keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
argument indicating whether to include the time zone in the string. If
we're constructing a display filter, don't include the time zone,
otherwise do. Fixes bug 4756.
svn path=/trunk/; revision=32913
date as YYYY/DDD, where DDD is a 1-origin day of year. Move the formats
to a "time_fmt.h" file, included by the headers that use it. Have
abs_time_to_str() and abs_time_secs_to_str() take the date format value,
rather than a Boolean "show this as UTC" flag, as an argument. Document
the ABSOLUTE_TIME_ formats a bit better. Use that format in the CCSDS
and VCDU dissectors, rather than having those dissectors do the
formatting themselves.
svn path=/trunk/; revision=32034
verified that we did have enough data in the buffer/tvb, which could
lead to a SEGV.
(for example if we enable KRB5 decryption but we do NOT use TCP
reassembly, and the encrypted data goes beyong the end of the current
segment)
Change the signature to decrypt_krb5_data() to take a TVB instead of a
buffer+length.
Actually check that we do have the entire encrypted PDU before calling
out to the kerberos libraries.
svn path=/trunk/; revision=29213
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
add a parameter *datalen to decrypt_krb5_data() so that we can pass back
the length of the decrypted blob back to the caller.
This is useful for when there are "junk" at the end of the blob and thus
the decrypted data is not the same size as the encrypted blob.
GSS CFX is one such example.
(we should have done this earlier since it might have made some other
stuff easier to imlement...)
make the preference setting krb_decrypt a globally visible variable so
we can see its value and act on it from callers of krb decryption from
outside of packet-kerberos.c i.e. from GSS CFX
Make keytype == -1 a wildcard that when passed to decrypt_krb5_data()
will try any/all encryption keys.
This since GSS CFX does not provide the enctype in the GSS layer.
(The GSS CFX enctype is only negotiated during the AP-REQ/REP so we
should later pick this value up and store it in a CFX session variable.
That is for a later enhancement.
)
Enhance the GSS decryption (that for hitorical reasons are implemented
in packet-spnego.c and not packet-gssapi.c :-) )
to also handle decryption of GSS CFX
This should make wireshark able to decrypt any/all GSSAPI RFC4121
packets, if the keytab file is provided.
I have successfully decrypted LDAP using GSS CFX with AES encryption
with this.
svn path=/trunk/; revision=26350
- if offset is 0, tvb_length is the same as tvb_length_remaining, just faster.
Replace
- col_append_fstr() with faster col_append_str()
- col_add_str() with col_set_str()
when it's safe
svn path=/trunk/; revision=23252
some warning fixes
packet-http.c
set headers.content_length = 0 before the first potential use of it.
packet-kink.c
"ifdef kerberos" around one function declaration
packet-nbns.c
set headers.{dgm_length|pkt_offset|error_code} = 0
packet-pflog.c
delete capture_pflog and
capture_old_pflog which aren't used anymore in the code.
svn path=/trunk/; revision=21120
pointers either "void *" or "guint8 *", to reduce the level of compiler
warnings (the data in question is largely binary in those cases).
svn path=/trunk/; revision=14886
parameter to many functions inside the ISAKMP dissector, as well as to
the "isakmp_dissect_payloads()" routine it exports. Get rid of
"isakmp_set_version()", as the version can be passed to
"isakmp_dissect_payloads()" from the KINK dissector.
Put the declaration of "isakmp_dissect_payloads()" into a
"packet-isakmp.h" header, and have "packet-isakmp.c" and "packet-kink.h"
include it rather than declariing "isakmp_dissect_payloads()" itself -
or not doing so at all.
svn path=/trunk/; revision=14648
make kink compile again on non-kerberos builds.
encapsulate a call to decrypt kerberos to only be compiled in when compiling with kerberos.
svn path=/trunk/; revision=14458
Bill Meier