Anders Broman
b55cd3e8a9
"From Jan Šafránek: Add support for AES in Microsoft Network Logon Negotiation options https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6895 "
...
svn path=/trunk/; revision=41337
2012-03-04 16:07:24 +00:00
Guy Harris
3301c4cb85
Get rid of C++/C99-style comment; use #if 0/#endif instead.
...
svn path=/trunk/; revision=40964
2012-02-11 02:45:16 +00:00
Ronnie Sahlberg
232c882946
NETLOGON handle different schannel with the same source
...
ip and dest i
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40961
2012-02-11 02:10:32 +00:00
Ronnie Sahlberg
4d2cb8bf94
NETLOGON: Fix bugs with netlogon decryption not working in some cases
...
If there is only one Authenticatex in the file, decryption is not
working.
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40960
2012-02-11 02:09:20 +00:00
Ronnie Sahlberg
7a8e42888b
NETLOGON: improve debugging messages
...
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40959
2012-02-11 02:08:02 +00:00
Jörg Mayer
2097912587
Rename crypt-xxx to xxx
...
svn path=/trunk/; revision=40511
2012-01-15 12:29:44 +00:00
Ronnie Sahlberg
4f052c3cd6
PAC: S4U update, decode the full S4U Delegation Info blob with correct names
...
svn path=/trunk/; revision=40227
2011-12-16 03:54:46 +00:00
Ronnie Sahlberg
d745d83b3c
PAC: rename CONSTRAINED_DELEGATION to S4U_DELEGATION_INFO
...
svn path=/trunk/; revision=40225
2011-12-16 03:41:14 +00:00
Bill Meier
13ad9f1071
Fix a tvbuff memory leak;
...
Also: Wireshark code change attributions are usually only in the svn log.
svn path=/trunk/; revision=40198
2011-12-14 15:19:14 +00:00
Bill Meier
30cee99009
Fix a number of proto_tree_add_item() encoding args.
...
svn path=/trunk/; revision=39774
2011-11-09 17:33:18 +00:00
Bill Meier
126aa85393
Convert proto_tree_add_item() 'encoding' arg for field types FT_STRING, FT_STRINGZ, FT_UINT_STRING as follows:
...
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
2011-10-15 18:46:26 +00:00
Bill Meier
4e57694d4a
Convert 'encoding' parameter of certain proto_tree_add_item() calls in non-autogenerated epan/dissectors:
...
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
2011-10-06 03:35:44 +00:00
Bill Meier
94f36ca4ff
Use ENC_NA as encoding for proto_tree_add_item() calls which directly reference an hf item (in hf[] with types:
...
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
2011-10-04 22:44:31 +00:00
Guy Harris
c34b796445
Add a DREP_LITTLE_ENDIAN for the DCE RPC endianness bit in the data
...
representation. Use it rather than a raw 0x10.
Add a DREP_ENC_INTEGER() macro that takes a pointer to the data
representation and returns either ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN;
use it for the encoding argument to proto_tree_add_item(), rather than
just the AND of drep[0] and DREP_LITTLE_ENDIAN, as it's not a boolean
any more, and for string values we'll be supporting character encodings
as well and thus won't be able to trust that the 0x10 bit will mean
"little endian".
Use ENC_NA for some other encoding values, i.e. for FT_BYTES and the
like.
Fix a couple of places in the DCOM dissector where we were passing the
byte-order bit rather than the field value to
proto_tree_add_uint_format().
Clean up white space.
svn path=/trunk/; revision=38128
2011-07-19 23:02:02 +00:00
Bill Meier
fb54240c34
Fix some gcc 4.6 "set but not used [-Wunused-but-set-variable]" warnings;
...
Also: misc minor cleanup: unneeded #include; whitespace, tvb_length-->tvb_reported_length
svn path=/trunk/; revision=37757
2011-06-22 23:03:56 +00:00
Ronnie Sahlberg
ff04f85940
Coverity 512
...
Check if we ran out of bytes in the tvb and return NULL
instead of trying to pass it to the decryption routines.
svn path=/trunk/; revision=36241
2011-03-22 09:35:26 +00:00
Bill Meier
03b57df5a0
Fix various typos and spelling errors.
...
svn path=/trunk/; revision=35126
2010-12-06 01:34:58 +00:00
Jeff Morriss
cca3ba3ce2
(Refining the regexp...) Replace blurbs that match the name (case insensitive) with NULL.
...
svn path=/trunk/; revision=34230
2010-09-24 02:51:40 +00:00
Jeff Morriss
0ff5638f37
Replace blurbs that match the name (case insensitive) with NULL.
...
svn path=/trunk/; revision=34227
2010-09-23 21:46:31 +00:00
Jeff Morriss
381664535b
As suggested by Kovarththanan Rajaratnam in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3548 :
...
Clean up hf fields some more: mostly removing leading and trailing spaces from names and blurbs.
svn path=/trunk/; revision=34165
2010-09-21 03:14:49 +00:00
Anders Broman
936eb850a1
From Frank Schorr:
...
NetrLogonControl2 - Control_data_information "name" not being decoded.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5071
svn path=/trunk/; revision=33768
2010-08-11 12:07:25 +00:00
Stig Bjørlykke
1ce4466261
Initialize confounder to ensure it has a known value.
...
svn path=/trunk/; revision=33709
2010-08-04 13:34:05 +00:00
Gerald Combs
a629fe9c3f
Initialize some variables.
...
svn path=/trunk/; revision=33389
2010-06-30 23:40:05 +00:00
Bill Meier
e1420c0799
Fix a few usages of "" in the hfp] array 'blurb' field.
...
svn path=/trunk/; revision=32811
2010-05-14 18:56:28 +00:00
Bill Meier
0fc9115705
Use consistent indentation; Whitesapce & formatting cleanup.
...
svn path=/trunk/; revision=32755
2010-05-11 16:54:55 +00:00
Guy Harris
d6aaf3369b
Squelch some compiler warnings.
...
Use "#if 0"/#endif rather than commenting out some code; that also means
we don't have to use "/ *" and "* /" in the #if'ed-out code, so don't.
Clean up indentation.
svn path=/trunk/; revision=32239
2010-03-19 01:33:12 +00:00
Ronnie Sahlberg
cbd20099ef
Add nice dissection of the names of the sign/seal algorithms
...
in the schannel verifier
svn path=/trunk/; revision=31652
2010-01-25 05:58:26 +00:00
Ronnie Sahlberg
acc4d6bd0a
Add proper dissection of NL_AUTH_MESSAGE for schannel as described in
...
MS-NRPC 2.2.1.3.1
svn path=/trunk/; revision=31651
2010-01-25 05:43:12 +00:00
Sake Blok
cc1afbef75
Make compiler happy when kerberos is not enabled...
...
svn path=/trunk/; revision=31629
2010-01-22 23:26:53 +00:00
Ronnie Sahlberg
10ee49cdb1
From Matthieu Patou <mat+Informatique.Samba@matws.net>
...
Enhancements to NETLOGON and ability to decrypt SCHANNEL
svn path=/trunk/; revision=31625
2010-01-22 22:34:24 +00:00
Stig Bjørlykke
46e6206ecd
Fixed abbrev for Padding and Flags.
...
Fixed some indent.
svn path=/trunk/; revision=31425
2010-01-03 15:01:32 +00:00
Guy Harris
8e236e55de
For fields of type FT_ABSOLUTE_TIME, have the "display" value be one of
...
ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319
2009-12-19 03:17:44 +00:00
Anders Broman
88bb44a51e
From Jakub Zawadzki:
...
Cleanup dissector code - use proper memory functions.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4164
svn path=/trunk/; revision=30691
2009-10-25 11:43:30 +00:00
Jeff Morriss
4b6e25c627
s/#if HAVE_KERBEROS/#ifdef HAVE_KERBEROS/
...
svn path=/trunk/; revision=30649
2009-10-20 20:26:51 +00:00
Jeff Morriss
f687349c04
Another, more sensible, attempt to fix the Win64 build.
...
svn path=/trunk/; revision=30641
2009-10-20 16:40:00 +00:00
Jeff Morriss
d4d62e3e0d
Try to get it compiling on Win64
...
svn path=/trunk/; revision=30636
2009-10-20 14:12:41 +00:00
Stig Bjørlykke
d43aab714c
From Jakub Zawadzki:
...
Make it compile without kerberos.
svn path=/trunk/; revision=30634
2009-10-20 10:20:14 +00:00
Ronnie Sahlberg
3bb1c2cbd4
From Matthieu Patou
...
schannel decryption
svn path=/trunk/; revision=30631
2009-10-20 08:44:26 +00:00
Stig Bjørlykke
b228488bc0
From Kovarththanan Rajaratnam via bug 3548:
...
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
2009-06-18 21:30:42 +00:00
Jaap Keuter
905ae0ffd5
From Reinhard Speyerer:
...
This patch fixes several misspellings/typos in Wireshark SVN revision 28201.
svn path=/trunk/; revision=28210
2009-05-01 07:06:52 +00:00
Bill Meier
a8f30cbca1
Fix some typos and spelling (mostly in text strings)
...
svn path=/trunk/; revision=27037
2008-12-17 17:23:37 +00:00
Stig Bjørlykke
d0e33bc3c5
Fix some "format not a string literal and no format arguments" warnings.
...
svn path=/trunk/; revision=26646
2008-10-31 14:07:23 +00:00
Ronnie Sahlberg
3e15613ed6
add the new autogenerated lsa dissector
...
this changes some call signatures requiring changes to the netlogon
dissector as well
svn path=/trunk/; revision=26320
2008-10-01 00:48:27 +00:00
Ronnie Sahlberg
a8699793aa
logoncontrol2 response is a Win32 error code not an nt status code
...
svn path=/trunk/; revision=20666
2007-02-01 10:10:15 +00:00
Ronnie Sahlberg
68bdadcb50
add decode of trust attribute flags as documented in samba4 netlogon idl
...
svn path=/trunk/; revision=18905
2006-08-15 02:21:08 +00:00
Ronnie Sahlberg
9149665c5c
decode the field of type 11
...
(it could theoretically also be a union with arm:1 selected instead of a conformant array)
svn path=/trunk/; revision=18858
2006-08-09 08:25:01 +00:00
Ronnie Sahlberg
d72e2d6f6c
some functions return dos error codes and not nt status codes
...
svn path=/trunk/; revision=18331
2006-06-03 02:03:52 +00:00
Ronnie Sahlberg
feab79e328
change a whole bunch of ethereal into wireshark
...
svn path=/trunk/; revision=18196
2006-05-21 04:49:01 +00:00
Guy Harris
b13f6dcbd3
Use the new "proto_tree_add_*_format_value" routines.
...
svn path=/trunk/; revision=17316
2006-02-16 11:43:38 +00:00
Jörg Mayer
735ba01eb1
Bill Meier: More spelling fixes
...
svn path=/trunk/; revision=16965
2006-01-06 03:26:45 +00:00