On windows if ENDTRY is not evaluated after a exception is being thrown wireshark will crash in dissect_packet() while attempting to pop the last frame of the exception stack.
svn path=/trunk/; revision=21014
this resolves some issues where the decode is ok but the hexpane shows corrupted memory where the decrypted blob should be.
svn path=/trunk/; revision=20824
* <epan/crypt/crypt-md5.h> must come after <glib.h> because of
'guint8' etc.
* Include <wiretap/file_util.h> because of eth_fopen().
svn path=/trunk/; revision=20456
there are many reasons why some protocols actually need to be able to access the pinfo structure while determining the pdu size
svn path=/trunk/; revision=19751
use call_dissector_only() which is new-style aware and not call_dissector() which is not.
this fixes a recent bug found on the heimdal list.
svn path=/trunk/; revision=19129
a new bit 0x00020000 is usde in the TGS-REQ packets and this results in a return of a PAC containing an unknown type 11 field.
the blob in the pac is 200 bytes and NDR encoded. its structure is obvious since it contains 2 conformant and varying arrays and three unique pointers.
enable decoding of this new KDCOptions bit and call it "constrained delegation"
svn path=/trunk/; revision=18857
Two more Kerberos error codes where it has been witnessed that the payload contains a PA-DATA structure with the magic salt containing an nt status code
svn path=/trunk/; revision=18088
issued by ms kdc contains a PA_DATA structure with a salt that contains an
nt_status code explaining why the client was not allowed to get a (tgt) ticket
svn path=/trunk/; revision=17796
for the time being since i have never seen this salt being used elsewhere,
assume everything is the MS style salt:
guint32 nt_status
guint32 unknown
guint32 unknown
if the MS KDC does nopt allow a client to grab a ticket (due to policy client can only log in at certain hours or such)
KDC will repsond with a failuer with edata like above and nt-status == STATUS_LOGON_HOURS
svn path=/trunk/; revision=17722
while this should improve performance by unmeasurably little it does have the sideeffect that once we finish the rewrite tcp analysis might actually work and work well even for tcp over tcp tunnelling.
this also means that if you include packet-tcp.h you also need to include emem.h .
svn path=/trunk/; revision=17681
mp_addr_to_str was unnecessary 'complex' - simplified it
packet-dns.c: Fix incorrect use of g_snprintf return value
packet-dcm.c: Fix incorrect use of g_snprintf return value
Someone who understands the protocol should look at the
"vr, tr might be used uninitialized..." warning.
packet-x11.c: Fix incorrect use of g_snprintf return value
packet-kerberos.c: Fix incorrect use of g_snprintf return value
Someone should take a look at the
"longjump might clobber ..." messages
packet-diameter.c: Fix incorrect use of g_snprintf return value
Get rid of unsigned < 0 check
packet-pgm.c: Fix incorrect use of g_snprintf return value
packet-nbns.c: Fix incorrect use of g_snprintf return value
packet-winsrepl.c: Collateral damage to packet-nbns.c fix
packet-netbios.c: Collateral damage to packet-nbns.c fix
packet-netbios.h: Collateral damage to packet-nbns.c fix
packet-kerberos.c: Collateral damage to packet-nbns.c fix
packet-nbipx.c: Collateral damage to packet-nbns.c fix
svn path=/trunk/; revision=17065
to do this, I've added file_util.h to wiretap (would file_compat.h be a better name?), and provide compat_macros like eth_open() instead of open(). While at it, move other file related things there, like #include <io.h>, definition of O_BINARY and alike, so it's all in one place.
deleted related things from config.h.win32
As of these massive changes, I'm almost certain that this will break the Unix build. I'll keep an eye on the buildbot so hopefully everything is working again soon.
svn path=/trunk/; revision=16403
structure. Handle that.
Don't muck with the columns, or put a top-level Kerberos protocol item
into the protocol tree, until we decide that we really have a Kerberos
packet.
Do, however, clear the Info column if we're dissecting the Kerberos
protocol.
svn path=/trunk/; revision=15589
since a KDC MIGTH send the reply back from a different port.
Then comes X.L's capture (ethereal-dev) 816fc4.cap from 16Aug2005 where
the client is reusing the same source port to talk to DNS after finishing
doing the port 88 KDC stuff.
==>
Make kerberos/udp able to test the packet for sanity and reject packets that
do not look like kerberos (even if there was a conversation that said it was kerberos)
and thus let other dissectors have a go at it.
in doubt, try 816fc4.cap before and after this patch :-)
svn path=/trunk/; revision=15405
-use g_snprintf instead of sprintf and snprintf
-use g_strdup_printf where appropriate
-remove #include "snprintf.h" (as only g_snprintf should be used)
-replace some more alloc/realloc/calloc/free with their glib pendants
svn path=/trunk/; revision=15264
DissectorError. In packet-kerberos.c, restore pinfo->private_data if
we throw an exception, which keeps the SMB dissector from throwing
a DissectorError. Initialize variables in other places to squelch
valgrind warnings.
svn path=/trunk/; revision=15235
that they are not longer than the reported length of the tvb.
this triggers some bugs since in packet-ber we are a bit too lax in setting reported_length of the tvb_new_subset() tvb.
this cause short kerberos packets to not be decoded at all and the same for other short asn based packets as well.
fix some of these instances.
svn path=/trunk/; revision=15127