diff options
author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2005-03-19 09:11:56 +0000 |
---|---|---|
committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2005-03-19 09:11:56 +0000 |
commit | 20d135115b7493f3a5d857868b3811e57c16a3fe (patch) | |
tree | ab6f9e57e814debc57a4eea4f5f4aecbfcd2eca0 /epan/dissectors/dcerpc | |
parent | de69f70b4722d464f0b03358e695cb27fc287514 (diff) |
bugfix to idl2eth : handle the case when pointers were not explicitely specified
and we have a pointer to an array of pointers
make the EFS dissector autogenerated by idl2eth
svn path=/trunk/; revision=13806
Diffstat (limited to 'epan/dissectors/dcerpc')
-rw-r--r-- | epan/dissectors/dcerpc/efs/Makefile | 16 | ||||
-rw-r--r-- | epan/dissectors/dcerpc/efs/efs.cnf | 1 | ||||
-rw-r--r-- | epan/dissectors/dcerpc/efs/efs.idl | 108 | ||||
-rwxr-xr-x | epan/dissectors/dcerpc/efs/template.c | 80 | ||||
-rwxr-xr-x | epan/dissectors/dcerpc/efs/template.h | 36 | ||||
-rw-r--r-- | epan/dissectors/dcerpc/idl2eth.c | 33 |
6 files changed, 267 insertions, 7 deletions
diff --git a/epan/dissectors/dcerpc/efs/Makefile b/epan/dissectors/dcerpc/efs/Makefile new file mode 100644 index 0000000000..8e728d1f51 --- /dev/null +++ b/epan/dissectors/dcerpc/efs/Makefile @@ -0,0 +1,16 @@ +# $Id: Makefile 13071 2005-01-16 10:19:21Z guy $ + +DISSECTOR_FILES=packet-dcerpc-efs.c packet-dcerpc-efs.h + +all: generate_dissector + +generate_dissector: $(DISSECTOR_FILES) + +$(DISSECTOR_FILES): ../idl2eth efs.idl efs.cnf template.c template.h + ../idl2eth efs + +clean: + rm -f ETH_* $(DISSECTOR_FILES) + +copy_files: generate_dissector + cp $(DISSECTOR_FILES) ../.. diff --git a/epan/dissectors/dcerpc/efs/efs.cnf b/epan/dissectors/dcerpc/efs/efs.cnf new file mode 100644 index 0000000000..792d600548 --- /dev/null +++ b/epan/dissectors/dcerpc/efs/efs.cnf @@ -0,0 +1 @@ +# diff --git a/epan/dissectors/dcerpc/efs/efs.idl b/epan/dissectors/dcerpc/efs/efs.idl new file mode 100644 index 0000000000..65f6c3290d --- /dev/null +++ b/epan/dissectors/dcerpc/efs/efs.idl @@ -0,0 +1,108 @@ +/* + IDL definitions from original packet-dcerpc-efs.c + by Jean-Baptiste Marchand +*/ + +[ + uuid("c681d488-d850-11d0-8c52-00c04fd90f7e"), + version(1.0), + implicit_handle(handle_t rpc_binding) + pointer_default(unique) +] interface efs +{ + +WERROR EfsRpcOpenFileRaw( + [out,ref] policy_handle *pvContext, + [in] unistr FileName, + [in] long Flags + ); + +WERROR EfsRpcReadFileRaw( + [in,ref] policy_handle *pvContext +/* incomplete */ +); + + +WERROR EfsRpcWriteFileRaw( + [in,ref] policy_handle *pvContext +/* incomplete */ +); + +/*XXX this one is really void, need to fix idl2eth for this */ +WERROR EfsRpcCloseRaw( + [in,out,ref] policy_handle *pvContext, +); + +WERROR EfsRpcEncryptFileSrv( + [in] unistr Filename +); + +WERROR EfsRpcDecryptFileSrv( + [in] unistr FileName, + [in] long Reserved +); + +typedef struct { + long cbData; + [size_is(cbData), unique] uint8 *pbData; +} EFS_HASH_BLOB; + +typedef struct { + long cbTotalLength; + [unique] SID *pUserSid; + [unique] EFS_HASH_BLOB *pHash; + [unique] unistr *lpDisplayInformation; +} ENCRYPTION_CERTIFICATE_HASH; + +typedef struct { + long nCert_Hash; + /* this is a pointer to an array of pointers */ + [size_is(nCert_Hash)] ENCRYPTION_CERTIFICATE_HASH *pUsers[*]; +} ENCRYPTION_CERTIFICATE_HASH_LIST; + +WERROR EfsRpcQueryUsersOnFile( + [in] unistr FileName, + [out,ref,unique] ENCRYPTION_CERTIFICATE_HASH_LIST **pUsers +); + +WERROR EfsRpcQueryRecoveryAgents( + [in] unistr FileName, + [out,ref,unique] ENCRYPTION_CERTIFICATE_HASH_LIST **pRecoveryAgents +); + +WERROR EfsRpcRemoveUsersFromFile( + [in] unistr FileName + /* [in] ENCRYPTION_CERTIFICATE_LIST Hashes*/ +); + +WERROR EfsRpcAddUsersToFile( + [in] unistr FileName + /* [in] ENCRYPTION_CERTIFICATE_LIST Hashes*/ +); + +typedef struct { + long dwCertEncodingType; + long cbData; + [size_is(cbData)] [unique] uint8 *pbData; +} EFS_CERTIFICATE_BLOB; + +typedef struct { + long TotalLength; + [unique] SID *pUserSid; + [unique] EFS_CERTIFICATE_BLOB *pCertBlob; +} ENCRYPTION_CERTIFICATE; + +WERROR EfsRpcSetFileEncryptionKey( + [in] [unique] ENCRYPTION_CERTIFICATE *pEncryptionCertificate +); + +WERROR EfsRpcNotSupported( +); + +WERROR EfsRpcFileKeyInfo( +); + +WERROR EfsRpcDuplicateEncryptionInfoFile( +); + +} diff --git a/epan/dissectors/dcerpc/efs/template.c b/epan/dissectors/dcerpc/efs/template.c new file mode 100755 index 0000000000..734e5025e1 --- /dev/null +++ b/epan/dissectors/dcerpc/efs/template.c @@ -0,0 +1,80 @@ +/* DO NOT EDIT + * This dissector is autogenerated + */ + +/* packet-dcerpc-efs.c + * Routines for EFS packet disassembly + * ronnie sahlberg 2005 + * Autogenerated based on the IDL definitions by + * Jean-Baptiste Marchand + * + * $Id: packet-dcerpc-efs.c 11592 2004-08-03 02:28:49Z guy $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <glib.h> +#include <string.h> + +#include <epan/packet.h> +#include "packet-dcerpc.h" +#include "packet-dcerpc-nt.h" +#include "packet-windows-common.h" +#include "packet-dcerpc-efs.h" + +static int proto_efs = -1; +ETH_HF + +ETH_ETT + +ETH_CODE + +void +proto_register_efs(void) +{ + static hf_register_info hf[] = { +ETH_HFARR + }; + + static gint *ett[] = { +ETH_ETTARR + }; + + proto_efs = proto_register_protocol( + "Microsoft Encrypted File System Service", + "EFS", "efs"); + proto_register_field_array(proto_efs, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); +} + +static dcerpc_sub_dissector function_dissectors[] = { +ETH_FT + { 0, NULL, NULL, NULL }, +}; + +void +proto_reg_handoff_efs(void) +{ +ETH_HANDOFF +} + diff --git a/epan/dissectors/dcerpc/efs/template.h b/epan/dissectors/dcerpc/efs/template.h new file mode 100755 index 0000000000..901aac4094 --- /dev/null +++ b/epan/dissectors/dcerpc/efs/template.h @@ -0,0 +1,36 @@ +/* DO NOT EDIT + * This dissector is autogenerated + * ronnie sahlberg 2005 + * Autogenerated based on the IDL definitions by + * Jean-Baptiste Marchand + */ +/* packet-dcerpc-efs.h + * Routines for EFS packet disassembly + * + * $Id: packet-dcerpc-efs.h 11410 2004-07-18 18:06:47Z gram $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef __PACKET_DCERPC_EFS_H +#define __PACKET_DCERPC_EFS_H + +ETH_HDR + +#endif /* packet-dcerpc-efs.h */ diff --git a/epan/dissectors/dcerpc/idl2eth.c b/epan/dissectors/dcerpc/idl2eth.c index ee02631630..9d4b49b348 100644 --- a/epan/dissectors/dcerpc/idl2eth.c +++ b/epan/dissectors/dcerpc/idl2eth.c @@ -35,11 +35,16 @@ TODO NTTIME_hyper A 64 bit integer representing a NTTIME NTTIME_1sec + unistr A conformant and varying unicode string - bool8 + ascstr A conformant and varying ascii string + + + SID A SID structure. - unistr - ascstr + + policy_handle + bool8 GUID uuid_t policy_handle @@ -1248,6 +1253,22 @@ find_type(char *name) FPRINTF(eth_code, "}\n"); FPRINTF(eth_code, "\n"); tmptype=register_new_type("time_t", dissectorname, "FT_ABSOLUTE_TIME", "BASE_DEC", "0", "NULL", 4); + } else if(!strcmp(name,"SID")){ + sprintf(dissectorname, "%s_dissect_%s", ifname, name); + FPRINTF(NULL,"\nAutogenerating built-in type:%s\n------------\n",name); + FPRINTF(eth_code, "\n"); + FPRINTF(eth_code, "static int\n"); + FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 param)\n", dissectorname); + FPRINTF(eth_code, "{\n"); + FPRINTF(eth_code, " dcerpc_info *di = (dcerpc_info *)pinfo->private_data;\n"); + FPRINTF(eth_code, "\n"); + FPRINTF(eth_code, " di->hf_index=hf_index;\n"); + + FPRINTF(eth_code, " offset=dissect_ndr_nt_SID_with_options(tvb, offset, pinfo, tree, drep, param);\n"); + FPRINTF(eth_code, " return offset;\n"); + FPRINTF(eth_code, "}\n"); + FPRINTF(eth_code, "\n"); + tmptype=register_new_type("SID", dissectorname, "FT_STRING", "BASE_DEC", "0", "NULL", 4); } else if(!strcmp(name,"WERROR")){ sprintf(dissectorname, "%s_dissect_%s", ifname, name); FPRINTF(NULL,"\nAutogenerating built-in type:%s\n------------\n",name); @@ -1519,7 +1540,7 @@ void parsetypedefstruct(int pass) alignment=4; } } - /* now that we know how many real poitner there were we must + /* now that we know how many real pointers there were we must prepend default pointers to the list so it has the right length. */ @@ -1548,9 +1569,7 @@ void parsetypedefstruct(int pass) /* this is just a normal [] array */ fixed_array_size=0; } else if(!strcmp("*", ti->str)){ - if(bi && !(bi->flags|BI_POINTER)){ - pi=prepend_pointer_list(pi, 1); - } + pi=prepend_pointer_list(pi, num_pointers+1); fixed_array_size=0; is_array_of_pointers=1; ti=ti->next; |