1 /* Do not modify this file. Changes will be overwritten. */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler */
3 /* packet-kerberos.c */
4 /* ../../tools/asn2wrs.py -b -p kerberos -c ./kerberos.cnf -s ./packet-kerberos-template -D . -O ../../epan/dissectors KerberosV5Spec2.asn k5.asn RFC3244.asn */
6 /* Input file: packet-kerberos-template.c */
8 #line 1 "../../asn1/kerberos/packet-kerberos-template.c"
10 * Routines for Kerberos
11 * Wes Hardaker (c) 2000
12 * wjhardaker@ucdavis.edu
13 * Richard Sharpe (C) 2002, rsharpe@samba.org, modularized a bit more and
14 * added AP-REQ and AP-REP dissection
16 * Ronnie Sahlberg (C) 2004, major rewrite for new ASN.1/BER API.
17 * decryption of kerberos blobs if keytab is provided
19 * See RFC 1510, and various I-Ds and other documents showing additions,
20 * e.g. ones listed under
22 * http://www.isi.edu/people/bcn/krb-revisions/
26 * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
30 * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-05.txt
32 * Some structures from RFC2630
34 * Wireshark - Network traffic analyzer
35 * By Gerald Combs <gerald@wireshark.org>
36 * Copyright 1998 Gerald Combs
38 * This program is free software; you can redistribute it and/or
39 * modify it under the terms of the GNU General Public License
40 * as published by the Free Software Foundation; either version 2
41 * of the License, or (at your option) any later version.
43 * This program is distributed in the hope that it will be useful,
44 * but WITHOUT ANY WARRANTY; without even the implied warranty of
45 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
46 * GNU General Public License for more details.
48 * You should have received a copy of the GNU General Public License
49 * along with this program; if not, write to the Free Software
50 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
54 * Some of the development of the Kerberos protocol decoder was sponsored by
55 * Cable Television Laboratories, Inc. ("CableLabs") based upon proprietary
56 * CableLabs' specifications. Your license and use of this protocol decoder
57 * does not mean that you are licensed to use the CableLabs'
58 * specifications. If you have questions about this protocol, contact
59 * jf.mule [AT] cablelabs.com or c.stuart [AT] cablelabs.com for additional
69 #include <wsutil/file_util.h>
70 #include <epan/packet.h>
71 #include <epan/exceptions.h>
72 #include <epan/strutil.h>
74 #include <epan/conversation.h>
75 #include <epan/asn1.h>
76 #include <epan/expert.h>
77 #include <epan/prefs.h>
78 #include <epan/dissectors/packet-kerberos.h>
79 #include <epan/dissectors/packet-netbios.h>
80 #include <epan/dissectors/packet-tcp.h>
81 #include <epan/dissectors/packet-ber.h>
82 #include <epan/dissectors/packet-pkinit.h>
83 #include <epan/dissectors/packet-cms.h>
84 #include <epan/dissectors/packet-windows-common.h>
86 #include <epan/dissectors/packet-dcerpc-netlogon.h>
87 #include <epan/dissectors/packet-dcerpc.h>
89 #include <epan/dissectors/packet-gssapi.h>
90 #include <epan/dissectors/packet-smb-common.h>
92 #define UDP_PORT_KERBEROS 88
93 #define TCP_PORT_KERBEROS 88
95 #define ADDRESS_STR_BUFSIZ 256
97 typedef struct kerberos_key {
100 const guint8 *keyvalue;
110 guint32 checksum_type;
111 } kerberos_private_data_t;
113 static dissector_handle_t kerberos_handle_udp;
115 /* Forward declarations */
116 static int dissect_kerberos_Applications(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
117 static int dissect_kerberos_PA_ENC_TIMESTAMP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
118 static int dissect_kerberos_KERB_PA_PAC_REQUEST(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
119 static int dissect_kerberos_PA_S4U2Self(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
120 static int dissect_kerberos_ETYPE_INFO(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
121 static int dissect_kerberos_ETYPE_INFO2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
122 static int dissect_kerberos_AD_IF_RELEVANT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
125 /* Desegment Kerberos over TCP messages */
126 static gboolean krb_desegment = TRUE;
128 static gint proto_kerberos = -1;
130 static gint hf_krb_rm_reserved = -1;
131 static gint hf_krb_rm_reclen = -1;
132 static gint hf_krb_provsrv_location = -1;
133 static gint hf_krb_smb_nt_status = -1;
134 static gint hf_krb_smb_unknown = -1;
135 static gint hf_krb_address_ip = -1;
136 static gint hf_krb_address_netbios = -1;
137 static gint hf_krb_address_ipv6 = -1;
138 static gint hf_krb_gssapi_len = -1;
139 static gint hf_krb_gssapi_bnd = -1;
140 static gint hf_krb_gssapi_dlgopt = -1;
141 static gint hf_krb_gssapi_dlglen = -1;
142 static gint hf_krb_gssapi_c_flag_deleg = -1;
143 static gint hf_krb_gssapi_c_flag_mutual = -1;
144 static gint hf_krb_gssapi_c_flag_replay = -1;
145 static gint hf_krb_gssapi_c_flag_sequence = -1;
146 static gint hf_krb_gssapi_c_flag_conf = -1;
147 static gint hf_krb_gssapi_c_flag_integ = -1;
148 static gint hf_krb_gssapi_c_flag_dce_style = -1;
150 /*--- Included file: packet-kerberos-hf.c ---*/
151 #line 1 "../../asn1/kerberos/packet-kerberos-hf.c"
152 static int hf_kerberos_ticket = -1; /* Ticket */
153 static int hf_kerberos_authenticator = -1; /* Authenticator */
154 static int hf_kerberos_encTicketPart = -1; /* EncTicketPart */
155 static int hf_kerberos_as_req = -1; /* AS_REQ */
156 static int hf_kerberos_as_rep = -1; /* AS_REP */
157 static int hf_kerberos_tgs_req = -1; /* TGS_REQ */
158 static int hf_kerberos_tgs_rep = -1; /* TGS_REP */
159 static int hf_kerberos_ap_req = -1; /* AP_REQ */
160 static int hf_kerberos_ap_rep = -1; /* AP_REP */
161 static int hf_kerberos_krb_safe = -1; /* KRB_SAFE */
162 static int hf_kerberos_krb_priv = -1; /* KRB_PRIV */
163 static int hf_kerberos_krb_cred = -1; /* KRB_CRED */
164 static int hf_kerberos_encASRepPart = -1; /* EncASRepPart */
165 static int hf_kerberos_encTGSRepPart = -1; /* EncTGSRepPart */
166 static int hf_kerberos_encAPRepPart = -1; /* EncAPRepPart */
167 static int hf_kerberos_encKrbPrivPart = -1; /* ENC_KRB_PRIV_PART */
168 static int hf_kerberos_encKrbCredPart = -1; /* EncKrbCredPart */
169 static int hf_kerberos_krb_error = -1; /* KRB_ERROR */
170 static int hf_kerberos_name_type = -1; /* NAME_TYPE */
171 static int hf_kerberos_name_string = -1; /* SEQUENCE_OF_KerberosString */
172 static int hf_kerberos_name_string_item = -1; /* KerberosString */
173 static int hf_kerberos_addr_type = -1; /* ADDR_TYPE */
174 static int hf_kerberos_address = -1; /* T_address */
175 static int hf_kerberos_HostAddresses_item = -1; /* HostAddress */
176 static int hf_kerberos_AuthorizationData_item = -1; /* AuthorizationData_item */
177 static int hf_kerberos_ad_type = -1; /* T_ad_type */
178 static int hf_kerberos_ad_data = -1; /* T_ad_data */
179 static int hf_kerberos_padata_type = -1; /* PADATA_TYPE */
180 static int hf_kerberos_padata_value = -1; /* T_padata_value */
181 static int hf_kerberos_keytype = -1; /* T_keytype */
182 static int hf_kerberos_keyvalue = -1; /* T_keyvalue */
183 static int hf_kerberos_cksumtype = -1; /* CKSUMTYPE */
184 static int hf_kerberos_checksum = -1; /* T_checksum */
185 static int hf_kerberos_etype = -1; /* ENCTYPE */
186 static int hf_kerberos_kvno = -1; /* UInt32 */
187 static int hf_kerberos_encryptedTicketData_cipher = -1; /* T_encryptedTicketData_cipher */
188 static int hf_kerberos_encryptedAuthorizationData_cipher = -1; /* T_encryptedAuthorizationData_cipher */
189 static int hf_kerberos_encryptedKDCREPData_cipher = -1; /* T_encryptedKDCREPData_cipher */
190 static int hf_kerberos_encryptedAPREPData_cipher = -1; /* T_encryptedAPREPData_cipher */
191 static int hf_kerberos_encryptedKrbPrivData_cipher = -1; /* T_encryptedKrbPrivData_cipher */
192 static int hf_kerberos_encryptedKrbCredData_cipher = -1; /* T_encryptedKrbCredData_cipher */
193 static int hf_kerberos_tkt_vno = -1; /* INTEGER_5 */
194 static int hf_kerberos_realm = -1; /* Realm */
195 static int hf_kerberos_sname = -1; /* PrincipalName */
196 static int hf_kerberos_ticket_enc_part = -1; /* EncryptedTicketData */
197 static int hf_kerberos_flags = -1; /* TicketFlags */
198 static int hf_kerberos_key = -1; /* EncryptionKey */
199 static int hf_kerberos_crealm = -1; /* Realm */
200 static int hf_kerberos_cname = -1; /* PrincipalName */
201 static int hf_kerberos_transited = -1; /* TransitedEncoding */
202 static int hf_kerberos_authtime = -1; /* KerberosTime */
203 static int hf_kerberos_starttime = -1; /* KerberosTime */
204 static int hf_kerberos_endtime = -1; /* KerberosTime */
205 static int hf_kerberos_renew_till = -1; /* KerberosTime */
206 static int hf_kerberos_caddr = -1; /* HostAddresses */
207 static int hf_kerberos_authorization_data = -1; /* AuthorizationData */
208 static int hf_kerberos_tr_type = -1; /* Int32 */
209 static int hf_kerberos_contents = -1; /* OCTET_STRING */
210 static int hf_kerberos_pvno = -1; /* INTEGER_5 */
211 static int hf_kerberos_msg_type = -1; /* MESSAGE_TYPE */
212 static int hf_kerberos_padata = -1; /* SEQUENCE_OF_PA_DATA */
213 static int hf_kerberos_padata_item = -1; /* PA_DATA */
214 static int hf_kerberos_req_body = -1; /* KDC_REQ_BODY */
215 static int hf_kerberos_kdc_options = -1; /* KDCOptions */
216 static int hf_kerberos_from = -1; /* KerberosTime */
217 static int hf_kerberos_till = -1; /* KerberosTime */
218 static int hf_kerberos_rtime = -1; /* KerberosTime */
219 static int hf_kerberos_nonce = -1; /* UInt32 */
220 static int hf_kerberos_kDC_REQ_BODY_etype = -1; /* SEQUENCE_OF_ENCTYPE */
221 static int hf_kerberos_kDC_REQ_BODY_etype_item = -1; /* ENCTYPE */
222 static int hf_kerberos_addresses = -1; /* HostAddresses */
223 static int hf_kerberos_enc_authorization_data = -1; /* EncryptedAuthorizationData */
224 static int hf_kerberos_additional_tickets = -1; /* SEQUENCE_OF_Ticket */
225 static int hf_kerberos_additional_tickets_item = -1; /* Ticket */
226 static int hf_kerberos_kDC_REP_enc_part = -1; /* EncryptedKDCREPData */
227 static int hf_kerberos_last_req = -1; /* LastReq */
228 static int hf_kerberos_key_expiration = -1; /* KerberosTime */
229 static int hf_kerberos_srealm = -1; /* Realm */
230 static int hf_kerberos_encrypted_pa_data = -1; /* METHOD_DATA */
231 static int hf_kerberos_LastReq_item = -1; /* LastReq_item */
232 static int hf_kerberos_lr_type = -1; /* LR_TYPE */
233 static int hf_kerberos_lr_value = -1; /* KerberosTime */
234 static int hf_kerberos_ap_options = -1; /* APOptions */
235 static int hf_kerberos_authenticator_01 = -1; /* EncryptedAuthorizationData */
236 static int hf_kerberos_authenticator_vno = -1; /* INTEGER_5 */
237 static int hf_kerberos_cksum = -1; /* Checksum */
238 static int hf_kerberos_cusec = -1; /* Microseconds */
239 static int hf_kerberos_ctime = -1; /* KerberosTime */
240 static int hf_kerberos_subkey = -1; /* EncryptionKey */
241 static int hf_kerberos_seq_number = -1; /* UInt32 */
242 static int hf_kerberos_aP_REP_enc_part = -1; /* EncryptedAPREPData */
243 static int hf_kerberos_safe_body = -1; /* KRB_SAFE_BODY */
244 static int hf_kerberos_kRB_SAFE_BODY_user_data = -1; /* T_kRB_SAFE_BODY_user_data */
245 static int hf_kerberos_timestamp = -1; /* KerberosTime */
246 static int hf_kerberos_usec = -1; /* Microseconds */
247 static int hf_kerberos_s_address = -1; /* HostAddress */
248 static int hf_kerberos_r_address = -1; /* HostAddress */
249 static int hf_kerberos_kRB_PRIV_enc_part = -1; /* EncryptedKrbPrivData */
250 static int hf_kerberos_encKrbPrivPart_user_data = -1; /* T_encKrbPrivPart_user_data */
251 static int hf_kerberos_tickets = -1; /* SEQUENCE_OF_Ticket */
252 static int hf_kerberos_tickets_item = -1; /* Ticket */
253 static int hf_kerberos_kRB_CRED_enc_part = -1; /* EncryptedKrbCredData */
254 static int hf_kerberos_ticket_info = -1; /* SEQUENCE_OF_KrbCredInfo */
255 static int hf_kerberos_ticket_info_item = -1; /* KrbCredInfo */
256 static int hf_kerberos_prealm = -1; /* Realm */
257 static int hf_kerberos_pname = -1; /* PrincipalName */
258 static int hf_kerberos_stime = -1; /* KerberosTime */
259 static int hf_kerberos_susec = -1; /* Microseconds */
260 static int hf_kerberos_error_code = -1; /* ERROR_CODE */
261 static int hf_kerberos_e_text = -1; /* KerberosString */
262 static int hf_kerberos_e_data = -1; /* T_e_data */
263 static int hf_kerberos_e_checksum = -1; /* Checksum */
264 static int hf_kerberos_METHOD_DATA_item = -1; /* PA_DATA */
265 static int hf_kerberos_pA_ENC_TIMESTAMP_cipher = -1; /* T_pA_ENC_TIMESTAMP_cipher */
266 static int hf_kerberos_salt = -1; /* OCTET_STRING */
267 static int hf_kerberos_ETYPE_INFO_item = -1; /* ETYPE_INFO_ENTRY */
268 static int hf_kerberos_salt_01 = -1; /* KerberosString */
269 static int hf_kerberos_s2kparams = -1; /* OCTET_STRING */
270 static int hf_kerberos_ETYPE_INFO2_item = -1; /* ETYPE_INFO2_ENTRY */
271 static int hf_kerberos_name = -1; /* PrincipalName */
272 static int hf_kerberos_auth = -1; /* GeneralString */
273 static int hf_kerberos_include_pac = -1; /* BOOLEAN */
274 static int hf_kerberos_newpasswd = -1; /* OCTET_STRING */
275 static int hf_kerberos_targname = -1; /* PrincipalName */
276 static int hf_kerberos_targrealm = -1; /* Realm */
278 static int hf_kerberos_APOptions_reserved = -1;
279 static int hf_kerberos_APOptions_use_session_key = -1;
280 static int hf_kerberos_APOptions_mutual_required = -1;
281 static int hf_kerberos_TicketFlags_reserved = -1;
282 static int hf_kerberos_TicketFlags_forwardable = -1;
283 static int hf_kerberos_TicketFlags_forwarded = -1;
284 static int hf_kerberos_TicketFlags_proxiable = -1;
285 static int hf_kerberos_TicketFlags_proxy = -1;
286 static int hf_kerberos_TicketFlags_may_postdate = -1;
287 static int hf_kerberos_TicketFlags_postdated = -1;
288 static int hf_kerberos_TicketFlags_invalid = -1;
289 static int hf_kerberos_TicketFlags_renewable = -1;
290 static int hf_kerberos_TicketFlags_initial = -1;
291 static int hf_kerberos_TicketFlags_pre_authent = -1;
292 static int hf_kerberos_TicketFlags_hw_authent = -1;
293 static int hf_kerberos_TicketFlags_transited_policy_checked = -1;
294 static int hf_kerberos_TicketFlags_ok_as_delegate = -1;
295 static int hf_kerberos_TicketFlags_anonymous = -1;
296 static int hf_kerberos_KDCOptions_reserved = -1;
297 static int hf_kerberos_KDCOptions_forwardable = -1;
298 static int hf_kerberos_KDCOptions_forwarded = -1;
299 static int hf_kerberos_KDCOptions_proxiable = -1;
300 static int hf_kerberos_KDCOptions_proxy = -1;
301 static int hf_kerberos_KDCOptions_allow_postdate = -1;
302 static int hf_kerberos_KDCOptions_postdated = -1;
303 static int hf_kerberos_KDCOptions_unused7 = -1;
304 static int hf_kerberos_KDCOptions_renewable = -1;
305 static int hf_kerberos_KDCOptions_unused9 = -1;
306 static int hf_kerberos_KDCOptions_unused10 = -1;
307 static int hf_kerberos_KDCOptions_opt_hardware_auth = -1;
308 static int hf_kerberos_KDCOptions_request_anonymous = -1;
309 static int hf_kerberos_KDCOptions_canonicalize = -1;
310 static int hf_kerberos_KDCOptions_constrained_delegation = -1;
311 static int hf_kerberos_KDCOptions_disable_transited_check = -1;
312 static int hf_kerberos_KDCOptions_renewable_ok = -1;
313 static int hf_kerberos_KDCOptions_enc_tkt_in_skey = -1;
314 static int hf_kerberos_KDCOptions_renew = -1;
315 static int hf_kerberos_KDCOptions_validate = -1;
317 /*--- End of included file: packet-kerberos-hf.c ---*/
318 #line 142 "../../asn1/kerberos/packet-kerberos-template.c"
320 /* Initialize the subtree pointers */
321 static gint ett_kerberos = -1;
322 static gint ett_krb_recordmark = -1;
325 /*--- Included file: packet-kerberos-ett.c ---*/
326 #line 1 "../../asn1/kerberos/packet-kerberos-ett.c"
327 static gint ett_kerberos_Applications = -1;
328 static gint ett_kerberos_PrincipalName = -1;
329 static gint ett_kerberos_SEQUENCE_OF_KerberosString = -1;
330 static gint ett_kerberos_HostAddress = -1;
331 static gint ett_kerberos_HostAddresses = -1;
332 static gint ett_kerberos_AuthorizationData = -1;
333 static gint ett_kerberos_AuthorizationData_item = -1;
334 static gint ett_kerberos_PA_DATA = -1;
335 static gint ett_kerberos_EncryptionKey = -1;
336 static gint ett_kerberos_Checksum = -1;
337 static gint ett_kerberos_EncryptedTicketData = -1;
338 static gint ett_kerberos_EncryptedAuthorizationData = -1;
339 static gint ett_kerberos_EncryptedKDCREPData = -1;
340 static gint ett_kerberos_EncryptedAPREPData = -1;
341 static gint ett_kerberos_EncryptedKrbPrivData = -1;
342 static gint ett_kerberos_EncryptedKrbCredData = -1;
343 static gint ett_kerberos_Ticket_U = -1;
344 static gint ett_kerberos_EncTicketPart_U = -1;
345 static gint ett_kerberos_TransitedEncoding = -1;
346 static gint ett_kerberos_KDC_REQ = -1;
347 static gint ett_kerberos_SEQUENCE_OF_PA_DATA = -1;
348 static gint ett_kerberos_KDC_REQ_BODY = -1;
349 static gint ett_kerberos_SEQUENCE_OF_ENCTYPE = -1;
350 static gint ett_kerberos_SEQUENCE_OF_Ticket = -1;
351 static gint ett_kerberos_KDC_REP = -1;
352 static gint ett_kerberos_EncKDCRepPart = -1;
353 static gint ett_kerberos_LastReq = -1;
354 static gint ett_kerberos_LastReq_item = -1;
355 static gint ett_kerberos_AP_REQ_U = -1;
356 static gint ett_kerberos_Authenticator_U = -1;
357 static gint ett_kerberos_AP_REP_U = -1;
358 static gint ett_kerberos_EncAPRepPart_U = -1;
359 static gint ett_kerberos_KRB_SAFE_U = -1;
360 static gint ett_kerberos_KRB_SAFE_BODY = -1;
361 static gint ett_kerberos_KRB_PRIV_U = -1;
362 static gint ett_kerberos_EncKrbPrivPart = -1;
363 static gint ett_kerberos_KRB_CRED_U = -1;
364 static gint ett_kerberos_EncKrbCredPart_U = -1;
365 static gint ett_kerberos_SEQUENCE_OF_KrbCredInfo = -1;
366 static gint ett_kerberos_KrbCredInfo = -1;
367 static gint ett_kerberos_KRB_ERROR_U = -1;
368 static gint ett_kerberos_METHOD_DATA = -1;
369 static gint ett_kerberos_PA_ENC_TIMESTAMP = -1;
370 static gint ett_kerberos_ETYPE_INFO_ENTRY = -1;
371 static gint ett_kerberos_ETYPE_INFO = -1;
372 static gint ett_kerberos_ETYPE_INFO2_ENTRY = -1;
373 static gint ett_kerberos_ETYPE_INFO2 = -1;
374 static gint ett_kerberos_APOptions = -1;
375 static gint ett_kerberos_TicketFlags = -1;
376 static gint ett_kerberos_KDCOptions = -1;
377 static gint ett_kerberos_PA_S4U2Self = -1;
378 static gint ett_kerberos_KERB_PA_PAC_REQUEST = -1;
379 static gint ett_kerberos_ChangePasswdData = -1;
381 /*--- End of included file: packet-kerberos-ett.c ---*/
382 #line 148 "../../asn1/kerberos/packet-kerberos-template.c"
384 static expert_field ei_kerberos_decrypted_keytype = EI_INIT;
386 static dissector_handle_t krb4_handle=NULL;
388 /* Global variables */
389 static guint32 krb5_errorcode;
390 static guint32 gbl_keytype;
391 static gboolean gbl_do_col_info;
394 /*--- Included file: packet-kerberos-val.h ---*/
395 #line 1 "../../asn1/kerberos/packet-kerberos-val.h"
396 #define id_krb5 "1.3.6.1.5.2"
398 /* enumerated values for ADDR_TYPE */
399 #define KERBEROS_ADDR_TYPE_IPV4 2
400 #define KERBEROS_ADDR_TYPE_CHAOS 5
401 #define KERBEROS_ADDR_TYPE_XEROX 6
402 #define KERBEROS_ADDR_TYPE_ISO 7
403 #define KERBEROS_ADDR_TYPE_DECNET 12
404 #define KERBEROS_ADDR_TYPE_APPLETALK 16
405 #define KERBEROS_ADDR_TYPE_NETBIOS 20
406 #define KERBEROS_ADDR_TYPE_IPV6 24
408 /*--- End of included file: packet-kerberos-val.h ---*/
409 #line 159 "../../asn1/kerberos/packet-kerberos-template.c"
412 call_kerberos_callbacks(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int tag, kerberos_callbacks *cb)
420 cb->callback(pinfo, tvb, tree);
428 static kerberos_private_data_t*
429 kerberos_get_private_data(asn1_ctx_t *actx)
431 if (!actx->private_data) {
432 actx->private_data = wmem_new0(wmem_packet_scope(), kerberos_private_data_t);
434 return (kerberos_private_data_t *)(actx->private_data);
439 /* Decrypt Kerberos blobs */
440 gboolean krb_decrypt = FALSE;
442 /* keytab filename */
443 static const char *keytab_filename = "";
446 void read_keytab_file(const char *);
449 read_keytab_file_from_preferences(void)
451 static char *last_keytab = NULL;
457 if (keytab_filename == NULL) {
461 if (last_keytab && !strcmp(last_keytab, keytab_filename)) {
465 if (last_keytab != NULL) {
469 last_keytab = g_strdup(keytab_filename);
471 read_keytab_file(last_keytab);
474 #elif defined(_WIN32)
477 * Dummy version to allow us to export this function -- even
478 * on systems without KERBEROS.
481 read_keytab_file_from_preferences(void)
487 #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
489 /* prevent redefinition warnings in kfw-2.5\inc\win_mac.h */
491 #undef HAVE_SYS_TYPES_H
494 enc_key_t *enc_key_list=NULL;
497 add_encryption_key(packet_info *pinfo, int keytype, int keylength, const char *keyvalue, const char *origin)
501 if(pinfo->fd->flags.visited){
504 printf("added key in %u keytype:%d len:%d\n",pinfo->fd->num, keytype, keylength);
506 new_key=(enc_key_t *)g_malloc(sizeof(enc_key_t));
507 g_snprintf(new_key->key_origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u",origin,pinfo->fd->num);
508 new_key->fd_num = pinfo->fd->num;
509 new_key->next=enc_key_list;
510 enc_key_list=new_key;
511 new_key->keytype=keytype;
512 new_key->keylength=keylength;
513 /*XXX this needs to be freed later */
514 new_key->keyvalue=(char *)g_memdup(keyvalue, keylength);
516 #endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
518 #if defined(_WIN32) && !defined(HAVE_HEIMDAL_KERBEROS) && !defined(HAVE_MIT_KERBEROS) && !defined(HAVE_LIBNETTLE)
520 read_keytab_file(const char *filename _U_)
525 #ifdef HAVE_MIT_KERBEROS
527 static krb5_context krb5_ctx;
530 read_keytab_file(const char *filename)
534 krb5_keytab_entry key;
535 krb5_kt_cursor cursor;
537 static gboolean first_time=TRUE;
539 if (filename == NULL || filename[0] == 0) {
545 ret = krb5_init_context(&krb5_ctx);
546 if(ret && ret != KRB5_CONFIG_CANTOPEN){
551 /* should use a file in the wireshark users dir */
552 ret = krb5_kt_resolve(krb5_ctx, filename, &keytab);
554 fprintf(stderr, "KERBEROS ERROR: Badly formatted keytab filename :%s\n",filename);
559 ret = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
561 fprintf(stderr, "KERBEROS ERROR: Could not open or could not read from keytab file :%s\n",filename);
566 new_key=(enc_key_t *)g_malloc(sizeof(enc_key_t));
567 new_key->fd_num = -1;
568 new_key->next=enc_key_list;
569 ret = krb5_kt_next_entry(krb5_ctx, keytab, &key, &cursor);
574 /* generate origin string, describing where this key came from */
575 pos=new_key->key_origin;
576 pos+=MIN(KRB_MAX_ORIG_LEN,
577 g_snprintf(pos, KRB_MAX_ORIG_LEN, "keytab principal "));
578 for(i=0;i<key.principal->length;i++){
579 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
580 g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "%s%s",(i?"/":""),(key.principal->data[i]).data));
582 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
583 g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "@%s",key.principal->realm.data));
585 /*printf("added key for principal :%s\n", new_key->key_origin);*/
586 new_key->keytype=key.key.enctype;
587 new_key->keylength=key.key.length;
588 new_key->keyvalue=(char *)g_memdup(key.key.contents, key.key.length);
589 enc_key_list=new_key;
593 ret = krb5_kt_end_seq_get(krb5_ctx, keytab, &cursor);
595 krb5_kt_close(krb5_ctx, keytab);
602 decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
610 krb5_data data = {0,0,NULL};
611 krb5_keytab_entry key;
612 int length = tvb_captured_length(cryptotvb);
613 const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
615 /* don't do anything if we are not attempting to decrypt data */
616 if(!krb_decrypt || length < 1){
620 /* make sure we have all the data we need */
621 if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
625 read_keytab_file_from_preferences();
626 data.data = (char *)g_malloc(length);
627 data.length = length;
629 for(ek=enc_key_list;ek;ek=ek->next){
632 /* shortcircuit and bail out if enctypes are not matching */
633 if((keytype != -1) && (ek->keytype != keytype)) {
637 input.enctype = ek->keytype;
638 input.ciphertext.length = length;
639 input.ciphertext.data = (guint8 *)cryptotext;
641 key.key.enctype=ek->keytype;
642 key.key.length=ek->keylength;
643 key.key.contents=ek->keyvalue;
644 ret = krb5_c_decrypt(krb5_ctx, &(key.key), usage, 0, &input, &data);
648 expert_add_info_format(pinfo, NULL, &ei_kerberos_decrypted_keytype,
649 "Decrypted keytype %d in frame %u using %s",
650 ek->keytype, pinfo->fd->num, ek->key_origin);
652 proto_tree_add_text(tree, NULL, 0, 0, "[Decrypted using: %s]", ek->key_origin);
653 /* return a private g_malloced blob to the caller */
656 *datalen = data.length;
666 #elif defined(HAVE_HEIMDAL_KERBEROS)
667 static krb5_context krb5_ctx;
670 read_keytab_file(const char *filename)
674 krb5_keytab_entry key;
675 krb5_kt_cursor cursor;
677 static gboolean first_time=TRUE;
679 if (filename == NULL || filename[0] == 0) {
685 ret = krb5_init_context(&krb5_ctx);
691 /* should use a file in the wireshark users dir */
692 ret = krb5_kt_resolve(krb5_ctx, filename, &keytab);
694 fprintf(stderr, "KERBEROS ERROR: Could not open keytab file :%s\n",filename);
699 ret = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
701 fprintf(stderr, "KERBEROS ERROR: Could not read from keytab file :%s\n",filename);
706 new_key=g_malloc(sizeof(enc_key_t));
707 new_key->fd_num = -1;
708 new_key->next=enc_key_list;
709 ret = krb5_kt_next_entry(krb5_ctx, keytab, &key, &cursor);
714 /* generate origin string, describing where this key came from */
715 pos=new_key->key_origin;
716 pos+=MIN(KRB_MAX_ORIG_LEN,
717 g_snprintf(pos, KRB_MAX_ORIG_LEN, "keytab principal "));
718 for(i=0;i<key.principal->name.name_string.len;i++){
719 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
720 g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "%s%s",(i?"/":""),key.principal->name.name_string.val[i]));
722 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
723 g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "@%s",key.principal->realm));
725 new_key->keytype=key.keyblock.keytype;
726 new_key->keylength=key.keyblock.keyvalue.length;
727 new_key->keyvalue=g_memdup(key.keyblock.keyvalue.data, key.keyblock.keyvalue.length);
728 enc_key_list=new_key;
732 ret = krb5_kt_end_seq_get(krb5_ctx, keytab, &cursor);
734 krb5_kt_close(krb5_ctx, keytab);
741 decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
750 int length = tvb_captured_length(cryptotvb);
751 const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
753 /* don't do anything if we are not attempting to decrypt data */
758 /* make sure we have all the data we need */
759 if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
763 read_keytab_file_from_preferences();
765 for(ek=enc_key_list;ek;ek=ek->next){
766 krb5_keytab_entry key;
768 guint8 *cryptocopy; /* workaround for pre-0.6.1 heimdal bug */
770 /* shortcircuit and bail out if enctypes are not matching */
771 if((keytype != -1) && (ek->keytype != keytype)) {
775 key.keyblock.keytype=ek->keytype;
776 key.keyblock.keyvalue.length=ek->keylength;
777 key.keyblock.keyvalue.data=ek->keyvalue;
778 ret = krb5_crypto_init(krb5_ctx, &(key.keyblock), 0, &crypto);
783 /* pre-0.6.1 versions of Heimdal would sometimes change
784 the cryptotext data even when the decryption failed.
785 This would obviously not work since we iterate over the
786 keys. So just give it a copy of the crypto data instead.
787 This has been seen for RC4-HMAC blobs.
789 cryptocopy=g_memdup(cryptotext, length);
790 ret = krb5_decrypt_ivec(krb5_ctx, crypto, usage,
795 if((ret == 0) && (length>0)){
798 printf("woohoo decrypted keytype:%d in frame:%u\n", ek->keytype, pinfo->fd->num);
799 proto_tree_add_text(tree, NULL, 0, 0, "[Decrypted using: %s]", ek->key_origin);
800 krb5_crypto_destroy(krb5_ctx, crypto);
801 /* return a private g_malloced blob to the caller */
802 user_data=g_memdup(data.data, data.length);
804 *datalen = data.length;
808 krb5_crypto_destroy(krb5_ctx, crypto);
813 #elif defined (HAVE_LIBNETTLE)
815 #define SERVICE_KEY_SIZE (DES3_KEY_SIZE + 2)
816 #define KEYTYPE_DES3_CBC_MD5 5 /* Currently the only one supported */
818 typedef struct _service_key_t {
823 char origin[KRB_MAX_ORIG_LEN+1];
825 GSList *service_key_list = NULL;
829 add_encryption_key(packet_info *pinfo, int keytype, int keylength, const char *keyvalue, const char *origin)
831 service_key_t *new_key;
833 if(pinfo->fd->flags.visited){
836 printf("added key in %u\n",pinfo->fd->num);
838 new_key = g_malloc(sizeof(service_key_t));
840 new_key->keytype = keytype;
841 new_key->length = keylength;
842 new_key->contents = g_memdup(keyvalue, keylength);
843 g_snprintf(new_key->origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u", origin, pinfo->fd->num);
844 service_key_list = g_slist_append(service_key_list, (gpointer) new_key);
852 for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
853 sk = (service_key_t *) ske->data;
855 g_free(sk->contents);
859 g_slist_free(service_key_list);
860 service_key_list = NULL;
864 read_keytab_file(const char *service_key_file)
869 unsigned char buf[SERVICE_KEY_SIZE];
870 int newline_skip = 0, count = 0;
872 if (service_key_file != NULL && ws_stat64 (service_key_file, &st) == 0) {
874 /* The service key file contains raw 192-bit (24 byte) 3DES keys.
875 * There can be zero, one (\n), or two (\r\n) characters between
876 * keys. Trailing characters are ignored.
879 /* XXX We should support the standard keytab format instead */
880 if (st.st_size > SERVICE_KEY_SIZE) {
881 if ( (st.st_size % (SERVICE_KEY_SIZE + 1) == 0) ||
882 (st.st_size % (SERVICE_KEY_SIZE + 1) == SERVICE_KEY_SIZE) ) {
884 } else if ( (st.st_size % (SERVICE_KEY_SIZE + 2) == 0) ||
885 (st.st_size % (SERVICE_KEY_SIZE + 2) == SERVICE_KEY_SIZE) ) {
890 skf = ws_fopen(service_key_file, "rb");
893 while (fread(buf, SERVICE_KEY_SIZE, 1, skf) == 1) {
894 sk = g_malloc(sizeof(service_key_t));
895 sk->kvno = buf[0] << 8 | buf[1];
896 sk->keytype = KEYTYPE_DES3_CBC_MD5;
897 sk->length = DES3_KEY_SIZE;
898 sk->contents = g_memdup(buf + 2, DES3_KEY_SIZE);
899 g_snprintf(sk->origin, KRB_MAX_ORIG_LEN, "3DES service key file, key #%d, offset %ld", count, ftell(skf));
900 service_key_list = g_slist_append(service_key_list, (gpointer) sk);
901 fseek(skf, newline_skip, SEEK_CUR);
903 g_warning("added key: %s", sk->origin);
909 #define CONFOUNDER_PLUS_CHECKSUM 24
912 decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
919 guint8 *decrypted_data = NULL, *plaintext = NULL;
922 guint32 tag, item_len, data_len;
923 int id_offset, offset;
924 guint8 key[DES3_KEY_SIZE];
925 guint8 initial_vector[DES_BLOCK_SIZE];
927 md5_byte_t digest[16];
928 md5_byte_t zero_fill[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
929 md5_byte_t confounder[8];
934 int length = tvb_captured_length(cryptotvb);
935 const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
938 /* don't do anything if we are not attempting to decrypt data */
943 /* make sure we have all the data we need */
944 if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
948 if (keytype != KEYTYPE_DES3_CBC_MD5 || service_key_list == NULL) {
952 decrypted_data = g_malloc(length);
953 for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
954 gboolean do_continue = FALSE;
955 sk = (service_key_t *) ske->data;
957 des_fix_parity(DES3_KEY_SIZE, key, sk->contents);
960 memset(initial_vector, 0, DES_BLOCK_SIZE);
961 des3_set_key(&ctx, key);
962 cbc_decrypt(&ctx, des3_decrypt, DES_BLOCK_SIZE, initial_vector,
963 length, decrypted_data, cryptotext);
964 encr_tvb = tvb_new_real_data(decrypted_data, length, length);
966 tvb_memcpy(encr_tvb, confounder, 0, 8);
968 /* We have to pull the decrypted data length from the decrypted
969 * content. If the key doesn't match or we otherwise get garbage,
970 * an exception may get thrown while decoding the ASN.1 header.
971 * Catch it, just in case.
974 id_offset = get_ber_identifier(encr_tvb, CONFOUNDER_PLUS_CHECKSUM, &cls, &pc, &tag);
975 offset = get_ber_length(encr_tvb, id_offset, &item_len, &ind);
977 CATCH_BOUNDS_ERRORS {
983 if (do_continue) continue;
985 data_len = item_len + offset - CONFOUNDER_PLUS_CHECKSUM;
986 if ((int) item_len + offset > length) {
991 md5_append(&md5s, confounder, 8);
992 md5_append(&md5s, zero_fill, 16);
993 md5_append(&md5s, decrypted_data + CONFOUNDER_PLUS_CHECKSUM, data_len);
994 md5_finish(&md5s, digest);
996 if (tvb_memeql (encr_tvb, 8, digest, 16) == 0) {
997 g_warning("woohoo decrypted keytype:%d in frame:%u\n", keytype, pinfo->fd->num);
998 plaintext = g_malloc(data_len);
999 tvb_memcpy(encr_tvb, plaintext, CONFOUNDER_PLUS_CHECKSUM, data_len);
1003 *datalen = data_len;
1005 g_free(decrypted_data);
1011 g_free(decrypted_data);
1015 #endif /* HAVE_MIT_KERBEROS / HAVE_HEIMDAL_KERBEROS / HAVE_LIBNETTLE */
1017 #define INET6_ADDRLEN 16
1019 /* TCP Record Mark */
1020 #define KRB_RM_RESERVED 0x80000000U
1021 #define KRB_RM_RECLEN 0x7fffffffU
1023 #define KRB5_MSG_TICKET 1 /* Ticket */
1024 #define KRB5_MSG_AUTHENTICATOR 2 /* Authenticator */
1025 #define KRB5_MSG_ENC_TICKET_PART 3 /* EncTicketPart */
1026 #define KRB5_MSG_AS_REQ 10 /* AS-REQ type */
1027 #define KRB5_MSG_AS_REP 11 /* AS-REP type */
1028 #define KRB5_MSG_TGS_REQ 12 /* TGS-REQ type */
1029 #define KRB5_MSG_TGS_REP 13 /* TGS-REP type */
1030 #define KRB5_MSG_AP_REQ 14 /* AP-REQ type */
1031 #define KRB5_MSG_AP_REP 15 /* AP-REP type */
1033 #define KRB5_MSG_SAFE 20 /* KRB-SAFE type */
1034 #define KRB5_MSG_PRIV 21 /* KRB-PRIV type */
1035 #define KRB5_MSG_CRED 22 /* KRB-CRED type */
1036 #define KRB5_MSG_ENC_AS_REP_PART 25 /* EncASRepPart */
1037 #define KRB5_MSG_ENC_TGS_REP_PART 26 /* EncTGSRepPart */
1038 #define KRB5_MSG_ENC_AP_REP_PART 27 /* EncAPRepPart */
1039 #define KRB5_MSG_ENC_KRB_PRIV_PART 28 /* EncKrbPrivPart */
1040 #define KRB5_MSG_ENC_KRB_CRED_PART 29 /* EncKrbCredPart */
1041 #define KRB5_MSG_ERROR 30 /* KRB-ERROR type */
1043 /* encryption type constants */
1044 #define KRB5_ENCTYPE_NULL 0
1045 #define KRB5_ENCTYPE_DES_CBC_CRC 1
1046 #define KRB5_ENCTYPE_DES_CBC_MD4 2
1047 #define KRB5_ENCTYPE_DES_CBC_MD5 3
1048 #define KRB5_ENCTYPE_DES_CBC_RAW 4
1049 #define KRB5_ENCTYPE_DES3_CBC_SHA 5
1050 #define KRB5_ENCTYPE_DES3_CBC_RAW 6
1051 #define KRB5_ENCTYPE_DES_HMAC_SHA1 8
1052 #define KRB5_ENCTYPE_DSA_SHA1_CMS 9
1053 #define KRB5_ENCTYPE_RSA_MD5_CMS 10
1054 #define KRB5_ENCTYPE_RSA_SHA1_CMS 11
1055 #define KRB5_ENCTYPE_RC2_CBC_ENV 12
1056 #define KRB5_ENCTYPE_RSA_ENV 13
1057 #define KRB5_ENCTYPE_RSA_ES_OEAP_ENV 14
1058 #define KRB5_ENCTYPE_DES_EDE3_CBC_ENV 15
1059 #define KRB5_ENCTYPE_DES3_CBC_SHA1 16
1060 #define KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 17
1061 #define KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 18
1062 #define KRB5_ENCTYPE_DES_CBC_MD5_NT 20
1063 #define KERB_ENCTYPE_RC4_HMAC 23
1064 #define KERB_ENCTYPE_RC4_HMAC_EXP 24
1065 #define KRB5_ENCTYPE_UNKNOWN 0x1ff
1066 #define KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1 0x7007
1067 #define KRB5_ENCTYPE_RC4_PLAIN_EXP 0xffffff73
1068 #define KRB5_ENCTYPE_RC4_PLAIN 0xffffff74
1069 #define KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP 0xffffff78
1070 #define KRB5_ENCTYPE_RC4_HMAC_OLD_EXP 0xffffff79
1071 #define KRB5_ENCTYPE_RC4_PLAIN_OLD 0xffffff7a
1072 #define KRB5_ENCTYPE_RC4_HMAC_OLD 0xffffff7b
1073 #define KRB5_ENCTYPE_DES_PLAIN 0xffffff7c
1074 #define KRB5_ENCTYPE_RC4_SHA 0xffffff7d
1075 #define KRB5_ENCTYPE_RC4_LM 0xffffff7e
1076 #define KRB5_ENCTYPE_RC4_PLAIN2 0xffffff7f
1077 #define KRB5_ENCTYPE_RC4_MD4 0xffffff80
1079 /* checksum types */
1080 #define KRB5_CHKSUM_NONE 0
1081 #define KRB5_CHKSUM_CRC32 1
1082 #define KRB5_CHKSUM_MD4 2
1083 #define KRB5_CHKSUM_KRB_DES_MAC 4
1084 #define KRB5_CHKSUM_KRB_DES_MAC_K 5
1085 #define KRB5_CHKSUM_MD5 7
1086 #define KRB5_CHKSUM_MD5_DES 8
1087 /* the following four come from packetcable */
1088 #define KRB5_CHKSUM_MD5_DES3 9
1089 #define KRB5_CHKSUM_HMAC_SHA1_DES3_KD 12
1090 #define KRB5_CHKSUM_HMAC_SHA1_DES3 13
1091 #define KRB5_CHKSUM_SHA1_UNKEYED 14
1092 #define KRB5_CHKSUM_HMAC_MD5 0xffffff76
1093 #define KRB5_CHKSUM_MD5_HMAC 0xffffff77
1094 #define KRB5_CHKSUM_RC4_MD5 0xffffff78
1095 #define KRB5_CHKSUM_MD25 0xffffff79
1096 #define KRB5_CHKSUM_DES_MAC_MD5 0xffffff7a
1097 #define KRB5_CHKSUM_DES_MAC 0xffffff7b
1098 #define KRB5_CHKSUM_REAL_CRC32 0xffffff7c
1099 #define KRB5_CHKSUM_SHA1 0xffffff7d
1100 #define KRB5_CHKSUM_LM 0xffffff7e
1101 #define KRB5_CHKSUM_GSSAPI 0x8003
1104 * For KERB_ENCTYPE_RC4_HMAC and KERB_ENCTYPE_RC4_HMAC_EXP, see
1106 * http://www.ietf.org/internet-drafts/draft-brezak-win2k-krb-rc4-hmac-04.txt
1108 * unless it's expired.
1111 /* pre-authentication type constants */
1112 #define KRB5_PA_TGS_REQ 1
1113 #define KRB5_PA_ENC_TIMESTAMP 2
1114 #define KRB5_PA_PW_SALT 3
1115 #define KRB5_PA_ENC_ENCKEY 4
1116 #define KRB5_PA_ENC_UNIX_TIME 5
1117 #define KRB5_PA_ENC_SANDIA_SECURID 6
1118 #define KRB5_PA_SESAME 7
1119 #define KRB5_PA_OSF_DCE 8
1120 #define KRB5_PA_CYBERSAFE_SECUREID 9
1121 #define KRB5_PA_AFS3_SALT 10
1122 #define KRB5_PA_ENCTYPE_INFO 11
1123 #define KRB5_PA_SAM_CHALLENGE 12
1124 #define KRB5_PA_SAM_RESPONSE 13
1125 #define KRB5_PA_PK_AS_REQ 14
1126 #define KRB5_PA_PK_AS_REP 15
1127 #define KRB5_PA_DASS 16
1128 #define KRB5_PA_ENCTYPE_INFO2 19
1129 #define KRB5_PA_USE_SPECIFIED_KVNO 20
1130 #define KRB5_PA_SAM_REDIRECT 21
1131 #define KRB5_PA_GET_FROM_TYPED_DATA 22
1132 #define KRB5_PA_SAM_ETYPE_INFO 23
1133 #define KRB5_PA_ALT_PRINC 24
1134 #define KRB5_PA_SAM_CHALLENGE2 30
1135 #define KRB5_PA_SAM_RESPONSE2 31
1136 #define KRB5_TD_PKINIT_CMS_CERTIFICATES 101
1137 #define KRB5_TD_KRB_PRINCIPAL 102
1138 #define KRB5_TD_KRB_REALM 103
1139 #define KRB5_TD_TRUSTED_CERTIFIERS 104
1140 #define KRB5_TD_CERTIFICATE_INDEX 105
1141 #define KRB5_TD_APP_DEFINED_ERROR 106
1142 #define KRB5_TD_REQ_NONCE 107
1143 #define KRB5_TD_REQ_SEQ 108
1144 /* preauthentication types >127 (i.e. negative ones) are app specific.
1145 however since Microsoft is the dominant(only?) user of types in this range
1146 we also treat the type as unsigned.
1148 #define KRB5_PA_PAC_REQUEST 128 /* (Microsoft extension) */
1149 #define KRB5_PA_FOR_USER 129 /* Impersonation (Microsoft extension) See [MS-SFU]. XXX - replaced by KRB5_PA_S4U2SELF */
1150 #define KRB5_PA_S4U2SELF 129
1152 #define KRB5_PA_PROV_SRV_LOCATION 0xffffffff /* (gint32)0xFF) packetcable stuff */
1153 /* Principal name-type */
1154 #define KRB5_NT_UNKNOWN 0
1155 #define KRB5_NT_PRINCIPAL 1
1156 #define KRB5_NT_SRV_INST 2
1157 #define KRB5_NT_SRV_HST 3
1158 #define KRB5_NT_SRV_XHST 4
1159 #define KRB5_NT_UID 5
1160 #define KRB5_NT_X500_PRINCIPAL 6
1161 #define KRB5_NT_SMTP_NAME 7
1162 #define KRB5_NT_ENTERPRISE 10
1165 * MS specific name types, from
1167 * http://msdn.microsoft.com/library/en-us/security/security/kerb_external_name.asp
1169 #define KRB5_NT_MS_PRINCIPAL -128
1170 #define KRB5_NT_MS_PRINCIPAL_AND_SID -129
1171 #define KRB5_NT_ENT_PRINCIPAL_AND_SID -130
1172 #define KRB5_NT_PRINCIPAL_AND_SID -131
1173 #define KRB5_NT_SRV_INST_AND_SID -132
1175 /* error table constants */
1176 /* I prefixed the krb5_err.et constant names with KRB5_ET_ for these */
1177 #define KRB5_ET_KRB5KDC_ERR_NONE 0
1178 #define KRB5_ET_KRB5KDC_ERR_NAME_EXP 1
1179 #define KRB5_ET_KRB5KDC_ERR_SERVICE_EXP 2
1180 #define KRB5_ET_KRB5KDC_ERR_BAD_PVNO 3
1181 #define KRB5_ET_KRB5KDC_ERR_C_OLD_MAST_KVNO 4
1182 #define KRB5_ET_KRB5KDC_ERR_S_OLD_MAST_KVNO 5
1183 #define KRB5_ET_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN 6
1184 #define KRB5_ET_KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN 7
1185 #define KRB5_ET_KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE 8
1186 #define KRB5_ET_KRB5KDC_ERR_NULL_KEY 9
1187 #define KRB5_ET_KRB5KDC_ERR_CANNOT_POSTDATE 10
1188 #define KRB5_ET_KRB5KDC_ERR_NEVER_VALID 11
1189 #define KRB5_ET_KRB5KDC_ERR_POLICY 12
1190 #define KRB5_ET_KRB5KDC_ERR_BADOPTION 13
1191 #define KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP 14
1192 #define KRB5_ET_KRB5KDC_ERR_SUMTYPE_NOSUPP 15
1193 #define KRB5_ET_KRB5KDC_ERR_PADATA_TYPE_NOSUPP 16
1194 #define KRB5_ET_KRB5KDC_ERR_TRTYPE_NOSUPP 17
1195 #define KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED 18
1196 #define KRB5_ET_KRB5KDC_ERR_SERVICE_REVOKED 19
1197 #define KRB5_ET_KRB5KDC_ERR_TGT_REVOKED 20
1198 #define KRB5_ET_KRB5KDC_ERR_CLIENT_NOTYET 21
1199 #define KRB5_ET_KRB5KDC_ERR_SERVICE_NOTYET 22
1200 #define KRB5_ET_KRB5KDC_ERR_KEY_EXP 23
1201 #define KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED 24
1202 #define KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED 25
1203 #define KRB5_ET_KRB5KDC_ERR_SERVER_NOMATCH 26
1204 #define KRB5_ET_KRB5KDC_ERR_MUST_USE_USER2USER 27
1205 #define KRB5_ET_KRB5KDC_ERR_PATH_NOT_ACCEPTED 28
1206 #define KRB5_ET_KRB5KDC_ERR_SVC_UNAVAILABLE 29
1207 #define KRB5_ET_KRB5KRB_AP_ERR_BAD_INTEGRITY 31
1208 #define KRB5_ET_KRB5KRB_AP_ERR_TKT_EXPIRED 32
1209 #define KRB5_ET_KRB5KRB_AP_ERR_TKT_NYV 33
1210 #define KRB5_ET_KRB5KRB_AP_ERR_REPEAT 34
1211 #define KRB5_ET_KRB5KRB_AP_ERR_NOT_US 35
1212 #define KRB5_ET_KRB5KRB_AP_ERR_BADMATCH 36
1213 #define KRB5_ET_KRB5KRB_AP_ERR_SKEW 37
1214 #define KRB5_ET_KRB5KRB_AP_ERR_BADADDR 38
1215 #define KRB5_ET_KRB5KRB_AP_ERR_BADVERSION 39
1216 #define KRB5_ET_KRB5KRB_AP_ERR_MSG_TYPE 40
1217 #define KRB5_ET_KRB5KRB_AP_ERR_MODIFIED 41
1218 #define KRB5_ET_KRB5KRB_AP_ERR_BADORDER 42
1219 #define KRB5_ET_KRB5KRB_AP_ERR_ILL_CR_TKT 43
1220 #define KRB5_ET_KRB5KRB_AP_ERR_BADKEYVER 44
1221 #define KRB5_ET_KRB5KRB_AP_ERR_NOKEY 45
1222 #define KRB5_ET_KRB5KRB_AP_ERR_MUT_FAIL 46
1223 #define KRB5_ET_KRB5KRB_AP_ERR_BADDIRECTION 47
1224 #define KRB5_ET_KRB5KRB_AP_ERR_METHOD 48
1225 #define KRB5_ET_KRB5KRB_AP_ERR_BADSEQ 49
1226 #define KRB5_ET_KRB5KRB_AP_ERR_INAPP_CKSUM 50
1227 #define KRB5_ET_KRB5KDC_AP_PATH_NOT_ACCEPTED 51
1228 #define KRB5_ET_KRB5KRB_ERR_RESPONSE_TOO_BIG 52
1229 #define KRB5_ET_KRB5KRB_ERR_GENERIC 60
1230 #define KRB5_ET_KRB5KRB_ERR_FIELD_TOOLONG 61
1231 #define KRB5_ET_KDC_ERROR_CLIENT_NOT_TRUSTED 62
1232 #define KRB5_ET_KDC_ERROR_KDC_NOT_TRUSTED 63
1233 #define KRB5_ET_KDC_ERROR_INVALID_SIG 64
1234 #define KRB5_ET_KDC_ERR_KEY_TOO_WEAK 65
1235 #define KRB5_ET_KDC_ERR_CERTIFICATE_MISMATCH 66
1236 #define KRB5_ET_KRB_AP_ERR_NO_TGT 67
1237 #define KRB5_ET_KDC_ERR_WRONG_REALM 68
1238 #define KRB5_ET_KRB_AP_ERR_USER_TO_USER_REQUIRED 69
1239 #define KRB5_ET_KDC_ERR_CANT_VERIFY_CERTIFICATE 70
1240 #define KRB5_ET_KDC_ERR_INVALID_CERTIFICATE 71
1241 #define KRB5_ET_KDC_ERR_REVOKED_CERTIFICATE 72
1242 #define KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNKNOWN 73
1243 #define KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE 74
1244 #define KRB5_ET_KDC_ERR_CLIENT_NAME_MISMATCH 75
1245 #define KRB5_ET_KDC_ERR_KDC_NAME_MISMATCH 76
1247 static const value_string krb5_error_codes[] = {
1248 { KRB5_ET_KRB5KDC_ERR_NONE, "KRB5KDC_ERR_NONE" },
1249 { KRB5_ET_KRB5KDC_ERR_NAME_EXP, "KRB5KDC_ERR_NAME_EXP" },
1250 { KRB5_ET_KRB5KDC_ERR_SERVICE_EXP, "KRB5KDC_ERR_SERVICE_EXP" },
1251 { KRB5_ET_KRB5KDC_ERR_BAD_PVNO, "KRB5KDC_ERR_BAD_PVNO" },
1252 { KRB5_ET_KRB5KDC_ERR_C_OLD_MAST_KVNO, "KRB5KDC_ERR_C_OLD_MAST_KVNO" },
1253 { KRB5_ET_KRB5KDC_ERR_S_OLD_MAST_KVNO, "KRB5KDC_ERR_S_OLD_MAST_KVNO" },
1254 { KRB5_ET_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN" },
1255 { KRB5_ET_KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN, "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" },
1256 { KRB5_ET_KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE, "KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE" },
1257 { KRB5_ET_KRB5KDC_ERR_NULL_KEY, "KRB5KDC_ERR_NULL_KEY" },
1258 { KRB5_ET_KRB5KDC_ERR_CANNOT_POSTDATE, "KRB5KDC_ERR_CANNOT_POSTDATE" },
1259 { KRB5_ET_KRB5KDC_ERR_NEVER_VALID, "KRB5KDC_ERR_NEVER_VALID" },
1260 { KRB5_ET_KRB5KDC_ERR_POLICY, "KRB5KDC_ERR_POLICY" },
1261 { KRB5_ET_KRB5KDC_ERR_BADOPTION, "KRB5KDC_ERR_BADOPTION" },
1262 { KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP, "KRB5KDC_ERR_ETYPE_NOSUPP" },
1263 { KRB5_ET_KRB5KDC_ERR_SUMTYPE_NOSUPP, "KRB5KDC_ERR_SUMTYPE_NOSUPP" },
1264 { KRB5_ET_KRB5KDC_ERR_PADATA_TYPE_NOSUPP, "KRB5KDC_ERR_PADATA_TYPE_NOSUPP" },
1265 { KRB5_ET_KRB5KDC_ERR_TRTYPE_NOSUPP, "KRB5KDC_ERR_TRTYPE_NOSUPP" },
1266 { KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED, "KRB5KDC_ERR_CLIENT_REVOKED" },
1267 { KRB5_ET_KRB5KDC_ERR_SERVICE_REVOKED, "KRB5KDC_ERR_SERVICE_REVOKED" },
1268 { KRB5_ET_KRB5KDC_ERR_TGT_REVOKED, "KRB5KDC_ERR_TGT_REVOKED" },
1269 { KRB5_ET_KRB5KDC_ERR_CLIENT_NOTYET, "KRB5KDC_ERR_CLIENT_NOTYET" },
1270 { KRB5_ET_KRB5KDC_ERR_SERVICE_NOTYET, "KRB5KDC_ERR_SERVICE_NOTYET" },
1271 { KRB5_ET_KRB5KDC_ERR_KEY_EXP, "KRB5KDC_ERR_KEY_EXP" },
1272 { KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED, "KRB5KDC_ERR_PREAUTH_FAILED" },
1273 { KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED, "KRB5KDC_ERR_PREAUTH_REQUIRED" },
1274 { KRB5_ET_KRB5KDC_ERR_SERVER_NOMATCH, "KRB5KDC_ERR_SERVER_NOMATCH" },
1275 { KRB5_ET_KRB5KDC_ERR_MUST_USE_USER2USER, "KRB5KDC_ERR_MUST_USE_USER2USER" },
1276 { KRB5_ET_KRB5KDC_ERR_PATH_NOT_ACCEPTED, "KRB5KDC_ERR_PATH_NOT_ACCEPTED" },
1277 { KRB5_ET_KRB5KDC_ERR_SVC_UNAVAILABLE, "KRB5KDC_ERR_SVC_UNAVAILABLE" },
1278 { KRB5_ET_KRB5KRB_AP_ERR_BAD_INTEGRITY, "KRB5KRB_AP_ERR_BAD_INTEGRITY" },
1279 { KRB5_ET_KRB5KRB_AP_ERR_TKT_EXPIRED, "KRB5KRB_AP_ERR_TKT_EXPIRED" },
1280 { KRB5_ET_KRB5KRB_AP_ERR_TKT_NYV, "KRB5KRB_AP_ERR_TKT_NYV" },
1281 { KRB5_ET_KRB5KRB_AP_ERR_REPEAT, "KRB5KRB_AP_ERR_REPEAT" },
1282 { KRB5_ET_KRB5KRB_AP_ERR_NOT_US, "KRB5KRB_AP_ERR_NOT_US" },
1283 { KRB5_ET_KRB5KRB_AP_ERR_BADMATCH, "KRB5KRB_AP_ERR_BADMATCH" },
1284 { KRB5_ET_KRB5KRB_AP_ERR_SKEW, "KRB5KRB_AP_ERR_SKEW" },
1285 { KRB5_ET_KRB5KRB_AP_ERR_BADADDR, "KRB5KRB_AP_ERR_BADADDR" },
1286 { KRB5_ET_KRB5KRB_AP_ERR_BADVERSION, "KRB5KRB_AP_ERR_BADVERSION" },
1287 { KRB5_ET_KRB5KRB_AP_ERR_MSG_TYPE, "KRB5KRB_AP_ERR_MSG_TYPE" },
1288 { KRB5_ET_KRB5KRB_AP_ERR_MODIFIED, "KRB5KRB_AP_ERR_MODIFIED" },
1289 { KRB5_ET_KRB5KRB_AP_ERR_BADORDER, "KRB5KRB_AP_ERR_BADORDER" },
1290 { KRB5_ET_KRB5KRB_AP_ERR_ILL_CR_TKT, "KRB5KRB_AP_ERR_ILL_CR_TKT" },
1291 { KRB5_ET_KRB5KRB_AP_ERR_BADKEYVER, "KRB5KRB_AP_ERR_BADKEYVER" },
1292 { KRB5_ET_KRB5KRB_AP_ERR_NOKEY, "KRB5KRB_AP_ERR_NOKEY" },
1293 { KRB5_ET_KRB5KRB_AP_ERR_MUT_FAIL, "KRB5KRB_AP_ERR_MUT_FAIL" },
1294 { KRB5_ET_KRB5KRB_AP_ERR_BADDIRECTION, "KRB5KRB_AP_ERR_BADDIRECTION" },
1295 { KRB5_ET_KRB5KRB_AP_ERR_METHOD, "KRB5KRB_AP_ERR_METHOD" },
1296 { KRB5_ET_KRB5KRB_AP_ERR_BADSEQ, "KRB5KRB_AP_ERR_BADSEQ" },
1297 { KRB5_ET_KRB5KRB_AP_ERR_INAPP_CKSUM, "KRB5KRB_AP_ERR_INAPP_CKSUM" },
1298 { KRB5_ET_KRB5KDC_AP_PATH_NOT_ACCEPTED, "KRB5KDC_AP_PATH_NOT_ACCEPTED" },
1299 { KRB5_ET_KRB5KRB_ERR_RESPONSE_TOO_BIG, "KRB5KRB_ERR_RESPONSE_TOO_BIG"},
1300 { KRB5_ET_KRB5KRB_ERR_GENERIC, "KRB5KRB_ERR_GENERIC" },
1301 { KRB5_ET_KRB5KRB_ERR_FIELD_TOOLONG, "KRB5KRB_ERR_FIELD_TOOLONG" },
1302 { KRB5_ET_KDC_ERROR_CLIENT_NOT_TRUSTED, "KDC_ERROR_CLIENT_NOT_TRUSTED" },
1303 { KRB5_ET_KDC_ERROR_KDC_NOT_TRUSTED, "KDC_ERROR_KDC_NOT_TRUSTED" },
1304 { KRB5_ET_KDC_ERROR_INVALID_SIG, "KDC_ERROR_INVALID_SIG" },
1305 { KRB5_ET_KDC_ERR_KEY_TOO_WEAK, "KDC_ERR_KEY_TOO_WEAK" },
1306 { KRB5_ET_KDC_ERR_CERTIFICATE_MISMATCH, "KDC_ERR_CERTIFICATE_MISMATCH" },
1307 { KRB5_ET_KRB_AP_ERR_NO_TGT, "KRB_AP_ERR_NO_TGT" },
1308 { KRB5_ET_KDC_ERR_WRONG_REALM, "KDC_ERR_WRONG_REALM" },
1309 { KRB5_ET_KRB_AP_ERR_USER_TO_USER_REQUIRED, "KRB_AP_ERR_USER_TO_USER_REQUIRED" },
1310 { KRB5_ET_KDC_ERR_CANT_VERIFY_CERTIFICATE, "KDC_ERR_CANT_VERIFY_CERTIFICATE" },
1311 { KRB5_ET_KDC_ERR_INVALID_CERTIFICATE, "KDC_ERR_INVALID_CERTIFICATE" },
1312 { KRB5_ET_KDC_ERR_REVOKED_CERTIFICATE, "KDC_ERR_REVOKED_CERTIFICATE" },
1313 { KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNKNOWN, "KDC_ERR_REVOCATION_STATUS_UNKNOWN" },
1314 { KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, "KDC_ERR_REVOCATION_STATUS_UNAVAILABLE" },
1315 { KRB5_ET_KDC_ERR_CLIENT_NAME_MISMATCH, "KDC_ERR_CLIENT_NAME_MISMATCH" },
1316 { KRB5_ET_KDC_ERR_KDC_NAME_MISMATCH, "KDC_ERR_KDC_NAME_MISMATCH" },
1322 #define PAC_LOGON_INFO 1
1323 #define PAC_CREDENTIAL_TYPE 2
1324 #define PAC_SERVER_CHECKSUM 6
1325 #define PAC_PRIVSVR_CHECKSUM 7
1326 #define PAC_CLIENT_INFO_TYPE 10
1327 #define PAC_S4U_DELEGATION_INFO 11
1328 #define PAC_UPN_DNS_INFO 12
1329 static const value_string w2k_pac_types[] = {
1330 { PAC_LOGON_INFO , "Logon Info" },
1331 { PAC_CREDENTIAL_TYPE , "Credential Type" },
1332 { PAC_SERVER_CHECKSUM , "Server Checksum" },
1333 { PAC_PRIVSVR_CHECKSUM , "Privsvr Checksum" },
1334 { PAC_CLIENT_INFO_TYPE , "Client Info Type" },
1335 { PAC_S4U_DELEGATION_INFO, "S4U Delegation Info" },
1336 { PAC_UPN_DNS_INFO , "UPN DNS Info" },
1341 static const value_string krb5_princ_types[] = {
1342 { KRB5_NT_UNKNOWN , "Unknown" },
1343 { KRB5_NT_PRINCIPAL , "Principal" },
1344 { KRB5_NT_SRV_INST , "Service and Instance" },
1345 { KRB5_NT_SRV_HST , "Service and Host" },
1346 { KRB5_NT_SRV_XHST , "Service and Host Components" },
1347 { KRB5_NT_UID , "Unique ID" },
1348 { KRB5_NT_X500_PRINCIPAL , "Encoded X.509 Distinguished Name" },
1349 { KRB5_NT_SMTP_NAME , "SMTP Name" },
1350 { KRB5_NT_ENTERPRISE , "Enterprise Name" },
1351 { KRB5_NT_MS_PRINCIPAL , "NT 4.0 style name (MS specific)" },
1352 { KRB5_NT_MS_PRINCIPAL_AND_SID , "NT 4.0 style name with SID (MS specific)"},
1353 { KRB5_NT_ENT_PRINCIPAL_AND_SID, "UPN and SID (MS specific)"},
1354 { KRB5_NT_PRINCIPAL_AND_SID , "Principal name and SID (MS specific)"},
1355 { KRB5_NT_SRV_INST_AND_SID , "SPN and SID (MS specific)"},
1360 static const value_string krb5_preauthentication_types[] = {
1361 { KRB5_PA_TGS_REQ , "PA-TGS-REQ" },
1362 { KRB5_PA_ENC_TIMESTAMP , "PA-ENC-TIMESTAMP" },
1363 { KRB5_PA_PW_SALT , "PA-PW-SALT" },
1364 { KRB5_PA_ENC_ENCKEY , "PA-ENC-ENCKEY" },
1365 { KRB5_PA_ENC_UNIX_TIME , "PA-ENC-UNIX-TIME" },
1366 { KRB5_PA_ENC_SANDIA_SECURID , "PA-PW-SALT" },
1367 { KRB5_PA_SESAME , "PA-SESAME" },
1368 { KRB5_PA_OSF_DCE , "PA-OSF-DCE" },
1369 { KRB5_PA_CYBERSAFE_SECUREID , "PA-CYBERSAFE-SECURID" },
1370 { KRB5_PA_AFS3_SALT , "PA-AFS3-SALT" },
1371 { KRB5_PA_ENCTYPE_INFO , "PA-ENCTYPE-INFO" },
1372 { KRB5_PA_ENCTYPE_INFO2 , "PA-ENCTYPE-INFO2" },
1373 { KRB5_PA_SAM_CHALLENGE , "PA-SAM-CHALLENGE" },
1374 { KRB5_PA_SAM_RESPONSE , "PA-SAM-RESPONSE" },
1375 { KRB5_PA_PK_AS_REQ , "PA-PK-AS-REQ" },
1376 { KRB5_PA_PK_AS_REP , "PA-PK-AS-REP" },
1377 { KRB5_PA_DASS , "PA-DASS" },
1378 { KRB5_PA_USE_SPECIFIED_KVNO , "PA-USE-SPECIFIED-KVNO" },
1379 { KRB5_PA_SAM_REDIRECT , "PA-SAM-REDIRECT" },
1380 { KRB5_PA_GET_FROM_TYPED_DATA , "PA-GET-FROM-TYPED-DATA" },
1381 { KRB5_PA_SAM_ETYPE_INFO , "PA-SAM-ETYPE-INFO" },
1382 { KRB5_PA_ALT_PRINC , "PA-ALT-PRINC" },
1383 { KRB5_PA_SAM_CHALLENGE2 , "PA-SAM-CHALLENGE2" },
1384 { KRB5_PA_SAM_RESPONSE2 , "PA-SAM-RESPONSE2" },
1385 { KRB5_TD_PKINIT_CMS_CERTIFICATES, "TD-PKINIT-CMS-CERTIFICATES" },
1386 { KRB5_TD_KRB_PRINCIPAL , "TD-KRB-PRINCIPAL" },
1387 { KRB5_TD_KRB_REALM , "TD-KRB-REALM" },
1388 { KRB5_TD_TRUSTED_CERTIFIERS , "TD-TRUSTED-CERTIFIERS" },
1389 { KRB5_TD_CERTIFICATE_INDEX , "TD-CERTIFICATE-INDEX" },
1390 { KRB5_TD_APP_DEFINED_ERROR , "TD-APP-DEFINED-ERROR" },
1391 { KRB5_TD_REQ_NONCE , "TD-REQ-NONCE" },
1392 { KRB5_TD_REQ_SEQ , "TD-REQ-SEQ" },
1393 { KRB5_PA_PAC_REQUEST , "PA-PAC-REQUEST" },
1394 { KRB5_PA_FOR_USER , "PA-FOR-USER" },
1395 { KRB5_PA_PROV_SRV_LOCATION , "PA-PROV-SRV-LOCATION" },
1400 static const value_string krb5_encryption_types[] = {
1401 { KRB5_ENCTYPE_NULL , "NULL" },
1402 { KRB5_ENCTYPE_DES_CBC_CRC , "des-cbc-crc" },
1403 { KRB5_ENCTYPE_DES_CBC_MD4 , "des-cbc-md4" },
1404 { KRB5_ENCTYPE_DES_CBC_MD5 , "des-cbc-md5" },
1405 { KRB5_ENCTYPE_DES_CBC_RAW , "des-cbc-raw" },
1406 { KRB5_ENCTYPE_DES3_CBC_SHA , "des3-cbc-sha" },
1407 { KRB5_ENCTYPE_DES3_CBC_RAW , "des3-cbc-raw" },
1408 { KRB5_ENCTYPE_DES_HMAC_SHA1 , "des-hmac-sha1" },
1409 { KRB5_ENCTYPE_DSA_SHA1_CMS , "dsa-sha1-cms" },
1410 { KRB5_ENCTYPE_RSA_MD5_CMS , "rsa-md5-cms" },
1411 { KRB5_ENCTYPE_RSA_SHA1_CMS , "rsa-sha1-cms" },
1412 { KRB5_ENCTYPE_RC2_CBC_ENV , "rc2-cbc-env" },
1413 { KRB5_ENCTYPE_RSA_ENV , "rsa-env" },
1414 { KRB5_ENCTYPE_RSA_ES_OEAP_ENV, "rsa-es-oeap-env" },
1415 { KRB5_ENCTYPE_DES_EDE3_CBC_ENV, "des-ede3-cbc-env" },
1416 { KRB5_ENCTYPE_DES3_CBC_SHA1 , "des3-cbc-sha1" },
1417 { KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 , "aes128-cts-hmac-sha1-96" },
1418 { KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 , "aes256-cts-hmac-sha1-96" },
1419 { KRB5_ENCTYPE_DES_CBC_MD5_NT , "des-cbc-md5-nt" },
1420 { KERB_ENCTYPE_RC4_HMAC , "rc4-hmac" },
1421 { KERB_ENCTYPE_RC4_HMAC_EXP , "rc4-hmac-exp" },
1422 { KRB5_ENCTYPE_UNKNOWN , "unknown" },
1423 { KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1 , "local-des3-hmac-sha1" },
1424 { KRB5_ENCTYPE_RC4_PLAIN_EXP , "rc4-plain-exp" },
1425 { KRB5_ENCTYPE_RC4_PLAIN , "rc4-plain" },
1426 { KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP, "rc4-plain-old-exp" },
1427 { KRB5_ENCTYPE_RC4_HMAC_OLD_EXP, "rc4-hmac-old-exp" },
1428 { KRB5_ENCTYPE_RC4_PLAIN_OLD , "rc4-plain-old" },
1429 { KRB5_ENCTYPE_RC4_HMAC_OLD , "rc4-hmac-old" },
1430 { KRB5_ENCTYPE_DES_PLAIN , "des-plain" },
1431 { KRB5_ENCTYPE_RC4_SHA , "rc4-sha" },
1432 { KRB5_ENCTYPE_RC4_LM , "rc4-lm" },
1433 { KRB5_ENCTYPE_RC4_PLAIN2 , "rc4-plain2" },
1434 { KRB5_ENCTYPE_RC4_MD4 , "rc4-md4" },
1438 static const value_string krb5_checksum_types[] = {
1439 { KRB5_CHKSUM_NONE , "none" },
1440 { KRB5_CHKSUM_CRC32 , "crc32" },
1441 { KRB5_CHKSUM_MD4 , "md4" },
1442 { KRB5_CHKSUM_KRB_DES_MAC , "krb-des-mac" },
1443 { KRB5_CHKSUM_KRB_DES_MAC_K , "krb-des-mac-k" },
1444 { KRB5_CHKSUM_MD5 , "md5" },
1445 { KRB5_CHKSUM_MD5_DES , "md5-des" },
1446 { KRB5_CHKSUM_MD5_DES3 , "md5-des3" },
1447 { KRB5_CHKSUM_HMAC_SHA1_DES3_KD, "hmac-sha1-des3-kd" },
1448 { KRB5_CHKSUM_HMAC_SHA1_DES3 , "hmac-sha1-des3" },
1449 { KRB5_CHKSUM_SHA1_UNKEYED , "sha1 (unkeyed)" },
1450 { KRB5_CHKSUM_HMAC_MD5 , "hmac-md5" },
1451 { KRB5_CHKSUM_MD5_HMAC , "md5-hmac" },
1452 { KRB5_CHKSUM_RC4_MD5 , "rc5-md5" },
1453 { KRB5_CHKSUM_MD25 , "md25" },
1454 { KRB5_CHKSUM_DES_MAC_MD5 , "des-mac-md5" },
1455 { KRB5_CHKSUM_DES_MAC , "des-mac" },
1456 { KRB5_CHKSUM_REAL_CRC32 , "real-crc32" },
1457 { KRB5_CHKSUM_SHA1 , "sha1" },
1458 { KRB5_CHKSUM_LM , "lm" },
1459 { KRB5_CHKSUM_GSSAPI , "gssapi-8003" },
1464 #define KRB5_AD_IF_RELEVANT 1
1465 #define KRB5_AD_INTENDED_FOR_SERVER 2
1466 #define KRB5_AD_INTENDED_FOR_APPLICATION_CLASS 3
1467 #define KRB5_AD_KDC_ISSUED 4
1468 #define KRB5_AD_OR 5
1469 #define KRB5_AD_MANDATORY_TICKET_EXTENSIONS 6
1470 #define KRB5_AD_IN_TICKET_EXTENSIONS 7
1471 #define KRB5_AD_MANDATORY_FOR_KDC 8
1472 #define KRB5_AD_OSF_DCE 64
1473 #define KRB5_AD_SESAME 65
1474 #define KRB5_AD_OSF_DCE_PKI_CERTID 66
1475 #define KRB5_AD_WIN2K_PAC 128
1476 #define KRB5_AD_SIGNTICKET 0xffffffef
1478 static const value_string krb5_ad_types[] = {
1479 { KRB5_AD_IF_RELEVANT , "AD-IF-RELEVANT" },
1480 { KRB5_AD_INTENDED_FOR_SERVER , "AD-Intended-For-Server" },
1481 { KRB5_AD_INTENDED_FOR_APPLICATION_CLASS , "AD-Intended-For-Application-Class" },
1482 { KRB5_AD_KDC_ISSUED , "AD-KDCIssued" },
1483 { KRB5_AD_OR , "AD-AND-OR" },
1484 { KRB5_AD_MANDATORY_TICKET_EXTENSIONS , "AD-Mandatory-Ticket-Extensions" },
1485 { KRB5_AD_IN_TICKET_EXTENSIONS , "AD-IN-Ticket-Extensions" },
1486 { KRB5_AD_MANDATORY_FOR_KDC , "AD-MANDATORY-FOR-KDC" },
1487 { KRB5_AD_OSF_DCE , "AD-OSF-DCE" },
1488 { KRB5_AD_SESAME , "AD-SESAME" },
1489 { KRB5_AD_OSF_DCE_PKI_CERTID , "AD-OSF-DCE-PKI-CertID" },
1490 { KRB5_AD_WIN2K_PAC , "AD-Win2k-PAC" },
1491 { KRB5_AD_SIGNTICKET , "AD-SignTicket" },
1495 static const value_string krb5_transited_types[] = {
1496 { 1 , "DOMAIN-X500-COMPRESS" },
1501 static const value_string krb5_msg_types[] = {
1502 { KRB5_MSG_TICKET, "Ticket" },
1503 { KRB5_MSG_AUTHENTICATOR, "Authenticator" },
1504 { KRB5_MSG_ENC_TICKET_PART, "EncTicketPart" },
1505 { KRB5_MSG_TGS_REQ, "TGS-REQ" },
1506 { KRB5_MSG_TGS_REP, "TGS-REP" },
1507 { KRB5_MSG_AS_REQ, "AS-REQ" },
1508 { KRB5_MSG_AS_REP, "AS-REP" },
1509 { KRB5_MSG_AP_REQ, "AP-REQ" },
1510 { KRB5_MSG_AP_REP, "AP-REP" },
1511 { KRB5_MSG_SAFE, "KRB-SAFE" },
1512 { KRB5_MSG_PRIV, "KRB-PRIV" },
1513 { KRB5_MSG_CRED, "KRB-CRED" },
1514 { KRB5_MSG_ENC_AS_REP_PART, "EncASRepPart" },
1515 { KRB5_MSG_ENC_TGS_REP_PART, "EncTGSRepPart" },
1516 { KRB5_MSG_ENC_AP_REP_PART, "EncAPRepPart" },
1517 { KRB5_MSG_ENC_KRB_PRIV_PART, "EncKrbPrivPart" },
1518 { KRB5_MSG_ENC_KRB_CRED_PART, "EncKrbCredPart" },
1519 { KRB5_MSG_ERROR, "KRB-ERROR" },
1523 #define KRB5_GSS_C_DELEG_FLAG 0x01
1524 #define KRB5_GSS_C_MUTUAL_FLAG 0x02
1525 #define KRB5_GSS_C_REPLAY_FLAG 0x04
1526 #define KRB5_GSS_C_SEQUENCE_FLAG 0x08
1527 #define KRB5_GSS_C_CONF_FLAG 0x10
1528 #define KRB5_GSS_C_INTEG_FLAG 0x20
1529 #define KRB5_GSS_C_DCE_STYLE 0x1000
1531 static const true_false_string tfs_gss_flags_deleg = {
1532 "Delegate credentials to remote peer",
1535 static const true_false_string tfs_gss_flags_mutual = {
1536 "Request that remote peer authenticates itself",
1537 "Mutual authentication NOT required"
1539 static const true_false_string tfs_gss_flags_replay = {
1540 "Enable replay protection for signed or sealed messages",
1541 "Do NOT enable replay protection"
1543 static const true_false_string tfs_gss_flags_sequence = {
1544 "Enable Out-of-sequence detection for sign or sealed messages",
1545 "Do NOT enable out-of-sequence detection"
1547 static const true_false_string tfs_gss_flags_conf = {
1548 "Confidentiality (sealing) may be invoked",
1549 "Do NOT use Confidentiality (sealing)"
1551 static const true_false_string tfs_gss_flags_integ = {
1552 "Integrity protection (signing) may be invoked",
1553 "Do NOT use integrity protection"
1556 static const true_false_string tfs_gss_flags_dce_style = {
1558 "Not using DCE-STYLE"
1561 #ifdef HAVE_KERBEROS
1563 dissect_krb5_decrypt_ticket_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1564 proto_tree *tree, int hf_index _U_)
1568 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1571 next_tvb=tvb_new_subset_remaining(tvb, offset);
1572 length=tvb_captured_length_remaining(tvb, offset);
1574 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1576 * All Ticket encrypted parts use usage == 2
1578 plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, next_tvb, private_data->etype, NULL);
1581 tvbuff_t *child_tvb;
1582 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1583 tvb_set_free_cb(child_tvb, g_free);
1585 /* Add the decrypted data to the data source list. */
1586 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1588 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1594 dissect_krb5_decrypt_authenticator_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1595 proto_tree *tree, int hf_index _U_)
1599 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1602 next_tvb=tvb_new_subset_remaining(tvb, offset);
1603 length=tvb_captured_length_remaining(tvb, offset);
1605 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1607 * Authenticators are encrypted with usage
1611 plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, next_tvb, private_data->etype, NULL);
1614 plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, next_tvb, private_data->etype, NULL);
1618 tvbuff_t *child_tvb;
1619 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1620 tvb_set_free_cb(child_tvb, g_free);
1622 /* Add the decrypted data to the data source list. */
1623 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1625 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1631 dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1632 proto_tree *tree, int hf_index _U_)
1636 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1639 next_tvb=tvb_new_subset_remaining(tvb, offset);
1640 length=tvb_captured_length_remaining(tvb, offset);
1642 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1644 * ASREP/TGSREP encryptedparts are encrypted with usage
1649 plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, next_tvb, private_data->etype, NULL);
1652 plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, next_tvb, private_data->etype, NULL);
1656 plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, next_tvb, private_data->etype, NULL);
1660 tvbuff_t *child_tvb;
1661 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1662 tvb_set_free_cb(child_tvb, g_free);
1664 /* Add the decrypted data to the data source list. */
1665 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1667 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1673 dissect_krb5_decrypt_PA_ENC_TIMESTAMP (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1674 proto_tree *tree, int hf_index _U_)
1678 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1681 next_tvb=tvb_new_subset_remaining(tvb, offset);
1682 length=tvb_captured_length_remaining(tvb, offset);
1684 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1686 * AS-REQ PA_ENC_TIMESTAMP are encrypted with usage
1689 plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, next_tvb, private_data->etype, NULL);
1692 tvbuff_t *child_tvb;
1693 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1694 tvb_set_free_cb(child_tvb, g_free);
1696 /* Add the decrypted data to the data source list. */
1697 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1699 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1705 dissect_krb5_decrypt_AP_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1706 proto_tree *tree, int hf_index _U_)
1710 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1713 next_tvb=tvb_new_subset_remaining(tvb, offset);
1714 length=tvb_captured_length_remaining(tvb, offset);
1716 /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1718 * AP-REP are encrypted with usage == 12
1720 plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, next_tvb, private_data->etype, NULL);
1723 tvbuff_t *child_tvb;
1724 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1725 tvb_set_free_cb(child_tvb, g_free);
1727 /* Add the decrypted data to the data source list. */
1728 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1730 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1736 dissect_krb5_decrypt_PRIV_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1737 proto_tree *tree, int hf_index _U_)
1741 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1744 next_tvb=tvb_new_subset_remaining(tvb, offset);
1745 length=tvb_captured_length_remaining(tvb, offset);
1748 * EncKrbPrivPart encrypted with usage
1751 plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, next_tvb, private_data->etype, NULL);
1754 tvbuff_t *child_tvb;
1755 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1756 tvb_set_free_cb(child_tvb, g_free);
1758 /* Add the decrypted data to the data source list. */
1759 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1761 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1767 dissect_krb5_decrypt_CRED_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1768 proto_tree *tree, int hf_index _U_)
1772 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1775 next_tvb=tvb_new_subset_remaining(tvb, offset);
1776 length=tvb_captured_length_remaining(tvb, offset);
1779 * EncKrbCredPart encrypted with usage
1782 plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, next_tvb, private_data->etype, NULL);
1785 tvbuff_t *child_tvb;
1786 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1787 tvb_set_free_cb(child_tvb, g_free);
1789 /* Add the decrypted data to the data source list. */
1790 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1792 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1798 /* Dissect a GSSAPI checksum as per RFC1964. This is NOT ASN.1 encoded.
1801 dissect_krb5_rfc1964_checksum(asn1_ctx_t *actx _U_, proto_tree *tree, tvbuff_t *tvb)
1807 /* Length of Bnd field */
1808 len=tvb_get_letohl(tvb, offset);
1809 proto_tree_add_item(tree, hf_krb_gssapi_len, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1813 proto_tree_add_item(tree, hf_krb_gssapi_bnd, tvb, offset, len, ENC_NA);
1818 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_dce_style, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1819 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_integ, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1820 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_conf, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1821 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_sequence, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1822 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_replay, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1823 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_mutual, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1824 proto_tree_add_item(tree, hf_krb_gssapi_c_flag_deleg, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1827 /* the next fields are optional so we have to check that we have
1828 * more data in our buffers */
1829 if(tvb_captured_length_remaining(tvb, offset)<2){
1832 /* dlgopt identifier */
1833 proto_tree_add_item(tree, hf_krb_gssapi_dlgopt, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1836 if(tvb_captured_length_remaining(tvb, offset)<2){
1839 /* dlglen identifier */
1840 dlglen=tvb_get_letohs(tvb, offset);
1841 proto_tree_add_item(tree, hf_krb_gssapi_dlglen, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1844 if(dlglen!=tvb_captured_length_remaining(tvb, offset)){
1845 proto_tree_add_text(tree, tvb, 0, 0, "Error: DlgLen:%d is not the same as number of bytes remaining:%d", dlglen, tvb_captured_length_remaining(tvb, offset));
1849 /* this should now be a KRB_CRED message */
1850 offset=dissect_kerberos_Applications(FALSE, tvb, offset, actx, tree, /* hf_index */ -1);
1856 dissect_krb5_PA_PROV_SRV_LOCATION(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_)
1858 offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_provsrv_location, NULL, 0);
1864 dissect_krb5_PW_SALT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_)
1868 /* Microsoft stores a special 12 byte blob here
1872 * decode everything as this blob for now until we see if anyone
1873 * else ever uses it or we learn how to tell whether this
1874 * is such an MS blob or not.
1876 proto_tree_add_item(tree, hf_krb_smb_nt_status, tvb, offset, 4,
1878 nt_status=tvb_get_letohl(tvb, offset);
1880 col_append_fstr(actx->pinfo->cinfo, COL_INFO,
1882 val_to_str(nt_status, NT_errors,
1883 "Unknown error code %#x"));
1887 proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
1891 proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
1899 /*--- Included file: packet-kerberos-fn.c ---*/
1900 #line 1 "../../asn1/kerberos/packet-kerberos-fn.c"
1904 dissect_kerberos_INTEGER_5(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1905 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1914 dissect_kerberos_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1915 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
1916 actx, tree, tvb, offset, hf_index,
1925 dissect_kerberos_Realm(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1926 offset = dissect_kerberos_KerberosString(implicit_tag, tvb, offset, actx, tree, hf_index);
1932 static const value_string kerberos_NAME_TYPE_vals[] = {
1933 { 0, "kRB5-NT-UNKNOWN" },
1934 { 1, "kRB5-NT-PRINCIPAL" },
1935 { 2, "kRB5-NT-SRV-INST" },
1936 { 3, "kRB5-NT-SRV-HST" },
1937 { 4, "kRB5-NT-SRV-XHST" },
1938 { 5, "kRB5-NT-UID" },
1939 { 6, "kRB5-NT-X500-PRINCIPAL" },
1940 { 7, "kRB5-NT-SMTP-NAME" },
1941 { 10, "kRB5-NT-ENTERPRISE-PRINCIPAL" },
1942 { -130, "kRB5-NT-ENT-PRINCIPAL-AND-ID" },
1943 { -128, "kRB5-NT-MS-PRINCIPAL" },
1944 { -129, "kRB5-NT-MS-PRINCIPAL-AND-ID" },
1950 dissect_kerberos_NAME_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1951 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
1958 static const ber_sequence_t SEQUENCE_OF_KerberosString_sequence_of[1] = {
1959 { &hf_kerberos_name_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_KerberosString },
1963 dissect_kerberos_SEQUENCE_OF_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1964 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
1965 SEQUENCE_OF_KerberosString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KerberosString);
1971 static const ber_sequence_t PrincipalName_sequence[] = {
1972 { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
1973 { &hf_kerberos_name_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_KerberosString },
1974 { NULL, 0, 0, 0, NULL }
1978 dissect_kerberos_PrincipalName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
1979 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
1980 PrincipalName_sequence, hf_index, ett_kerberos_PrincipalName);
1986 static const value_string kerberos_ENCTYPE_vals[] = {
1987 { 0, "eTYPE-NULL" },
1988 { 1, "eTYPE-DES-CBC-CRC" },
1989 { 2, "eTYPE-DES-CBC-MD4" },
1990 { 3, "eTYPE-DES-CBC-MD5" },
1991 { 5, "eTYPE-DES3-CBC-MD5" },
1992 { 7, "eTYPE-OLD-DES3-CBC-SHA1" },
1993 { 8, "eTYPE-SIGN-DSA-GENERATE" },
1994 { 9, "eTYPE-ENCRYPT-RSA-PRIV" },
1995 { 10, "eTYPE-ENCRYPT-RSA-PUB" },
1996 { 16, "eTYPE-DES3-CBC-SHA1" },
1997 { 17, "eTYPE-AES128-CTS-HMAC-SHA1-96" },
1998 { 18, "eTYPE-AES256-CTS-HMAC-SHA1-96" },
1999 { 23, "eTYPE-ARCFOUR-HMAC-MD5" },
2000 { 24, "eTYPE-ARCFOUR-HMAC-MD5-56" },
2001 { 48, "eTYPE-ENCTYPE-PK-CROSS" },
2002 { -128, "eTYPE-ARCFOUR-MD4" },
2003 { -133, "eTYPE-ARCFOUR-HMAC-OLD" },
2004 { -135, "eTYPE-ARCFOUR-HMAC-OLD-EXP" },
2005 { -4096, "eTYPE-DES-CBC-NONE" },
2006 { -4097, "eTYPE-DES3-CBC-NONE" },
2007 { -4098, "eTYPE-DES-CFB64-NONE" },
2008 { -4099, "eTYPE-DES-PCBC-NONE" },
2009 { -4100, "eTYPE-DIGEST-MD5-NONE" },
2010 { -4101, "eTYPE-CRAM-MD5-NONE" },
2016 dissect_kerberos_ENCTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2017 #line 223 "../../asn1/kerberos/kerberos.cnf"
2018 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2019 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2020 &(private_data->etype));
2031 dissect_kerberos_UInt32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2032 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2041 dissect_kerberos_T_encryptedTicketData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2042 #line 227 "../../asn1/kerberos/kerberos.cnf"
2043 #ifdef HAVE_KERBEROS
2044 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_ticket_data);
2046 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2058 static const ber_sequence_t EncryptedTicketData_sequence[] = {
2059 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
2060 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2061 { &hf_kerberos_encryptedTicketData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedTicketData_cipher },
2062 { NULL, 0, 0, 0, NULL }
2066 dissect_kerberos_EncryptedTicketData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2067 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2068 EncryptedTicketData_sequence, hf_index, ett_kerberos_EncryptedTicketData);
2074 static const ber_sequence_t Ticket_U_sequence[] = {
2075 { &hf_kerberos_tkt_vno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2076 { &hf_kerberos_realm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
2077 { &hf_kerberos_sname , BER_CLASS_CON, 2, 0, dissect_kerberos_PrincipalName },
2078 { &hf_kerberos_ticket_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedTicketData },
2079 { NULL, 0, 0, 0, NULL }
2083 dissect_kerberos_Ticket_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2084 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2085 Ticket_U_sequence, hf_index, ett_kerberos_Ticket_U);
2093 dissect_kerberos_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2094 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2095 hf_index, BER_CLASS_APP, 1, FALSE, dissect_kerberos_Ticket_U);
2101 static const value_string kerberos_CKSUMTYPE_vals[] = {
2102 { 0, "cKSUMTYPE-NONE" },
2103 { 1, "cKSUMTYPE-CRC32" },
2104 { 2, "cKSUMTYPE-RSA-MD4" },
2105 { 3, "cKSUMTYPE-RSA-MD4-DES" },
2106 { 4, "cKSUMTYPE-DES-MAC" },
2107 { 5, "cKSUMTYPE-DES-MAC-K" },
2108 { 6, "cKSUMTYPE-RSA-MD4-DES-K" },
2109 { 7, "cKSUMTYPE-RSA-MD5" },
2110 { 8, "cKSUMTYPE-RSA-MD5-DES" },
2111 { 9, "cKSUMTYPE-RSA-MD5-DES3" },
2112 { 10, "cKSUMTYPE-SHA1-OTHER" },
2113 { 12, "cKSUMTYPE-HMAC-SHA1-DES3" },
2114 { 14, "cKSUMTYPE-SHA1" },
2115 { 15, "cKSUMTYPE-HMAC-SHA1-96-AES-128" },
2116 { 16, "cKSUMTYPE-HMAC-SHA1-96-AES-256" },
2117 { 32771, "cKSUMTYPE-GSSAPI" },
2118 { -138, "cKSUMTYPE-HMAC-MD5" },
2119 { -1138, "cKSUMTYPE-HMAC-MD5-ENC" },
2125 dissect_kerberos_CKSUMTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2126 #line 284 "../../asn1/kerberos/kerberos.cnf"
2127 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2128 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2129 &(private_data->checksum_type));
2140 dissect_kerberos_T_checksum(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2141 #line 288 "../../asn1/kerberos/kerberos.cnf"
2143 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2145 switch(private_data->checksum_type){
2146 case KRB5_CHKSUM_GSSAPI:
2147 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &next_tvb);
2148 dissect_krb5_rfc1964_checksum(actx, tree, next_tvb);
2151 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, NULL);
2161 static const ber_sequence_t Checksum_sequence[] = {
2162 { &hf_kerberos_cksumtype , BER_CLASS_CON, 0, 0, dissect_kerberos_CKSUMTYPE },
2163 { &hf_kerberos_checksum , BER_CLASS_CON, 1, 0, dissect_kerberos_T_checksum },
2164 { NULL, 0, 0, 0, NULL }
2168 dissect_kerberos_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2169 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2170 Checksum_sequence, hf_index, ett_kerberos_Checksum);
2178 dissect_kerberos_Microseconds(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2179 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2188 dissect_kerberos_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2189 offset = dissect_ber_GeneralizedTime(implicit_tag, actx, tree, tvb, offset, hf_index);
2197 dissect_kerberos_Int32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2198 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2207 dissect_kerberos_T_keytype(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2208 #line 302 "../../asn1/kerberos/kerberos.cnf"
2209 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2211 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2213 private_data->key.keytype = gbl_keytype;
2223 dissect_kerberos_T_keyvalue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2224 #line 309 "../../asn1/kerberos/kerberos.cnf"
2225 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2227 private_data->key.keylength = tvb_captured_length_remaining(tvb, offset);
2228 private_data->key.keyvalue = tvb_get_ptr(tvb, offset, private_data->key.keylength);
2230 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2240 static const ber_sequence_t EncryptionKey_sequence[] = {
2241 { &hf_kerberos_keytype , BER_CLASS_CON, 0, 0, dissect_kerberos_T_keytype },
2242 { &hf_kerberos_keyvalue , BER_CLASS_CON, 1, 0, dissect_kerberos_T_keyvalue },
2243 { NULL, 0, 0, 0, NULL }
2247 dissect_kerberos_EncryptionKey(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2248 #line 317 "../../asn1/kerberos/kerberos.cnf"
2249 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2251 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2252 EncryptionKey_sequence, hf_index, ett_kerberos_EncryptionKey);
2255 if (private_data->key.keytype != 0) {
2256 #ifdef HAVE_KERBEROS
2257 add_encryption_key(actx->pinfo, private_data->key.keytype, private_data->key.keylength, private_data->key.keyvalue, "key");
2269 dissect_kerberos_T_ad_type(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2270 #line 328 "../../asn1/kerberos/kerberos.cnf"
2271 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2272 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2273 &(private_data->ad_type));
2283 dissect_kerberos_T_ad_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2284 #line 333 "../../asn1/kerberos/kerberos.cnf"
2285 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2287 switch(private_data->ad_type){
2288 case KRB5_AD_IF_RELEVANT:
2289 offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_kerberos_AD_IF_RELEVANT);
2292 offset=dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
2301 static const ber_sequence_t AuthorizationData_item_sequence[] = {
2302 { &hf_kerberos_ad_type , BER_CLASS_CON, 0, 0, dissect_kerberos_T_ad_type },
2303 { &hf_kerberos_ad_data , BER_CLASS_CON, 1, 0, dissect_kerberos_T_ad_data },
2304 { NULL, 0, 0, 0, NULL }
2308 dissect_kerberos_AuthorizationData_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2309 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2310 AuthorizationData_item_sequence, hf_index, ett_kerberos_AuthorizationData_item);
2316 static const ber_sequence_t AuthorizationData_sequence_of[1] = {
2317 { &hf_kerberos_AuthorizationData_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_AuthorizationData_item },
2321 dissect_kerberos_AuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2322 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2323 AuthorizationData_sequence_of, hf_index, ett_kerberos_AuthorizationData);
2329 static const ber_sequence_t Authenticator_U_sequence[] = {
2330 { &hf_kerberos_authenticator_vno, BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2331 { &hf_kerberos_crealm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
2332 { &hf_kerberos_cname , BER_CLASS_CON, 2, 0, dissect_kerberos_PrincipalName },
2333 { &hf_kerberos_cksum , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum },
2334 { &hf_kerberos_cusec , BER_CLASS_CON, 4, 0, dissect_kerberos_Microseconds },
2335 { &hf_kerberos_ctime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
2336 { &hf_kerberos_subkey , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptionKey },
2337 { &hf_kerberos_seq_number , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2338 { &hf_kerberos_authorization_data, BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_AuthorizationData },
2339 { NULL, 0, 0, 0, NULL }
2343 dissect_kerberos_Authenticator_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2344 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2345 Authenticator_U_sequence, hf_index, ett_kerberos_Authenticator_U);
2353 dissect_kerberos_Authenticator(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2354 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2355 hf_index, BER_CLASS_APP, 2, FALSE, dissect_kerberos_Authenticator_U);
2361 static const asn_namedbit TicketFlags_bits[] = {
2362 { 0, &hf_kerberos_TicketFlags_reserved, -1, -1, "reserved", NULL },
2363 { 1, &hf_kerberos_TicketFlags_forwardable, -1, -1, "forwardable", NULL },
2364 { 2, &hf_kerberos_TicketFlags_forwarded, -1, -1, "forwarded", NULL },
2365 { 3, &hf_kerberos_TicketFlags_proxiable, -1, -1, "proxiable", NULL },
2366 { 4, &hf_kerberos_TicketFlags_proxy, -1, -1, "proxy", NULL },
2367 { 5, &hf_kerberos_TicketFlags_may_postdate, -1, -1, "may-postdate", NULL },
2368 { 6, &hf_kerberos_TicketFlags_postdated, -1, -1, "postdated", NULL },
2369 { 7, &hf_kerberos_TicketFlags_invalid, -1, -1, "invalid", NULL },
2370 { 8, &hf_kerberos_TicketFlags_renewable, -1, -1, "renewable", NULL },
2371 { 9, &hf_kerberos_TicketFlags_initial, -1, -1, "initial", NULL },
2372 { 10, &hf_kerberos_TicketFlags_pre_authent, -1, -1, "pre-authent", NULL },
2373 { 11, &hf_kerberos_TicketFlags_hw_authent, -1, -1, "hw-authent", NULL },
2374 { 12, &hf_kerberos_TicketFlags_transited_policy_checked, -1, -1, "transited-policy-checked", NULL },
2375 { 13, &hf_kerberos_TicketFlags_ok_as_delegate, -1, -1, "ok-as-delegate", NULL },
2376 { 14, &hf_kerberos_TicketFlags_anonymous, -1, -1, "anonymous", NULL },
2377 { 0, NULL, 0, 0, NULL, NULL }
2381 dissect_kerberos_TicketFlags(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2382 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
2383 TicketFlags_bits, hf_index, ett_kerberos_TicketFlags,
2392 dissect_kerberos_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2393 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2400 static const ber_sequence_t TransitedEncoding_sequence[] = {
2401 { &hf_kerberos_tr_type , BER_CLASS_CON, 0, 0, dissect_kerberos_Int32 },
2402 { &hf_kerberos_contents , BER_CLASS_CON, 1, 0, dissect_kerberos_OCTET_STRING },
2403 { NULL, 0, 0, 0, NULL }
2407 dissect_kerberos_TransitedEncoding(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2408 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2409 TransitedEncoding_sequence, hf_index, ett_kerberos_TransitedEncoding);
2415 static const value_string kerberos_ADDR_TYPE_vals[] = {
2416 { KERBEROS_ADDR_TYPE_IPV4, "iPv4" },
2417 { KERBEROS_ADDR_TYPE_CHAOS, "cHAOS" },
2418 { KERBEROS_ADDR_TYPE_XEROX, "xEROX" },
2419 { KERBEROS_ADDR_TYPE_ISO, "iSO" },
2420 { KERBEROS_ADDR_TYPE_DECNET, "dECNET" },
2421 { KERBEROS_ADDR_TYPE_APPLETALK, "aPPLETALK" },
2422 { KERBEROS_ADDR_TYPE_NETBIOS, "nETBIOS" },
2423 { KERBEROS_ADDR_TYPE_IPV6, "iPv6" },
2429 dissect_kerberos_ADDR_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2430 #line 344 "../../asn1/kerberos/kerberos.cnf"
2431 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2432 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2433 &(private_data->addr_type));
2444 dissect_kerberos_T_address(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2445 #line 172 "../../asn1/kerberos/kerberos.cnf"
2450 const char *address_str;
2451 proto_item *it=NULL;
2452 kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2454 /* read header and len for the octet string */
2455 offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &appclass, &pc, &tag);
2456 offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL);
2458 switch(private_data->addr_type){
2459 case KERBEROS_ADDR_TYPE_IPV4:
2460 it=proto_tree_add_item(tree, hf_krb_address_ip, tvb, offset, 4, ENC_BIG_ENDIAN);
2461 address_str = tvb_ip_to_str(tvb, offset);
2463 case KERBEROS_ADDR_TYPE_NETBIOS:
2465 char netbios_name[(NETBIOS_NAME_LEN - 1)*4 + 1];
2466 int netbios_name_type;
2467 int netbios_name_len = (NETBIOS_NAME_LEN - 1)*4 + 1;
2469 netbios_name_type = process_netbios_name(tvb_get_ptr(tvb, offset, 16), netbios_name, netbios_name_len);
2470 address_str = wmem_strdup_printf(wmem_packet_scope(), "%s<%02x>", netbios_name, netbios_name_type);
2471 it=proto_tree_add_string_format(tree, hf_krb_address_netbios, tvb, offset, 16, netbios_name, "NetBIOS Name: %s (%s)", address_str, netbios_name_type_descr(netbios_name_type));
2474 case KERBEROS_ADDR_TYPE_IPV6:
2475 it=proto_tree_add_item(tree, hf_krb_address_ipv6, tvb, offset, INET6_ADDRLEN, ENC_NA);
2476 address_str = tvb_ip6_to_str(tvb, offset);
2479 proto_tree_add_text(tree, tvb, offset, len, "KRB Address: I dont know how to parse this type of address yet");
2483 /* push it up two levels in the decode pane */
2484 if(it && address_str){
2485 proto_item_append_text(proto_item_get_parent(it), " %s",address_str);
2486 proto_item_append_text(proto_item_get_parent_nth(it, 2), " %s",address_str);
2499 static const ber_sequence_t HostAddress_sequence[] = {
2500 { &hf_kerberos_addr_type , BER_CLASS_CON, 0, 0, dissect_kerberos_ADDR_TYPE },
2501 { &hf_kerberos_address , BER_CLASS_CON, 1, 0, dissect_kerberos_T_address },
2502 { NULL, 0, 0, 0, NULL }
2506 dissect_kerberos_HostAddress(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2507 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2508 HostAddress_sequence, hf_index, ett_kerberos_HostAddress);
2514 static const ber_sequence_t HostAddresses_sequence_of[1] = {
2515 { &hf_kerberos_HostAddresses_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_HostAddress },
2519 dissect_kerberos_HostAddresses(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2520 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2521 HostAddresses_sequence_of, hf_index, ett_kerberos_HostAddresses);
2527 static const ber_sequence_t EncTicketPart_U_sequence[] = {
2528 { &hf_kerberos_flags , BER_CLASS_CON, 0, 0, dissect_kerberos_TicketFlags },
2529 { &hf_kerberos_key , BER_CLASS_CON, 1, 0, dissect_kerberos_EncryptionKey },
2530 { &hf_kerberos_crealm , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm },
2531 { &hf_kerberos_cname , BER_CLASS_CON, 3, 0, dissect_kerberos_PrincipalName },
2532 { &hf_kerberos_transited , BER_CLASS_CON, 4, 0, dissect_kerberos_TransitedEncoding },
2533 { &hf_kerberos_authtime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
2534 { &hf_kerberos_starttime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2535 { &hf_kerberos_endtime , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime },
2536 { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2537 { &hf_kerberos_caddr , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
2538 { &hf_kerberos_authorization_data, BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_AuthorizationData },
2539 { NULL, 0, 0, 0, NULL }
2543 dissect_kerberos_EncTicketPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2544 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2545 EncTicketPart_U_sequence, hf_index, ett_kerberos_EncTicketPart_U);
2553 dissect_kerberos_EncTicketPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2554 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2555 hf_index, BER_CLASS_APP, 3, FALSE, dissect_kerberos_EncTicketPart_U);
2561 static const value_string kerberos_MESSAGE_TYPE_vals[] = {
2562 { 10, "krb-as-req" },
2563 { 11, "krb-as-rep" },
2564 { 12, "krb-tgs-req" },
2565 { 13, "krb-tgs-rep" },
2566 { 14, "krb-ap-req" },
2567 { 15, "krb-ap-rep" },
2571 { 30, "krb-error" },
2577 dissect_kerberos_MESSAGE_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2578 #line 66 "../../asn1/kerberos/kerberos.cnf"
2581 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2587 #line 71 "../../asn1/kerberos/kerberos.cnf"
2588 if (gbl_do_col_info) {
2589 col_add_str(actx->pinfo->cinfo, COL_INFO,
2590 val_to_str(msgtype, krb5_msg_types,
2591 "Unknown msg type %#x"));
2593 gbl_do_col_info=FALSE;
2596 /* append the application type to the tree */
2597 proto_item_append_text(tree, " %s", val_to_str(msgtype, krb5_msg_types, "Unknown:0x%x"));
2605 static const value_string kerberos_PADATA_TYPE_vals[] = {
2606 { 0, "kRB5-PADATA-NONE" },
2607 { 1, "kRB5-PADATA-TGS-REQ" },
2608 { 1, "kRB5-PADATA-AP-REQ" },
2609 { 2, "kRB5-PADATA-ENC-TIMESTAMP" },
2610 { 3, "kRB5-PADATA-PW-SALT" },
2611 { 5, "kRB5-PADATA-ENC-UNIX-TIME" },
2612 { 6, "kRB5-PADATA-SANDIA-SECUREID" },
2613 { 7, "kRB5-PADATA-SESAME" },
2614 { 8, "kRB5-PADATA-OSF-DCE" },
2615 { 9, "kRB5-PADATA-CYBERSAFE-SECUREID" },
2616 { 10, "kRB5-PADATA-AFS3-SALT" },
2617 { 11, "kRB5-PADATA-ETYPE-INFO" },
2618 { 12, "kRB5-PADATA-SAM-CHALLENGE" },
2619 { 13, "kRB5-PADATA-SAM-RESPONSE" },
2620 { 14, "kRB5-PADATA-PK-AS-REQ-19" },
2621 { 15, "kRB5-PADATA-PK-AS-REP-19" },
2622 { 15, "kRB5-PADATA-PK-AS-REQ-WIN" },
2623 { 16, "kRB5-PADATA-PK-AS-REQ" },
2624 { 17, "kRB5-PADATA-PK-AS-REP" },
2625 { 18, "kRB5-PADATA-PA-PK-OCSP-RESPONSE" },
2626 { 19, "kRB5-PADATA-ETYPE-INFO2" },
2627 { 20, "kRB5-PADATA-USE-SPECIFIED-KVNO" },
2628 { 20, "kRB5-PADATA-SVR-REFERRAL-INFO" },
2629 { 21, "kRB5-PADATA-SAM-REDIRECT" },
2630 { 22, "kRB5-PADATA-GET-FROM-TYPED-DATA" },
2631 { 23, "kRB5-PADATA-SAM-ETYPE-INFO" },
2632 { 25, "kRB5-PADATA-SERVER-REFERRAL" },
2633 { 102, "kRB5-PADATA-TD-KRB-PRINCIPAL" },
2634 { 104, "kRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS" },
2635 { 105, "kRB5-PADATA-PK-TD-CERTIFICATE-INDEX" },
2636 { 106, "kRB5-PADATA-TD-APP-DEFINED-ERROR" },
2637 { 107, "kRB5-PADATA-TD-REQ-NONCE" },
2638 { 108, "kRB5-PADATA-TD-REQ-SEQ" },
2639 { 128, "kRB5-PADATA-PA-PAC-REQUEST" },
2640 { 129, "kRB5-PADATA-S4U2SELF" },
2641 { 132, "kRB5-PADATA-PK-AS-09-BINDING" },
2642 { 133, "kRB5-PADATA-CLIENT-CANONICALIZED" },
2648 dissect_kerberos_PADATA_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2649 #line 119 "../../asn1/kerberos/kerberos.cnf"
2650 kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
2651 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2652 &(private_data->padata_type));
2656 #line 122 "../../asn1/kerberos/kerberos.cnf"
2658 proto_item_append_text(tree, " %s",
2659 val_to_str(private_data->padata_type, krb5_preauthentication_types,
2670 dissect_kerberos_T_padata_value(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2671 #line 129 "../../asn1/kerberos/kerberos.cnf"
2672 proto_tree *sub_tree=tree;
2673 kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
2675 if(actx->created_item){
2676 sub_tree=proto_item_add_subtree(actx->created_item, ett_kerberos_PA_DATA);
2679 switch(private_data->padata_type){
2680 case KRB5_PA_TGS_REQ:
2681 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
2683 case KRB5_PA_PK_AS_REQ:
2684 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsReq);
2686 case KRB5_PA_PK_AS_REP:
2687 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsRep);
2689 case KRB5_PA_PAC_REQUEST:
2690 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_KERB_PA_PAC_REQUEST);
2692 case KRB5_PA_S4U2SELF:
2693 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U2Self);
2695 case KRB5_PA_PROV_SRV_LOCATION:
2696 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PA_PROV_SRV_LOCATION);
2698 case KRB5_PA_ENC_TIMESTAMP:
2699 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_ENC_TIMESTAMP);
2701 case KRB5_PA_ENCTYPE_INFO:
2702 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO);
2704 case KRB5_PA_ENCTYPE_INFO2:
2705 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO2);
2707 case KRB5_PA_PW_SALT:
2708 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PW_SALT);
2711 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, NULL);
2720 static const ber_sequence_t PA_DATA_sequence[] = {
2721 { &hf_kerberos_padata_type, BER_CLASS_CON, 1, 0, dissect_kerberos_PADATA_TYPE },
2722 { &hf_kerberos_padata_value, BER_CLASS_CON, 2, 0, dissect_kerberos_T_padata_value },
2723 { NULL, 0, 0, 0, NULL }
2727 dissect_kerberos_PA_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2728 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2729 PA_DATA_sequence, hf_index, ett_kerberos_PA_DATA);
2735 static const ber_sequence_t SEQUENCE_OF_PA_DATA_sequence_of[1] = {
2736 { &hf_kerberos_padata_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_PA_DATA },
2740 dissect_kerberos_SEQUENCE_OF_PA_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2741 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2742 SEQUENCE_OF_PA_DATA_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_PA_DATA);
2748 static const asn_namedbit KDCOptions_bits[] = {
2749 { 0, &hf_kerberos_KDCOptions_reserved, -1, -1, "reserved", NULL },
2750 { 1, &hf_kerberos_KDCOptions_forwardable, -1, -1, "forwardable", NULL },
2751 { 2, &hf_kerberos_KDCOptions_forwarded, -1, -1, "forwarded", NULL },
2752 { 3, &hf_kerberos_KDCOptions_proxiable, -1, -1, "proxiable", NULL },
2753 { 4, &hf_kerberos_KDCOptions_proxy, -1, -1, "proxy", NULL },
2754 { 5, &hf_kerberos_KDCOptions_allow_postdate, -1, -1, "allow-postdate", NULL },
2755 { 6, &hf_kerberos_KDCOptions_postdated, -1, -1, "postdated", NULL },
2756 { 7, &hf_kerberos_KDCOptions_unused7, -1, -1, "unused7", NULL },
2757 { 8, &hf_kerberos_KDCOptions_renewable, -1, -1, "renewable", NULL },
2758 { 9, &hf_kerberos_KDCOptions_unused9, -1, -1, "unused9", NULL },
2759 { 10, &hf_kerberos_KDCOptions_unused10, -1, -1, "unused10", NULL },
2760 { 11, &hf_kerberos_KDCOptions_opt_hardware_auth, -1, -1, "opt-hardware-auth", NULL },
2761 { 14, &hf_kerberos_KDCOptions_request_anonymous, -1, -1, "request-anonymous", NULL },
2762 { 15, &hf_kerberos_KDCOptions_canonicalize, -1, -1, "canonicalize", NULL },
2763 { 16, &hf_kerberos_KDCOptions_constrained_delegation, -1, -1, "constrained-delegation", NULL },
2764 { 26, &hf_kerberos_KDCOptions_disable_transited_check, -1, -1, "disable-transited-check", NULL },
2765 { 27, &hf_kerberos_KDCOptions_renewable_ok, -1, -1, "renewable-ok", NULL },
2766 { 28, &hf_kerberos_KDCOptions_enc_tkt_in_skey, -1, -1, "enc-tkt-in-skey", NULL },
2767 { 30, &hf_kerberos_KDCOptions_renew, -1, -1, "renew", NULL },
2768 { 31, &hf_kerberos_KDCOptions_validate, -1, -1, "validate", NULL },
2769 { 0, NULL, 0, 0, NULL, NULL }
2773 dissect_kerberos_KDCOptions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2774 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
2775 KDCOptions_bits, hf_index, ett_kerberos_KDCOptions,
2782 static const ber_sequence_t SEQUENCE_OF_ENCTYPE_sequence_of[1] = {
2783 { &hf_kerberos_kDC_REQ_BODY_etype_item, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_kerberos_ENCTYPE },
2787 dissect_kerberos_SEQUENCE_OF_ENCTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2788 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2789 SEQUENCE_OF_ENCTYPE_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_ENCTYPE);
2797 dissect_kerberos_T_encryptedAuthorizationData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2798 #line 235 "../../asn1/kerberos/kerberos.cnf"
2799 #ifdef HAVE_KERBEROS
2800 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authenticator_data);
2802 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2814 static const ber_sequence_t EncryptedAuthorizationData_sequence[] = {
2815 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
2816 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2817 { &hf_kerberos_encryptedAuthorizationData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedAuthorizationData_cipher },
2818 { NULL, 0, 0, 0, NULL }
2822 dissect_kerberos_EncryptedAuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2823 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2824 EncryptedAuthorizationData_sequence, hf_index, ett_kerberos_EncryptedAuthorizationData);
2830 static const ber_sequence_t SEQUENCE_OF_Ticket_sequence_of[1] = {
2831 { &hf_kerberos_additional_tickets_item, BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_kerberos_Ticket },
2835 dissect_kerberos_SEQUENCE_OF_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2836 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2837 SEQUENCE_OF_Ticket_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_Ticket);
2843 static const ber_sequence_t KDC_REQ_BODY_sequence[] = {
2844 { &hf_kerberos_kdc_options, BER_CLASS_CON, 0, 0, dissect_kerberos_KDCOptions },
2845 { &hf_kerberos_cname , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
2846 { &hf_kerberos_realm , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm },
2847 { &hf_kerberos_sname , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
2848 { &hf_kerberos_from , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2849 { &hf_kerberos_till , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2850 { &hf_kerberos_rtime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2851 { &hf_kerberos_nonce , BER_CLASS_CON, 7, 0, dissect_kerberos_UInt32 },
2852 { &hf_kerberos_kDC_REQ_BODY_etype, BER_CLASS_CON, 8, 0, dissect_kerberos_SEQUENCE_OF_ENCTYPE },
2853 { &hf_kerberos_addresses , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
2854 { &hf_kerberos_enc_authorization_data, BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptedAuthorizationData },
2855 { &hf_kerberos_additional_tickets, BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_Ticket },
2856 { NULL, 0, 0, 0, NULL }
2860 dissect_kerberos_KDC_REQ_BODY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2861 #line 348 "../../asn1/kerberos/kerberos.cnf"
2862 conversation_t *conversation;
2865 * UDP replies to KDC_REQs are sent from the server back to the client's
2866 * source port, similar to the way TFTP works. Set up a conversation
2869 * Ref: Section 7.2.1 of
2870 * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
2872 if (actx->pinfo->destport == UDP_PORT_KERBEROS && actx->pinfo->ptype == PT_UDP) {
2873 conversation = find_conversation(actx->pinfo->fd->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
2874 actx->pinfo->srcport, 0, NO_PORT_B);
2875 if (conversation == NULL) {
2876 conversation = conversation_new(actx->pinfo->fd->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
2877 actx->pinfo->srcport, 0, NO_PORT2);
2878 conversation_set_dissector(conversation, kerberos_handle_udp);
2882 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2883 KDC_REQ_BODY_sequence, hf_index, ett_kerberos_KDC_REQ_BODY);
2892 static const ber_sequence_t KDC_REQ_sequence[] = {
2893 { &hf_kerberos_pvno , BER_CLASS_CON, 1, 0, dissect_kerberos_INTEGER_5 },
2894 { &hf_kerberos_msg_type , BER_CLASS_CON, 2, 0, dissect_kerberos_MESSAGE_TYPE },
2895 { &hf_kerberos_padata , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA },
2896 { &hf_kerberos_req_body , BER_CLASS_CON, 4, 0, dissect_kerberos_KDC_REQ_BODY },
2897 { NULL, 0, 0, 0, NULL }
2901 dissect_kerberos_KDC_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2902 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2903 KDC_REQ_sequence, hf_index, ett_kerberos_KDC_REQ);
2911 dissect_kerberos_AS_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2912 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2913 hf_index, BER_CLASS_APP, 10, FALSE, dissect_kerberos_KDC_REQ);
2921 dissect_kerberos_T_encryptedKDCREPData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2922 #line 243 "../../asn1/kerberos/kerberos.cnf"
2923 #ifdef HAVE_KERBEROS
2924 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KDC_REP_data);
2926 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2938 static const ber_sequence_t EncryptedKDCREPData_sequence[] = {
2939 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
2940 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2941 { &hf_kerberos_encryptedKDCREPData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKDCREPData_cipher },
2942 { NULL, 0, 0, 0, NULL }
2946 dissect_kerberos_EncryptedKDCREPData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2947 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2948 EncryptedKDCREPData_sequence, hf_index, ett_kerberos_EncryptedKDCREPData);
2954 static const ber_sequence_t KDC_REP_sequence[] = {
2955 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2956 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
2957 { &hf_kerberos_padata , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA },
2958 { &hf_kerberos_crealm , BER_CLASS_CON, 3, 0, dissect_kerberos_Realm },
2959 { &hf_kerberos_cname , BER_CLASS_CON, 4, 0, dissect_kerberos_PrincipalName },
2960 { &hf_kerberos_ticket , BER_CLASS_CON, 5, 0, dissect_kerberos_Ticket },
2961 { &hf_kerberos_kDC_REP_enc_part, BER_CLASS_CON, 6, 0, dissect_kerberos_EncryptedKDCREPData },
2962 { NULL, 0, 0, 0, NULL }
2966 dissect_kerberos_KDC_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2967 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2968 KDC_REP_sequence, hf_index, ett_kerberos_KDC_REP);
2976 dissect_kerberos_AS_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2977 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2978 hf_index, BER_CLASS_APP, 11, FALSE, dissect_kerberos_KDC_REP);
2986 dissect_kerberos_TGS_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2987 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2988 hf_index, BER_CLASS_APP, 12, FALSE, dissect_kerberos_KDC_REQ);
2996 dissect_kerberos_TGS_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2997 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2998 hf_index, BER_CLASS_APP, 13, FALSE, dissect_kerberos_KDC_REP);
3004 static const asn_namedbit APOptions_bits[] = {
3005 { 0, &hf_kerberos_APOptions_reserved, -1, -1, "reserved", NULL },
3006 { 1, &hf_kerberos_APOptions_use_session_key, -1, -1, "use-session-key", NULL },
3007 { 2, &hf_kerberos_APOptions_mutual_required, -1, -1, "mutual-required", NULL },
3008 { 0, NULL, 0, 0, NULL, NULL }
3012 dissect_kerberos_APOptions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3013 offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
3014 APOptions_bits, hf_index, ett_kerberos_APOptions,
3021 static const ber_sequence_t AP_REQ_U_sequence[] = {
3022 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3023 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3024 { &hf_kerberos_ap_options , BER_CLASS_CON, 2, 0, dissect_kerberos_APOptions },
3025 { &hf_kerberos_ticket , BER_CLASS_CON, 3, 0, dissect_kerberos_Ticket },
3026 { &hf_kerberos_authenticator_01, BER_CLASS_CON, 4, 0, dissect_kerberos_EncryptedAuthorizationData },
3027 { NULL, 0, 0, 0, NULL }
3031 dissect_kerberos_AP_REQ_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3032 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3033 AP_REQ_U_sequence, hf_index, ett_kerberos_AP_REQ_U);
3041 dissect_kerberos_AP_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3042 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3043 hf_index, BER_CLASS_APP, 14, FALSE, dissect_kerberos_AP_REQ_U);
3051 dissect_kerberos_T_encryptedAPREPData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3052 #line 259 "../../asn1/kerberos/kerberos.cnf"
3053 #ifdef HAVE_KERBEROS
3054 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_AP_REP_data);
3056 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3068 static const ber_sequence_t EncryptedAPREPData_sequence[] = {
3069 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3070 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3071 { &hf_kerberos_encryptedAPREPData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedAPREPData_cipher },
3072 { NULL, 0, 0, 0, NULL }
3076 dissect_kerberos_EncryptedAPREPData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3077 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3078 EncryptedAPREPData_sequence, hf_index, ett_kerberos_EncryptedAPREPData);
3084 static const ber_sequence_t AP_REP_U_sequence[] = {
3085 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3086 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3087 { &hf_kerberos_aP_REP_enc_part, BER_CLASS_CON, 2, 0, dissect_kerberos_EncryptedAPREPData },
3088 { NULL, 0, 0, 0, NULL }
3092 dissect_kerberos_AP_REP_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3093 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3094 AP_REP_U_sequence, hf_index, ett_kerberos_AP_REP_U);
3102 dissect_kerberos_AP_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3103 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3104 hf_index, BER_CLASS_APP, 15, FALSE, dissect_kerberos_AP_REP_U);
3112 dissect_kerberos_T_kRB_SAFE_BODY_user_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3113 #line 371 "../../asn1/kerberos/kerberos.cnf"
3115 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
3117 call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA, (kerberos_callbacks*)actx->private_data);
3126 static const ber_sequence_t KRB_SAFE_BODY_sequence[] = {
3127 { &hf_kerberos_kRB_SAFE_BODY_user_data, BER_CLASS_CON, 0, 0, dissect_kerberos_T_kRB_SAFE_BODY_user_data },
3128 { &hf_kerberos_timestamp , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3129 { &hf_kerberos_usec , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3130 { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3131 { &hf_kerberos_s_address , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3132 { &hf_kerberos_r_address , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3133 { NULL, 0, 0, 0, NULL }
3137 dissect_kerberos_KRB_SAFE_BODY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3138 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3139 KRB_SAFE_BODY_sequence, hf_index, ett_kerberos_KRB_SAFE_BODY);
3145 static const ber_sequence_t KRB_SAFE_U_sequence[] = {
3146 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3147 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3148 { &hf_kerberos_safe_body , BER_CLASS_CON, 2, 0, dissect_kerberos_KRB_SAFE_BODY },
3149 { &hf_kerberos_cksum , BER_CLASS_CON, 3, 0, dissect_kerberos_Checksum },
3150 { NULL, 0, 0, 0, NULL }
3154 dissect_kerberos_KRB_SAFE_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3155 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3156 KRB_SAFE_U_sequence, hf_index, ett_kerberos_KRB_SAFE_U);
3164 dissect_kerberos_KRB_SAFE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3165 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3166 hf_index, BER_CLASS_APP, 20, FALSE, dissect_kerberos_KRB_SAFE_U);
3174 dissect_kerberos_T_encryptedKrbPrivData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3175 #line 267 "../../asn1/kerberos/kerberos.cnf"
3176 #ifdef HAVE_KERBEROS
3177 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PRIV_data);
3179 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3191 static const ber_sequence_t EncryptedKrbPrivData_sequence[] = {
3192 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3193 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3194 { &hf_kerberos_encryptedKrbPrivData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKrbPrivData_cipher },
3195 { NULL, 0, 0, 0, NULL }
3199 dissect_kerberos_EncryptedKrbPrivData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3200 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3201 EncryptedKrbPrivData_sequence, hf_index, ett_kerberos_EncryptedKrbPrivData);
3207 static const ber_sequence_t KRB_PRIV_U_sequence[] = {
3208 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3209 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3210 { &hf_kerberos_kRB_PRIV_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedKrbPrivData },
3211 { NULL, 0, 0, 0, NULL }
3215 dissect_kerberos_KRB_PRIV_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3216 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3217 KRB_PRIV_U_sequence, hf_index, ett_kerberos_KRB_PRIV_U);
3225 dissect_kerberos_KRB_PRIV(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3226 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3227 hf_index, BER_CLASS_APP, 21, FALSE, dissect_kerberos_KRB_PRIV_U);
3235 dissect_kerberos_T_encryptedKrbCredData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3236 #line 275 "../../asn1/kerberos/kerberos.cnf"
3237 #ifdef HAVE_KERBEROS
3238 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_CRED_data);
3240 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3253 static const ber_sequence_t EncryptedKrbCredData_sequence[] = {
3254 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3255 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3256 { &hf_kerberos_encryptedKrbCredData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKrbCredData_cipher },
3257 { NULL, 0, 0, 0, NULL }
3261 dissect_kerberos_EncryptedKrbCredData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3262 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3263 EncryptedKrbCredData_sequence, hf_index, ett_kerberos_EncryptedKrbCredData);
3269 static const ber_sequence_t KRB_CRED_U_sequence[] = {
3270 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3271 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3272 { &hf_kerberos_tickets , BER_CLASS_CON, 2, 0, dissect_kerberos_SEQUENCE_OF_Ticket },
3273 { &hf_kerberos_kRB_CRED_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedKrbCredData },
3274 { NULL, 0, 0, 0, NULL }
3278 dissect_kerberos_KRB_CRED_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3279 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3280 KRB_CRED_U_sequence, hf_index, ett_kerberos_KRB_CRED_U);
3288 dissect_kerberos_KRB_CRED(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3289 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3290 hf_index, BER_CLASS_APP, 22, FALSE, dissect_kerberos_KRB_CRED_U);
3296 static const value_string kerberos_LR_TYPE_vals[] = {
3298 { 1, "lR-INITIAL-TGT" },
3299 { 2, "lR-INITIAL" },
3300 { 3, "lR-ISSUE-USE-TGT" },
3301 { 4, "lR-RENEWAL" },
3302 { 5, "lR-REQUEST" },
3303 { 6, "lR-PW-EXPTIME" },
3304 { 7, "lR-ACCT-EXPTIME" },
3310 dissect_kerberos_LR_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3311 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
3318 static const ber_sequence_t LastReq_item_sequence[] = {
3319 { &hf_kerberos_lr_type , BER_CLASS_CON, 0, 0, dissect_kerberos_LR_TYPE },
3320 { &hf_kerberos_lr_value , BER_CLASS_CON, 1, 0, dissect_kerberos_KerberosTime },
3321 { NULL, 0, 0, 0, NULL }
3325 dissect_kerberos_LastReq_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3326 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3327 LastReq_item_sequence, hf_index, ett_kerberos_LastReq_item);
3333 static const ber_sequence_t LastReq_sequence_of[1] = {
3334 { &hf_kerberos_LastReq_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_LastReq_item },
3338 dissect_kerberos_LastReq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3339 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3340 LastReq_sequence_of, hf_index, ett_kerberos_LastReq);
3346 static const ber_sequence_t METHOD_DATA_sequence_of[1] = {
3347 { &hf_kerberos_METHOD_DATA_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_PA_DATA },
3351 dissect_kerberos_METHOD_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3352 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3353 METHOD_DATA_sequence_of, hf_index, ett_kerberos_METHOD_DATA);
3359 static const ber_sequence_t EncKDCRepPart_sequence[] = {
3360 { &hf_kerberos_key , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey },
3361 { &hf_kerberos_last_req , BER_CLASS_CON, 1, 0, dissect_kerberos_LastReq },
3362 { &hf_kerberos_nonce , BER_CLASS_CON, 2, 0, dissect_kerberos_UInt32 },
3363 { &hf_kerberos_key_expiration, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3364 { &hf_kerberos_flags , BER_CLASS_CON, 4, 0, dissect_kerberos_TicketFlags },
3365 { &hf_kerberos_authtime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
3366 { &hf_kerberos_starttime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3367 { &hf_kerberos_endtime , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime },
3368 { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3369 { &hf_kerberos_srealm , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm },
3370 { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_PrincipalName },
3371 { &hf_kerberos_caddr , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3372 { &hf_kerberos_encrypted_pa_data, BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_METHOD_DATA },
3373 { NULL, 0, 0, 0, NULL }
3377 dissect_kerberos_EncKDCRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3378 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3379 EncKDCRepPart_sequence, hf_index, ett_kerberos_EncKDCRepPart);
3387 dissect_kerberos_EncASRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3388 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3389 hf_index, BER_CLASS_APP, 25, FALSE, dissect_kerberos_EncKDCRepPart);
3397 dissect_kerberos_EncTGSRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3398 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3399 hf_index, BER_CLASS_APP, 26, FALSE, dissect_kerberos_EncKDCRepPart);
3405 static const ber_sequence_t EncAPRepPart_U_sequence[] = {
3406 { &hf_kerberos_ctime , BER_CLASS_CON, 0, 0, dissect_kerberos_KerberosTime },
3407 { &hf_kerberos_cusec , BER_CLASS_CON, 1, 0, dissect_kerberos_Microseconds },
3408 { &hf_kerberos_subkey , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptionKey },
3409 { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3410 { NULL, 0, 0, 0, NULL }
3414 dissect_kerberos_EncAPRepPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3415 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3416 EncAPRepPart_U_sequence, hf_index, ett_kerberos_EncAPRepPart_U);
3424 dissect_kerberos_EncAPRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3425 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3426 hf_index, BER_CLASS_APP, 27, FALSE, dissect_kerberos_EncAPRepPart_U);
3434 dissect_kerberos_T_encKrbPrivPart_user_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3435 #line 378 "../../asn1/kerberos/kerberos.cnf"
3437 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
3439 call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA, (kerberos_callbacks*)actx->private_data);
3447 static const ber_sequence_t EncKrbPrivPart_sequence[] = {
3448 { &hf_kerberos_encKrbPrivPart_user_data, BER_CLASS_CON, 0, 0, dissect_kerberos_T_encKrbPrivPart_user_data },
3449 { &hf_kerberos_timestamp , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3450 { &hf_kerberos_usec , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3451 { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3452 { &hf_kerberos_s_address , BER_CLASS_CON, 4, 0, dissect_kerberos_HostAddress },
3453 { &hf_kerberos_r_address , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3454 { NULL, 0, 0, 0, NULL }
3458 dissect_kerberos_EncKrbPrivPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3459 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3460 EncKrbPrivPart_sequence, hf_index, ett_kerberos_EncKrbPrivPart);
3468 dissect_kerberos_ENC_KRB_PRIV_PART(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3469 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3470 hf_index, BER_CLASS_APP, 28, FALSE, dissect_kerberos_EncKrbPrivPart);
3476 static const ber_sequence_t KrbCredInfo_sequence[] = {
3477 { &hf_kerberos_key , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey },
3478 { &hf_kerberos_prealm , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3479 { &hf_kerberos_pname , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
3480 { &hf_kerberos_flags , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_TicketFlags },
3481 { &hf_kerberos_authtime , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3482 { &hf_kerberos_starttime , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3483 { &hf_kerberos_endtime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3484 { &hf_kerberos_renew_till , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3485 { &hf_kerberos_srealm , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3486 { &hf_kerberos_sname , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
3487 { &hf_kerberos_caddr , BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3488 { NULL, 0, 0, 0, NULL }
3492 dissect_kerberos_KrbCredInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3493 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3494 KrbCredInfo_sequence, hf_index, ett_kerberos_KrbCredInfo);
3500 static const ber_sequence_t SEQUENCE_OF_KrbCredInfo_sequence_of[1] = {
3501 { &hf_kerberos_ticket_info_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_KrbCredInfo },
3505 dissect_kerberos_SEQUENCE_OF_KrbCredInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3506 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3507 SEQUENCE_OF_KrbCredInfo_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KrbCredInfo);
3513 static const ber_sequence_t EncKrbCredPart_U_sequence[] = {
3514 { &hf_kerberos_ticket_info, BER_CLASS_CON, 0, 0, dissect_kerberos_SEQUENCE_OF_KrbCredInfo },
3515 { &hf_kerberos_nonce , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3516 { &hf_kerberos_timestamp , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3517 { &hf_kerberos_usec , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3518 { &hf_kerberos_s_address , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3519 { &hf_kerberos_r_address , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3520 { NULL, 0, 0, 0, NULL }
3524 dissect_kerberos_EncKrbCredPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3525 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3526 EncKrbCredPart_U_sequence, hf_index, ett_kerberos_EncKrbCredPart_U);
3534 dissect_kerberos_EncKrbCredPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3535 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3536 hf_index, BER_CLASS_APP, 29, FALSE, dissect_kerberos_EncKrbCredPart_U);
3542 static const value_string kerberos_ERROR_CODE_vals[] = {
3544 { 1, "eRR-NAME-EXP" },
3545 { 2, "eRR-SERVICE-EXP" },
3546 { 3, "eRR-BAD-PVNO" },
3547 { 4, "eRR-C-OLD-MAST-KVNO" },
3548 { 5, "eRR-S-OLD-MAST-KVNO" },
3549 { 6, "eRR-C-PRINCIPAL-UNKNOWN" },
3550 { 7, "eRR-S-PRINCIPAL-UNKNOWN" },
3551 { 8, "eRR-PRINCIPAL-NOT-UNIQUE" },
3552 { 9, "eRR-NULL-KEY" },
3553 { 10, "eRR-CANNOT-POSTDATE" },
3554 { 11, "eRR-NEVER-VALID" },
3555 { 12, "eRR-POLICY" },
3556 { 13, "eRR-BADOPTION" },
3557 { 14, "eRR-ETYPE-NOSUPP" },
3558 { 15, "eRR-SUMTYPE-NOSUPP" },
3559 { 16, "eRR-PADATA-TYPE-NOSUPP" },
3560 { 17, "eRR-TRTYPE-NOSUPP" },
3561 { 18, "eRR-CLIENT-REVOKED" },
3562 { 19, "eRR-SERVICE-REVOKED" },
3563 { 20, "eRR-TGT-REVOKED" },
3564 { 21, "eRR-CLIENT-NOTYET" },
3565 { 22, "eRR-SERVICE-NOTYET" },
3566 { 23, "eRR-KEY-EXP" },
3567 { 24, "eRR-PREAUTH-FAILED" },
3568 { 25, "eRR-PREAUTH-REQUIRED" },
3569 { 26, "eRR-SERVER-NOMATCH" },
3570 { 27, "eRR-MUST-USE-USER2USER" },
3571 { 28, "eRR-PATH-NOT-ACCEPTED" },
3572 { 29, "eRR-SVC-UNAVAILABLE" },
3573 { 31, "eRR-BAD-INTEGRITY" },
3574 { 32, "eRR-TKT-EXPIRED" },
3575 { 33, "eRR-TKT-NYV" },
3576 { 34, "eRR-REPEAT" },
3577 { 35, "eRR-NOT-US" },
3578 { 36, "eRR-BADMATCH" },
3580 { 38, "eRR-BADADDR" },
3581 { 39, "eRR-BADVERSION" },
3582 { 40, "eRR-MSG-TYPE" },
3583 { 41, "eRR-MODIFIED" },
3584 { 42, "eRR-BADORDER" },
3585 { 43, "eRR-ILL-CR-TKT" },
3586 { 44, "eRR-BADKEYVER" },
3587 { 45, "eRR-NOKEY" },
3588 { 46, "eRR-MUT-FAIL" },
3589 { 47, "eRR-BADDIRECTION" },
3590 { 48, "eRR-METHOD" },
3591 { 49, "eRR-BADSEQ" },
3592 { 50, "eRR-INAPP-CKSUM" },
3593 { 51, "pATH-NOT-ACCEPTED" },
3594 { 52, "eRR-RESPONSE-TOO-BIG" },
3595 { 60, "eRR-GENERIC" },
3596 { 61, "eRR-FIELD-TOOLONG" },
3597 { 62, "eRROR-CLIENT-NOT-TRUSTED" },
3598 { 63, "eRROR-KDC-NOT-TRUSTED" },
3599 { 64, "eRROR-INVALID-SIG" },
3600 { 65, "eRR-KEY-TOO-WEAK" },
3601 { 66, "eRR-CERTIFICATE-MISMATCH" },
3602 { 67, "eRR-NO-TGT" },
3603 { 68, "eRR-WRONG-REALM" },
3604 { 69, "eRR-USER-TO-USER-REQUIRED" },
3605 { 70, "eRR-CANT-VERIFY-CERTIFICATE" },
3606 { 71, "eRR-INVALID-CERTIFICATE" },
3607 { 72, "eRR-REVOKED-CERTIFICATE" },
3608 { 73, "eRR-REVOCATION-STATUS-UNKNOWN" },
3609 { 74, "eRR-REVOCATION-STATUS-UNAVAILABLE" },
3610 { 75, "eRR-CLIENT-NAME-MISMATCH" },
3611 { 76, "eRR-KDC-NAME-MISMATCH" },
3617 dissect_kerberos_ERROR_CODE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3618 #line 84 "../../asn1/kerberos/kerberos.cnf"
3619 offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
3625 #line 87 "../../asn1/kerberos/kerberos.cnf"
3626 if(krb5_errorcode) {
3627 col_add_fstr(actx->pinfo->cinfo, COL_INFO,
3629 val_to_str(krb5_errorcode, krb5_error_codes,
3630 "Unknown error code %#x"));
3641 dissect_kerberos_T_e_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3642 #line 97 "../../asn1/kerberos/kerberos.cnf"
3643 switch(krb5_errorcode){
3644 case KRB5_ET_KRB5KDC_ERR_BADOPTION:
3645 case KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED:
3646 case KRB5_ET_KRB5KDC_ERR_KEY_EXP:
3647 case KRB5_ET_KRB5KDC_ERR_POLICY:
3648 /* ms windows kdc sends e-data of this type containing a "salt"
3649 * that contains the nt_status code for these error codes.
3651 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_PA_DATA);
3653 case KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED:
3654 case KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED:
3655 case KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP:
3656 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_SEQUENCE_OF_PA_DATA);
3660 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, NULL);
3670 static const ber_sequence_t KRB_ERROR_U_sequence[] = {
3671 { &hf_kerberos_pvno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3672 { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3673 { &hf_kerberos_ctime , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3674 { &hf_kerberos_cusec , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3675 { &hf_kerberos_stime , BER_CLASS_CON, 4, 0, dissect_kerberos_KerberosTime },
3676 { &hf_kerberos_susec , BER_CLASS_CON, 5, 0, dissect_kerberos_Microseconds },
3677 { &hf_kerberos_error_code , BER_CLASS_CON, 6, 0, dissect_kerberos_ERROR_CODE },
3678 { &hf_kerberos_crealm , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3679 { &hf_kerberos_cname , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
3680 { &hf_kerberos_realm , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm },
3681 { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_PrincipalName },
3682 { &hf_kerberos_e_text , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString },
3683 { &hf_kerberos_e_data , BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_T_e_data },
3684 { &hf_kerberos_e_checksum , BER_CLASS_CON, 13, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum },
3685 { NULL, 0, 0, 0, NULL }
3689 dissect_kerberos_KRB_ERROR_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3690 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3691 KRB_ERROR_U_sequence, hf_index, ett_kerberos_KRB_ERROR_U);
3699 dissect_kerberos_KRB_ERROR(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3700 offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3701 hf_index, BER_CLASS_APP, 30, FALSE, dissect_kerberos_KRB_ERROR_U);
3707 static const ber_choice_t Applications_choice[] = {
3708 { 1, &hf_kerberos_ticket , BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_kerberos_Ticket },
3709 { 2, &hf_kerberos_authenticator, BER_CLASS_APP, 2, BER_FLAGS_NOOWNTAG, dissect_kerberos_Authenticator },
3710 { 3, &hf_kerberos_encTicketPart, BER_CLASS_APP, 3, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncTicketPart },
3711 { 10, &hf_kerberos_as_req , BER_CLASS_APP, 10, BER_FLAGS_NOOWNTAG, dissect_kerberos_AS_REQ },
3712 { 11, &hf_kerberos_as_rep , BER_CLASS_APP, 11, BER_FLAGS_NOOWNTAG, dissect_kerberos_AS_REP },
3713 { 12, &hf_kerberos_tgs_req , BER_CLASS_APP, 12, BER_FLAGS_NOOWNTAG, dissect_kerberos_TGS_REQ },
3714 { 13, &hf_kerberos_tgs_rep , BER_CLASS_APP, 13, BER_FLAGS_NOOWNTAG, dissect_kerberos_TGS_REP },
3715 { 14, &hf_kerberos_ap_req , BER_CLASS_APP, 14, BER_FLAGS_NOOWNTAG, dissect_kerberos_AP_REQ },
3716 { 15, &hf_kerberos_ap_rep , BER_CLASS_APP, 15, BER_FLAGS_NOOWNTAG, dissect_kerberos_AP_REP },
3717 { 20, &hf_kerberos_krb_safe , BER_CLASS_APP, 20, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_SAFE },
3718 { 21, &hf_kerberos_krb_priv , BER_CLASS_APP, 21, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_PRIV },
3719 { 22, &hf_kerberos_krb_cred , BER_CLASS_APP, 22, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_CRED },
3720 { 25, &hf_kerberos_encASRepPart, BER_CLASS_APP, 25, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncASRepPart },
3721 { 26, &hf_kerberos_encTGSRepPart, BER_CLASS_APP, 26, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncTGSRepPart },
3722 { 27, &hf_kerberos_encAPRepPart, BER_CLASS_APP, 27, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncAPRepPart },
3723 { 28, &hf_kerberos_encKrbPrivPart, BER_CLASS_APP, 28, BER_FLAGS_NOOWNTAG, dissect_kerberos_ENC_KRB_PRIV_PART },
3724 { 29, &hf_kerberos_encKrbCredPart, BER_CLASS_APP, 29, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncKrbCredPart },
3725 { 30, &hf_kerberos_krb_error , BER_CLASS_APP, 30, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_ERROR },
3726 { 0, NULL, 0, 0, 0, NULL }
3730 dissect_kerberos_Applications(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3731 offset = dissect_ber_choice(actx, tree, tvb, offset,
3732 Applications_choice, hf_index, ett_kerberos_Applications,
3741 dissect_kerberos_T_pA_ENC_TIMESTAMP_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3742 #line 251 "../../asn1/kerberos/kerberos.cnf"
3743 #ifdef HAVE_KERBEROS
3744 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
3746 offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3758 static const ber_sequence_t PA_ENC_TIMESTAMP_sequence[] = {
3759 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3760 { &hf_kerberos_kvno , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3761 { &hf_kerberos_pA_ENC_TIMESTAMP_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_pA_ENC_TIMESTAMP_cipher },
3762 { NULL, 0, 0, 0, NULL }
3766 dissect_kerberos_PA_ENC_TIMESTAMP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3767 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3768 PA_ENC_TIMESTAMP_sequence, hf_index, ett_kerberos_PA_ENC_TIMESTAMP);
3774 static const ber_sequence_t ETYPE_INFO_ENTRY_sequence[] = {
3775 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3776 { &hf_kerberos_salt , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_OCTET_STRING },
3777 { NULL, 0, 0, 0, NULL }
3781 dissect_kerberos_ETYPE_INFO_ENTRY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3782 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3783 ETYPE_INFO_ENTRY_sequence, hf_index, ett_kerberos_ETYPE_INFO_ENTRY);
3789 static const ber_sequence_t ETYPE_INFO_sequence_of[1] = {
3790 { &hf_kerberos_ETYPE_INFO_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_ETYPE_INFO_ENTRY },
3794 dissect_kerberos_ETYPE_INFO(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3795 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3796 ETYPE_INFO_sequence_of, hf_index, ett_kerberos_ETYPE_INFO);
3802 static const ber_sequence_t ETYPE_INFO2_ENTRY_sequence[] = {
3803 { &hf_kerberos_etype , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3804 { &hf_kerberos_salt_01 , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString },
3805 { &hf_kerberos_s2kparams , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_OCTET_STRING },
3806 { NULL, 0, 0, 0, NULL }
3810 dissect_kerberos_ETYPE_INFO2_ENTRY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3811 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3812 ETYPE_INFO2_ENTRY_sequence, hf_index, ett_kerberos_ETYPE_INFO2_ENTRY);
3818 static const ber_sequence_t ETYPE_INFO2_sequence_of[1] = {
3819 { &hf_kerberos_ETYPE_INFO2_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_ETYPE_INFO2_ENTRY },
3823 dissect_kerberos_ETYPE_INFO2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3824 offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3825 ETYPE_INFO2_sequence_of, hf_index, ett_kerberos_ETYPE_INFO2);
3833 dissect_kerberos_AD_IF_RELEVANT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3834 offset = dissect_kerberos_AuthorizationData(implicit_tag, tvb, offset, actx, tree, hf_index);
3842 dissect_kerberos_GeneralString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3843 offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
3844 actx, tree, tvb, offset, hf_index,
3851 static const ber_sequence_t PA_S4U2Self_sequence[] = {
3852 { &hf_kerberos_name , BER_CLASS_CON, 0, 0, dissect_kerberos_PrincipalName },
3853 { &hf_kerberos_realm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
3854 { &hf_kerberos_cksum , BER_CLASS_CON, 2, 0, dissect_kerberos_Checksum },
3855 { &hf_kerberos_auth , BER_CLASS_CON, 3, 0, dissect_kerberos_GeneralString },
3856 { NULL, 0, 0, 0, NULL }
3860 dissect_kerberos_PA_S4U2Self(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3861 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3862 PA_S4U2Self_sequence, hf_index, ett_kerberos_PA_S4U2Self);
3870 dissect_kerberos_BOOLEAN(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3871 offset = dissect_ber_boolean(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
3877 static const ber_sequence_t KERB_PA_PAC_REQUEST_sequence[] = {
3878 { &hf_kerberos_include_pac, BER_CLASS_CON, 0, 0, dissect_kerberos_BOOLEAN },
3879 { NULL, 0, 0, 0, NULL }
3883 dissect_kerberos_KERB_PA_PAC_REQUEST(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3884 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3885 KERB_PA_PAC_REQUEST_sequence, hf_index, ett_kerberos_KERB_PA_PAC_REQUEST);
3891 static const ber_sequence_t ChangePasswdData_sequence[] = {
3892 { &hf_kerberos_newpasswd , BER_CLASS_CON, 0, 0, dissect_kerberos_OCTET_STRING },
3893 { &hf_kerberos_targname , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
3894 { &hf_kerberos_targrealm , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3895 { NULL, 0, 0, 0, NULL }
3899 dissect_kerberos_ChangePasswdData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3900 offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3901 ChangePasswdData_sequence, hf_index, ett_kerberos_ChangePasswdData);
3907 /*--- End of included file: packet-kerberos-fn.c ---*/
3908 #line 1648 "../../asn1/kerberos/packet-kerberos-template.c"
3910 /* Make wrappers around exported functions for now */
3912 dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
3914 return dissect_kerberos_Checksum(FALSE, tvb, offset, actx, tree, hf_kerberos_cksum);
3919 dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
3921 return dissect_kerberos_KerberosTime(FALSE, tvb, offset, actx, tree, hf_kerberos_ctime);
3926 dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
3928 return dissect_kerberos_PrincipalName(FALSE, tvb, offset, actx, tree, hf_kerberos_cname);
3931 dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
3933 return dissect_kerberos_Realm(FALSE, tvb, offset, actx, tree, hf_kerberos_realm);
3938 dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
3939 gboolean dci, gboolean do_col_protocol, gboolean have_rm,
3940 kerberos_callbacks *cb)
3942 volatile int offset = 0;
3943 proto_tree *volatile kerberos_tree = NULL;
3944 proto_item *volatile item = NULL;
3945 asn1_ctx_t asn1_ctx;
3947 /* TCP record mark and length */
3949 gint krb_reclen = 0;
3951 gbl_do_col_info=dci;
3954 krb_rm = tvb_get_ntohl(tvb, offset);
3955 krb_reclen = kerberos_rm_to_reclen(krb_rm);
3957 * What is a reasonable size limit?
3959 if (krb_reclen > 10 * 1024 * 1024) {
3963 if (do_col_protocol) {
3964 col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
3968 item = proto_tree_add_item(tree, proto_kerberos, tvb, 0, -1, ENC_NA);
3969 kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
3972 show_krb_recordmark(kerberos_tree, tvb, offset, krb_rm);
3975 /* Do some sanity checking here,
3976 * All krb5 packets start with a TAG class that is BER_CLASS_APP
3977 * and a tag value that is either of the values below:
3978 * If it doesnt look like kerberos, return 0 and let someone else have
3985 get_ber_identifier(tvb, offset, &tmp_class, &tmp_pc, &tmp_tag);
3986 if(tmp_class!=BER_CLASS_APP){
3990 case KRB5_MSG_TICKET:
3991 case KRB5_MSG_AUTHENTICATOR:
3992 case KRB5_MSG_ENC_TICKET_PART:
3993 case KRB5_MSG_AS_REQ:
3994 case KRB5_MSG_AS_REP:
3995 case KRB5_MSG_TGS_REQ:
3996 case KRB5_MSG_TGS_REP:
3997 case KRB5_MSG_AP_REQ:
3998 case KRB5_MSG_AP_REP:
3999 case KRB5_MSG_ENC_AS_REP_PART:
4000 case KRB5_MSG_ENC_TGS_REP_PART:
4001 case KRB5_MSG_ENC_AP_REP_PART:
4002 case KRB5_MSG_ENC_KRB_PRIV_PART:
4003 case KRB5_MSG_ENC_KRB_CRED_PART:
4006 case KRB5_MSG_ERROR:
4011 if (do_col_protocol) {
4012 col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4014 if (gbl_do_col_info) {
4015 col_clear(pinfo->cinfo, COL_INFO);
4018 item = proto_tree_add_item(tree, proto_kerberos, tvb, 0, -1, ENC_NA);
4019 kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
4022 asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
4023 asn1_ctx.private_data = cb;
4026 offset=dissect_kerberos_Applications(FALSE, tvb, 0, &asn1_ctx , kerberos_tree, /* hf_index */ -1);
4027 } CATCH_BOUNDS_ERRORS {
4031 proto_item_set_len(item, offset);
4036 * Display the TCP record mark.
4039 show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm)
4042 proto_item *rm_item;
4043 proto_tree *rm_tree;
4048 rec_len = kerberos_rm_to_reclen(krb_rm);
4049 rm_item = proto_tree_add_text(tree, tvb, start, 4,
4050 "Record Mark: %u %s", rec_len, plurality(rec_len, "byte", "bytes"));
4051 rm_tree = proto_item_add_subtree(rm_item, ett_krb_recordmark);
4052 proto_tree_add_boolean(rm_tree, hf_krb_rm_reserved, tvb, start, 4, krb_rm);
4053 proto_tree_add_uint(rm_tree, hf_krb_rm_reclen, tvb, start, 4, krb_rm);
4057 dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info, kerberos_callbacks *cb)
4059 return (dissect_kerberos_common(tvb, pinfo, tree, do_col_info, FALSE, FALSE, cb));
4063 kerberos_output_keytype(void)
4069 dissect_kerberos_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
4071 /* Some weird kerberos implementation apparently do krb4 on the krb5 port.
4072 Since all (except weirdo transarc krb4 stuff) use
4073 an opcode <=16 in the first byte, use this to see if it might
4075 All krb5 commands start with an APPL tag and thus is >=0x60
4076 so if first byte is <=16 just blindly assume it is krb4 then
4078 if(tvb_captured_length(tvb) >= 1 && tvb_get_guint8(tvb, 0)<=0x10){
4082 res=call_dissector_only(krb4_handle, tvb, pinfo, tree, NULL);
4090 return dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, FALSE, NULL);
4094 kerberos_rm_to_reclen(guint krb_rm)
4096 return (krb_rm & KRB_RM_RECLEN);
4100 get_krb_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset)
4105 krb_rm = tvb_get_ntohl(tvb, offset);
4106 pdulen = kerberos_rm_to_reclen(krb_rm);
4107 return (pdulen + 4);
4110 kerberos_prefs_apply_cb(void) {
4111 #ifdef HAVE_LIBNETTLE
4113 read_keytab_file(keytab_filename);
4118 dissect_kerberos_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
4120 pinfo->fragmented = TRUE;
4121 if (dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, TRUE, NULL) < 0) {
4123 * The dissector failed to recognize this as a valid
4124 * Kerberos message. Mark it as a continuation packet.
4126 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
4129 return tvb_captured_length(tvb);
4133 dissect_kerberos_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
4135 col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4136 col_clear(pinfo->cinfo, COL_INFO);
4138 tcp_dissect_pdus(tvb, pinfo, tree, krb_desegment, 4, get_krb_pdu_len,
4139 dissect_kerberos_tcp_pdu, data);
4140 return tvb_captured_length(tvb);
4143 /*--- proto_register_kerberos -------------------------------------------*/
4144 void proto_register_kerberos(void) {
4146 /* List of fields */
4148 static hf_register_info hf[] = {
4149 { &hf_krb_rm_reserved, {
4150 "Reserved", "kerberos.rm.reserved", FT_BOOLEAN, 32,
4151 TFS(&tfs_set_notset), KRB_RM_RESERVED, "Record mark reserved bit", HFILL }},
4152 { &hf_krb_rm_reclen, {
4153 "Record Length", "kerberos.rm.length", FT_UINT32, BASE_DEC,
4154 NULL, KRB_RM_RECLEN, NULL, HFILL }},
4155 { &hf_krb_provsrv_location, {
4156 "PROVSRV Location", "kerberos.provsrv_location", FT_STRING, BASE_NONE,
4157 NULL, 0, "PacketCable PROV SRV Location", HFILL }},
4158 { &hf_krb_smb_nt_status,
4159 { "NT Status", "kerberos.smb.nt_status", FT_UINT32, BASE_HEX,
4160 VALS(NT_errors), 0, "NT Status code", HFILL }},
4161 { &hf_krb_smb_unknown,
4162 { "Unknown", "kerberos.smb.unknown", FT_UINT32, BASE_HEX,
4163 NULL, 0, NULL, HFILL }},
4164 { &hf_krb_address_ip, {
4165 "IP Address", "kerberos.addr_ip", FT_IPv4, BASE_NONE,
4166 NULL, 0, NULL, HFILL }},
4167 { &hf_krb_address_ipv6, {
4168 "IPv6 Address", "kerberos.addr_ipv6", FT_IPv6, BASE_NONE,
4169 NULL, 0, NULL, HFILL }},
4170 { &hf_krb_address_netbios, {
4171 "NetBIOS Address", "kerberos.addr_nb", FT_STRING, BASE_NONE,
4172 NULL, 0, "NetBIOS Address and type", HFILL }},
4173 { &hf_krb_gssapi_len, {
4174 "Length", "kerberos.gssapi.len", FT_UINT32, BASE_DEC,
4175 NULL, 0, "Length of GSSAPI Bnd field", HFILL }},
4176 { &hf_krb_gssapi_bnd, {
4177 "Bnd", "kerberos.gssapi.bdn", FT_BYTES, BASE_NONE,
4178 NULL, 0, "GSSAPI Bnd field", HFILL }},
4179 { &hf_krb_gssapi_c_flag_deleg, {
4180 "Deleg", "kerberos.gssapi.checksum.flags.deleg", FT_BOOLEAN, 32,
4181 TFS(&tfs_gss_flags_deleg), KRB5_GSS_C_DELEG_FLAG, NULL, HFILL }},
4182 { &hf_krb_gssapi_c_flag_mutual, {
4183 "Mutual", "kerberos.gssapi.checksum.flags.mutual", FT_BOOLEAN, 32,
4184 TFS(&tfs_gss_flags_mutual), KRB5_GSS_C_MUTUAL_FLAG, NULL, HFILL }},
4185 { &hf_krb_gssapi_c_flag_replay, {
4186 "Replay", "kerberos.gssapi.checksum.flags.replay", FT_BOOLEAN, 32,
4187 TFS(&tfs_gss_flags_replay), KRB5_GSS_C_REPLAY_FLAG, NULL, HFILL }},
4188 { &hf_krb_gssapi_c_flag_sequence, {
4189 "Sequence", "kerberos.gssapi.checksum.flags.sequence", FT_BOOLEAN, 32,
4190 TFS(&tfs_gss_flags_sequence), KRB5_GSS_C_SEQUENCE_FLAG, NULL, HFILL }},
4191 { &hf_krb_gssapi_c_flag_conf, {
4192 "Conf", "kerberos.gssapi.checksum.flags.conf", FT_BOOLEAN, 32,
4193 TFS(&tfs_gss_flags_conf), KRB5_GSS_C_CONF_FLAG, NULL, HFILL }},
4194 { &hf_krb_gssapi_c_flag_integ, {
4195 "Integ", "kerberos.gssapi.checksum.flags.integ", FT_BOOLEAN, 32,
4196 TFS(&tfs_gss_flags_integ), KRB5_GSS_C_INTEG_FLAG, NULL, HFILL }},
4197 { &hf_krb_gssapi_c_flag_dce_style, {
4198 "DCE-style", "kerberos.gssapi.checksum.flags.dce-style", FT_BOOLEAN, 32,
4199 TFS(&tfs_gss_flags_dce_style), KRB5_GSS_C_DCE_STYLE, NULL, HFILL }},
4200 { &hf_krb_gssapi_dlgopt, {
4201 "DlgOpt", "kerberos.gssapi.dlgopt", FT_UINT16, BASE_DEC,
4202 NULL, 0, "GSSAPI DlgOpt", HFILL }},
4203 { &hf_krb_gssapi_dlglen, {
4204 "DlgLen", "kerberos.gssapi.dlglen", FT_UINT16, BASE_DEC,
4205 NULL, 0, "GSSAPI DlgLen", HFILL }},
4208 /*--- Included file: packet-kerberos-hfarr.c ---*/
4209 #line 1 "../../asn1/kerberos/packet-kerberos-hfarr.c"
4210 { &hf_kerberos_ticket,
4211 { "ticket", "kerberos.ticket_element",
4212 FT_NONE, BASE_NONE, NULL, 0,
4214 { &hf_kerberos_authenticator,
4215 { "authenticator", "kerberos.authenticator_element",
4216 FT_NONE, BASE_NONE, NULL, 0,
4218 { &hf_kerberos_encTicketPart,
4219 { "encTicketPart", "kerberos.encTicketPart_element",
4220 FT_NONE, BASE_NONE, NULL, 0,
4222 { &hf_kerberos_as_req,
4223 { "as-req", "kerberos.as_req_element",
4224 FT_NONE, BASE_NONE, NULL, 0,
4226 { &hf_kerberos_as_rep,
4227 { "as-rep", "kerberos.as_rep_element",
4228 FT_NONE, BASE_NONE, NULL, 0,
4230 { &hf_kerberos_tgs_req,
4231 { "tgs-req", "kerberos.tgs_req_element",
4232 FT_NONE, BASE_NONE, NULL, 0,
4234 { &hf_kerberos_tgs_rep,
4235 { "tgs-rep", "kerberos.tgs_rep_element",
4236 FT_NONE, BASE_NONE, NULL, 0,
4238 { &hf_kerberos_ap_req,
4239 { "ap-req", "kerberos.ap_req_element",
4240 FT_NONE, BASE_NONE, NULL, 0,
4242 { &hf_kerberos_ap_rep,
4243 { "ap-rep", "kerberos.ap_rep_element",
4244 FT_NONE, BASE_NONE, NULL, 0,
4246 { &hf_kerberos_krb_safe,
4247 { "krb-safe", "kerberos.krb_safe_element",
4248 FT_NONE, BASE_NONE, NULL, 0,
4250 { &hf_kerberos_krb_priv,
4251 { "krb-priv", "kerberos.krb_priv_element",
4252 FT_NONE, BASE_NONE, NULL, 0,
4254 { &hf_kerberos_krb_cred,
4255 { "krb-cred", "kerberos.krb_cred_element",
4256 FT_NONE, BASE_NONE, NULL, 0,
4258 { &hf_kerberos_encASRepPart,
4259 { "encASRepPart", "kerberos.encASRepPart_element",
4260 FT_NONE, BASE_NONE, NULL, 0,
4262 { &hf_kerberos_encTGSRepPart,
4263 { "encTGSRepPart", "kerberos.encTGSRepPart_element",
4264 FT_NONE, BASE_NONE, NULL, 0,
4266 { &hf_kerberos_encAPRepPart,
4267 { "encAPRepPart", "kerberos.encAPRepPart_element",
4268 FT_NONE, BASE_NONE, NULL, 0,
4270 { &hf_kerberos_encKrbPrivPart,
4271 { "encKrbPrivPart", "kerberos.encKrbPrivPart_element",
4272 FT_NONE, BASE_NONE, NULL, 0,
4273 "ENC_KRB_PRIV_PART", HFILL }},
4274 { &hf_kerberos_encKrbCredPart,
4275 { "encKrbCredPart", "kerberos.encKrbCredPart_element",
4276 FT_NONE, BASE_NONE, NULL, 0,
4278 { &hf_kerberos_krb_error,
4279 { "krb-error", "kerberos.krb_error_element",
4280 FT_NONE, BASE_NONE, NULL, 0,
4282 { &hf_kerberos_name_type,
4283 { "name-type", "kerberos.name_type",
4284 FT_INT32, BASE_DEC, VALS(kerberos_NAME_TYPE_vals), 0,
4286 { &hf_kerberos_name_string,
4287 { "name-string", "kerberos.name_string",
4288 FT_UINT32, BASE_DEC, NULL, 0,
4289 "SEQUENCE_OF_KerberosString", HFILL }},
4290 { &hf_kerberos_name_string_item,
4291 { "KerberosString", "kerberos.KerberosString",
4292 FT_STRING, BASE_NONE, NULL, 0,
4294 { &hf_kerberos_addr_type,
4295 { "addr-type", "kerberos.addr_type",
4296 FT_INT32, BASE_DEC, VALS(kerberos_ADDR_TYPE_vals), 0,
4298 { &hf_kerberos_address,
4299 { "address", "kerberos.address",
4300 FT_BYTES, BASE_NONE, NULL, 0,
4302 { &hf_kerberos_HostAddresses_item,
4303 { "HostAddress", "kerberos.HostAddress_element",
4304 FT_NONE, BASE_NONE, NULL, 0,
4306 { &hf_kerberos_AuthorizationData_item,
4307 { "AuthorizationData item", "kerberos.AuthorizationData_item_element",
4308 FT_NONE, BASE_NONE, NULL, 0,
4310 { &hf_kerberos_ad_type,
4311 { "ad-type", "kerberos.ad_type",
4312 FT_INT32, BASE_DEC, NULL, 0,
4314 { &hf_kerberos_ad_data,
4315 { "ad-data", "kerberos.ad_data",
4316 FT_BYTES, BASE_NONE, NULL, 0,
4318 { &hf_kerberos_padata_type,
4319 { "padata-type", "kerberos.padata_type",
4320 FT_INT32, BASE_DEC, VALS(kerberos_PADATA_TYPE_vals), 0,
4322 { &hf_kerberos_padata_value,
4323 { "padata-value", "kerberos.padata_value",
4324 FT_BYTES, BASE_NONE, NULL, 0,
4326 { &hf_kerberos_keytype,
4327 { "keytype", "kerberos.keytype",
4328 FT_INT32, BASE_DEC, NULL, 0,
4330 { &hf_kerberos_keyvalue,
4331 { "keyvalue", "kerberos.keyvalue",
4332 FT_BYTES, BASE_NONE, NULL, 0,
4334 { &hf_kerberos_cksumtype,
4335 { "cksumtype", "kerberos.cksumtype",
4336 FT_INT32, BASE_DEC, VALS(kerberos_CKSUMTYPE_vals), 0,
4338 { &hf_kerberos_checksum,
4339 { "checksum", "kerberos.checksum",
4340 FT_BYTES, BASE_NONE, NULL, 0,
4342 { &hf_kerberos_etype,
4343 { "etype", "kerberos.etype",
4344 FT_INT32, BASE_DEC, VALS(kerberos_ENCTYPE_vals), 0,
4345 "ENCTYPE", HFILL }},
4346 { &hf_kerberos_kvno,
4347 { "kvno", "kerberos.kvno",
4348 FT_UINT32, BASE_DEC, NULL, 0,
4350 { &hf_kerberos_encryptedTicketData_cipher,
4351 { "cipher", "kerberos.cipher",
4352 FT_BYTES, BASE_NONE, NULL, 0,
4353 "T_encryptedTicketData_cipher", HFILL }},
4354 { &hf_kerberos_encryptedAuthorizationData_cipher,
4355 { "cipher", "kerberos.cipher",
4356 FT_BYTES, BASE_NONE, NULL, 0,
4357 "T_encryptedAuthorizationData_cipher", HFILL }},
4358 { &hf_kerberos_encryptedKDCREPData_cipher,
4359 { "cipher", "kerberos.cipher",
4360 FT_BYTES, BASE_NONE, NULL, 0,
4361 "T_encryptedKDCREPData_cipher", HFILL }},
4362 { &hf_kerberos_encryptedAPREPData_cipher,
4363 { "cipher", "kerberos.cipher",
4364 FT_BYTES, BASE_NONE, NULL, 0,
4365 "T_encryptedAPREPData_cipher", HFILL }},
4366 { &hf_kerberos_encryptedKrbPrivData_cipher,
4367 { "cipher", "kerberos.cipher",
4368 FT_BYTES, BASE_NONE, NULL, 0,
4369 "T_encryptedKrbPrivData_cipher", HFILL }},
4370 { &hf_kerberos_encryptedKrbCredData_cipher,
4371 { "cipher", "kerberos.cipher",
4372 FT_BYTES, BASE_NONE, NULL, 0,
4373 "T_encryptedKrbCredData_cipher", HFILL }},
4374 { &hf_kerberos_tkt_vno,
4375 { "tkt-vno", "kerberos.tkt_vno",
4376 FT_UINT32, BASE_DEC, NULL, 0,
4377 "INTEGER_5", HFILL }},
4378 { &hf_kerberos_realm,
4379 { "realm", "kerberos.realm",
4380 FT_STRING, BASE_NONE, NULL, 0,
4382 { &hf_kerberos_sname,
4383 { "sname", "kerberos.sname_element",
4384 FT_NONE, BASE_NONE, NULL, 0,
4385 "PrincipalName", HFILL }},
4386 { &hf_kerberos_ticket_enc_part,
4387 { "enc-part", "kerberos.enc_part_element",
4388 FT_NONE, BASE_NONE, NULL, 0,
4389 "EncryptedTicketData", HFILL }},
4390 { &hf_kerberos_flags,
4391 { "flags", "kerberos.flags",
4392 FT_BYTES, BASE_NONE, NULL, 0,
4393 "TicketFlags", HFILL }},
4395 { "key", "kerberos.key_element",
4396 FT_NONE, BASE_NONE, NULL, 0,
4397 "EncryptionKey", HFILL }},
4398 { &hf_kerberos_crealm,
4399 { "crealm", "kerberos.crealm",
4400 FT_STRING, BASE_NONE, NULL, 0,
4402 { &hf_kerberos_cname,
4403 { "cname", "kerberos.cname_element",
4404 FT_NONE, BASE_NONE, NULL, 0,
4405 "PrincipalName", HFILL }},
4406 { &hf_kerberos_transited,
4407 { "transited", "kerberos.transited_element",
4408 FT_NONE, BASE_NONE, NULL, 0,
4409 "TransitedEncoding", HFILL }},
4410 { &hf_kerberos_authtime,
4411 { "authtime", "kerberos.authtime",
4412 FT_STRING, BASE_NONE, NULL, 0,
4413 "KerberosTime", HFILL }},
4414 { &hf_kerberos_starttime,
4415 { "starttime", "kerberos.starttime",
4416 FT_STRING, BASE_NONE, NULL, 0,
4417 "KerberosTime", HFILL }},
4418 { &hf_kerberos_endtime,
4419 { "endtime", "kerberos.endtime",
4420 FT_STRING, BASE_NONE, NULL, 0,
4421 "KerberosTime", HFILL }},
4422 { &hf_kerberos_renew_till,
4423 { "renew-till", "kerberos.renew_till",
4424 FT_STRING, BASE_NONE, NULL, 0,
4425 "KerberosTime", HFILL }},
4426 { &hf_kerberos_caddr,
4427 { "caddr", "kerberos.caddr",
4428 FT_UINT32, BASE_DEC, NULL, 0,
4429 "HostAddresses", HFILL }},
4430 { &hf_kerberos_authorization_data,
4431 { "authorization-data", "kerberos.authorization_data",
4432 FT_UINT32, BASE_DEC, NULL, 0,
4433 "AuthorizationData", HFILL }},
4434 { &hf_kerberos_tr_type,
4435 { "tr-type", "kerberos.tr_type",
4436 FT_INT32, BASE_DEC, NULL, 0,
4438 { &hf_kerberos_contents,
4439 { "contents", "kerberos.contents",
4440 FT_BYTES, BASE_NONE, NULL, 0,
4441 "OCTET_STRING", HFILL }},
4442 { &hf_kerberos_pvno,
4443 { "pvno", "kerberos.pvno",
4444 FT_UINT32, BASE_DEC, NULL, 0,
4445 "INTEGER_5", HFILL }},
4446 { &hf_kerberos_msg_type,
4447 { "msg-type", "kerberos.msg_type",
4448 FT_INT32, BASE_DEC, VALS(kerberos_MESSAGE_TYPE_vals), 0,
4449 "MESSAGE_TYPE", HFILL }},
4450 { &hf_kerberos_padata,
4451 { "padata", "kerberos.padata",
4452 FT_UINT32, BASE_DEC, NULL, 0,
4453 "SEQUENCE_OF_PA_DATA", HFILL }},
4454 { &hf_kerberos_padata_item,
4455 { "PA-DATA", "kerberos.PA_DATA_element",
4456 FT_NONE, BASE_NONE, NULL, 0,
4458 { &hf_kerberos_req_body,
4459 { "req-body", "kerberos.req_body_element",
4460 FT_NONE, BASE_NONE, NULL, 0,
4461 "KDC_REQ_BODY", HFILL }},
4462 { &hf_kerberos_kdc_options,
4463 { "kdc-options", "kerberos.kdc_options",
4464 FT_BYTES, BASE_NONE, NULL, 0,
4465 "KDCOptions", HFILL }},
4466 { &hf_kerberos_from,
4467 { "from", "kerberos.from",
4468 FT_STRING, BASE_NONE, NULL, 0,
4469 "KerberosTime", HFILL }},
4470 { &hf_kerberos_till,
4471 { "till", "kerberos.till",
4472 FT_STRING, BASE_NONE, NULL, 0,
4473 "KerberosTime", HFILL }},
4474 { &hf_kerberos_rtime,
4475 { "rtime", "kerberos.rtime",
4476 FT_STRING, BASE_NONE, NULL, 0,
4477 "KerberosTime", HFILL }},
4478 { &hf_kerberos_nonce,
4479 { "nonce", "kerberos.nonce",
4480 FT_UINT32, BASE_DEC, NULL, 0,
4482 { &hf_kerberos_kDC_REQ_BODY_etype,
4483 { "etype", "kerberos.etype",
4484 FT_UINT32, BASE_DEC, NULL, 0,
4485 "SEQUENCE_OF_ENCTYPE", HFILL }},
4486 { &hf_kerberos_kDC_REQ_BODY_etype_item,
4487 { "ENCTYPE", "kerberos.ENCTYPE",
4488 FT_INT32, BASE_DEC, VALS(kerberos_ENCTYPE_vals), 0,
4490 { &hf_kerberos_addresses,
4491 { "addresses", "kerberos.addresses",
4492 FT_UINT32, BASE_DEC, NULL, 0,
4493 "HostAddresses", HFILL }},
4494 { &hf_kerberos_enc_authorization_data,
4495 { "enc-authorization-data", "kerberos.enc_authorization_data_element",
4496 FT_NONE, BASE_NONE, NULL, 0,
4497 "EncryptedAuthorizationData", HFILL }},
4498 { &hf_kerberos_additional_tickets,
4499 { "additional-tickets", "kerberos.additional_tickets",
4500 FT_UINT32, BASE_DEC, NULL, 0,
4501 "SEQUENCE_OF_Ticket", HFILL }},
4502 { &hf_kerberos_additional_tickets_item,
4503 { "Ticket", "kerberos.Ticket_element",
4504 FT_NONE, BASE_NONE, NULL, 0,
4506 { &hf_kerberos_kDC_REP_enc_part,
4507 { "enc-part", "kerberos.enc_part_element",
4508 FT_NONE, BASE_NONE, NULL, 0,
4509 "EncryptedKDCREPData", HFILL }},
4510 { &hf_kerberos_last_req,
4511 { "last-req", "kerberos.last_req",
4512 FT_UINT32, BASE_DEC, NULL, 0,
4513 "LastReq", HFILL }},
4514 { &hf_kerberos_key_expiration,
4515 { "key-expiration", "kerberos.key_expiration",
4516 FT_STRING, BASE_NONE, NULL, 0,
4517 "KerberosTime", HFILL }},
4518 { &hf_kerberos_srealm,
4519 { "srealm", "kerberos.srealm",
4520 FT_STRING, BASE_NONE, NULL, 0,
4522 { &hf_kerberos_encrypted_pa_data,
4523 { "encrypted-pa-data", "kerberos.encrypted_pa_data",
4524 FT_UINT32, BASE_DEC, NULL, 0,
4525 "METHOD_DATA", HFILL }},
4526 { &hf_kerberos_LastReq_item,
4527 { "LastReq item", "kerberos.LastReq_item_element",
4528 FT_NONE, BASE_NONE, NULL, 0,
4530 { &hf_kerberos_lr_type,
4531 { "lr-type", "kerberos.lr_type",
4532 FT_INT32, BASE_DEC, VALS(kerberos_LR_TYPE_vals), 0,
4534 { &hf_kerberos_lr_value,
4535 { "lr-value", "kerberos.lr_value",
4536 FT_STRING, BASE_NONE, NULL, 0,
4537 "KerberosTime", HFILL }},
4538 { &hf_kerberos_ap_options,
4539 { "ap-options", "kerberos.ap_options",
4540 FT_BYTES, BASE_NONE, NULL, 0,
4541 "APOptions", HFILL }},
4542 { &hf_kerberos_authenticator_01,
4543 { "authenticator", "kerberos.authenticator_element",
4544 FT_NONE, BASE_NONE, NULL, 0,
4545 "EncryptedAuthorizationData", HFILL }},
4546 { &hf_kerberos_authenticator_vno,
4547 { "authenticator-vno", "kerberos.authenticator_vno",
4548 FT_UINT32, BASE_DEC, NULL, 0,
4549 "INTEGER_5", HFILL }},
4550 { &hf_kerberos_cksum,
4551 { "cksum", "kerberos.cksum_element",
4552 FT_NONE, BASE_NONE, NULL, 0,
4553 "Checksum", HFILL }},
4554 { &hf_kerberos_cusec,
4555 { "cusec", "kerberos.cusec",
4556 FT_UINT32, BASE_DEC, NULL, 0,
4557 "Microseconds", HFILL }},
4558 { &hf_kerberos_ctime,
4559 { "ctime", "kerberos.ctime",
4560 FT_STRING, BASE_NONE, NULL, 0,
4561 "KerberosTime", HFILL }},
4562 { &hf_kerberos_subkey,
4563 { "subkey", "kerberos.subkey_element",
4564 FT_NONE, BASE_NONE, NULL, 0,
4565 "EncryptionKey", HFILL }},
4566 { &hf_kerberos_seq_number,
4567 { "seq-number", "kerberos.seq_number",
4568 FT_UINT32, BASE_DEC, NULL, 0,
4570 { &hf_kerberos_aP_REP_enc_part,
4571 { "enc-part", "kerberos.enc_part_element",
4572 FT_NONE, BASE_NONE, NULL, 0,
4573 "EncryptedAPREPData", HFILL }},
4574 { &hf_kerberos_safe_body,
4575 { "safe-body", "kerberos.safe_body_element",
4576 FT_NONE, BASE_NONE, NULL, 0,
4577 "KRB_SAFE_BODY", HFILL }},
4578 { &hf_kerberos_kRB_SAFE_BODY_user_data,
4579 { "user-data", "kerberos.user_data",
4580 FT_BYTES, BASE_NONE, NULL, 0,
4581 "T_kRB_SAFE_BODY_user_data", HFILL }},
4582 { &hf_kerberos_timestamp,
4583 { "timestamp", "kerberos.timestamp",
4584 FT_STRING, BASE_NONE, NULL, 0,
4585 "KerberosTime", HFILL }},
4586 { &hf_kerberos_usec,
4587 { "usec", "kerberos.usec",
4588 FT_UINT32, BASE_DEC, NULL, 0,
4589 "Microseconds", HFILL }},
4590 { &hf_kerberos_s_address,
4591 { "s-address", "kerberos.s_address_element",
4592 FT_NONE, BASE_NONE, NULL, 0,
4593 "HostAddress", HFILL }},
4594 { &hf_kerberos_r_address,
4595 { "r-address", "kerberos.r_address_element",
4596 FT_NONE, BASE_NONE, NULL, 0,
4597 "HostAddress", HFILL }},
4598 { &hf_kerberos_kRB_PRIV_enc_part,
4599 { "enc-part", "kerberos.enc_part_element",
4600 FT_NONE, BASE_NONE, NULL, 0,
4601 "EncryptedKrbPrivData", HFILL }},
4602 { &hf_kerberos_encKrbPrivPart_user_data,
4603 { "user-data", "kerberos.user_data",
4604 FT_BYTES, BASE_NONE, NULL, 0,
4605 "T_encKrbPrivPart_user_data", HFILL }},
4606 { &hf_kerberos_tickets,
4607 { "tickets", "kerberos.tickets",
4608 FT_UINT32, BASE_DEC, NULL, 0,
4609 "SEQUENCE_OF_Ticket", HFILL }},
4610 { &hf_kerberos_tickets_item,
4611 { "Ticket", "kerberos.Ticket_element",
4612 FT_NONE, BASE_NONE, NULL, 0,
4614 { &hf_kerberos_kRB_CRED_enc_part,
4615 { "enc-part", "kerberos.enc_part_element",
4616 FT_NONE, BASE_NONE, NULL, 0,
4617 "EncryptedKrbCredData", HFILL }},
4618 { &hf_kerberos_ticket_info,
4619 { "ticket-info", "kerberos.ticket_info",
4620 FT_UINT32, BASE_DEC, NULL, 0,
4621 "SEQUENCE_OF_KrbCredInfo", HFILL }},
4622 { &hf_kerberos_ticket_info_item,
4623 { "KrbCredInfo", "kerberos.KrbCredInfo_element",
4624 FT_NONE, BASE_NONE, NULL, 0,
4626 { &hf_kerberos_prealm,
4627 { "prealm", "kerberos.prealm",
4628 FT_STRING, BASE_NONE, NULL, 0,
4630 { &hf_kerberos_pname,
4631 { "pname", "kerberos.pname_element",
4632 FT_NONE, BASE_NONE, NULL, 0,
4633 "PrincipalName", HFILL }},
4634 { &hf_kerberos_stime,
4635 { "stime", "kerberos.stime",
4636 FT_STRING, BASE_NONE, NULL, 0,
4637 "KerberosTime", HFILL }},
4638 { &hf_kerberos_susec,
4639 { "susec", "kerberos.susec",
4640 FT_UINT32, BASE_DEC, NULL, 0,
4641 "Microseconds", HFILL }},
4642 { &hf_kerberos_error_code,
4643 { "error-code", "kerberos.error_code",
4644 FT_INT32, BASE_DEC, VALS(kerberos_ERROR_CODE_vals), 0,
4646 { &hf_kerberos_e_text,
4647 { "e-text", "kerberos.e_text",
4648 FT_STRING, BASE_NONE, NULL, 0,
4649 "KerberosString", HFILL }},
4650 { &hf_kerberos_e_data,
4651 { "e-data", "kerberos.e_data",
4652 FT_BYTES, BASE_NONE, NULL, 0,
4654 { &hf_kerberos_e_checksum,
4655 { "e-checksum", "kerberos.e_checksum_element",
4656 FT_NONE, BASE_NONE, NULL, 0,
4657 "Checksum", HFILL }},
4658 { &hf_kerberos_METHOD_DATA_item,
4659 { "PA-DATA", "kerberos.PA_DATA_element",
4660 FT_NONE, BASE_NONE, NULL, 0,
4662 { &hf_kerberos_pA_ENC_TIMESTAMP_cipher,
4663 { "cipher", "kerberos.cipher",
4664 FT_BYTES, BASE_NONE, NULL, 0,
4665 "T_pA_ENC_TIMESTAMP_cipher", HFILL }},
4666 { &hf_kerberos_salt,
4667 { "salt", "kerberos.salt",
4668 FT_BYTES, BASE_NONE, NULL, 0,
4669 "OCTET_STRING", HFILL }},
4670 { &hf_kerberos_ETYPE_INFO_item,
4671 { "ETYPE-INFO-ENTRY", "kerberos.ETYPE_INFO_ENTRY_element",
4672 FT_NONE, BASE_NONE, NULL, 0,
4674 { &hf_kerberos_salt_01,
4675 { "salt", "kerberos.salt",
4676 FT_STRING, BASE_NONE, NULL, 0,
4677 "KerberosString", HFILL }},
4678 { &hf_kerberos_s2kparams,
4679 { "s2kparams", "kerberos.s2kparams",
4680 FT_BYTES, BASE_NONE, NULL, 0,
4681 "OCTET_STRING", HFILL }},
4682 { &hf_kerberos_ETYPE_INFO2_item,
4683 { "ETYPE-INFO2-ENTRY", "kerberos.ETYPE_INFO2_ENTRY_element",
4684 FT_NONE, BASE_NONE, NULL, 0,
4686 { &hf_kerberos_name,
4687 { "name", "kerberos.name_element",
4688 FT_NONE, BASE_NONE, NULL, 0,
4689 "PrincipalName", HFILL }},
4690 { &hf_kerberos_auth,
4691 { "auth", "kerberos.auth",
4692 FT_STRING, BASE_NONE, NULL, 0,
4693 "GeneralString", HFILL }},
4694 { &hf_kerberos_include_pac,
4695 { "include-pac", "kerberos.include_pac",
4696 FT_BOOLEAN, BASE_NONE, NULL, 0,
4697 "BOOLEAN", HFILL }},
4698 { &hf_kerberos_newpasswd,
4699 { "newpasswd", "kerberos.newpasswd",
4700 FT_BYTES, BASE_NONE, NULL, 0,
4701 "OCTET_STRING", HFILL }},
4702 { &hf_kerberos_targname,
4703 { "targname", "kerberos.targname_element",
4704 FT_NONE, BASE_NONE, NULL, 0,
4705 "PrincipalName", HFILL }},
4706 { &hf_kerberos_targrealm,
4707 { "targrealm", "kerberos.targrealm",
4708 FT_STRING, BASE_NONE, NULL, 0,
4710 { &hf_kerberos_APOptions_reserved,
4711 { "reserved", "kerberos.reserved",
4712 FT_BOOLEAN, 8, NULL, 0x80,
4714 { &hf_kerberos_APOptions_use_session_key,
4715 { "use-session-key", "kerberos.use-session-key",
4716 FT_BOOLEAN, 8, NULL, 0x40,
4718 { &hf_kerberos_APOptions_mutual_required,
4719 { "mutual-required", "kerberos.mutual-required",
4720 FT_BOOLEAN, 8, NULL, 0x20,
4722 { &hf_kerberos_TicketFlags_reserved,
4723 { "reserved", "kerberos.reserved",
4724 FT_BOOLEAN, 8, NULL, 0x80,
4726 { &hf_kerberos_TicketFlags_forwardable,
4727 { "forwardable", "kerberos.forwardable",
4728 FT_BOOLEAN, 8, NULL, 0x40,
4730 { &hf_kerberos_TicketFlags_forwarded,
4731 { "forwarded", "kerberos.forwarded",
4732 FT_BOOLEAN, 8, NULL, 0x20,
4734 { &hf_kerberos_TicketFlags_proxiable,
4735 { "proxiable", "kerberos.proxiable",
4736 FT_BOOLEAN, 8, NULL, 0x10,
4738 { &hf_kerberos_TicketFlags_proxy,
4739 { "proxy", "kerberos.proxy",
4740 FT_BOOLEAN, 8, NULL, 0x08,
4742 { &hf_kerberos_TicketFlags_may_postdate,
4743 { "may-postdate", "kerberos.may-postdate",
4744 FT_BOOLEAN, 8, NULL, 0x04,
4746 { &hf_kerberos_TicketFlags_postdated,
4747 { "postdated", "kerberos.postdated",
4748 FT_BOOLEAN, 8, NULL, 0x02,
4750 { &hf_kerberos_TicketFlags_invalid,
4751 { "invalid", "kerberos.invalid",
4752 FT_BOOLEAN, 8, NULL, 0x01,
4754 { &hf_kerberos_TicketFlags_renewable,
4755 { "renewable", "kerberos.renewable",
4756 FT_BOOLEAN, 8, NULL, 0x80,
4758 { &hf_kerberos_TicketFlags_initial,
4759 { "initial", "kerberos.initial",
4760 FT_BOOLEAN, 8, NULL, 0x40,
4762 { &hf_kerberos_TicketFlags_pre_authent,
4763 { "pre-authent", "kerberos.pre-authent",
4764 FT_BOOLEAN, 8, NULL, 0x20,
4766 { &hf_kerberos_TicketFlags_hw_authent,
4767 { "hw-authent", "kerberos.hw-authent",
4768 FT_BOOLEAN, 8, NULL, 0x10,
4770 { &hf_kerberos_TicketFlags_transited_policy_checked,
4771 { "transited-policy-checked", "kerberos.transited-policy-checked",
4772 FT_BOOLEAN, 8, NULL, 0x08,
4774 { &hf_kerberos_TicketFlags_ok_as_delegate,
4775 { "ok-as-delegate", "kerberos.ok-as-delegate",
4776 FT_BOOLEAN, 8, NULL, 0x04,
4778 { &hf_kerberos_TicketFlags_anonymous,
4779 { "anonymous", "kerberos.anonymous",
4780 FT_BOOLEAN, 8, NULL, 0x02,
4782 { &hf_kerberos_KDCOptions_reserved,
4783 { "reserved", "kerberos.reserved",
4784 FT_BOOLEAN, 8, NULL, 0x80,
4786 { &hf_kerberos_KDCOptions_forwardable,
4787 { "forwardable", "kerberos.forwardable",
4788 FT_BOOLEAN, 8, NULL, 0x40,
4790 { &hf_kerberos_KDCOptions_forwarded,
4791 { "forwarded", "kerberos.forwarded",
4792 FT_BOOLEAN, 8, NULL, 0x20,
4794 { &hf_kerberos_KDCOptions_proxiable,
4795 { "proxiable", "kerberos.proxiable",
4796 FT_BOOLEAN, 8, NULL, 0x10,
4798 { &hf_kerberos_KDCOptions_proxy,
4799 { "proxy", "kerberos.proxy",
4800 FT_BOOLEAN, 8, NULL, 0x08,
4802 { &hf_kerberos_KDCOptions_allow_postdate,
4803 { "allow-postdate", "kerberos.allow-postdate",
4804 FT_BOOLEAN, 8, NULL, 0x04,
4806 { &hf_kerberos_KDCOptions_postdated,
4807 { "postdated", "kerberos.postdated",
4808 FT_BOOLEAN, 8, NULL, 0x02,
4810 { &hf_kerberos_KDCOptions_unused7,
4811 { "unused7", "kerberos.unused7",
4812 FT_BOOLEAN, 8, NULL, 0x01,
4814 { &hf_kerberos_KDCOptions_renewable,
4815 { "renewable", "kerberos.renewable",
4816 FT_BOOLEAN, 8, NULL, 0x80,
4818 { &hf_kerberos_KDCOptions_unused9,
4819 { "unused9", "kerberos.unused9",
4820 FT_BOOLEAN, 8, NULL, 0x40,
4822 { &hf_kerberos_KDCOptions_unused10,
4823 { "unused10", "kerberos.unused10",
4824 FT_BOOLEAN, 8, NULL, 0x20,
4826 { &hf_kerberos_KDCOptions_opt_hardware_auth,
4827 { "opt-hardware-auth", "kerberos.opt-hardware-auth",
4828 FT_BOOLEAN, 8, NULL, 0x10,
4830 { &hf_kerberos_KDCOptions_request_anonymous,
4831 { "request-anonymous", "kerberos.request-anonymous",
4832 FT_BOOLEAN, 8, NULL, 0x02,
4834 { &hf_kerberos_KDCOptions_canonicalize,
4835 { "canonicalize", "kerberos.canonicalize",
4836 FT_BOOLEAN, 8, NULL, 0x01,
4838 { &hf_kerberos_KDCOptions_constrained_delegation,
4839 { "constrained-delegation", "kerberos.constrained-delegation",
4840 FT_BOOLEAN, 8, NULL, 0x80,
4842 { &hf_kerberos_KDCOptions_disable_transited_check,
4843 { "disable-transited-check", "kerberos.disable-transited-check",
4844 FT_BOOLEAN, 8, NULL, 0x20,
4846 { &hf_kerberos_KDCOptions_renewable_ok,
4847 { "renewable-ok", "kerberos.renewable-ok",
4848 FT_BOOLEAN, 8, NULL, 0x10,
4850 { &hf_kerberos_KDCOptions_enc_tkt_in_skey,
4851 { "enc-tkt-in-skey", "kerberos.enc-tkt-in-skey",
4852 FT_BOOLEAN, 8, NULL, 0x08,
4854 { &hf_kerberos_KDCOptions_renew,
4855 { "renew", "kerberos.renew",
4856 FT_BOOLEAN, 8, NULL, 0x02,
4858 { &hf_kerberos_KDCOptions_validate,
4859 { "validate", "kerberos.validate",
4860 FT_BOOLEAN, 8, NULL, 0x01,
4863 /*--- End of included file: packet-kerberos-hfarr.c ---*/
4864 #line 1947 "../../asn1/kerberos/packet-kerberos-template.c"
4867 /* List of subtrees */
4868 static gint *ett[] = {
4870 &ett_krb_recordmark,
4872 /*--- Included file: packet-kerberos-ettarr.c ---*/
4873 #line 1 "../../asn1/kerberos/packet-kerberos-ettarr.c"
4874 &ett_kerberos_Applications,
4875 &ett_kerberos_PrincipalName,
4876 &ett_kerberos_SEQUENCE_OF_KerberosString,
4877 &ett_kerberos_HostAddress,
4878 &ett_kerberos_HostAddresses,
4879 &ett_kerberos_AuthorizationData,
4880 &ett_kerberos_AuthorizationData_item,
4881 &ett_kerberos_PA_DATA,
4882 &ett_kerberos_EncryptionKey,
4883 &ett_kerberos_Checksum,
4884 &ett_kerberos_EncryptedTicketData,
4885 &ett_kerberos_EncryptedAuthorizationData,
4886 &ett_kerberos_EncryptedKDCREPData,
4887 &ett_kerberos_EncryptedAPREPData,
4888 &ett_kerberos_EncryptedKrbPrivData,
4889 &ett_kerberos_EncryptedKrbCredData,
4890 &ett_kerberos_Ticket_U,
4891 &ett_kerberos_EncTicketPart_U,
4892 &ett_kerberos_TransitedEncoding,
4893 &ett_kerberos_KDC_REQ,
4894 &ett_kerberos_SEQUENCE_OF_PA_DATA,
4895 &ett_kerberos_KDC_REQ_BODY,
4896 &ett_kerberos_SEQUENCE_OF_ENCTYPE,
4897 &ett_kerberos_SEQUENCE_OF_Ticket,
4898 &ett_kerberos_KDC_REP,
4899 &ett_kerberos_EncKDCRepPart,
4900 &ett_kerberos_LastReq,
4901 &ett_kerberos_LastReq_item,
4902 &ett_kerberos_AP_REQ_U,
4903 &ett_kerberos_Authenticator_U,
4904 &ett_kerberos_AP_REP_U,
4905 &ett_kerberos_EncAPRepPart_U,
4906 &ett_kerberos_KRB_SAFE_U,
4907 &ett_kerberos_KRB_SAFE_BODY,
4908 &ett_kerberos_KRB_PRIV_U,
4909 &ett_kerberos_EncKrbPrivPart,
4910 &ett_kerberos_KRB_CRED_U,
4911 &ett_kerberos_EncKrbCredPart_U,
4912 &ett_kerberos_SEQUENCE_OF_KrbCredInfo,
4913 &ett_kerberos_KrbCredInfo,
4914 &ett_kerberos_KRB_ERROR_U,
4915 &ett_kerberos_METHOD_DATA,
4916 &ett_kerberos_PA_ENC_TIMESTAMP,
4917 &ett_kerberos_ETYPE_INFO_ENTRY,
4918 &ett_kerberos_ETYPE_INFO,
4919 &ett_kerberos_ETYPE_INFO2_ENTRY,
4920 &ett_kerberos_ETYPE_INFO2,
4921 &ett_kerberos_APOptions,
4922 &ett_kerberos_TicketFlags,
4923 &ett_kerberos_KDCOptions,
4924 &ett_kerberos_PA_S4U2Self,
4925 &ett_kerberos_KERB_PA_PAC_REQUEST,
4926 &ett_kerberos_ChangePasswdData,
4928 /*--- End of included file: packet-kerberos-ettarr.c ---*/
4929 #line 1954 "../../asn1/kerberos/packet-kerberos-template.c"
4932 static ei_register_info ei[] = {
4933 { &ei_kerberos_decrypted_keytype, { "kerberos.decrypted_keytype", PI_SECURITY, PI_CHAT, "Decryted keytype", EXPFILL }},
4936 expert_module_t* expert_krb;
4937 module_t *krb_module;
4939 proto_kerberos = proto_register_protocol("Kerberos", "KRB5", "kerberos");
4940 proto_register_field_array(proto_kerberos, hf, array_length(hf));
4941 proto_register_subtree_array(ett, array_length(ett));
4942 expert_krb = expert_register_protocol(proto_kerberos);
4943 expert_register_field_array(expert_krb, ei, array_length(ei));
4945 /* Register preferences */
4946 krb_module = prefs_register_protocol(proto_kerberos, kerberos_prefs_apply_cb);
4947 prefs_register_bool_preference(krb_module, "desegment",
4948 "Reassemble Kerberos over TCP messages spanning multiple TCP segments",
4949 "Whether the Kerberos dissector should reassemble messages spanning multiple TCP segments."
4950 " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
4952 #ifdef HAVE_KERBEROS
4953 prefs_register_bool_preference(krb_module, "decrypt",
4954 "Try to decrypt Kerberos blobs",
4955 "Whether the dissector should try to decrypt "
4956 "encrypted Kerberos blobs. This requires that the proper "
4957 "keytab file is installed as well.", &krb_decrypt);
4959 prefs_register_filename_preference(krb_module, "file",
4960 "Kerberos keytab file",
4961 "The keytab file containing all the secrets",
4966 static int wrap_dissect_gss_kerb(tvbuff_t *tvb, int offset, packet_info *pinfo,
4967 proto_tree *tree, dcerpc_info *di _U_,guint8 *drep _U_)
4971 auth_tvb = tvb_new_subset_remaining(tvb, offset);
4973 dissect_kerberos_main(auth_tvb, pinfo, tree, FALSE, NULL);
4975 return tvb_captured_length_remaining(tvb, offset);
4979 static dcerpc_auth_subdissector_fns gss_kerb_auth_connect_fns = {
4980 wrap_dissect_gss_kerb, /* Bind */
4981 wrap_dissect_gss_kerb, /* Bind ACK */
4982 wrap_dissect_gss_kerb, /* AUTH3 */
4983 NULL, /* Request verifier */
4984 NULL, /* Response verifier */
4985 NULL, /* Request data */
4986 NULL /* Response data */
4989 static dcerpc_auth_subdissector_fns gss_kerb_auth_sign_fns = {
4990 wrap_dissect_gss_kerb, /* Bind */
4991 wrap_dissect_gss_kerb, /* Bind ACK */
4992 wrap_dissect_gss_kerb, /* AUTH3 */
4993 wrap_dissect_gssapi_verf, /* Request verifier */
4994 wrap_dissect_gssapi_verf, /* Response verifier */
4995 NULL, /* Request data */
4996 NULL /* Response data */
4999 static dcerpc_auth_subdissector_fns gss_kerb_auth_seal_fns = {
5000 wrap_dissect_gss_kerb, /* Bind */
5001 wrap_dissect_gss_kerb, /* Bind ACK */
5002 wrap_dissect_gss_kerb, /* AUTH3 */
5003 wrap_dissect_gssapi_verf, /* Request verifier */
5004 wrap_dissect_gssapi_verf, /* Response verifier */
5005 wrap_dissect_gssapi_payload, /* Request data */
5006 wrap_dissect_gssapi_payload /* Response data */
5012 proto_reg_handoff_kerberos(void)
5014 dissector_handle_t kerberos_handle_tcp;
5016 krb4_handle = find_dissector("krb4");
5018 kerberos_handle_udp = new_create_dissector_handle(dissect_kerberos_udp,
5021 kerberos_handle_tcp = new_create_dissector_handle(dissect_kerberos_tcp,
5024 dissector_add_uint("udp.port", UDP_PORT_KERBEROS, kerberos_handle_udp);
5025 dissector_add_uint("tcp.port", TCP_PORT_KERBEROS, kerberos_handle_tcp);
5027 register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_CONNECT,
5028 DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5029 &gss_kerb_auth_connect_fns);
5031 register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_INTEGRITY,
5032 DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5033 &gss_kerb_auth_sign_fns);
5035 register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_PRIVACY,
5036 DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5037 &gss_kerb_auth_seal_fns);