forked from osmocom/wireshark
Adding support for GSSAPI GSS_Wrap tokens and refactoring the routine
that was already there. svn path=/trunk/; revision=7727
This commit is contained in:
Richard Sharpe
parent
f94c7971a5
commit
0d855d0ebc
122
packet-spnego.c
122
packet-spnego.c
|
|
@ -3,8 +3,9 @@
|
|||
* as described in RFC 2478.
|
||||
* Copyright 2002, Tim Potter <tpot@samba.org>
|
||||
* Copyright 2002, Richard Sharpe <rsharpe@ns.aus.com>
|
||||
* Copyright 2003, Richard Sharpe <rsharpe@richardsharpe.com>
|
||||
*
|
||||
* $Id: packet-spnego.c,v 1.44 2003/05/23 18:34:58 sharpe Exp $
|
||||
* $Id: packet-spnego.c,v 1.45 2003/05/24 05:05:26 sharpe Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
|
@ -169,6 +170,8 @@ static const value_string spnego_krb5_seal_alg_vals[] = {
|
|||
*/
|
||||
static int
|
||||
dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
|
||||
static int
|
||||
dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
|
||||
static void
|
||||
dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
|
|
@ -320,6 +323,7 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
|
||||
case KRB_TOKEN_WRAP:
|
||||
|
||||
offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree);
|
||||
break;
|
||||
|
||||
case KRB_TOKEN_DELETE_SEC_CONTEXT:
|
||||
|
|
@ -335,6 +339,74 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* XXX - This is for GSSAPI Wrap tokens ...
|
||||
*/
|
||||
static int
|
||||
dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
|
||||
{
|
||||
guint16 sgn_alg;
|
||||
|
||||
/*
|
||||
* The KRB5 blob conforms to RFC1964:
|
||||
* USHORT (0x0102 == GSS_Wrap)
|
||||
* and so on }
|
||||
*/
|
||||
|
||||
/* Now, the sign and seal algorithms ... */
|
||||
|
||||
sgn_alg = tvb_get_letohs(tvb, offset);
|
||||
proto_tree_add_uint(tree, hf_spnego_krb5_sgn_alg, tvb, offset, 2,
|
||||
sgn_alg);
|
||||
|
||||
offset += 2;
|
||||
|
||||
proto_tree_add_item(tree, hf_spnego_krb5_seal_alg, tvb, offset, 2,
|
||||
TRUE);
|
||||
|
||||
offset += 2;
|
||||
|
||||
/* Skip the filler */
|
||||
|
||||
offset += 2;
|
||||
|
||||
/* Encrypted sequence number */
|
||||
|
||||
proto_tree_add_item(tree, hf_spnego_krb5_snd_seq, tvb, offset, 8,
|
||||
TRUE);
|
||||
|
||||
offset += 8;
|
||||
|
||||
/* Checksum of plaintext padded data */
|
||||
|
||||
proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, 8,
|
||||
TRUE);
|
||||
|
||||
offset += 8;
|
||||
|
||||
/*
|
||||
* At least according to draft-brezak-win2k-krb-rc4-hmac-04,
|
||||
* if the signing algorithm is KRB_SGN_ALG_HMAC, there's an
|
||||
* extra 8 bytes of "Random confounder" after the checksum.
|
||||
* It certainly confounds code expecting all Kerberos 5
|
||||
* GSS_Wrap() tokens to look the same....
|
||||
*/
|
||||
if (sgn_alg == KRB_SGN_ALG_HMAC) {
|
||||
proto_tree_add_item(tree, hf_spnego_krb5_confounder, tvb, offset, 8,
|
||||
TRUE);
|
||||
|
||||
offset += 8;
|
||||
}
|
||||
|
||||
/*
|
||||
* Return the offset past the checksum, so that we know where
|
||||
* the data we're wrapped around starts. Also, set the length
|
||||
* of our top-level item to that offset, so it doesn't cover
|
||||
* the data we're wrapped around.
|
||||
*/
|
||||
return offset;
|
||||
}
|
||||
|
||||
/*
|
||||
* XXX - This is for GSSAPI GetMIC tokens ...
|
||||
*/
|
||||
|
|
@ -412,7 +484,6 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree
|
|||
proto_item *item;
|
||||
proto_tree *subtree;
|
||||
int offset = 0;
|
||||
guint16 sgn_alg;
|
||||
|
||||
item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, 0, -1, FALSE);
|
||||
|
||||
|
|
@ -431,52 +502,9 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree
|
|||
|
||||
offset += 2;
|
||||
|
||||
/* Now, the sign and seal algorithms ... */
|
||||
offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree);
|
||||
|
||||
sgn_alg = tvb_get_letohs(tvb, offset);
|
||||
proto_tree_add_uint(subtree, hf_spnego_krb5_sgn_alg, tvb, offset, 2,
|
||||
sgn_alg);
|
||||
|
||||
offset += 2;
|
||||
|
||||
proto_tree_add_item(subtree, hf_spnego_krb5_seal_alg, tvb, offset, 2,
|
||||
TRUE);
|
||||
|
||||
offset += 2;
|
||||
|
||||
/* Skip the filler */
|
||||
|
||||
offset += 2;
|
||||
|
||||
/* Encrypted sequence number */
|
||||
|
||||
proto_tree_add_item(subtree, hf_spnego_krb5_snd_seq, tvb, offset, 8,
|
||||
TRUE);
|
||||
|
||||
offset += 8;
|
||||
|
||||
/* Checksum of plaintext padded data */
|
||||
|
||||
proto_tree_add_item(subtree, hf_spnego_krb5_sgn_cksum, tvb, offset, 8,
|
||||
TRUE);
|
||||
|
||||
offset += 8;
|
||||
|
||||
/*
|
||||
* At least according to draft-brezak-win2k-krb-rc4-hmac-04,
|
||||
* if the signing algorithm is KRB_SGN_ALG_HMAC, there's an
|
||||
* extra 8 bytes of "Random confounder" after the checksum.
|
||||
* It certainly confounds code expecting all Kerberos 5
|
||||
* GSS_Wrap() tokens to look the same....
|
||||
*/
|
||||
if (sgn_alg == KRB_SGN_ALG_HMAC) {
|
||||
proto_tree_add_item(subtree, hf_spnego_krb5_confounder, tvb, offset, 8,
|
||||
TRUE);
|
||||
|
||||
offset += 8;
|
||||
}
|
||||
|
||||
/*
|
||||
/*
|
||||
* Return the offset past the checksum, so that we know where
|
||||
* the data we're wrapped around starts. Also, set the length
|
||||
* of our top-level item to that offset, so it doesn't cover
|
||||
|
|
|
|||
Loading…
Reference in New Issue