spnego: also interpret the mechList field

In NegTokenTarg the mechListMIC field can be dissected using the gss_wrap dissector.
2021-06-30 16:18:27 +02:00 · 2021-06-30 16:18:27 +02:00 · 3874621667
parent d9328a9839
commit 3874621667
3 changed files with 65 additions and 3 deletions
--- a/epan/dissectors/asn1/spnego/packet-spnego-template.c
+++ b/epan/dissectors/asn1/spnego/packet-spnego-template.c
@ -84,7 +84,7 @@ static dissector_handle_t spnego_krb5_handle;
 static dissector_handle_t spnego_krb5_wrap_handle;

 /*
- * Unfortunately, we have to have forward declarations of thess,
+ * Unfortunately, we have to have forward declarations of these,
 * as the code generated by asn2wrs includes a call before the
 * definition.
 */
--- a/epan/dissectors/asn1/spnego/spnego.cnf
+++ b/epan/dissectors/asn1/spnego/spnego.cnf
@ -176,6 +176,29 @@ NegotiationToken
    }
  }

+
+#.FN_BODY NegTokenTarg/mechListMIC VAL_PTR = &mechListMIC_tvb
+
+  tvbuff_t *mechListMIC_tvb;
+
+
+%(DEFAULT_BODY)s
+
+
+  /*
+   * Now, we should be able to dispatch, if we've gotten a tvbuff for
+   * the token and we have information on how to dissect its contents.
+   * However, we should make sure that there is something in the
+   * response token ...
+   */
+  if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){
+    gssapi_oid_value *value=next_level_value;
+
+    if(value){
+      call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree);
+    }
+  }
+
 #.END

 #
--- a/epan/dissectors/packet-spnego.c
+++ b/epan/dissectors/packet-spnego.c
@ -85,6 +85,7 @@ static int hf_spnego_negHints = -1;               /* NegHints */
 static int hf_spnego_negResult = -1;              /* T_negResult */
 static int hf_spnego_supportedMech = -1;          /* T_supportedMech */
 static int hf_spnego_responseToken = -1;          /* T_responseToken */
+static int hf_spnego_mechListMIC_01 = -1;         /* T_mechListMIC */
 static int hf_spnego_thisMech = -1;               /* MechType */
 static int hf_spnego_innerContextToken = -1;      /* InnerContextToken */
 /* named bits */
@ -134,7 +135,7 @@ static dissector_handle_t spnego_krb5_handle;
 static dissector_handle_t spnego_krb5_wrap_handle;

 /*
- * Unfortunately, we have to have forward declarations of thess,
+ * Unfortunately, we have to have forward declarations of these,
 * as the code generated by asn2wrs includes a call before the
 * definition.
 */
@ -388,6 +389,40 @@ dissect_spnego_T_responseToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int



+
+  return offset;
+}
+
+
+
+static int
+dissect_spnego_T_mechListMIC(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+#line 181 "./asn1/spnego/spnego.cnf"
+
+  tvbuff_t *mechListMIC_tvb;
+
+
+  offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
+                                       &mechListMIC_tvb);
+
+
+
+  /*
+   * Now, we should be able to dispatch, if we've gotten a tvbuff for
+   * the token and we have information on how to dissect its contents.
+   * However, we should make sure that there is something in the
+   * response token ...
+   */
+  if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){
+    gssapi_oid_value *value=next_level_value;
+
+    if(value){
+      call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree);
+    }
+  }
+
+
+
  return offset;
 }

@ -396,7 +431,7 @@ static const ber_sequence_t NegTokenTarg_sequence[] = {
  { &hf_spnego_negResult    , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_spnego_T_negResult },
  { &hf_spnego_supportedMech, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_spnego_T_supportedMech },
  { &hf_spnego_responseToken, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_spnego_T_responseToken },
-  { &hf_spnego_mechListMIC  , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_OCTET_STRING },
+  { &hf_spnego_mechListMIC_01, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_T_mechListMIC },
  { NULL, 0, 0, 0, NULL }
 };

@ -1901,6 +1936,10 @@ void proto_register_spnego(void) {
      { "responseToken", "spnego.responseToken",
        FT_BYTES, BASE_NONE, NULL, 0,
        NULL, HFILL }},
+    { &hf_spnego_mechListMIC_01,
+      { "mechListMIC", "spnego.mechListMIC",
+        FT_BYTES, BASE_NONE, NULL, 0,
+        NULL, HFILL }},
    { &hf_spnego_thisMech,
      { "thisMech", "spnego.thisMech",
        FT_OID, BASE_NONE, NULL, 0,