update winreg to the latest idl

svn path=/trunk/; revision=21256
author: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2007-03-29 00:26:35 +0000
committer: Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> 2007-03-29 00:26:35 +0000
commit: f0756aee6e283abddf89b64ada3e7703181c2e2d (patch)
tree: b51ebc2394079a2b6e94ecf6adeb389685e5207f /epan/dissectors
parent: 0ee2141ab0f1f4dd4d8613968bedfad247f485b2 (diff)
3 files changed, 248 insertions, 29 deletions
diff --git a/epan/dissectors/packet-dcerpc-winreg.c b/epan/dissectors/packet-dcerpc-winreg.c
index c1872118f9..3ffc600774 100644
--- a/epan/dissectors/packet-dcerpc-winreg.c
+++ b/epan/dissectors/packet-dcerpc-winreg.c
@@ -29,10 +29,13 @@ static gint ett_winreg_winreg_String = -1;
 static gint ett_winreg_KeySecurityData = -1;
 static gint ett_winreg_winreg_SecBuf = -1;
 static gint ett_winreg_winreg_StringBuf = -1;
+static gint ett_winreg_KeySecurityAttribute = -1;
 static gint ett_winreg_QueryMultipleValue = -1;
 
 
 /* Header field declarations */
+static gint hf_winreg_winreg_RestoreKey_handle = -1;
+static gint hf_winreg_KeySecurityAttribute_data_size = -1;
 static gint hf_winreg_winreg_QueryInfoKey_max_valbufsize = -1;
 static gint hf_winreg_winreg_SecBuf_inherit = -1;
 static gint hf_winreg_winreg_QueryMultipleValues_key_handle = -1;
@@ -44,6 +47,7 @@ static gint hf_winreg_winreg_QueryInfoKey_max_subkeysize = -1;
 static gint hf_winreg_winreg_OpenKey_unknown = -1;
 static gint hf_winreg_winreg_SetValue_data = -1;
 static gint hf_winreg_winreg_QueryMultipleValues_values = -1;
+static gint hf_winreg_winreg_RestoreKey_flags = -1;
 static gint hf_winreg_winreg_QueryInfoKey_last_changed_time = -1;
 static gint hf_winreg_QueryMultipleValue_name = -1;
 static gint hf_winreg_winreg_EnumValue_type = -1;
@@ -52,11 +56,13 @@ static gint hf_winreg_access_mask = -1;
 static gint hf_winreg_winreg_CreateKey_secdesc = -1;
 static gint hf_winreg_winreg_QueryMultipleValues_buffer = -1;
 static gint hf_winreg_winreg_GetVersion_version = -1;
+static gint hf_winreg_KeySecurityAttribute_inherit = -1;
 static gint hf_winreg_winreg_SetKeySecurity_access_mask = -1;
 static gint hf_winreg_winreg_AccessMask_KEY_WOW64_64KEY = -1;
 static gint hf_winreg_winreg_NotifyChangeKeyValue_unknown = -1;
 static gint hf_winreg_winreg_LoadKey_filename = -1;
 static gint hf_winreg_winreg_EnumValue_enum_index = -1;
+static gint hf_winreg_winreg_RestoreKey_filename = -1;
 static gint hf_winreg_winreg_CreateKey_action_taken = -1;
 static gint hf_winreg_winreg_QueryValue_size = -1;
 static gint hf_winreg_winreg_QueryMultipleValues_buffer_size = -1;
@@ -89,6 +95,7 @@ static gint hf_winreg_winreg_InitiateSystemShutdownEx_reason = -1;
 static gint hf_winreg_winreg_InitiateSystemShutdown_message = -1;
 static gint hf_winreg_winreg_DeleteValue_value = -1;
 static gint hf_winreg_winreg_SetValue_name = -1;
+static gint hf_winreg_winreg_SaveKey_filename = -1;
 static gint hf_winreg_winreg_EnumKey_keyclass = -1;
 static gint hf_winreg_winreg_NotifyChangeKeyValue_watch_subtree = -1;
 static gint hf_winreg_winreg_EnumKey_name = -1;
@@ -100,11 +107,12 @@ static gint hf_winreg_winreg_QueryInfoKey_num_subkeys = -1;
 static gint hf_winreg_winreg_String_name_len = -1;
 static gint hf_winreg_opnum = -1;
 static gint hf_winreg_QueryMultipleValue_type = -1;
-static gint hf_winreg_winreg_QueryInfoKey_class_in = -1;
 static gint hf_winreg_winreg_InitiateSystemShutdownEx_timeout = -1;
 static gint hf_winreg_handle = -1;
 static gint hf_winreg_winreg_GetKeySecurity_sec_info = -1;
+static gint hf_winreg_winreg_QueryInfoKey_classname = -1;
 static gint hf_winreg_winreg_DeleteKey_key = -1;
+static gint hf_winreg_winreg_SaveKey_sec_attrib = -1;
 static gint hf_winreg_winreg_AccessMask_KEY_NOTIFY = -1;
 static gint hf_winreg_winreg_EnumKey_last_changed_time = -1;
 static gint hf_winreg_winreg_QueryInfoKey_max_subkeylen = -1;
@@ -134,7 +142,9 @@ static gint hf_winreg_winreg_OpenHKCU_access_mask = -1;
 static gint hf_winreg_winreg_AccessMask_KEY_ENUMERATE_SUB_KEYS = -1;
 static gint hf_winreg_winreg_AccessMask_KEY_QUERY_VALUE = -1;
 static gint hf_winreg_winreg_StringBuf_length = -1;
+static gint hf_winreg_winreg_SaveKey_handle = -1;
 static gint hf_winreg_winreg_NotifyChangeKeyValue_string1 = -1;
+static gint hf_winreg_KeySecurityAttribute_sec_data = -1;
 static gint hf_winreg_winreg_NotifyChangeKeyValue_string2 = -1;
 
 static gint proto_dcerpc_winreg = -1;
@@ -217,6 +227,9 @@ static int winreg_dissect_element_StringBuf_size(tvbuff_t *tvb _U_, int offset _
 static int winreg_dissect_element_StringBuf_name(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_StringBuf_name_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_StringBuf_name__(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_KeySecurityAttribute_data_size(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_KeySecurityAttribute_sec_data(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_KeySecurityAttribute_inherit(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryMultipleValue_name(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryMultipleValue_name_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryMultipleValue_type(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
@@ -320,8 +333,8 @@ static int winreg_dissect_element_OpenKey_handle(tvbuff_t *tvb _U_, int offset _
 static int winreg_dissect_element_OpenKey_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryInfoKey_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryInfoKey_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
-static int winreg_dissect_element_QueryInfoKey_class_in(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
-static int winreg_dissect_element_QueryInfoKey_class_in_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_QueryInfoKey_classname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_QueryInfoKey_classname_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryInfoKey_num_subkeys(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryInfoKey_num_subkeys_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryInfoKey_max_subkeylen(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
@@ -350,6 +363,17 @@ static int winreg_dissect_element_QueryValue_size(tvbuff_t *tvb _U_, int offset
 static int winreg_dissect_element_QueryValue_size_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryValue_length(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_QueryValue_length_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_RestoreKey_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_RestoreKey_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_RestoreKey_filename(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_RestoreKey_filename_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_RestoreKey_flags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_SaveKey_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_SaveKey_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_SaveKey_filename(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_SaveKey_filename_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_SaveKey_sec_attrib(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
+static int winreg_dissect_element_SaveKey_sec_attrib_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_SetKeySecurity_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_SetKeySecurity_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
 static int winreg_dissect_element_SetKeySecurity_access_mask(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_);
@@ -807,6 +831,65 @@ winreg_dissect_struct_StringBuf(tvbuff_t *tvb _U_, int offset _U_, packet_info *
 
 
 /* IDL: struct { */
+/* IDL: 	uint32 data_size; */
+/* IDL: 	KeySecurityData sec_data; */
+/* IDL: 	uint8 inherit; */
+/* IDL: } */
+
+static int
+winreg_dissect_element_KeySecurityAttribute_data_size(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, hf_winreg_KeySecurityAttribute_data_size, 0);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_KeySecurityAttribute_sec_data(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = winreg_dissect_struct_KeySecurityData(tvb,offset,pinfo,tree,drep,hf_winreg_KeySecurityAttribute_sec_data,0);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_KeySecurityAttribute_inherit(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = PIDL_dissect_uint8(tvb, offset, pinfo, tree, drep, hf_winreg_KeySecurityAttribute_inherit, 0);
+
+	return offset;
+}
+
+int
+winreg_dissect_struct_KeySecurityAttribute(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_)
+{
+	proto_item *item = NULL;
+	proto_tree *tree = NULL;
+	int old_offset;
+
+	ALIGN_TO_4_BYTES;
+
+	old_offset = offset;
+
+	if (parent_tree) {
+		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE);
+		tree = proto_item_add_subtree(item, ett_winreg_KeySecurityAttribute);
+	}
+	
+	offset = winreg_dissect_element_KeySecurityAttribute_data_size(tvb, offset, pinfo, tree, drep);
+
+	offset = winreg_dissect_element_KeySecurityAttribute_sec_data(tvb, offset, pinfo, tree, drep);
+
+	offset = winreg_dissect_element_KeySecurityAttribute_inherit(tvb, offset, pinfo, tree, drep);
+
+
+	proto_item_set_len(item, offset-old_offset);
+
+	return offset;
+}
+
+
+/* IDL: struct { */
 /* IDL: 	[unique(1)] winreg_String *name; */
 /* IDL: 	winreg_Type type; */
 /* IDL: 	uint32 offset; */
@@ -2269,17 +2352,17 @@ winreg_dissect_element_QueryInfoKey_handle_(tvbuff_t *tvb _U_, int offset _U_, p
 }
 
 static int
-winreg_dissect_element_QueryInfoKey_class_in(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+winreg_dissect_element_QueryInfoKey_classname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
 {
-	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_QueryInfoKey_class_in_, NDR_POINTER_REF, "Pointer to Class In (winreg_String)",hf_winreg_winreg_QueryInfoKey_class_in);
+	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_QueryInfoKey_classname_, NDR_POINTER_REF, "Pointer to Classname (winreg_String)",hf_winreg_winreg_QueryInfoKey_classname);
 
 	return offset;
 }
 
 static int
-winreg_dissect_element_QueryInfoKey_class_in_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+winreg_dissect_element_QueryInfoKey_classname_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
 {
-	offset = winreg_dissect_struct_String(tvb,offset,pinfo,tree,drep,hf_winreg_winreg_QueryInfoKey_class_in,0);
+	offset = winreg_dissect_struct_String(tvb,offset,pinfo,tree,drep,hf_winreg_winreg_QueryInfoKey_classname,0);
 
 	return offset;
 }
@@ -2414,7 +2497,7 @@ winreg_dissect_element_QueryInfoKey_last_changed_time_(tvbuff_t *tvb _U_, int of
 
 /* IDL: WERROR winreg_QueryInfoKey( */
 /* IDL: [in] [ref] policy_handle *handle, */
-/* IDL: [out] [in] [ref] winreg_String *class_in, */
+/* IDL: [out] [in] [ref] winreg_String *classname, */
 /* IDL: [out] [ref] uint32 *num_subkeys, */
 /* IDL: [out] [ref] uint32 *max_subkeylen, */
 /* IDL: [out] [ref] uint32 *max_subkeysize, */
@@ -2431,7 +2514,7 @@ winreg_dissect_QueryInfoKey_response(tvbuff_t *tvb _U_, int offset _U_, packet_i
 	guint32 status;
 
 	pinfo->dcerpc_procedure_name="QueryInfoKey";
-	offset = winreg_dissect_element_QueryInfoKey_class_in(tvb, offset, pinfo, tree, drep);
+	offset = winreg_dissect_element_QueryInfoKey_classname(tvb, offset, pinfo, tree, drep);
 	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
 
 	offset = winreg_dissect_element_QueryInfoKey_num_subkeys(tvb, offset, pinfo, tree, drep);
@@ -2472,7 +2555,7 @@ winreg_dissect_QueryInfoKey_request(tvbuff_t *tvb _U_, int offset _U_, packet_in
 	pinfo->dcerpc_procedure_name="QueryInfoKey";
 	offset = winreg_dissect_element_QueryInfoKey_handle(tvb, offset, pinfo, tree, drep);
 	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
-	offset = winreg_dissect_element_QueryInfoKey_class_in(tvb, offset, pinfo, tree, drep);
+	offset = winreg_dissect_element_QueryInfoKey_classname(tvb, offset, pinfo, tree, drep);
 	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
 	return offset;
 }
@@ -2652,8 +2735,50 @@ winreg_dissect_ReplaceKey_request(tvbuff_t *tvb _U_, int offset _U_, packet_info
 	return offset;
 }
 
+static int
+winreg_dissect_element_RestoreKey_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_RestoreKey_handle_, NDR_POINTER_REF, "Pointer to Handle (policy_handle)",hf_winreg_winreg_RestoreKey_handle);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_RestoreKey_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = PIDL_dissect_policy_hnd(tvb, offset, pinfo, tree, drep, hf_winreg_winreg_RestoreKey_handle, 0);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_RestoreKey_filename(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_RestoreKey_filename_, NDR_POINTER_REF, "Pointer to Filename (winreg_String)",hf_winreg_winreg_RestoreKey_filename);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_RestoreKey_filename_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = winreg_dissect_struct_String(tvb,offset,pinfo,tree,drep,hf_winreg_winreg_RestoreKey_filename,0);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_RestoreKey_flags(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, drep, hf_winreg_winreg_RestoreKey_flags, 0);
+
+	return offset;
+}
+
 /* IDL: WERROR winreg_RestoreKey( */
-/* IDL:  */
+/* IDL: [in] [ref] policy_handle *handle, */
+/* IDL: [in] [ref] winreg_String *filename, */
+/* IDL: [in] uint32 flags */
 /* IDL: ); */
 
 static int
@@ -2674,11 +2799,67 @@ static int
 winreg_dissect_RestoreKey_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
 {
 	pinfo->dcerpc_procedure_name="RestoreKey";
+	offset = winreg_dissect_element_RestoreKey_handle(tvb, offset, pinfo, tree, drep);
+	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
+	offset = winreg_dissect_element_RestoreKey_filename(tvb, offset, pinfo, tree, drep);
+	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
+	offset = winreg_dissect_element_RestoreKey_flags(tvb, offset, pinfo, tree, drep);
+	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
+	return offset;
+}
+
+static int
+winreg_dissect_element_SaveKey_handle(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_SaveKey_handle_, NDR_POINTER_REF, "Pointer to Handle (policy_handle)",hf_winreg_winreg_SaveKey_handle);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_SaveKey_handle_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = PIDL_dissect_policy_hnd(tvb, offset, pinfo, tree, drep, hf_winreg_winreg_SaveKey_handle, 0);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_SaveKey_filename(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_SaveKey_filename_, NDR_POINTER_REF, "Pointer to Filename (winreg_String)",hf_winreg_winreg_SaveKey_filename);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_SaveKey_filename_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = winreg_dissect_struct_String(tvb,offset,pinfo,tree,drep,hf_winreg_winreg_SaveKey_filename,0);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_SaveKey_sec_attrib(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, drep, winreg_dissect_element_SaveKey_sec_attrib_, NDR_POINTER_UNIQUE, "Pointer to Sec Attrib (KeySecurityAttribute)",hf_winreg_winreg_SaveKey_sec_attrib);
+
+	return offset;
+}
+
+static int
+winreg_dissect_element_SaveKey_sec_attrib_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
+{
+	offset = winreg_dissect_struct_KeySecurityAttribute(tvb,offset,pinfo,tree,drep,hf_winreg_winreg_SaveKey_sec_attrib,0);
+
 	return offset;
 }
 
 /* IDL: WERROR winreg_SaveKey( */
-/* IDL:  */
+/* IDL: [in] [ref] policy_handle *handle, */
+/* IDL: [in] [ref] winreg_String *filename, */
+/* IDL: [in] [unique(1)] KeySecurityAttribute *sec_attrib */
 /* IDL: ); */
 
 static int
@@ -2699,6 +2880,12 @@ static int
 winreg_dissect_SaveKey_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
 {
 	pinfo->dcerpc_procedure_name="SaveKey";
+	offset = winreg_dissect_element_SaveKey_handle(tvb, offset, pinfo, tree, drep);
+	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
+	offset = winreg_dissect_element_SaveKey_filename(tvb, offset, pinfo, tree, drep);
+	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
+	offset = winreg_dissect_element_SaveKey_sec_attrib(tvb, offset, pinfo, tree, drep);
+	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
 	return offset;
 }
 
@@ -2745,7 +2932,7 @@ winreg_dissect_element_SetKeySecurity_sd_(tvbuff_t *tvb _U_, int offset _U_, pac
 /* IDL: WERROR winreg_SetKeySecurity( */
 /* IDL: [in] [ref] policy_handle *handle, */
 /* IDL: [in] winreg_AccessMask access_mask, */
-/* IDL: [out] [in] [ref] KeySecurityData *sd */
+/* IDL: [in] [ref] KeySecurityData *sd */
 /* IDL: ); */
 
 static int
@@ -2754,9 +2941,6 @@ winreg_dissect_SetKeySecurity_response(tvbuff_t *tvb _U_, int offset _U_, packet
 	guint32 status;
 
 	pinfo->dcerpc_procedure_name="SetKeySecurity";
-	offset = winreg_dissect_element_SetKeySecurity_sd(tvb, offset, pinfo, tree, drep);
-	offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);
-
 	offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf_winreg_werror, &status);
 
 	if (status != 0 && check_col(pinfo->cinfo, COL_INFO))
@@ -3773,6 +3957,10 @@ static dcerpc_sub_dissector winreg_dissectors[] = {
 void proto_register_dcerpc_winreg(void)
 {
 	static hf_register_info hf[] = {
+	{ &hf_winreg_winreg_RestoreKey_handle, 
+	  { "Handle", "winreg.winreg_RestoreKey.handle", FT_BYTES, BASE_NONE, NULL, 0, "", HFILL }},
+	{ &hf_winreg_KeySecurityAttribute_data_size, 
+	  { "Data Size", "winreg.KeySecurityAttribute.data_size", FT_UINT32, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_QueryInfoKey_max_valbufsize, 
 	  { "Max Valbufsize", "winreg.winreg_QueryInfoKey.max_valbufsize", FT_UINT32, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_SecBuf_inherit, 
@@ -3795,6 +3983,8 @@ void proto_register_dcerpc_winreg(void)
 	  { "Data", "winreg.winreg_SetValue.data", FT_UINT8, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_QueryMultipleValues_values, 
 	  { "Values", "winreg.winreg_QueryMultipleValues.values", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
+	{ &hf_winreg_winreg_RestoreKey_flags, 
+	  { "Flags", "winreg.winreg_RestoreKey.flags", FT_UINT32, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_QueryInfoKey_last_changed_time, 
 	  { "Last Changed Time", "winreg.winreg_QueryInfoKey.last_changed_time", FT_ABSOLUTE_TIME, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_QueryMultipleValue_name, 
@@ -3811,6 +4001,8 @@ void proto_register_dcerpc_winreg(void)
 	  { "Buffer", "winreg.winreg_QueryMultipleValues.buffer", FT_UINT8, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_GetVersion_version, 
 	  { "Version", "winreg.winreg_GetVersion.version", FT_UINT32, BASE_DEC, NULL, 0, "", HFILL }},
+	{ &hf_winreg_KeySecurityAttribute_inherit, 
+	  { "Inherit", "winreg.KeySecurityAttribute.inherit", FT_UINT8, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_SetKeySecurity_access_mask, 
 	  { "Access Mask", "winreg.winreg_SetKeySecurity.access_mask", FT_UINT32, BASE_HEX, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_AccessMask_KEY_WOW64_64KEY, 
@@ -3821,6 +4013,8 @@ void proto_register_dcerpc_winreg(void)
 	  { "Filename", "winreg.winreg_LoadKey.filename", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_EnumValue_enum_index, 
 	  { "Enum Index", "winreg.winreg_EnumValue.enum_index", FT_UINT32, BASE_DEC, NULL, 0, "", HFILL }},
+	{ &hf_winreg_winreg_RestoreKey_filename, 
+	  { "Filename", "winreg.winreg_RestoreKey.filename", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_CreateKey_action_taken, 
 	  { "Action Taken", "winreg.winreg_CreateKey.action_taken", FT_UINT32, BASE_DEC, VALS(winreg_winreg_CreateAction_vals), 0, "", HFILL }},
 	{ &hf_winreg_winreg_QueryValue_size, 
@@ -3885,6 +4079,8 @@ void proto_register_dcerpc_winreg(void)
 	  { "Value", "winreg.winreg_DeleteValue.value", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_SetValue_name, 
 	  { "Name", "winreg.winreg_SetValue.name", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
+	{ &hf_winreg_winreg_SaveKey_filename, 
+	  { "Filename", "winreg.winreg_SaveKey.filename", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_EnumKey_keyclass, 
 	  { "Keyclass", "winreg.winreg_EnumKey.keyclass", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_NotifyChangeKeyValue_watch_subtree, 
@@ -3907,16 +4103,18 @@ void proto_register_dcerpc_winreg(void)
 	  { "Operation", "winreg.opnum", FT_UINT16, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_QueryMultipleValue_type, 
 	  { "Type", "winreg.QueryMultipleValue.type", FT_UINT32, BASE_DEC, VALS(winreg_winreg_Type_vals), 0, "", HFILL }},
-	{ &hf_winreg_winreg_QueryInfoKey_class_in, 
-	  { "Class In", "winreg.winreg_QueryInfoKey.class_in", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_InitiateSystemShutdownEx_timeout, 
 	  { "Timeout", "winreg.winreg_InitiateSystemShutdownEx.timeout", FT_UINT32, BASE_DEC, NULL, 0, "", HFILL }},
 	{ &hf_winreg_handle, 
 	  { "Handle", "winreg.handle", FT_BYTES, BASE_NONE, NULL, 0, " ", HFILL }},
 	{ &hf_winreg_winreg_GetKeySecurity_sec_info, 
 	  { "Sec Info", "winreg.winreg_GetKeySecurity.sec_info", FT_NONE, BASE_HEX, NULL, 0, "", HFILL }},
+	{ &hf_winreg_winreg_QueryInfoKey_classname, 
+	  { "Classname", "winreg.winreg_QueryInfoKey.classname", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_DeleteKey_key, 
 	  { "Key", "winreg.winreg_DeleteKey.key", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
+	{ &hf_winreg_winreg_SaveKey_sec_attrib, 
+	  { "Sec Attrib", "winreg.winreg_SaveKey.sec_attrib", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_AccessMask_KEY_NOTIFY, 
 	  { "Key Notify", "winreg.winreg_AccessMask.KEY_NOTIFY", FT_BOOLEAN, 32, TFS(&winreg_AccessMask_KEY_NOTIFY_tfs), ( 0x00010 ), "", HFILL }},
 	{ &hf_winreg_winreg_EnumKey_last_changed_time, 
@@ -3975,8 +4173,12 @@ void proto_register_dcerpc_winreg(void)
 	  { "Key Query Value", "winreg.winreg_AccessMask.KEY_QUERY_VALUE", FT_BOOLEAN, 32, TFS(&winreg_AccessMask_KEY_QUERY_VALUE_tfs), ( 0x00001 ), "", HFILL }},
 	{ &hf_winreg_winreg_StringBuf_length, 
 	  { "Length", "winreg.winreg_StringBuf.length", FT_UINT16, BASE_DEC, NULL, 0, "", HFILL }},
+	{ &hf_winreg_winreg_SaveKey_handle, 
+	  { "Handle", "winreg.winreg_SaveKey.handle", FT_BYTES, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_NotifyChangeKeyValue_string1, 
 	  { "String1", "winreg.winreg_NotifyChangeKeyValue.string1", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
+	{ &hf_winreg_KeySecurityAttribute_sec_data, 
+	  { "Sec Data", "winreg.KeySecurityAttribute.sec_data", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	{ &hf_winreg_winreg_NotifyChangeKeyValue_string2, 
 	  { "String2", "winreg.winreg_NotifyChangeKeyValue.string2", FT_NONE, BASE_NONE, NULL, 0, "", HFILL }},
 	};
@@ -3989,6 +4191,7 @@ void proto_register_dcerpc_winreg(void)
 		&ett_winreg_KeySecurityData,
 		&ett_winreg_winreg_SecBuf,
 		&ett_winreg_winreg_StringBuf,
+		&ett_winreg_KeySecurityAttribute,
 		&ett_winreg_QueryMultipleValue,
 	};
 
diff --git a/epan/dissectors/packet-dcerpc-winreg.h b/epan/dissectors/packet-dcerpc-winreg.h
index 18d9200f51..20da96fd8a 100644
--- a/epan/dissectors/packet-dcerpc-winreg.h
+++ b/epan/dissectors/packet-dcerpc-winreg.h
@@ -38,5 +38,6 @@ int winreg_dissect_struct_SecBuf(tvbuff_t *tvb _U_, int offset _U_, packet_info
 extern const value_string winreg_winreg_CreateAction_vals[];
 int winreg_dissect_enum_CreateAction(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 *param _U_);
 int winreg_dissect_struct_StringBuf(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
+int winreg_dissect_struct_KeySecurityAttribute(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
 int winreg_dissect_struct_QueryMultipleValue(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_);
 #endif /* __PACKET_DCERPC_WINREG_H */
diff --git a/epan/dissectors/pidl/winreg.idl b/epan/dissectors/pidl/winreg.idl
index c8900f7918..4a75d5ff57 100644
--- a/epan/dissectors/pidl/winreg.idl
+++ b/epan/dissectors/pidl/winreg.idl
@@ -26,7 +26,7 @@
 		KEY_WOW64_32KEY 		= 0x00200
 	} winreg_AccessMask;
 
-	typedef [v1_enum] enum {
+	typedef [public,v1_enum] enum {
 		REG_NONE                       = 0,
 		REG_SZ                         = 1,
 		REG_EXPAND_SZ                  = 2,
@@ -127,7 +127,7 @@
 
 	/******************/
 	/* Function: 0x07 */
-	WERROR winreg_DeleteKey(
+	[public] WERROR winreg_DeleteKey(
 		[in,ref] policy_handle *handle,
 		[in]	 winreg_String key
 	);
@@ -148,7 +148,9 @@
 		[size_is(size/2),length_is(length/2),charset(UTF16)] uint16 *name;
 	} winreg_StringBuf;
 
-	WERROR winreg_EnumKey(
+	/******************/
+	/* Function: 0x09 */
+	[public] WERROR winreg_EnumKey(
 		[in,ref]        policy_handle    *handle,
 		[in]            uint32           enum_index,
 		[in,out,ref]    winreg_StringBuf *name,
@@ -171,13 +173,13 @@
 
 	/******************/
 	/* Function: 0x0b */
-	WERROR winreg_FlushKey(
+	[public] WERROR winreg_FlushKey(
 		[in,ref] policy_handle *handle
 	);
 
 	/******************/
 	/* Function: 0x0c */
-	WERROR winreg_GetKeySecurity(
+	[public] WERROR winreg_GetKeySecurity(
 		[in,ref] policy_handle *handle,
 		[in] security_secinfo sec_info,
 		[in,out,ref] KeySecurityData *sd
@@ -193,7 +195,7 @@
 
 	/******************/
 	/* Function: 0x0e */
-	WERROR winreg_NotifyChangeKeyValue(
+	[public] WERROR winreg_NotifyChangeKeyValue(
 		[in,ref] policy_handle *handle,
 		[in] uint8 watch_subtree,
 		[in] uint32 notify_filter,
@@ -205,7 +207,7 @@
 
 	/******************/
 	/* Function: 0x0f */
-	WERROR winreg_OpenKey(
+	[public] WERROR winreg_OpenKey(
 		[in,ref] policy_handle *parent_handle,
 		[in] winreg_String keyname,
 		[in] uint32 unknown,
@@ -215,9 +217,9 @@
 
 	/******************/
 	/* Function: 0x10 */
-	WERROR winreg_QueryInfoKey(
+	[public] WERROR winreg_QueryInfoKey(
 		[in,ref] policy_handle *handle,
-		[in,out,ref] winreg_String *class_in,
+		[in,out,ref] winreg_String *classname,
 		[out,ref] uint32 *num_subkeys,
 		[out,ref] uint32 *max_subkeylen,
 		[out,ref] uint32 *max_subkeysize,
@@ -247,11 +249,24 @@
 	/******************/
 	/* Function: 0x13 */
 	WERROR winreg_RestoreKey(
+		[in,ref] policy_handle *handle,
+		[in,ref] winreg_String *filename,
+		[in]     uint32 flags 
 	);
 
 	/******************/
 	/* Function: 0x14 */
+
+	typedef struct {
+		uint32 data_size;
+		KeySecurityData sec_data;
+		uint8 inherit;
+	} KeySecurityAttribute;
+
 	WERROR winreg_SaveKey(
+		[in,ref] policy_handle *handle,
+		[in,ref] winreg_String *filename,
+		[in,unique] KeySecurityAttribute *sec_attrib
 	);
 
 	/******************/
@@ -259,7 +274,7 @@
 	WERROR winreg_SetKeySecurity(
 		[in,ref] policy_handle *handle,
 		[in] winreg_AccessMask access_mask,
-		[in,out,ref] KeySecurityData *sd
+		[in,ref] KeySecurityData *sd
 	);
 
 	/******************/
@@ -295,7 +310,7 @@
 
 	/******************/
 	/* Function: 0x1a */
-	WERROR winreg_GetVersion(
+	[public] WERROR winreg_GetVersion(
 		[in,ref]     policy_handle *handle,
 		[out,ref]    uint32 *version
 	);
author	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2007-03-29 00:26:35 +0000
committer	Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au>	2007-03-29 00:26:35 +0000
commit	f0756aee6e283abddf89b64ada3e7703181c2e2d (patch)
tree	b51ebc2394079a2b6e94ecf6adeb389685e5207f /epan/dissectors
parent	0ee2141ab0f1f4dd4d8613968bedfad247f485b2 (diff)