SAMR updates

svn path=/trunk/; revision=26340
author: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2008-10-03 02:39:17 +0000
committer: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2008-10-03 02:39:17 +0000
commit: 48cabe4f20f98ae09dedfcaf4e390b32a9b1c3c9 (patch)
tree: 5bb8b3e2d27d129f064cdac166de2aab5c9fb33f /epan/dissectors/packet-windows-common.c
parent: 2a4ddda66a6e8d680111474ab1e5fc700bfdda7d (diff)
1 files changed, 79 insertions, 0 deletions
diff --git a/epan/dissectors/packet-windows-common.c b/epan/dissectors/packet-windows-common.c
index 1baf10930d..4cd125a9a3 100644
--- a/epan/dissectors/packet-windows-common.c
+++ b/epan/dissectors/packet-windows-common.c
@@ -71,6 +71,10 @@ static int hf_nt_ace_flags_object_type_present = -1;
 static int hf_nt_ace_flags_inherited_object_type_present = -1;
 static int hf_nt_ace_guid = -1;
 static int hf_nt_ace_inherited_guid = -1;
+static int hf_nt_security_information_sacl = -1;
+static int hf_nt_security_information_dacl = -1;
+static int hf_nt_security_information_group = -1;
+static int hf_nt_security_information_owner = -1;
 
 static gint ett_nt_sec_desc = -1;
 static gint ett_nt_sec_desc_type = -1;
@@ -80,6 +84,7 @@ static gint ett_nt_ace = -1;
 static gint ett_nt_ace_flags = -1;
 static gint ett_nt_ace_object = -1;
 static gint ett_nt_ace_object_flags = -1;
+static gint ett_nt_security_information = -1;
 
 /* WERR error codes
  * This list is based on the samba doserr.h file and was generated by running
@@ -1857,6 +1862,23 @@ static const true_false_string tfs_ace_flags_failed_access = {
   "Failed accesses will not be audited"
 };
 
+static const true_false_string flags_sec_info_sacl = {
+  "Request SACL",
+  "Do NOT request SACL"
+};
+static const true_false_string flags_sec_info_dacl = {
+  "Request DACL",
+  "Do NOT request DACL"
+};
+static const true_false_string flags_sec_info_group = {
+  "Request GROUP",
+  "Do NOT request group"
+};
+static const true_false_string flags_sec_info_owner = {
+  "Request OWNER",
+  "Do NOT request owner"
+};
+
 #define APPEND_ACE_TEXT(flag, item, string) \
 	if(flag){							\
 		if(item)						\
@@ -2250,6 +2272,46 @@ dissect_nt_sec_desc_type(tvbuff_t *tvb, int offset, proto_tree *parent_tree)
 }
 
 int
+dissect_nt_security_information(tvbuff_t *tvb, int offset, proto_tree *parent_tree)
+{
+	proto_item *item = NULL;
+	proto_tree *tree = NULL;
+	guint32 mask;
+
+	mask = tvb_get_letohl(tvb, offset);
+	if(parent_tree){
+		item = proto_tree_add_text(parent_tree, tvb, offset, 2,
+					   "SEC INFO: 0x%08x", mask);
+		tree = proto_item_add_subtree(item, ett_nt_security_information);
+	}
+
+	proto_tree_add_boolean(tree,hf_nt_security_information_sacl,
+			       tvb, offset, 4, mask);
+	if (mask & 0x00000008) {
+		proto_item_append_text(item, " SACL");
+	}
+	proto_tree_add_boolean(tree,hf_nt_security_information_dacl,
+			       tvb, offset, 4, mask);
+	if (mask & 0x00000004) {
+		proto_item_append_text(item, " DACL");
+	}
+	proto_tree_add_boolean(tree,hf_nt_security_information_group,
+			       tvb, offset, 4, mask);
+	if (mask & 0x00000002) {
+		proto_item_append_text(item, " GROUP");
+	}
+	proto_tree_add_boolean(tree,hf_nt_security_information_owner,
+			       tvb, offset, 4, mask);
+	if (mask & 0x00000001) {
+		proto_item_append_text(item, " OWNER");
+	}
+
+	offset += 4;
+
+	return offset;
+}
+
+int
 dissect_nt_sec_desc(tvbuff_t *tvb, int offset, packet_info *pinfo,
 		    proto_tree *parent_tree, guint8 *drep,
 		    gboolean len_supplied, int len, 
@@ -2709,6 +2771,22 @@ proto_do_register_windows_common(int proto_smb)
 		  { "Inherited GUID", "nt.ace.object.inherited_guid", FT_GUID, BASE_NONE,
 		    NULL, 0, "", HFILL }},
 
+		{ &hf_nt_security_information_sacl,
+		  { "SACL", "nt.sec_info.sacl", FT_BOOLEAN, 32,
+		    TFS(&flags_sec_info_sacl), 0x00000008, "", HFILL }},
+
+		{ &hf_nt_security_information_dacl,
+		  { "DACL", "nt.sec_info.dacl", FT_BOOLEAN, 32,
+		    TFS(&flags_sec_info_dacl), 0x00000004, "", HFILL }},
+
+		{ &hf_nt_security_information_group,
+		  { "Group", "nt.sec_info.group", FT_BOOLEAN, 32,
+		    TFS(&flags_sec_info_group), 0x00000002, "", HFILL }},
+
+		{ &hf_nt_security_information_owner,
+		  { "Owner", "nt.sec_info.owner", FT_BOOLEAN, 32,
+		    TFS(&flags_sec_info_owner), 0x00000001, "", HFILL }},
+
 	};
 
 	static gint *ett[] = {
@@ -2724,6 +2802,7 @@ proto_do_register_windows_common(int proto_smb)
 		&ett_nt_access_mask_generic,
 		&ett_nt_access_mask_standard,
 		&ett_nt_access_mask_specific,
+		&ett_nt_security_information,
 	};
 
 	proto_register_subtree_array(ett, array_length(ett));
author	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2008-10-03 02:39:17 +0000
committer	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2008-10-03 02:39:17 +0000
commit	48cabe4f20f98ae09dedfcaf4e390b32a9b1c3c9 (patch)
tree	5bb8b3e2d27d129f064cdac166de2aab5c9fb33f /epan/dissectors/packet-windows-common.c
parent	2a4ddda66a6e8d680111474ab1e5fc700bfdda7d (diff)