static int
epm_dissect_pointer_IF_ID(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
dcerpc_info *di, guint8 *drep)
{
offset = dissect_ndr_uuid_t (tvb, offset, pinfo, tree, di, drep,
di->hf_index, NULL);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, di, drep,
hf_epm_ver_maj, NULL);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, di, drep,
hf_epm_ver_min, NULL);
return offset;
}
int
dissect_ndr_counted_byte_array_cb(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep, int hf_index,
dcerpc_callback_fnct_t *callback,
void *callback_args)
{
dcerpc_info *di = pinfo->private_data;
proto_item *item;
proto_tree *subtree;
guint16 len, size;
/* Structure starts with short, but is aligned for pointer */
ALIGN_TO_5_BYTES;
if (di->conformant_run)
return offset;
item = proto_tree_add_text(tree, tvb, offset, 0, "%s",
proto_registrar_get_name(hf_index));
subtree = proto_item_add_subtree(item, ett_nt_counted_byte_array);
/*
struct {
short len;
short size;
[size_is(size), length_is(len), ptr] unsigned char *string;
} WHATEVER_THIS_IS_CALLED;
*/
offset = dissect_ndr_uint16(tvb, offset, pinfo, subtree, drep,
hf_nt_cs_len, &len);
offset = dissect_ndr_uint16(tvb, offset, pinfo, subtree, drep,
hf_nt_cs_size, &size);
offset = dissect_ndr_pointer_cb(tvb, offset, pinfo, subtree, drep,
dissect_ndr_char_cvstring, NDR_POINTER_UNIQUE,
"Byte Array", hf_index, callback, callback_args);
if (di->call_data->flags & DCERPC_IS_NDR64) {
ALIGN_TO_5_BYTES;
}
return offset;
}
static int
dssetup_dissect_DsRoleInfo(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param _U_)
{
proto_item *item = NULL;
proto_tree *tree = NULL;
int old_offset;
guint16 level;
ALIGN_TO_4_BYTES;
old_offset = offset;
if(parent_tree){
item = proto_tree_add_text(parent_tree, tvb, offset, -1, "dssetup_DsRoleInfo");
tree = proto_item_add_subtree(item, ett_dssetup_dssetup_DsRoleInfo);
}
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep, hf_index, &level);
switch(level) {
case DS_ROLE_BASIC_INFORMATION:
offset = dssetup_dissect_element_DsRoleInfo_basic(tvb, offset, pinfo, tree, drep);
break;
case DS_ROLE_UPGRADE_STATUS:
offset = dssetup_dissect_element_DsRoleInfo_upgrade(tvb, offset, pinfo, tree, drep);
break;
case DS_ROLE_OP_STATUS:
offset = dssetup_dissect_element_DsRoleInfo_opstatus(tvb, offset, pinfo, tree, drep);
break;
}
proto_item_set_len(item, offset-old_offset);
return offset;
}
int
dissect_ndr_counted_string_cb(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep, int hf_index,
dcerpc_callback_fnct_t *callback,
void *callback_args)
{
dcerpc_info *di = pinfo->private_data;
guint16 len, size;
/* Structure starts with short, but is aligned for pointer */
ALIGN_TO_5_BYTES;
if (di->conformant_run)
return offset;
/*
struct {
short len;
short size;
[size_is(size/2), length_is(len/2), ptr] unsigned short *string;
} UNICODE_STRING;
*/
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
hf_nt_cs_len, &len);
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep,
hf_nt_cs_size, &size);
offset = dissect_ndr_pointer_cb(tvb, offset, pinfo, tree, drep,
dissect_ndr_wchar_cvstring, NDR_POINTER_UNIQUE,
"Character Array", hf_index, callback, callback_args);
if (di->call_data->flags & DCERPC_IS_NDR64) {
ALIGN_TO_5_BYTES;
}
return offset;
}
/* This is used to dissect the new datatypes, such as enums
that are 2 bytes in size in NDR but 4 bytes in NDR64.
*/
int
dissect_ndr_uint1632(tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *tree, dcerpc_info *di, guint8 *drep,
int hfindex, guint1632 *pdata)
{
if (di->call_data->flags & DCERPC_IS_NDR64) {
return dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hfindex, pdata);
} else {
guint16 val = 0;
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, di, drep, hfindex, &val);
if (pdata) {
*pdata = val;
}
return offset;
}
}
static int
dissect_rs_pgo_query_key_t (tvbuff_t * tvb, int offset,
packet_info * pinfo, proto_tree * parent_tree,
dcerpc_info *di, guint8 * drep)
{
enum
{
rs_pgo_query_name,
rs_pgo_query_id,
rs_pgo_query_unix_num,
rs_pgo_query_next,
rs_pgo_query_none
};
/*
typedef union switch (rs_pgo_query_t query) tagged_union {
case rs_pgo_query_name:
sec_rgy_name_t name;
case rs_pgo_query_id:
rs_pgo_id_key_t id_key;
case rs_pgo_query_unix_num:
rs_pgo_unix_num_key_t unix_num_key;
case rs_pgo_query_next:
sec_rgy_name_t scope;
default:
; * empty branch of union *
} rs_pgo_query_key_t;
*/
proto_item *item = NULL;
proto_tree *tree = NULL;
int old_offset = offset;
guint16 query_t;
if (di->conformant_run)
{
return offset;
}
if (parent_tree)
{
item =
proto_tree_add_text (parent_tree, tvb, offset, -1,
"rs_pgo_query_key_t ");
tree = proto_item_add_subtree (item, ett_rs_pgo_query_key_t);
}
offset =
dissect_ndr_uint16 (tvb, offset, pinfo, tree, di, drep, hf_rs_pgo_query_key_t,
&query_t);
col_append_str (pinfo->cinfo, COL_INFO, " rs_pgo_query_key_t:");
offset += 4;
switch (query_t)
{
case rs_pgo_query_name:
col_append_str (pinfo->cinfo, COL_INFO, "NAME");
offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, di, drep);
break;
case rs_pgo_query_id:
col_append_str (pinfo->cinfo, COL_INFO, "ID");
offset = dissect_rs_pgo_id_key_t (tvb, offset, pinfo, tree, di, drep);
break;
case rs_pgo_query_unix_num:
col_append_str (pinfo->cinfo, COL_INFO, "UNIX_NUM");
offset = dissect_rs_pgo_unix_num_key_t (tvb, offset, pinfo, tree, di, drep);
break;
case rs_pgo_query_next:
col_append_str (pinfo->cinfo, COL_INFO, "NEXT");
offset = dissect_sec_rgy_name_t (tvb, offset, pinfo, tree, di, drep);
break;
case rs_pgo_query_none:
col_append_str (pinfo->cinfo, COL_INFO, "NONE");
break;
default:
col_append_fstr (pinfo->cinfo, COL_INFO, " unknown:%u", query_t);
break;
}
proto_item_set_len (item, offset - old_offset);
return offset;
}
int
dssetup_dissect_enum_DsRoleInfoLevel(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 param _U_)
{
offset = dissect_ndr_uint16(tvb, offset, pinfo, tree, drep, hf_index, NULL);
return offset;
}