archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
4.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/base/cluster/bh/parsers/msrpc/msrpc.h

472 lines
12 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //*****************************************************************************
  2. //
  3. // Name: msrpc.h
  4. //
  5. // Description: MSRPC protocol parser.
  6. //
  7. // History:
  8. // 08/1/93 t-glennc Created.
  9. //
  10. //*****************************************************************************
  12. //*****************************************************************************
  13. //
  14. // Copyright (c) 1993 by Microsoft Corp. All rights reserved.
  15. //
  16. //*****************************************************************************
  18. // MSRPC protocol property database identifiers
  20. #define MSRPC_SUMMARY 0x00
  21. #define MSRPC_VERSION 0x01
  22. #define MSRPC_VERSION_MINOR 0x02
  23. #define MSRPC_PTYPE 0x03
  24. #define MSRPC_PFC_FLAGS1 0x04
  25. #define MSRPC_PFC_FLAGS1_BITS 0x05
  26. #define MSRPC_PACKED_DREP 0x06
  27. #define MSRPC_FRAG_LENGTH 0x07
  28. #define MSRPC_AUTH_LENGTH 0x08
  29. #define MSRPC_CALL_ID 0x09
  30. #define MSRPC_MAX_XMIT_FRAG 0x0A
  31. #define MSRPC_MAX_RECV_FRAG 0x0B
  32. #define MSRPC_ASSOC_GROUP_ID 0x0C
  33. #define MSRPC_P_CONTEXT_SUM 0x0D
  34. #define MSRPC_AUTH_VERIFIER 0x0E
  35. #define MSRPC_SEC_ADDR 0x0F
  36. #define MSRPC_PAD 0x10
  37. #define MSRPC_P_RESULT_LIST 0x11
  38. #define MSRPC_PROVIDER_REJECT_REASON 0x12
  39. #define MSRPC_VERSIONS_SUPPORTED 0x13
  40. #define MSRPC_ALLOC_HINT 0x14
  41. #define MSRPC_PRES_CONTEXT_ID 0x15
  42. #define MSRPC_CANCEL_COUNT 0x16
  43. #define MSRPC_RESERVED 0x17
  44. #define MSRPC_STATUS 0x18
  45. #define MSRPC_RESERVED_2 0x19
  46. #define MSRPC_STUB_DATA 0x1A
  47. #define MSRPC_OPNUM 0x1B
  48. #define MSRPC_OBJECT 0x1C
  49. #define MSRPC_PFC_FLAGS2 0x1D
  50. #define MSRPC_PFC_FLAGS2_BITS 0x1E
  51. #define MSRPC_SERIAL_HI 0x1F
  52. #define MSRPC_OBJECT_ID 0x20
  53. #define MSRPC_INTERFACE_ID 0x21
  54. #define MSRPC_ACTIVITY_ID 0x22
  55. #define MSRPC_SERVER_BOOT_TIME 0x23
  56. #define MSRPC_INTERFACE_VER 0x24
  57. #define MSRPC_SEQ_NUM 0x25
  58. #define MSRPC_INTERFACE_HINT 0x26
  59. #define MSRPC_ACTIVITY_HINT 0x27
  60. #define MSRPC_LEN_OF_PACKET_BODY 0x28
  61. #define MSRPC_FRAG_NUM 0x29
  62. #define MSRPC_AUTH_PROTO_ID 0x2A
  63. #define MSRPC_SERIAL_LO 0x2B
  64. #define MSRPC_CANCEL_ID 0x2C
  65. #define MSRPC_SERVER_IS_ACCEPTING 0x2D
  66. #define MSRPC_STATUS_CODE 0x2E
  67. #define MSRPC_WINDOW_SIZE 0x2F
  68. #define MSRPC_MAX_TPDU 0x30
  69. #define MSRPC_MAX_PATH_TPDU 0x31
  70. #define MSRPC_SERIAL_NUM 0x32
  71. #define MSRPC_SELACK_LEN 0x33
  72. #define MSRPC_SELACK 0x34
  73. #define MSRPC_CANCEL_REQUEST_FMT_VER 0x35
  74. #define MSRPC_SEQ_NUMBER 0x36
  75. #define MSRPC_SEC_ADDR_LENGTH 0x37
  76. #define MSRPC_SEC_ADDR_PORT 0x38
  77. #define MSRPC_N_RESULTS 0x39
  78. #define MSRPC_P_RESULTS 0x3A
  79. #define MSRPC_P_CONT_DEF_RESULT 0x3B
  80. #define MSRPC_P_PROVIDER_REASON 0x3C
  81. #define MSRPC_P_TRANSFER_SYNTAX 0x3D
  82. #define MSRPC_IF_UUID 0x3E
  83. #define MSRPC_IF_VERSION 0x3F
  85. #define MSRPC_P_CONTEXT_ELEM 0x40
  86. #define MSRPC_NUM_TRANSFER_SYNTAX 0x41
  87. #define MSRPC_ABSTRACT_IF_UUID 0x42
  88. #define MSRPC_ABSTRACT_IF_VERSION 0x43
  89. #define MSRPC_TRANSFER_IF_UUID 0x44
  90. #define MSRPC_TRANSFER_IF_VERSION 0x45
  91. #define MSRPC_BIND_FRAME_NUMBER 0x46
  96. // MSRPC PDU TYPES
  98. #define MSRPC_PDU_REQUEST 0
  99. #define MSRPC_PDU_PING 1
  100. #define MSRPC_PDU_RESPONSE 2
  101. #define MSRPC_PDU_FAULT 3
  102. #define MSRPC_PDU_WORKING 4
  103. #define MSRPC_PDU_NOCALL 5
  104. #define MSRPC_PDU_REJECT 6
  105. #define MSRPC_PDU_ACK 7
  106. #define MSRPC_PDU_CL_CANCEL 8
  107. #define MSRPC_PDU_FACK 9
  108. #define MSRPC_PDU_CANCEL_ACK 10
  109. #define MSRPC_PDU_BIND 11
  110. #define MSRPC_PDU_BIND_ACK 12
  111. #define MSRPC_PDU_BIND_NAK 13
  112. #define MSRPC_PDU_ALTER_CONTEXT 14
  113. #define MSRPC_PDU_ALTER_CONTEXT_RESP 15
  114. #define MSRPC_PDU_SHUTDOWN 17
  115. #define MSRPC_PDU_CO_CANCEL 18
  116. #define MSRPC_PDU_ORPHANED 19
  119. // MSRPC PDU FLAGS - 1st Set
  121. #define MSRPC_PDU_FLAG_1_RESERVED_01 0x01
  122. #define MSRPC_PDU_FLAG_1_LASTFRAG 0x02
  123. #define MSRPC_PDU_FLAG_1_FRAG 0x04
  124. #define MSRPC_PDU_FLAG_1_NOFACK 0x08
  125. #define MSRPC_PDU_FLAG_1_MAYBE 0x10
  126. #define MSRPC_PDU_FLAG_1_IDEMPOTENT 0x20
  127. #define MSRPC_PDU_FLAG_1_BROADCAST 0x40
  128. #define MSRPC_PDU_FLAG_1_RESERVED_80 0x80
  131. // MSRPC PDU FLAGS - 2nd Set
  133. #define MSRPC_PDU_FLAG_2_RESERVED_01 0x01
  134. #define MSRPC_PDU_FLAG_2_CANCEL_PEND 0x02
  135. #define MSRPC_PDU_FLAG_2_RESERVED_04 0x04
  136. #define MSRPC_PDU_FLAG_2_RESERVED_08 0x08
  137. #define MSRPC_PDU_FLAG_2_RESERVED_10 0x10
  138. #define MSRPC_PDU_FLAG_2_RESERVED_20 0x20
  139. #define MSRPC_PDU_FLAG_2_RESERVED_40 0x40
  140. #define MSRPC_PDU_FLAG_2_RESERVED_80 0x80
  143. // Data Structures of a MSRPC protocol frame
  145. typedef struct _ALTER_CONTEXT
  146. {
  147. WORD MaxXmitFrag;
  148. WORD MaxRecvFrag;
  149. DWORD AssocGroupId;
  150. BYTE PContextElem[];
  151. } ALTER_CONTEXT;
  153. typedef struct _ALTER_CONTEXT_RESP
  154. {
  155. WORD MaxXmitFrag;
  156. WORD MaxRecvFrag;
  157. DWORD AssocGroupId;
  158. BYTE SecAddr[];
  159. } ALTER_CONTEXT_RESP;
  161. typedef struct _BIND
  162. {
  163. WORD MaxXmitFrag;
  164. WORD MaxRecvFrag;
  165. DWORD AssocGroupId;
  166. BYTE PContextElem[];
  167. } BIND;
  169. typedef struct _BIND_ACK
  170. {
  171. WORD MaxXmitFrag;
  172. WORD MaxRecvFrag;
  173. DWORD AssocGroupId;
  174. BYTE SecAddr[];
  175. } BIND_ACK;
  177. typedef struct _BIND_NAK
  178. {
  179. WORD RejectReason;
  180. BYTE Versions[];
  181. } BIND_NAK;
  183. typedef struct _CO_CANCEL
  184. {
  185. BYTE AuthTrailer[];
  186. } CO_CANCEL;
  188. typedef struct _FAULT
  189. {
  190. union
  191. {
  192. DWORD AllocHint;
  193. DWORD StatusCode;
  194. };
  195. WORD PContId;
  196. BYTE CancelCount;
  197. BYTE Reserved;
  198. DWORD Status;
  199. BYTE Reserved2[4];
  200. BYTE Data[];
  201. } FAULT;
  203. typedef struct _ORPHANED
  204. {
  205. BYTE AuthTrailer[];
  206. } ORPHANED;
  208. typedef struct _REQUEST
  209. {
  210. DWORD AllocHint;
  211. WORD PContId;
  212. WORD OpNum;
  213. BYTE Object[16];
  214. BYTE Data[];
  215. } REQUEST;
  217. typedef struct _RESPONSE
  218. {
  219. DWORD AllocHint;
  220. WORD PContId;
  221. BYTE CancelCount;
  222. BYTE Reserved;
  223. BYTE Data[];
  224. } RESPONSE;
  226. typedef struct _SHUTDOWN
  227. {
  228. BYTE Data[];
  229. } SHUTDOWN;
  231. typedef struct _MSRPCCO
  232. {
  233. BYTE Version;
  234. BYTE VersionMinor;
  235. BYTE PType;
  236. BYTE PFCFlags;
  237. BYTE PackedDrep[4];
  238. WORD FragLength;
  239. WORD AuthLength;
  240. DWORD CallID;
  241. union
  242. {
  243. ALTER_CONTEXT AlterContext;
  244. ALTER_CONTEXT_RESP AlterContextResp;
  245. BIND Bind;
  246. BIND_ACK BindAck;
  247. BIND_NAK BindNak;
  248. CO_CANCEL COCancel;
  249. FAULT Fault;
  250. ORPHANED Orphaned;
  251. REQUEST Request;
  252. RESPONSE Response;
  253. SHUTDOWN Shutdown;
  254. };
  255. } MSRPCCO;
  257. typedef MSRPCCO UNALIGNED * LPMSRPCCO;
  260. typedef struct _CL_REQUEST
  261. {
  262. BYTE Data[];
  263. } CL_REQUEST;
  265. typedef struct _PING
  266. {
  267. BYTE Data[];
  268. } PING;
  270. typedef struct _CL_RESPONSE
  271. {
  272. BYTE Data[];
  273. } CL_RESPONSE;
  275. typedef struct _WORKING
  276. {
  277. BYTE Data[];
  278. } WORKING;
  280. typedef struct _NOCALL
  281. {
  282. BYTE Vers;
  283. BYTE Pad1;
  284. WORD WindowSize;
  285. DWORD MaxTPDU;
  286. DWORD MaxPathTPDU;
  287. WORD SerialNumber;
  288. WORD SelAckLen;
  289. DWORD SelAck[];
  290. } NOCALL;
  292. typedef struct _REJECT
  293. {
  294. DWORD StatusCode;
  295. } REJECT;
  297. typedef struct _ACK
  298. {
  299. BYTE Data[];
  300. } ACK;
  302. typedef struct _CL_CANCEL
  303. {
  304. DWORD Vers;
  305. DWORD CancelId;
  306. } CL_CANCEL;
  308. typedef struct _FACK
  309. {
  310. BYTE Vers;
  311. BYTE Pad1;
  312. WORD WindowSize;
  313. DWORD MaxTPDU;
  314. DWORD MaxPathTPDU;
  315. WORD SerialNumber;
  316. WORD SelAckLen;
  317. DWORD SelAck[];
  318. } FACK;
  320. typedef struct _CANCEL_ACK
  321. {
  322. DWORD Vers;
  323. DWORD CancelId;
  324. DWORD ServerIsAccepting;
  325. } CANCEL_ACK;
  328. typedef struct _MSRPCCL
  329. {
  330. BYTE Version;
  331. BYTE PType;
  332. BYTE PFCFlags1;
  333. BYTE PFCFlags2;
  334. BYTE PackedDrep[3];
  335. BYTE SerialNumHi;
  336. BYTE ObjectId[16];
  337. BYTE InterfaceId[16];
  338. BYTE ActivityId[16];
  339. DWORD ServerBootTime;
  340. DWORD InterfaceVersion;
  341. DWORD SeqNum;
  342. WORD OpNum;
  343. WORD InterfaceHint;
  344. WORD ActivityHint;
  345. WORD Length;
  346. WORD FragNum;
  347. BYTE AuthProtoId;
  348. BYTE SerialNumLo;
  349. union
  350. {
  351. CL_REQUEST Request;
  352. PING Ping;
  353. CL_RESPONSE Response;
  354. FAULT Fault;
  355. WORKING Working;
  356. NOCALL NoCall;
  357. REJECT Reject;
  358. ACK Ack;
  359. CL_CANCEL CLCancel;
  360. FACK Fack;
  361. CANCEL_ACK CancelAck;
  362. };
  363. } MSRPCCL;
  365. typedef MSRPCCL UNALIGNED * LPMSRPCCL;
  368. typedef unsigned short p_context_id_t;
  370. typedef struct
  371. {
  372. GUID if_uuid;
  373. unsigned long if_version;
  374. } p_syntax_id_t;
  376. typedef struct
  377. {
  378. p_context_id_t p_cont_id;
  379. unsigned char n_transfer_syn;
  380. unsigned char reserved;
  381. p_syntax_id_t abstract_syntax;
  382. p_syntax_id_t transfer_syntaxes[1];
  383. } p_cont_elem_t;
  387. // Table for tracking IIDs
  389. typedef struct _IID_HANDOFF
  390. {
  391. union
  392. {
  393. BYTE ByteRep[16];
  394. DWORD DwordRep[4];
  395. };
  396. HPROTOCOL hNext;
  397. } IID_HANDOFF;
  401. // We are going to store the BIND frames in a database so that at attach time, we
  402. // can point to who is the BIND frame on requests and responses. CCHeapAlloc routines
  403. // will be used to store the data.
  406. enum BINDTABLESTATE
  407. {
  408. UNINITED,
  409. NORMAL,
  410. FULL
  411. };
  413. typedef struct _BINDENTRY
  414. {
  415. DWORD nFrame;
  416. HFRAME hBindFrame;
  417. } BINDENTRY;
  419. typedef BINDENTRY * LPBINDENTRY;
  422. typedef struct _BINDTABLE
  423. {
  424. DWORD nEntries;
  425. DWORD nAllocated;
  426. DWORD State;
  427. BOOL fCurrentlyLookingBack;
  428. BINDENTRY BindEntry[1];
  430. } BINDTABLE;
  432. typedef BINDTABLE * LPBINDTABLE;
  434. #define BINDTABLEHEADERSIZE (sizeof(BINDTABLE)-sizeof(BINDENTRY))
  438. // Defintions for MSRPC protocol parser entry point functions
  440. VOID WINAPI MSRPC_Register( HPROTOCOL hMSRPC );
  442. VOID WINAPI MSRPC_Deregister( HPROTOCOL hMSRPC );
  444. LPBYTE WINAPI MSRPC_RecognizeFrame( HFRAME hFrame,
  445. LPBYTE lpStartFrame,
  446. LPBYTE lpStartMSRPC,
  447. DWORD MacType,
  448. DWORD BytesLeft,
  449. HPROTOCOL hPreviousProtocol,
  450. DWORD nPreviousProtocolOffset,
  451. LPDWORD ProtocolStatusCode,
  452. LPHPROTOCOL hNextProtocol,
  453. LPDWORD lpInstData );
  455. LPBYTE WINAPI MSRPC_AttachProperties( HFRAME hFrame,
  456. LPBYTE lpStartFrame,
  457. LPBYTE lpStartMSRPC,
  458. DWORD MacType,
  459. DWORD BytesLeft,
  460. HPROTOCOL hPreviousProtocol,
  461. DWORD nPreviousProtocolOffset,
  462. DWORD InstData );
  464. DWORD WINAPI MSRPC_FormatProperties( HFRAME hFrame,
  465. LPBYTE MacFrame,
  466. LPBYTE ProtocolFrame,
  467. DWORD nPropertyInsts,
  468. LPPROPERTYINST p );
  470. VOID WINAPIV MSRPC_FmtSummary( LPPROPERTYINST lpPropertyInst );