/* DO NOT EDIT This file was automatically generated by Pidl from misc.idl and misc.cnf. Pidl is a perl based IDL compiler for DCE/RPC idl files. It is maintained by the Samba team, not the Wireshark team. Instructions on how to download and install Pidl can be found at https://wiki.wireshark.org/Pidl */ #include "config.h" #include #include #include #include "packet-dcerpc.h" #include "packet-dcerpc-nt.h" #include "packet-windows-common.h" #include "packet-dcerpc-misc.h" void proto_register_dcerpc_misc(void); void proto_reg_handoff_dcerpc_misc(void); /* Ett declarations */ static gint ett_dcerpc_misc = -1; static gint ett_misc_GUID = -1; static gint ett_misc_ndr_syntax_id = -1; static gint ett_misc_policy_handle = -1; static gint ett_misc_KRB5_EDATA_NTSTATUS = -1; /* Header field declarations */ static gint hf_misc_GUID_clock_seq = -1; static gint hf_misc_GUID_node = -1; static gint hf_misc_GUID_time_hi_and_version = -1; static gint hf_misc_GUID_time_low = -1; static gint hf_misc_GUID_time_mid = -1; static gint hf_misc_KRB5_EDATA_NTSTATUS_ntstatus = -1; static gint hf_misc_KRB5_EDATA_NTSTATUS_unknown1 = -1; static gint hf_misc_KRB5_EDATA_NTSTATUS_unknown2 = -1; static gint hf_misc_ndr_syntax_id_if_version = -1; static gint hf_misc_ndr_syntax_id_uuid = -1; static gint hf_misc_opnum = -1; static gint hf_misc_policy_handle_handle_type = -1; static gint hf_misc_policy_handle_uuid = -1; static gint proto_dcerpc_misc = -1; /* Version information */ static e_guid_t uuid_dcerpc_misc = { 0x12345678, 0x1234, 0x1234, { 0x12, 0x34, 0xab, 0xcd, 0xef, 0x12, 0x34, 0x56 } }; static guint16 ver_dcerpc_misc = 1; static int misc_dissect_element_GUID_time_low(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_GUID_time_mid(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_GUID_time_hi_and_version(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_GUID_clock_seq(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_GUID_clock_seq_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_GUID_node(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_GUID_node_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_ndr_syntax_id_uuid(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_ndr_syntax_id_if_version(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_policy_handle_handle_type(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_policy_handle_uuid(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); const value_string misc_netr_SchannelType_vals[] = { { SEC_CHAN_NULL, "SEC_CHAN_NULL" }, { SEC_CHAN_LOCAL, "SEC_CHAN_LOCAL" }, { SEC_CHAN_WKSTA, "SEC_CHAN_WKSTA" }, { SEC_CHAN_DNS_DOMAIN, "SEC_CHAN_DNS_DOMAIN" }, { SEC_CHAN_DOMAIN, "SEC_CHAN_DOMAIN" }, { SEC_CHAN_LANMAN, "SEC_CHAN_LANMAN" }, { SEC_CHAN_BDC, "SEC_CHAN_BDC" }, { SEC_CHAN_RODC, "SEC_CHAN_RODC" }, { 0, NULL } }; static int misc_dissect_element_KRB5_EDATA_NTSTATUS_ntstatus(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_KRB5_EDATA_NTSTATUS_unknown1(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); static int misc_dissect_element_KRB5_EDATA_NTSTATUS_unknown2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_); const value_string misc_winreg_Type_vals[] = { { REG_NONE, "REG_NONE" }, { REG_SZ, "REG_SZ" }, { REG_EXPAND_SZ, "REG_EXPAND_SZ" }, { REG_BINARY, "REG_BINARY" }, { REG_DWORD, "REG_DWORD" }, { REG_DWORD_BIG_ENDIAN, "REG_DWORD_BIG_ENDIAN" }, { REG_LINK, "REG_LINK" }, { REG_MULTI_SZ, "REG_MULTI_SZ" }, { REG_RESOURCE_LIST, "REG_RESOURCE_LIST" }, { REG_FULL_RESOURCE_DESCRIPTOR, "REG_FULL_RESOURCE_DESCRIPTOR" }, { REG_RESOURCE_REQUIREMENTS_LIST, "REG_RESOURCE_REQUIREMENTS_LIST" }, { REG_QWORD, "REG_QWORD" }, { 0, NULL } }; /* IDL: struct { */ /* IDL: uint32 time_low; */ /* IDL: uint16 time_mid; */ /* IDL: uint16 time_hi_and_version; */ /* IDL: uint8 clock_seq[2]; */ /* IDL: uint8 node[6]; */ /* IDL: } */ static int misc_dissect_element_GUID_time_low(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_misc_GUID_time_low, 0); return offset; } static int misc_dissect_element_GUID_time_mid(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint16(tvb, offset, pinfo, tree, di, drep, hf_misc_GUID_time_mid, 0); return offset; } static int misc_dissect_element_GUID_time_hi_and_version(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint16(tvb, offset, pinfo, tree, di, drep, hf_misc_GUID_time_hi_and_version, 0); return offset; } static int misc_dissect_element_GUID_clock_seq(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { int i; for (i = 0; i < 2; i++) offset = misc_dissect_element_GUID_clock_seq_(tvb, offset, pinfo, tree, di, drep); return offset; } static int misc_dissect_element_GUID_clock_seq_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint8(tvb, offset, pinfo, tree, di, drep, hf_misc_GUID_clock_seq, 0); return offset; } static int misc_dissect_element_GUID_node(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { int i; for (i = 0; i < 6; i++) offset = misc_dissect_element_GUID_node_(tvb, offset, pinfo, tree, di, drep); return offset; } static int misc_dissect_element_GUID_node_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint8(tvb, offset, pinfo, tree, di, drep, hf_misc_GUID_node, 0); return offset; } int misc_dissect_struct_GUID(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; ALIGN_TO_4_BYTES; old_offset = offset; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_misc_GUID); } offset = misc_dissect_element_GUID_time_low(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_GUID_time_mid(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_GUID_time_hi_and_version(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_GUID_clock_seq(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_GUID_node(tvb, offset, pinfo, tree, di, drep); proto_item_set_len(item, offset-old_offset); if (di->call_data->flags & DCERPC_IS_NDR64) { ALIGN_TO_4_BYTES; } return offset; } /* IDL: struct { */ /* IDL: GUID uuid; */ /* IDL: uint32 if_version; */ /* IDL: } */ static int misc_dissect_element_ndr_syntax_id_uuid(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = dissect_ndr_uuid_t(tvb, offset, pinfo, tree, di, drep, hf_misc_ndr_syntax_id_uuid, NULL); return offset; } static int misc_dissect_element_ndr_syntax_id_if_version(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_misc_ndr_syntax_id_if_version, 0); return offset; } int misc_dissect_struct_ndr_syntax_id(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; ALIGN_TO_4_BYTES; old_offset = offset; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_misc_ndr_syntax_id); } offset = misc_dissect_element_ndr_syntax_id_uuid(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_ndr_syntax_id_if_version(tvb, offset, pinfo, tree, di, drep); proto_item_set_len(item, offset-old_offset); if (di->call_data->flags & DCERPC_IS_NDR64) { ALIGN_TO_4_BYTES; } return offset; } /* IDL: struct { */ /* IDL: uint32 handle_type; */ /* IDL: GUID uuid; */ /* IDL: } */ static int misc_dissect_element_policy_handle_handle_type(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_misc_policy_handle_handle_type, 0); return offset; } static int misc_dissect_element_policy_handle_uuid(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = dissect_ndr_uuid_t(tvb, offset, pinfo, tree, di, drep, hf_misc_policy_handle_uuid, NULL); return offset; } int misc_dissect_struct_policy_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; ALIGN_TO_4_BYTES; old_offset = offset; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_misc_policy_handle); } offset = misc_dissect_element_policy_handle_handle_type(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_policy_handle_uuid(tvb, offset, pinfo, tree, di, drep); proto_item_set_len(item, offset-old_offset); if (di->call_data->flags & DCERPC_IS_NDR64) { ALIGN_TO_4_BYTES; } return offset; } /* IDL: enum { */ /* IDL: SEC_CHAN_NULL=0, */ /* IDL: SEC_CHAN_LOCAL=1, */ /* IDL: SEC_CHAN_WKSTA=2, */ /* IDL: SEC_CHAN_DNS_DOMAIN=3, */ /* IDL: SEC_CHAN_DOMAIN=4, */ /* IDL: SEC_CHAN_LANMAN=5, */ /* IDL: SEC_CHAN_BDC=6, */ /* IDL: SEC_CHAN_RODC=7, */ /* IDL: } */ int misc_dissect_enum_netr_SchannelType(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint1632 *param _U_) { guint1632 parameter=0; if (param) { parameter = *param; } offset = dissect_ndr_uint1632(tvb, offset, pinfo, tree, di, drep, hf_index, ¶meter); if (param) { *param = parameter; } return offset; } /* IDL: struct { */ /* IDL: NTSTATUS ntstatus; */ /* IDL: uint32 unknown1; */ /* IDL: uint32 unknown2; */ /* IDL: } */ static int misc_dissect_element_KRB5_EDATA_NTSTATUS_ntstatus(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_misc_KRB5_EDATA_NTSTATUS_ntstatus, 0); return offset; } static int misc_dissect_element_KRB5_EDATA_NTSTATUS_unknown1(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_misc_KRB5_EDATA_NTSTATUS_unknown1, 0); return offset; } static int misc_dissect_element_KRB5_EDATA_NTSTATUS_unknown2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_) { offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, hf_misc_KRB5_EDATA_NTSTATUS_unknown2, 0); return offset; } int misc_dissect_struct_KRB5_EDATA_NTSTATUS(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_) { proto_item *item = NULL; proto_tree *tree = NULL; int old_offset; ALIGN_TO_4_BYTES; old_offset = offset; if (parent_tree) { item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA); tree = proto_item_add_subtree(item, ett_misc_KRB5_EDATA_NTSTATUS); } offset = misc_dissect_element_KRB5_EDATA_NTSTATUS_ntstatus(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_KRB5_EDATA_NTSTATUS_unknown1(tvb, offset, pinfo, tree, di, drep); offset = misc_dissect_element_KRB5_EDATA_NTSTATUS_unknown2(tvb, offset, pinfo, tree, di, drep); proto_item_set_len(item, offset-old_offset); if (di->call_data->flags & DCERPC_IS_NDR64) { ALIGN_TO_4_BYTES; } return offset; } /* IDL: enum { */ /* IDL: REG_NONE=0, */ /* IDL: REG_SZ=1, */ /* IDL: REG_EXPAND_SZ=2, */ /* IDL: REG_BINARY=3, */ /* IDL: REG_DWORD=4, */ /* IDL: REG_DWORD_BIG_ENDIAN=5, */ /* IDL: REG_LINK=6, */ /* IDL: REG_MULTI_SZ=7, */ /* IDL: REG_RESOURCE_LIST=8, */ /* IDL: REG_FULL_RESOURCE_DESCRIPTOR=9, */ /* IDL: REG_RESOURCE_REQUIREMENTS_LIST=10, */ /* IDL: REG_QWORD=11, */ /* IDL: } */ int misc_dissect_enum_winreg_Type(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_) { guint32 parameter=0; if (param) { parameter = *param; } offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_index, ¶meter); if (param) { *param = parameter; } return offset; } /* IDL: [flag(LIBNDR_FLAG_LITTLE_ENDIAN)] [nodiscriminant(1)] [public(1)] union { */ /* IDL: [case(REG_NONE)] [case(REG_NONE)] EMPTY ; */ /* IDL: [case(REG_SZ)] [case(REG_SZ)] [flag(LIBNDR_FLAG_STR_NULLTERM)] string string; */ /* IDL: [case(REG_EXPAND_SZ)] [case(REG_EXPAND_SZ)] [flag(LIBNDR_FLAG_STR_NULLTERM)] string string; */ /* IDL: [case(REG_BINARY)] [case(REG_BINARY)] [flag(LIBNDR_FLAG_REMAINING)] DATA_BLOB binary; */ /* IDL: [case(REG_DWORD)] [case(REG_DWORD)] uint32 value; */ /* IDL: [case(REG_DWORD_BIG_ENDIAN)] [case(REG_DWORD_BIG_ENDIAN)] [flag(LIBNDR_FLAG_BIGENDIAN)] uint32 value; */ /* IDL: [case(REG_MULTI_SZ)] [case(REG_MULTI_SZ)] [flag(LIBNDR_FLAG_STR_NULLTERM)] string_array string_array; */ /* IDL: [default] ; */ /* IDL: } */ static dcerpc_sub_dissector misc_dissectors[] = { { 0, NULL, NULL, NULL } }; void proto_register_dcerpc_misc(void) { static hf_register_info hf[] = { { &hf_misc_GUID_clock_seq, { "Clock Seq", "misc.GUID.clock_seq", FT_UINT8, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_GUID_node, { "Node", "misc.GUID.node", FT_UINT8, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_GUID_time_hi_and_version, { "Time Hi And Version", "misc.GUID.time_hi_and_version", FT_UINT16, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_GUID_time_low, { "Time Low", "misc.GUID.time_low", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_GUID_time_mid, { "Time Mid", "misc.GUID.time_mid", FT_UINT16, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_KRB5_EDATA_NTSTATUS_ntstatus, { "Ntstatus", "misc.KRB5_EDATA_NTSTATUS.ntstatus", FT_UINT32, BASE_DEC, VALS(NT_errors), 0, NULL, HFILL }}, { &hf_misc_KRB5_EDATA_NTSTATUS_unknown1, { "Unknown1", "misc.KRB5_EDATA_NTSTATUS.unknown1", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_KRB5_EDATA_NTSTATUS_unknown2, { "Unknown2", "misc.KRB5_EDATA_NTSTATUS.unknown2", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_ndr_syntax_id_if_version, { "If Version", "misc.ndr_syntax_id.if_version", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_ndr_syntax_id_uuid, { "Uuid", "misc.ndr_syntax_id.uuid", FT_GUID, BASE_NONE, NULL, 0, NULL, HFILL }}, { &hf_misc_opnum, { "Operation", "misc.opnum", FT_UINT16, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_policy_handle_handle_type, { "Handle Type", "misc.policy_handle.handle_type", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, { &hf_misc_policy_handle_uuid, { "Uuid", "misc.policy_handle.uuid", FT_GUID, BASE_NONE, NULL, 0, NULL, HFILL }}, }; static gint *ett[] = { &ett_dcerpc_misc, &ett_misc_GUID, &ett_misc_ndr_syntax_id, &ett_misc_policy_handle, &ett_misc_KRB5_EDATA_NTSTATUS, }; proto_dcerpc_misc = proto_register_protocol("MISC (pidl)", "MISC", "misc"); proto_register_field_array(proto_dcerpc_misc, hf, array_length (hf)); proto_register_subtree_array(ett, array_length(ett)); } void proto_reg_handoff_dcerpc_misc(void) { dcerpc_init_uuid(proto_dcerpc_misc, ett_dcerpc_misc, &uuid_dcerpc_misc, ver_dcerpc_misc, misc_dissectors, hf_misc_opnum); }