ruby_smb 2.0.12 → 2.0.13

data/lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_request.rb

@@ -11,26 +11,16 @@ module RubySMB
         endian :little
 
         logonsrv_handle              :primary_name
-        string                       :pad1, length: -> { pad_length(self.primary_name) }
-        ndr_string                   :account_name
+        ndr_conf_var_wide_stringz    :account_name
         netlogon_secure_channel_type :secure_channel_type
-        string                       :pad2, length: -> { pad_length(self.secure_channel_type) }
-        ndr_string                   :computer_name
+        ndr_conf_var_wide_stringz    :computer_name
         netlogon_credential          :client_credential
-        string                       :pad3, length: -> { pad_length(self.client_credential) }
-        uint32                       :flags
+        ndr_uint32                   :flags
 
         def initialize_instance
           super
           @opnum = NETR_SERVER_AUTHENTICATE3
         end
-
-        # Determines the correct length for the padding, so that the next
-        # field is 4-byte aligned.
-        def pad_length(prev_element)
-          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end

data/lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_response.rb

@@ -11,9 +11,9 @@ module RubySMB
         endian :little
 
         netlogon_credential :server_credential
-        uint32              :negotiate_flags
-        uint32              :account_rid
-        uint32              :error_status
+        ndr_uint32          :negotiate_flags
+        ndr_uint32          :account_rid
+        ndr_uint32          :error_status
 
         def initialize_instance
           super

data/lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_request.rb

@@ -11,26 +11,16 @@ module RubySMB
         endian :little
 
         logonsrv_handle              :primary_name
-        string                       :pad1, length: -> { pad_length(self.primary_name) }
-        ndr_string                   :account_name
+        ndr_conf_var_wide_stringz    :account_name
         netlogon_secure_channel_type :secure_channel_type
-        string                       :pad2, length: -> { pad_length(self.secure_channel_type) }
-        ndr_string                   :computer_name
-        string                       :pad3, length: -> { pad_length(self.computer_name) }
+        ndr_conf_var_wide_stringz    :computer_name
         netlogon_authenticator       :authenticator
-        ndr_fixed_byte_array         :clear_new_password, length: 516 # this is an encrypted NL_TRUST_PASSWORD
+        ndr_fixed_byte_array         :clear_new_password, initial_length: 516 # this is an encrypted NL_TRUST_PASSWORD
 
         def initialize_instance
           super
           @opnum = Netlogon::NETR_SERVER_PASSWORD_SET2
         end
-
-        # Determines the correct length for the padding, so that the next
-        # field is 4-byte aligned.
-        def pad_length(prev_element)
-          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end

data/lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_response.rb

@@ -11,7 +11,7 @@ module RubySMB
         endian :little
 
         netlogon_authenticator :return_authenticator
-        uint32                 :error_status
+        ndr_uint32             :error_status
 
         def initialize_instance
           super

data/lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_request.rb

@@ -10,22 +10,14 @@ module RubySMB
 
         endian :little
 
-        logonsrv_handle     :primary_name
-        string              :pad1, length: -> { pad_length(self.primary_name) }
-        ndr_string          :computer_name
-        netlogon_credential :client_challenge
+        logonsrv_handle           :primary_name
+        ndr_conf_var_wide_stringz :computer_name
+        netlogon_credential       :client_challenge
 
         def initialize_instance
           super
           @opnum = NETR_SERVER_REQ_CHALLENGE
         end
-
-        # Determines the correct length for the padding, so that the next
-        # field is 4-byte aligned.
-        def pad_length(prev_element)
-          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end

data/lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_response.rb

@@ -11,7 +11,7 @@ module RubySMB
         endian :little
 
         netlogon_credential :server_challenge
-        uint32              :error_status
+        ndr_uint32          :error_status
 
         def initialize_instance
           super

data/lib/ruby_smb/dcerpc/netlogon.rb

@@ -13,19 +13,20 @@ module RubySMB
       NETR_SERVER_PASSWORD_SET2 = 30
 
       # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/3b224201-b531-43e2-8c79-b61f6dea8640
-      class LogonsrvHandle < Ndr::NdrLpStr; end
+      class LogonsrvHandle < Ndr::NdrWideStringzPtr; end
 
       # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/d55e2632-7163-4f6c-b662-4b870e8cc1cd
       class NetlogonCredential < Ndr::NdrFixedByteArray
-        default_parameters length: 8
+        default_parameters initial_length: 8
       end
 
       # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/76c93227-942a-4687-ab9d-9d972ffabdab
-      class NetlogonAuthenticator < BinData::Record
+      class NetlogonAuthenticator < Ndr::NdrStruct
+        default_parameter byte_align: 4
         endian :little
 
         netlogon_credential :credential
-        uint32              :timestamp
+        ndr_uint32          :timestamp
       end
 
       # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/4d1235e3-2c96-4e9f-a147-3cb338a0d09f

data/lib/ruby_smb/dcerpc/p_syntax_id_t.rb

@@ -1,11 +1,12 @@
 module RubySMB
   module Dcerpc
-    class PSyntaxIdT < BinData::Record
+    class PSyntaxIdT < Ndr::NdrStruct
+      default_parameter byte_align: 4
       endian :little
 
       uuid   :if_uuid,      initial_value: -> { uuid }
-      uint16 :if_ver_major, initial_value: -> { ver_major }
-      uint16 :if_ver_minor, initial_value: -> { ver_minor }
+      ndr_uint16 :if_ver_major, initial_value: -> { ver_major }
+      ndr_uint16 :if_ver_minor, initial_value: -> { ver_minor }
     end
   end
 end

data/lib/ruby_smb/dcerpc/pdu_header.rb

@@ -10,14 +10,14 @@ module RubySMB
       uint8 :ptype,          label: 'PDU type'
 
       struct :pfc_flags do
-        bit1  :object_uuid,     label: 'Object UUID'
-        bit1  :maybe,           label: 'Maybe call semantics'
+        bit1  :object_uuid, label: 'Object UUID'
+        bit1  :maybe, label: 'Maybe call semantics'
         bit1  :did_not_execute, label: 'Did not execute'
-        bit1  :conc_mpx,        label: 'Concurrent multiplexing'
-        bit1  :reserved_1,      label: 'Reserved'
-        bit1  :pending_cancel,  label: 'Pending cancel'
-        bit1  :last_frag,       label: 'Last fragment',  initial_value: 1
-        bit1  :first_frag,      label: 'First fragment', initial_value: 1
+        bit1  :conc_mpx, label: 'Concurrent multiplexing'
+        bit1  :reserved_1, label: 'Reserved'
+        bit1  :support_header_sign, label: 'Support Header Signing'
+        bit1  :last_frag, label: 'Last fragment',  initial_value: 1
+        bit1  :first_frag, label: 'First fragment', initial_value: 1
       end
 
       uint32 :packed_drep, label: 'NDR data representation format label', initial_value: 0x10

data/lib/ruby_smb/dcerpc/ptypes.rb

@@ -17,6 +17,7 @@ module RubySMB
       BIND_NAK           = 13
       ALTER_CONTEXT      = 14
       ALTER_CONTEXT_RESP = 15
+      RPC_AUTH3          = 16
       SHUTDOWN           = 17
       CO_CANCEL          = 18
       ORPHANED           = 19

data/lib/ruby_smb/dcerpc/request.rb

@@ -3,66 +3,113 @@ module RubySMB
     # The Request PDU as defined in
     # [The request PDU](http://pubs.opengroup.org/onlinepubs/9629399/chap12.htm#tagcjh_17_06_04_09)
     class Request < BinData::Record
+      PTYPE = PTypes::REQUEST
+
       endian :little
 
-      pdu_header :pdu_header, label: 'PDU header'
+      # PDU Header
+      pdu_header :pdu_header, label: 'PDU header common fields'
       uint32     :alloc_hint, label: 'Allocation hint', initial_value: -> { stub.num_bytes }
       uint16     :p_cont_id,  label: 'Presentation context identification'
       uint16     :opnum,      label: 'Operation Number'
       uuid       :object,     label: 'Object UID', onlyif: -> { pdu_header.pfc_flags.object_uuid == 1 }
 
+      # PDU Body
       choice :stub, label: 'Stub', selection: -> { @obj.parent.get_parameter(:endpoint) || '' } do
+        string 'Encrypted'
         choice 'Winreg', selection: -> { opnum } do
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKCR, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKCR
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKCU, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKCU
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKLM, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKLM
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKPD, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKPD
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKU,  opnum: RubySMB::Dcerpc::Winreg::OPEN_HKU
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKCC, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKCC
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKPT, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKPT
-          open_root_key_request  RubySMB::Dcerpc::Winreg::OPEN_HKPN, opnum: RubySMB::Dcerpc::Winreg::OPEN_HKPN
-          close_key_request      RubySMB::Dcerpc::Winreg::REG_CLOSE_KEY
-          enum_key_request       RubySMB::Dcerpc::Winreg::REG_ENUM_KEY
-          enum_value_request     RubySMB::Dcerpc::Winreg::REG_ENUM_VALUE
-          open_key_request       RubySMB::Dcerpc::Winreg::REG_OPEN_KEY
-          query_info_key_request RubySMB::Dcerpc::Winreg::REG_QUERY_INFO_KEY
-          query_value_request    RubySMB::Dcerpc::Winreg::REG_QUERY_VALUE
-          create_key_request     RubySMB::Dcerpc::Winreg::REG_CREATE_KEY
-          save_key_request       RubySMB::Dcerpc::Winreg::REG_SAVE_KEY
+          open_root_key_request  Winreg::OPEN_HKCR, opnum: Winreg::OPEN_HKCR
+          open_root_key_request  Winreg::OPEN_HKCU, opnum: Winreg::OPEN_HKCU
+          open_root_key_request  Winreg::OPEN_HKLM, opnum: Winreg::OPEN_HKLM
+          open_root_key_request  Winreg::OPEN_HKPD, opnum: Winreg::OPEN_HKPD
+          open_root_key_request  Winreg::OPEN_HKU,  opnum: Winreg::OPEN_HKU
+          open_root_key_request  Winreg::OPEN_HKCC, opnum: Winreg::OPEN_HKCC
+          open_root_key_request  Winreg::OPEN_HKPT, opnum: Winreg::OPEN_HKPT
+          open_root_key_request  Winreg::OPEN_HKPN, opnum: Winreg::OPEN_HKPN
+          close_key_request      Winreg::REG_CLOSE_KEY
+          enum_key_request       Winreg::REG_ENUM_KEY
+          enum_value_request     Winreg::REG_ENUM_VALUE
+          open_key_request       Winreg::REG_OPEN_KEY
+          query_info_key_request Winreg::REG_QUERY_INFO_KEY
+          query_value_request    Winreg::REG_QUERY_VALUE
+          create_key_request     Winreg::REG_CREATE_KEY
+          save_key_request       Winreg::REG_SAVE_KEY
           string                 :default
         end
         choice 'Netlogon', selection: -> { opnum } do
-          netr_server_authenticate3_request RubySMB::Dcerpc::Netlogon::NETR_SERVER_AUTHENTICATE3
-          netr_server_password_set2_request RubySMB::Dcerpc::Netlogon::NETR_SERVER_PASSWORD_SET2
-          netr_server_req_challenge_request RubySMB::Dcerpc::Netlogon::NETR_SERVER_REQ_CHALLENGE
+          netr_server_authenticate3_request Netlogon::NETR_SERVER_AUTHENTICATE3
+          netr_server_password_set2_request Netlogon::NETR_SERVER_PASSWORD_SET2
+          netr_server_req_challenge_request Netlogon::NETR_SERVER_REQ_CHALLENGE
           string                            :default
         end
         choice 'Srvsvc', selection: -> { opnum } do
-          net_share_enum_all RubySMB::Dcerpc::Srvsvc::NET_SHARE_ENUM_ALL, host: -> { host rescue '' }
+          net_share_enum_all_request Srvsvc::NET_SHARE_ENUM_ALL
           string             :default
         end
         choice 'Svcctl', selection: -> { opnum } do
-          open_sc_manager_w_request       RubySMB::Dcerpc::Svcctl::OPEN_SC_MANAGER_W
-          open_service_w_request          RubySMB::Dcerpc::Svcctl::OPEN_SERVICE_W
-          query_service_status_request    RubySMB::Dcerpc::Svcctl::QUERY_SERVICE_STATUS
-          query_service_config_w_request  RubySMB::Dcerpc::Svcctl::QUERY_SERVICE_CONFIG_W
-          change_service_config_w_request RubySMB::Dcerpc::Svcctl::CHANGE_SERVICE_CONFIG_W
-          start_service_w_request         RubySMB::Dcerpc::Svcctl::START_SERVICE_W
-          control_service_request         RubySMB::Dcerpc::Svcctl::CONTROL_SERVICE
-          close_service_handle_request    RubySMB::Dcerpc::Svcctl::CLOSE_SERVICE_HANDLE
+          open_sc_manager_w_request       Svcctl::OPEN_SC_MANAGER_W
+          open_service_w_request          Svcctl::OPEN_SERVICE_W
+          query_service_status_request    Svcctl::QUERY_SERVICE_STATUS
+          query_service_config_w_request  Svcctl::QUERY_SERVICE_CONFIG_W
+          change_service_config_w_request Svcctl::CHANGE_SERVICE_CONFIG_W
+          start_service_w_request         Svcctl::START_SERVICE_W
+          control_service_request         Svcctl::CONTROL_SERVICE
+          close_service_handle_request    Svcctl::CLOSE_SERVICE_HANDLE
           string                          :default
         end
+        choice 'Samr', selection: -> { opnum } do
+          samr_connect_request                     Samr::SAMR_CONNECT
+          samr_lookup_domain_in_sam_server_request Samr::SAMR_LOOKUP_DOMAIN_IN_SAM_SERVER
+          samr_open_domain_request                 Samr::SAMR_OPEN_DOMAIN
+          samr_enumerate_users_in_domain_request   Samr::SAMR_ENUMERATE_USERS_IN_DOMAIN
+          samr_rid_to_sid_request                  Samr::SAMR_RID_TO_SID
+          samr_close_handle_request                Samr::SAMR_CLOSE_HANDLE
+          samr_get_alias_membership_request        Samr::SAMR_GET_ALIAS_MEMBERSHIP
+          samr_open_user_request                   Samr::SAMR_OPEN_USER
+          samr_get_groups_for_user_request         Samr::SAMR_GET_GROUPS_FOR_USER
+          string                                   :default
+        end
+        choice 'Wkssvc', selection: -> { opnum } do
+          netr_wksta_get_info_request Wkssvc::NETR_WKSTA_GET_INFO
+          string                      :default
+        end
+        choice 'Epm', selection: -> { opnum } do
+          epm_ept_map_request RubySMB::Dcerpc::Epm::EPT_MAP
+          string                      :default
+        end
+        choice 'Drsr', selection: -> { opnum } do
+          drs_bind_request                   Drsr::DRS_BIND
+          drs_unbind_request                 Drsr::DRS_UNBIND
+          drs_domain_controller_info_request Drsr::DRS_DOMAIN_CONTROLLER_INFO
+          drs_crack_names_request            Drsr::DRS_CRACK_NAMES
+          drs_get_nc_changes_request         Drsr::DRS_GET_NC_CHANGES
+          string                      :default
+        end
         string :default
       end
+      string      :auth_pad,
+        onlyif: -> { has_auth_verifier? },
+        length: -> { (16 - (stub.num_bytes % 16)) % 16 }
 
-      string :auth_verifier, label: 'Authentication verifier',
-        onlyif:      -> { pdu_header.auth_length > 0 },
+      # Auth Verifier
+      sec_trailer :sec_trailer, onlyif: -> { has_auth_verifier? }
+      string      :auth_value, label: 'Authentication verifier',
+        onlyif:      -> { has_auth_verifier? },
         read_length: -> { pdu_header.auth_length }
 
       def initialize_instance
         super
-        pdu_header.ptype = RubySMB::Dcerpc::PTypes::REQUEST
+        pdu_header.ptype = PTYPE
       end
+
+      def enable_encrypted_stub
+        @params[:endpoint] = 'Encrypted'
+      end
+
+      def has_auth_verifier?
+        self.pdu_header.auth_length > 0
+      end
+
     end
   end
 end

data/lib/ruby_smb/dcerpc/response.rb

@@ -3,24 +3,59 @@ module RubySMB
     # The Response PDU as defined in
     # [The response PDU](http://pubs.opengroup.org/onlinepubs/9629399/chap12.htm#tagcjh_17_06_04_10)
     class Response < BinData::Record
-      endian :little
+      PTYPE = PTypes::RESPONSE
 
-      pdu_header :pdu_header, label: 'PDU header'
+      endian :little
 
-      uint32 :alloc_hint,    label: 'Allocation hint',  initial_value: -> { stub.do_num_bytes }
-      uint16 :p_cont_id,     label: 'Presentation context identification'
-      uint8  :cancel_count,  label: 'Cancel count'
-      uint8  :reserved
+      # PDU Header
+      pdu_header  :pdu_header, label: 'PDU header common fields'
+      uint32      :alloc_hint, label: 'Allocation hint',  initial_value: -> { stub.do_num_bytes }
+      uint16      :p_cont_id, label: 'Presentation context identification'
+      uint8       :cancel_count, label: 'Cancel count'
+      uint8       :reserved
 
-      string :stub,          label: 'Stub', read_length: -> { pdu_header.frag_length - stub.abs_offset - pdu_header.auth_length }
+      # PDU Body
+      string      :stub, label: 'Stub', read_length: -> { stub_length }
+      string      :auth_pad,
+        onlyif: -> { has_auth_verifier? },
+        length: -> { (16 - (stub.num_bytes % 16)) % 16 }
 
-      string :auth_verifier, label: 'Authentication verifier',
-        onlyif: -> { pdu_header.auth_length > 0 },
+      # Auth Verifier
+      sec_trailer :sec_trailer, onlyif: -> { has_auth_verifier? }
+      string      :auth_value, label: 'Authentication verifier',
+        onlyif: -> { has_auth_verifier? },
         read_length: -> { pdu_header.auth_length }
 
       def initialize_instance
         super
-        pdu_header.ptype = RubySMB::Dcerpc::PTypes::RESPONSE
+        pdu_header.ptype = PTYPE
+      end
+
+      def has_auth_verifier?
+        self.pdu_header.auth_length > 0
+      end
+
+      def stub_length
+        stub_length = pdu_header.frag_length - stub.rel_offset
+        if has_auth_verifier?
+          # Note that the resulting stub length includes auth_pad. We will be
+          # able to separate the auth_pad from the stub once the sec_trailer
+          # structure is read.
+          stub_length -= (sec_trailer.num_bytes + pdu_header.auth_length)
+        end
+        stub_length
+      end
+
+      def read(io)
+        super
+        if has_auth_verifier? && sec_trailer.auth_pad_length > 0
+          # At this point, auth_pad is at the end of the stub. We need to move
+          # it to the correct field. It is now possible since we know its
+          # length from the sec_trailer auth_pad_length field.
+          pad = stub[-(sec_trailer.auth_pad_length)..-1]
+          stub.assign(stub[0...-(sec_trailer.auth_pad_length)])
+          auth_pad.assign(pad)
+        end
       end
     end
   end

data/lib/ruby_smb/dcerpc/rpc_auth3.rb

@@ -0,0 +1,28 @@
+module RubySMB
+  module Dcerpc
+
+    # [2.2.2.10 rpc_auth_3 PDU](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/a6b7b03c-4ac5-4c25-8c52-f2bec872ac97)
+    class RpcAuth3 < BinData::Record
+      PTYPE = PTypes::RPC_AUTH3
+
+      endian :little
+
+      # PDU Header
+      pdu_header  :pdu_header
+      uint32      :pad
+
+      # Auth Verifier
+      sec_trailer :sec_trailer, onlyif: -> { pdu_header.auth_length > 0 }
+      string      :auth_value,
+        onlyif: -> { pdu_header.auth_length > 0 },
+        read_length: -> { pdu_header.auth_length }
+
+      def initialize_instance
+        super
+        pdu_header.ptype = PTYPE
+      end
+    end
+  end
+end
+
+

data/lib/ruby_smb/dcerpc/rpc_security_attributes.rb

@@ -3,30 +3,30 @@ module RubySMB
 
     # This class represents a RPC_SECURITY_DESCRIPTOR structure as defined in
     # [2.2.8 RPC_SECURITY_DESCRIPTOR](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/9729e781-8eb9-441b-82ca-e898f98d29c2)
-    class RpcSecurityDescriptor < BinData::Record
+    class RpcSecurityDescriptor < Ndr::NdrStruct
+      default_parameters byte_align: 4
       endian :little
 
-      ndr_lp_byte_array :lp_security_descriptor
-      uint32            :cb_in_security_descriptor
-      uint32            :cb_out_security_descriptor
+      ndr_byte_array_ptr :lp_security_descriptor
+      ndr_uint32         :cb_in_security_descriptor
+      ndr_uint32         :cb_out_security_descriptor
     end
 
     # This class represents a RPC_SECURITY_ATTRIBUTES structure as defined in
     # [2.2.7 RPC_SECURITY_ATTRIBUTES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/bc37b8cf-8c94-4804-ad53-0aaf5eaf0ecb)
-    class RpcSecurityAttributes < BinData::Record
+    class RpcSecurityAttributes < Ndr::NdrStruct
+      default_parameters byte_align: 4
       endian :little
 
-      uint32                  :n_length
+      ndr_uint32              :n_length
       rpc_security_descriptor :rpc_security_descriptor
-      uint8                   :b_inheritHandle
+      ndr_uint8               :b_inheritHandle
     end
 
     # This class represents a pointer to a RPC_SECURITY_ATTRIBUTES structure as defined in
     # [2.2.7 RPC_SECURITY_ATTRIBUTES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/bc37b8cf-8c94-4804-ad53-0aaf5eaf0ecb)
-    class PrpcSecurityAttributes < Ndr::NdrPointer
-      endian :little
-
-      rpc_security_attributes :referent, onlyif: -> { self.referent_id != 0 }
+    class PrpcSecurityAttributes < RpcSecurityAttributes
+      extend Ndr::PointerClassPlugin
     end
 
   end

data/lib/ruby_smb/dcerpc/rrp_rpc_unicode_string.rb

@@ -0,0 +1,118 @@
+module RubySMB
+  module Dcerpc
+
+    # A RRP_UNICODE_STRING structure as defined in
+    # [2.2.4 RRP_UNICODE_STRING](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/c0c90f11-a4c4-496a-ac09-8a8a3697ceef)
+    class RrpUnicodeString < Ndr::NdrStruct
+      default_parameters byte_align: 4
+      endian :little
+
+      ndr_uint16           :buffer_length
+      ndr_uint16           :maximum_length
+      ndr_wide_stringz_ptr :buffer
+
+      def assign(val)
+        case val
+        when :null
+          self.buffer = val
+          self.buffer_length = 0
+          self.maximum_length = 0
+        when BinData::Stringz, BinData::String, String
+          self.buffer = val.to_s
+          val_length = val.strip.length
+          val_length += 1 unless val == ''
+          self.buffer_length = val_length * 2
+          self.maximum_length = val_length * 2
+        else
+          super
+        end
+      end
+
+      # Set `maximum_length` and buffer `max_count` values to `val`. It also
+      # takes care of initializing the buffer pointer `ref_id` if the pointer
+      # is null.
+      #
+      # This helper is typically called in requests where a unicode string
+      # field needs to contain the maximum length information without any
+      # string value. It is usually required by some RPC calls and used by the
+      # server to determine the maximum length for the corresponding output
+      # field in order to allocate space accordingly.
+      def set_max_buffer_size(val)
+        self.buffer.instantiate_referent if self.buffer.is_null_ptr?
+        self.buffer.max_count = val / 2
+        self.maximum_length.assign(val)
+      end
+
+      def to_s
+        return ''.encode('utf-16le') if self.buffer.is_null_ptr?
+        self.buffer.to_s
+      end
+    end
+
+    # A pointer to a RRP_UNICODE_STRING structure
+    class PrrpUnicodeString < RrpUnicodeString
+      extend Ndr::PointerClassPlugin
+    end
+
+    # A RPC_UNICODE_STRING structure as defined in
+    # [2.3.10 RPC_UNICODE_STRING](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/94a16bb6-c610-4cb9-8db6-26f15f560061)
+    class RpcUnicodeString < Ndr::NdrStruct
+      # Same as RrpUnicodeString, but not necessary null terminated
+      #
+      # It is the caller responsability to null terminate the string, if it has
+      # to. This structure won't do it automatically the way RrpUnicodeString
+      # do.
+      #
+      # It also takes care of detecting the terminating null character and
+      # exclude when calculating buffer_length and maximum_length.
+      default_parameters byte_align: 4
+      endian :little
+
+      ndr_uint16          :buffer_length
+      ndr_uint16          :maximum_length
+      ndr_wide_string_ptr :buffer
+
+      def assign(val)
+        case val
+        when :null
+          self.buffer = val
+          self.buffer_length = 0
+          self.maximum_length = 0
+        when BinData::Stringz, BinData::String, String
+          self.buffer = val.to_s
+          val_length = val.strip.length
+          self.buffer_length = val_length * 2
+          self.maximum_length = val_length * 2
+        else
+          super
+        end
+      end
+
+      # Set `maximum_length` and buffer `max_count` values to `val`. It also
+      # takes care of initializing the buffer pointer `ref_id` if the pointer
+      # is null.
+      #
+      # This helper is typically called in requests where a unicode string
+      # field needs to contain the maximum length information without any
+      # string value. It is usually required by some RPC calls and used by the
+      # server to determine the maximum length for the corresponding output
+      # field in order to allocate space accordingly.
+      def set_max_buffer_size(val)
+        self.buffer.instantiate_referent if self.buffer.is_null_ptr?
+        self.buffer.max_count = val / 2
+        self.maximum_length.assign(val)
+      end
+
+      def to_s
+        return ''.encode('utf-16le') if self.buffer.is_null_ptr?
+        self.buffer.to_s
+      end
+    end
+
+    # A pointer to a RPC_UNICODE_STRING structure
+    class PrpcUnicodeString < RpcUnicodeString
+      extend Ndr::PointerClassPlugin
+    end
+  end
+end
+