osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
8,753 Commits 26 Branches 0 Tags 795 MiB
Commit Graph

51 Commits

Author SHA1 Message Date
Richard Sharpe a7338cabc6 Add the KRB5 User-to-user OID 
svn path=/trunk/; revision=8036
 2003-07-17 22:17:01 +00:00
Richard Sharpe 47817bcb26 Fix a small segmentation fault if we get an ASN.1 parse error, and 
start to work on kerberos flags etc.

Also prettied up the case where the responseToken was an empty string.

svn path=/trunk/; revision=7767
 2003-06-01 20:34:20 +00:00
Guy Harris 7940c30a80 Deal with cases where there's no token ID in a Kerberos blob. 
svn path=/trunk/; revision=7741
 2003-05-26 20:44:20 +00:00
Richard Sharpe 0d582042e3 Add the reqFlags decode ... 
svn path=/trunk/; revision=7738
 2003-05-25 00:59:15 +00:00
Richard Sharpe 52ea4be2f1 Adding more infrastructure so I can decode SPNEGO/GSSAPI request flags. 
svn path=/trunk/; revision=7737
 2003-05-25 00:36:30 +00:00
Richard Sharpe 577bb67174 Begin to break out the SPNEGO/GSSAPI request flags ... 
svn path=/trunk/; revision=7736
 2003-05-24 23:26:17 +00:00
Richard Sharpe 0d855d0ebc Adding support for GSSAPI GSS_Wrap tokens and refactoring the routine 
that was already there.

svn path=/trunk/; revision=7727
 2003-05-24 05:05:26 +00:00
Richard Sharpe 8a1947f01d Commit the changes to allow us to dissect GSSAPI GetMIC tokens. 
However, it is now clear in the dissection tree for NFSv4 with RPCSEC_GSS
security in use that the naming is just wrong :-(

svn path=/trunk/; revision=7725
 2003-05-23 18:34:58 +00:00
Richard Sharpe 8df9b98bfc First changes to properly support RFC1964 so that GSSAPI GetMIC and other 
tokens can be handled.

Really, dissect-spnego-krb5 or whatever, should be renamed to something like
dissect-gssapi-tokens or dissect-gssapi-rfc1964 ...

svn path=/trunk/; revision=7724
 2003-05-23 17:46:06 +00:00
Richard Sharpe 729239067b Small explanation for why MS created their own KRB5 OID value. 
svn path=/trunk/; revision=7160
 2003-02-17 17:32:59 +00:00
Guy Harris bb2824366b In "dissect_spnego_negTokenTarg()", don't assume we've found a GSSAPI 
OID value for the protocol being used in a previous packet in the GSSAPI
sequence.

svn path=/trunk/; revision=6896
 2003-01-10 23:47:30 +00:00
Richard Sharpe bdf14fc80e Minor spelling etc updates. 
svn path=/trunk/; revision=6816
 2002-12-25 20:58:06 +00:00
Guy Harris 35eefef60a Handle GSS_Wrap header information as well as context-level tokens. A 
call to "gssapi_init_oid()" supplies both dissectors for context-level
tokens and GSS_Wrap header information; the latter dissector should
return the number of bytes of header information, so that if the header
information and the message for the protocol that's using GSSAPI are
treated as a single blob of data (as is the case with LDAP, but not with
DCE RPC, for example), the dissector for the protocol using GSSAPI knows
where to start dissecting.

We associate a pointer to the entire data structure for the OID, not the
handle for context-level token dissector for the OID, with conversations
and frames.

Make the dissector for NTLMSSP verifiers be the handler for GSS_Wrap
stuff for NTLMSSP, and add support for GSS_Wrap stuff for Kerberos.

Support SASL GSS-SPNEGO wrapping of LDAP messages.  (XXX - this should
really check for GSS-SPNEGO.)

svn path=/trunk/; revision=6692
 2002-11-28 06:48:42 +00:00
Guy Harris e7a61d2dff There can be more than one GSS-API negotiation in a conversation, so the 
handle to use to dissect SPNEGO tokens has to be stored as per-frame
data, not just as conversation data.

svn path=/trunk/; revision=6572
 2002-11-07 05:25:37 +00:00
Guy Harris 354f955644 Sometimes a cigar is just a cigar, err, umm, sometimes a KRB5 blob is 
just a Kerberos message; we can distinguish that from the other two
cases, so we do so, and handle all three cases.

svn path=/trunk/; revision=6505
 2002-10-25 04:22:26 +00:00
Richard Sharpe efe17e3c7f Make sure that we can dissect KRB5 in NFSv4 blobs. 
svn path=/trunk/; revision=6367
 2002-10-05 06:26:42 +00:00
Tim Potter d0a0a41eaf Got rid of some nested parenthesis in the gssapi oid registrations. 
svn path=/trunk/; revision=6302
 2002-09-18 08:36:25 +00:00
Guy Harris 9390e0591a Use -1, rather than "tvb_length_remaining(tvb, offset)", as the length 
for items that should run to the end of the tvbuff.

Make the next level dissector handle local to "dissect_spnego()".

Handle negTokenInit's with mechTokens, by, when processing the mechTypes
sequence in a negTokenInit, remembering the first MechType and telling
"dissect_spnego_mechTypes()"'s caller about it, and having that caller
use that mechType to dissect the mechToken.

svn path=/trunk/; revision=6232
 2002-09-08 22:47:43 +00:00
Richard Sharpe c5c8aed3d6 Fix documentation comments to reflext reality. 
svn path=/trunk/; revision=6229
 2002-09-08 02:45:26 +00:00
Guy Harris 849e1c6866 Add a "gssapi_lookup_oid()" that takes a binary OID (pointer and length) 
as an argument, and looks up that OID in the GSSAPI OID hash table.

Always use that routine to look up OIDs, so that we never use the result
of "format_oid()" as the key (as that doesn't necessarily work).

Make "gssapi_oids" static, as one should only look up GSSAPI
authentication mechanism OIDs with "gssapi_lookup_oid()".

In the SPNEGO dissector, free up the OID strings when we're done with
them, and don't advance the offset past the OID until after we put the
OID into the protocol tree.

svn path=/trunk/; revision=6228
 2002-09-08 01:43:44 +00:00
Richard Sharpe 5739c418b7 OK, now have KRB5 dissector playing nice. 
svn path=/trunk/; revision=6209
 2002-09-07 03:32:49 +00:00
Jörg Mayer 546a605e75 Declare dissect_Ticket in packet-kerberos.h and include that into packet-spnego.c 
svn path=/trunk/; revision=6207
 2002-09-07 00:29:29 +00:00
Richard Sharpe 232db679b5 Properly dissect the innerContextToken for Kerberos in GSSAPI. 
Now, all I have to do is to modularize the Kerberos dissector :-)

svn path=/trunk/; revision=6192
 2002-09-06 05:41:17 +00:00
Richard Sharpe 97a92267db Commit my changes to handle KRB5 in SPNEGO ... 
Turns out it is a KRB5 AP-REQ ASN1 encoded, and the Kerberos dissector is
going to need to be re-architected to deal with this.

svn path=/trunk/; revision=6187
 2002-09-05 03:49:03 +00:00
Richard Sharpe f982b27fae Remove a debugging printf ... 
svn path=/trunk/; revision=6185
 2002-09-04 22:20:57 +00:00
Richard Sharpe 174fb49854 Add some level of OID naming etc ... 
svn path=/trunk/; revision=6180
 2002-09-04 21:34:38 +00:00
Richard Sharpe 7876ca4fe0 Fix up warnings by implementing the stuff that was left out. 
svn path=/trunk/; revision=6174
 2002-09-04 06:54:45 +00:00
Richard Sharpe 6605085126 Fix the handling of the NTLMSSP blobs in the case when the server asks 
for RAW NTLMSSP, but the client actually sends SPNEGO encapsulated NTLMSSP.

svn path=/trunk/; revision=6173
 2002-09-04 05:46:02 +00:00
Richard Sharpe a842eb9d8e Who was that fscking idiot who put a \n into the mechListMIC format specifier! 
svn path=/trunk/; revision=6172
 2002-09-03 16:45:31 +00:00
Guy Harris 4e4000a12d Make "gssapi_init_oid()" take a dissector handle rather than a 
registered dissector name; that means you don't have to register a
dissector by name to associate it with a GSS-API security mechanism OID.

svn path=/trunk/; revision=6163
 2002-08-31 22:22:29 +00:00
Richard Sharpe 9a34291606 Make sure we stop processing GSS-API tokens when we actually have finished 
and not try to parse unrelated info in the TVB.

svn path=/trunk/; revision=6162
 2002-08-31 20:50:08 +00:00
Richard Sharpe f9a17c0db3 Make Tokens into subtrees etc ... 
svn path=/trunk/; revision=6159
 2002-08-31 17:09:45 +00:00
Richard Sharpe 2d8152c072 Further fixes. Properly account for the length of headers. Still some headers 
that we do not account for properly, like Octet Strings.

svn path=/trunk/; revision=6152
 2002-08-31 07:26:10 +00:00
Richard Sharpe a668d8c10b Squelch a whole bunch of compiler warnings. The remaining ones will have to wait until someone implements the missing bits of code. 
svn path=/trunk/; revision=6147
 2002-08-30 16:17:29 +00:00
Guy Harris 2bc260025b Fix the RCS ID and a compiler warning. 
svn path=/trunk/; revision=6144
 2002-08-30 10:31:13 +00:00
Richard Sharpe 765bad85dc Some more SPNEGO fixes. Getting much closer ... 
svn path=/trunk/; revision=6140
 2002-08-30 06:11:35 +00:00
Richard Sharpe 1671d6faca OK, this is a lot better. 
Still have to work on the Octet string versus general string, but
much of it is there now.

svn path=/trunk/; revision=6137
 2002-08-30 05:04:52 +00:00
Richard Sharpe 67ca7c97ed Commit the latest changes to get rid of seg-faults 
svn path=/trunk/; revision=6136
 2002-08-30 04:04:39 +00:00
Richard Sharpe 1a46e38d20 More SPNEGO, now can get down to NTLMSSP if that is what the negTokenTarg 
contains.

svn path=/trunk/; revision=6133
 2002-08-30 00:32:11 +00:00
Richard Sharpe a3eb8afb24 Some more of SPNEGO ... more to come ... 
svn path=/trunk/; revision=6132
 2002-08-29 22:53:06 +00:00
Richard Sharpe 9ca2ca20cf More support for SPNEGO ... Gotta handle the supportedMech and cache the 
handle for the dissector routine yet ...

Real work to do though ...

svn path=/trunk/; revision=6131
 2002-08-29 19:45:01 +00:00
Richard Sharpe ab3cf9bc61 OK, we now dissect the innerContextToken properly, and SPNEGO understands a 
negTokenTarg, there is just more work to do on this.

svn path=/trunk/; revision=6127
 2002-08-29 17:58:22 +00:00
Richard Sharpe 16630b5038 Small fix up to packet-spnego.c 
svn path=/trunk/; revision=6120
 2002-08-29 00:37:18 +00:00
Richard Sharpe e0523f9acb Fix up dissect_file_attributes 
svn path=/trunk/; revision=6119
 2002-08-29 00:35:55 +00:00
Jörg Mayer 7c4176d868 Removed trailing whitespaces from .h and .c files using the 
winapi_cleanup tool written by Patrik Stridvall for the wine
project.

svn path=/trunk/; revision=6117
 2002-08-28 21:04:11 +00:00
Richard Sharpe 6ae5bdf96a OK, have negTokenInit done ... Big kludge though ... some good stuff though 
svn path=/trunk/; revision=6110
 2002-08-28 05:02:41 +00:00
Richard Sharpe 5d6821ad02 Ohh, I feel so good. More of SPNEGO ... 
Still more to come. SHould have the negTokenInit done soon, then onto the
negTokenTarg ...

svn path=/trunk/; revision=6109
 2002-08-28 02:30:18 +00:00
Richard Sharpe 18c0dc0ceb This is closer but still has problems. It does not seem to crash, however. 
More tonight?

svn path=/trunk/; revision=6108
 2002-08-28 01:15:23 +00:00
Richard Sharpe 33008beffa Commit some more changes ... getting closer ... 
svn path=/trunk/; revision=6106
 2002-08-28 00:19:10 +00:00
Richard Sharpe 55d87b38b5 Here is the beginnings of some code to handle SPNEGO ... 
It is not correct yet, as we really should parse the ASN1 stuff correctly.

I have mainly added comments, and then will work on parsing the structures
better.

svn path=/trunk/; revision=6104
 2002-08-27 23:21:53 +00:00