Part 2/2 as the commits were too big for CI.
Largely find/replace, with a few manual tweaks. Then regenerate the asn1
dissector sources and make sure everything still builds. There are a
handful of cases I skipped as too complex, but this covers most of the
asn1 dissectors.
Part 1/2 as the commits were too big for CI.
Largely find/replace, with a few manual tweaks. Then regenerate the asn1
dissector sources and make sure everything still builds. There are a
handful of cases I skipped as too complex, but this covers most of the
asn1 dissectors.
This header was installed incorrectly to epan/wmem_scopes.h.
Instead of creating additional installation rules for a single
header in a subfolder (kept for backward compatibility) just
rename the standard "epan/wmem/wmem.h" include to
"epan/wmem_scopes.h" and fix the documentation.
Now the header is installed *correctly* to epan/wmem_scopes.h.
We use some private functions from MIT kerberos:
- krb5_free_enc_tkt_part()
- decode_krb5_enc_tkt_part()
- encode_krb5_enc_tkt_part()
but we already do that for krb5int_c_mandatory_cksumtype(),
which is newer than the above functions.
We use all of them only under HAVE_KRB5_PAC_VERIFY,
so we don't seem to need additional configure tests.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This big patch addresses the following items:
* implement the "message" virtual channel so that multi-transport and bandwidth
PDUs are dissected;
* prepare the identification of static channels to be able to dissect them later;
* fix the compression field in channelPDUHeader.channelFlags;
* implement the drdynvc channel dissector, so now we decode the traffic on this
channel and we're able to track data on dynamic channels and transition to UDP
transport
Since the gssapi handler can cope fine with ntlm blobs, remove the
heuristic in ntlmssp and call the gssapi dissector directly. In turn
we get kerberos support, including decpryption with keytab etc.
When there are more packets on the stream after credssp, like tpkt-rpd
data, the credssp heuristics fails when invoked by tls and then even the
packets for which the credssp heuristics succeeded do not get dissected
as credssp but as tpkt-continuation data.
To work around that, call the credssp heuristic dissector directly from
the rdp dissector before trying fastpath.
Leave the credssp heursitics in TLS for other protocols such as HTTP
where it may work.
Move the RANAP heuristic dissector registration under the initialization
guard that they're only registered once. Prevents console warnings about
the dissectors already being registered to the sccp and sua tables if
a RANAP preference is changed.