forked from osmocom/wireshark
when kerberos claims a conversation, it only claims it for the source port
since a KDC MIGTH send the reply back from a different port. Then comes X.L's capture (ethereal-dev) 816fc4.cap from 16Aug2005 where the client is reusing the same source port to talk to DNS after finishing doing the port 88 KDC stuff. ==> Make kerberos/udp able to test the packet for sanity and reject packets that do not look like kerberos (even if there was a conversation that said it was kerberos) and thus let other dissectors have a go at it. in doubt, try 816fc4.cap before and after this patch :-) svn path=/trunk/; revision=15405
This commit is contained in:
parent
d5891d9623
commit
2edce4224d
|
@ -3732,8 +3732,7 @@ dissect_kerberos_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
|||
if (check_col(pinfo->cinfo, COL_PROTOCOL))
|
||||
col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
|
||||
|
||||
(void)dissect_kerberos_common(tvb, pinfo, tree, TRUE, FALSE, NULL);
|
||||
return tvb_length(tvb);
|
||||
return dissect_kerberos_common(tvb, pinfo, tree, TRUE, FALSE, NULL);
|
||||
}
|
||||
|
||||
static gint
|
||||
|
@ -3836,6 +3835,43 @@ dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
|
|||
offset += 4;
|
||||
}
|
||||
|
||||
/* Do some sanity checking here,
|
||||
* All krb5 packets start with a TAG class that is BER_CLASS_APP
|
||||
* and a tag value that is either of the values below:
|
||||
* If it doesnt look like kerberos, return 0 and let someone else have
|
||||
* a go at it.
|
||||
*/
|
||||
if (!have_rm) {
|
||||
gint8 tmp_class;
|
||||
gboolean tmp_pc;
|
||||
gint32 tmp_tag;
|
||||
|
||||
get_ber_identifier(tvb, offset, &tmp_class, &tmp_pc, &tmp_tag);
|
||||
if(tmp_class!=BER_CLASS_APP){
|
||||
return 0;
|
||||
}
|
||||
switch(tmp_tag){
|
||||
case KRB5_MSG_AUTHENTICATOR:
|
||||
case KRB5_MSG_ENC_TICKET_PART:
|
||||
case KRB5_MSG_AS_REQ:
|
||||
case KRB5_MSG_AS_REP:
|
||||
case KRB5_MSG_TGS_REQ:
|
||||
case KRB5_MSG_TGS_REP:
|
||||
case KRB5_MSG_AP_REQ:
|
||||
case KRB5_MSG_AP_REP:
|
||||
case KRB5_MSG_ENC_AS_REP_PART:
|
||||
case KRB5_MSG_ENC_TGS_REP_PART:
|
||||
case KRB5_MSG_ENC_AP_REP_PART:
|
||||
case KRB5_MSG_ENC_KRB_PRIV_PART:
|
||||
case KRB5_MSG_SAFE:
|
||||
case KRB5_MSG_PRIV:
|
||||
case KRB5_MSG_ERROR:
|
||||
break;
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
TRY {
|
||||
offset=dissect_ber_choice(pinfo, kerberos_tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
|
||||
} CATCH_ALL {
|
||||
|
|
Loading…
Reference in New Issue