going to check exist.
Doing so arranges that "tvb_reported_length_remaining(tvb, offset) is >=
5 (unless the reported length is less than the data length, but that
"shouldn't happen"). Instead of comparing "tvb_get_ntohl(tvb, offset) -
4" against "tvb_reported_length_remaining(tvb, offset)", which runs the
risk of giving a bogus answer if "tvb_get_ntohl(tvb, offset)" is < 4,
compare "tvb_get_ntohl(tvb, offset) against
"tvb_reported_length_remaining(tvb, offset)-4", as the latter is
guaranteed to be > 0 (and cast the latter expression to get rid of the
signed/unsigned comparison warning that caused me to notice this issue
in the first place).
svn path=/trunk/; revision=9738
some implementations specify GSSAPI in the bind call.
the encapsulation seems to be the same as GSS-SPNEGO so handle it the same way
svn path=/trunk/; revision=9169
If we failed to dissect the GSS-SPNEGO blob it probably means that the segment
is somewhere in the middle of an LDAP PDU.
Just bail out and stop dissecting the PDU instead of aborting ethereal completely
using g_assert() since this is not really a pathological error, its just something that can and will happen normally.
svn path=/trunk/; revision=8925
session where GSS-SPNEGO is used.
If we havent seen the BIND call ethereal would assume it is
vanilla non-GSS-SPNEGO LDAP and would fail to decode the packet.
Add heuristics to the LDAP dissector so that
IF the first 4 bytes of the LDAP PDU looks like ity could be a length field
and IF the fifth byte has the value 0x60
then assume what we have is GSS-SPNEGO and assume this and all further commands on this session is GSS-SPNEGO as well.
svn path=/trunk/; revision=8904
LDAP messages that span multiple segments will throw an exception unless we have reassembly enabled.
Update TCP so that IF an exception was thrown that we still pick up any hints
provided by the subdissector about where the next PDU starts.
Update LDAP so that it will rpovide hints to TCP about where the next LDAP PDU starts in the sequence number space.
Thus now ethereal can find and dissect LDAP PDUs that starts somewhere in the middle of a TCP segment.
svn path=/trunk/; revision=8895
be a "const gchar *", and it ended up being like pulling a thread out of
a sweater - more things had to change, which meant still more things had
to change, and I might've even run into something that didn't change
very well at all. (Or perhaps that was constifying something else.)
For now, we just cast away the constness in calls to "col_set_str()";
the column code won't actually overwrite the string.
svn path=/trunk/; revision=8174
between the LDAP_RES_SEARCH_ENTRY and LDAP_RES_SEARCH_RESULT messages
depending on those messages occurring in the same frame.
svn path=/trunk/; revision=8044
- display DN in COL_INFO for bindi, search and add requests
- display errors in COL_INFO for all replies
- for search entries, display the number of results returned
- display the message type in the "top level" protocol item
svn path=/trunk/; revision=8021
in the "auth_info_items" list, and free all the items in that list, we
need to null out the pointer to that list to indicate that it's been
emptied out.
svn path=/trunk/; revision=7563
call to "gssapi_init_oid()" supplies both dissectors for context-level
tokens and GSS_Wrap header information; the latter dissector should
return the number of bytes of header information, so that if the header
information and the message for the protocol that's using GSSAPI are
treated as a single blob of data (as is the case with LDAP, but not with
DCE RPC, for example), the dissector for the protocol using GSSAPI knows
where to start dissecting.
We associate a pointer to the entire data structure for the OID, not the
handle for context-level token dissector for the OID, with conversations
and frames.
Make the dissector for NTLMSSP verifiers be the handler for GSS_Wrap
stuff for NTLMSSP, and add support for GSS_Wrap stuff for Kerberos.
Support SASL GSS-SPNEGO wrapping of LDAP messages. (XXX - this should
really check for GSS-SPNEGO.)
svn path=/trunk/; revision=6692
Reorganize the desegmentation to match a bit more closely the
desegmentation code in "tcp_dissect_pdus()" (eventually, we should see
if we can just use that code).
svn path=/trunk/; revision=6676
This patch fixes decoding of the newSuperior attribute of an
LDAPv3 modrdn request. The current implementation attempts to
decode the attribute as an LDAPDN (Octext String, 0x4), when its
definition is actually Context 0 (0x80).
svn path=/trunk/; revision=6672
conversation a data structure containing the authentication type and
mechanism, and use that to dissect the credentials in subsequent bind
responses.
Call the bind request and response dissectors regardless of whether
we're building a protocol tree or not, so that we call the
authentication subdissectors.
"read_string()" doesn't return anything through the string-pointer
argument if the string is zero-length; handle those cases.
svn path=/trunk/; revision=6241
equivalents for the toplevel directory. The removal of winsock2.h will
hopefully not cause any problems under MSVC++, as those files using
struct timeval still include wtap.h, which still includes winsock2.h.
svn path=/trunk/; revision=5932
ASN1_ERR_NOERROR, as you can't have a dissection error if you've
dissected nothing.
When dissecting a Bind reply, set "ret" to the return value of
"dissect_ldap_response_bind()", so errors get reported properly.
svn path=/trunk/; revision=4851
just display the message type and body as an error.
If the message type isn't a type we dissect, display the "Unknown
message type" entry with the right offset and length.
svn path=/trunk/; revision=4850
always set that pointer if they return ASN1_ERR_NOERROR. Have the
routines that call them use the value only if the routine returns
ASN1_ERR_NOERROR. Don't bother setting the pointer before calling the
routine.
Report unknown modify operation types.
svn path=/trunk/; revision=4834
that in the SNMP dissector.
Check the return values of ASN.1 routines in the LDAP dissector, and
have all the subroutines in that disesctor that can return error
indications return ASN1_ERR_ values.
Have the routines that can supply a pointer to a newly-created
protocol-tree item use the right type for items ("proto_item *", not
"proto_tree *", even though they are, at least currently, typedefs for
the same type), and use "proto_item" for the type of the item a pointer
to which is passed to those routines.
Before calling those routines, set the item pointer to null, in case the
routine fails.
Don't check the return value of "parse_filter_strings()" against -1 -
that routine can't return -1.
svn path=/trunk/; revision=4833
arguments to "proto_tree_add_text()", and to "proto_tree_add_XXX()" calls
that add FT_NONE or FT_PROTO items to the protocol tree, with -1.
Replace some calls to "tvb_length()" or "tvb_length_remaining()" with
calls to "tvb_reported_length()" and "tvb_reported_length_remaining()",
as those give the actual length of the data in the packet, not just the
data that happened to be captured.
svn path=/trunk/; revision=4605
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
svn path=/trunk/; revision=4586
means if there are no complete LDAP packets in a TCP segment, there is
no LDAP top-level protocol tree item, which is as it should be.)
svn path=/trunk/; revision=4539
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
svn path=/trunk/; revision=4370
take a dissector handle as an argument, rather than a pointer to a
dissector function and a protocol ID. Associate dissector handles with
dissector table entries.
svn path=/trunk/; revision=4308
Guy Harris