Date: Mon, 27 Jul 2009 08:55:55 +0000 (+0200)
Subject: patch_ldap_260709
Add a few additional LDAP OIDs
and increase the maximum SASL blob size to be 1M instead of 256kb
svn path=/trunk/; revision=29210
The previous check is incorrect when the first ldap frame in the capture is
selected and the filter is changed, or selecting "Follow TCP Stream".
Also removed check_col().
svn path=/trunk/; revision=28889
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
guarantee a non-null string value. Use it in the LDAP dissector. Fixes
the crash on Windows (and other platforms) reported in bug 3262.
svn path=/trunk/; revision=27478
Use find_dissector;
Initialize saved tcp_port pref properly; This should
fix a possble bug wherein LDAP over SSL would not
be dissected properly. (I don't have a test capture
to verify this fix).
svn path=/trunk/; revision=26764
Extended the cldap desector to include all the current netlogon response data
types.
Expanded the cldap netlogon ntver option to be a bit mask of the search flags
Updated the DS flags fields to include Windows 2008 options.
svn path=/trunk/; revision=25942
Attached is a patch to the ldap_reinit() function to fix bug 2407.
This particular bug was triggered by the order of steps used to walk
and free the nodes of the ldap_info_items list.
This should go into the next 1.0 release.
svn path=/trunk/; revision=24838
2) Support for RFC 3909 - cancelRequest extendedOperation
3) Support for RFC 3062 - passwordModify extendedOperation
4) Column information for ExtendedRequest, SearchResultRef and AbandonRequest
5) Column information for multiple LDAP operations in the same packet (uses " | " separator)
svn path=/trunk/; revision=24195
dissect_ber_boolean() to return a value and update asn2wrs to generate the new signature.
Regenerate all BER dissectors.
svn path=/trunk/; revision=24015
- retrieving the list of remote PCAP interfaces
- password authentication support
- UDP data fransfer
- packet sampling (available in WinPcap 4.x)
etc.
fix problem if non-default rpcap port is used
svn path=/trunk/; revision=23750
authentication packet or else we will get inconsistent dissection when
clicking on packets.
(inconsistent as in : a certain packet might/might not be dissected as
LDAP/SASL depending on which packets we clicked on previously)
svn path=/trunk/; revision=22949
cant check that the payload starts with BER tag 0x60 and an oid.
instead check that the length byte (first 4 bytes) look sane and if
SASL authentication has been negotiated on the connection
also, sometimes clients will mix both non-SASL and SASL protected LDAP
traffic on the same tcp connection by initially performing simple
unauthenticated searches on the database before performing the Bind.
svn path=/trunk/; revision=22948
a SASL encapsulated ldap blob can contain more than one LDAP message so
the rest_is_pad parameter is bogus and thus removed.
make dissect_ldap_pdu handle when we have more than one LDAP message
inside one sasl blob
svn path=/trunk/; revision=22181