osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

More work on dissecting generic and standard mappings for NT access masks. 

svn path=/trunk/; revision=7668
This commit is contained in:
Tim Potter 2003-05-15 02:14:00 +00:00
parent f6e347bbc5
commit cabe2eebf8
5 changed files with 151 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packet-dcerpc-lsa.c
View File

@ -3,7 +3,7 @@
* Copyright 2001,2003 Tim Potter <tpot@samba.org>
* 2002 Added LSA command dissectors Ronnie Sahlberg
*
* $Id: packet-dcerpc-lsa.c,v 1.76 2003/04/28 04:44:53 tpot Exp $
* $Id: packet-dcerpc-lsa.c,v 1.77 2003/05/15 02:14:00 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -348,7 +348,9 @@ lsa_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info lsa_access_mask_info = {
"LSA", /* Name of specific rights */
lsa_specific_rights /* Dissection function */
lsa_specific_rights, /* Dissection function */
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
int

22
packet-dcerpc-samr.c
View File

@ -3,7 +3,7 @@
* Copyright 2001,2003 Tim Potter <tpot@samba.org>
* 2002 Added all command dissectors Ronnie Sahlberg
*
* $Id: packet-dcerpc-samr.c,v 1.85 2003/04/28 04:44:53 tpot Exp $
* $Id: packet-dcerpc-samr.c,v 1.86 2003/05/15 02:14:00 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -246,7 +246,9 @@ specific_rights_connect(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info samr_connect_access_mask_info = {
"SAMR connect",
specific_rights_connect
specific_rights_connect,
NULL, /* Generic rights mapping */
NULL /* Standard rights mapping */
};
/* Dissect domain specific access rights */
@ -314,7 +316,9 @@ specific_rights_domain(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info samr_domain_access_mask_info = {
"SAMR domain",
specific_rights_domain
specific_rights_domain,
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
/* Dissect user specific access rights */
@ -382,7 +386,9 @@ specific_rights_user(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info samr_user_access_mask_info = {
"SAMR user",
specific_rights_user
specific_rights_user,
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
/* Dissect alias specific access rights */
@ -420,7 +426,9 @@ specific_rights_alias(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info samr_alias_access_mask_info = {
"SAMR alias",
specific_rights_alias
specific_rights_alias,
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
/* Dissect group specific access rights */
@ -458,7 +466,9 @@ specific_rights_group(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info samr_group_access_mask_info = {
"SAMR group",
specific_rights_group
specific_rights_group,
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
int

6
packet-dcerpc-svcctl.c
View File

@ -3,7 +3,7 @@
* Copyright 2003, Tim Potter <tpot@samba.org>
* Copyright 2003, Ronnie Sahlberg, added function dissectors
*
* $Id: packet-dcerpc-svcctl.c,v 1.7 2003/04/28 04:44:54 tpot Exp $
* $Id: packet-dcerpc-svcctl.c,v 1.8 2003/05/15 02:14:00 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -97,7 +97,9 @@ svcctl_scm_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree,
struct access_mask_info svcctl_scm_access_mask_info = {
"SVCCTL",
svcctl_scm_specific_rights
svcctl_scm_specific_rights,
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
/*

26
packet-smb-common.h
View File

@ -2,7 +2,7 @@
* Routines for SMB packet dissection
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
*
* $Id: packet-smb-common.h,v 1.22 2003/05/09 01:41:28 tpot Exp $
* $Id: packet-smb-common.h,v 1.23 2003/05/15 02:14:00 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -58,14 +58,36 @@ int dissect_smb_64bit_time(tvbuff_t *tvb, proto_tree *tree, int offset, int hf_d
int dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree,
char *name, char **sid_str);
/* Stuff for dissecting NT access masks */
/*
* Stuff for dissecting NT access masks
*/
typedef void (nt_access_mask_fn_t)(tvbuff_t *tvb, gint offset,
proto_tree *tree, guint32 access);
/* Map generic access permissions to specific permissions */
struct generic_mapping {
guint32 generic_read;
guint32 generic_write;
guint32 generic_execute;
guint32 generic_all;
};
/* Map standard access permissions to specific permissions */
struct standard_mapping {
guint32 std_read;
guint32 std_write;
guint32 std_execute;
guint32 std_all;
};
struct access_mask_info {
char *specific_rights_name;
nt_access_mask_fn_t *specific_rights_fn;
struct generic_mapping *generic_mapping;
struct standard_mapping *standard_mapping;
};
int

138
packet-smb.c
View File

@ -3,7 +3,7 @@
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
* 2001 Rewrite by Ronnie Sahlberg and Guy Harris
*
* $Id: packet-smb.c,v 1.338 2003/05/09 01:41:28 tpot Exp $
* $Id: packet-smb.c,v 1.339 2003/05/15 02:14:00 tpot Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@ -7248,13 +7248,58 @@ static int hf_access_specific_2 = -1;
static int hf_access_specific_1 = -1;
static int hf_access_specific_0 = -1;
/* Map generic permissions to specific permissions */
static void map_generic_access(guint32 *access_mask,
struct generic_mapping *mapping)
{
if (*access_mask & GENERIC_READ_ACCESS) {
*access_mask &= ~GENERIC_READ_ACCESS;
*access_mask |= mapping->generic_read;
}
if (*access_mask & GENERIC_WRITE_ACCESS) {
*access_mask &= ~GENERIC_WRITE_ACCESS;
*access_mask |= mapping->generic_write;
}
if (*access_mask & GENERIC_EXECUTE_ACCESS) {
*access_mask &= ~GENERIC_EXECUTE_ACCESS;
*access_mask |= mapping->generic_execute;
}
if (*access_mask & GENERIC_ALL_ACCESS) {
*access_mask &= ~GENERIC_ALL_ACCESS;
*access_mask |= mapping->generic_all;
}
}
/* Map standard permissions to specific permissions */
static void map_standard_access(guint32 *access_mask,
struct standard_mapping *mapping)
{
if (*access_mask & READ_CONTROL_ACCESS) {
*access_mask &= ~READ_CONTROL_ACCESS;
*access_mask |= mapping->std_read;
}
if (*access_mask & (DELETE_ACCESS|WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS|
SYNCHRONIZE_ACCESS)) {
*access_mask &= ~(DELETE_ACCESS|WRITE_DAC_ACCESS|
WRITE_OWNER_ACCESS|SYNCHRONIZE_ACCESS);
*access_mask |= mapping->std_all;
}
}
int
dissect_nt_access_mask(tvbuff_t *tvb, gint offset, packet_info *pinfo,
proto_tree *tree, char *drep, int hfindex,
struct access_mask_info *ami)
{
proto_item *item;
proto_tree *subtree, *generic, *standard, *specific;
proto_tree *subtree, *generic_tree, *standard_tree, *specific_tree;
guint32 access;
if (drep != NULL) {
@ -7287,22 +7332,23 @@ dissect_nt_access_mask(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"Generic rights: 0x%08x",
access & GENERIC_RIGHTS_MASK);
generic = proto_item_add_subtree(item, ett_nt_access_mask_generic);
generic_tree = proto_item_add_subtree(
item, ett_nt_access_mask_generic);
proto_tree_add_boolean(
generic, hf_access_generic_read, tvb, offset - 4, 4,
generic_tree, hf_access_generic_read, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
generic, hf_access_generic_write, tvb, offset - 4, 4,
generic_tree, hf_access_generic_write, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
generic, hf_access_generic_execute, tvb, offset - 4, 4,
generic_tree, hf_access_generic_execute, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
generic, hf_access_generic_all, tvb, offset - 4, 4,
generic_tree, hf_access_generic_all, tvb, offset - 4, 4,
access);
/* Reserved (??) */
@ -7323,26 +7369,27 @@ dissect_nt_access_mask(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"Standard rights: 0x%08x",
access & STANDARD_RIGHTS_MASK);
standard = proto_item_add_subtree(item, ett_nt_access_mask_standard);
standard_tree = proto_item_add_subtree(
item, ett_nt_access_mask_standard);
proto_tree_add_boolean(
standard, hf_access_standard_synchronise, tvb, offset - 4, 4,
access);
standard_tree, hf_access_standard_synchronise, tvb,
offset - 4, 4, access);
proto_tree_add_boolean(
standard, hf_access_standard_write_owner, tvb, offset - 4, 4,
access);
standard_tree, hf_access_standard_write_owner, tvb,
offset - 4, 4, access);
proto_tree_add_boolean(
standard, hf_access_standard_write_dac, tvb, offset - 4, 4,
access);
standard_tree, hf_access_standard_write_dac, tvb,
offset - 4, 4, access);
proto_tree_add_boolean(
standard, hf_access_standard_read_control, tvb, offset - 4, 4,
access);
standard_tree, hf_access_standard_read_control, tvb,
offset - 4, 4, access);
proto_tree_add_boolean(
standard, hf_access_standard_delete, tvb, offset - 4, 4,
standard_tree, hf_access_standard_delete, tvb, offset - 4, 4,
access);
/* Specific access rights. Call the specific_rights_fn
@ -7359,75 +7406,96 @@ dissect_nt_access_mask(tvbuff_t *tvb, gint offset, packet_info *pinfo,
"Specific rights: 0x%08x",
access & SPECIFIC_RIGHTS_MASK);
specific = proto_item_add_subtree(item, ett_nt_access_mask_specific);
specific_tree = proto_item_add_subtree(
item, ett_nt_access_mask_specific);
if (ami && ami->specific_rights_fn) {
ami->specific_rights_fn(tvb, offset - 4, specific, access);
guint32 mapped_access = access;
proto_tree *specific_mapped;
specific_mapped = proto_item_add_subtree(
item, ett_nt_access_mask_specific);
ami->specific_rights_fn(
tvb, offset - 4, specific_tree, access);
if (ami->generic_mapping)
map_generic_access(&access, ami->generic_mapping);
if (ami->standard_mapping)
map_standard_access(&access, ami->standard_mapping);
if (access != mapped_access) {
ami->specific_rights_fn(
tvb, offset - 4, specific_mapped,
mapped_access);
}
return offset;
}
proto_tree_add_boolean(
specific, hf_access_specific_15, tvb, offset - 4, 4,
specific_tree, hf_access_specific_15, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_14, tvb, offset - 4, 4,
specific_tree, hf_access_specific_14, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_13, tvb, offset - 4, 4,
specific_tree, hf_access_specific_13, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_12, tvb, offset - 4, 4,
specific_tree, hf_access_specific_12, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_11, tvb, offset - 4, 4,
specific_tree, hf_access_specific_11, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_10, tvb, offset - 4, 4,
specific_tree, hf_access_specific_10, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_9, tvb, offset - 4, 4,
specific_tree, hf_access_specific_9, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_8, tvb, offset - 4, 4,
specific_tree, hf_access_specific_8, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_7, tvb, offset - 4, 4,
specific_tree, hf_access_specific_7, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_6, tvb, offset - 4, 4,
specific_tree, hf_access_specific_6, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_5, tvb, offset - 4, 4,
specific_tree, hf_access_specific_5, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_4, tvb, offset - 4, 4,
specific_tree, hf_access_specific_4, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_3, tvb, offset - 4, 4,
specific_tree, hf_access_specific_3, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_2, tvb, offset - 4, 4,
specific_tree, hf_access_specific_2, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_1, tvb, offset - 4, 4,
specific_tree, hf_access_specific_1, tvb, offset - 4, 4,
access);
proto_tree_add_boolean(
specific, hf_access_specific_0, tvb, offset - 4, 4,
specific_tree, hf_access_specific_0, tvb, offset - 4, 4,
access);
return offset;