osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Tvbuffify the ASN.1 code and the Kerberos, LDAP, and SNMP dissectors. 

Clean up some problems that revealed.

svn path=/trunk/; revision=3301
This commit is contained in:
Guy Harris 2001-04-15 07:30:03 +00:00
parent f8c9764894
commit b0e06bd8d1
7 changed files with 619 additions and 607 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

148
asn1.c
View File

@ -1,7 +1,7 @@
/* asn1.c /* asn1.c
* Routines for ASN.1 BER dissection * Routines for ASN.1 BER dissection
* *
* $Id: asn1.c,v 1.6 2000/12/24 09:10:11 guy Exp $ * $Id: asn1.c,v 1.7 2001/04/15 07:30:02 guy Exp $
* *
* Ethereal - Network traffic analyzer * Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org> * By Gerald Combs <gerald@zing.org>
@ -41,14 +41,14 @@
* *
* To decode this we must do: * To decode this we must do:
* *
* asn1_open (asn1, buf_start, buf_len); * asn1_open (asn1, tvb, offset);
* asn1_header_decode (asn1, &end_of_seq, cls, con, tag, def, len); * asn1_header_decode (asn1, &end_of_seq, cls, con, tag, def, len);
* asn1_header_decode (asn1, &end_of_octs, cls, con, tag, def, len); * asn1_header_decode (asn1, &end_of_octs, cls, con, tag, def, len);
* asn1_octets_decode (asn1, end_of_octs, str, len); * asn1_octets_decode (asn1, end_of_octs, str, len);
* asn1_header_decode (asn1, &end_of_int, cls, con, tag); * asn1_header_decode (asn1, &end_of_int, cls, con, tag);
* asn1_int_decode (asn1, end_of_int, &integer); * asn1_int_decode (asn1, end_of_int, &integer);
* asn1_eoc_decode (asn1, end_of_seq); * asn1_eoc_decode (asn1, end_of_seq);
* asn1_close (asn1, &buf_start, &buf_len); * asn1_close (asn1, &offset);
* *
* For indefinite encoding end_of_seq and &end_of_seq in the * For indefinite encoding end_of_seq and &end_of_seq in the
* example above should be replaced by NULL. * example above should be replaced by NULL.
@ -70,32 +70,32 @@
#endif #endif
#include <glib.h> #include <glib.h>
#include "tvbuff.h"
#include "asn1.h" #include "asn1.h"
/* /*
* NAME: asn1_open [API] * NAME: asn1_open [API]
* SYNOPSIS: void asn1_open * SYNOPSIS: void asn1_open
* ( * (
* ASN1_SCK *asn1, * ASN1_SCK *asn1,
* const guchar *buf, * tvbuff_t *tvb,
* guint len, * int offset
* ) * )
* DESCRIPTION: Opens an ASN1 socket. * DESCRIPTION: Opens an ASN1 socket.
* Parameters: * Parameters:
* asn1: pointer to ASN1 socket. * asn1: pointer to ASN1 socket.
* buf: Character buffer for encoding. * tvb: Tvbuff for encoding.
* len: Length of character buffer. * offset: Current offset in tvbuff.
* Encoding starts at the end of the buffer, and * Encoding starts at the end of the buffer, and
* proceeds to the beginning. * proceeds to the beginning.
* RETURNS: void * RETURNS: void
*/ */
void void
asn1_open(ASN1_SCK *asn1, const guchar *buf, guint len) asn1_open(ASN1_SCK *asn1, tvbuff_t *tvb, int offset)
{ {
asn1->begin = buf; asn1->tvb = tvb;
asn1->end = buf + len; asn1->offset = offset;
asn1->pointer = buf;
} }
/* /*
@ -103,22 +103,20 @@ asn1_open(ASN1_SCK *asn1, const guchar *buf, guint len)
* SYNOPSIS: void asn1_close * SYNOPSIS: void asn1_close
* ( * (
* ASN1_SCK *asn1, * ASN1_SCK *asn1,
* guchar **buf, * int *offset
* guint *len
* ) * )
* DESCRIPTION: Closes an ASN1 socket. * DESCRIPTION: Closes an ASN1 socket.
* Parameters: * Parameters:
* asn1: pointer to ASN1 socket. * asn1: pointer to ASN1 socket.
* buf: pointer to beginning of encoding. * offset: pointer to variable into which current offset is
* len: Length of encoding. * to be put.
* RETURNS: void * RETURNS: void
*/ */
void void
asn1_close(ASN1_SCK *asn1, const guchar **buf, guint *len) asn1_close(ASN1_SCK *asn1, int *offset)
{ {
*buf = asn1->pointer; *offset = asn1->offset;
*len = asn1->end - asn1->pointer;
} }
/* /*
@ -134,9 +132,8 @@ asn1_close(ASN1_SCK *asn1, const guchar **buf, guint *len)
int int
asn1_octet_decode(ASN1_SCK *asn1, guchar *ch) asn1_octet_decode(ASN1_SCK *asn1, guchar *ch)
{ {
if (asn1->pointer >= asn1->end) *ch = tvb_get_guint8(asn1->tvb, asn1->offset);
return ASN1_ERR_EMPTY; asn1->offset++;
*ch = *(asn1->pointer)++;
return ASN1_ERR_NOERROR; return ASN1_ERR_NOERROR;
} }
@ -291,22 +288,22 @@ asn1_header_decode(ASN1_SCK *asn1, guint *cls, guint *con, guint *tag,
* SYNOPSIS: gboolean asn1_eoc * SYNOPSIS: gboolean asn1_eoc
* ( * (
* ASN1_SCK *asn1, * ASN1_SCK *asn1,
* guchar *eoc * int eoc
* ) * )
* DESCRIPTION: Checks if decoding is at End Of Contents. * DESCRIPTION: Checks if decoding is at End Of Contents.
* Parameters: * Parameters:
* asn1: pointer to ASN1 socket. * asn1: pointer to ASN1 socket.
* eoc: pointer to end of encoding or 0 if * eoc: offset of end of encoding, or -1 if indefinite.
* indefinite.
* RETURNS: gboolean success * RETURNS: gboolean success
*/ */
gboolean gboolean
asn1_eoc ( ASN1_SCK *asn1, const guchar *eoc) asn1_eoc ( ASN1_SCK *asn1, int eoc)
{ {
if (eoc == 0) if (eoc == -1)
return (asn1->pointer [0] == 0x00 && asn1->pointer [1] == 0x00); return (tvb_get_guint8(asn1->tvb, asn1->offset) == 0x00
&& tvb_get_guint8(asn1->tvb, asn1->offset + 1) == 0x00);
else else
return (asn1->pointer >= eoc); return (asn1->offset >= eoc);
} }
/* /*
@ -314,31 +311,29 @@ asn1_eoc ( ASN1_SCK *asn1, const guchar *eoc)
* SYNOPSIS: int asn1_eoc_decode * SYNOPSIS: int asn1_eoc_decode
* ( * (
* ASN1_SCK *asn1, * ASN1_SCK *asn1,
* guchar *eoc * int eoc
* ) * )
* DESCRIPTION: Decodes End Of Contents. * DESCRIPTION: Decodes End Of Contents.
* Parameters: * Parameters:
* asn1: pointer to ASN1 socket. * asn1: pointer to ASN1 socket.
* eoc: pointer to end of encoding or 0 if * eoc: offset of end of encoding, or -1 if indefinite.
* indefinite. * If eoc is -1 it decodes an ASN1 End Of
* If eoc is 0 it decodes an ASN1 End Of
* Contents (0x00 0x00), so it has to be an * Contents (0x00 0x00), so it has to be an
* indefinite length encoding. If eoc is a * indefinite length encoding. If eoc is a non-negative
* character pointer, it probably was filled by * integer, it probably was filled by asn1_header_decode,
* asn1_header_decode, and should point to the octet * and should refer to the octet after the last of the encoding.
* after the last of the encoding. It is checked * It is checked if this offset refers to the octet to be
* if this pointer points to the octet to be
* decoded. This only takes place in decoding a * decoded. This only takes place in decoding a
* definite length encoding. * definite length encoding.
* RETURNS: ASN1_ERR value (ASN1_ERR_NOERROR on success) * RETURNS: ASN1_ERR value (ASN1_ERR_NOERROR on success)
*/ */
int int
asn1_eoc_decode (ASN1_SCK *asn1, const guchar *eoc) asn1_eoc_decode (ASN1_SCK *asn1, int eoc)
{ {
int ret; int ret;
guchar ch; guchar ch;
if (eoc == 0) { if (eoc == -1) {
ret = asn1_octet_decode (asn1, &ch); ret = asn1_octet_decode (asn1, &ch);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
return ret; return ret;
@ -351,7 +346,7 @@ asn1_eoc_decode (ASN1_SCK *asn1, const guchar *eoc)
return ASN1_ERR_EOC_MISMATCH; return ASN1_ERR_EOC_MISMATCH;
return ASN1_ERR_NOERROR; return ASN1_ERR_NOERROR;
} else { } else {
if (asn1->pointer != eoc) if (asn1->offset != eoc)
return ASN1_ERR_LENGTH_MISMATCH; return ASN1_ERR_LENGTH_MISMATCH;
return ASN1_ERR_NOERROR; return ASN1_ERR_NOERROR;
} }
@ -373,7 +368,7 @@ asn1_eoc_decode (ASN1_SCK *asn1, const guchar *eoc)
int int
asn1_null_decode ( ASN1_SCK *asn1, int enc_len) asn1_null_decode ( ASN1_SCK *asn1, int enc_len)
{ {
asn1->pointer += enc_len; asn1->offset += enc_len;
return ASN1_ERR_NOERROR; return ASN1_ERR_NOERROR;
} }
@ -427,17 +422,17 @@ int
asn1_int32_value_decode ( ASN1_SCK *asn1, int enc_len, gint32 *integer) asn1_int32_value_decode ( ASN1_SCK *asn1, int enc_len, gint32 *integer)
{ {
int ret; int ret;
const guchar *eoc; int eoc;
guchar ch; guchar ch;
guint len; guint len;
eoc = asn1->pointer + enc_len; eoc = asn1->offset + enc_len;
ret = asn1_octet_decode (asn1, &ch); ret = asn1_octet_decode (asn1, &ch);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
return ret; return ret;
*integer = (gint) ch; *integer = (gint) ch;
len = 1; len = 1;
while (asn1->pointer < eoc) { while (asn1->offset < eoc) {
if (++len > sizeof (gint32)) if (++len > sizeof (gint32))
return ASN1_ERR_WRONG_LENGTH_FOR_TYPE; return ASN1_ERR_WRONG_LENGTH_FOR_TYPE;
ret = asn1_octet_decode (asn1, &ch); ret = asn1_octet_decode (asn1, &ch);
@ -468,14 +463,14 @@ int
asn1_int32_decode ( ASN1_SCK *asn1, gint32 *integer, guint *nbytes) asn1_int32_decode ( ASN1_SCK *asn1, gint32 *integer, guint *nbytes)
{ {
int ret; int ret;
const guchar *start; int start;
guint cls; guint cls;
guint con; guint con;
guint tag; guint tag;
gboolean def; gboolean def;
guint enc_len; guint enc_len;
start = asn1->pointer; start = asn1->offset;
ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len); ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
goto done; goto done;
@ -490,7 +485,7 @@ asn1_int32_decode ( ASN1_SCK *asn1, gint32 *integer, guint *nbytes)
ret = asn1_int32_value_decode (asn1, enc_len, integer); ret = asn1_int32_value_decode (asn1, enc_len, integer);
done: done:
*nbytes = asn1->pointer - start; *nbytes = asn1->offset - start;
return ret; return ret;
} }
@ -514,11 +509,11 @@ int
asn1_uint32_value_decode ( ASN1_SCK *asn1, int enc_len, guint *integer) asn1_uint32_value_decode ( ASN1_SCK *asn1, int enc_len, guint *integer)
{ {
int ret; int ret;
const guchar *eoc; int eoc;
guchar ch; guchar ch;
guint len; guint len;
eoc = asn1->pointer + enc_len; eoc = asn1->offset + enc_len;
ret = asn1_octet_decode (asn1, &ch); ret = asn1_octet_decode (asn1, &ch);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
return ret; return ret;
@ -527,7 +522,7 @@ asn1_uint32_value_decode ( ASN1_SCK *asn1, int enc_len, guint *integer)
len = 0; len = 0;
else else
len = 1; len = 1;
while (asn1->pointer < eoc) { while (asn1->offset < eoc) {
if (++len > sizeof (guint32)) if (++len > sizeof (guint32))
return ASN1_ERR_WRONG_LENGTH_FOR_TYPE; return ASN1_ERR_WRONG_LENGTH_FOR_TYPE;
ret = asn1_octet_decode (asn1, &ch); ret = asn1_octet_decode (asn1, &ch);
@ -558,14 +553,14 @@ int
asn1_uint32_decode ( ASN1_SCK *asn1, guint32 *integer, guint *nbytes) asn1_uint32_decode ( ASN1_SCK *asn1, guint32 *integer, guint *nbytes)
{ {
int ret; int ret;
const guchar *start; int start;
guint cls; guint cls;
guint con; guint con;
guint tag; guint tag;
gboolean def; gboolean def;
guint enc_len; guint enc_len;
start = asn1->pointer; start = asn1->offset;
ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len); ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
goto done; goto done;
@ -580,7 +575,7 @@ asn1_uint32_decode ( ASN1_SCK *asn1, guint32 *integer, guint *nbytes)
ret = asn1_uint32_value_decode (asn1, enc_len, integer); ret = asn1_uint32_value_decode (asn1, enc_len, integer);
done: done:
*nbytes = asn1->pointer - start; *nbytes = asn1->offset - start;
return ret; return ret;
} }
@ -589,7 +584,7 @@ done:
* SYNOPSIS: int asn1_bits_decode * SYNOPSIS: int asn1_bits_decode
* ( * (
* ASN1_SCK *asn1, * ASN1_SCK *asn1,
* guchar *eoc, * int eoc,
* guchar *bits, * guchar *bits,
* guint size, * guint size,
* guint len, * guint len,
@ -598,8 +593,7 @@ done:
* DESCRIPTION: Decodes Bit String. * DESCRIPTION: Decodes Bit String.
* Parameters: * Parameters:
* asn1: pointer to ASN1 socket. * asn1: pointer to ASN1 socket.
* eoc: pointer to end of encoding or 0 if * eoc: offset of end of encoding, or -1 if indefinite.
* indefinite.
* bits: pointer to begin of Bit String. * bits: pointer to begin of Bit String.
* size: Size of Bit String in characters. * size: Size of Bit String in characters.
* len: Length of Bit String in characters. * len: Length of Bit String in characters.
@ -607,7 +601,7 @@ done:
* RETURNS: ASN1_ERR value (ASN1_ERR_NOERROR on success) * RETURNS: ASN1_ERR value (ASN1_ERR_NOERROR on success)
*/ */
int int
asn1_bits_decode ( ASN1_SCK *asn1, const guchar *eoc, guchar **bits, asn1_bits_decode ( ASN1_SCK *asn1, int eoc, guchar **bits,
guint *len, guchar *unused) guint *len, guchar *unused)
{ {
@ -618,8 +612,8 @@ asn1_bits_decode ( ASN1_SCK *asn1, const guchar *eoc, guchar **bits,
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
return ret; return ret;
*len = 0; *len = 0;
*bits = g_malloc(eoc - asn1->pointer); *bits = g_malloc(eoc - asn1->offset);
while (asn1->pointer < eoc) { while (asn1->offset < eoc) {
ret = asn1_octet_decode (asn1, (guchar *)bits++); ret = asn1_octet_decode (asn1, (guchar *)bits++);
if (ret != ASN1_ERR_NOERROR) { if (ret != ASN1_ERR_NOERROR) {
g_free(*bits); g_free(*bits);
@ -650,13 +644,13 @@ int
asn1_string_value_decode ( ASN1_SCK *asn1, int enc_len, guchar **octets) asn1_string_value_decode ( ASN1_SCK *asn1, int enc_len, guchar **octets)
{ {
int ret; int ret;
const guchar *eoc; int eoc;
guchar *ptr; guchar *ptr;
eoc = asn1->pointer + enc_len; eoc = asn1->offset + enc_len;
*octets = g_malloc (enc_len); *octets = g_malloc (enc_len);
ptr = *octets; ptr = *octets;
while (asn1->pointer < eoc) { while (asn1->offset < eoc) {
ret = asn1_octet_decode (asn1, (guchar *)ptr++); ret = asn1_octet_decode (asn1, (guchar *)ptr++);
if (ret != ASN1_ERR_NOERROR) { if (ret != ASN1_ERR_NOERROR) {
g_free(*octets); g_free(*octets);
@ -692,14 +686,14 @@ asn1_string_decode ( ASN1_SCK *asn1, guchar **octets, guint *str_len,
guint *nbytes, guint expected_tag) guint *nbytes, guint expected_tag)
{ {
int ret; int ret;
const guchar *start; int start;
int enc_len; int enc_len;
guint cls; guint cls;
guint con; guint con;
guint tag; guint tag;
gboolean def; gboolean def;
start = asn1->pointer; start = asn1->offset;
ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len); ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
goto done; goto done;
@ -717,7 +711,7 @@ asn1_string_decode ( ASN1_SCK *asn1, guchar **octets, guint *str_len,
*str_len = enc_len; *str_len = enc_len;
done: done:
*nbytes = asn1->pointer - start; *nbytes = asn1->offset - start;
return ret; return ret;
} }
@ -796,12 +790,12 @@ int
asn1_oid_value_decode ( ASN1_SCK *asn1, int enc_len, subid_t **oid, guint *len) asn1_oid_value_decode ( ASN1_SCK *asn1, int enc_len, subid_t **oid, guint *len)
{ {
int ret; int ret;
const guchar *eoc; int eoc;
subid_t subid; subid_t subid;
guint size; guint size;
subid_t *optr; subid_t *optr;
eoc = asn1->pointer + enc_len; eoc = asn1->offset + enc_len;
size = enc_len + 1; size = enc_len + 1;
*oid = g_malloc(size * sizeof(gulong)); *oid = g_malloc(size * sizeof(gulong));
optr = *oid; optr = *oid;
@ -824,7 +818,7 @@ asn1_oid_value_decode ( ASN1_SCK *asn1, int enc_len, subid_t **oid, guint *len)
} }
*len = 2; *len = 2;
optr += 2; optr += 2;
while (asn1->pointer < eoc) { while (asn1->offset < eoc) {
if (++(*len) > size) { if (++(*len) > size) {
g_free(*oid); g_free(*oid);
*oid = NULL; *oid = NULL;
@ -861,14 +855,14 @@ int
asn1_oid_decode ( ASN1_SCK *asn1, subid_t **oid, guint *len, guint *nbytes) asn1_oid_decode ( ASN1_SCK *asn1, subid_t **oid, guint *len, guint *nbytes)
{ {
int ret; int ret;
const guchar *start; int start;
guint cls; guint cls;
guint con; guint con;
guint tag; guint tag;
gboolean def; gboolean def;
guint enc_len; guint enc_len;
start = asn1->pointer; start = asn1->offset;
ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len); ret = asn1_header_decode (asn1, &cls, &con, &tag, &def, &enc_len);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
goto done; goto done;
@ -884,7 +878,7 @@ asn1_oid_decode ( ASN1_SCK *asn1, subid_t **oid, guint *len, guint *nbytes)
ret = asn1_oid_value_decode (asn1, enc_len, oid, len); ret = asn1_oid_value_decode (asn1, enc_len, oid, len);
done: done:
*nbytes = asn1->pointer - start; *nbytes = asn1->offset - start;
return ret; return ret;
} }
@ -907,13 +901,13 @@ int
asn1_sequence_decode ( ASN1_SCK *asn1, guint *seq_len, guint *nbytes) asn1_sequence_decode ( ASN1_SCK *asn1, guint *seq_len, guint *nbytes)
{ {
int ret; int ret;
const guchar *start; int start;
guint cls; guint cls;
guint con; guint con;
guint tag; guint tag;
gboolean def; gboolean def;
start = asn1->pointer; start = asn1->offset;
ret = asn1_header_decode(asn1, &cls, &con, &tag, ret = asn1_header_decode(asn1, &cls, &con, &tag,
&def, seq_len); &def, seq_len);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
@ -930,6 +924,6 @@ asn1_sequence_decode ( ASN1_SCK *asn1, guint *seq_len, guint *nbytes)
ret = ASN1_ERR_NOERROR; ret = ASN1_ERR_NOERROR;
done: done:
*nbytes = asn1->pointer - start; *nbytes = asn1->offset - start;
return ret; return ret;
} }

28
asn1.h
View File

@ -1,7 +1,7 @@
/* asn1.h /* asn1.h
* Definitions for ASN.1 BER dissection * Definitions for ASN.1 BER dissection
* *
* $Id: asn1.h,v 1.4 2000/12/24 09:10:11 guy Exp $ * $Id: asn1.h,v 1.5 2001/04/15 07:30:02 guy Exp $
* *
* Ethereal - Network traffic analyzer * Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org> * By Gerald Combs <gerald@zing.org>
@ -97,39 +97,37 @@ typedef u_int subid_t; /* CMU SNMP, libsmi, or nothing */
#endif #endif
#define ASN1_ERR_NOERROR 0 /* no error */ #define ASN1_ERR_NOERROR 0 /* no error */
#define ASN1_ERR_EMPTY 1 /* ran out of data */ #define ASN1_ERR_EOC_MISMATCH 1
#define ASN1_ERR_EOC_MISMATCH 2 #define ASN1_ERR_WRONG_TYPE 2 /* type not right */
#define ASN1_ERR_WRONG_TYPE 3 /* type not right */ #define ASN1_ERR_LENGTH_NOT_DEFINITE 3 /* length should be definite */
#define ASN1_ERR_LENGTH_NOT_DEFINITE 4 /* length should be definite */ #define ASN1_ERR_LENGTH_MISMATCH 4
#define ASN1_ERR_LENGTH_MISMATCH 5 #define ASN1_ERR_WRONG_LENGTH_FOR_TYPE 5 /* length wrong for type */
#define ASN1_ERR_WRONG_LENGTH_FOR_TYPE 6 /* length wrong for type */
typedef struct _ASN1_SCK ASN1_SCK; typedef struct _ASN1_SCK ASN1_SCK;
struct _ASN1_SCK struct _ASN1_SCK
{ /* ASN1 socket */ { /* ASN1 socket */
const guchar *pointer; /* Octet just encoded or to be decoded */ tvbuff_t *tvb; /* Tvbuff whence the data comes */
const guchar *begin; /* First octet */ int offset; /* Current offset in tvbuff */
const guchar *end; /* Octet after last octet */
}; };
void asn1_open (ASN1_SCK *asn1, const guchar *buf, guint len); void asn1_open (ASN1_SCK *asn1, tvbuff_t *tvb, int offset);
void asn1_close (ASN1_SCK *asn1, const guchar **buf, guint *len); void asn1_close (ASN1_SCK *asn1, int *offset);
int asn1_octet_decode (ASN1_SCK *asn1, guchar *ch); int asn1_octet_decode (ASN1_SCK *asn1, guchar *ch);
int asn1_tag_decode (ASN1_SCK *asn1, guint *tag); int asn1_tag_decode (ASN1_SCK *asn1, guint *tag);
int asn1_id_decode (ASN1_SCK *asn1, guint *cls, guint *con, guint *tag); int asn1_id_decode (ASN1_SCK *asn1, guint *cls, guint *con, guint *tag);
int asn1_length_decode (ASN1_SCK *asn1, gboolean *def, guint *len); int asn1_length_decode (ASN1_SCK *asn1, gboolean *def, guint *len);
int asn1_header_decode(ASN1_SCK *asn1, guint *cls, guint *con, guint *tag, int asn1_header_decode(ASN1_SCK *asn1, guint *cls, guint *con, guint *tag,
gboolean *defp, guint *lenp); gboolean *defp, guint *lenp);
int asn1_eoc (ASN1_SCK *asn1, const guchar *eoc); int asn1_eoc (ASN1_SCK *asn1, int eoc);
int asn1_eoc_decode (ASN1_SCK *asn1, const guchar *eoc); int asn1_eoc_decode (ASN1_SCK *asn1, int eoc);
int asn1_null_decode (ASN1_SCK *asn1, int enc_len); int asn1_null_decode (ASN1_SCK *asn1, int enc_len);
int asn1_bool_decode (ASN1_SCK *asn1, int enc_len, gboolean *bool); int asn1_bool_decode (ASN1_SCK *asn1, int enc_len, gboolean *bool);
int asn1_int32_value_decode (ASN1_SCK *asn1, int enc_len, gint32 *integer); int asn1_int32_value_decode (ASN1_SCK *asn1, int enc_len, gint32 *integer);
int asn1_int32_decode (ASN1_SCK *asn1, gint32 *integer, guint *nbytes); int asn1_int32_decode (ASN1_SCK *asn1, gint32 *integer, guint *nbytes);
int asn1_uint32_value_decode (ASN1_SCK *asn1, int enc_len, guint *integer); int asn1_uint32_value_decode (ASN1_SCK *asn1, int enc_len, guint *integer);
int asn1_uint32_decode (ASN1_SCK *asn1, guint32 *integer, guint *nbytes); int asn1_uint32_decode (ASN1_SCK *asn1, guint32 *integer, guint *nbytes);
int asn1_bits_decode (ASN1_SCK *asn1, const guchar *eoc, guchar **bits, int asn1_bits_decode (ASN1_SCK *asn1, int eoc, guchar **bits,
guint *len, guchar *unused); guint *len, guchar *unused);
int asn1_string_value_decode (ASN1_SCK *asn1, int enc_len, int asn1_string_value_decode (ASN1_SCK *asn1, int enc_len,
guchar **octets); guchar **octets);

11
packet-atm.c
View File

@ -1,7 +1,7 @@
/* packet-atm.c /* packet-atm.c
* Routines for ATM packet disassembly * Routines for ATM packet disassembly
* *
* $Id: packet-atm.c,v 1.32 2001/01/21 20:16:01 guy Exp $ * $Id: packet-atm.c,v 1.33 2001/04/15 07:30:02 guy Exp $
* *
* Ethereal - Network traffic analyzer * Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org> * By Gerald Combs <gerald@zing.org>
@ -563,12 +563,6 @@ dissect_atm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_item *ti; proto_item *ti;
guint aal_type; guint aal_type;
guint hl_type; guint hl_type;
const guint8 *pd;
int offset;
CHECK_DISPLAY_AS_DATA(proto_atm, tvb, pinfo, tree);
pinfo->current_proto = "ATM";
aal_type = pinfo->pseudo_header->ngsniffer_atm.AppTrafType & ATT_AALTYPE; aal_type = pinfo->pseudo_header->ngsniffer_atm.AppTrafType & ATT_AALTYPE;
hl_type = pinfo->pseudo_header->ngsniffer_atm.AppTrafType & ATT_HLTYPE; hl_type = pinfo->pseudo_header->ngsniffer_atm.AppTrafType & ATT_HLTYPE;
@ -741,8 +735,7 @@ dissect_atm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
case ATT_HL_ILMI: case ATT_HL_ILMI:
CHECK_DISPLAY_AS_DATA(proto_ilmi, tvb, pinfo, tree); CHECK_DISPLAY_AS_DATA(proto_ilmi, tvb, pinfo, tree);
tvb_compat(tvb, &pd, &offset); dissect_snmp_pdu(tvb, 0, pinfo, tree, "ILMI", proto_ilmi, ett_ilmi);
dissect_snmp_pdu(pd, offset, pinfo->fd, tree, "ILMI", proto_ilmi, ett_ilmi);
break; break;
default: default:

458
packet-kerberos.c
View File

@ -3,7 +3,7 @@
* Wes Hardaker (c) 2000 * Wes Hardaker (c) 2000
* wjhardaker@ucdavis.edu * wjhardaker@ucdavis.edu
* *
* $Id: packet-kerberos.c,v 1.14 2001/01/09 06:31:37 guy Exp $ * $Id: packet-kerberos.c,v 1.15 2001/04/15 07:30:02 guy Exp $
* *
* Ethereal - Network traffic analyzer * Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org> * By Gerald Combs <gerald@zing.org>
@ -47,16 +47,18 @@
#define UDP_PORT_KERBEROS 88 #define UDP_PORT_KERBEROS 88
#define TCP_PORT_KERBEROS 88 #define TCP_PORT_KERBEROS 88
static gint ett_kerberos = -1;
static gint ett_preauth = -1;
static gint ett_addresses = -1;
static gint ett_request = -1;
static gint ett_princ = -1;
static gint ett_ticket = -1;
static gint ett_encrypted = -1;
static gint ett_etype = -1;
static gint proto_kerberos = -1; static gint proto_kerberos = -1;
static gint ett_kerberos = -1;
static gint ett_preauth = -1;
static gint ett_addresses = -1;
static gint ett_request = -1;
static gint ett_princ = -1;
static gint ett_ticket = -1;
static gint ett_encrypted = -1;
static gint ett_etype = -1;
static gint ett_additional_tickets = -1;
#define KRB5_MSG_AS_REQ 10 /* AS-REQ type */ #define KRB5_MSG_AS_REQ 10 /* AS-REQ type */
#define KRB5_MSG_AS_REP 11 /* AS-REP type */ #define KRB5_MSG_AS_REP 11 /* AS-REP type */
#define KRB5_MSG_TGS_REQ 12 /* TGS-REQ type */ #define KRB5_MSG_TGS_REQ 12 /* TGS-REQ type */
@ -338,22 +340,20 @@ static const value_string krb5_msg_types[] = {
}; };
static int dissect_PrincipalName(char *title, ASN1_SCK *asn1p, static int dissect_PrincipalName(char *title, ASN1_SCK *asn1p,
frame_data *fd, proto_tree *tree, packet_info *pinfo, proto_tree *tree,
int start_offset); int start_offset);
static int dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, static int dissect_Ticket(char *title, ASN1_SCK *asn1p, packet_info *pinfo,
proto_tree *tree, int start_offset); proto_tree *tree, int start_offset);
static int dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd, static int dissect_EncryptedData(char *title, ASN1_SCK *asn1p,
proto_tree *tree, int start_offset); packet_info *pinfo, proto_tree *tree,
static int dissect_Addresses(char *title, ASN1_SCK *asn1p, frame_data *fd, int start_offset);
static int dissect_Addresses(char *title, ASN1_SCK *asn1p, packet_info *pinfo,
proto_tree *tree, int start_offset); proto_tree *tree, int start_offset);
static const char * static const char *
to_error_str(int ret) { to_error_str(int ret) {
switch (ret) { switch (ret) {
case ASN1_ERR_EMPTY:
return("Ran out of data");
case ASN1_ERR_EOC_MISMATCH: case ASN1_ERR_EOC_MISMATCH:
return("EOC mismatch"); return("EOC mismatch");
@ -374,10 +374,11 @@ to_error_str(int ret) {
} }
static void static void
krb_proto_tree_add_time(proto_tree *tree, int offset, int str_len, krb_proto_tree_add_time(proto_tree *tree, tvbuff_t *tvb, int offset,
char *name, guchar *str) { int str_len, char *name, guchar *str)
{
if (tree) if (tree)
proto_tree_add_text(tree, NullTVB, offset, str_len, proto_tree_add_text(tree, tvb, offset, str_len,
"%s: %.4s-%.2s-%.2s %.2s:%.2s:%.2s (%.1s)", "%s: %.4s-%.2s-%.2s %.2s:%.2s:%.2s (%.1s)",
name, str, str+4, str+6, name, str, str+4, str+6,
str+8, str+10, str+12, str+8, str+10, str+12,
@ -391,21 +392,21 @@ krb_proto_tree_add_time(proto_tree *tree, int offset, int str_len,
*/ */
#define KRB_HEAD_DECODE_OR_DIE(token) \ #define KRB_HEAD_DECODE_OR_DIE(token) \
start = asn1p->pointer; \ start = asn1p->offset; \
ret = asn1_header_decode (asn1p, &cls, &con, &tag, &def, &item_len); \ ret = asn1_header_decode (asn1p, &cls, &con, &tag, &def, &item_len); \
if (ret != ASN1_ERR_NOERROR && ret != ASN1_ERR_EMPTY) {\ if (ret != ASN1_ERR_NOERROR) {\
if (check_col(fd, COL_INFO)) \ if (check_col(pinfo->fd, COL_INFO)) \
col_add_fstr(fd, COL_INFO, "ERROR: Problem at %s: %s", \ col_add_fstr(pinfo->fd, COL_INFO, "ERROR: Problem at %s: %s", \
token, to_error_str(ret)); \ token, to_error_str(ret)); \
return -1; \ return -1; \
} \ } \
if (!def) {\ if (!def) {\
if (check_col(fd, COL_INFO)) \ if (check_col(pinfo->fd, COL_INFO)) \
col_add_fstr(fd, COL_INFO, "not definite: %s", token); \ col_add_fstr(pinfo->fd, COL_INFO, "not definite: %s", token); \
fprintf(stderr,"not definite: %s\n", token); \ fprintf(stderr,"not definite: %s\n", token); \
return -1; \ return -1; \
} \ } \
offset += (asn1p->pointer - start); offset += (asn1p->offset - start);
#define CHECK_APPLICATION_TYPE(expected_tag) \ #define CHECK_APPLICATION_TYPE(expected_tag) \
(cls == ASN1_APL && con == ASN1_CON && tag == expected_tag) (cls == ASN1_APL && con == ASN1_CON && tag == expected_tag)
@ -423,8 +424,8 @@ krb_proto_tree_add_time(proto_tree *tree, int offset, int str_len,
#define DIE_WITH_BAD_TYPE(token, expected_tag) \ #define DIE_WITH_BAD_TYPE(token, expected_tag) \
{ \ { \
if (check_col(fd, COL_INFO)) \ if (check_col(pinfo->fd, COL_INFO)) \
col_add_fstr(fd, COL_INFO, "ERROR: Problem at %s: %s (tag=%d exp=%d)", \ col_add_fstr(pinfo->fd, COL_INFO, "ERROR: Problem at %s: %s (tag=%d exp=%d)", \
token, to_error_str(ASN1_ERR_WRONG_TYPE), tag, expected_tag); \ token, to_error_str(ASN1_ERR_WRONG_TYPE), tag, expected_tag); \
return -1; \ return -1; \
} }
@ -439,9 +440,9 @@ krb_proto_tree_add_time(proto_tree *tree, int offset, int str_len,
#define KRB_SEQ_HEAD_DECODE_OR_DIE(token) \ #define KRB_SEQ_HEAD_DECODE_OR_DIE(token) \
ret = asn1_sequence_decode (asn1p, &item_len, &header_len); \ ret = asn1_sequence_decode (asn1p, &item_len, &header_len); \
if (ret != ASN1_ERR_NOERROR && ret != ASN1_ERR_EMPTY) {\ if (ret != ASN1_ERR_NOERROR) {\
if (check_col(fd, COL_INFO)) \ if (check_col(pinfo->fd, COL_INFO)) \
col_add_fstr(fd, COL_INFO, "ERROR: Problem at %s: %s", \ col_add_fstr(pinfo->fd, COL_INFO, "ERROR: Problem at %s: %s", \
token, to_error_str(ret)); \ token, to_error_str(ret)); \
return -1; \ return -1; \
} \ } \
@ -450,8 +451,8 @@ krb_proto_tree_add_time(proto_tree *tree, int offset, int str_len,
#define KRB_DECODE_OR_DIE(token, fn, val) \ #define KRB_DECODE_OR_DIE(token, fn, val) \
ret = fn (asn1p, &val, &length); \ ret = fn (asn1p, &val, &length); \
if (ret != ASN1_ERR_NOERROR) { \ if (ret != ASN1_ERR_NOERROR) { \
if (check_col(fd, COL_INFO)) \ if (check_col(pinfo->fd, COL_INFO)) \
col_add_fstr(fd, COL_INFO, "ERROR: Problem at %s: %s", \ col_add_fstr(pinfo->fd, COL_INFO, "ERROR: Problem at %s: %s", \
token, to_error_str(ret)); \ token, to_error_str(ret)); \
return -1; \ return -1; \
} \ } \
@ -462,8 +463,8 @@ krb_proto_tree_add_time(proto_tree *tree, int offset, int str_len,
#define KRB_DECODE_STRING_OR_DIE(token, expected_tag, val, val_len, item_len) \ #define KRB_DECODE_STRING_OR_DIE(token, expected_tag, val, val_len, item_len) \
ret = asn1_string_decode (asn1p, &val, &val_len, &item_len, expected_tag); \ ret = asn1_string_decode (asn1p, &val, &val_len, &item_len, expected_tag); \
if (ret != ASN1_ERR_NOERROR) { \ if (ret != ASN1_ERR_NOERROR) { \
if (check_col(fd, COL_INFO)) \ if (check_col(pinfo->fd, COL_INFO)) \
col_add_fstr(fd, COL_INFO, "ERROR: Problem at %s: %s", \ col_add_fstr(pinfo->fd, COL_INFO, "ERROR: Problem at %s: %s", \
token, to_error_str(ret)); \ token, to_error_str(ret)); \
return -1; \ return -1; \
} }
@ -493,20 +494,20 @@ dissect_type_value_pair(ASN1_SCK *asn1p, int *inoff,
int offset = *inoff; int offset = *inoff;
guint cls, con, tag; guint cls, con, tag;
gboolean def; gboolean def;
const guchar *start; int start;
guint tmp_len; guint tmp_len;
int ret; int ret;
/* SEQUENCE */ /* SEQUENCE */
start = asn1p->pointer; start = asn1p->offset;
asn1_header_decode (asn1p, &cls, &con, &tag, &def, &tmp_len); asn1_header_decode (asn1p, &cls, &con, &tag, &def, &tmp_len);
offset += (asn1p->pointer - start); offset += (asn1p->offset - start);
/* INT */ /* INT */
/* wrapper */ /* wrapper */
start = asn1p->pointer; start = asn1p->offset;
asn1_header_decode (asn1p, &cls, &con, &tag, &def, &tmp_len); asn1_header_decode (asn1p, &cls, &con, &tag, &def, &tmp_len);
offset += (asn1p->pointer - start); offset += (asn1p->offset - start);
if (type_off) if (type_off)
*type_off = offset; *type_off = offset;
@ -521,10 +522,10 @@ dissect_type_value_pair(ASN1_SCK *asn1p, int *inoff,
/* OCTET STRING (or generic data) */ /* OCTET STRING (or generic data) */
/* wrapper */ /* wrapper */
start = asn1p->pointer; start = asn1p->offset;
asn1_header_decode (asn1p, &cls, &con, &tag, &def, val_len); asn1_header_decode (asn1p, &cls, &con, &tag, &def, val_len);
asn1_header_decode (asn1p, &cls, &con, &tag, &def, val_len); asn1_header_decode (asn1p, &cls, &con, &tag, &def, val_len);
offset += asn1p->pointer - start; offset += asn1p->offset - start;
if (val_off) if (val_off)
*val_off = offset; *val_off = offset;
@ -536,13 +537,14 @@ dissect_type_value_pair(ASN1_SCK *asn1p, int *inoff,
} }
static gboolean static gboolean
dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd, dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
proto_tree *tree)
{ {
int offset = 0;
proto_tree *kerberos_tree = NULL; proto_tree *kerberos_tree = NULL;
proto_tree *etype_tree = NULL; proto_tree *etype_tree = NULL;
proto_tree *preauth_tree = NULL; proto_tree *preauth_tree = NULL;
proto_tree *request_tree = NULL; proto_tree *request_tree = NULL;
proto_tree *additional_tickets_tree = NULL;
ASN1_SCK asn1, *asn1p = &asn1; ASN1_SCK asn1, *asn1p = &asn1;
proto_item *item = NULL; proto_item *item = NULL;
@ -550,7 +552,7 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
guint cls, con, tag; guint cls, con, tag;
gboolean def; gboolean def;
guint item_len, total_len; guint item_len, total_len;
const guchar *start; int start, end, message_end, sequence_end;
int ret; int ret;
@ -566,17 +568,17 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
guchar *str; guchar *str;
int tmp_pos1, tmp_pos2; int tmp_pos1, tmp_pos2;
if (tree) { asn1_open(&asn1, tvb, 0);
item = proto_tree_add_item(tree, proto_kerberos, NullTVB, offset,
END_OF_FRAME, FALSE);
kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
}
asn1_open(&asn1, &pd[offset], END_OF_FRAME);
/* top header */ /* top header */
KRB_HEAD_DECODE_OR_DIE("top"); KRB_HEAD_DECODE_OR_DIE("top");
protocol_message_type = tag; protocol_message_type = tag;
if (tree) {
item = proto_tree_add_item(tree, proto_kerberos, tvb, offset,
item_len, FALSE);
kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
}
message_end = start + item_len;
/* second header */ /* second header */
KRB_HEAD_DECODE_OR_DIE("top2"); KRB_HEAD_DECODE_OR_DIE("top2");
@ -586,7 +588,7 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
KRB_DECODE_UINT32_OR_DIE("version", version); KRB_DECODE_UINT32_OR_DIE("version", version);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, length, proto_tree_add_text(kerberos_tree, tvb, offset, length,
"Version: %d", "Version: %d",
version); version);
} }
@ -597,15 +599,15 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
KRB_DECODE_UINT32_OR_DIE("message-type", msg_type); KRB_DECODE_UINT32_OR_DIE("message-type", msg_type);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, length, proto_tree_add_text(kerberos_tree, tvb, offset, length,
"MSG Type: %s", "MSG Type: %s",
val_to_str(msg_type, krb5_msg_types, val_to_str(msg_type, krb5_msg_types,
"Unknown msg type %#x")); "Unknown msg type %#x"));
} }
offset += length; offset += length;
if (check_col(fd, COL_INFO)) if (check_col(pinfo->fd, COL_INFO))
col_add_str(fd, COL_INFO, val_to_str(msg_type, krb5_msg_types, col_add_str(pinfo->fd, COL_INFO, val_to_str(msg_type, krb5_msg_types,
"Unknown msg type %#x")); "Unknown msg type %#x"));
/* is preauthentication present? */ /* is preauthentication present? */
@ -619,26 +621,26 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
/* pre-authentication supplied */ /* pre-authentication supplied */
if (tree) { if (tree) {
item = proto_tree_add_text(kerberos_tree, NullTVB, offset, item = proto_tree_add_text(kerberos_tree, tvb, offset,
item_len, "Pre-Authentication"); item_len, "Pre-Authentication");
preauth_tree = proto_item_add_subtree(item, ett_preauth); preauth_tree = proto_item_add_subtree(item, ett_preauth);
} }
KRB_HEAD_DECODE_OR_DIE("sequence of pa-data"); KRB_HEAD_DECODE_OR_DIE("sequence of pa-data");
start = asn1p->pointer + item_len; end = asn1p->offset + item_len;
while(start > asn1p->pointer) { while(asn1p->offset < end) {
dissect_type_value_pair(asn1p, &offset, dissect_type_value_pair(asn1p, &offset,
&preauth_type, &item_len, &tmp_pos1, &preauth_type, &item_len, &tmp_pos1,
&str, &str_len, &tmp_pos2); &str, &str_len, &tmp_pos2);
if (preauth_tree) { if (preauth_tree) {
proto_tree_add_text(preauth_tree, NullTVB, tmp_pos1, proto_tree_add_text(preauth_tree, tvb, tmp_pos1,
item_len, "Type: %s", item_len, "Type: %s",
val_to_str(preauth_type, val_to_str(preauth_type,
krb5_preauthentication_types, krb5_preauthentication_types,
"Unknown preauth type %#x")); "Unknown preauth type %#x"));
proto_tree_add_text(preauth_tree, NullTVB, tmp_pos2, proto_tree_add_text(preauth_tree, tvb, tmp_pos2,
str_len, "Value: %s", str_len, "Value: %s",
bytes_to_str(str, str_len)); bytes_to_str(str, str_len));
} }
@ -684,10 +686,11 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
/* request body */ /* request body */
KRB_HEAD_DECODE_OR_DIE("body-sequence"); KRB_HEAD_DECODE_OR_DIE("body-sequence");
if (tree) { if (tree) {
item = proto_tree_add_text(kerberos_tree, NullTVB, offset, item = proto_tree_add_text(kerberos_tree, tvb, offset,
item_len, "Request"); item_len, "Request");
request_tree = proto_item_add_subtree(item, ett_request); request_tree = proto_item_add_subtree(item, ett_request);
} }
sequence_end = start + item_len;
/* kdc options */ /* kdc options */
KRB_HEAD_DECODE_OR_DIE("kdc options"); KRB_HEAD_DECODE_OR_DIE("kdc options");
@ -695,17 +698,18 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
KRB_HEAD_DECODE_OR_DIE("kdc options:bits"); KRB_HEAD_DECODE_OR_DIE("kdc options:bits");
if (request_tree) { if (request_tree) {
proto_tree_add_text(request_tree, NullTVB, offset, item_len, proto_tree_add_text(request_tree, tvb, offset, item_len,
"Options: %s", "Options: %s",
bytes_to_str(asn1.pointer, item_len)); tvb_bytes_to_str(asn1.tvb, asn1.offset,
item_len));
} }
offset += item_len; offset += item_len;
asn1.pointer += item_len; asn1.offset += item_len;
KRB_HEAD_DECODE_OR_DIE("Client Name or Realm"); KRB_HEAD_DECODE_OR_DIE("Client Name or Realm");
if (CHECK_CONTEXT_TYPE(KRB5_BODY_CNAME)) { if (CHECK_CONTEXT_TYPE(KRB5_BODY_CNAME)) {
item_len = dissect_PrincipalName("Client Name", asn1p, fd, item_len = dissect_PrincipalName("Client Name", asn1p, pinfo,
request_tree, offset); request_tree, offset);
if (item_len == -1) if (item_len == -1)
return -1; return -1;
@ -716,14 +720,14 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
DIE_IF_NOT_CONTEXT_TYPE("Realm", KRB5_BODY_REALM); DIE_IF_NOT_CONTEXT_TYPE("Realm", KRB5_BODY_REALM);
KRB_DECODE_GENERAL_STRING_OR_DIE("Realm", str, str_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("Realm", str, str_len, item_len);
if (request_tree) { if (request_tree) {
proto_tree_add_text(request_tree, NullTVB, offset, item_len, proto_tree_add_text(request_tree, tvb, offset, item_len,
"Realm: %.*s", str_len, str); "Realm: %.*s", str_len, str);
} }
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("Server Name"); KRB_HEAD_DECODE_OR_DIE("Server Name");
if (CHECK_CONTEXT_TYPE(KRB5_BODY_SNAME)) { if (CHECK_CONTEXT_TYPE(KRB5_BODY_SNAME)) {
item_len = dissect_PrincipalName("Server Name", asn1p, fd, item_len = dissect_PrincipalName("Server Name", asn1p, pinfo,
request_tree, offset); request_tree, offset);
if (item_len == -1) if (item_len == -1)
return -1; return -1;
@ -733,7 +737,7 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
if (CHECK_CONTEXT_TYPE(KRB5_BODY_FROM)) { if (CHECK_CONTEXT_TYPE(KRB5_BODY_FROM)) {
KRB_DECODE_GENERAL_TIME_OR_DIE("From", str, str_len, item_len); KRB_DECODE_GENERAL_TIME_OR_DIE("From", str, str_len, item_len);
krb_proto_tree_add_time(request_tree, offset, item_len, krb_proto_tree_add_time(request_tree, asn1p->tvb, offset, item_len,
"Start Time", str); "Start Time", str);
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("Till"); KRB_HEAD_DECODE_OR_DIE("Till");
@ -741,14 +745,14 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
DIE_IF_NOT_CONTEXT_TYPE("Till", KRB5_BODY_TILL); DIE_IF_NOT_CONTEXT_TYPE("Till", KRB5_BODY_TILL);
KRB_DECODE_GENERAL_TIME_OR_DIE("Till", str, str_len, item_len); KRB_DECODE_GENERAL_TIME_OR_DIE("Till", str, str_len, item_len);
krb_proto_tree_add_time(request_tree, offset, item_len, krb_proto_tree_add_time(request_tree, asn1p->tvb, offset, item_len,
"End Time", str); "End Time", str);
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("Renewable Until or Nonce"); KRB_HEAD_DECODE_OR_DIE("Renewable Until or Nonce");
if (CHECK_CONTEXT_TYPE(KRB5_BODY_RTIME)) { if (CHECK_CONTEXT_TYPE(KRB5_BODY_RTIME)) {
KRB_DECODE_GENERAL_TIME_OR_DIE("Renewable Until", str, str_len, item_len); KRB_DECODE_GENERAL_TIME_OR_DIE("Renewable Until", str, str_len, item_len);
krb_proto_tree_add_time(request_tree, offset, item_len, krb_proto_tree_add_time(request_tree, asn1p->tvb, offset, item_len,
"Renewable Until", str); "Renewable Until", str);
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("Nonce"); KRB_HEAD_DECODE_OR_DIE("Nonce");
@ -757,7 +761,7 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
DIE_IF_NOT_CONTEXT_TYPE("Nonce", KRB5_BODY_NONCE); DIE_IF_NOT_CONTEXT_TYPE("Nonce", KRB5_BODY_NONCE);
KRB_DECODE_UINT32_OR_DIE("Nonce", tmp_int); KRB_DECODE_UINT32_OR_DIE("Nonce", tmp_int);
if (request_tree) { if (request_tree) {
proto_tree_add_text(request_tree, NullTVB, offset, length, proto_tree_add_text(request_tree, tvb, offset, length,
"Random Number: %u", "Random Number: %u",
tmp_int); tmp_int);
} }
@ -767,7 +771,7 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
KRB5_BODY_ENCTYPE); KRB5_BODY_ENCTYPE);
KRB_HEAD_DECODE_OR_DIE("encryption type list"); KRB_HEAD_DECODE_OR_DIE("encryption type list");
if (kerberos_tree) { if (kerberos_tree) {
item = proto_tree_add_text(request_tree, NullTVB, offset, item = proto_tree_add_text(request_tree, tvb, offset,
item_len, "Encryption Types"); item_len, "Encryption Types");
etype_tree = proto_item_add_subtree(item, ett_etype); etype_tree = proto_item_add_subtree(item, ett_etype);
} }
@ -775,7 +779,7 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
while(total_len > 0) { while(total_len > 0) {
KRB_DECODE_UINT32_OR_DIE("encryption type", tmp_int); KRB_DECODE_UINT32_OR_DIE("encryption type", tmp_int);
if (etype_tree) { if (etype_tree) {
proto_tree_add_text(etype_tree, NullTVB, offset, length, proto_tree_add_text(etype_tree, tvb, offset, length,
"Type: %s", "Type: %s",
val_to_str(tmp_int, val_to_str(tmp_int,
krb5_encryption_types, krb5_encryption_types,
@ -785,16 +789,50 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
total_len -= length; total_len -= length;
} }
KRB_HEAD_DECODE_OR_DIE("addresses"); if (asn1p->offset >= sequence_end)
break;
KRB_HEAD_DECODE_OR_DIE("addresses or enc-authorization-data");
if (CHECK_CONTEXT_TYPE(KRB5_BODY_ADDRESSES)) { if (CHECK_CONTEXT_TYPE(KRB5_BODY_ADDRESSES)) {
/* pre-authentication supplied */ /* addresses supplied */
offset = dissect_Addresses("Addresses", asn1p, fd, kerberos_tree, length = dissect_Addresses("Addresses", asn1p, pinfo, kerberos_tree,
offset); offset);
if (offset == -1) if (offset == -1)
return -1; return -1;
KRB_HEAD_DECODE_OR_DIE("auth-data"); offset += length;
if (asn1p->offset >= sequence_end)
break;
KRB_HEAD_DECODE_OR_DIE("enc-authorization-data or additional-tickets");
} }
if (CHECK_CONTEXT_TYPE(KRB5_BODY_ENC_AUTHORIZATION_DATA)) {
/* enc-authorization-data supplied */
length = dissect_EncryptedData("Encrypted Payload", asn1p, pinfo,
kerberos_tree, offset);
if (length == -1)
return -1;
offset += length;
if (asn1p->offset >= sequence_end)
break;
KRB_HEAD_DECODE_OR_DIE("additional-tickets");
}
/* additional-tickets supplied */
if (tree) {
item = proto_tree_add_text(kerberos_tree, tvb, offset,
item_len, "Additional Tickets");
additional_tickets_tree = proto_item_add_subtree(item, ett_additional_tickets);
}
end = asn1p->offset + item_len;
while(asn1p->offset < end) {
KRB_DECODE_CONTEXT_HEAD_OR_DIE("ticket", KRB5_KDC_REP_TICKET);
length = dissect_Ticket("ticket", asn1p, pinfo, additional_tickets_tree,
offset);
if (length == -1)
return -1;
offset += length;
}
break; break;
case KRB5_MSG_AS_REP: case KRB5_MSG_AS_REP:
@ -814,32 +852,34 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
} }
*/ */
DIE_IF_NOT_CONTEXT_TYPE("crealm", KRB5_KDC_REP_CREALM); DIE_IF_NOT_CONTEXT_TYPE("crealm", KRB5_KDC_REP_CREALM);
KRB_DECODE_GENERAL_STRING_OR_DIE("realm name", str, str_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("realm name", str, str_len, item_len);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, item_len, proto_tree_add_text(kerberos_tree, tvb, offset, item_len,
"Realm: %.*s", str_len, str); "Realm: %.*s", str_len, str);
} }
offset += item_len; offset += item_len;
KRB_DECODE_CONTEXT_HEAD_OR_DIE("cname", KRB5_KDC_REP_CNAME); KRB_DECODE_CONTEXT_HEAD_OR_DIE("cname", KRB5_KDC_REP_CNAME);
item_len = dissect_PrincipalName("Client Name", asn1p, fd, item_len = dissect_PrincipalName("Client Name", asn1p, pinfo,
kerberos_tree, offset); kerberos_tree, offset);
if (item_len == -1) if (item_len == -1)
return -1; return -1;
offset += item_len; offset += item_len;
KRB_DECODE_CONTEXT_HEAD_OR_DIE("ticket", KRB5_KDC_REP_TICKET); KRB_DECODE_CONTEXT_HEAD_OR_DIE("ticket", KRB5_KDC_REP_TICKET);
offset = dissect_Ticket("ticket", asn1p, fd, kerberos_tree, offset); length = dissect_Ticket("ticket", asn1p, pinfo, kerberos_tree, offset);
if (offset == -1) if (length == -1)
return -1; return -1;
offset += length;
KRB_DECODE_CONTEXT_HEAD_OR_DIE("enc-msg-part", KRB_DECODE_CONTEXT_HEAD_OR_DIE("enc-msg-part",
KRB5_KDC_REP_ENC_PART); KRB5_KDC_REP_ENC_PART);
offset = dissect_EncryptedData("Encrypted Payload", asn1p, fd, length = dissect_EncryptedData("Encrypted Payload", asn1p, pinfo,
kerberos_tree, offset); kerberos_tree, offset);
if (offset == -1) if (length == -1)
return -1; return -1;
offset += length;
break; break;
case KRB5_MSG_ERROR: case KRB5_MSG_ERROR:
@ -863,115 +903,118 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
*/ */
/* ctime */ /* ctime */
if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CTIME)) { if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CTIME)) {
KRB_DECODE_GENERAL_TIME_OR_DIE("ctime", str, str_len, item_len); KRB_DECODE_GENERAL_TIME_OR_DIE("ctime", str, str_len, item_len);
krb_proto_tree_add_time(kerberos_tree, offset, item_len, krb_proto_tree_add_time(kerberos_tree, asn1p->tvb, offset, item_len,
"ctime", str); "ctime", str);
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("cusec"); KRB_HEAD_DECODE_OR_DIE("cusec");
} }
/* cusec */ /* cusec */
if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CUSEC)) { if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CUSEC)) {
KRB_DECODE_UINT32_OR_DIE("cusec", tmp_int); KRB_DECODE_UINT32_OR_DIE("cusec", tmp_int);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, length, proto_tree_add_text(kerberos_tree, tvb, offset, length,
"cusec: %u", "cusec: %u",
tmp_int); tmp_int);
} }
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("sutime"); KRB_HEAD_DECODE_OR_DIE("sutime");
} }
DIE_IF_NOT_CONTEXT_TYPE("sutime", KRB5_ERROR_STIME); DIE_IF_NOT_CONTEXT_TYPE("sutime", KRB5_ERROR_STIME);
KRB_DECODE_GENERAL_TIME_OR_DIE("stime", str, str_len, item_len); KRB_DECODE_GENERAL_TIME_OR_DIE("stime", str, str_len, item_len);
krb_proto_tree_add_time(kerberos_tree, offset, item_len, krb_proto_tree_add_time(kerberos_tree, asn1p->tvb, offset, item_len,
"stime", str); "stime", str);
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("susec"); KRB_HEAD_DECODE_OR_DIE("susec");
DIE_IF_NOT_CONTEXT_TYPE("susec", KRB5_ERROR_SUSEC); DIE_IF_NOT_CONTEXT_TYPE("susec", KRB5_ERROR_SUSEC);
KRB_DECODE_UINT32_OR_DIE("susec", tmp_int); KRB_DECODE_UINT32_OR_DIE("susec", tmp_int);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, length, proto_tree_add_text(kerberos_tree, tvb, offset, length,
"susec: %u", "susec: %u",
tmp_int); tmp_int);
} }
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("errcode"); KRB_HEAD_DECODE_OR_DIE("errcode");
DIE_IF_NOT_CONTEXT_TYPE("errcode", KRB5_ERROR_ERROR_CODE); DIE_IF_NOT_CONTEXT_TYPE("errcode", KRB5_ERROR_ERROR_CODE);
KRB_DECODE_UINT32_OR_DIE("errcode", tmp_int); KRB_DECODE_UINT32_OR_DIE("errcode", tmp_int);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, length, proto_tree_add_text(kerberos_tree, tvb, offset, length,
"Error Code: %s", "Error Code: %s",
val_to_str(tmp_int, val_to_str(tmp_int, krb5_error_codes,
krb5_error_codes, "Unknown error code %#x"));
"Unknown error code %#x")); }
}
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("crealm"); KRB_HEAD_DECODE_OR_DIE("crealm");
if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CREALM)) { if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CREALM)) {
KRB_DECODE_GENERAL_STRING_OR_DIE("crealm", str, str_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("crealm", str, str_len, item_len);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, item_len, proto_tree_add_text(kerberos_tree, tvb, offset, item_len,
"crealm: %.*s", str_len, str); "crealm: %.*s", str_len, str);
} }
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("cname"); KRB_HEAD_DECODE_OR_DIE("cname");
} }
if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CNAME)) { if (CHECK_CONTEXT_TYPE(KRB5_ERROR_CNAME)) {
item_len = dissect_PrincipalName("cname", asn1p, fd, item_len = dissect_PrincipalName("cname", asn1p, pinfo,
kerberos_tree, offset); kerberos_tree, offset);
if (item_len == -1) if (item_len == -1)
return -1; return -1;
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("realm"); KRB_HEAD_DECODE_OR_DIE("realm");
} }
DIE_IF_NOT_CONTEXT_TYPE("realm", KRB5_ERROR_REALM); DIE_IF_NOT_CONTEXT_TYPE("realm", KRB5_ERROR_REALM);
KRB_DECODE_GENERAL_STRING_OR_DIE("realm", str, str_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("realm", str, str_len, item_len);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, item_len, proto_tree_add_text(kerberos_tree, tvb, offset, item_len,
"realm: %.*s", str_len, str); "realm: %.*s", str_len, str);
} }
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("sname"); KRB_HEAD_DECODE_OR_DIE("sname");
DIE_IF_NOT_CONTEXT_TYPE("sname", KRB5_ERROR_SNAME); DIE_IF_NOT_CONTEXT_TYPE("sname", KRB5_ERROR_SNAME);
item_len = dissect_PrincipalName("sname", asn1p, fd, item_len = dissect_PrincipalName("sname", asn1p, pinfo,
kerberos_tree, offset); kerberos_tree, offset);
if (item_len == -1) if (item_len == -1)
return -1; return -1;
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("e-text");
if ( CHECK_CONTEXT_TYPE(KRB5_ERROR_ETEXT) ) { if (asn1p->offset >= message_end)
KRB_DECODE_GENERAL_STRING_OR_DIE("etext", str, str_len, item_len); break;
if (kerberos_tree) { KRB_HEAD_DECODE_OR_DIE("e-text");
proto_tree_add_text(kerberos_tree, NullTVB, offset, item_len, if ( CHECK_CONTEXT_TYPE(KRB5_ERROR_ETEXT) ) {
KRB_DECODE_GENERAL_STRING_OR_DIE("etext", str, str_len, item_len);
if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, tvb, offset, item_len,
"etext: %.*s", str_len, str); "etext: %.*s", str_len, str);
} }
offset += item_len; offset += item_len;
KRB_HEAD_DECODE_OR_DIE("e-data"); if (asn1p->offset >= message_end)
} break;
KRB_HEAD_DECODE_OR_DIE("e-data");
}
if ( CHECK_CONTEXT_TYPE(KRB5_ERROR_EDATA) ) { if ( CHECK_CONTEXT_TYPE(KRB5_ERROR_EDATA) ) {
guchar *data; guchar *data;
guint data_len; guint data_len;
KRB_DECODE_OCTET_STRING_OR_DIE("e-data", data, data_len, item_len); KRB_DECODE_OCTET_STRING_OR_DIE("e-data", data, data_len, item_len);
if (kerberos_tree) { if (kerberos_tree) {
proto_tree_add_text(kerberos_tree, NullTVB, offset, data_len, proto_tree_add_text(kerberos_tree, tvb, offset, data_len,
"Error Data: %s", bytes_to_str(data, item_len)); "Error Data: %s", bytes_to_str(data, item_len));
} }
offset += data_len; offset += data_len;
} }
break; break;
} }
@ -979,18 +1022,16 @@ dissect_kerberos_main(const u_char *pd, int offset, frame_data *fd,
} }
static void static void
dissect_kerberos(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) dissect_kerberos(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{ {
OLD_CHECK_DISPLAY_AS_DATA(proto_kerberos, pd, offset, fd, tree); if (check_col(pinfo->fd, COL_PROTOCOL))
col_set_str(pinfo->fd, COL_PROTOCOL, "KRB5");
if (check_col(fd, COL_PROTOCOL)) dissect_kerberos_main(tvb, pinfo, tree);
col_set_str(fd, COL_PROTOCOL, "KRB5");
dissect_kerberos_main(pd, offset, fd, tree);
} }
static int static int
dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd, dissect_PrincipalName(char *title, ASN1_SCK *asn1p, packet_info *pinfo,
proto_tree *tree, int start_offset) proto_tree *tree, int start_offset)
{ {
/* /*
@ -1004,7 +1045,7 @@ dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd,
guint32 princ_type; guint32 princ_type;
const guchar *start; int start;
guint cls, con, tag; guint cls, con, tag;
guint header_len, item_len, total_len, type_len; guint header_len, item_len, total_len, type_len;
int ret; int ret;
@ -1022,7 +1063,7 @@ dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd,
KRB_SEQ_HEAD_DECODE_OR_DIE("principal section"); KRB_SEQ_HEAD_DECODE_OR_DIE("principal section");
if (tree) { if (tree) {
item = proto_tree_add_text(tree, NullTVB, start_offset, item = proto_tree_add_text(tree, asn1p->tvb, start_offset,
(offset - start_offset) + item_len, "%s", (offset - start_offset) + item_len, "%s",
title); title);
princ_tree = proto_item_add_subtree(item, ett_princ); princ_tree = proto_item_add_subtree(item, ett_princ);
@ -1038,7 +1079,7 @@ dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd,
offset += length; offset += length;
if (princ_tree) { if (princ_tree) {
proto_tree_add_text(princ_tree, NullTVB, type_offset, type_len, proto_tree_add_text(princ_tree, asn1p->tvb, type_offset, type_len,
"Type: %s", "Type: %s",
val_to_str(princ_type, krb5_princ_types, val_to_str(princ_type, krb5_princ_types,
"Unknown name type %#x")); "Unknown name type %#x"));
@ -1057,7 +1098,7 @@ dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd,
KRB_DECODE_GENERAL_STRING_OR_DIE("principal name", name, name_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("principal name", name, name_len, item_len);
if (princ_tree) { if (princ_tree) {
proto_item_set_text(item, "%s: %.*s", title, (int) name_len, name); proto_item_set_text(item, "%s: %.*s", title, (int) name_len, name);
proto_tree_add_text(princ_tree, NullTVB, offset, item_len, proto_tree_add_text(princ_tree, asn1p->tvb, offset, item_len,
"Name: %.*s", (int) name_len, name); "Name: %.*s", (int) name_len, name);
} }
total_len -= item_len; total_len -= item_len;
@ -1068,7 +1109,7 @@ dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd,
while (total_len > 0) { while (total_len > 0) {
KRB_DECODE_GENERAL_STRING_OR_DIE("principal name", name, name_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("principal name", name, name_len, item_len);
if (princ_tree) { if (princ_tree) {
proto_tree_add_text(princ_tree, NullTVB, offset, item_len, proto_tree_add_text(princ_tree, asn1p->tvb, offset, item_len,
"Name: %.*s", (int) name_len, name); "Name: %.*s", (int) name_len, name);
} }
total_len -= item_len; total_len -= item_len;
@ -1078,12 +1119,12 @@ dissect_PrincipalName(char *title, ASN1_SCK *asn1p, frame_data *fd,
} }
static int static int
dissect_Addresses(char *title, ASN1_SCK *asn1p, frame_data *fd, dissect_Addresses(char *title, ASN1_SCK *asn1p, packet_info *pinfo,
proto_tree *tree, int start_offset) { proto_tree *tree, int start_offset) {
proto_tree *address_tree = NULL; proto_tree *address_tree = NULL;
int offset = start_offset; int offset = start_offset;
const guchar *start; int start, end;
guint cls, con, tag; guint cls, con, tag;
guint item_len; guint item_len;
int ret; int ret;
@ -1099,44 +1140,45 @@ dissect_Addresses(char *title, ASN1_SCK *asn1p, frame_data *fd,
KRB_HEAD_DECODE_OR_DIE("sequence of addresses"); KRB_HEAD_DECODE_OR_DIE("sequence of addresses");
if (tree) { if (tree) {
item = proto_tree_add_text(tree, NullTVB, offset, item = proto_tree_add_text(tree, asn1p->tvb, offset,
item_len, "Addresses"); item_len, "Addresses");
address_tree = proto_item_add_subtree(item, ett_addresses); address_tree = proto_item_add_subtree(item, ett_addresses);
} }
start = asn1p->pointer + item_len; start = offset;
end = asn1p->offset + item_len;
while(start > asn1p->pointer) { while(asn1p->offset < end) {
dissect_type_value_pair(asn1p, &offset, dissect_type_value_pair(asn1p, &offset,
&address_type, &item_len, &tmp_pos1, &address_type, &item_len, &tmp_pos1,
&str, &str_len, &tmp_pos2); &str, &str_len, &tmp_pos2);
if (address_tree) { if (address_tree) {
proto_tree_add_text(address_tree, NullTVB, tmp_pos1, proto_tree_add_text(address_tree, asn1p->tvb, tmp_pos1,
item_len, "Type: %s", item_len, "Type: %s",
val_to_str(address_type, krb5_address_types, val_to_str(address_type, krb5_address_types,
"Unknown address type %#x")); "Unknown address type %#x"));
switch(address_type) { switch(address_type) {
case KRB5_ADDR_IPv4: case KRB5_ADDR_IPv4:
proto_tree_add_text(address_tree, NullTVB, tmp_pos2, proto_tree_add_text(address_tree, asn1p->tvb, tmp_pos2,
str_len, "Value: %d.%d.%d.%d", str_len, "Value: %d.%d.%d.%d",
str[0], str[1], str[2], str[3]); str[0], str[1], str[2], str[3]);
break; break;
default: default:
proto_tree_add_text(address_tree, NullTVB, tmp_pos2, proto_tree_add_text(address_tree, asn1p->tvb, tmp_pos2,
str_len, "Value: %s", str_len, "Value: %s",
bytes_to_str(str, str_len)); bytes_to_str(str, str_len));
} }
} }
} }
return offset; return offset - start_offset;
} }
static int static int
dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd, dissect_EncryptedData(char *title, ASN1_SCK *asn1p, packet_info *pinfo,
proto_tree *tree, int start_offset) proto_tree *tree, int start_offset)
{ {
/* /*
EncryptedData ::= SEQUENCE { EncryptedData ::= SEQUENCE {
@ -1148,7 +1190,7 @@ dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd,
proto_tree *encr_tree = NULL; proto_tree *encr_tree = NULL;
int offset = start_offset; int offset = start_offset;
const guchar *start; int start;
guint cls, con, tag; guint cls, con, tag;
guint header_len, item_len, data_len; guint header_len, item_len, data_len;
int ret; int ret;
@ -1163,7 +1205,7 @@ dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd,
KRB_SEQ_HEAD_DECODE_OR_DIE("encrypted data section"); KRB_SEQ_HEAD_DECODE_OR_DIE("encrypted data section");
if (tree) { if (tree) {
item = proto_tree_add_text(tree, NullTVB, start_offset, item = proto_tree_add_text(tree, asn1p->tvb, start_offset,
(offset - start_offset) + item_len, (offset - start_offset) + item_len,
"Encrypted Data: %s", title); "Encrypted Data: %s", title);
encr_tree = proto_item_add_subtree(item, ett_princ); encr_tree = proto_item_add_subtree(item, ett_princ);
@ -1173,7 +1215,7 @@ dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd,
KRB_DECODE_CONTEXT_HEAD_OR_DIE("encryption type", 0); KRB_DECODE_CONTEXT_HEAD_OR_DIE("encryption type", 0);
KRB_DECODE_UINT32_OR_DIE("encr-type", val); KRB_DECODE_UINT32_OR_DIE("encr-type", val);
if (encr_tree) { if (encr_tree) {
proto_tree_add_text(encr_tree, NullTVB, offset, length, proto_tree_add_text(encr_tree, asn1p->tvb, offset, length,
"Type: %s", "Type: %s",
val_to_str(val, krb5_encryption_types, val_to_str(val, krb5_encryption_types,
"Unknown encryption type %#x")); "Unknown encryption type %#x"));
@ -1185,7 +1227,7 @@ dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd,
if (CHECK_CONTEXT_TYPE(1)) { if (CHECK_CONTEXT_TYPE(1)) {
KRB_DECODE_UINT32_OR_DIE("kvno", val); KRB_DECODE_UINT32_OR_DIE("kvno", val);
if (encr_tree) { if (encr_tree) {
proto_tree_add_text(encr_tree, NullTVB, offset, length, proto_tree_add_text(encr_tree, asn1p->tvb, offset, length,
"KVNO: %d", val); "KVNO: %d", val);
} }
offset += length; offset += length;
@ -1196,17 +1238,17 @@ dissect_EncryptedData(char *title, ASN1_SCK *asn1p, frame_data *fd,
KRB_DECODE_OCTET_STRING_OR_DIE("cipher", data, data_len, item_len); KRB_DECODE_OCTET_STRING_OR_DIE("cipher", data, data_len, item_len);
if (encr_tree) { if (encr_tree) {
proto_tree_add_text(encr_tree, NullTVB, offset, data_len, proto_tree_add_text(encr_tree, asn1p->tvb, offset, data_len,
"CipherText: %s", bytes_to_str(data, item_len)); "CipherText: %s", bytes_to_str(data, item_len));
} }
offset += data_len; offset += data_len;
return offset; return offset - start_offset;
} }
static int static int
dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree, dissect_Ticket(char *title, ASN1_SCK *asn1p, packet_info *pinfo,
int start_offset) proto_tree *tree, int start_offset)
{ {
/* /*
Ticket ::= [APPLICATION 1] SEQUENCE { Ticket ::= [APPLICATION 1] SEQUENCE {
@ -1219,7 +1261,7 @@ dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree,
proto_tree *ticket_tree = NULL; proto_tree *ticket_tree = NULL;
int offset = start_offset; int offset = start_offset;
const guchar *start; int start;
guint cls, con, tag; guint cls, con, tag;
guint header_len, item_len, total_len; guint header_len, item_len, total_len;
int ret; int ret;
@ -1237,7 +1279,7 @@ dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree,
total_len = item_len; total_len = item_len;
if (tree) { if (tree) {
item = proto_tree_add_text(tree, NullTVB, start_offset, item = proto_tree_add_text(tree, asn1p->tvb, start_offset,
(offset - start_offset) + item_len, (offset - start_offset) + item_len,
"Ticket"); "Ticket");
ticket_tree = proto_item_add_subtree(item, ett_ticket); ticket_tree = proto_item_add_subtree(item, ett_ticket);
@ -1247,7 +1289,7 @@ dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree,
KRB_DECODE_CONTEXT_HEAD_OR_DIE("Ticket tkt-vno", KRB5_TKT_TKT_VNO); KRB_DECODE_CONTEXT_HEAD_OR_DIE("Ticket tkt-vno", KRB5_TKT_TKT_VNO);
KRB_DECODE_UINT32_OR_DIE("Ticket tkt-vno", val); KRB_DECODE_UINT32_OR_DIE("Ticket tkt-vno", val);
if (ticket_tree) { if (ticket_tree) {
proto_tree_add_text(ticket_tree, NullTVB, offset, length, proto_tree_add_text(ticket_tree, asn1p->tvb, offset, length,
"Version: %u", val); "Version: %u", val);
} }
offset += length; offset += length;
@ -1257,7 +1299,7 @@ dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree,
KRB_DECODE_CONTEXT_HEAD_OR_DIE("Ticket realm", KRB5_TKT_REALM); KRB_DECODE_CONTEXT_HEAD_OR_DIE("Ticket realm", KRB5_TKT_REALM);
KRB_DECODE_GENERAL_STRING_OR_DIE("Ticket realm string", str, str_len, item_len); KRB_DECODE_GENERAL_STRING_OR_DIE("Ticket realm string", str, str_len, item_len);
if (ticket_tree) { if (ticket_tree) {
proto_tree_add_text(ticket_tree, NullTVB, offset, item_len, proto_tree_add_text(ticket_tree, asn1p->tvb, offset, item_len,
"Realm: %.*s", str_len, str); "Realm: %.*s", str_len, str);
} }
offset += item_len; offset += item_len;
@ -1265,7 +1307,7 @@ dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree,
/* server name (sname) */ /* server name (sname) */
KRB_DECODE_CONTEXT_HEAD_OR_DIE("Ticket sname", KRB5_TKT_SNAME); KRB_DECODE_CONTEXT_HEAD_OR_DIE("Ticket sname", KRB5_TKT_SNAME);
item_len = dissect_PrincipalName("Service Name", asn1p, fd, ticket_tree, item_len = dissect_PrincipalName("Service Name", asn1p, pinfo, ticket_tree,
offset); offset);
if (item_len == -1) if (item_len == -1)
return -1; return -1;
@ -1273,12 +1315,13 @@ dissect_Ticket(char *title, ASN1_SCK *asn1p, frame_data *fd, proto_tree *tree,
/* encrypted part */ /* encrypted part */
KRB_DECODE_CONTEXT_HEAD_OR_DIE("enc-part", KRB5_TKT_ENC_PART); KRB_DECODE_CONTEXT_HEAD_OR_DIE("enc-part", KRB5_TKT_ENC_PART);
offset = dissect_EncryptedData("Ticket data", asn1p, fd, ticket_tree, length = dissect_EncryptedData("Ticket data", asn1p, pinfo, ticket_tree,
offset); offset);
if (offset == -1) if (length == -1)
return -1; return -1;
offset += length;
return offset; return offset - start_offset;
} }
@ -1297,6 +1340,7 @@ proto_register_kerberos(void) {
&ett_ticket, &ett_ticket,
&ett_addresses, &ett_addresses,
&ett_etype, &ett_etype,
&ett_additional_tickets,
}; };
proto_kerberos = proto_register_protocol("Kerberos", "KRB5", "kerberos"); proto_kerberos = proto_register_protocol("Kerberos", "KRB5", "kerberos");
/* /*
@ -1308,10 +1352,10 @@ proto_register_kerberos(void) {
void void
proto_reg_handoff_kerberos(void) proto_reg_handoff_kerberos(void)
{ {
old_dissector_add("udp.port", UDP_PORT_KERBEROS, dissect_kerberos, dissector_add("udp.port", UDP_PORT_KERBEROS, dissect_kerberos,
proto_kerberos); proto_kerberos);
old_dissector_add("tcp.port", TCP_PORT_KERBEROS, dissect_kerberos, dissector_add("tcp.port", TCP_PORT_KERBEROS, dissect_kerberos,
proto_kerberos); proto_kerberos);
} }
/* /*
@ -1577,16 +1621,16 @@ proto_reg_handoff_kerberos(void)
METHOD-DATA ::= SEQUENCE { METHOD-DATA ::= SEQUENCE {
method-type[0] INTEGER, method-type[0] INTEGER,
method-data[1] OCTET STRING OPTIONAL method-data[1] OCTET STRING OPTIONAL
} }
EncryptionKey ::= SEQUENCE { EncryptionKey ::= SEQUENCE {
keytype[0] INTEGER, keytype[0] INTEGER,
keyvalue[1] OCTET STRING keyvalue[1] OCTET STRING
} }
Checksum ::= SEQUENCE { Checksum ::= SEQUENCE {
cksumtype[0] INTEGER, cksumtype[0] INTEGER,
checksum[1] OCTET STRING checksum[1] OCTET STRING
} }
*/ */

194
packet-ldap.c
View File

@ -1,7 +1,7 @@
/* packet-ldap.c /* packet-ldap.c
* Routines for ldap packet dissection * Routines for ldap packet dissection
* *
* $Id: packet-ldap.c,v 1.22 2001/01/10 23:42:12 guy Exp $ * $Id: packet-ldap.c,v 1.23 2001/04/15 07:30:03 guy Exp $
* *
* Ethereal - Network traffic analyzer * Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org> * By Gerald Combs <gerald@zing.org>
@ -140,7 +140,7 @@ static int read_length(ASN1_SCK *a, proto_tree *tree, int hf_id, guint *len)
{ {
guint length = 0; guint length = 0;
gboolean def = FALSE; gboolean def = FALSE;
const guchar *start = a->pointer; int start = a->offset;
asn1_length_decode(a, &def, &length); asn1_length_decode(a, &def, &length);
@ -148,7 +148,7 @@ static int read_length(ASN1_SCK *a, proto_tree *tree, int hf_id, guint *len)
*len = length; *len = length;
if (tree) if (tree)
proto_tree_add_uint(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, length); proto_tree_add_uint(tree, hf_id, a->tvb, start, a->offset-start, length);
return 0; return 0;
} }
@ -157,13 +157,15 @@ static int read_sequence(ASN1_SCK *a, guint *len)
{ {
guint cls, con, tag; guint cls, con, tag;
gboolean def; gboolean def;
int start;
guint length; guint length;
start = a->offset;
if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR) if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
return 1; return 1;
if (cls != ASN1_UNI || con != ASN1_CON || tag != ASN1_SEQ) if (cls != ASN1_UNI || con != ASN1_CON || tag != ASN1_SEQ)
return 1; return 1;
if (len) if (len)
*len = length; *len = length;
@ -188,7 +190,7 @@ static int read_set(ASN1_SCK *a, guint *len)
} }
static int read_integer_value(ASN1_SCK *a, proto_tree *tree, int hf_id, static int read_integer_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
proto_tree **new_tree, guint *i, const guchar *start, guint length) proto_tree **new_tree, guint *i, int start, guint length)
{ {
guint integer = 0; guint integer = 0;
@ -200,7 +202,7 @@ static int read_integer_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
if (tree) if (tree)
{ {
proto_tree *temp_tree = 0; proto_tree *temp_tree = 0;
temp_tree = proto_tree_add_uint(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, integer); temp_tree = proto_tree_add_uint(tree, hf_id, a->tvb, start, a->offset-start, integer);
if (new_tree) if (new_tree)
*new_tree = temp_tree; *new_tree = temp_tree;
} }
@ -214,7 +216,7 @@ static int read_integer(ASN1_SCK *a, proto_tree *tree, int hf_id,
guint cls, con, tag; guint cls, con, tag;
gboolean def; gboolean def;
guint length; guint length;
const guchar *start = a->pointer; int start = a->offset;
if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR) if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
return 1; return 1;
@ -225,7 +227,7 @@ static int read_integer(ASN1_SCK *a, proto_tree *tree, int hf_id,
} }
static int read_boolean_value(ASN1_SCK *a, proto_tree *tree, int hf_id, static int read_boolean_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
proto_tree **new_tree, guint *i, const guchar *start, guint length) proto_tree **new_tree, guint *i, int start, guint length)
{ {
guint integer = 0; guint integer = 0;
@ -237,7 +239,7 @@ static int read_boolean_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
if (tree) if (tree)
{ {
proto_tree *temp_tree = 0; proto_tree *temp_tree = 0;
temp_tree = proto_tree_add_boolean(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, integer); temp_tree = proto_tree_add_boolean(tree, hf_id, a->tvb, start, a->offset-start, integer);
if (new_tree) if (new_tree)
*new_tree = temp_tree; *new_tree = temp_tree;
} }
@ -251,7 +253,7 @@ static int read_boolean(ASN1_SCK *a, proto_tree *tree, int hf_id,
guint cls, con, tag; guint cls, con, tag;
gboolean def; gboolean def;
guint length; guint length;
const guchar *start = a->pointer; int start = a->offset;
if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR) if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
return 1; return 1;
@ -262,7 +264,7 @@ static int read_boolean(ASN1_SCK *a, proto_tree *tree, int hf_id,
} }
static void read_string_value(ASN1_SCK *a, proto_tree *tree, int hf_id, static void read_string_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
proto_tree **new_tree, char **s, const guchar *start, guint length) proto_tree **new_tree, char **s, int start, guint length)
{ {
guchar *string; guchar *string;
@ -278,7 +280,7 @@ static void read_string_value(ASN1_SCK *a, proto_tree *tree, int hf_id,
if (tree) if (tree)
{ {
proto_tree *temp_tree; proto_tree *temp_tree;
temp_tree = proto_tree_add_string(tree, hf_id, NullTVB, start - a->begin, a->pointer - start, string); temp_tree = proto_tree_add_string(tree, hf_id, a->tvb, start, a->offset - start, string);
if (new_tree) if (new_tree)
*new_tree = temp_tree; *new_tree = temp_tree;
} }
@ -295,7 +297,7 @@ static int read_string(ASN1_SCK *a, proto_tree *tree, int hf_id,
guint cls, con, tag; guint cls, con, tag;
gboolean def; gboolean def;
guint length; guint length;
const guchar *start = a->pointer; int start = a->offset;
int ret; int ret;
ret = asn1_header_decode(a, &cls, &con, &tag, &def, &length); ret = asn1_header_decode(a, &cls, &con, &tag, &def, &length);
@ -348,7 +350,7 @@ static int parse_filter_strings(ASN1_SCK *a, char **filter, guint *filter_length
/* Richard Dawe: To parse substring filters, I added this function. */ /* Richard Dawe: To parse substring filters, I added this function. */
static int parse_filter_substrings(ASN1_SCK *a, char **filter, guint *filter_length) static int parse_filter_substrings(ASN1_SCK *a, char **filter, guint *filter_length)
{ {
guchar *end; int end;
guchar *string; guchar *string;
char *filterp; char *filterp;
guint string_length; guint string_length;
@ -386,9 +388,9 @@ static int parse_filter_substrings(ASN1_SCK *a, char **filter, guint *filter_len
/* Now decode seq_len's worth of octet strings. */ /* Now decode seq_len's worth of octet strings. */
any_valued = 0; any_valued = 0;
end = (guchar *) (a->pointer + seq_len); end = a->offset + seq_len;
while (a->pointer < end) { while (a->offset < end) {
/* Octet strings here are context-specific, which /* Octet strings here are context-specific, which
* asn1_octet_string_decode() barfs on. Emulate it, but don't barf. */ * asn1_octet_string_decode() barfs on. Emulate it, but don't barf. */
ret = asn1_header_decode (a, &cls, &con, &tag, &def, &string_length); ret = asn1_header_decode (a, &cls, &con, &tag, &def, &string_length);
@ -446,7 +448,8 @@ static int parse_filter_substrings(ASN1_SCK *a, char **filter, guint *filter_len
} }
/* Returns -1 if we're at the end, returns an ASN1_ERR value otherwise. */ /* Returns -1 if we're at the end, returns an ASN1_ERR value otherwise. */
static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const guchar **end) static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length,
int *end)
{ {
guint cls, con, tag; guint cls, con, tag;
guint length; guint length;
@ -459,7 +462,7 @@ static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const
if (*end == 0) if (*end == 0)
{ {
*end = a->pointer + length; *end = a->offset + length;
*filter_length = 1; *filter_length = 1;
*filter = g_malloc0(*filter_length); *filter = g_malloc0(*filter_length);
} }
@ -470,11 +473,11 @@ static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const
{ {
case LDAP_FILTER_AND: case LDAP_FILTER_AND:
{ {
const guchar *add_end; int add_end;
if (con != ASN1_CON) if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE; return ASN1_ERR_WRONG_TYPE;
add_end = a->pointer + length; add_end = a->offset + length;
*filter_length += 3; *filter_length += 3;
*filter = g_realloc(*filter, *filter_length); *filter = g_realloc(*filter, *filter_length);
strcat(*filter, "(&"); strcat(*filter, "(&");
@ -488,11 +491,11 @@ static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const
break; break;
case LDAP_FILTER_OR: case LDAP_FILTER_OR:
{ {
const guchar *or_end; int or_end;
if (con != ASN1_CON) if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE; return ASN1_ERR_WRONG_TYPE;
or_end = a->pointer + length; or_end = a->offset + length;
*filter_length += 3; *filter_length += 3;
*filter = g_realloc(*filter, *filter_length); *filter = g_realloc(*filter, *filter_length);
strcat(*filter, "(|"); strcat(*filter, "(|");
@ -506,11 +509,11 @@ static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const
break; break;
case LDAP_FILTER_NOT: case LDAP_FILTER_NOT:
{ {
const guchar *not_end; int not_end;
if (con != ASN1_CON) if (con != ASN1_CON)
return ASN1_ERR_WRONG_TYPE; return ASN1_ERR_WRONG_TYPE;
not_end = a->pointer + length; not_end = a->offset + length;
*filter_length += 3; *filter_length += 3;
*filter = g_realloc(*filter, *filter_length); *filter = g_realloc(*filter, *filter_length);
strcat(*filter, "(!"); strcat(*filter, "(!");
@ -586,7 +589,7 @@ static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const
} }
} }
if (a->pointer == *end) if (a->offset == *end)
return -1; return -1;
else else
return ret; return ret;
@ -594,10 +597,10 @@ static int parse_filter(ASN1_SCK *a, char **filter, guint *filter_length, const
static int read_filter(ASN1_SCK *a, proto_tree *tree, int hf_id) static int read_filter(ASN1_SCK *a, proto_tree *tree, int hf_id)
{ {
const guchar *start = a->pointer; int start = a->offset;
char *filter = 0; char *filter = 0;
guint filter_length = 0; guint filter_length = 0;
const guchar *end = 0; int end = 0;
int ret; int ret;
while ((ret = parse_filter(a, &filter, &filter_length, &end)) while ((ret = parse_filter(a, &filter, &filter_length, &end))
@ -606,10 +609,10 @@ static int read_filter(ASN1_SCK *a, proto_tree *tree, int hf_id)
if (tree) { if (tree) {
if (ret != -1) { if (ret != -1) {
proto_tree_add_text(tree, NullTVB, start-a->begin, 0, proto_tree_add_text(tree, a->tvb, start, 0,
"Error parsing filter (%d)", ret); "Error parsing filter (%d)", ret);
} else } else
proto_tree_add_string(tree, hf_id, NullTVB, start-a->begin, a->pointer-start, filter); proto_tree_add_string(tree, hf_id, a->tvb, start, a->offset-start, filter);
} }
g_free(filter); g_free(filter);
@ -629,17 +632,17 @@ static int dissect_ldap_result(ASN1_SCK *a, proto_tree *tree)
if (resultCode == 10) /* Referral */ if (resultCode == 10) /* Referral */
{ {
const guchar *start = a->pointer; int start = a->offset;
const guchar *end; int end;
guint length; guint length;
proto_tree *t, *referralTree; proto_tree *t, *referralTree;
read_sequence(a, &length); read_sequence(a, &length);
t = proto_tree_add_text(tree, NullTVB, start-a->begin, length, "Referral URLs"); t = proto_tree_add_text(tree, a->tvb, start, length, "Referral URLs");
referralTree = proto_item_add_subtree(t, ett_ldap_referrals); referralTree = proto_item_add_subtree(t, ett_ldap_referrals);
end = a->pointer + length;; end = a->offset + length;
while (a->pointer < end) while (a->offset < end)
read_string(a, referralTree, hf_ldap_message_result_referral, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, referralTree, hf_ldap_message_result_referral, 0, 0, ASN1_UNI, ASN1_OTS);
} }
@ -650,18 +653,18 @@ static int dissect_ldap_request_bind(ASN1_SCK *a, proto_tree *tree)
{ {
guint cls, con, tag; guint cls, con, tag;
guint def, length; guint def, length;
const guchar *start; int start;
read_integer(a, tree, hf_ldap_message_bind_version, 0, 0, ASN1_INT); read_integer(a, tree, hf_ldap_message_bind_version, 0, 0, ASN1_INT);
read_string(a, tree, hf_ldap_message_bind_dn, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_bind_dn, 0, 0, ASN1_UNI, ASN1_OTS);
start = a->pointer; start = a->offset;
if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR) if (asn1_header_decode(a, &cls, &con, &tag, &def, &length) != ASN1_ERR_NOERROR)
return 1; /* XXX - right return value for an error? */ return 1; /* XXX - right return value for an error? */
if (cls != ASN1_CTX) if (cls != ASN1_CTX)
return 1; /* RFCs 1777 and 2251 say these are context-specific types */ return 1; /* RFCs 1777 and 2251 say these are context-specific types */
proto_tree_add_uint(tree, hf_ldap_message_bind_auth, NullTVB, start - a->begin, proto_tree_add_uint(tree, hf_ldap_message_bind_auth, a->tvb, start,
a->pointer - start, tag); a->offset - start, tag);
switch (tag) switch (tag)
{ {
case LDAP_AUTH_SIMPLE: case LDAP_AUTH_SIMPLE:
@ -686,7 +689,7 @@ static int dissect_ldap_response_bind(ASN1_SCK *a, proto_tree *tree)
static int dissect_ldap_request_search(ASN1_SCK *a, proto_tree *tree) static int dissect_ldap_request_search(ASN1_SCK *a, proto_tree *tree)
{ {
guint seq_length; guint seq_length;
const guchar *end; int end;
int ret; int ret;
read_string(a, tree, hf_ldap_message_search_base, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_search_base, 0, 0, ASN1_UNI, ASN1_OTS);
@ -699,8 +702,8 @@ static int dissect_ldap_request_search(ASN1_SCK *a, proto_tree *tree)
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
return ret; return ret;
read_sequence(a, &seq_length); read_sequence(a, &seq_length);
end = a->pointer + seq_length; end = a->offset + seq_length;
while (a->pointer < end) { while (a->offset < end) {
ret = read_string(a, tree, hf_ldap_message_attribute, 0, 0, ASN1_UNI, ASN1_OTS); ret = read_string(a, tree, hf_ldap_message_attribute, 0, 0, ASN1_UNI, ASN1_OTS);
if (ret != ASN1_ERR_NOERROR) if (ret != ASN1_ERR_NOERROR)
return ret; return ret;
@ -711,25 +714,25 @@ static int dissect_ldap_request_search(ASN1_SCK *a, proto_tree *tree)
static int dissect_ldap_response_search_entry(ASN1_SCK *a, proto_tree *tree) static int dissect_ldap_response_search_entry(ASN1_SCK *a, proto_tree *tree)
{ {
guint seq_length; guint seq_length;
const guchar *end_of_sequence; int end_of_sequence;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, &seq_length); read_sequence(a, &seq_length);
end_of_sequence = a->pointer + seq_length; end_of_sequence = a->offset + seq_length;
while (a->pointer < end_of_sequence) while (a->offset < end_of_sequence)
{ {
proto_tree *t, *attr_tree; proto_tree *t, *attr_tree;
guint set_length; guint set_length;
const guchar *end_of_set; int end_of_set;
read_sequence(a, 0); read_sequence(a, 0);
read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS);
attr_tree = proto_item_add_subtree(t, ett_ldap_attribute); attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
read_set(a, &set_length); read_set(a, &set_length);
end_of_set = a->pointer + set_length; end_of_set = a->offset + set_length;
while (a->pointer < end_of_set) while (a->offset < end_of_set)
read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
} }
@ -739,25 +742,25 @@ static int dissect_ldap_response_search_entry(ASN1_SCK *a, proto_tree *tree)
static int dissect_ldap_request_add(ASN1_SCK *a, proto_tree *tree) static int dissect_ldap_request_add(ASN1_SCK *a, proto_tree *tree)
{ {
guint seq_length; guint seq_length;
const guchar *end_of_sequence; int end_of_sequence;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, &seq_length); read_sequence(a, &seq_length);
end_of_sequence = a->pointer + seq_length; end_of_sequence = a->offset + seq_length;
while (a->pointer < end_of_sequence) while (a->offset < end_of_sequence)
{ {
proto_tree *t, *attr_tree; proto_tree *t, *attr_tree;
guint set_length; guint set_length;
const guchar *end_of_set; int end_of_set;
read_sequence(a, 0); read_sequence(a, 0);
read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_attribute, &t, 0, ASN1_UNI, ASN1_OTS);
attr_tree = proto_item_add_subtree(t, ett_ldap_attribute); attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
read_set(a, &set_length); read_set(a, &set_length);
end_of_set = a->pointer + set_length; end_of_set = a->offset + set_length;
while (a->pointer < end_of_set) while (a->offset < end_of_set)
read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
} }
@ -765,7 +768,7 @@ static int dissect_ldap_request_add(ASN1_SCK *a, proto_tree *tree)
} }
static int dissect_ldap_request_delete(ASN1_SCK *a, proto_tree *tree, static int dissect_ldap_request_delete(ASN1_SCK *a, proto_tree *tree,
const guchar *start, guint length) int start, guint length)
{ {
read_string_value(a, tree, hf_ldap_message_dn, NULL, NULL, start, length); read_string_value(a, tree, hf_ldap_message_dn, NULL, NULL, start, length);
return 0; return 0;
@ -774,13 +777,13 @@ static int dissect_ldap_request_delete(ASN1_SCK *a, proto_tree *tree,
static int dissect_ldap_request_modifyrdn(ASN1_SCK *a, proto_tree *tree, static int dissect_ldap_request_modifyrdn(ASN1_SCK *a, proto_tree *tree,
guint length) guint length)
{ {
const guchar *start = a->pointer; int start = a->offset;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_string(a, tree, hf_ldap_message_modrdn_name, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_modrdn_name, 0, 0, ASN1_UNI, ASN1_OTS);
read_boolean(a, tree, hf_ldap_message_modrdn_delete, 0, 0); read_boolean(a, tree, hf_ldap_message_modrdn_delete, 0, 0);
if (a->pointer < (start + length)) { if (a->offset < (start + length)) {
/* LDAP V3 Modify DN operation, with newSuperior */ /* LDAP V3 Modify DN operation, with newSuperior */
read_string(a, tree, hf_ldap_message_modrdn_superior, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_modrdn_superior, 0, 0, ASN1_UNI, ASN1_OTS);
} }
@ -790,7 +793,7 @@ static int dissect_ldap_request_modifyrdn(ASN1_SCK *a, proto_tree *tree,
static int dissect_ldap_request_compare(ASN1_SCK *a, proto_tree *tree) static int dissect_ldap_request_compare(ASN1_SCK *a, proto_tree *tree)
{ {
const guchar *start; int start;
int length; int length;
char *string1 = 0; char *string1 = 0;
char *string2 = 0; char *string2 = 0;
@ -799,14 +802,15 @@ static int dissect_ldap_request_compare(ASN1_SCK *a, proto_tree *tree)
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, 0); read_sequence(a, 0);
start = a->pointer; start = a->offset;
read_string(a, 0, -1, 0, &string1, ASN1_UNI, ASN1_OTS); read_string(a, 0, -1, 0, &string1, ASN1_UNI, ASN1_OTS);
read_string(a, 0, -1, 0, &string2, ASN1_UNI, ASN1_OTS); read_string(a, 0, -1, 0, &string2, ASN1_UNI, ASN1_OTS);
length = 2 + strlen(string1) + strlen(string2); length = 2 + strlen(string1) + strlen(string2);
compare = g_malloc0(length); compare = g_malloc0(length);
snprintf(compare, length, "%s=%s", string1, string2); snprintf(compare, length, "%s=%s", string1, string2);
proto_tree_add_string(tree, hf_ldap_message_compare, NullTVB, start-a->begin, a->pointer-start, compare); proto_tree_add_string(tree, hf_ldap_message_compare, a->tvb, start,
a->offset-start, compare);
g_free(string1); g_free(string1);
g_free(string2); g_free(string2);
@ -818,16 +822,16 @@ static int dissect_ldap_request_compare(ASN1_SCK *a, proto_tree *tree)
static int dissect_ldap_request_modify(ASN1_SCK *a, proto_tree *tree) static int dissect_ldap_request_modify(ASN1_SCK *a, proto_tree *tree)
{ {
guint seq_length; guint seq_length;
const guchar *end_of_sequence; int end_of_sequence;
read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, tree, hf_ldap_message_dn, 0, 0, ASN1_UNI, ASN1_OTS);
read_sequence(a, &seq_length); read_sequence(a, &seq_length);
end_of_sequence = a->pointer + seq_length; end_of_sequence = a->offset + seq_length;
while (a->pointer < end_of_sequence) while (a->offset < end_of_sequence)
{ {
proto_tree *t = 0, *attr_tree; proto_tree *t = 0, *attr_tree;
guint set_length; guint set_length;
const guchar *end_of_set; int end_of_set;
guint operation; guint operation;
read_sequence(a, 0); read_sequence(a, 0);
@ -849,8 +853,8 @@ static int dissect_ldap_request_modify(ASN1_SCK *a, proto_tree *tree)
attr_tree = proto_item_add_subtree(t, ett_ldap_attribute); attr_tree = proto_item_add_subtree(t, ett_ldap_attribute);
read_set(a, &set_length); read_set(a, &set_length);
end_of_set = a->pointer + set_length; end_of_set = a->offset + set_length;
while (a->pointer < end_of_set) while (a->offset < end_of_set)
read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS); read_string(a, attr_tree, hf_ldap_message_value, 0, 0, ASN1_UNI, ASN1_OTS);
} }
@ -858,7 +862,7 @@ static int dissect_ldap_request_modify(ASN1_SCK *a, proto_tree *tree)
} }
static int dissect_ldap_request_abandon(ASN1_SCK *a, proto_tree *tree, static int dissect_ldap_request_abandon(ASN1_SCK *a, proto_tree *tree,
const guchar *start, guint length) int start, guint length)
{ {
read_integer_value(a, tree, hf_ldap_message_abandon_msgid, NULL, NULL, read_integer_value(a, tree, hf_ldap_message_abandon_msgid, NULL, NULL,
start, length); start, length);
@ -866,8 +870,9 @@ static int dissect_ldap_request_abandon(ASN1_SCK *a, proto_tree *tree,
} }
static void static void
dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree) dissect_ldap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{ {
int offset = 0;
proto_tree *ldap_tree = 0, *ti, *msg_tree; proto_tree *ldap_tree = 0, *ti, *msg_tree;
guint messageLength; guint messageLength;
guint messageId; guint messageId;
@ -875,49 +880,38 @@ dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
gchar *typestr; gchar *typestr;
guint opLen; guint opLen;
ASN1_SCK a; ASN1_SCK a;
const guchar *start; int start;
int first_time = 1; int first_time = 1;
int ret; int ret;
OLD_CHECK_DISPLAY_AS_DATA(proto_ldap, pd, offset, fd, tree);
if (tree) if (tree)
{ {
ti = proto_tree_add_item(tree, proto_ldap, NullTVB, offset, END_OF_FRAME, FALSE); ti = proto_tree_add_item(tree, proto_ldap, tvb, offset, tvb_length(tvb),
FALSE);
ldap_tree = proto_item_add_subtree(ti, ett_ldap); ldap_tree = proto_item_add_subtree(ti, ett_ldap);
} }
asn1_open(&a, pd, pi.captured_len); asn1_open(&a, tvb, 0);
a.pointer += offset;
while (a.pointer < a.end) while (tvb_reported_length_remaining(tvb, offset) > 0)
{ {
int message_id_start; int message_id_start;
int message_id_length; int message_id_length;
int message_start; int message_start;
message_start = a.pointer - a.begin; message_start = a.offset;
if (read_sequence(&a, &messageLength)) if (read_sequence(&a, &messageLength))
{ {
if (ldap_tree) if (ldap_tree)
proto_tree_add_text(ldap_tree, NullTVB, offset, 1, "Invalid LDAP packet"); proto_tree_add_text(ldap_tree, tvb, offset, 1, "Invalid LDAP packet");
break; break;
} }
if (messageLength > (a.end - a.pointer)) message_id_start = a.offset;
{
if (ldap_tree)
proto_tree_add_text(ldap_tree, NullTVB, message_start, END_OF_FRAME,
"Short message! (expected: %u, actual: %lu)",
messageLength, (unsigned long)(a.end - a.pointer));
break;
}
message_id_start = a.pointer - a.begin;
read_integer(&a, 0, -1, 0, &messageId, ASN1_INT); read_integer(&a, 0, -1, 0, &messageId, ASN1_INT);
message_id_length = (a.pointer - a.begin) - message_id_start; message_id_length = a.offset - message_id_start;
start = a.pointer; start = a.offset;
asn1_id_decode(&a, &protocolOpCls, &protocolOpCon, &protocolOpTag); asn1_id_decode(&a, &protocolOpCls, &protocolOpCon, &protocolOpTag);
if (protocolOpCls != ASN1_APL) if (protocolOpCls != ASN1_APL)
typestr = "Bad message type (not Application)"; typestr = "Bad message type (not Application)";
@ -926,11 +920,11 @@ dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
if (first_time) if (first_time)
{ {
if (check_col(fd, COL_PROTOCOL)) if (check_col(pinfo->fd, COL_PROTOCOL))
col_set_str(fd, COL_PROTOCOL, "LDAP"); col_set_str(pinfo->fd, COL_PROTOCOL, "LDAP");
if (check_col(fd, COL_INFO)) if (check_col(pinfo->fd, COL_INFO))
col_add_fstr(fd, COL_INFO, "MsgId=%u MsgType=%s", col_add_fstr(pinfo->fd, COL_INFO, "MsgId=%u MsgType=%s",
messageId, typestr); messageId, typestr);
first_time = 0; first_time = 0;
if (!tree) if (!tree)
@ -939,12 +933,12 @@ dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
if (ldap_tree) if (ldap_tree)
{ {
proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_id, NullTVB, message_id_start, message_id_length, messageId); proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_id, tvb, message_id_start, message_id_length, messageId);
proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_type, NullTVB, proto_tree_add_uint_hidden(ldap_tree, hf_ldap_message_type, tvb,
start - a.begin, a.pointer - start, protocolOpTag); start, a.offset - start, protocolOpTag);
ti = proto_tree_add_text(ldap_tree, NullTVB, message_id_start, messageLength, "Message: Id=%u %s", messageId, typestr); ti = proto_tree_add_text(ldap_tree, tvb, message_id_start, messageLength, "Message: Id=%u %s", messageId, typestr);
msg_tree = proto_item_add_subtree(ti, ett_ldap_message); msg_tree = proto_item_add_subtree(ti, ett_ldap_message);
start = a.pointer; start = a.offset;
read_length(&a, msg_tree, hf_ldap_message_length, &opLen); read_length(&a, msg_tree, hf_ldap_message_length, &opLen);
switch (protocolOpTag) switch (protocolOpTag)
@ -954,8 +948,7 @@ dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
break; break;
case LDAP_REQ_SEARCH: case LDAP_REQ_SEARCH:
ret = dissect_ldap_request_search(&a, msg_tree); ret = dissect_ldap_request_search(&a, msg_tree);
if (ret != ASN1_ERR_NOERROR) /* XXX - do somethign with "ret" */
break;
break; break;
case LDAP_REQ_ADD: case LDAP_REQ_ADD:
dissect_ldap_request_add(&a, msg_tree); dissect_ldap_request_add(&a, msg_tree);
@ -991,6 +984,7 @@ dissect_ldap(const u_char *pd, int offset, frame_data *fd, proto_tree *tree)
break; break;
} }
} }
offset = a.offset;
} }
} }
@ -1210,5 +1204,5 @@ proto_register_ldap(void)
void void
proto_reg_handoff_ldap(void) proto_reg_handoff_ldap(void)
{ {
old_dissector_add("tcp.port", TCP_PORT_LDAP, dissect_ldap, proto_ldap); dissector_add("tcp.port", TCP_PORT_LDAP, dissect_ldap, proto_ldap);
} }

383
packet-snmp.c
View File

File diff suppressed because it is too large Load Diff

4
packet-snmp.h
View File

@ -2,7 +2,7 @@
* Exported routines for SNMP (simple network management protocol) * Exported routines for SNMP (simple network management protocol)
* D.Jorand (c) 1998 * D.Jorand (c) 1998
* *
* $Id: packet-snmp.h,v 1.5 2000/08/11 13:34:00 deniel Exp $ * $Id: packet-snmp.h,v 1.6 2001/04/15 07:30:03 guy Exp $
* *
* Ethereal - Network traffic analyzer * Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org> * By Gerald Combs <gerald@zing.org>
@ -31,7 +31,7 @@
* Guts of the SNMP dissector - exported for use by protocols such as * Guts of the SNMP dissector - exported for use by protocols such as
* ILMI. * ILMI.
*/ */
void dissect_snmp_pdu(const u_char *, int, frame_data *, proto_tree *tree, void dissect_snmp_pdu(tvbuff_t *, int, packet_info *, proto_tree *tree,
char *, int, gint); char *, int, gint);
#endif #endif