN_REASON_MINOR_HARDWARE_DRIVER = 0x0000000d, + SHTDN_REASON_MINOR_OTHERDRIVER = 0x0000000e, + SHTDN_REASON_MINOR_BLUESCREEN = 0x0000000f, + SHTDN_REASON_MINOR_SERVICEPACK = 0x00000010, + SHTDN_REASON_MINOR_HOTFIX = 0x00000011, + SHTDN_REASON_MINOR_SECURITYFIX = 0x00000012, + SHTDN_REASON_MINOR_SECURITY = 0x00000013, + SHTDN_REASON_MINOR_NETWORK_CONNECTIVITY = 0x00000014, + SHTDN_REASON_MINOR_WMI = 0x00000015, + SHTDN_REASON_MINOR_SERVICEPACK_UNINSTALL= 0x00000016, + SHTDN_REASON_MINOR_HOTFIX_UNINSTALL = 0x00000017, + SHTDN_REASON_MINOR_SECURITYFIX_UNINSTALL= 0x00000018, + SHTDN_REASON_MINOR_MMC = 0x00000019, + SHTDN_REASON_MINOR_TERMSRV = 0x00000020 + } initshutdown_ReasonMinor; - typedef [public] struct { - [value(strlen_m(name->name)*2)] uint16 name_len; - [value(strlen_m_term(name->name)*2)] uint16 name_size; - initshutdown_String_sub *name; - } initshutdown_String; + typedef [bitmap32bit] bitmap { + SHTDN_REASON_FLAG_USER_DEFINED = 0x40000000, + SHTDN_REASON_FLAG_PLANNED = 0x80000000 + } initshutdown_ReasonFlags; WERROR initshutdown_Init( [in,unique] uint16 *hostname, - [in,unique] initshutdown_String *message, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, [in] uint32 timeout, [in] uint8 force_apps, - [in] uint8 reboot + [in] uint8 do_reboot ); WERROR initshutdown_Abort( @@ -37,10 +78,14 @@ WERROR initshutdown_InitEx( [in,unique] uint16 *hostname, - [in,unique] initshutdown_String *message, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, [in] uint32 timeout, [in] uint8 force_apps, - [in] uint8 reboot, + [in] uint8 do_reboot, [in] uint32 reason ); } diff --git a/epan/dissectors/pidl/lsa.cnf b/epan/dissectors/pidl/lsa.cnf index c94778c4b0..9637035ce7 100644 --- a/epan/dissectors/pidl/lsa.cnf +++ b/epan/dissectors/pidl/lsa.cnf @@ -178,7 +178,7 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t guint32 type=0; struct access_mask_info *ami=NULL; - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; @@ -223,7 +223,7 @@ cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr guint32 len; dcerpc_info *di; - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; @@ -281,7 +281,7 @@ lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U tree = proto_item_add_subtree(item, ett_lsarpc_names); } - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; offset = dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep, lsarpc_dissect_element_lsa_LookupNames3_names_); @@ -363,7 +363,7 @@ lsarpc_dissect_element_lsa_DomainInfoEfs_efs_blob_(tvbuff_t *tvb _U_, int offset gint len, reported_len; dissector_handle_t efsblob_handle; - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; if(di->conformant_run){ diff --git a/epan/dissectors/pidl/misc.cnf b/epan/dissectors/pidl/misc.cnf new file mode 100644 index 0000000000..572bacfde4 --- /dev/null +++ b/epan/dissectors/pidl/misc.cnf @@ -0,0 +1,28 @@ +MANUAL misc_dissect_element_winreg_Data_value
+MANUAL misc_dissect_element_winreg_Data_string
+
+CODE START
+
+static int
+misc_dissect_element_winreg_Data_string(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+ offset = dissect_null_term_wstring(tvb, offset, pinfo, tree, drep, hf_misc_winreg_Data_string , 0);
+
+ return offset;
+}
+
+static int
+misc_dissect_element_winreg_Data_value(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+ offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, hf_misc_winreg_Data_value, 0);
+
+ return offset;
+}
+
+static int
+misc_dissect_struct_string_array(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_)
+{
+ /* We don't do it yet */
+ return offset;
+}
+CODE END
diff --git a/epan/dissectors/pidl/misc.idl b/epan/dissectors/pidl/misc.idl index d37e515a31..c306f35962 100644 --- a/epan/dissectors/pidl/misc.idl +++ b/epan/dissectors/pidl/misc.idl @@ -4,10 +4,10 @@ miscellaneous IDL structures */ - [ - pyhelper("librpc/ndr/py_misc.c"), - pointer_default(unique) + uuid("12345678-1234-1234-1234-abcdef123456"), + version(1.0), + pointer_default(unique) ] interface misc { diff --git a/epan/dissectors/pidl/samr.cnf b/epan/dissectors/pidl/samr.cnf index bdcd28ae4f..5e865fd70a 100644 --- a/epan/dissectors/pidl/samr.cnf +++ b/epan/dissectors/pidl/samr.cnf @@ -386,7 +386,7 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t guint32 type=0; struct access_mask_info *ami=NULL; - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ @@ -435,7 +435,7 @@ cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr guint64 len; dcerpc_info *di; - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; diff --git a/epan/dissectors/pidl/winreg.cnf b/epan/dissectors/pidl/winreg.cnf index 9c9238f67f..9ffefcaf65 100644 --- a/epan/dissectors/pidl/winreg.cnf +++ b/epan/dissectors/pidl/winreg.cnf @@ -1,3 +1,5 @@ +TYPE lsa_StringLarge "offset=lsarpc_dissect_struct_lsa_StringLarge(tvb, offset, pinfo, tree, drep, @HF@, @PARAM@);" FT_NONE BASE_NONE 0 NULL NULL +TYPE winreg_Type "offset=misc_dissect_enum_winreg_Type(tvb, offset, pinfo, tree, drep, @HF@, @PARAM@);" FT_NONE BASE_NONE 0 NULL NULL IMPORT security_secinfo offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf_winreg_winreg_GetKeySecurity_sec_info, NULL); @@ -133,6 +135,7 @@ MANUAL winreg_dissect_bitmap_AccessMask CODE START + #include "packet-dcerpc-lsa.h" static void winreg_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) { @@ -159,7 +162,7 @@ winreg_dissect_element_KeySecurityData_data_(tvbuff_t *tvb, int offset, packet_i guint32 len; dcerpc_info *di; - di=pinfo->private_data; + di=(dcerpc_info*)pinfo->private_data; if(di->conformant_run){ /*just a run to handle conformant arrays, nothing to dissect */ return offset; @@ -190,17 +193,6 @@ winreg_dissect_bitmap_AccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, return offset; } -/* FIXME: pidl generates the wrong name for external symbols */ -static int -winreg_dissect_struct_initshutdown_String(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param) -{ - #include "packet-dcerpc-initshutdown.h" - return initshutdown_dissect_struct_String(tvb, offset, pinfo, parent_tree, drep, hf_index, param); -} - - - - /* winreg_String : * typedef [public,noejs] struct { * [value(strlen_m_term(name)*2)] uint16 name_len; diff --git a/epan/dissectors/pidl/winreg.idl b/epan/dissectors/pidl/winreg.idl index 4a75d5ff57..829a6435be 100644 --- a/epan/dissectors/pidl/winreg.idl +++ b/epan/dissectors/pidl/winreg.idl @@ -2,46 +2,51 @@ winreg interface definition */ -/* import "lsa.idl", "initshutdown.idl", "security.idl";*/ +/*import "lsa.idl", "security.idl",*/ +import "misc.idl"; [ uuid("338cd001-2244-31f1-aaaa-900038001003"), version(1.0), endpoint("ncacn_np:[\\pipe\\winreg]","ncacn_ip_tcp:","ncalrpc:"), pointer_default(unique), - pointer_default_top(unique), helpstring("Remote Registry Service") ] interface winreg { - declare bitmap security_secinfo; + typedef bitmap security_secinfo security_secinfo; + + /* + * Access Bits for registry ACLS + */ typedef [bitmap32bit] bitmap { KEY_QUERY_VALUE = 0x00001, KEY_SET_VALUE = 0x00002, KEY_CREATE_SUB_KEY = 0x00004, - KEY_ENUMERATE_SUB_KEYS = 0x00008, - KEY_NOTIFY = 0x00010, + KEY_ENUMERATE_SUB_KEYS = 0x00008, + KEY_NOTIFY = 0x00010, KEY_CREATE_LINK = 0x00020, KEY_WOW64_64KEY = 0x00100, KEY_WOW64_32KEY = 0x00200 } winreg_AccessMask; - typedef [public,v1_enum] enum { - REG_NONE = 0, - REG_SZ = 1, - REG_EXPAND_SZ = 2, - REG_BINARY = 3, - REG_DWORD = 4, - REG_DWORD_BIG_ENDIAN = 5, - REG_LINK = 6, - REG_MULTI_SZ = 7, - REG_RESOURCE_LIST = 8, - REG_FULL_RESOURCE_DESCRIPTOR = 9, - REG_RESOURCE_REQUIREMENTS_LIST = 10, - REG_QWORD = 11 - } winreg_Type; - - typedef [public,noejs] struct { + const int REG_KEY_READ = ( STANDARD_RIGHTS_READ_ACCESS | + KEY_QUERY_VALUE | + KEY_ENUMERATE_SUB_KEYS | + KEY_NOTIFY); + + const int REG_KEY_EXECUTE = REG_KEY_READ; + + const int REG_KEY_WRITE = ( STANDARD_RIGHTS_WRITE_ACCESS | + KEY_SET_VALUE | + KEY_CREATE_SUB_KEY); + + const int REG_KEY_ALL = ( STANDARD_RIGHTS_REQUIRED_ACCESS | + REG_KEY_READ | + REG_KEY_WRITE | + KEY_CREATE_LINK); + + typedef [public] struct { [value(strlen_m_term(name)*2)] uint16 name_len; [value(strlen_m_term(name)*2)] uint16 name_size; [string,charset(UTF16)] uint16 *name; @@ -50,7 +55,7 @@ /******************/ /* Function: 0x00 */ WERROR winreg_OpenHKCR( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -58,7 +63,7 @@ /******************/ /* Function: 0x01 */ WERROR winreg_OpenHKCU( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -66,7 +71,7 @@ /******************/ /* Function: 0x02 */ [public] WERROR winreg_OpenHKLM( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -74,7 +79,7 @@ /******************/ /* Function: 0x03 */ WERROR winreg_OpenHKPD( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -82,7 +87,7 @@ /******************/ /* Function: 0x04 */ WERROR winreg_OpenHKU( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -108,6 +113,15 @@ boolean8 inherit; } winreg_SecBuf; + const int REG_OPTION_NON_VOLATILE = 0x00000000; + + typedef [bitmap32bit] bitmap { + REG_OPTION_VOLATILE = 0x00000001, + REG_OPTION_CREATE_LINK = 0x00000002, + REG_OPTION_BACKUP_RESTORE = 0x00000004, + REG_OPTION_OPEN_LINK = 0x00000008 + } winreg_KeyOptions; + typedef [v1_enum] enum { REG_ACTION_NONE = 0, /* used by caller */ REG_CREATED_NEW_KEY = 1, @@ -118,7 +132,7 @@ [in,ref] policy_handle *handle, [in] winreg_String name, [in] winreg_String keyclass, - [in] uint32 options, + [in] winreg_KeyOptions options, [in] winreg_AccessMask access_mask, [in,unique] winreg_SecBuf *secdesc, [out,ref] policy_handle *new_handle, @@ -140,7 +154,7 @@ ); typedef struct { - [value(strlen_m_term(name)*2)] uint16 length; + [value(strlen_m_term_null(name)*2)] uint16 length; /* size cannot be auto-set by value() as it is the amount of space the server is allowed to use for this string in the reply, not its current size */ @@ -158,15 +172,24 @@ [in,out,unique] NTTIME *last_changed_time ); + typedef struct { + [value(strlen_m_term(name)*2)] uint16 length; + /* size cannot be auto-set by value() as it is the + amount of space the server is allowed to use for this + string in the reply, not its current size */ + uint16 size; + [size_is(size/2),length_is(length/2),charset(UTF16)] uint16 *name; + } winreg_ValNameBuf; + /******************/ /* Function: 0x0a */ [public] WERROR winreg_EnumValue( [in,ref] policy_handle *handle, [in] uint32 enum_index, - [in,out,ref] winreg_StringBuf *name, + [in,out,ref] winreg_ValNameBuf *name, [in,out,unique] winreg_Type *type, - [in,out,unique,size_is(*size),length_is(*length)] uint8 *value, + [in,out,unique,size_is(size ? *size : 0),length_is(length ? *length : 0),range(0,0x4000000)] uint8 *value, [in,out,unique] uint32 *size, [in,out,unique] uint32 *length ); @@ -189,19 +212,26 @@ /* Function: 0x0d */ WERROR winreg_LoadKey( [in,ref] policy_handle *handle, - [in] winreg_String *keyname, - [in] winreg_String *filename + [in,unique] winreg_String *keyname, + [in,unique] winreg_String *filename ); /******************/ /* Function: 0x0e */ + typedef [public,bitmap32bit] bitmap { + REG_NOTIFY_CHANGE_NAME = 0x00000001, + REG_NOTIFY_CHANGE_ATTRIBUTES = 0x00000002, + REG_NOTIFY_CHANGE_LAST_SET = 0x00000004, + REG_NOTIFY_CHANGE_SECURITY = 0x00000008 + } winreg_NotifyChangeType; + [public] WERROR winreg_NotifyChangeKeyValue( [in,ref] policy_handle *handle, - [in] uint8 watch_subtree, - [in] uint32 notify_filter, + [in] boolean8 watch_subtree, + [in] winreg_NotifyChangeType notify_filter, [in] uint32 unknown, [in] winreg_String string1, - [in] winreg_String string2, + [in] winreg_String string2, [in] uint32 unknown2 ); @@ -210,7 +240,7 @@ [public] WERROR winreg_OpenKey( [in,ref] policy_handle *parent_handle, [in] winreg_String keyname, - [in] uint32 unknown, + [in] winreg_KeyOptions options, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -222,7 +252,7 @@ [in,out,ref] winreg_String *classname, [out,ref] uint32 *num_subkeys, [out,ref] uint32 *max_subkeylen, - [out,ref] uint32 *max_subkeysize, + [out,ref] uint32 *max_classlen, [out,ref] uint32 *num_values, [out,ref] uint32 *max_valnamelen, [out,ref] uint32 *max_valbufsize, @@ -234,24 +264,36 @@ /* Function: 0x11 */ [public] WERROR winreg_QueryValue( [in,ref] policy_handle *handle, - [in] winreg_String value_name, - [in,out] winreg_Type *type, - [in,out,size_is(*size),length_is(*length)] uint8 *data, - [in,out] uint32 *size, - [in,out] uint32 *length + [in,ref] winreg_String *value_name, + [in,out,unique] winreg_Type *type, + [in,out,unique,size_is(data_size ? *data_size : 0),length_is(data_length ? *data_length : 0),range(0,0x4000000)] uint8 *data, + [in,out,unique] uint32 *data_size, + [in,out,unique] uint32 *data_length ); /******************/ /* Function: 0x12 */ WERROR winreg_ReplaceKey( + [in,ref] policy_handle *handle, + [in,ref] winreg_String *subkey, + [in,ref] winreg_String *new_file, + [in,ref] winreg_String *old_file ); /******************/ /* Function: 0x13 */ + + typedef [public,bitmap32bit] bitmap { + REG_WHOLE_HIVE_VOLATILE = 0x00000001, + REG_REFRESH_HIVE = 0x00000002, + REG_NO_LAZY_FLUSH = 0x00000004, + REG_FORCE_RESTORE = 0x00000008 + } winreg_RestoreKeyFlags; + WERROR winreg_RestoreKey( [in,ref] policy_handle *handle, [in,ref] winreg_String *filename, - [in] uint32 flags + [in] winreg_RestoreKeyFlags flags ); /******************/ @@ -273,7 +315,7 @@ /* Function: 0x15 */ WERROR winreg_SetKeySecurity( [in,ref] policy_handle *handle, - [in] winreg_AccessMask access_mask, + [in] security_secinfo sec_info, [in,ref] KeySecurityData *sd ); @@ -290,22 +332,28 @@ /******************/ /* Function: 0x17 */ WERROR winreg_UnLoadKey( + [in,ref] policy_handle *handle, + [in,ref] winreg_String *subkey ); /******************/ /* Function: 0x18 */ WERROR winreg_InitiateSystemShutdown( - [in] uint16 *hostname, - [in] initshutdown_String *message, + [in,unique] uint16 *hostname, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, [in] uint32 timeout, [in] uint8 force_apps, - [in] uint8 reboot + [in] uint8 do_reboot ); /******************/ /* Function: 0x19 */ WERROR winreg_AbortSystemShutdown( - [in] uint16 *server + [in,unique] uint16 *server ); /******************/ @@ -318,7 +366,7 @@ /******************/ /* Function: 0x1b */ WERROR winreg_OpenHKCC( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -326,48 +374,57 @@ /******************/ /* Function: 0x1c */ WERROR winreg_OpenHKDD( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); typedef struct { - winreg_String *name; - winreg_Type type; - uint32 offset; - uint32 length; + winreg_ValNameBuf *ve_valuename; + uint32 ve_valuelen; + uint32 ve_valueptr; + winreg_Type ve_type; } QueryMultipleValue; - + /******************/ /* Function: 0x1d */ [public] WERROR winreg_QueryMultipleValues( [in,ref] policy_handle *key_handle, - [in,out,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values, + [in,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values_in, + [out,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values_out, [in] uint32 num_values, - [in,out,size_is(*buffer_size),length_is(*buffer_size)] uint8 *buffer, + [in,out,unique,size_is(*buffer_size),length_is(*buffer_size)] uint8 *buffer, [in,out,ref] uint32 *buffer_size ); /******************/ /* Function: 0x1e */ WERROR winreg_InitiateSystemShutdownEx( - [in] uint16 *hostname, - [in] initshutdown_String *message, + [in,unique] uint16 *hostname, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, [in] uint32 timeout, [in] uint8 force_apps, - [in] uint8 reboot, + [in] uint8 do_reboot, [in] uint32 reason ); /******************/ /* Function: 0x1f */ WERROR winreg_SaveKeyEx( + [in,ref] policy_handle *handle, + [in,ref] winreg_String *filename, + [in,unique] KeySecurityAttribute *sec_attrib, + [in] uint32 flags ); /******************/ /* Function: 0x20 */ WERROR winreg_OpenHKPT( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -375,13 +432,29 @@ /******************/ /* Function: 0x21 */ WERROR winreg_OpenHKPN( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); /******************/ /* Function: 0x22 */ - WERROR winreg_QueryMultipleValues2( + [public] WERROR winreg_QueryMultipleValues2( + [in,ref] policy_handle *key_handle, + [in,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values_in, + [out,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values_out, + [in] uint32 num_values, + [in,out,unique,size_is(*offered),length_is(*offered)] uint8 *buffer, + [in,ref] uint32 *offered, + [out,ref] uint32 *needed + ); + + /******************/ + /* Function: 0x23 */ + WERROR winreg_DeleteKeyEx( + [in,ref] policy_handle *handle, + [in,ref] winreg_String *key, + [in] winreg_AccessMask access_mask, + [in] uint32 reserved ); } |