static int
svcctl_dissect_OpenServiceW_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree, guint8 *drep)
{
/* policy handle */
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep,
hf_svcctl_hnd, NULL, NULL, FALSE, FALSE);
offset = dissect_doserror(
tvb, offset, pinfo, tree, drep, hf_svcctl_rc, NULL);
return offset;
}
static int
svcctl_dissect_CloseServiceHandle_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
dcerpc_info *di, guint8 *drep)
{
offset = dissect_nt_policy_hnd(
tvb, offset, pinfo, tree, di, drep, hf_svcctl_hnd, NULL,
NULL, FALSE, TRUE);
offset = dissect_doserror(
tvb, offset, pinfo, tree, di, drep, hf_svcctl_rc, NULL);
return offset;
}
static int
svcctl_dissect_UnlockServiceDatabase_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep)
{
/* XXX - why is the "is an open" argument TRUE? */
offset = dissect_nt_policy_hnd(
tvb, offset, pinfo, tree, drep, hf_svcctl_lock, NULL,
NULL, TRUE, FALSE);
offset = dissect_doserror(
tvb, offset, pinfo, tree, drep, hf_svcctl_rc, NULL);
return offset;
}
static int
svcctl_dissect_QueryServiceLockStatus_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep)
{
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
svcctl_dissect_QUERY_SERVICE_LOCK_STATUS, NDR_POINTER_REF,
"LOCK_STATUS", -1);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_svcctl_required_size, NULL);
offset = dissect_doserror(
tvb, offset, pinfo, tree, drep, hf_svcctl_rc, NULL);
return offset;
}
static int
svcctl_dissect_CreateServiceW_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
{
/* tag id */
offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
hf_svcctl_tagid, NULL);
/* policy handle */
offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, di, drep,
hf_svcctl_hnd, NULL, NULL, FALSE, FALSE);
offset = dissect_doserror(
tvb, offset, pinfo, tree, di, drep, hf_svcctl_rc, NULL);
return offset;
}
static int
svcctl_dissect_OpenSCManagerW_reply(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree,
guint8 *drep)
{
dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
dcerpc_call_value *dcv = (dcerpc_call_value *)di->call_data;
e_ctx_hnd policy_hnd;
proto_item *hnd_item;
guint32 status;
/* Parse packet */
offset = dissect_nt_policy_hnd(
tvb, offset, pinfo, tree, drep, hf_svcctl_hnd, &policy_hnd,
&hnd_item, TRUE, FALSE);
offset = dissect_doserror(
tvb, offset, pinfo, tree, drep, hf_svcctl_rc, &status);
if( status == 0 ){
const char *pol_name;
if (dcv->se_data){
pol_name = ep_strdup_printf(
"OpenSCManagerW(%s)", (char *)dcv->se_data);
} else {
pol_name = "Unknown OpenSCManagerW() handle";
}
if(!pinfo->fd->flags.visited){
dcerpc_store_polhnd_name(&policy_hnd, pinfo, pol_name);
}
if(hnd_item)
proto_item_append_text(hnd_item, ": %s", pol_name);
}
return offset;
}