1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
/* packet-windows-common.h
* Declarations for dissecting various Windows data types
*
* $Id$
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifndef __PACKET_WINDOWS_COMMON_H__
#define __PACKET_WINDOWS_COMMON_H__
/*
* DOS error codes used by other dissectors.
* At least some of these are from the SMB X/Open spec, as errors for
* the ERRDOS error class, but they might be error codes returned from
* DOS.
*/
#define SMBE_badfunc 1 /* Invalid function (or system call) */
#define SMBE_badfile 2 /* File not found (pathname error) */
#define SMBE_badpath 3 /* Directory not found */
#define SMBE_nofids 4 /* Too many open files */
#define SMBE_noaccess 5 /* Access denied */
#define SMBE_badfid 6 /* Invalid fid */
#define SMBE_badmcb 7 /* Memory control blocks destroyed */
#define SMBE_nomem 8 /* Out of memory */
#define SMBE_badmem 9 /* Invalid memory block address */
#define SMBE_badenv 10 /* Invalid environment */
#define SMBE_badformat 11 /* Invalid format */
#define SMBE_badaccess 12 /* Invalid open mode */
#define SMBE_baddata 13 /* Invalid data (only from ioctl call) */
#define SMBE_res 14
#define SMBE_baddrive 15 /* Invalid drive */
#define SMBE_remcd 16 /* Attempt to delete current directory */
#define SMBE_diffdevice 17 /* rename/move across different filesystems */
#define SMBE_nofiles 18 /* no more files found in file search */
#define SMBE_badshare 32 /* Share mode on file conflict with open mode */
#define SMBE_lock 33 /* Lock request conflicts with existing lock */
#define SMBE_unsup 50 /* Request unsupported, returned by Win 95, RJS 20Jun98 */
#define SMBE_nosuchshare 67 /* Share does not exits */
#define SMBE_filexists 80 /* File in operation already exists */
#define SMBE_invalidparam 87 /* Invalid parameter */
#define SMBE_cannotopen 110 /* Cannot open the file specified */
#define SMBE_insufficientbuffer 122/* Insufficient buffer size */
#define SMBE_invalidname 123 /* Invalid name */
#define SMBE_unknownlevel 124 /* Unknown info level */
#define SMBE_alreadyexists 183 /* File already exists */
#define SMBE_badpipe 230 /* Named pipe invalid */
#define SMBE_pipebusy 231 /* All instances of pipe are busy */
#define SMBE_pipeclosing 232 /* named pipe close in progress */
#define SMBE_notconnected 233 /* No process on other end of named pipe */
#define SMBE_moredata 234 /* More data to be returned */
#define SMBE_nomoreitems 259 /* No more items */
#define SMBE_baddirectory 267 /* Invalid directory name in a path. */
#define SMBE_eas_didnt_fit 275 /* Extended attributes didn't fit */
#define SMBE_eas_nsup 282 /* Extended attributes not supported */
#define SMBE_notify_buf_small 1022 /* Buffer too small to return change notify. */
#define SMBE_serverunavailable 1722/* Server unavailable */
#define SMBE_unknownipc 2142
#define SMBE_noipc 66 /* don't support ipc */
/* These errors seem to be only returned by the NT printer driver system */
#define SMBE_invalidowner 1307 /* Invalid security descriptor owner */
#define SMBE_invalidsecuritydescriptor 1338 /* Invalid security descriptor */
#define SMBE_unknownprinterdriver 1797 /* Unknown printer driver */
#define SMBE_invalidprintername 1801 /* Invalid printer name */
#define SMBE_printeralreadyexists 1802 /* Printer already exists */
#define SMBE_invaliddatatype 1804 /* Invalid datatype */
#define SMBE_invalidenvironment 1805 /* Invalid environment */
#define SMBE_invalidformsize 1903 /* Invalid form size */
#define SMBE_printerdriverinuse 3001 /* Printer driver in use */
extern const value_string DOS_errors[];
/*
* NT error codes used by other dissectors.
*/
extern const value_string NT_errors[];
extern const value_string ms_country_codes[];
int dissect_nt_64bit_time(tvbuff_t *tvb, proto_tree *tree, int offset, int hf_date);
int dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
const char *name, char **sid_str, int hf_sid);
/*
* Stuff for dissecting NT access masks
*/
/*
* Access mask values
*/
/* Generic rights */
#define GENERIC_RIGHTS_MASK 0xF0000000
#define GENERIC_ALL_ACCESS 0x10000000
#define GENERIC_EXECUTE_ACCESS 0x20000000
#define GENERIC_WRITE_ACCESS 0x40000000
#define GENERIC_READ_ACCESS 0x80000000
/* Misc/reserved */
#define ACCESS_SACL_ACCESS 0x00800000
#define SYSTEM_SECURITY_ACCESS 0x01000000
#define MAXIMUM_ALLOWED_ACCESS 0x02000000
/* Standard rights */
#define STANDARD_RIGHTS_MASK 0x00FF0000
#define DELETE_ACCESS 0x00010000
#define READ_CONTROL_ACCESS 0x00020000
#define WRITE_DAC_ACCESS 0x00040000
#define WRITE_OWNER_ACCESS 0x00080000
#define SYNCHRONIZE_ACCESS 0x00100000
/* Specific rights */
#define SPECIFIC_RIGHTS_MASK 0x0000FFFF /* Specific rights defined per-object */
typedef void (nt_access_mask_fn_t)(tvbuff_t *tvb, gint offset,
proto_tree *tree, guint32 access);
/* Map generic access permissions to specific permissions */
struct generic_mapping {
guint32 generic_read;
guint32 generic_write;
guint32 generic_execute;
guint32 generic_all;
};
/* Map standard access permissions to specific permissions */
struct standard_mapping {
guint32 std_read;
guint32 std_write;
guint32 std_execute;
guint32 std_all;
};
struct access_mask_info {
const char *specific_rights_name;
nt_access_mask_fn_t *specific_rights_fn;
struct generic_mapping *generic_mapping;
struct standard_mapping *standard_mapping;
};
int
dissect_nt_access_mask(tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *tree, guint8 *drep, int hfindex,
struct access_mask_info *ami,
guint32 *perms);
int
dissect_nt_sec_desc(tvbuff_t *tvb, int offset, packet_info *pinfo,
proto_tree *parent_tree, guint8 *drep,
gboolean len_supplied, int len,
struct access_mask_info *ami);
void
proto_do_register_windows_common(int proto_smb);
#endif
|
