Guy Harris
c972b866b5
Use C89-style comment rather than C++/C99-style comment.
...
svn path=/trunk/; revision=40965
2012-02-11 02:45:58 +00:00
Ronnie Sahlberg
bec3996bb7
NTLM show the decrypted data buffer in a separate tab
...
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40958
2012-02-11 02:06:45 +00:00
Ronnie Sahlberg
d0f5a1842b
NTLM print the whole string, not just half the string
...
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40957
2012-02-11 02:05:57 +00:00
Ronnie Sahlberg
00cebab4aa
NTLM: clear the nt_password_unicode buffer.
...
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40956
2012-02-11 02:04:36 +00:00
Ronnie Sahlberg
9b24fe2822
NTLM make it easier to activate/deactivate debugging code in NTLM
...
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40955
2012-02-11 02:03:20 +00:00
Ronnie Sahlberg
30e8d6371d
NTLM: If we encounter an NTLM blob that is bigger than out fixed maxbuffer,
...
log a warning to the user.
from Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40954
2012-02-11 02:01:47 +00:00
Ronnie Sahlberg
bc359fc18f
NTLMv2 blobs can be bigger than 256 bytes. Set the limite to 10k for now.
...
From Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=40953
2012-02-11 01:59:55 +00:00
Jörg Mayer
2097912587
Rename crypt-xxx to xxx
...
svn path=/trunk/; revision=40511
2012-01-15 12:29:44 +00:00
Bill Meier
4a976f1be7
Use tvb_new_child_real_data() instead of tvb_new_real_data() + tvb_set_child_real_data_tvbuff().
...
svn path=/trunk/; revision=40173
2011-12-13 04:01:33 +00:00
Bill Meier
30cee99009
Fix a number of proto_tree_add_item() encoding args.
...
svn path=/trunk/; revision=39774
2011-11-09 17:33:18 +00:00
Bill Meier
d7a1840204
Replace use of tvb_get_ephemeral_faked_unicode() by use of tvb_get_ephemeral_unicode_string();
...
Fix encoding arg as needed.
svn path=/trunk/; revision=39530
2011-10-23 22:58:45 +00:00
Bill Meier
794757ae8f
For proto_tree_add_item(..., proto_xxx, ...)use ENC_NA as the encoding arg.
...
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
2011-10-21 02:10:19 +00:00
Bill Meier
126aa85393
Convert proto_tree_add_item() 'encoding' arg for field types FT_STRING, FT_STRINGZ, FT_UINT_STRING as follows:
...
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
2011-10-15 18:46:26 +00:00
Bill Meier
4e57694d4a
Convert 'encoding' parameter of certain proto_tree_add_item() calls in non-autogenerated epan/dissectors:
...
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
2011-10-06 03:35:44 +00:00
Bill Meier
94f36ca4ff
Use ENC_NA as encoding for proto_tree_add_item() calls which directly reference an hf item (in hf[] with types:
...
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
2011-10-04 22:44:31 +00:00
Graeme Lunt
779206012c
Microsoft Credential Security Support Provider (CredSSP) support.
...
Used by direct approach RDP for NTLMSSP authentication under SSL.
svn path=/trunk/; revision=39196
2011-09-30 15:21:16 +00:00
Bill Meier
4c46725c2c
Fix vi "modeline" so it works;
...
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5748
svn path=/trunk/; revision=39074
2011-09-21 16:28:53 +00:00
Stig Bjørlykke
5359494b1f
Second try to move crc routines to libwsutil.
...
This time keep the tvb routines in epan.
Now we can use common crc routines outside epan.
svn path=/trunk/; revision=38810
2011-08-31 09:00:54 +00:00
Stig Bjørlykke
71f903b956
Revert r38800, as the crc routines contains some tvb functions.
...
svn path=/trunk/; revision=38803
2011-08-30 14:17:40 +00:00
Stig Bjørlykke
4132d40e50
Move all crc routines to libwsutil.
...
This way we can use the crc routines in wiretap.
svn path=/trunk/; revision=38800
2011-08-30 13:46:42 +00:00
Jeff Morriss
7ad71a2d78
Treat TVBs as opaque: use the accessor functions instead of accessing the fields
...
directly.
svn path=/trunk/; revision=37420
2011-05-27 01:57:33 +00:00
Bill Meier
c0922b93b6
Don't assign to a variable which is then not referenced: Coverity 998 [UNUSED].
...
svn path=/trunk/; revision=37340
2011-05-20 20:41:23 +00:00
Guy Harris
96e2a4ffea
According to MS-NLMP, the "version" field in the NTLMSSP blobs is
...
present only if the NTLMSSP_NEGOTIATE_VERSION flag is set in the flags
field, and that appears to be true in at least one capture I've seen.
svn path=/trunk/; revision=37197
2011-05-17 02:29:43 +00:00
Guy Harris
0f1503ef8a
Fix cut-and-pasteo.
...
svn path=/trunk/; revision=37196
2011-05-17 01:38:28 +00:00
Stig Bjørlykke
9ec9b1ccb9
Pass pointers to structs instead of struct values to create_ntlmssp_v2_key.
...
Coverity 567.
svn path=/trunk/; revision=36248
2011-03-22 12:12:04 +00:00
Jeff Morriss
33f116a46d
Restore pinfo->private_data after an exception was thrown by a subdissector.
...
This is necessary in case a subdissector had changed it but was unable to
restore it (due to the exception).
Remove check_col().
svn path=/trunk/; revision=34436
2010-10-08 17:48:22 +00:00
Bill Meier
bd4da13134
#if 0 an used function
...
svn path=/trunk/; revision=34355
2010-10-03 19:49:15 +00:00
Bill Meier
107e909761
Make a number of functions static;
...
Rename two g_... functions so as to not be in GLib namespace;
Move proto_register... to just before proto_reg_handoff...
Reformat some lines;
More Whitespace cleanup.
svn path=/trunk/; revision=34354
2010-10-03 19:43:14 +00:00
Bill Meier
f5962f094e
Whitespace & formatting cleanup;
...
Use #if 0/#endif instead of /* */ to comment out code in a few places.
svn path=/trunk/; revision=34351
2010-10-03 18:51:38 +00:00
Bill Meier
8af9d02b8c
Refactor dissection of CHALLENGE target-info & AUTHENTICATE ntlmv2-response attributes:
...
- decode all attributes as specified in MS-NLMP;
- use common code for target-info and ntlmv2 attribute dissection;
Add filter for the "version" field;
Remove some obsolete #if 0'd code.
svn path=/trunk/; revision=34350
2010-10-03 18:23:46 +00:00
Bill Meier
8cd2038a8b
Fix some mangled comments (apparently mangled so that code could be commented out by an
...
enclosing comment). The code is now commented out with #if 0.
svn path=/trunk/; revision=34300
2010-09-30 21:32:42 +00:00
Bill Meier
e6eec902f0
Fix compilation error.
...
svn path=/trunk/; revision=34298
2010-09-30 21:14:44 +00:00
Bill Meier
8d6dbc5677
More fixes and comments:
...
- NEGOTIATE: dissect version field (if present) when empty Workstation domain & name fields;
- AUTHENTICATE: Use flags from message if no previous CHALLENGE seen to determine
character set encoding; Fixes Bug #5251
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5251
svn path=/trunk/; revision=34295
2010-09-30 20:26:13 +00:00
Bill Meier
e5bb2e0541
Oops: remove a // comment (note to myself)
...
svn path=/trunk/; revision=34272
2010-09-28 15:26:58 +00:00
Bill Meier
9dcccb0e6a
Improve dissection:
...
1. Negotiation/Challenge/Authoriation messages:
- dissect Version field (if present);
2. Authorization messages:
- Dissect fields following session-key (flags/... if present) even
when session key is empty;
- Dissect "MIC" field (if present);
3. Challenge message:
- Rename "Domain" field to "Target Name" as per Microsoft spec (MS-NLMP).
svn path=/trunk/; revision=34271
2010-09-28 14:14:12 +00:00
Stig Bjørlykke
bc11261a75
From Yaniv Kaul via bug 5193:
...
Dissect NTLMSSP type 0x5 (DNS Forest name).
svn path=/trunk/; revision=34077
2010-09-08 09:24:53 +00:00
Jeff Morriss
16653c5a6c
Fix the crash reported in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157 :
...
If get_unicode_or_ascii_string() returns a NULL pointer, return a pointer to an
empty string back to our caller.
svn path=/trunk/; revision=34018
2010-08-30 17:05:37 +00:00
Bill Meier
7b85f43d0e
Do some constifying [or other] based upon gcc -Wwrite-strings warnings.
...
svn path=/trunk/; revision=33198
2010-06-09 18:12:17 +00:00
Jeff Morriss
729de1a635
As suggested in http://www.wireshark.org/lists/wireshark-dev/200809/msg00075.html
...
(as referenced in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2907 ) and
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3411 :
Write a new convenience routine for finding a conversation and, if it is not
found, create it. The frame number and addresses are taken from pinfo (as is
the common case).
Use this function in a bunch of dissectors.
svn path=/trunk/; revision=32790
2010-05-13 18:28:34 +00:00
Ronnie Sahlberg
10ee49cdb1
From Matthieu Patou <mat+Informatique.Samba@matws.net>
...
Enhancements to NETLOGON and ability to decrypt SCHANNEL
svn path=/trunk/; revision=31625
2010-01-22 22:34:24 +00:00
Bill Meier
9b568ea691
Fix gcc -Wshadow warnings
...
svn path=/trunk/; revision=31561
2010-01-19 00:37:39 +00:00
Stig Bjørlykke
35cdf7d240
Use proto_ntlmssp for protocol tree item.
...
svn path=/trunk/; revision=31424
2010-01-03 14:59:38 +00:00
Guy Harris
8e236e55de
For fields of type FT_ABSOLUTE_TIME, have the "display" value be one of
...
ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319
2009-12-19 03:17:44 +00:00
Gerald Combs
f075c30958
Don't let the session blob length go stomping all over the stack with
...
muddy boots. Fixes bug 4239.
svn path=/trunk/; revision=30975
2009-11-16 17:08:12 +00:00
Anders Broman
88bb44a51e
From Jakub Zawadzki:
...
Cleanup dissector code - use proper memory functions.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4164
svn path=/trunk/; revision=30691
2009-10-25 11:43:30 +00:00
Ronnie Sahlberg
edcd3abdeb
From Matthieu Patou
...
Update ntlmssp to automatically re-read the keytab file if it changes
svn path=/trunk/; revision=30556
2009-10-14 07:22:40 +00:00
Kovarththanan Rajaratnam
ad7042d2a4
calculate_crc32c -> crc32c_calculate for proper 'namespacing'
...
svn path=/trunk/; revision=30405
2009-10-08 15:10:43 +00:00
Jaap Keuter
75f1e13c12
Cleanup header fields.
...
svn path=/trunk/; revision=30394
2009-10-07 23:08:22 +00:00
Guy Harris
3f8748951f
Fix some LLP64 issues.
...
svn path=/trunk/; revision=30393
2009-10-07 22:36:33 +00:00
Jeff Morriss
4c70f4fad0
Get it compiling when we don't have kerberos libraries.
...
svn path=/trunk/; revision=30392
2009-10-07 21:00:14 +00:00