osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

The version of the CredSSP protocol can be 2 or 3 

According to Microsoft documentation, valid values for the Version field are 2 and 3. Newer servers (like Windows 2012 R2) respond with Version=3.

Change-Id: Ifb0c6f52d09c75bbde2b4a46d13366461736b9c0
Reviewed-on: https://code.wireshark.org/review/3527
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This commit is contained in:
Eugene Sukhodolin 2014-08-09 21:24:09 -07:00 committed by Pascal Quantin
parent 2f0278c42b
commit d2396d2f58
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
epan/dissectors/packet-credssp.c
View File

@ -362,6 +362,7 @@ dissect_credssp_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree,
gboolean pc;
gint32 tag;
guint32 length;
gint8 ver;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
@ -376,7 +377,8 @@ dissect_credssp_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree,
offset = get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
if((ber_class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_INTEGER)) {
offset = get_ber_length(tvb, offset, &length, NULL);
if((length == 1) && (tvb_get_guint8(tvb, offset) == 2)) {
ver = tvb_get_guint8(tvb, offset);
if((length == 1) && ((ver == 2) || (ver == 3))) {
if (have_tap_listener(exported_pdu_tap)) {
exp_pdu_data_t *exp_pdu_data;
guint8 tags_bit_field;