forked from osmocom/wireshark
Kerberos: Update and fix KDCOptions and TicketFlags
Fix and update KDCOptions and TicketFlags. Used references: * https://github.com/heimdal/heimdal/blob/master/lib/asn1/krb5.asn1#L330 * https://msdn.microsoft.com/en-us/library/cc246090.aspx * https://tools.ietf.org/html/rfc8062#section-3 Bug: 14261 Change-Id: I0e34425fc35e0eba14c700f82cbf2441365b139d Reviewed-on: https://code.wireshark.org/review/24863 Reviewed-by: Anders Broman <a.broman58@gmail.com> Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit is contained in:
parent
0b88544b07
commit
18c42e1dca
|
@ -354,7 +354,7 @@ TicketFlags ::= BIT STRING {
|
|||
hw-authent(11),
|
||||
transited-policy-checked(12),
|
||||
ok-as-delegate(13),
|
||||
anonymous-14(14),
|
||||
unused(14),
|
||||
enc-pa-rep(15),
|
||||
anonymous(16)
|
||||
}
|
||||
|
@ -372,12 +372,24 @@ KDCOptions ::= BIT STRING {
|
|||
unused9(9),
|
||||
unused10(10),
|
||||
opt-hardware-auth(11), -- taken from KerberosV5Spec2.asn
|
||||
request-anonymous(14),
|
||||
unused12(12),
|
||||
unused13(13),
|
||||
constrained-delegation(14), -- ms extension (aka cname-in-addl-tkt)
|
||||
canonicalize(15),
|
||||
constrained-delegation(16), -- ms extension
|
||||
request-anonymous(16),
|
||||
unused17(17),
|
||||
unused18(18),
|
||||
unused19(19),
|
||||
unused20(20),
|
||||
unused21(21),
|
||||
unused22(22),
|
||||
unused23(23),
|
||||
unused24(24),
|
||||
unused25(25),
|
||||
disable-transited-check(26),
|
||||
renewable-ok(27),
|
||||
enc-tkt-in-skey(28),
|
||||
unused29(29),
|
||||
renew(30),
|
||||
validate(31)
|
||||
}
|
||||
|
|
|
@ -346,7 +346,7 @@ static int hf_kerberos_TicketFlags_pre_authent = -1;
|
|||
static int hf_kerberos_TicketFlags_hw_authent = -1;
|
||||
static int hf_kerberos_TicketFlags_transited_policy_checked = -1;
|
||||
static int hf_kerberos_TicketFlags_ok_as_delegate = -1;
|
||||
static int hf_kerberos_TicketFlags_anonymous_14 = -1;
|
||||
static int hf_kerberos_TicketFlags_unused = -1;
|
||||
static int hf_kerberos_TicketFlags_enc_pa_rep = -1;
|
||||
static int hf_kerberos_TicketFlags_anonymous = -1;
|
||||
static int hf_kerberos_KDCOptions_reserved = -1;
|
||||
|
@ -361,12 +361,24 @@ static int hf_kerberos_KDCOptions_renewable = -1;
|
|||
static int hf_kerberos_KDCOptions_unused9 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused10 = -1;
|
||||
static int hf_kerberos_KDCOptions_opt_hardware_auth = -1;
|
||||
static int hf_kerberos_KDCOptions_request_anonymous = -1;
|
||||
static int hf_kerberos_KDCOptions_canonicalize = -1;
|
||||
static int hf_kerberos_KDCOptions_unused12 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused13 = -1;
|
||||
static int hf_kerberos_KDCOptions_constrained_delegation = -1;
|
||||
static int hf_kerberos_KDCOptions_canonicalize = -1;
|
||||
static int hf_kerberos_KDCOptions_request_anonymous = -1;
|
||||
static int hf_kerberos_KDCOptions_unused17 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused18 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused19 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused20 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused21 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused22 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused23 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused24 = -1;
|
||||
static int hf_kerberos_KDCOptions_unused25 = -1;
|
||||
static int hf_kerberos_KDCOptions_disable_transited_check = -1;
|
||||
static int hf_kerberos_KDCOptions_renewable_ok = -1;
|
||||
static int hf_kerberos_KDCOptions_enc_tkt_in_skey = -1;
|
||||
static int hf_kerberos_KDCOptions_unused29 = -1;
|
||||
static int hf_kerberos_KDCOptions_renew = -1;
|
||||
static int hf_kerberos_KDCOptions_validate = -1;
|
||||
|
||||
|
@ -2707,7 +2719,7 @@ static const asn_namedbit TicketFlags_bits[] = {
|
|||
{ 11, &hf_kerberos_TicketFlags_hw_authent, -1, -1, "hw-authent", NULL },
|
||||
{ 12, &hf_kerberos_TicketFlags_transited_policy_checked, -1, -1, "transited-policy-checked", NULL },
|
||||
{ 13, &hf_kerberos_TicketFlags_ok_as_delegate, -1, -1, "ok-as-delegate", NULL },
|
||||
{ 14, &hf_kerberos_TicketFlags_anonymous_14, -1, -1, "anonymous-14", NULL },
|
||||
{ 14, &hf_kerberos_TicketFlags_unused, -1, -1, "unused", NULL },
|
||||
{ 15, &hf_kerberos_TicketFlags_enc_pa_rep, -1, -1, "enc-pa-rep", NULL },
|
||||
{ 16, &hf_kerberos_TicketFlags_anonymous, -1, -1, "anonymous", NULL },
|
||||
{ 0, NULL, 0, 0, NULL, NULL }
|
||||
|
@ -3128,12 +3140,24 @@ static const asn_namedbit KDCOptions_bits[] = {
|
|||
{ 9, &hf_kerberos_KDCOptions_unused9, -1, -1, "unused9", NULL },
|
||||
{ 10, &hf_kerberos_KDCOptions_unused10, -1, -1, "unused10", NULL },
|
||||
{ 11, &hf_kerberos_KDCOptions_opt_hardware_auth, -1, -1, "opt-hardware-auth", NULL },
|
||||
{ 14, &hf_kerberos_KDCOptions_request_anonymous, -1, -1, "request-anonymous", NULL },
|
||||
{ 12, &hf_kerberos_KDCOptions_unused12, -1, -1, "unused12", NULL },
|
||||
{ 13, &hf_kerberos_KDCOptions_unused13, -1, -1, "unused13", NULL },
|
||||
{ 14, &hf_kerberos_KDCOptions_constrained_delegation, -1, -1, "constrained-delegation", NULL },
|
||||
{ 15, &hf_kerberos_KDCOptions_canonicalize, -1, -1, "canonicalize", NULL },
|
||||
{ 16, &hf_kerberos_KDCOptions_constrained_delegation, -1, -1, "constrained-delegation", NULL },
|
||||
{ 16, &hf_kerberos_KDCOptions_request_anonymous, -1, -1, "request-anonymous", NULL },
|
||||
{ 17, &hf_kerberos_KDCOptions_unused17, -1, -1, "unused17", NULL },
|
||||
{ 18, &hf_kerberos_KDCOptions_unused18, -1, -1, "unused18", NULL },
|
||||
{ 19, &hf_kerberos_KDCOptions_unused19, -1, -1, "unused19", NULL },
|
||||
{ 20, &hf_kerberos_KDCOptions_unused20, -1, -1, "unused20", NULL },
|
||||
{ 21, &hf_kerberos_KDCOptions_unused21, -1, -1, "unused21", NULL },
|
||||
{ 22, &hf_kerberos_KDCOptions_unused22, -1, -1, "unused22", NULL },
|
||||
{ 23, &hf_kerberos_KDCOptions_unused23, -1, -1, "unused23", NULL },
|
||||
{ 24, &hf_kerberos_KDCOptions_unused24, -1, -1, "unused24", NULL },
|
||||
{ 25, &hf_kerberos_KDCOptions_unused25, -1, -1, "unused25", NULL },
|
||||
{ 26, &hf_kerberos_KDCOptions_disable_transited_check, -1, -1, "disable-transited-check", NULL },
|
||||
{ 27, &hf_kerberos_KDCOptions_renewable_ok, -1, -1, "renewable-ok", NULL },
|
||||
{ 28, &hf_kerberos_KDCOptions_enc_tkt_in_skey, -1, -1, "enc-tkt-in-skey", NULL },
|
||||
{ 29, &hf_kerberos_KDCOptions_unused29, -1, -1, "unused29", NULL },
|
||||
{ 30, &hf_kerberos_KDCOptions_renew, -1, -1, "renew", NULL },
|
||||
{ 31, &hf_kerberos_KDCOptions_validate, -1, -1, "validate", NULL },
|
||||
{ 0, NULL, 0, 0, NULL, NULL }
|
||||
|
@ -5467,8 +5491,8 @@ void proto_register_kerberos(void) {
|
|||
{ "ok-as-delegate", "kerberos.ok-as-delegate",
|
||||
FT_BOOLEAN, 8, NULL, 0x04,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_TicketFlags_anonymous_14,
|
||||
{ "anonymous-14", "kerberos.anonymous-14",
|
||||
{ &hf_kerberos_TicketFlags_unused,
|
||||
{ "unused", "kerberos.unused",
|
||||
FT_BOOLEAN, 8, NULL, 0x02,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_TicketFlags_enc_pa_rep,
|
||||
|
@ -5527,18 +5551,62 @@ void proto_register_kerberos(void) {
|
|||
{ "opt-hardware-auth", "kerberos.opt-hardware-auth",
|
||||
FT_BOOLEAN, 8, NULL, 0x10,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_request_anonymous,
|
||||
{ "request-anonymous", "kerberos.request-anonymous",
|
||||
{ &hf_kerberos_KDCOptions_unused12,
|
||||
{ "unused12", "kerberos.unused12",
|
||||
FT_BOOLEAN, 8, NULL, 0x08,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused13,
|
||||
{ "unused13", "kerberos.unused13",
|
||||
FT_BOOLEAN, 8, NULL, 0x04,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_constrained_delegation,
|
||||
{ "constrained-delegation", "kerberos.constrained-delegation",
|
||||
FT_BOOLEAN, 8, NULL, 0x02,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_canonicalize,
|
||||
{ "canonicalize", "kerberos.canonicalize",
|
||||
FT_BOOLEAN, 8, NULL, 0x01,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_constrained_delegation,
|
||||
{ "constrained-delegation", "kerberos.constrained-delegation",
|
||||
{ &hf_kerberos_KDCOptions_request_anonymous,
|
||||
{ "request-anonymous", "kerberos.request-anonymous",
|
||||
FT_BOOLEAN, 8, NULL, 0x80,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused17,
|
||||
{ "unused17", "kerberos.unused17",
|
||||
FT_BOOLEAN, 8, NULL, 0x40,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused18,
|
||||
{ "unused18", "kerberos.unused18",
|
||||
FT_BOOLEAN, 8, NULL, 0x20,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused19,
|
||||
{ "unused19", "kerberos.unused19",
|
||||
FT_BOOLEAN, 8, NULL, 0x10,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused20,
|
||||
{ "unused20", "kerberos.unused20",
|
||||
FT_BOOLEAN, 8, NULL, 0x08,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused21,
|
||||
{ "unused21", "kerberos.unused21",
|
||||
FT_BOOLEAN, 8, NULL, 0x04,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused22,
|
||||
{ "unused22", "kerberos.unused22",
|
||||
FT_BOOLEAN, 8, NULL, 0x02,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused23,
|
||||
{ "unused23", "kerberos.unused23",
|
||||
FT_BOOLEAN, 8, NULL, 0x01,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused24,
|
||||
{ "unused24", "kerberos.unused24",
|
||||
FT_BOOLEAN, 8, NULL, 0x80,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused25,
|
||||
{ "unused25", "kerberos.unused25",
|
||||
FT_BOOLEAN, 8, NULL, 0x40,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_disable_transited_check,
|
||||
{ "disable-transited-check", "kerberos.disable-transited-check",
|
||||
FT_BOOLEAN, 8, NULL, 0x20,
|
||||
|
@ -5551,6 +5619,10 @@ void proto_register_kerberos(void) {
|
|||
{ "enc-tkt-in-skey", "kerberos.enc-tkt-in-skey",
|
||||
FT_BOOLEAN, 8, NULL, 0x08,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_unused29,
|
||||
{ "unused29", "kerberos.unused29",
|
||||
FT_BOOLEAN, 8, NULL, 0x04,
|
||||
NULL, HFILL }},
|
||||
{ &hf_kerberos_KDCOptions_renew,
|
||||
{ "renew", "kerberos.renew",
|
||||
FT_BOOLEAN, 8, NULL, 0x02,
|
||||
|
|
Loading…
Reference in New Issue