diff options
author | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2005-03-12 09:02:01 +0000 |
---|---|---|
committer | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2005-03-12 09:02:01 +0000 |
commit | d8f7e51b8173d3b81bdc33d531616ab9da100117 (patch) | |
tree | 87da1672ae016927d3ec52af910842dcbd393b06 /epan/dissectors/dcerpc/drsuapi | |
parent | 6075b473e0499d91d4427a4066e7579a1bbe33ea (diff) |
initial DRSUAPI dissector
now that we can decrypt DCERPC
the dissection is not complete since idl2eth can not yet handle
all the weird extensions in the idl file yet.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13729 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'epan/dissectors/dcerpc/drsuapi')
-rw-r--r-- | epan/dissectors/dcerpc/drsuapi/Makefile | 16 | ||||
-rwxr-xr-x | epan/dissectors/dcerpc/drsuapi/drsuapi.cnf | 3 | ||||
-rw-r--r-- | epan/dissectors/dcerpc/drsuapi/drsuapi.idl | 805 | ||||
-rwxr-xr-x | epan/dissectors/dcerpc/drsuapi/template.c | 79 | ||||
-rwxr-xr-x | epan/dissectors/dcerpc/drsuapi/template.h | 34 |
5 files changed, 937 insertions, 0 deletions
diff --git a/epan/dissectors/dcerpc/drsuapi/Makefile b/epan/dissectors/dcerpc/drsuapi/Makefile new file mode 100644 index 0000000000..058a1713dd --- /dev/null +++ b/epan/dissectors/dcerpc/drsuapi/Makefile @@ -0,0 +1,16 @@ +# $Id: Makefile 13071 2005-01-16 10:19:21Z guy $ + +DISSECTOR_FILES=packet-dcerpc-drsuapi.c packet-dcerpc-drsuapi.h + +all: generate_dissector + +generate_dissector: $(DISSECTOR_FILES) + +$(DISSECTOR_FILES): ../idl2eth drsuapi.idl drsuapi.cnf template.c template.h + ../idl2eth drsuapi + +clean: + rm -f ETH_* $(DISSECTOR_FILES) + +copy_files: generate_dissector + cp $(DISSECTOR_FILES) ../.. diff --git a/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf b/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf new file mode 100755 index 0000000000..407eb4e3cc --- /dev/null +++ b/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf @@ -0,0 +1,3 @@ +# +# +# diff --git a/epan/dissectors/dcerpc/drsuapi/drsuapi.idl b/epan/dissectors/dcerpc/drsuapi/drsuapi.idl new file mode 100644 index 0000000000..c7d88daed4 --- /dev/null +++ b/epan/dissectors/dcerpc/drsuapi/drsuapi.idl @@ -0,0 +1,805 @@ +/* from samba v4 revision 5742 */ + +#include "idl_types.h" + +[ + uuid("e3514235-4b06-11d1-ab04-00c04fc2dcd2"), + version(4.0), + endpoint("ncacn_np:[\\pipe\\lsass]","ncacn_np:[\\pipe\\protected_storage]", "ncacn_ip_tcp:", "ncalrpc:"), + authservice("ldap"), + helpstring("Active Directory Replication"), + pointer_default(unique) +] +interface drsuapi +{ + /*****************/ + /* Function 0x00 */ + typedef [bitmap32bit] bitmap { + DRSUAPI_SUPPORTED_EXTENSION_BASE = 0x00000001, + DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION = 0x00000002, + DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI = 0x00000004, + DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2 = 0x00000008, + DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS = 0x00000010, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1 = 0x00000020, + DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION = 0x00000040, + DRSUAPI_SUPPORTED_EXTENSION_00000080 = 0x00000080, + DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE = 0x00000100, + DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2 = 0x00000200, + DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION = 0x00000400, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2 = 0x00000800, + DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD= 0x00001000, + DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND = 0x00002000, + DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO = 0x00004000, + DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION = 0x00008000, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01 = 0x00010000, + DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP = 0x00020000, + DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY = 0x00040000, + DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3 = 0x00080000, + DRSUAPI_SUPPORTED_EXTENSION_00100000 = 0x00100000, + DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2 = 0x00200000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6 = 0x00400000, + DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS = 0x00800000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8 = 0x01000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5 = 0x02000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6 = 0x04000000, + /* + * the following 3 have the same value + * repadmin.exe /bind says that + */ + DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3 = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7 = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS = 0x10000000, + DRSUAPI_SUPPORTED_EXTENSION_20000000 = 0x20000000, + DRSUAPI_SUPPORTED_EXTENSION_40000000 = 0x40000000, + DRSUAPI_SUPPORTED_EXTENSION_80000000 = 0x80000000 + } drsuapi_SupportedExtensions; + + /* this is used by w2k */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 u1; + } drsuapi_DsBindInfo24; + + /* this is used by w2k3 */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 u1; + uint32 repl_epoch; + } drsuapi_DsBindInfo28; + +# +# typedef struct { +# [flag(NDR_REMAINING)] DATA_BLOB info; +# } drsuapi_DsBindInfoFallBack; +# +# typedef [nodiscriminant] union { +# [case(24)][subcontext(4)] drsuapi_DsBindInfo24 info24; +# [case(28)][subcontext(4)] drsuapi_DsBindInfo28 info28; +# [default][subcontext(4)] drsuapi_DsBindInfoFallBack FallBack; +# } drsuapi_DsBindInfo; +# + /* the drsuapi_DsBindInfoCtr was this before + * typedef [flag(NDR_PAHEX)] struct { + * [range(1,10000)] uint32 length; + * [size_is(length)] uint8 data[]; + * } drsuapi_DsBindInfo; + * + * but we don't want the caller to manually decode this blob, + * so we're doing it here + */ +# +# typedef struct { +# [range(1,10000)] uint32 length; +# [switch_is(length)] drsuapi_DsBindInfo info; +# } drsuapi_DsBindInfoCtr; +# + /* this is a magic guid you need to pass to DsBind to make drsuapi_DsWriteAccountSpn() work + * + * maybe the bind_guid could also be the invocation_id see drsuapi_DsReplicaConnection04 + */ +# const string DRSUAPI_DS_BIND_GUID = "e24d201a-4fd6-11d1-a3da-0000f875ae0d"; + + WERROR drsuapi_DsBind( +# [in] GUID *bind_guid, +# [in,out] drsuapi_DsBindInfoCtr *bind_info, +# [out,ref] policy_handle *bind_handle + ); + + /*****************/ + /* Function 0x01 */ + WERROR drsuapi_DsUnbind( + [in,out,ref] policy_handle *bind_handle + ); + + /*****************/ + /* Function 0x02 */ +# typedef [gensize,flag(NDR_PAHEX)] struct { +# [value(ndr_size_drsuapi_DsReplicaSyncRequest1Info(r, ndr->flags)-4)] uint32 __ndr_size; +# uint32 unknown1; +# GUID guid1; +# uint8 byte_array[28]; +# [flag(STR_SIZE4|STR_CHARLEN|STR_CONFORMANT)] string nc_dn; +# } drsuapi_DsReplicaSyncRequest1Info; +# + typedef bitmap { + DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_SYNC_WRITEABLE = 0x00000002, + DRSUAPI_DS_REPLICA_SYNC_PERIODIC = 0x00000004, + DRSUAPI_DS_REPLICA_SYNC_INTERSITE_MESSAGING = 0x00000008, + DRSUAPI_DS_REPLICA_SYNC_ALL_SOURCES = 0x00000010, + DRSUAPI_DS_REPLICA_SYNC_FULL = 0x00000020, + DRSUAPI_DS_REPLICA_SYNC_URGENT = 0x00000040, + DRSUAPI_DS_REPLICA_SYNC_NO_DISCARD = 0x00000080, + DRSUAPI_DS_REPLICA_SYNC_FORCE = 0x00000100, + DRSUAPI_DS_REPLICA_SYNC_ADD_REFERENCE = 0x00000200, + DRSUAPI_DS_REPLICA_SYNC_NEVER_COMPLETED = 0x00000400, + DRSUAPI_DS_REPLICA_SYNC_TWO_WAY = 0x00000800, + DRSUAPI_DS_REPLICA_SYNC_NEVER_NOTIFY = 0x00001000, + DRSUAPI_DS_REPLICA_SYNC_INITIAL = 0x00002000, + DRSUAPI_DS_REPLICA_SYNC_USE_COMPRESSION = 0x00004000, + DRSUAPI_DS_REPLICA_SYNC_ABANDONED = 0x00008000, + DRSUAPI_DS_REPLICA_SYNC_INITIAL_IN_PROGRESS = 0x00010000, + DRSUAPI_DS_REPLICA_SYNC_PARTIAL_ATTRIBUTE_SET = 0x00020000, + DRSUAPI_DS_REPLICA_SYNC_REQUEUE = 0x00040000, + DRSUAPI_DS_REPLICA_SYNC_NOTIFICATION = 0x00080000, + DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_REPLICA = 0x00100000, + DRSUAPI_DS_REPLICA_SYNC_CRITICAL = 0x00200000, + DRSUAPI_DS_REPLICA_SYNC_FULL_IN_PROGRESS = 0x00400000, + DRSUAPI_DS_REPLICA_SYNC_PREEMPTED = 0x00800000 + } drsuapi_DsReplicaSyncOptions; + +# typedef struct { +# drsuapi_DsReplicaSyncRequest1Info *info; +# GUID guid1; +# astring *string1; +# drsuapi_DsReplicaSyncOptions options; +# } drsuapi_DsReplicaSyncRequest1; +# +# typedef [switch_type(int32)] union { +# [case(1)] drsuapi_DsReplicaSyncRequest1 req1; +# } drsuapi_DsReplicaSyncRequest; + + WERROR drsuapi_DsReplicaSync( +# [in,ref] policy_handle *bind_handle, +# [in] int32 level, +# [in,switch_is(level)] drsuapi_DsReplicaSyncRequest req + ); + + /*****************/ + /* Function 0x03 */ + typedef struct { + hyper usn1; + hyper usn2; + hyper usn3; + } drsuapi_DsGetNCChangesUsnTriple; + +# typedef struct { +# GUID guid1; +# GUID guid2; +# uint32 unknown1[20]; +# drsuapi_DsReplicaSyncRequest1Info sync_req_info1; +# drsuapi_DsGetNCChangesUsnTriple usn; +# } drsuapi_DsGetNCChangesRequest8; +# +# typedef [switch_type(int32)] union { +# [case(8)] drsuapi_DsGetNCChangesRequest8 req8; +# } drsuapi_DsGetNCChangesRequest; + +# typedef struct { +# } drsuapi_DsGetNCChangesCtr7; + +# typedef [switch_type(int32)] union { +# [case(7)] drsuapi_DsGetNCChangesCtr7 ctr7; +# } drsuapi_DsGetNCChangesCtr; + + WERROR drsuapi_DsGetNCChanges( +# [in,ref] policy_handle *bind_handle, +# [in,out] int32 level, +# [in,switch_is(level)] drsuapi_DsGetNCChangesRequest req, +# [out,switch_is(level)] drsuapi_DsGetNCChangesCtr ctr + ); + + /*****************/ + /* Function 0x04 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_UPDATE_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE = 0x00000002, + DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE = 0x00000004, + DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE = 0x00000008, + DRSUAPI_DS_REPLICA_UPDATE_0x00000010 = 0x00000010 + } drsuapi_DsReplicaUpdateRefsOptions; + +# typedef struct { +# uint32 unknown1; +# uint32 unknown2; +# GUID dest_dsa_guid; +# drsuapi_DsReplicaUpdateRefsOptions options; +# drsuapi_DsReplicaSyncRequest1Info sync_req_info1; +# ascstr dest_dsa_dns_name; +# } drsuapi_DsReplicaUpdateRefsRequest1; +# +# typedef [switch_type(int32)] union { +# [case(1)] drsuapi_DsReplicaUpdateRefsRequest1 req1; +# } drsuapi_DsReplicaUpdateRefsRequest; + + WERROR drsuapi_DsReplicaUpdateRefs( +# [in,ref] policy_handle *bind_handle, +# [in] int32 level, +# [in,switch_is(level)] drsuapi_DsReplicaUpdateRefsRequest req + ); + + /*****************/ + /* Function 0x05 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_ADD_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_ADD_WRITEABLE = 0x00000002 + /* TODO ... */ + } drsuapi_DsReplicaAddOptions; + + WERROR DRSUAPI_REPLICA_ADD(); + + /*****************/ + /* Function 0x06 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_DELETE_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_DELETE_WRITEABLE = 0x00000002 + /* TODO ... */ + } drsuapi_DsReplicaDeleteOptions; + + WERROR DRSUAPI_REPLICA_DEL(); + + /*****************/ + /* Function 0x07 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_MODIFY_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_MODIFY_WRITEABLE = 0x00000002 + } drsuapi_DsReplicaModifyOptions; + + WERROR DRSUAPI_REPLICA_MODIFY(); + + /*****************/ + /* Function 0x08 */ + WERROR DRSUAPI_VERIFY_NAMES(); + + /*****************/ + /* Function 0x09 */ + WERROR DRSUAPI_GET_MEMBERSHIPS(); + + /*****************/ + /* Function 0x0a */ + WERROR DRSUAPI_INTER_DOMAIN_MOVE(); + + /*****************/ + /* Function 0x0b */ + WERROR DRSUAPI_GET_NT4_CHANGELOG(); + + /*****************/ + /* Function 0x0c */ + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_STATUS_OK = 0, + DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR = 1, + DRSUAPI_DS_NAME_STATUS_NOT_FOUND = 2, + DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE = 3, + DRSUAPI_DS_NAME_STATUS_NO_MAPPING = 4, + DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY = 5, + DRSUAPI_DS_NAME_STATUS_NO_SYNTACTICAL_MAPPING = 6, + DRSUAPI_DS_NAME_STATUS_TRUST_REFERRAL = 7 + } drsuapi_DsNameStatus; + + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_FLAG_NO_FLAGS = 0x0, + DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY = 0x1, + DRSUAPI_DS_NAME_FLAG_EVAL_AT_DC = 0x2, + DRSUAPI_DS_NAME_FLAG_GCVERIFY = 0x4, + DRSUAPI_DS_NAME_FLAG_TRUST_REFERRAL = 0x8 + } drsuapi_DsNameFlags; + + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_FORMAT_UKNOWN = 0, + DRSUAPI_DS_NAME_FORMAT_FQDN_1779 = 1, + DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT = 2, + DRSUAPI_DS_NAME_FORMAT_DISPLAY = 3, + DRSUAPI_DS_NAME_FORMAT_GUID = 6, + DRSUAPI_DS_NAME_FORMAT_CANONICAL = 7, + DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL = 8, + DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX = 9, + DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL = 10, + DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY = 11, + DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN = 12 + } drsuapi_DsNameFormat; + + typedef struct { + unistr *str; + } drsuapi_DsNameString; + + typedef struct { + uint32 unknown1; /* 0x000004e4 */ + uint32 unknown2; /* 0x00000407 */ + drsuapi_DsNameFlags format_flags; + drsuapi_DsNameFormat format_offered; + drsuapi_DsNameFormat format_desired; + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsNameString *names[]; + } drsuapi_DsNameRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsNameRequest1 req1; + } drsuapi_DsNameRequest; + + typedef struct { + drsuapi_DsNameStatus status; + unistr *dns_domain_name; + unistr *result_name; + } drsuapi_DsNameInfo1; + + typedef struct { + uint32 count; + [size_is(count)] drsuapi_DsNameInfo1 *array[]; + } drsuapi_DsNameCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsNameCtr1 *ctr1; + } drsuapi_DsNameCtr; + + WERROR drsuapi_DsCrackNames( + [in,ref] policy_handle *bind_handle, + [in, out] int32 level, + [in,switch_is(level)] drsuapi_DsNameRequest req, + [out,switch_is(level)] drsuapi_DsNameCtr ctr + ); + + /*****************/ + /* Function 0x0d */ + typedef [v1_enum] enum { + DRSUAPI_DS_SPN_OPERATION_ADD = 0, + DRSUAPI_DS_SPN_OPERATION_REPLACE= 1, + DRSUAPI_DS_SPN_OPERATION_DELETE = 2 + } drsuapi_DsSpnOperation; + + typedef struct { + drsuapi_DsSpnOperation operation; + uint32 unknown1; + unistr *object_dn; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsNameString *spn_names[]; + } drsuapi_DsWriteAccountSpnRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsWriteAccountSpnRequest1 req1; + } drsuapi_DsWriteAccountSpnRequest; + + typedef struct { +# WERROR status; +uint32 status; + } drsuapi_DsWriteAccountSpnResult1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsWriteAccountSpnResult1 res1; + } drsuapi_DsWriteAccountSpnResult; + + WERROR drsuapi_DsWriteAccountSpn( + [in,ref] policy_handle *bind_handle, + [in, out] int32 level, + [in,switch_is(level)] drsuapi_DsWriteAccountSpnRequest req, + [out,switch_is(level)] drsuapi_DsWriteAccountSpnResult res + ); + + /*****************/ + /* Function 0x0e */ + WERROR DRSUAPI_REMOVE_DS_SERVER(); + + /*****************/ + /* Function 0x0f */ + WERROR DRSUAPI_REMOVE_DS_DOMAIN(); + + /*****************/ + /* Function 0x10 */ + typedef struct { + unistr *domain_name; /* netbios or dns */ + int32 level; /* specifies the switch level for the request */ + } drsuapi_DsGetDCInfoRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetDCInfoRequest1 req1; + } drsuapi_DsGetDCInfoRequest; + + typedef struct { + unistr *netbios_name; + unistr *dns_name; + unistr *site_name; + unistr *computer_dn; + unistr *server_dn; + uint32 is_pdc; + uint32 is_enabled; + } drsuapi_DsGetDCInfo1; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo1 *array[]; + } drsuapi_DsGetDCInfoCtr1; + + typedef struct { + unistr *netbios_name; + unistr *dns_name; + unistr *site_name; + unistr *site_dn; + unistr *computer_dn; + unistr *server_dn; + unistr *ntds_dn; + uint32 is_pdc; + uint32 is_enabled; + uint32 is_gc; + GUID site_guid; + GUID computer_guid; + GUID server_guid; + GUID ntds_guid; + } drsuapi_DsGetDCInfo2; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo2 *array[]; + } drsuapi_DsGetDCInfoCtr2; + + typedef struct { + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + uint32 unknown5; + uint32 unknown6; + unistr *server_nt4_account; + } drsuapi_DsGetDCInfo01; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo01 *array[]; + } drsuapi_DsGetDCInfoCtr01; + + typedef [v1_enum] enum { + DRSUAPI_DC_INFO_CTR_1 = 1, + DRSUAPI_DC_INFO_CTR_2 = 2, + DRSUAPI_DC_INFO_CTR_01 = -1, + } drsuapi_DsGetDCInfoCtrLevels; + + typedef [switch_type(int32)] union { + [case(DRSUAPI_DC_INFO_CTR_1)] drsuapi_DsGetDCInfoCtr1 ctr1; + [case(DRSUAPI_DC_INFO_CTR_2)] drsuapi_DsGetDCInfoCtr2 ctr2; + [case(DRSUAPI_DC_INFO_CTR_01)] drsuapi_DsGetDCInfoCtr01 ctr01; + } drsuapi_DsGetDCInfoCtr; + + WERROR drsuapi_DsGetDomainControllerInfo( + [in,ref] policy_handle *bind_handle, + [in, out] int32 level, + [in,switch_is(level)] drsuapi_DsGetDCInfoRequest req, + [out,switch_is(level)] drsuapi_DsGetDCInfoCtr ctr + ); + + /*****************/ + /* Function 0x11 */ + WERROR drsuapi_DsAddEntry(); + + /*****************/ + /* Function 0x12 */ + WERROR DRSUAPI_EXECUTE_KCC(); + + /*****************/ + /* Function 0x13 */ + typedef [v1_enum] enum { + DRSUAPI_DS_REPLICA_GET_INFO = 1, + DRSUAPI_DS_REPLICA_GET_INFO2 = 2 + } drsuapi_DsReplicaGetInfoLevel; + + typedef [v1_enum] enum { + DRSUAPI_DS_REPLICA_INFO_NEIGHBORS = 0, + DRSUAPI_DS_REPLICA_INFO_CURSORS = 1, + DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA = 2, + DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES = 3, + DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES = 4, + DRSUAPI_DS_REPLICA_INFO_PENDING_OPS = 5, + DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA = 6, + DRSUAPI_DS_REPLICA_INFO_CURSORS2 = 7, + DRSUAPI_DS_REPLICA_INFO_CURSORS3 = 8, + DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2 = 9, + DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2 = 10, + DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02 = -2, + DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04 = -4, + DRSUAPI_DS_REPLICA_INFO_CURSURS05 = -5, + DRSUAPI_DS_REPLICA_INFO_06 = -6 + } drsuapi_DsReplicaInfoType; + + typedef struct { + drsuapi_DsReplicaInfoType info_type; + unistr *object_dn; + GUID guid1; + } drsuapi_DsReplicaGetInfoRequest1; + + typedef struct { + drsuapi_DsReplicaInfoType info_type; + unistr *object_dn; + GUID guid1; + uint32 unknown1; + unistr *string1; + unistr *string2; + uint32 unknown2; + } drsuapi_DsReplicaGetInfoRequest2; + + typedef [switch_type(drsuapi_DsReplicaGetInfoLevel)] union { + [case(DRSUAPI_DS_REPLICA_GET_INFO)] drsuapi_DsReplicaGetInfoRequest1 req1; + [case(DRSUAPI_DS_REPLICA_GET_INFO2)] drsuapi_DsReplicaGetInfoRequest2 req2; + } drsuapi_DsReplicaGetInfoRequest; + + typedef struct { + unistr *naming_context_dn; + unistr *source_dsa_obj_dn; + unistr *source_dsa_address; + unistr *transport_obj_dn; + uint32 replica_flags; + uint32 reserved; + GUID naming_context_obj_guid; + GUID source_dsa_obj_guid; + GUID source_dsa_invocation_id; + GUID transport_obj_guid; + hyper tmp_highest_usn; + hyper highest_usn; + NTTIME last_success; + NTTIME last_attempt; +# WERROR result_last_attempt; +uint32 result_last_attempt; + uint32 consecutive_sync_failures; + } drsuapi_DsReplicaNeighbour; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaNeighbour array[]; + } drsuapi_DsReplicaNeighbourCtr; + + typedef struct { + GUID source_dsa_invocation_id; + hyper highest_usn; + } drsuapi_DsReplicaCoursor; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaCoursor array[]; + } drsuapi_DsReplicaCoursorCtr; + + typedef struct { + unistr *attribute_name; + uint32 version; + NTTIME originating_last_changed; + GUID originating_dsa_invocation_id; + hyper originating_usn; + hyper local_usn; + } drsuapi_DsReplicaObjMetaData; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaObjMetaData array[]; + } drsuapi_DsReplicaObjMetaDataCtr; + + typedef struct { + unistr *dsa_obj_dn; + GUID dsa_obj_guid; + NTTIME first_failure; + uint32 num_failures; +# WERROR last_result; +uint32 last_result; + } drsuapi_DsReplicaKccDsaFailure; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaKccDsaFailure array[]; + } drsuapi_DsReplicaKccDsaFailuresCtr; + + typedef enum { + DRSUAPI_DS_REPLICA_OP_TYPE_SYNC = 0, + DRSUAPI_DS_REPLICA_OP_TYPE_ADD = 1, + DRSUAPI_DS_REPLICA_OP_TYPE_DELETE = 2, + DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY = 3, + DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS = 4 + } drsuapi_DsReplicaOpType; + + typedef [switch_type(drsuapi_DsReplicaOpType)] union { + [case(DRSUAPI_DS_REPLICA_OP_TYPE_SYNC)] drsuapi_DsReplicaSyncOptions sync; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_ADD)] drsuapi_DsReplicaAddOptions add; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_DELETE)] drsuapi_DsReplicaDeleteOptions delete; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY)] drsuapi_DsReplicaModifyOptions modify; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS)] drsuapi_DsReplicaUpdateRefsOptions update_refs; + [default] uint32 unknown; + } drsuapi_DsRplicaOpOptions; + + typedef struct { + NTTIME operation_start; + uint32 serial_num; /* unique till reboot */ + uint32 priority; + drsuapi_DsReplicaOpType operation_type; + [switch_is(operation_type)] drsuapi_DsRplicaOpOptions options; + unistr *nc_dn; + unistr *remote_dsa_obj_dn; + unistr *remote_dsa_address; + GUID nc_obj_guid; + GUID remote_dsa_obj_guid; + } drsuapi_DsReplicaOp; + + typedef struct { + NTTIME time; + uint32 count; + [size_is(count)] drsuapi_DsReplicaOp array[]; + } drsuapi_DsReplicaOpCtr; + + typedef struct { + unistr *attribute_name; + unistr *object_dn; + uint32 value_length; + [size_is(value_length)] uint8 *value[]; + NTTIME deleted; + NTTIME created; + uint32 version; + NTTIME originating_last_changed; + GUID originating_dsa_invocation_id; + hyper originating_usn; + hyper local_usn; + } drsuapi_DsReplicaAttrValMetaData; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaAttrValMetaData array[]; + } drsuapi_DsReplicaAttrValMetaDataCtr; + + typedef struct { + GUID source_dsa_invocation_id; + hyper highest_usn; + NTTIME last_sync_success; + } drsuapi_DsReplicaCoursor2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaCoursor2 array[]; + } drsuapi_DsReplicaCoursor2Ctr; + + typedef struct { + GUID source_dsa_invocation_id; + hyper highest_usn; + NTTIME last_sync_success; + unistr *source_dsa_obj_dn; + } drsuapi_DsReplicaCoursor3; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaCoursor3 array[]; + } drsuapi_DsReplicaCoursor3Ctr; + + typedef struct { + unistr *attribute_name; + uint32 version; + NTTIME originating_last_changed; + GUID originating_dsa_invocation_id; + hyper originating_usn; + hyper local_usn; + unistr *originating_dsa_obj_dn; + } drsuapi_DsReplicaObjMetaData2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaObjMetaData2 array[]; + } drsuapi_DsReplicaObjMetaData2Ctr; + + typedef struct { + unistr *attribute_name; + unistr *object_dn; + uint32 value_length; + [size_is(value_length)] uint8 *value[]; + NTTIME deleted; + NTTIME created; + uint32 version; + NTTIME originating_last_changed; + GUID originating_dsa_invocation_id; + hyper originating_usn; + hyper local_usn; + unistr *originating_dsa_obj_dn; + } drsuapi_DsReplicaAttrValMetaData2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaAttrValMetaData2 array[]; + } drsuapi_DsReplicaAttrValMetaData2Ctr; + +# typedef struct { +# hyper u1; /* session number? */ +# uint32 u2; +# uint32 u3; +# GUID bind_guid; +# NTTIME_1sec bind_time; +# uint32 u4; /* flags? */ +# uint32 u5; +# } drsuapi_DsReplicaConnection04; +# +# typedef struct { +# [range(0,10000)] uint32 count; +# uint32 reserved; +# [size_is(count)] drsuapi_DsReplicaConnection04 array[]; +# } drsuapi_DsReplicaConnection04Ctr; +# + typedef struct { + uint32 u1; + uint32 u2; + [range(0,0x100000)] uint32 count; + uint32 u3; + [size_is(count)] drsuapi_DsReplicaCoursor array[]; + } drsuapi_DsReplicaCoursor05Ctr; + + typedef struct { + unistr *str1; + uint32 u1; + uint32 u2; + uint32 u3; + uint32 u4; + uint32 u5; + hyper u6; + uint32 u7; + } drsuapi_DsReplica06; + + typedef struct { + [range(0,256)] uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplica06 array[]; + } drsuapi_DsReplica06Ctr; + + typedef [switch_type(drsuapi_DsReplicaInfoType)] union { + [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS)] drsuapi_DsReplicaNeighbourCtr *neighbours; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS)] drsuapi_DsReplicaCoursorCtr *coursors; + [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA)] drsuapi_DsReplicaObjMetaDataCtr *objmetadata; + [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *connectfailures; + [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *linkfailures; + [case(DRSUAPI_DS_REPLICA_INFO_PENDING_OPS)] drsuapi_DsReplicaOpCtr *pendingops; + [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA)] drsuapi_DsReplicaAttrValMetaDataCtr *attrvalmetadata; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS2)] drsuapi_DsReplicaCoursor2Ctr *coursors2; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS3)] drsuapi_DsReplicaCoursor3Ctr *coursors3; + [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2)] drsuapi_DsReplicaObjMetaData2Ctr *objmetadata2; + [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2)] drsuapi_DsReplicaAttrValMetaData2Ctr *attrvalmetadata2; + [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02)] drsuapi_DsReplicaNeighbourCtr *neighbours02; +# [case(DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04)] drsuapi_DsReplicaConnection04Ctr *connections04; + [case(DRSUAPI_DS_REPLICA_INFO_CURSURS05)] drsuapi_DsReplicaCoursor05Ctr *coursors05; + [case(DRSUAPI_DS_REPLICA_INFO_06)] drsuapi_DsReplica06Ctr *i06; + } drsuapi_DsReplicaInfo; + + WERROR drsuapi_DsReplicaGetInfo( + [in,ref] policy_handle *bind_handle, + [in] drsuapi_DsReplicaGetInfoLevel level, + [in,switch_is(level)] drsuapi_DsReplicaGetInfoRequest req, + [out] drsuapi_DsReplicaInfoType info_type, + [out,switch_is(info_type)] drsuapi_DsReplicaInfo info + ); + + /*****************/ + /* Function 0x14 */ + WERROR DRSUAPI_ADD_SID_HISTORY(); + + /*****************/ + /* Function 0x15 */ + WERROR DRSUAPI_GET_MEMBERSHIPS2(); + + /*****************/ + /* Function 0x16 */ + WERROR DRSUAPI_REPLICA_VERIFY_OBJECTS(); + + /*****************/ + /* Function 0x17 */ + WERROR DRSUAPI_GET_OBJECT_EXISTENCE(); + + /*****************/ + /* Function 0x18 */ + WERROR DRSUAPI_QUERY_SITES_BY_COST(); +} diff --git a/epan/dissectors/dcerpc/drsuapi/template.c b/epan/dissectors/dcerpc/drsuapi/template.c new file mode 100755 index 0000000000..fd4c1ff7db --- /dev/null +++ b/epan/dissectors/dcerpc/drsuapi/template.c @@ -0,0 +1,79 @@ +/* DO NOT EDIT + * This dissector is autogenerated + */ + +/* packet-dcerpc-drsuapi.c + * Routines for DRSUAPI packet disassembly + * ronnie sahlberg 2005 + * + * $Id: packet-dcerpc-drsuapi.c 11592 2004-08-03 02:28:49Z guy $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <glib.h> +#include <string.h> + +#include <epan/packet.h> +#include "packet-dcerpc.h" +#include "packet-dcerpc-nt.h" +#include "packet-windows-common.h" +#include "packet-dcerpc-drsuapi.h" + +static int proto_drsuapi = -1; +ETH_HF + +ETH_ETT + +ETH_CODE + +void +proto_register_drsuapi(void) +{ + static hf_register_info hf[] = { + +ETH_HFARR + }; + + static gint *ett[] = { +ETH_ETTARR + }; + + proto_drsuapi = proto_register_protocol( + "DRSUAPI", + "DRSUAPI", "drsuapi"); + proto_register_field_array(proto_drsuapi, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); +} + +static dcerpc_sub_dissector function_dissectors[] = { +ETH_FT + { 0, NULL, NULL, NULL }, +}; + +void +proto_reg_handoff_drsuapi(void) +{ +ETH_HANDOFF +} + diff --git a/epan/dissectors/dcerpc/drsuapi/template.h b/epan/dissectors/dcerpc/drsuapi/template.h new file mode 100755 index 0000000000..1b5ee9a58e --- /dev/null +++ b/epan/dissectors/dcerpc/drsuapi/template.h @@ -0,0 +1,34 @@ +/* DO NOT EDIT + * This dissector is autogenerated + * ronnie sahlberg 2005 + */ +/* packet-dcerpc-drsuapi.h + * Routines for DRSUAPI packet disassembly + * + * $Id: packet-dcerpc-drsuapi.h 11410 2004-07-18 18:06:47Z gram $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef __PACKET_DCERPC_DRSUAPI_H +#define __PACKET_DCERPC_DRSUAPI_H + +ETH_HDR + +#endif /* packet-dcerpc-drsuapi.h */ |