forked from osmocom/wireshark
start decoding PA_PW_SALT in the PA-DATA structure.
for the time being since i have never seen this salt being used elsewhere, assume everything is the MS style salt: guint32 nt_status guint32 unknown guint32 unknown if the MS KDC does nopt allow a client to grab a ticket (due to policy client can only log in at certain hours or such) KDC will repsond with a failuer with edata like above and nt-status == STATUS_LOGON_HOURS svn path=/trunk/; revision=17722
This commit is contained in:
parent
54f9da2135
commit
fd58413224
|
@ -259,6 +259,8 @@ static gint hf_krb_gssapi_c_flag_replay = -1;
|
|||
static gint hf_krb_gssapi_c_flag_sequence = -1;
|
||||
static gint hf_krb_gssapi_c_flag_conf = -1;
|
||||
static gint hf_krb_gssapi_c_flag_integ = -1;
|
||||
static gint hf_krb_smb_nt_status = -1;
|
||||
static gint hf_krb_smb_unknown = -1;
|
||||
|
||||
static gint ett_krb_kerberos = -1;
|
||||
static gint ett_krb_TransitedEncoding = -1;
|
||||
|
@ -2064,6 +2066,33 @@ dissect_krb5_PA_ENCTYPE_INFO2(packet_info *pinfo, proto_tree *tree, tvbuff_t *tv
|
|||
return offset;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
dissect_krb5_PW_SALT(packet_info *pinfo _U_, proto_tree *tree, tvbuff_t *tvb, int offset)
|
||||
{
|
||||
/* Microsoft stores a special 12 byte blob here
|
||||
* guint32 NT_status
|
||||
* guint32 unknown
|
||||
* guint32 unknown
|
||||
* decode everything as this blob for now until we see if anyone
|
||||
* else ever uses it or we learn how to tell wether this
|
||||
* is such an MS blob or not.
|
||||
*/
|
||||
proto_tree_add_item(tree, hf_krb_smb_nt_status, tvb, offset, 4,
|
||||
TRUE);
|
||||
offset += 4;
|
||||
|
||||
proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
|
||||
TRUE);
|
||||
offset += 4;
|
||||
|
||||
proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
|
||||
TRUE);
|
||||
offset += 4;
|
||||
|
||||
return offset;
|
||||
}
|
||||
|
||||
/*
|
||||
* PA-DATA ::= SEQUENCE {
|
||||
* padata-type[1] INTEGER,
|
||||
|
@ -2120,6 +2149,9 @@ dissect_krb5_PA_DATA_value(packet_info *pinfo, proto_tree *parent_tree, tvbuff_t
|
|||
case KRB5_PA_ENCTYPE_INFO2:
|
||||
offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO2);
|
||||
break;
|
||||
case KRB5_PA_PW_SALT:
|
||||
offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PW_SALT);
|
||||
break;
|
||||
default:
|
||||
offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, NULL);
|
||||
}
|
||||
|
@ -4604,6 +4636,13 @@ proto_register_kerberos(void)
|
|||
{ &hf_krb_gssapi_dlglen, {
|
||||
"DlgLen", "kerberos.gssapi.dlglen", FT_UINT16, BASE_DEC,
|
||||
NULL, 0, "GSSAPI DlgLen", HFILL }},
|
||||
{ &hf_krb_smb_nt_status,
|
||||
{ "NT Status", "kerberos.smb.nt_status", FT_UINT32, BASE_HEX,
|
||||
VALS(NT_errors), 0, "NT Status code", HFILL }},
|
||||
{ &hf_krb_smb_unknown,
|
||||
{ "Unknown", "kerberos.smb.unknown", FT_UINT32, BASE_HEX,
|
||||
NULL, 0, "unknown", HFILL }},
|
||||
|
||||
};
|
||||
|
||||
static gint *ett[] = {
|
||||
|
|
Loading…
Reference in New Issue