git.samba.org / metze / wireshark / wip.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Include ws_diag_control.h in config.h
[metze/wireshark/wip.git] / epan / dissectors / packet-kerberos.c
1 /* Do not modify this file. Changes will be overwritten.                      */
2 /* Generated automatically by the ASN.1 to Wireshark dissector compiler       */
3 /* packet-kerberos.c                                                          */
4 /* asn2wrs.py -b -p kerberos -c ./kerberos.cnf -s ./packet-kerberos-template -D . -O ../.. KerberosV5Spec2.asn k5.asn RFC3244.asn */
5
6 /* Input file: packet-kerberos-template.c */
7
8 #line 1 "./asn1/kerberos/packet-kerberos-template.c"
9 /* packet-kerberos.c
10  * Routines for Kerberos
11  * Wes Hardaker (c) 2000
12  * wjhardaker@ucdavis.edu
13  * Richard Sharpe (C) 2002, rsharpe@samba.org, modularized a bit more and
14  *                          added AP-REQ and AP-REP dissection
15  *
16  * Ronnie Sahlberg (C) 2004, major rewrite for new ASN.1/BER API.
17  *                           decryption of kerberos blobs if keytab is provided
18  *
19  * See RFC 1510, and various I-Ds and other documents showing additions,
20  * e.g. ones listed under
21  *
22  *      http://www.isi.edu/people/bcn/krb-revisions/
23  *
24  * and
25  *
26  *      http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
27  *
28  * and
29  *
30  *      http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-05.txt
31  *
32  * Some structures from RFC2630
33  *
34  * Wireshark - Network traffic analyzer
35  * By Gerald Combs <gerald@wireshark.org>
36  * Copyright 1998 Gerald Combs
37  *
38  * This program is free software; you can redistribute it and/or
39  * modify it under the terms of the GNU General Public License
40  * as published by the Free Software Foundation; either version 2
41  * of the License, or (at your option) any later version.
42  *
43  * This program is distributed in the hope that it will be useful,
44  * but WITHOUT ANY WARRANTY; without even the implied warranty of
45  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
46  * GNU General Public License for more details.
47  *
48  * You should have received a copy of the GNU General Public License
49  * along with this program; if not, write to the Free Software
50  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
51  */
52
53 /*
54  * Some of the development of the Kerberos protocol decoder was sponsored by
55  * Cable Television Laboratories, Inc. ("CableLabs") based upon proprietary
56  * CableLabs' specifications. Your license and use of this protocol decoder
57  * does not mean that you are licensed to use the CableLabs'
58  * specifications.  If you have questions about this protocol, contact
59  * jf.mule [AT] cablelabs.com or c.stuart [AT] cablelabs.com for additional
60  * information.
61  */
62
63 #include <config.h>
64
65 #include <stdio.h>
66
67 #include <epan/packet.h>
68 #include <epan/exceptions.h>
69 #include <epan/strutil.h>
70 #include <epan/conversation.h>
71 #include <epan/asn1.h>
72 #include <epan/expert.h>
73 #include <epan/prefs.h>
74 #include <wsutil/file_util.h>
75 #include <wsutil/str_util.h>
76 #include "packet-kerberos.h"
77 #include "packet-netbios.h"
78 #include "packet-tcp.h"
79 #include "packet-ber.h"
80 #include "packet-pkinit.h"
81 #include "packet-cms.h"
82 #include "packet-windows-common.h"
83
84 #include "packet-dcerpc-netlogon.h"
85 #include "packet-dcerpc.h"
86
87 #include "packet-gssapi.h"
88 #include "packet-smb-common.h"
89
90
91 void proto_register_kerberos(void);
92 void proto_reg_handoff_kerberos(void);
93
94 #define UDP_PORT_KERBEROS               88
95 #define TCP_PORT_KERBEROS               88
96
97 #define ADDRESS_STR_BUFSIZ 256
98
99 typedef struct kerberos_key {
100         guint32 keytype;
101         int keylength;
102         const guint8 *keyvalue;
103 } kerberos_key_t;
104
105 typedef struct {
106         guint32 etype;
107         guint32 padata_type;
108         guint32 enctype;
109         kerberos_key_t key;
110         guint32 ad_type;
111         guint32 addr_type;
112         guint32 checksum_type;
113 } kerberos_private_data_t;
114
115 static dissector_handle_t kerberos_handle_udp;
116
117 /* Forward declarations */
118 static int dissect_kerberos_Applications(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
119 static int dissect_kerberos_PA_ENC_TIMESTAMP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
120 static int dissect_kerberos_KERB_PA_PAC_REQUEST(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
121 static int dissect_kerberos_PA_S4U2Self(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
122 static int dissect_kerberos_ETYPE_INFO(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
123 static int dissect_kerberos_ETYPE_INFO2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
124 static int dissect_kerberos_AD_IF_RELEVANT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_);
125
126
127 /* Desegment Kerberos over TCP messages */
128 static gboolean krb_desegment = TRUE;
129
130 static gint proto_kerberos = -1;
131
132 static gint hf_krb_rm_reserved = -1;
133 static gint hf_krb_rm_reclen = -1;
134 static gint hf_krb_provsrv_location = -1;
135 static gint hf_krb_smb_nt_status = -1;
136 static gint hf_krb_smb_unknown = -1;
137 static gint hf_krb_address_ip = -1;
138 static gint hf_krb_address_netbios = -1;
139 static gint hf_krb_address_ipv6 = -1;
140 static gint hf_krb_gssapi_len = -1;
141 static gint hf_krb_gssapi_bnd = -1;
142 static gint hf_krb_gssapi_dlgopt = -1;
143 static gint hf_krb_gssapi_dlglen = -1;
144 static gint hf_krb_gssapi_c_flag_deleg = -1;
145 static gint hf_krb_gssapi_c_flag_mutual = -1;
146 static gint hf_krb_gssapi_c_flag_replay = -1;
147 static gint hf_krb_gssapi_c_flag_sequence = -1;
148 static gint hf_krb_gssapi_c_flag_conf = -1;
149 static gint hf_krb_gssapi_c_flag_integ = -1;
150 static gint hf_krb_gssapi_c_flag_dce_style = -1;
151 static gint hf_krb_midl_version = -1;
152 static gint hf_krb_midl_hdr_len = -1;
153 static gint hf_krb_midl_fill_bytes = -1;
154 static gint hf_krb_midl_blob_len = -1;
155 static gint hf_krb_pac_signature_type = -1;
156 static gint hf_krb_pac_signature_signature = -1;
157 static gint hf_krb_w2k_pac_entries = -1;
158 static gint hf_krb_w2k_pac_version = -1;
159 static gint hf_krb_w2k_pac_type = -1;
160 static gint hf_krb_w2k_pac_size = -1;
161 static gint hf_krb_w2k_pac_offset = -1;
162 static gint hf_krb_pac_clientid = -1;
163 static gint hf_krb_pac_namelen = -1;
164 static gint hf_krb_pac_clientname = -1;
165 static gint hf_krb_pac_logon_info = -1;
166 static gint hf_krb_pac_credential_type = -1;
167 static gint hf_krb_pac_s4u_delegation_info = -1;
168 static gint hf_krb_pac_upn_dns_info = -1;
169 static gint hf_krb_pac_upn_flags = -1;
170 static gint hf_krb_pac_upn_dns_offset = -1;
171 static gint hf_krb_pac_upn_dns_len = -1;
172 static gint hf_krb_pac_upn_upn_offset = -1;
173 static gint hf_krb_pac_upn_upn_len = -1;
174 static gint hf_krb_pac_upn_upn_name = -1;
175 static gint hf_krb_pac_upn_dns_name = -1;
176 static gint hf_krb_pac_server_checksum = -1;
177 static gint hf_krb_pac_privsvr_checksum = -1;
178 static gint hf_krb_pac_client_info_type = -1;
179
180 /*--- Included file: packet-kerberos-hf.c ---*/
181 #line 1 "./asn1/kerberos/packet-kerberos-hf.c"
182 static int hf_kerberos_ticket = -1;               /* Ticket */
183 static int hf_kerberos_authenticator = -1;        /* Authenticator */
184 static int hf_kerberos_encTicketPart = -1;        /* EncTicketPart */
185 static int hf_kerberos_as_req = -1;               /* AS_REQ */
186 static int hf_kerberos_as_rep = -1;               /* AS_REP */
187 static int hf_kerberos_tgs_req = -1;              /* TGS_REQ */
188 static int hf_kerberos_tgs_rep = -1;              /* TGS_REP */
189 static int hf_kerberos_ap_req = -1;               /* AP_REQ */
190 static int hf_kerberos_ap_rep = -1;               /* AP_REP */
191 static int hf_kerberos_krb_safe = -1;             /* KRB_SAFE */
192 static int hf_kerberos_krb_priv = -1;             /* KRB_PRIV */
193 static int hf_kerberos_krb_cred = -1;             /* KRB_CRED */
194 static int hf_kerberos_encASRepPart = -1;         /* EncASRepPart */
195 static int hf_kerberos_encTGSRepPart = -1;        /* EncTGSRepPart */
196 static int hf_kerberos_encAPRepPart = -1;         /* EncAPRepPart */
197 static int hf_kerberos_encKrbPrivPart = -1;       /* ENC_KRB_PRIV_PART */
198 static int hf_kerberos_encKrbCredPart = -1;       /* EncKrbCredPart */
199 static int hf_kerberos_krb_error = -1;            /* KRB_ERROR */
200 static int hf_kerberos_name_type = -1;            /* NAME_TYPE */
201 static int hf_kerberos_name_string = -1;          /* SEQUENCE_OF_KerberosString */
202 static int hf_kerberos_name_string_item = -1;     /* KerberosString */
203 static int hf_kerberos_cname_string = -1;         /* SEQUENCE_OF_CNameString */
204 static int hf_kerberos_cname_string_item = -1;    /* CNameString */
205 static int hf_kerberos_sname_string = -1;         /* SEQUENCE_OF_SNameString */
206 static int hf_kerberos_sname_string_item = -1;    /* SNameString */
207 static int hf_kerberos_addr_type = -1;            /* ADDR_TYPE */
208 static int hf_kerberos_address = -1;              /* T_address */
209 static int hf_kerberos_HostAddresses_item = -1;   /* HostAddress */
210 static int hf_kerberos_AuthorizationData_item = -1;  /* AuthorizationData_item */
211 static int hf_kerberos_ad_type = -1;              /* T_ad_type */
212 static int hf_kerberos_ad_data = -1;              /* T_ad_data */
213 static int hf_kerberos_padata_type = -1;          /* PADATA_TYPE */
214 static int hf_kerberos_padata_value = -1;         /* T_padata_value */
215 static int hf_kerberos_keytype = -1;              /* T_keytype */
216 static int hf_kerberos_keyvalue = -1;             /* T_keyvalue */
217 static int hf_kerberos_cksumtype = -1;            /* CKSUMTYPE */
218 static int hf_kerberos_checksum = -1;             /* T_checksum */
219 static int hf_kerberos_etype = -1;                /* ENCTYPE */
220 static int hf_kerberos_kvno = -1;                 /* UInt32 */
221 static int hf_kerberos_encryptedTicketData_cipher = -1;  /* T_encryptedTicketData_cipher */
222 static int hf_kerberos_encryptedAuthorizationData_cipher = -1;  /* T_encryptedAuthorizationData_cipher */
223 static int hf_kerberos_encryptedKDCREPData_cipher = -1;  /* T_encryptedKDCREPData_cipher */
224 static int hf_kerberos_encryptedAPREPData_cipher = -1;  /* T_encryptedAPREPData_cipher */
225 static int hf_kerberos_encryptedKrbPrivData_cipher = -1;  /* T_encryptedKrbPrivData_cipher */
226 static int hf_kerberos_encryptedKrbCredData_cipher = -1;  /* T_encryptedKrbCredData_cipher */
227 static int hf_kerberos_tkt_vno = -1;              /* INTEGER_5 */
228 static int hf_kerberos_realm = -1;                /* Realm */
229 static int hf_kerberos_sname = -1;                /* SName */
230 static int hf_kerberos_ticket_enc_part = -1;      /* EncryptedTicketData */
231 static int hf_kerberos_flags = -1;                /* TicketFlags */
232 static int hf_kerberos_key = -1;                  /* EncryptionKey */
233 static int hf_kerberos_crealm = -1;               /* Realm */
234 static int hf_kerberos_cname = -1;                /* CName */
235 static int hf_kerberos_transited = -1;            /* TransitedEncoding */
236 static int hf_kerberos_authtime = -1;             /* KerberosTime */
237 static int hf_kerberos_starttime = -1;            /* KerberosTime */
238 static int hf_kerberos_endtime = -1;              /* KerberosTime */
239 static int hf_kerberos_renew_till = -1;           /* KerberosTime */
240 static int hf_kerberos_caddr = -1;                /* HostAddresses */
241 static int hf_kerberos_authorization_data = -1;   /* AuthorizationData */
242 static int hf_kerberos_tr_type = -1;              /* Int32 */
243 static int hf_kerberos_contents = -1;             /* OCTET_STRING */
244 static int hf_kerberos_pvno = -1;                 /* INTEGER_5 */
245 static int hf_kerberos_msg_type = -1;             /* MESSAGE_TYPE */
246 static int hf_kerberos_padata = -1;               /* SEQUENCE_OF_PA_DATA */
247 static int hf_kerberos_padata_item = -1;          /* PA_DATA */
248 static int hf_kerberos_req_body = -1;             /* KDC_REQ_BODY */
249 static int hf_kerberos_kdc_options = -1;          /* KDCOptions */
250 static int hf_kerberos_from = -1;                 /* KerberosTime */
251 static int hf_kerberos_till = -1;                 /* KerberosTime */
252 static int hf_kerberos_rtime = -1;                /* KerberosTime */
253 static int hf_kerberos_nonce = -1;                /* UInt32 */
254 static int hf_kerberos_kDC_REQ_BODY_etype = -1;   /* SEQUENCE_OF_ENCTYPE */
255 static int hf_kerberos_kDC_REQ_BODY_etype_item = -1;  /* ENCTYPE */
256 static int hf_kerberos_addresses = -1;            /* HostAddresses */
257 static int hf_kerberos_enc_authorization_data = -1;  /* EncryptedAuthorizationData */
258 static int hf_kerberos_additional_tickets = -1;   /* SEQUENCE_OF_Ticket */
259 static int hf_kerberos_additional_tickets_item = -1;  /* Ticket */
260 static int hf_kerberos_kDC_REP_enc_part = -1;     /* EncryptedKDCREPData */
261 static int hf_kerberos_last_req = -1;             /* LastReq */
262 static int hf_kerberos_key_expiration = -1;       /* KerberosTime */
263 static int hf_kerberos_srealm = -1;               /* Realm */
264 static int hf_kerberos_encrypted_pa_data = -1;    /* METHOD_DATA */
265 static int hf_kerberos_LastReq_item = -1;         /* LastReq_item */
266 static int hf_kerberos_lr_type = -1;              /* LR_TYPE */
267 static int hf_kerberos_lr_value = -1;             /* KerberosTime */
268 static int hf_kerberos_ap_options = -1;           /* APOptions */
269 static int hf_kerberos_authenticator_01 = -1;     /* EncryptedAuthorizationData */
270 static int hf_kerberos_authenticator_vno = -1;    /* INTEGER_5 */
271 static int hf_kerberos_cksum = -1;                /* Checksum */
272 static int hf_kerberos_cusec = -1;                /* Microseconds */
273 static int hf_kerberos_ctime = -1;                /* KerberosTime */
274 static int hf_kerberos_subkey = -1;               /* EncryptionKey */
275 static int hf_kerberos_seq_number = -1;           /* UInt32 */
276 static int hf_kerberos_aP_REP_enc_part = -1;      /* EncryptedAPREPData */
277 static int hf_kerberos_safe_body = -1;            /* KRB_SAFE_BODY */
278 static int hf_kerberos_kRB_SAFE_BODY_user_data = -1;  /* T_kRB_SAFE_BODY_user_data */
279 static int hf_kerberos_timestamp = -1;            /* KerberosTime */
280 static int hf_kerberos_usec = -1;                 /* Microseconds */
281 static int hf_kerberos_s_address = -1;            /* HostAddress */
282 static int hf_kerberos_r_address = -1;            /* HostAddress */
283 static int hf_kerberos_kRB_PRIV_enc_part = -1;    /* EncryptedKrbPrivData */
284 static int hf_kerberos_encKrbPrivPart_user_data = -1;  /* T_encKrbPrivPart_user_data */
285 static int hf_kerberos_tickets = -1;              /* SEQUENCE_OF_Ticket */
286 static int hf_kerberos_tickets_item = -1;         /* Ticket */
287 static int hf_kerberos_kRB_CRED_enc_part = -1;    /* EncryptedKrbCredData */
288 static int hf_kerberos_ticket_info = -1;          /* SEQUENCE_OF_KrbCredInfo */
289 static int hf_kerberos_ticket_info_item = -1;     /* KrbCredInfo */
290 static int hf_kerberos_prealm = -1;               /* Realm */
291 static int hf_kerberos_pname = -1;                /* PrincipalName */
292 static int hf_kerberos_stime = -1;                /* KerberosTime */
293 static int hf_kerberos_susec = -1;                /* Microseconds */
294 static int hf_kerberos_error_code = -1;           /* ERROR_CODE */
295 static int hf_kerberos_e_text = -1;               /* KerberosString */
296 static int hf_kerberos_e_data = -1;               /* T_e_data */
297 static int hf_kerberos_e_checksum = -1;           /* Checksum */
298 static int hf_kerberos_METHOD_DATA_item = -1;     /* PA_DATA */
299 static int hf_kerberos_pA_ENC_TIMESTAMP_cipher = -1;  /* T_pA_ENC_TIMESTAMP_cipher */
300 static int hf_kerberos_salt = -1;                 /* OCTET_STRING */
301 static int hf_kerberos_ETYPE_INFO_item = -1;      /* ETYPE_INFO_ENTRY */
302 static int hf_kerberos_salt_01 = -1;              /* KerberosString */
303 static int hf_kerberos_s2kparams = -1;            /* OCTET_STRING */
304 static int hf_kerberos_ETYPE_INFO2_item = -1;     /* ETYPE_INFO2_ENTRY */
305 static int hf_kerberos_name = -1;                 /* PrincipalName */
306 static int hf_kerberos_auth = -1;                 /* GeneralString */
307 static int hf_kerberos_include_pac = -1;          /* BOOLEAN */
308 static int hf_kerberos_newpasswd = -1;            /* OCTET_STRING */
309 static int hf_kerberos_targname = -1;             /* PrincipalName */
310 static int hf_kerberos_targrealm = -1;            /* Realm */
311 /* named bits */
312 static int hf_kerberos_APOptions_reserved = -1;
313 static int hf_kerberos_APOptions_use_session_key = -1;
314 static int hf_kerberos_APOptions_mutual_required = -1;
315 static int hf_kerberos_TicketFlags_reserved = -1;
316 static int hf_kerberos_TicketFlags_forwardable = -1;
317 static int hf_kerberos_TicketFlags_forwarded = -1;
318 static int hf_kerberos_TicketFlags_proxiable = -1;
319 static int hf_kerberos_TicketFlags_proxy = -1;
320 static int hf_kerberos_TicketFlags_may_postdate = -1;
321 static int hf_kerberos_TicketFlags_postdated = -1;
322 static int hf_kerberos_TicketFlags_invalid = -1;
323 static int hf_kerberos_TicketFlags_renewable = -1;
324 static int hf_kerberos_TicketFlags_initial = -1;
325 static int hf_kerberos_TicketFlags_pre_authent = -1;
326 static int hf_kerberos_TicketFlags_hw_authent = -1;
327 static int hf_kerberos_TicketFlags_transited_policy_checked = -1;
328 static int hf_kerberos_TicketFlags_ok_as_delegate = -1;
329 static int hf_kerberos_TicketFlags_anonymous = -1;
330 static int hf_kerberos_KDCOptions_reserved = -1;
331 static int hf_kerberos_KDCOptions_forwardable = -1;
332 static int hf_kerberos_KDCOptions_forwarded = -1;
333 static int hf_kerberos_KDCOptions_proxiable = -1;
334 static int hf_kerberos_KDCOptions_proxy = -1;
335 static int hf_kerberos_KDCOptions_allow_postdate = -1;
336 static int hf_kerberos_KDCOptions_postdated = -1;
337 static int hf_kerberos_KDCOptions_unused7 = -1;
338 static int hf_kerberos_KDCOptions_renewable = -1;
339 static int hf_kerberos_KDCOptions_unused9 = -1;
340 static int hf_kerberos_KDCOptions_unused10 = -1;
341 static int hf_kerberos_KDCOptions_opt_hardware_auth = -1;
342 static int hf_kerberos_KDCOptions_request_anonymous = -1;
343 static int hf_kerberos_KDCOptions_canonicalize = -1;
344 static int hf_kerberos_KDCOptions_constrained_delegation = -1;
345 static int hf_kerberos_KDCOptions_disable_transited_check = -1;
346 static int hf_kerberos_KDCOptions_renewable_ok = -1;
347 static int hf_kerberos_KDCOptions_enc_tkt_in_skey = -1;
348 static int hf_kerberos_KDCOptions_renew = -1;
349 static int hf_kerberos_KDCOptions_validate = -1;
350
351 /*--- End of included file: packet-kerberos-hf.c ---*/
352 #line 172 "./asn1/kerberos/packet-kerberos-template.c"
353
354 /* Initialize the subtree pointers */
355 static gint ett_kerberos = -1;
356 static gint ett_krb_recordmark = -1;
357 static gint ett_krb_pac = -1;
358 static gint ett_krb_pac_drep = -1;
359 static gint ett_krb_pac_midl_blob = -1;
360 static gint ett_krb_pac_logon_info = -1;
361 static gint ett_krb_pac_s4u_delegation_info = -1;
362 static gint ett_krb_pac_upn_dns_info = -1;
363 static gint ett_krb_pac_server_checksum = -1;
364 static gint ett_krb_pac_privsvr_checksum = -1;
365 static gint ett_krb_pac_client_info_type = -1;
366
367 /*--- Included file: packet-kerberos-ett.c ---*/
368 #line 1 "./asn1/kerberos/packet-kerberos-ett.c"
369 static gint ett_kerberos_Applications = -1;
370 static gint ett_kerberos_PrincipalName = -1;
371 static gint ett_kerberos_SEQUENCE_OF_KerberosString = -1;
372 static gint ett_kerberos_CName = -1;
373 static gint ett_kerberos_SEQUENCE_OF_CNameString = -1;
374 static gint ett_kerberos_SName = -1;
375 static gint ett_kerberos_SEQUENCE_OF_SNameString = -1;
376 static gint ett_kerberos_HostAddress = -1;
377 static gint ett_kerberos_HostAddresses = -1;
378 static gint ett_kerberos_AuthorizationData = -1;
379 static gint ett_kerberos_AuthorizationData_item = -1;
380 static gint ett_kerberos_PA_DATA = -1;
381 static gint ett_kerberos_EncryptionKey = -1;
382 static gint ett_kerberos_Checksum = -1;
383 static gint ett_kerberos_EncryptedTicketData = -1;
384 static gint ett_kerberos_EncryptedAuthorizationData = -1;
385 static gint ett_kerberos_EncryptedKDCREPData = -1;
386 static gint ett_kerberos_EncryptedAPREPData = -1;
387 static gint ett_kerberos_EncryptedKrbPrivData = -1;
388 static gint ett_kerberos_EncryptedKrbCredData = -1;
389 static gint ett_kerberos_Ticket_U = -1;
390 static gint ett_kerberos_EncTicketPart_U = -1;
391 static gint ett_kerberos_TransitedEncoding = -1;
392 static gint ett_kerberos_KDC_REQ = -1;
393 static gint ett_kerberos_SEQUENCE_OF_PA_DATA = -1;
394 static gint ett_kerberos_KDC_REQ_BODY = -1;
395 static gint ett_kerberos_SEQUENCE_OF_ENCTYPE = -1;
396 static gint ett_kerberos_SEQUENCE_OF_Ticket = -1;
397 static gint ett_kerberos_KDC_REP = -1;
398 static gint ett_kerberos_EncKDCRepPart = -1;
399 static gint ett_kerberos_LastReq = -1;
400 static gint ett_kerberos_LastReq_item = -1;
401 static gint ett_kerberos_AP_REQ_U = -1;
402 static gint ett_kerberos_Authenticator_U = -1;
403 static gint ett_kerberos_AP_REP_U = -1;
404 static gint ett_kerberos_EncAPRepPart_U = -1;
405 static gint ett_kerberos_KRB_SAFE_U = -1;
406 static gint ett_kerberos_KRB_SAFE_BODY = -1;
407 static gint ett_kerberos_KRB_PRIV_U = -1;
408 static gint ett_kerberos_EncKrbPrivPart = -1;
409 static gint ett_kerberos_KRB_CRED_U = -1;
410 static gint ett_kerberos_EncKrbCredPart_U = -1;
411 static gint ett_kerberos_SEQUENCE_OF_KrbCredInfo = -1;
412 static gint ett_kerberos_KrbCredInfo = -1;
413 static gint ett_kerberos_KRB_ERROR_U = -1;
414 static gint ett_kerberos_METHOD_DATA = -1;
415 static gint ett_kerberos_PA_ENC_TIMESTAMP = -1;
416 static gint ett_kerberos_ETYPE_INFO_ENTRY = -1;
417 static gint ett_kerberos_ETYPE_INFO = -1;
418 static gint ett_kerberos_ETYPE_INFO2_ENTRY = -1;
419 static gint ett_kerberos_ETYPE_INFO2 = -1;
420 static gint ett_kerberos_APOptions = -1;
421 static gint ett_kerberos_TicketFlags = -1;
422 static gint ett_kerberos_KDCOptions = -1;
423 static gint ett_kerberos_PA_S4U2Self = -1;
424 static gint ett_kerberos_KERB_PA_PAC_REQUEST = -1;
425 static gint ett_kerberos_ChangePasswdData = -1;
426
427 /*--- End of included file: packet-kerberos-ett.c ---*/
428 #line 186 "./asn1/kerberos/packet-kerberos-template.c"
429
430 static expert_field ei_kerberos_decrypted_keytype = EI_INIT;
431 static expert_field ei_kerberos_address = EI_INIT;
432 static expert_field ei_krb_gssapi_dlglen = EI_INIT;
433
434 static dissector_handle_t krb4_handle=NULL;
435
436 /* Global variables */
437 static guint32 krb5_errorcode;
438 static guint32 gbl_keytype;
439 static gboolean gbl_do_col_info;
440
441
442 /*--- Included file: packet-kerberos-val.h ---*/
443 #line 1 "./asn1/kerberos/packet-kerberos-val.h"
444 #define id_krb5                        "1.3.6.1.5.2"
445
446 /* enumerated values for ADDR_TYPE */
447 #define KERBEROS_ADDR_TYPE_IPV4   2
448 #define KERBEROS_ADDR_TYPE_CHAOS   5
449 #define KERBEROS_ADDR_TYPE_XEROX   6
450 #define KERBEROS_ADDR_TYPE_ISO   7
451 #define KERBEROS_ADDR_TYPE_DECNET  12
452 #define KERBEROS_ADDR_TYPE_APPLETALK  16
453 #define KERBEROS_ADDR_TYPE_NETBIOS  20
454 #define KERBEROS_ADDR_TYPE_IPV6  24
455
456 /*--- End of included file: packet-kerberos-val.h ---*/
457 #line 199 "./asn1/kerberos/packet-kerberos-template.c"
458
459 static void
460 call_kerberos_callbacks(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int tag, kerberos_callbacks *cb)
461 {
462         if(!cb){
463                 return;
464         }
465
466         while(cb->tag){
467                 if(cb->tag==tag){
468                         cb->callback(pinfo, tvb, tree);
469                         return;
470                 }
471                 cb++;
472         }
473         return;
474 }
475
476 static kerberos_private_data_t*
477 kerberos_get_private_data(asn1_ctx_t *actx)
478 {
479         if (!actx->private_data) {
480                 actx->private_data = wmem_new0(wmem_packet_scope(), kerberos_private_data_t);
481         }
482         return (kerberos_private_data_t *)(actx->private_data);
483 }
484
485 #ifdef HAVE_KERBEROS
486
487 /* Decrypt Kerberos blobs */
488 gboolean krb_decrypt = FALSE;
489
490 /* keytab filename */
491 static const char *keytab_filename = "";
492
493 void
494 read_keytab_file_from_preferences(void)
495 {
496         static char *last_keytab = NULL;
497
498         if (!krb_decrypt) {
499                 return;
500         }
501
502         if (keytab_filename == NULL) {
503                 return;
504         }
505
506         if (last_keytab && !strcmp(last_keytab, keytab_filename)) {
507                 return;
508         }
509
510         if (last_keytab != NULL) {
511                 g_free(last_keytab);
512                 last_keytab = NULL;
513         }
514         last_keytab = g_strdup(keytab_filename);
515
516         read_keytab_file(last_keytab);
517 }
518 #endif /* HAVE_KERBEROS */
519
520 #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
521 #ifdef _WIN32
522 /* prevent redefinition warnings in kfw-2.5\inc\win_mac.h */
523 #undef HAVE_GETADDRINFO
524 #undef HAVE_SYS_TYPES_H
525 #endif /* _WIN32 */
526 #include <krb5.h>
527 enc_key_t *enc_key_list=NULL;
528
529 static void
530 add_encryption_key(packet_info *pinfo, int keytype, int keylength, const char *keyvalue, const char *origin)
531 {
532         enc_key_t *new_key;
533
534         if(pinfo->fd->flags.visited){
535                 return;
536         }
537
538         new_key=(enc_key_t *)g_malloc(sizeof(enc_key_t));
539         g_snprintf(new_key->key_origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u",origin,pinfo->num);
540         new_key->fd_num = pinfo->num;
541         new_key->next=enc_key_list;
542         enc_key_list=new_key;
543         new_key->keytype=keytype;
544         new_key->keylength=keylength;
545         /*XXX this needs to be freed later */
546         new_key->keyvalue=(char *)g_memdup(keyvalue, keylength);
547 }
548 #endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
549
550 #if defined(HAVE_MIT_KERBEROS)
551
552 static krb5_context krb5_ctx;
553
554 USES_APPLE_DEPRECATED_API
555 void
556 read_keytab_file(const char *filename)
557 {
558         krb5_keytab keytab;
559         krb5_error_code ret;
560         krb5_keytab_entry key;
561         krb5_kt_cursor cursor;
562         enc_key_t *new_key;
563         static gboolean first_time=TRUE;
564
565         if (filename == NULL || filename[0] == 0) {
566                 return;
567         }
568
569         if(first_time){
570                 first_time=FALSE;
571                 ret = krb5_init_context(&krb5_ctx);
572                 if(ret && ret != KRB5_CONFIG_CANTOPEN){
573                         return;
574                 }
575         }
576
577         /* should use a file in the wireshark users dir */
578         ret = krb5_kt_resolve(krb5_ctx, filename, &keytab);
579         if(ret){
580                 fprintf(stderr, "KERBEROS ERROR: Badly formatted keytab filename :%s\n",filename);
581
582                 return;
583         }
584
585         ret = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
586         if(ret){
587                 fprintf(stderr, "KERBEROS ERROR: Could not open or could not read from keytab file :%s\n",filename);
588                 return;
589         }
590
591         do{
592                 new_key=(enc_key_t *)g_malloc(sizeof(enc_key_t));
593                 new_key->fd_num = -1;
594                 new_key->next=enc_key_list;
595                 ret = krb5_kt_next_entry(krb5_ctx, keytab, &key, &cursor);
596                 if(ret==0){
597                         int i;
598                         char *pos;
599
600                         /* generate origin string, describing where this key came from */
601                         pos=new_key->key_origin;
602                         pos+=MIN(KRB_MAX_ORIG_LEN,
603                                          g_snprintf(pos, KRB_MAX_ORIG_LEN, "keytab principal "));
604                         for(i=0;i<key.principal->length;i++){
605                                 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
606                                                  g_snprintf(pos, (gulong)(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin)), "%s%s",(i?"/":""),(key.principal->data[i]).data));
607                         }
608                         pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
609                                          g_snprintf(pos, (gulong)(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin)), "@%s",key.principal->realm.data));
610                         *pos=0;
611                         new_key->keytype=key.key.enctype;
612                         new_key->keylength=key.key.length;
613                         new_key->keyvalue=(char *)g_memdup(key.key.contents, key.key.length);
614                         enc_key_list=new_key;
615                 }
616         }while(ret==0);
617
618         ret = krb5_kt_end_seq_get(krb5_ctx, keytab, &cursor);
619         if(ret){
620                 krb5_kt_close(krb5_ctx, keytab);
621         }
622 }
623
624
625 guint8 *
626 decrypt_krb5_data(proto_tree *tree _U_, packet_info *pinfo,
627                                         int usage,
628                                         tvbuff_t *cryptotvb,
629                                         int keytype,
630                                         int *datalen)
631 {
632         krb5_error_code ret;
633         enc_key_t *ek;
634         krb5_data data = {0,0,NULL};
635         krb5_keytab_entry key;
636         int length = tvb_captured_length(cryptotvb);
637         const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
638
639         /* don't do anything if we are not attempting to decrypt data */
640         if(!krb_decrypt || length < 1){
641                 return NULL;
642         }
643
644         /* make sure we have all the data we need */
645         if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
646                 return NULL;
647         }
648
649         read_keytab_file_from_preferences();
650         data.data = (char *)g_malloc(length);
651         data.length = length;
652
653         for(ek=enc_key_list;ek;ek=ek->next){
654                 krb5_enc_data input;
655
656                 /* shortcircuit and bail out if enctypes are not matching */
657                 if((keytype != -1) && (ek->keytype != keytype)) {
658                         continue;
659                 }
660
661                 input.enctype = ek->keytype;
662                 input.ciphertext.length = length;
663                 input.ciphertext.data = (guint8 *)cryptotext;
664
665                 key.key.enctype=ek->keytype;
666                 key.key.length=ek->keylength;
667                 key.key.contents=ek->keyvalue;
668                 ret = krb5_c_decrypt(krb5_ctx, &(key.key), usage, 0, &input, &data);
669                 if(ret == 0){
670                         char *user_data;
671
672                         expert_add_info_format(pinfo, NULL, &ei_kerberos_decrypted_keytype,
673                                                                    "Decrypted keytype %d in frame %u using %s",
674                                                                    ek->keytype, pinfo->num, ek->key_origin);
675
676                         /* return a private g_malloced blob to the caller */
677                         user_data=data.data;
678                         if (datalen) {
679                                 *datalen = data.length;
680                         }
681                         return user_data;
682                 }
683         }
684         g_free(data.data);
685
686         return NULL;
687 }
688 USES_APPLE_RST
689
690 #elif defined(HAVE_HEIMDAL_KERBEROS)
691 static krb5_context krb5_ctx;
692
693 USES_APPLE_DEPRECATED_API
694 void
695 read_keytab_file(const char *filename)
696 {
697         krb5_keytab keytab;
698         krb5_error_code ret;
699         krb5_keytab_entry key;
700         krb5_kt_cursor cursor;
701         enc_key_t *new_key;
702         static gboolean first_time=TRUE;
703
704         if (filename == NULL || filename[0] == 0) {
705                 return;
706         }
707
708         if(first_time){
709                 first_time=FALSE;
710                 ret = krb5_init_context(&krb5_ctx);
711                 if(ret){
712                         return;
713                 }
714         }
715
716         /* should use a file in the wireshark users dir */
717         ret = krb5_kt_resolve(krb5_ctx, filename, &keytab);
718         if(ret){
719                 fprintf(stderr, "KERBEROS ERROR: Could not open keytab file :%s\n",filename);
720
721                 return;
722         }
723
724         ret = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
725         if(ret){
726                 fprintf(stderr, "KERBEROS ERROR: Could not read from keytab file :%s\n",filename);
727                 return;
728         }
729
730         do{
731                 new_key = (enc_key_t *)g_malloc(sizeof(enc_key_t));
732                 new_key->fd_num = -1;
733                 new_key->next=enc_key_list;
734                 ret = krb5_kt_next_entry(krb5_ctx, keytab, &key, &cursor);
735                 if(ret==0){
736                         unsigned int i;
737                         char *pos;
738
739                         /* generate origin string, describing where this key came from */
740                         pos=new_key->key_origin;
741                         pos+=MIN(KRB_MAX_ORIG_LEN,
742                                          g_snprintf(pos, KRB_MAX_ORIG_LEN, "keytab principal "));
743                         for(i=0;i<key.principal->name.name_string.len;i++){
744                                 pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
745                                                  g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "%s%s",(i?"/":""),key.principal->name.name_string.val[i]));
746                         }
747                         pos+=MIN(KRB_MAX_ORIG_LEN-(pos-new_key->key_origin),
748                                          g_snprintf(pos, KRB_MAX_ORIG_LEN-(pos-new_key->key_origin), "@%s",key.principal->realm));
749                         *pos=0;
750                         new_key->keytype=key.keyblock.keytype;
751                         new_key->keylength=(int)key.keyblock.keyvalue.length;
752                         new_key->keyvalue = (guint8 *)g_memdup(key.keyblock.keyvalue.data, (guint)key.keyblock.keyvalue.length);
753                         enc_key_list=new_key;
754                 }
755         }while(ret==0);
756
757         ret = krb5_kt_end_seq_get(krb5_ctx, keytab, &cursor);
758         if(ret){
759                 krb5_kt_close(krb5_ctx, keytab);
760         }
761
762 }
763 USES_APPLE_RST
764
765
766 guint8 *
767 decrypt_krb5_data(proto_tree *tree _U_, packet_info *pinfo,
768                                         int usage,
769                                         tvbuff_t *cryptotvb,
770                                         int keytype,
771                                         int *datalen)
772 {
773         krb5_error_code ret;
774         krb5_data data;
775         enc_key_t *ek;
776         int length = tvb_captured_length(cryptotvb);
777         const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
778
779         /* don't do anything if we are not attempting to decrypt data */
780         if(!krb_decrypt){
781                 return NULL;
782         }
783
784         /* make sure we have all the data we need */
785         if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
786                 return NULL;
787         }
788
789         read_keytab_file_from_preferences();
790
791         for(ek=enc_key_list;ek;ek=ek->next){
792                 krb5_keytab_entry key;
793                 krb5_crypto crypto;
794                 guint8 *cryptocopy; /* workaround for pre-0.6.1 heimdal bug */
795
796                 /* shortcircuit and bail out if enctypes are not matching */
797                 if((keytype != -1) && (ek->keytype != keytype)) {
798                         continue;
799                 }
800
801                 key.keyblock.keytype=ek->keytype;
802                 key.keyblock.keyvalue.length=ek->keylength;
803                 key.keyblock.keyvalue.data=ek->keyvalue;
804                 ret = krb5_crypto_init(krb5_ctx, &(key.keyblock), (krb5_enctype)ENCTYPE_NULL, &crypto);
805                 if(ret){
806                         return NULL;
807                 }
808
809                 /* pre-0.6.1 versions of Heimdal would sometimes change
810                    the cryptotext data even when the decryption failed.
811                    This would obviously not work since we iterate over the
812                    keys. So just give it a copy of the crypto data instead.
813                    This has been seen for RC4-HMAC blobs.
814                 */
815                 cryptocopy = (guint8 *)g_memdup(cryptotext, length);
816                 ret = krb5_decrypt_ivec(krb5_ctx, crypto, usage,
817                                                                 cryptocopy, length,
818                                                                 &data,
819                                                                 NULL);
820                 g_free(cryptocopy);
821                 if((ret == 0) && (length>0)){
822                         char *user_data;
823
824                         expert_add_info_format(pinfo, NULL, &ei_kerberos_decrypted_keytype,
825                                                                    "Decrypted keytype %d in frame %u using %s",
826                                                                    ek->keytype, pinfo->num, ek->key_origin);
827
828                         krb5_crypto_destroy(krb5_ctx, crypto);
829                         /* return a private g_malloced blob to the caller */
830                         user_data = (char *)g_memdup(data.data, (guint)data.length);
831                         if (datalen) {
832                                 *datalen = (int)data.length;
833                         }
834                         return user_data;
835                 }
836                 krb5_crypto_destroy(krb5_ctx, crypto);
837         }
838         return NULL;
839 }
840
841 #elif defined (HAVE_LIBNETTLE)
842
843 #define SERVICE_KEY_SIZE (DES3_KEY_SIZE + 2)
844 #define KEYTYPE_DES3_CBC_MD5 5  /* Currently the only one supported */
845
846 typedef struct _service_key_t {
847         guint16 kvno;
848         int     keytype;
849         int     length;
850         guint8 *contents;
851         char    origin[KRB_MAX_ORIG_LEN+1];
852 } service_key_t;
853 GSList *service_key_list = NULL;
854
855
856 static void
857 add_encryption_key(packet_info *pinfo, int keytype, int keylength, const char *keyvalue, const char *origin)
858 {
859         service_key_t *new_key;
860
861         if(pinfo->fd->flags.visited){
862                 return;
863         }
864
865         new_key = g_malloc(sizeof(service_key_t));
866         new_key->kvno = 0;
867         new_key->keytype = keytype;
868         new_key->length = keylength;
869         new_key->contents = g_memdup(keyvalue, keylength);
870         g_snprintf(new_key->origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u", origin, pinfo->num);
871         service_key_list = g_slist_append(service_key_list, (gpointer) new_key);
872 }
873
874 static void
875 clear_keytab(void) {
876         GSList *ske;
877         service_key_t *sk;
878
879         for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
880                 sk = (service_key_t *) ske->data;
881                 if (sk) {
882                                         g_free(sk->contents);
883                                         g_free(sk);
884                                 }
885         }
886         g_slist_free(service_key_list);
887         service_key_list = NULL;
888 }
889
890 static void
891 read_keytab_file(const char *service_key_file)
892 {
893         FILE *skf;
894         ws_statb64 st;
895         service_key_t *sk;
896         unsigned char buf[SERVICE_KEY_SIZE];
897         int newline_skip = 0, count = 0;
898
899         if (service_key_file != NULL && ws_stat64 (service_key_file, &st) == 0) {
900
901                 /* The service key file contains raw 192-bit (24 byte) 3DES keys.
902                  * There can be zero, one (\n), or two (\r\n) characters between
903                  * keys.  Trailing characters are ignored.
904                  */
905
906                 /* XXX We should support the standard keytab format instead */
907                 if (st.st_size > SERVICE_KEY_SIZE) {
908                         if ( (st.st_size % (SERVICE_KEY_SIZE + 1) == 0) ||
909                                  (st.st_size % (SERVICE_KEY_SIZE + 1) == SERVICE_KEY_SIZE) ) {
910                                 newline_skip = 1;
911                         } else if ( (st.st_size % (SERVICE_KEY_SIZE + 2) == 0) ||
912                                  (st.st_size % (SERVICE_KEY_SIZE + 2) == SERVICE_KEY_SIZE) ) {
913                                 newline_skip = 2;
914                         }
915                 }
916
917                 skf = ws_fopen(service_key_file, "rb");
918                 if (! skf) return;
919
920                 while (fread(buf, SERVICE_KEY_SIZE, 1, skf) == 1) {
921                         sk = g_malloc(sizeof(service_key_t));
922                         sk->kvno = buf[0] << 8 | buf[1];
923                         sk->keytype = KEYTYPE_DES3_CBC_MD5;
924                         sk->length = DES3_KEY_SIZE;
925                         sk->contents = g_memdup(buf + 2, DES3_KEY_SIZE);
926                         g_snprintf(sk->origin, KRB_MAX_ORIG_LEN, "3DES service key file, key #%d, offset %ld", count, ftell(skf));
927                         service_key_list = g_slist_append(service_key_list, (gpointer) sk);
928                         if (fseek(skf, newline_skip, SEEK_CUR) < 0) {
929                                 fprintf(stderr, "unable to seek...\n");
930                                 return;
931                         }
932                         count++;
933                 }
934                 fclose(skf);
935         }
936 }
937
938 #define CONFOUNDER_PLUS_CHECKSUM 24
939
940 guint8 *
941 decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
942                                         int _U_ usage,
943                                         tvbuff_t *cryptotvb,
944                                         int keytype,
945                                         int *datalen)
946 {
947         tvbuff_t *encr_tvb;
948         guint8 *decrypted_data = NULL, *plaintext = NULL;
949         guint8 cls;
950         gboolean pc;
951         guint32 tag, item_len, data_len;
952         int id_offset, offset;
953         guint8 key[DES3_KEY_SIZE];
954         guint8 initial_vector[DES_BLOCK_SIZE];
955         md5_state_t md5s;
956         md5_byte_t digest[16];
957         md5_byte_t zero_fill[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
958         md5_byte_t confounder[8];
959         gboolean ind;
960         GSList *ske;
961         service_key_t *sk;
962         struct des3_ctx ctx;
963         int length = tvb_captured_length(cryptotvb);
964         const guint8 *cryptotext = tvb_get_ptr(cryptotvb, 0, length);
965
966
967         /* don't do anything if we are not attempting to decrypt data */
968         if(!krb_decrypt){
969                 return NULL;
970         }
971
972         /* make sure we have all the data we need */
973         if (tvb_captured_length(cryptotvb) < tvb_reported_length(cryptotvb)) {
974                 return NULL;
975         }
976
977         if (keytype != KEYTYPE_DES3_CBC_MD5 || service_key_list == NULL) {
978                 return NULL;
979         }
980
981         decrypted_data = g_malloc(length);
982         for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
983                 gboolean do_continue = FALSE;
984                 sk = (service_key_t *) ske->data;
985
986                 des_fix_parity(DES3_KEY_SIZE, key, sk->contents);
987
988                 md5_init(&md5s);
989                 memset(initial_vector, 0, DES_BLOCK_SIZE);
990                 des3_set_key(&ctx, key);
991                 cbc_decrypt(&ctx, des3_decrypt, DES_BLOCK_SIZE, initial_vector,
992                                         length, decrypted_data, cryptotext);
993                 encr_tvb = tvb_new_real_data(decrypted_data, length, length);
994
995                 tvb_memcpy(encr_tvb, confounder, 0, 8);
996
997                 /* We have to pull the decrypted data length from the decrypted
998                  * content.  If the key doesn't match or we otherwise get garbage,
999                  * an exception may get thrown while decoding the ASN.1 header.
1000                  * Catch it, just in case.
1001                  */
1002                 TRY {
1003                         id_offset = get_ber_identifier(encr_tvb, CONFOUNDER_PLUS_CHECKSUM, &cls, &pc, &tag);
1004                         offset = get_ber_length(encr_tvb, id_offset, &item_len, &ind);
1005                 }
1006                 CATCH_BOUNDS_ERRORS {
1007                         tvb_free(encr_tvb);
1008                         do_continue = TRUE;
1009                 }
1010                 ENDTRY;
1011
1012                 if (do_continue) continue;
1013
1014                 data_len = item_len + offset - CONFOUNDER_PLUS_CHECKSUM;
1015                 if ((int) item_len + offset > length) {
1016                         tvb_free(encr_tvb);
1017                         continue;
1018                 }
1019
1020                 md5_append(&md5s, confounder, 8);
1021                 md5_append(&md5s, zero_fill, 16);
1022                 md5_append(&md5s, decrypted_data + CONFOUNDER_PLUS_CHECKSUM, data_len);
1023                 md5_finish(&md5s, digest);
1024
1025                 if (tvb_memeql (encr_tvb, 8, digest, 16) == 0) {
1026                         plaintext = g_malloc(data_len);
1027                         tvb_memcpy(encr_tvb, plaintext, CONFOUNDER_PLUS_CHECKSUM, data_len);
1028                         tvb_free(encr_tvb);
1029
1030                         if (datalen) {
1031                                 *datalen = data_len;
1032                         }
1033                         g_free(decrypted_data);
1034                         return(plaintext);
1035                 }
1036                 tvb_free(encr_tvb);
1037         }
1038
1039         g_free(decrypted_data);
1040         return NULL;
1041 }
1042
1043 #endif  /* HAVE_MIT_KERBEROS / HAVE_HEIMDAL_KERBEROS / HAVE_LIBNETTLE */
1044
1045 #define INET6_ADDRLEN   16
1046
1047 /* TCP Record Mark */
1048 #define KRB_RM_RESERVED 0x80000000U
1049 #define KRB_RM_RECLEN   0x7fffffffU
1050
1051 #define KRB5_MSG_TICKET                 1       /* Ticket */
1052 #define KRB5_MSG_AUTHENTICATOR          2       /* Authenticator */
1053 #define KRB5_MSG_ENC_TICKET_PART        3       /* EncTicketPart */
1054 #define KRB5_MSG_AS_REQ                 10      /* AS-REQ type */
1055 #define KRB5_MSG_AS_REP                 11      /* AS-REP type */
1056 #define KRB5_MSG_TGS_REQ                12      /* TGS-REQ type */
1057 #define KRB5_MSG_TGS_REP                13      /* TGS-REP type */
1058 #define KRB5_MSG_AP_REQ                 14      /* AP-REQ type */
1059 #define KRB5_MSG_AP_REP                 15      /* AP-REP type */
1060
1061 #define KRB5_MSG_SAFE                   20      /* KRB-SAFE type */
1062 #define KRB5_MSG_PRIV                   21      /* KRB-PRIV type */
1063 #define KRB5_MSG_CRED                   22      /* KRB-CRED type */
1064 #define KRB5_MSG_ENC_AS_REP_PART        25      /* EncASRepPart */
1065 #define KRB5_MSG_ENC_TGS_REP_PART       26      /* EncTGSRepPart */
1066 #define KRB5_MSG_ENC_AP_REP_PART        27      /* EncAPRepPart */
1067 #define KRB5_MSG_ENC_KRB_PRIV_PART      28      /* EncKrbPrivPart */
1068 #define KRB5_MSG_ENC_KRB_CRED_PART      29      /* EncKrbCredPart */
1069 #define KRB5_MSG_ERROR                  30      /* KRB-ERROR type */
1070
1071 /* encryption type constants */
1072 #define KRB5_ENCTYPE_NULL               0
1073 #define KRB5_ENCTYPE_DES_CBC_CRC        1
1074 #define KRB5_ENCTYPE_DES_CBC_MD4        2
1075 #define KRB5_ENCTYPE_DES_CBC_MD5        3
1076 #define KRB5_ENCTYPE_DES_CBC_RAW        4
1077 #define KRB5_ENCTYPE_DES3_CBC_SHA       5
1078 #define KRB5_ENCTYPE_DES3_CBC_RAW       6
1079 #define KRB5_ENCTYPE_DES_HMAC_SHA1      8
1080 #define KRB5_ENCTYPE_DSA_SHA1_CMS       9
1081 #define KRB5_ENCTYPE_RSA_MD5_CMS        10
1082 #define KRB5_ENCTYPE_RSA_SHA1_CMS       11
1083 #define KRB5_ENCTYPE_RC2_CBC_ENV        12
1084 #define KRB5_ENCTYPE_RSA_ENV            13
1085 #define KRB5_ENCTYPE_RSA_ES_OEAP_ENV    14
1086 #define KRB5_ENCTYPE_DES_EDE3_CBC_ENV   15
1087 #define KRB5_ENCTYPE_DES3_CBC_SHA1      16
1088 #define KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 17
1089 #define KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 18
1090 #define KRB5_ENCTYPE_DES_CBC_MD5_NT     20
1091 #define KERB_ENCTYPE_RC4_HMAC           23
1092 #define KERB_ENCTYPE_RC4_HMAC_EXP       24
1093 #define KRB5_ENCTYPE_UNKNOWN            0x1ff
1094 #define KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1       0x7007
1095 #define KRB5_ENCTYPE_RC4_PLAIN_EXP      0xffffff73
1096 #define KRB5_ENCTYPE_RC4_PLAIN          0xffffff74
1097 #define KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP  0xffffff78
1098 #define KRB5_ENCTYPE_RC4_HMAC_OLD_EXP   0xffffff79
1099 #define KRB5_ENCTYPE_RC4_PLAIN_OLD      0xffffff7a
1100 #define KRB5_ENCTYPE_RC4_HMAC_OLD       0xffffff7b
1101 #define KRB5_ENCTYPE_DES_PLAIN          0xffffff7c
1102 #define KRB5_ENCTYPE_RC4_SHA            0xffffff7d
1103 #define KRB5_ENCTYPE_RC4_LM             0xffffff7e
1104 #define KRB5_ENCTYPE_RC4_PLAIN2         0xffffff7f
1105 #define KRB5_ENCTYPE_RC4_MD4            0xffffff80
1106
1107 /* checksum types */
1108 #define KRB5_CHKSUM_NONE                0
1109 #define KRB5_CHKSUM_CRC32               1
1110 #define KRB5_CHKSUM_MD4                 2
1111 #define KRB5_CHKSUM_KRB_DES_MAC         4
1112 #define KRB5_CHKSUM_KRB_DES_MAC_K       5
1113 #define KRB5_CHKSUM_MD5                 7
1114 #define KRB5_CHKSUM_MD5_DES             8
1115 /* the following four come from packetcable */
1116 #define KRB5_CHKSUM_MD5_DES3            9
1117 #define KRB5_CHKSUM_HMAC_SHA1_DES3_KD   12
1118 #define KRB5_CHKSUM_HMAC_SHA1_DES3      13
1119 #define KRB5_CHKSUM_SHA1_UNKEYED        14
1120 #define KRB5_CHKSUM_HMAC_MD5            0xffffff76
1121 #define KRB5_CHKSUM_MD5_HMAC            0xffffff77
1122 #define KRB5_CHKSUM_RC4_MD5             0xffffff78
1123 #define KRB5_CHKSUM_MD25                0xffffff79
1124 #define KRB5_CHKSUM_DES_MAC_MD5         0xffffff7a
1125 #define KRB5_CHKSUM_DES_MAC             0xffffff7b
1126 #define KRB5_CHKSUM_REAL_CRC32          0xffffff7c
1127 #define KRB5_CHKSUM_SHA1                0xffffff7d
1128 #define KRB5_CHKSUM_LM                  0xffffff7e
1129 #define KRB5_CHKSUM_GSSAPI              0x8003
1130
1131 /*
1132  * For KERB_ENCTYPE_RC4_HMAC and KERB_ENCTYPE_RC4_HMAC_EXP, see
1133  *
1134  *      http://www.ietf.org/internet-drafts/draft-brezak-win2k-krb-rc4-hmac-04.txt
1135  *
1136  * unless it's expired.
1137  */
1138
1139 /* pre-authentication type constants */
1140 #define KRB5_PA_TGS_REQ                 1
1141 #define KRB5_PA_ENC_TIMESTAMP           2
1142 #define KRB5_PA_PW_SALT                 3
1143 #define KRB5_PA_ENC_ENCKEY              4
1144 #define KRB5_PA_ENC_UNIX_TIME           5
1145 #define KRB5_PA_ENC_SANDIA_SECURID      6
1146 #define KRB5_PA_SESAME                  7
1147 #define KRB5_PA_OSF_DCE                 8
1148 #define KRB5_PA_CYBERSAFE_SECUREID      9
1149 #define KRB5_PA_AFS3_SALT               10
1150 #define KRB5_PA_ENCTYPE_INFO            11
1151 #define KRB5_PA_SAM_CHALLENGE           12
1152 #define KRB5_PA_SAM_RESPONSE            13
1153 #define KRB5_PA_PK_AS_REQ               14
1154 #define KRB5_PA_PK_AS_REP               15
1155 #define KRB5_PA_DASS                    16
1156 #define KRB5_PA_ENCTYPE_INFO2           19
1157 #define KRB5_PA_USE_SPECIFIED_KVNO      20
1158 #define KRB5_PA_SAM_REDIRECT            21
1159 #define KRB5_PA_GET_FROM_TYPED_DATA     22
1160 #define KRB5_PA_SAM_ETYPE_INFO          23
1161 #define KRB5_PA_ALT_PRINC               24
1162 #define KRB5_PA_SAM_CHALLENGE2          30
1163 #define KRB5_PA_SAM_RESPONSE2           31
1164 #define KRB5_TD_PKINIT_CMS_CERTIFICATES 101
1165 #define KRB5_TD_KRB_PRINCIPAL           102
1166 #define KRB5_TD_KRB_REALM               103
1167 #define KRB5_TD_TRUSTED_CERTIFIERS      104
1168 #define KRB5_TD_CERTIFICATE_INDEX       105
1169 #define KRB5_TD_APP_DEFINED_ERROR       106
1170 #define KRB5_TD_REQ_NONCE               107
1171 #define KRB5_TD_REQ_SEQ                 108
1172 /* preauthentication types >127 (i.e. negative ones) are app specific.
1173    however since Microsoft is the dominant(only?) user of types in this range
1174    we also treat the type as unsigned.
1175 */
1176 #define KRB5_PA_PAC_REQUEST             128    /* (Microsoft extension) */
1177 #define KRB5_PA_FOR_USER                129    /* Impersonation (Microsoft extension) See [MS-SFU]. XXX - replaced by KRB5_PA_S4U2SELF */
1178 #define KRB5_PA_S4U2SELF                129
1179
1180 #define KRB5_PA_PROV_SRV_LOCATION 0xffffffff    /* (gint32)0xFF) packetcable stuff */
1181 /* Principal name-type */
1182 #define KRB5_NT_UNKNOWN         0
1183 #define KRB5_NT_PRINCIPAL       1
1184 #define KRB5_NT_SRV_INST        2
1185 #define KRB5_NT_SRV_HST         3
1186 #define KRB5_NT_SRV_XHST        4
1187 #define KRB5_NT_UID             5
1188 #define KRB5_NT_X500_PRINCIPAL  6
1189 #define KRB5_NT_SMTP_NAME       7
1190 #define KRB5_NT_ENTERPRISE      10
1191
1192 /*
1193  * MS specific name types, from
1194  *
1195  *      http://msdn.microsoft.com/library/en-us/security/security/kerb_external_name.asp
1196  */
1197 #define KRB5_NT_MS_PRINCIPAL            -128
1198 #define KRB5_NT_MS_PRINCIPAL_AND_SID    -129
1199 #define KRB5_NT_ENT_PRINCIPAL_AND_SID   -130
1200 #define KRB5_NT_PRINCIPAL_AND_SID       -131
1201 #define KRB5_NT_SRV_INST_AND_SID        -132
1202
1203 /* error table constants */
1204 /* I prefixed the krb5_err.et constant names with KRB5_ET_ for these */
1205 #define KRB5_ET_KRB5KDC_ERR_NONE                        0
1206 #define KRB5_ET_KRB5KDC_ERR_NAME_EXP                    1
1207 #define KRB5_ET_KRB5KDC_ERR_SERVICE_EXP                 2
1208 #define KRB5_ET_KRB5KDC_ERR_BAD_PVNO                    3
1209 #define KRB5_ET_KRB5KDC_ERR_C_OLD_MAST_KVNO             4
1210 #define KRB5_ET_KRB5KDC_ERR_S_OLD_MAST_KVNO             5
1211 #define KRB5_ET_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN         6
1212 #define KRB5_ET_KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN         7
1213 #define KRB5_ET_KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE        8
1214 #define KRB5_ET_KRB5KDC_ERR_NULL_KEY                    9
1215 #define KRB5_ET_KRB5KDC_ERR_CANNOT_POSTDATE             10
1216 #define KRB5_ET_KRB5KDC_ERR_NEVER_VALID                 11
1217 #define KRB5_ET_KRB5KDC_ERR_POLICY                      12
1218 #define KRB5_ET_KRB5KDC_ERR_BADOPTION                   13
1219 #define KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP                14
1220 #define KRB5_ET_KRB5KDC_ERR_SUMTYPE_NOSUPP              15
1221 #define KRB5_ET_KRB5KDC_ERR_PADATA_TYPE_NOSUPP          16
1222 #define KRB5_ET_KRB5KDC_ERR_TRTYPE_NOSUPP               17
1223 #define KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED              18
1224 #define KRB5_ET_KRB5KDC_ERR_SERVICE_REVOKED             19
1225 #define KRB5_ET_KRB5KDC_ERR_TGT_REVOKED                 20
1226 #define KRB5_ET_KRB5KDC_ERR_CLIENT_NOTYET               21
1227 #define KRB5_ET_KRB5KDC_ERR_SERVICE_NOTYET              22
1228 #define KRB5_ET_KRB5KDC_ERR_KEY_EXP                     23
1229 #define KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED              24
1230 #define KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED            25
1231 #define KRB5_ET_KRB5KDC_ERR_SERVER_NOMATCH              26
1232 #define KRB5_ET_KRB5KDC_ERR_MUST_USE_USER2USER          27
1233 #define KRB5_ET_KRB5KDC_ERR_PATH_NOT_ACCEPTED           28
1234 #define KRB5_ET_KRB5KDC_ERR_SVC_UNAVAILABLE             29
1235 #define KRB5_ET_KRB5KRB_AP_ERR_BAD_INTEGRITY            31
1236 #define KRB5_ET_KRB5KRB_AP_ERR_TKT_EXPIRED              32
1237 #define KRB5_ET_KRB5KRB_AP_ERR_TKT_NYV                  33
1238 #define KRB5_ET_KRB5KRB_AP_ERR_REPEAT                   34
1239 #define KRB5_ET_KRB5KRB_AP_ERR_NOT_US                   35
1240 #define KRB5_ET_KRB5KRB_AP_ERR_BADMATCH                 36
1241 #define KRB5_ET_KRB5KRB_AP_ERR_SKEW                     37
1242 #define KRB5_ET_KRB5KRB_AP_ERR_BADADDR                  38
1243 #define KRB5_ET_KRB5KRB_AP_ERR_BADVERSION               39
1244 #define KRB5_ET_KRB5KRB_AP_ERR_MSG_TYPE                 40
1245 #define KRB5_ET_KRB5KRB_AP_ERR_MODIFIED                 41
1246 #define KRB5_ET_KRB5KRB_AP_ERR_BADORDER                 42
1247 #define KRB5_ET_KRB5KRB_AP_ERR_ILL_CR_TKT               43
1248 #define KRB5_ET_KRB5KRB_AP_ERR_BADKEYVER                44
1249 #define KRB5_ET_KRB5KRB_AP_ERR_NOKEY                    45
1250 #define KRB5_ET_KRB5KRB_AP_ERR_MUT_FAIL                 46
1251 #define KRB5_ET_KRB5KRB_AP_ERR_BADDIRECTION             47
1252 #define KRB5_ET_KRB5KRB_AP_ERR_METHOD                   48
1253 #define KRB5_ET_KRB5KRB_AP_ERR_BADSEQ                   49
1254 #define KRB5_ET_KRB5KRB_AP_ERR_INAPP_CKSUM              50
1255 #define KRB5_ET_KRB5KDC_AP_PATH_NOT_ACCEPTED            51
1256 #define KRB5_ET_KRB5KRB_ERR_RESPONSE_TOO_BIG            52
1257 #define KRB5_ET_KRB5KRB_ERR_GENERIC                     60
1258 #define KRB5_ET_KRB5KRB_ERR_FIELD_TOOLONG               61
1259 #define KRB5_ET_KDC_ERROR_CLIENT_NOT_TRUSTED            62
1260 #define KRB5_ET_KDC_ERROR_KDC_NOT_TRUSTED               63
1261 #define KRB5_ET_KDC_ERROR_INVALID_SIG                   64
1262 #define KRB5_ET_KDC_ERR_KEY_TOO_WEAK                    65
1263 #define KRB5_ET_KDC_ERR_CERTIFICATE_MISMATCH            66
1264 #define KRB5_ET_KRB_AP_ERR_NO_TGT                       67
1265 #define KRB5_ET_KDC_ERR_WRONG_REALM                     68
1266 #define KRB5_ET_KRB_AP_ERR_USER_TO_USER_REQUIRED        69
1267 #define KRB5_ET_KDC_ERR_CANT_VERIFY_CERTIFICATE         70
1268 #define KRB5_ET_KDC_ERR_INVALID_CERTIFICATE             71
1269 #define KRB5_ET_KDC_ERR_REVOKED_CERTIFICATE             72
1270 #define KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNKNOWN       73
1271 #define KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE   74
1272 #define KRB5_ET_KDC_ERR_CLIENT_NAME_MISMATCH            75
1273 #define KRB5_ET_KDC_ERR_KDC_NAME_MISMATCH               76
1274
1275 static const value_string krb5_error_codes[] = {
1276         { KRB5_ET_KRB5KDC_ERR_NONE, "KRB5KDC_ERR_NONE" },
1277         { KRB5_ET_KRB5KDC_ERR_NAME_EXP, "KRB5KDC_ERR_NAME_EXP" },
1278         { KRB5_ET_KRB5KDC_ERR_SERVICE_EXP, "KRB5KDC_ERR_SERVICE_EXP" },
1279         { KRB5_ET_KRB5KDC_ERR_BAD_PVNO, "KRB5KDC_ERR_BAD_PVNO" },
1280         { KRB5_ET_KRB5KDC_ERR_C_OLD_MAST_KVNO, "KRB5KDC_ERR_C_OLD_MAST_KVNO" },
1281         { KRB5_ET_KRB5KDC_ERR_S_OLD_MAST_KVNO, "KRB5KDC_ERR_S_OLD_MAST_KVNO" },
1282         { KRB5_ET_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN" },
1283         { KRB5_ET_KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN, "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" },
1284         { KRB5_ET_KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE, "KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE" },
1285         { KRB5_ET_KRB5KDC_ERR_NULL_KEY, "KRB5KDC_ERR_NULL_KEY" },
1286         { KRB5_ET_KRB5KDC_ERR_CANNOT_POSTDATE, "KRB5KDC_ERR_CANNOT_POSTDATE" },
1287         { KRB5_ET_KRB5KDC_ERR_NEVER_VALID, "KRB5KDC_ERR_NEVER_VALID" },
1288         { KRB5_ET_KRB5KDC_ERR_POLICY, "KRB5KDC_ERR_POLICY" },
1289         { KRB5_ET_KRB5KDC_ERR_BADOPTION, "KRB5KDC_ERR_BADOPTION" },
1290         { KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP, "KRB5KDC_ERR_ETYPE_NOSUPP" },
1291         { KRB5_ET_KRB5KDC_ERR_SUMTYPE_NOSUPP, "KRB5KDC_ERR_SUMTYPE_NOSUPP" },
1292         { KRB5_ET_KRB5KDC_ERR_PADATA_TYPE_NOSUPP, "KRB5KDC_ERR_PADATA_TYPE_NOSUPP" },
1293         { KRB5_ET_KRB5KDC_ERR_TRTYPE_NOSUPP, "KRB5KDC_ERR_TRTYPE_NOSUPP" },
1294         { KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED, "KRB5KDC_ERR_CLIENT_REVOKED" },
1295         { KRB5_ET_KRB5KDC_ERR_SERVICE_REVOKED, "KRB5KDC_ERR_SERVICE_REVOKED" },
1296         { KRB5_ET_KRB5KDC_ERR_TGT_REVOKED, "KRB5KDC_ERR_TGT_REVOKED" },
1297         { KRB5_ET_KRB5KDC_ERR_CLIENT_NOTYET, "KRB5KDC_ERR_CLIENT_NOTYET" },
1298         { KRB5_ET_KRB5KDC_ERR_SERVICE_NOTYET, "KRB5KDC_ERR_SERVICE_NOTYET" },
1299         { KRB5_ET_KRB5KDC_ERR_KEY_EXP, "KRB5KDC_ERR_KEY_EXP" },
1300         { KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED, "KRB5KDC_ERR_PREAUTH_FAILED" },
1301         { KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED, "KRB5KDC_ERR_PREAUTH_REQUIRED" },
1302         { KRB5_ET_KRB5KDC_ERR_SERVER_NOMATCH, "KRB5KDC_ERR_SERVER_NOMATCH" },
1303         { KRB5_ET_KRB5KDC_ERR_MUST_USE_USER2USER, "KRB5KDC_ERR_MUST_USE_USER2USER" },
1304         { KRB5_ET_KRB5KDC_ERR_PATH_NOT_ACCEPTED, "KRB5KDC_ERR_PATH_NOT_ACCEPTED" },
1305         { KRB5_ET_KRB5KDC_ERR_SVC_UNAVAILABLE, "KRB5KDC_ERR_SVC_UNAVAILABLE" },
1306         { KRB5_ET_KRB5KRB_AP_ERR_BAD_INTEGRITY, "KRB5KRB_AP_ERR_BAD_INTEGRITY" },
1307         { KRB5_ET_KRB5KRB_AP_ERR_TKT_EXPIRED, "KRB5KRB_AP_ERR_TKT_EXPIRED" },
1308         { KRB5_ET_KRB5KRB_AP_ERR_TKT_NYV, "KRB5KRB_AP_ERR_TKT_NYV" },
1309         { KRB5_ET_KRB5KRB_AP_ERR_REPEAT, "KRB5KRB_AP_ERR_REPEAT" },
1310         { KRB5_ET_KRB5KRB_AP_ERR_NOT_US, "KRB5KRB_AP_ERR_NOT_US" },
1311         { KRB5_ET_KRB5KRB_AP_ERR_BADMATCH, "KRB5KRB_AP_ERR_BADMATCH" },
1312         { KRB5_ET_KRB5KRB_AP_ERR_SKEW, "KRB5KRB_AP_ERR_SKEW" },
1313         { KRB5_ET_KRB5KRB_AP_ERR_BADADDR, "KRB5KRB_AP_ERR_BADADDR" },
1314         { KRB5_ET_KRB5KRB_AP_ERR_BADVERSION, "KRB5KRB_AP_ERR_BADVERSION" },
1315         { KRB5_ET_KRB5KRB_AP_ERR_MSG_TYPE, "KRB5KRB_AP_ERR_MSG_TYPE" },
1316         { KRB5_ET_KRB5KRB_AP_ERR_MODIFIED, "KRB5KRB_AP_ERR_MODIFIED" },
1317         { KRB5_ET_KRB5KRB_AP_ERR_BADORDER, "KRB5KRB_AP_ERR_BADORDER" },
1318         { KRB5_ET_KRB5KRB_AP_ERR_ILL_CR_TKT, "KRB5KRB_AP_ERR_ILL_CR_TKT" },
1319         { KRB5_ET_KRB5KRB_AP_ERR_BADKEYVER, "KRB5KRB_AP_ERR_BADKEYVER" },
1320         { KRB5_ET_KRB5KRB_AP_ERR_NOKEY, "KRB5KRB_AP_ERR_NOKEY" },
1321         { KRB5_ET_KRB5KRB_AP_ERR_MUT_FAIL, "KRB5KRB_AP_ERR_MUT_FAIL" },
1322         { KRB5_ET_KRB5KRB_AP_ERR_BADDIRECTION, "KRB5KRB_AP_ERR_BADDIRECTION" },
1323         { KRB5_ET_KRB5KRB_AP_ERR_METHOD, "KRB5KRB_AP_ERR_METHOD" },
1324         { KRB5_ET_KRB5KRB_AP_ERR_BADSEQ, "KRB5KRB_AP_ERR_BADSEQ" },
1325         { KRB5_ET_KRB5KRB_AP_ERR_INAPP_CKSUM, "KRB5KRB_AP_ERR_INAPP_CKSUM" },
1326         { KRB5_ET_KRB5KDC_AP_PATH_NOT_ACCEPTED, "KRB5KDC_AP_PATH_NOT_ACCEPTED" },
1327         { KRB5_ET_KRB5KRB_ERR_RESPONSE_TOO_BIG, "KRB5KRB_ERR_RESPONSE_TOO_BIG"},
1328         { KRB5_ET_KRB5KRB_ERR_GENERIC, "KRB5KRB_ERR_GENERIC" },
1329         { KRB5_ET_KRB5KRB_ERR_FIELD_TOOLONG, "KRB5KRB_ERR_FIELD_TOOLONG" },
1330         { KRB5_ET_KDC_ERROR_CLIENT_NOT_TRUSTED, "KDC_ERROR_CLIENT_NOT_TRUSTED" },
1331         { KRB5_ET_KDC_ERROR_KDC_NOT_TRUSTED, "KDC_ERROR_KDC_NOT_TRUSTED" },
1332         { KRB5_ET_KDC_ERROR_INVALID_SIG, "KDC_ERROR_INVALID_SIG" },
1333         { KRB5_ET_KDC_ERR_KEY_TOO_WEAK, "KDC_ERR_KEY_TOO_WEAK" },
1334         { KRB5_ET_KDC_ERR_CERTIFICATE_MISMATCH, "KDC_ERR_CERTIFICATE_MISMATCH" },
1335         { KRB5_ET_KRB_AP_ERR_NO_TGT, "KRB_AP_ERR_NO_TGT" },
1336         { KRB5_ET_KDC_ERR_WRONG_REALM, "KDC_ERR_WRONG_REALM" },
1337         { KRB5_ET_KRB_AP_ERR_USER_TO_USER_REQUIRED, "KRB_AP_ERR_USER_TO_USER_REQUIRED" },
1338         { KRB5_ET_KDC_ERR_CANT_VERIFY_CERTIFICATE, "KDC_ERR_CANT_VERIFY_CERTIFICATE" },
1339         { KRB5_ET_KDC_ERR_INVALID_CERTIFICATE, "KDC_ERR_INVALID_CERTIFICATE" },
1340         { KRB5_ET_KDC_ERR_REVOKED_CERTIFICATE, "KDC_ERR_REVOKED_CERTIFICATE" },
1341         { KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNKNOWN, "KDC_ERR_REVOCATION_STATUS_UNKNOWN" },
1342         { KRB5_ET_KDC_ERR_REVOCATION_STATUS_UNAVAILABLE, "KDC_ERR_REVOCATION_STATUS_UNAVAILABLE" },
1343         { KRB5_ET_KDC_ERR_CLIENT_NAME_MISMATCH, "KDC_ERR_CLIENT_NAME_MISMATCH" },
1344         { KRB5_ET_KDC_ERR_KDC_NAME_MISMATCH, "KDC_ERR_KDC_NAME_MISMATCH" },
1345         { 0, NULL }
1346 };
1347
1348
1349 #define PAC_LOGON_INFO          1
1350 #define PAC_CREDENTIAL_TYPE     2
1351 #define PAC_SERVER_CHECKSUM     6
1352 #define PAC_PRIVSVR_CHECKSUM    7
1353 #define PAC_CLIENT_INFO_TYPE    10
1354 #define PAC_S4U_DELEGATION_INFO 11
1355 #define PAC_UPN_DNS_INFO                12
1356 static const value_string w2k_pac_types[] = {
1357         { PAC_LOGON_INFO                , "Logon Info" },
1358         { PAC_CREDENTIAL_TYPE   , "Credential Type" },
1359         { PAC_SERVER_CHECKSUM   , "Server Checksum" },
1360         { PAC_PRIVSVR_CHECKSUM  , "Privsvr Checksum" },
1361         { PAC_CLIENT_INFO_TYPE  , "Client Info Type" },
1362         { PAC_S4U_DELEGATION_INFO, "S4U Delegation Info" },
1363         { PAC_UPN_DNS_INFO              , "UPN DNS Info" },
1364         { 0, NULL },
1365 };
1366
1367 #if 0
1368 static const value_string krb5_princ_types[] = {
1369         { KRB5_NT_UNKNOWN              , "Unknown" },
1370         { KRB5_NT_PRINCIPAL            , "Principal" },
1371         { KRB5_NT_SRV_INST             , "Service and Instance" },
1372         { KRB5_NT_SRV_HST              , "Service and Host" },
1373         { KRB5_NT_SRV_XHST             , "Service and Host Components" },
1374         { KRB5_NT_UID                  , "Unique ID" },
1375         { KRB5_NT_X500_PRINCIPAL       , "Encoded X.509 Distinguished Name" },
1376         { KRB5_NT_SMTP_NAME            , "SMTP Name" },
1377         { KRB5_NT_ENTERPRISE           , "Enterprise Name" },
1378         { KRB5_NT_MS_PRINCIPAL         , "NT 4.0 style name (MS specific)" },
1379         { KRB5_NT_MS_PRINCIPAL_AND_SID , "NT 4.0 style name with SID (MS specific)"},
1380         { KRB5_NT_ENT_PRINCIPAL_AND_SID, "UPN and SID (MS specific)"},
1381         { KRB5_NT_PRINCIPAL_AND_SID    , "Principal name and SID (MS specific)"},
1382         { KRB5_NT_SRV_INST_AND_SID     , "SPN and SID (MS specific)"},
1383         { 0                            , NULL },
1384 };
1385 #endif
1386
1387 static const value_string krb5_preauthentication_types[] = {
1388         { KRB5_PA_TGS_REQ              , "PA-TGS-REQ" },
1389         { KRB5_PA_ENC_TIMESTAMP        , "PA-ENC-TIMESTAMP" },
1390         { KRB5_PA_PW_SALT              , "PA-PW-SALT" },
1391         { KRB5_PA_ENC_ENCKEY           , "PA-ENC-ENCKEY" },
1392         { KRB5_PA_ENC_UNIX_TIME        , "PA-ENC-UNIX-TIME" },
1393         { KRB5_PA_ENC_SANDIA_SECURID   , "PA-PW-SALT" },
1394         { KRB5_PA_SESAME               , "PA-SESAME" },
1395         { KRB5_PA_OSF_DCE              , "PA-OSF-DCE" },
1396         { KRB5_PA_CYBERSAFE_SECUREID   , "PA-CYBERSAFE-SECURID" },
1397         { KRB5_PA_AFS3_SALT            , "PA-AFS3-SALT" },
1398         { KRB5_PA_ENCTYPE_INFO         , "PA-ENCTYPE-INFO" },
1399         { KRB5_PA_ENCTYPE_INFO2         , "PA-ENCTYPE-INFO2" },
1400         { KRB5_PA_SAM_CHALLENGE        , "PA-SAM-CHALLENGE" },
1401         { KRB5_PA_SAM_RESPONSE         , "PA-SAM-RESPONSE" },
1402         { KRB5_PA_PK_AS_REQ            , "PA-PK-AS-REQ" },
1403         { KRB5_PA_PK_AS_REP            , "PA-PK-AS-REP" },
1404         { KRB5_PA_DASS                 , "PA-DASS" },
1405         { KRB5_PA_USE_SPECIFIED_KVNO   , "PA-USE-SPECIFIED-KVNO" },
1406         { KRB5_PA_SAM_REDIRECT         , "PA-SAM-REDIRECT" },
1407         { KRB5_PA_GET_FROM_TYPED_DATA  , "PA-GET-FROM-TYPED-DATA" },
1408         { KRB5_PA_SAM_ETYPE_INFO       , "PA-SAM-ETYPE-INFO" },
1409         { KRB5_PA_ALT_PRINC            , "PA-ALT-PRINC" },
1410         { KRB5_PA_SAM_CHALLENGE2       , "PA-SAM-CHALLENGE2" },
1411         { KRB5_PA_SAM_RESPONSE2        , "PA-SAM-RESPONSE2" },
1412         { KRB5_TD_PKINIT_CMS_CERTIFICATES, "TD-PKINIT-CMS-CERTIFICATES" },
1413         { KRB5_TD_KRB_PRINCIPAL        , "TD-KRB-PRINCIPAL" },
1414         { KRB5_TD_KRB_REALM , "TD-KRB-REALM" },
1415         { KRB5_TD_TRUSTED_CERTIFIERS   , "TD-TRUSTED-CERTIFIERS" },
1416         { KRB5_TD_CERTIFICATE_INDEX    , "TD-CERTIFICATE-INDEX" },
1417         { KRB5_TD_APP_DEFINED_ERROR    , "TD-APP-DEFINED-ERROR" },
1418         { KRB5_TD_REQ_NONCE            , "TD-REQ-NONCE" },
1419         { KRB5_TD_REQ_SEQ              , "TD-REQ-SEQ" },
1420         { KRB5_PA_PAC_REQUEST          , "PA-PAC-REQUEST" },
1421         { KRB5_PA_FOR_USER             , "PA-FOR-USER" },
1422         { KRB5_PA_PROV_SRV_LOCATION    , "PA-PROV-SRV-LOCATION" },
1423         { 0                            , NULL },
1424 };
1425
1426 #if 0
1427 static const value_string krb5_encryption_types[] = {
1428         { KRB5_ENCTYPE_NULL           , "NULL" },
1429         { KRB5_ENCTYPE_DES_CBC_CRC    , "des-cbc-crc" },
1430         { KRB5_ENCTYPE_DES_CBC_MD4    , "des-cbc-md4" },
1431         { KRB5_ENCTYPE_DES_CBC_MD5    , "des-cbc-md5" },
1432         { KRB5_ENCTYPE_DES_CBC_RAW    , "des-cbc-raw" },
1433         { KRB5_ENCTYPE_DES3_CBC_SHA   , "des3-cbc-sha" },
1434         { KRB5_ENCTYPE_DES3_CBC_RAW   , "des3-cbc-raw" },
1435         { KRB5_ENCTYPE_DES_HMAC_SHA1  , "des-hmac-sha1" },
1436         { KRB5_ENCTYPE_DSA_SHA1_CMS   , "dsa-sha1-cms" },
1437         { KRB5_ENCTYPE_RSA_MD5_CMS    , "rsa-md5-cms" },
1438         { KRB5_ENCTYPE_RSA_SHA1_CMS   , "rsa-sha1-cms" },
1439         { KRB5_ENCTYPE_RC2_CBC_ENV    , "rc2-cbc-env" },
1440         { KRB5_ENCTYPE_RSA_ENV        , "rsa-env" },
1441         { KRB5_ENCTYPE_RSA_ES_OEAP_ENV, "rsa-es-oeap-env" },
1442         { KRB5_ENCTYPE_DES_EDE3_CBC_ENV, "des-ede3-cbc-env" },
1443         { KRB5_ENCTYPE_DES3_CBC_SHA1  , "des3-cbc-sha1" },
1444         { KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96  , "aes128-cts-hmac-sha1-96" },
1445         { KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96  , "aes256-cts-hmac-sha1-96" },
1446         { KRB5_ENCTYPE_DES_CBC_MD5_NT  , "des-cbc-md5-nt" },
1447         { KERB_ENCTYPE_RC4_HMAC       , "rc4-hmac" },
1448         { KERB_ENCTYPE_RC4_HMAC_EXP   , "rc4-hmac-exp" },
1449         { KRB5_ENCTYPE_UNKNOWN        , "unknown" },
1450         { KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1    , "local-des3-hmac-sha1" },
1451         { KRB5_ENCTYPE_RC4_PLAIN_EXP  , "rc4-plain-exp" },
1452         { KRB5_ENCTYPE_RC4_PLAIN      , "rc4-plain" },
1453         { KRB5_ENCTYPE_RC4_PLAIN_OLD_EXP, "rc4-plain-old-exp" },
1454         { KRB5_ENCTYPE_RC4_HMAC_OLD_EXP, "rc4-hmac-old-exp" },
1455         { KRB5_ENCTYPE_RC4_PLAIN_OLD  , "rc4-plain-old" },
1456         { KRB5_ENCTYPE_RC4_HMAC_OLD   , "rc4-hmac-old" },
1457         { KRB5_ENCTYPE_DES_PLAIN      , "des-plain" },
1458         { KRB5_ENCTYPE_RC4_SHA        , "rc4-sha" },
1459         { KRB5_ENCTYPE_RC4_LM         , "rc4-lm" },
1460         { KRB5_ENCTYPE_RC4_PLAIN2     , "rc4-plain2" },
1461         { KRB5_ENCTYPE_RC4_MD4        , "rc4-md4" },
1462         { 0                           , NULL },
1463 };
1464
1465 static const value_string krb5_checksum_types[] = {
1466         { KRB5_CHKSUM_NONE            , "none" },
1467         { KRB5_CHKSUM_CRC32           , "crc32" },
1468         { KRB5_CHKSUM_MD4             , "md4" },
1469         { KRB5_CHKSUM_KRB_DES_MAC     , "krb-des-mac" },
1470         { KRB5_CHKSUM_KRB_DES_MAC_K   , "krb-des-mac-k" },
1471         { KRB5_CHKSUM_MD5             , "md5" },
1472         { KRB5_CHKSUM_MD5_DES         , "md5-des" },
1473         { KRB5_CHKSUM_MD5_DES3        , "md5-des3" },
1474         { KRB5_CHKSUM_HMAC_SHA1_DES3_KD, "hmac-sha1-des3-kd" },
1475         { KRB5_CHKSUM_HMAC_SHA1_DES3  , "hmac-sha1-des3" },
1476         { KRB5_CHKSUM_SHA1_UNKEYED    , "sha1 (unkeyed)" },
1477         { KRB5_CHKSUM_HMAC_MD5        , "hmac-md5" },
1478         { KRB5_CHKSUM_MD5_HMAC        , "md5-hmac" },
1479         { KRB5_CHKSUM_RC4_MD5         , "rc5-md5" },
1480         { KRB5_CHKSUM_MD25            , "md25" },
1481         { KRB5_CHKSUM_DES_MAC_MD5     , "des-mac-md5" },
1482         { KRB5_CHKSUM_DES_MAC         , "des-mac" },
1483         { KRB5_CHKSUM_REAL_CRC32      , "real-crc32" },
1484         { KRB5_CHKSUM_SHA1            , "sha1" },
1485         { KRB5_CHKSUM_LM              , "lm" },
1486         { KRB5_CHKSUM_GSSAPI      , "gssapi-8003" },
1487         { 0                           , NULL },
1488 };
1489 #endif
1490
1491 #define KRB5_AD_IF_RELEVANT                     1
1492 #define KRB5_AD_INTENDED_FOR_SERVER             2
1493 #define KRB5_AD_INTENDED_FOR_APPLICATION_CLASS  3
1494 #define KRB5_AD_KDC_ISSUED                      4
1495 #define KRB5_AD_OR                              5
1496 #define KRB5_AD_MANDATORY_TICKET_EXTENSIONS     6
1497 #define KRB5_AD_IN_TICKET_EXTENSIONS            7
1498 #define KRB5_AD_MANDATORY_FOR_KDC               8
1499 #define KRB5_AD_OSF_DCE                         64
1500 #define KRB5_AD_SESAME                          65
1501 #define KRB5_AD_OSF_DCE_PKI_CERTID              66
1502 #define KRB5_AD_WIN2K_PAC                               128
1503 #define KRB5_AD_SIGNTICKET                      0xffffffef
1504
1505 static const value_string krb5_ad_types[] = {
1506         { KRB5_AD_IF_RELEVANT                   , "AD-IF-RELEVANT" },
1507         { KRB5_AD_INTENDED_FOR_SERVER           , "AD-Intended-For-Server" },
1508         { KRB5_AD_INTENDED_FOR_APPLICATION_CLASS        , "AD-Intended-For-Application-Class" },
1509         { KRB5_AD_KDC_ISSUED                    , "AD-KDCIssued" },
1510         { KRB5_AD_OR                            , "AD-AND-OR" },
1511         { KRB5_AD_MANDATORY_TICKET_EXTENSIONS   , "AD-Mandatory-Ticket-Extensions" },
1512         { KRB5_AD_IN_TICKET_EXTENSIONS          , "AD-IN-Ticket-Extensions" },
1513         { KRB5_AD_MANDATORY_FOR_KDC                     , "AD-MANDATORY-FOR-KDC" },
1514         { KRB5_AD_OSF_DCE                               , "AD-OSF-DCE" },
1515         { KRB5_AD_SESAME                                , "AD-SESAME" },
1516         { KRB5_AD_OSF_DCE_PKI_CERTID            , "AD-OSF-DCE-PKI-CertID" },
1517         { KRB5_AD_WIN2K_PAC                             , "AD-Win2k-PAC" },
1518         { KRB5_AD_SIGNTICKET                    , "AD-SignTicket" },
1519         { 0     , NULL },
1520 };
1521 #if 0
1522 static const value_string krb5_transited_types[] = {
1523         { 1                           , "DOMAIN-X500-COMPRESS" },
1524         { 0                           , NULL }
1525 };
1526 #endif
1527
1528 static const value_string krb5_msg_types[] = {
1529         { KRB5_MSG_TICKET,              "Ticket" },
1530         { KRB5_MSG_AUTHENTICATOR,       "Authenticator" },
1531         { KRB5_MSG_ENC_TICKET_PART,     "EncTicketPart" },
1532         { KRB5_MSG_TGS_REQ,             "TGS-REQ" },
1533         { KRB5_MSG_TGS_REP,             "TGS-REP" },
1534         { KRB5_MSG_AS_REQ,              "AS-REQ" },
1535         { KRB5_MSG_AS_REP,              "AS-REP" },
1536         { KRB5_MSG_AP_REQ,              "AP-REQ" },
1537         { KRB5_MSG_AP_REP,              "AP-REP" },
1538         { KRB5_MSG_SAFE,                "KRB-SAFE" },
1539         { KRB5_MSG_PRIV,                "KRB-PRIV" },
1540         { KRB5_MSG_CRED,                "KRB-CRED" },
1541         { KRB5_MSG_ENC_AS_REP_PART,     "EncASRepPart" },
1542         { KRB5_MSG_ENC_TGS_REP_PART,    "EncTGSRepPart" },
1543         { KRB5_MSG_ENC_AP_REP_PART,     "EncAPRepPart" },
1544         { KRB5_MSG_ENC_KRB_PRIV_PART,   "EncKrbPrivPart" },
1545         { KRB5_MSG_ENC_KRB_CRED_PART,   "EncKrbCredPart" },
1546         { KRB5_MSG_ERROR,               "KRB-ERROR" },
1547         { 0, NULL },
1548 };
1549
1550 #define KRB5_GSS_C_DELEG_FLAG             0x01
1551 #define KRB5_GSS_C_MUTUAL_FLAG            0x02
1552 #define KRB5_GSS_C_REPLAY_FLAG            0x04
1553 #define KRB5_GSS_C_SEQUENCE_FLAG          0x08
1554 #define KRB5_GSS_C_CONF_FLAG              0x10
1555 #define KRB5_GSS_C_INTEG_FLAG             0x20
1556 #define KRB5_GSS_C_DCE_STYLE            0x1000
1557
1558 static const true_false_string tfs_gss_flags_deleg = {
1559         "Delegate credentials to remote peer",
1560         "Do NOT delegate"
1561 };
1562 static const true_false_string tfs_gss_flags_mutual = {
1563         "Request that remote peer authenticates itself",
1564         "Mutual authentication NOT required"
1565 };
1566 static const true_false_string tfs_gss_flags_replay = {
1567         "Enable replay protection for signed or sealed messages",
1568         "Do NOT enable replay protection"
1569 };
1570 static const true_false_string tfs_gss_flags_sequence = {
1571         "Enable Out-of-sequence detection for sign or sealed messages",
1572         "Do NOT enable out-of-sequence detection"
1573 };
1574 static const true_false_string tfs_gss_flags_conf = {
1575         "Confidentiality (sealing) may be invoked",
1576         "Do NOT use Confidentiality (sealing)"
1577 };
1578 static const true_false_string tfs_gss_flags_integ = {
1579         "Integrity protection (signing) may be invoked",
1580         "Do NOT use integrity protection"
1581 };
1582
1583 static const true_false_string tfs_gss_flags_dce_style = {
1584         "DCE-STYLE",
1585         "Not using DCE-STYLE"
1586 };
1587
1588 #ifdef HAVE_KERBEROS
1589 static int
1590 dissect_krb5_decrypt_ticket_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1591                                                                         proto_tree *tree, int hf_index _U_)
1592 {
1593         guint8 *plaintext;
1594         int length;
1595         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1596         tvbuff_t *next_tvb;
1597
1598         next_tvb=tvb_new_subset_remaining(tvb, offset);
1599         length=tvb_captured_length_remaining(tvb, offset);
1600
1601         /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1602          * 7.5.1
1603          * All Ticket encrypted parts use usage == 2
1604          */
1605         plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, next_tvb, private_data->etype, NULL);
1606
1607         if(plaintext){
1608                 tvbuff_t *child_tvb;
1609                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1610                 tvb_set_free_cb(child_tvb, g_free);
1611
1612                 /* Add the decrypted data to the data source list. */
1613                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1614
1615                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1616         }
1617         return offset;
1618 }
1619
1620 static int
1621 dissect_krb5_decrypt_authenticator_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1622                                                                                         proto_tree *tree, int hf_index _U_)
1623 {
1624         guint8 *plaintext;
1625         int length;
1626         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1627         tvbuff_t *next_tvb;
1628
1629         next_tvb=tvb_new_subset_remaining(tvb, offset);
1630         length=tvb_captured_length_remaining(tvb, offset);
1631
1632         /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1633          * 7.5.1
1634          * Authenticators are encrypted with usage
1635          * == 7 or
1636          * == 11
1637          */
1638         plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, next_tvb, private_data->etype, NULL);
1639
1640         if(!plaintext){
1641                 plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, next_tvb, private_data->etype, NULL);
1642         }
1643
1644         if(plaintext){
1645                 tvbuff_t *child_tvb;
1646                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1647                 tvb_set_free_cb(child_tvb, g_free);
1648
1649                 /* Add the decrypted data to the data source list. */
1650                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1651
1652                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1653         }
1654         return offset;
1655 }
1656
1657 static int
1658 dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1659                                                                         proto_tree *tree, int hf_index _U_)
1660 {
1661         guint8 *plaintext;
1662         int length;
1663         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1664         tvbuff_t *next_tvb;
1665
1666         next_tvb=tvb_new_subset_remaining(tvb, offset);
1667         length=tvb_captured_length_remaining(tvb, offset);
1668
1669         /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1670          * 7.5.1
1671          * ASREP/TGSREP encryptedparts are encrypted with usage
1672          * == 3 or
1673          * == 8 or
1674          * == 9
1675          */
1676         plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, next_tvb, private_data->etype, NULL);
1677
1678         if(!plaintext){
1679                 plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, next_tvb, private_data->etype, NULL);
1680         }
1681
1682         if(!plaintext){
1683                 plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, next_tvb, private_data->etype, NULL);
1684         }
1685
1686         if(plaintext){
1687                 tvbuff_t *child_tvb;
1688                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1689                 tvb_set_free_cb(child_tvb, g_free);
1690
1691                 /* Add the decrypted data to the data source list. */
1692                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1693
1694                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1695         }
1696         return offset;
1697 }
1698
1699 static int
1700 dissect_krb5_decrypt_PA_ENC_TIMESTAMP (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1701                                                                                 proto_tree *tree, int hf_index _U_)
1702 {
1703         guint8 *plaintext;
1704         int length;
1705         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1706         tvbuff_t *next_tvb;
1707
1708         next_tvb=tvb_new_subset_remaining(tvb, offset);
1709         length=tvb_captured_length_remaining(tvb, offset);
1710
1711         /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1712          * 7.5.1
1713          * AS-REQ PA_ENC_TIMESTAMP are encrypted with usage
1714          * == 1
1715          */
1716         plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, next_tvb, private_data->etype, NULL);
1717
1718         if(plaintext){
1719                 tvbuff_t *child_tvb;
1720                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1721                 tvb_set_free_cb(child_tvb, g_free);
1722
1723                 /* Add the decrypted data to the data source list. */
1724                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1725
1726                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1727         }
1728         return offset;
1729 }
1730
1731 static int
1732 dissect_krb5_decrypt_AP_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1733                                                                         proto_tree *tree, int hf_index _U_)
1734 {
1735         guint8 *plaintext;
1736         int length;
1737         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1738         tvbuff_t *next_tvb;
1739
1740         next_tvb=tvb_new_subset_remaining(tvb, offset);
1741         length=tvb_captured_length_remaining(tvb, offset);
1742
1743         /* draft-ietf-krb-wg-kerberos-clarifications-05.txt :
1744          * 7.5.1
1745          * AP-REP are encrypted with usage == 12
1746          */
1747         plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, next_tvb, private_data->etype, NULL);
1748
1749         if(plaintext){
1750                 tvbuff_t *child_tvb;
1751                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1752                 tvb_set_free_cb(child_tvb, g_free);
1753
1754                 /* Add the decrypted data to the data source list. */
1755                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1756
1757                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1758         }
1759         return offset;
1760 }
1761
1762 static int
1763 dissect_krb5_decrypt_PRIV_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1764                                                                         proto_tree *tree, int hf_index _U_)
1765 {
1766         guint8 *plaintext;
1767         int length;
1768         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1769         tvbuff_t *next_tvb;
1770
1771         next_tvb=tvb_new_subset_remaining(tvb, offset);
1772         length=tvb_captured_length_remaining(tvb, offset);
1773
1774         /* RFC4120 :
1775          * EncKrbPrivPart encrypted with usage
1776          * == 13
1777          */
1778         plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, next_tvb, private_data->etype, NULL);
1779
1780         if(plaintext){
1781                 tvbuff_t *child_tvb;
1782                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1783                 tvb_set_free_cb(child_tvb, g_free);
1784
1785                 /* Add the decrypted data to the data source list. */
1786                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1787
1788                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1789         }
1790         return offset;
1791 }
1792
1793 static int
1794 dissect_krb5_decrypt_CRED_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx,
1795                                                                         proto_tree *tree, int hf_index _U_)
1796 {
1797         guint8 *plaintext;
1798         int length;
1799         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
1800         tvbuff_t *next_tvb;
1801
1802         next_tvb=tvb_new_subset_remaining(tvb, offset);
1803         length=tvb_captured_length_remaining(tvb, offset);
1804
1805         /* RFC4120 :
1806          * EncKrbCredPart encrypted with usage
1807          * == 14
1808          */
1809         plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, next_tvb, private_data->etype, NULL);
1810
1811         if(plaintext){
1812                 tvbuff_t *child_tvb;
1813                 child_tvb = tvb_new_child_real_data(tvb, plaintext, length, length);
1814                 tvb_set_free_cb(child_tvb, g_free);
1815
1816                 /* Add the decrypted data to the data source list. */
1817                 add_new_data_source(actx->pinfo, child_tvb, "Decrypted Krb5");
1818
1819                 offset=dissect_kerberos_Applications(FALSE, child_tvb, 0, actx , tree, /* hf_index*/ -1);
1820         }
1821         return offset;
1822 }
1823 #endif
1824
1825 /* Dissect a GSSAPI checksum as per RFC1964. This is NOT ASN.1 encoded.
1826  */
1827 static int
1828 dissect_krb5_rfc1964_checksum(asn1_ctx_t *actx _U_, proto_tree *tree, tvbuff_t *tvb)
1829 {
1830         int offset=0;
1831         guint32 len;
1832         guint16 dlglen;
1833
1834         /* Length of Bnd field */
1835         len=tvb_get_letohl(tvb, offset);
1836         proto_tree_add_item(tree, hf_krb_gssapi_len, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1837         offset += 4;
1838
1839         /* Bnd field */
1840         proto_tree_add_item(tree, hf_krb_gssapi_bnd, tvb, offset, len, ENC_NA);
1841         offset += len;
1842
1843
1844         /* flags */
1845         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_dce_style, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1846         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_integ, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1847         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_conf, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1848         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_sequence, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1849         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_replay, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1850         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_mutual, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1851         proto_tree_add_item(tree, hf_krb_gssapi_c_flag_deleg, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1852         offset += 4;
1853
1854         /* the next fields are optional so we have to check that we have
1855          * more data in our buffers */
1856         if(tvb_reported_length_remaining(tvb, offset)<2){
1857                 return offset;
1858         }
1859         /* dlgopt identifier */
1860         proto_tree_add_item(tree, hf_krb_gssapi_dlgopt, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1861         offset += 2;
1862
1863         if(tvb_reported_length_remaining(tvb, offset)<2){
1864                 return offset;
1865         }
1866         /* dlglen identifier */
1867         dlglen=tvb_get_letohs(tvb, offset);
1868         proto_tree_add_item(tree, hf_krb_gssapi_dlglen, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1869         offset += 2;
1870
1871         if(dlglen!=tvb_reported_length_remaining(tvb, offset)){
1872                 proto_tree_add_expert_format(tree, actx->pinfo, &ei_krb_gssapi_dlglen, tvb, 0, 0,
1873                                 "Error: DlgLen:%d is not the same as number of bytes remaining:%d", dlglen, tvb_captured_length_remaining(tvb, offset));
1874                 return offset;
1875         }
1876
1877         /* this should now be a KRB_CRED message */
1878         offset=dissect_kerberos_Applications(FALSE, tvb, offset, actx, tree, /* hf_index */ -1);
1879
1880         return offset;
1881 }
1882
1883 static int
1884 dissect_krb5_PA_PROV_SRV_LOCATION(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_)
1885 {
1886         offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_provsrv_location, NULL, 0);
1887
1888         return offset;
1889 }
1890
1891 static int
1892 dissect_krb5_PW_SALT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_)
1893 {
1894         guint32 nt_status;
1895
1896         /* Microsoft stores a special 12 byte blob here
1897          * guint32 NT_status
1898          * guint32 unknown
1899          * guint32 unknown
1900          * decode everything as this blob for now until we see if anyone
1901          * else ever uses it   or we learn how to tell whether this
1902          * is such an MS blob or not.
1903          */
1904         proto_tree_add_item(tree, hf_krb_smb_nt_status, tvb, offset, 4,
1905                         ENC_LITTLE_ENDIAN);
1906         nt_status=tvb_get_letohl(tvb, offset);
1907         if(nt_status) {
1908                 col_append_fstr(actx->pinfo->cinfo, COL_INFO,
1909                         " NT Status: %s",
1910                         val_to_str(nt_status, NT_errors,
1911                         "Unknown error code %#x"));
1912         }
1913         offset += 4;
1914
1915         proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
1916                         ENC_LITTLE_ENDIAN);
1917         offset += 4;
1918
1919         proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
1920                         ENC_LITTLE_ENDIAN);
1921         offset += 4;
1922
1923         return offset;
1924 }
1925
1926 static int
1927 dissect_krb5_PAC_DREP(proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 *drep)
1928 {
1929         proto_tree *tree;
1930         guint8 val;
1931
1932         tree = proto_tree_add_subtree(parent_tree, tvb, offset, 16, ett_krb_pac_drep, NULL, "DREP");
1933
1934         val = tvb_get_guint8(tvb, offset);
1935         proto_tree_add_uint(tree, hf_dcerpc_drep_byteorder, tvb, offset, 1, val>>4);
1936
1937         offset++;
1938
1939         if (drep) {
1940                 *drep = val;
1941         }
1942
1943         return offset;
1944 }
1945
1946 /* This might be some sort of header that MIDL generates when creating
1947  * marshalling/unmarshalling code for blobs that are not to be transported
1948  * ontop of DCERPC and where the DREP fields specifying things such as
1949  * endianess and similar are not available.
1950  */
1951 static int
1952 dissect_krb5_PAC_NDRHEADERBLOB(proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 *drep, asn1_ctx_t *actx _U_)
1953 {
1954         proto_tree *tree;
1955
1956         tree = proto_tree_add_subtree(parent_tree, tvb, offset, 16, ett_krb_pac_midl_blob, NULL, "MES header");
1957
1958         /* modified DREP field that is used for stuff that is transporetd ontop
1959            of non dcerpc
1960         */
1961         proto_tree_add_item(tree, hf_krb_midl_version, tvb, offset, 1, ENC_LITTLE_ENDIAN);
1962         offset++;
1963
1964         offset = dissect_krb5_PAC_DREP(tree, tvb, offset, drep);
1965
1966
1967         proto_tree_add_item(tree, hf_krb_midl_hdr_len, tvb, offset, 2, ENC_LITTLE_ENDIAN);
1968         offset+=2;
1969
1970         proto_tree_add_item(tree, hf_krb_midl_fill_bytes, tvb, offset, 4, ENC_LITTLE_ENDIAN);
1971         offset += 4;
1972
1973         /* length of blob that follows */
1974         proto_tree_add_item(tree, hf_krb_midl_blob_len, tvb, offset, 8, ENC_LITTLE_ENDIAN);
1975         offset += 8;
1976
1977         return offset;
1978 }
1979
1980 static int
1981 dissect_krb5_PAC_LOGON_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
1982 {
1983         proto_item *item;
1984         proto_tree *tree;
1985         guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */
1986         static dcerpc_info di;      /* fake dcerpc_info struct */
1987         static dcerpc_call_value call_data;
1988
1989         item = proto_tree_add_item(parent_tree, hf_krb_pac_logon_info, tvb, offset, -1, ENC_NA);
1990         tree = proto_item_add_subtree(item, ett_krb_pac_logon_info);
1991
1992         /* skip the first 16 bytes, they are some magic created by the idl
1993          * compiler   the first 4 bytes might be flags?
1994          */
1995         offset = dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
1996
1997         /* the PAC_LOGON_INFO blob */
1998         /* fake whatever state the dcerpc runtime support needs */
1999         di.conformant_run=0;
2000         /* we need di->call_data->flags.NDR64 == 0 */
2001         di.call_data=&call_data;
2002         init_ndr_pointer_list(&di);
2003         offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, &di, drep,
2004                                                                         netlogon_dissect_PAC_LOGON_INFO, NDR_POINTER_UNIQUE,
2005                                                                         "PAC_LOGON_INFO:", -1);
2006
2007         return offset;
2008 }
2009
2010 static int
2011 dissect_krb5_PAC_S4U_DELEGATION_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx)
2012 {
2013         proto_item *item;
2014         proto_tree *tree;
2015         guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */
2016         static dcerpc_info di;      /* fake dcerpc_info struct */
2017         static dcerpc_call_value call_data;
2018
2019         item = proto_tree_add_item(parent_tree, hf_krb_pac_s4u_delegation_info, tvb, offset, -1, ENC_NA);
2020         tree = proto_item_add_subtree(item, ett_krb_pac_s4u_delegation_info);
2021
2022         /* skip the first 16 bytes, they are some magic created by the idl
2023          * compiler   the first 4 bytes might be flags?
2024          */
2025         offset = dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
2026
2027
2028         /* the S4U_DELEGATION_INFO blob. See [MS-PAC] */
2029         /* fake whatever state the dcerpc runtime support needs */
2030         di.conformant_run=0;
2031         /* we need di->call_data->flags.NDR64 == 0 */
2032         di.call_data=&call_data;
2033         init_ndr_pointer_list(&di);
2034         offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, &di, drep,
2035                                                                         netlogon_dissect_PAC_S4U_DELEGATION_INFO, NDR_POINTER_UNIQUE,
2036                                                                         "PAC_S4U_DELEGATION_INFO:", -1);
2037
2038         return offset;
2039 }
2040
2041 static int
2042 dissect_krb5_PAC_UPN_DNS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2043 {
2044         proto_item *item;
2045         proto_tree *tree;
2046         guint16 dns_offset, dns_len;
2047         guint16 upn_offset, upn_len;
2048         const char *dn;
2049         int dn_len;
2050         guint16 bc;
2051
2052         item = proto_tree_add_item(parent_tree, hf_krb_pac_upn_dns_info, tvb, offset, -1, ENC_NA);
2053         tree = proto_item_add_subtree(item, ett_krb_pac_upn_dns_info);
2054
2055         /* upn */
2056         upn_len = tvb_get_letohs(tvb, offset);
2057         proto_tree_add_item(tree, hf_krb_pac_upn_upn_len, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2058         offset+=2;
2059         upn_offset = tvb_get_letohs(tvb, offset);
2060         proto_tree_add_item(tree, hf_krb_pac_upn_upn_offset, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2061         offset+=2;
2062
2063         /* dns */
2064         dns_len = tvb_get_letohs(tvb, offset);
2065         proto_tree_add_item(tree, hf_krb_pac_upn_dns_len, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2066         offset+=2;
2067         dns_offset = tvb_get_letohs(tvb, offset);
2068         proto_tree_add_item(tree, hf_krb_pac_upn_dns_offset, tvb, offset, 2, ENC_LITTLE_ENDIAN);
2069         offset+=2;
2070
2071         /* flags */
2072         proto_tree_add_item(tree, hf_krb_pac_upn_flags, tvb, offset, 4, ENC_LITTLE_ENDIAN);
2073
2074         /* upn */
2075         offset = upn_offset;
2076         dn_len = upn_len;
2077         bc = tvb_reported_length_remaining(tvb, offset);
2078         dn = get_unicode_or_ascii_string(tvb, &offset, TRUE, &dn_len, TRUE, TRUE, &bc);
2079         proto_tree_add_string(tree, hf_krb_pac_upn_upn_name, tvb, upn_offset, upn_len, dn);
2080
2081         /* dns */
2082         offset = dns_offset;
2083         dn_len = dns_len;
2084         bc = tvb_reported_length_remaining(tvb, offset);
2085         dn = get_unicode_or_ascii_string(tvb, &offset, TRUE, &dn_len, TRUE, TRUE, &bc);
2086         proto_tree_add_string(tree, hf_krb_pac_upn_dns_name, tvb, dns_offset, dns_len, dn);
2087
2088         return offset;
2089 }
2090
2091 static int
2092 dissect_krb5_PAC_CREDENTIAL_TYPE(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2093 {
2094         proto_tree_add_item(parent_tree, hf_krb_pac_credential_type, tvb, offset, -1, ENC_NA);
2095
2096         return offset;
2097 }
2098
2099 static int
2100 dissect_krb5_PAC_SERVER_CHECKSUM(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2101 {
2102         proto_item *item;
2103         proto_tree *tree;
2104
2105         item = proto_tree_add_item(parent_tree, hf_krb_pac_server_checksum, tvb, offset, -1, ENC_NA);
2106         tree = proto_item_add_subtree(item, ett_krb_pac_server_checksum);
2107
2108         /* signature type */
2109         proto_tree_add_item(tree, hf_krb_pac_signature_type, tvb, offset, 4, ENC_LITTLE_ENDIAN);
2110         offset+=4;
2111
2112         /* signature data */
2113         proto_tree_add_item(tree, hf_krb_pac_signature_signature, tvb, offset, -1, ENC_NA);
2114
2115         return offset;
2116 }
2117
2118 static int
2119 dissect_krb5_PAC_PRIVSVR_CHECKSUM(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2120 {
2121         proto_item *item;
2122         proto_tree *tree;
2123
2124         item = proto_tree_add_item(parent_tree, hf_krb_pac_privsvr_checksum, tvb, offset, -1, ENC_NA);
2125         tree = proto_item_add_subtree(item, ett_krb_pac_privsvr_checksum);
2126
2127         /* signature type */
2128         proto_tree_add_item(tree, hf_krb_pac_signature_type, tvb, offset, 4, ENC_LITTLE_ENDIAN);
2129         offset+=4;
2130
2131         /* signature data */
2132         proto_tree_add_item(tree, hf_krb_pac_signature_signature, tvb, offset, -1, ENC_NA);
2133
2134         return offset;
2135 }
2136
2137 static int
2138 dissect_krb5_PAC_CLIENT_INFO_TYPE(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
2139 {
2140         proto_item *item;
2141         proto_tree *tree;
2142         guint16 namelen;
2143
2144         item = proto_tree_add_item(parent_tree, hf_krb_pac_client_info_type, tvb, offset, -1, ENC_NA);
2145         tree = proto_item_add_subtree(item, ett_krb_pac_client_info_type);
2146
2147         /* clientid */
2148         offset = dissect_nt_64bit_time(tvb, tree, offset, hf_krb_pac_clientid);
2149
2150         /* name length */
2151         namelen=tvb_get_letohs(tvb, offset);
2152         proto_tree_add_uint(tree, hf_krb_pac_namelen, tvb, offset, 2, namelen);
2153         offset+=2;
2154
2155         /* client name */
2156         proto_tree_add_item(tree, hf_krb_pac_clientname, tvb, offset, namelen, ENC_UTF_16|ENC_LITTLE_ENDIAN);
2157         offset+=namelen;
2158
2159         return offset;
2160 }
2161
2162 static int
2163 dissect_krb5_AD_WIN2K_PAC_struct(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx)
2164 {
2165         guint32 pac_type;
2166         guint32 pac_size;
2167         guint32 pac_offset;
2168         proto_item *it=NULL;
2169         proto_tree *tr=NULL;
2170         tvbuff_t *next_tvb;
2171
2172         /* type of pac data */
2173         pac_type=tvb_get_letohl(tvb, offset);
2174         it=proto_tree_add_uint(tree, hf_krb_w2k_pac_type, tvb, offset, 4, pac_type);
2175         tr=proto_item_add_subtree(it, ett_krb_pac);
2176
2177         offset += 4;
2178
2179         /* size of pac data */
2180         pac_size=tvb_get_letohl(tvb, offset);
2181         proto_tree_add_uint(tr, hf_krb_w2k_pac_size, tvb, offset, 4, pac_size);
2182         offset += 4;
2183
2184         /* offset to pac data */
2185         pac_offset=tvb_get_letohl(tvb, offset);
2186         proto_tree_add_uint(tr, hf_krb_w2k_pac_offset, tvb, offset, 4, pac_offset);
2187         offset += 8;
2188
2189         next_tvb=tvb_new_subset(tvb, pac_offset, pac_size, pac_size);
2190         switch(pac_type){
2191         case PAC_LOGON_INFO:
2192                 dissect_krb5_PAC_LOGON_INFO(tr, next_tvb, 0, actx);
2193                 break;
2194         case PAC_CREDENTIAL_TYPE:
2195                 dissect_krb5_PAC_CREDENTIAL_TYPE(tr, next_tvb, 0, actx);
2196                 break;
2197         case PAC_SERVER_CHECKSUM:
2198                 dissect_krb5_PAC_SERVER_CHECKSUM(tr, next_tvb, 0, actx);
2199                 break;
2200         case PAC_PRIVSVR_CHECKSUM:
2201                 dissect_krb5_PAC_PRIVSVR_CHECKSUM(tr, next_tvb, 0, actx);
2202                 break;
2203         case PAC_CLIENT_INFO_TYPE:
2204                 dissect_krb5_PAC_CLIENT_INFO_TYPE(tr, next_tvb, 0, actx);
2205                 break;
2206         case PAC_S4U_DELEGATION_INFO:
2207                 dissect_krb5_PAC_S4U_DELEGATION_INFO(tr, next_tvb, 0, actx);
2208                 break;
2209         case PAC_UPN_DNS_INFO:
2210                 dissect_krb5_PAC_UPN_DNS_INFO(tr, next_tvb, 0, actx);
2211                 break;
2212
2213         default:
2214                 break;
2215         }
2216         return offset;
2217 }
2218
2219 static int
2220 dissect_krb5_AD_WIN2K_PAC(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_)
2221 {
2222         guint32 entries;
2223         guint32 version;
2224         guint32 i;
2225
2226         /* first in the PAC structure comes the number of entries */
2227         entries=tvb_get_letohl(tvb, offset);
2228         proto_tree_add_uint(tree, hf_krb_w2k_pac_entries, tvb, offset, 4, entries);
2229         offset += 4;
2230
2231         /* second comes the version */
2232         version=tvb_get_letohl(tvb, offset);
2233         proto_tree_add_uint(tree, hf_krb_w2k_pac_version, tvb, offset, 4, version);
2234         offset += 4;
2235
2236         for(i=0;i<entries;i++){
2237                 offset=dissect_krb5_AD_WIN2K_PAC_struct(tree, tvb, offset, actx);
2238         }
2239
2240         return offset;
2241 }
2242
2243
2244 /*--- Included file: packet-kerberos-fn.c ---*/
2245 #line 1 "./asn1/kerberos/packet-kerberos-fn.c"
2246
2247
2248 static int
2249 dissect_kerberos_INTEGER_5(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2250   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2251                                                 NULL);
2252
2253   return offset;
2254 }
2255
2256
2257
2258 static int
2259 dissect_kerberos_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2260   offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
2261                                             actx, tree, tvb, offset, hf_index,
2262                                             NULL);
2263
2264   return offset;
2265 }
2266
2267
2268
2269 static int
2270 dissect_kerberos_Realm(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2271   offset = dissect_kerberos_KerberosString(implicit_tag, tvb, offset, actx, tree, hf_index);
2272
2273   return offset;
2274 }
2275
2276
2277 static const value_string kerberos_NAME_TYPE_vals[] = {
2278   {   0, "kRB5-NT-UNKNOWN" },
2279   {   1, "kRB5-NT-PRINCIPAL" },
2280   {   2, "kRB5-NT-SRV-INST" },
2281   {   3, "kRB5-NT-SRV-HST" },
2282   {   4, "kRB5-NT-SRV-XHST" },
2283   {   5, "kRB5-NT-UID" },
2284   {   6, "kRB5-NT-X500-PRINCIPAL" },
2285   {   7, "kRB5-NT-SMTP-NAME" },
2286   {  10, "kRB5-NT-ENTERPRISE-PRINCIPAL" },
2287   { -130, "kRB5-NT-ENT-PRINCIPAL-AND-ID" },
2288   { -128, "kRB5-NT-MS-PRINCIPAL" },
2289   { -129, "kRB5-NT-MS-PRINCIPAL-AND-ID" },
2290   { 0, NULL }
2291 };
2292
2293
2294 static int
2295 dissect_kerberos_NAME_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2296   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2297                                                 NULL);
2298
2299   return offset;
2300 }
2301
2302
2303
2304 static int
2305 dissect_kerberos_SNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2306   offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
2307                                             actx, tree, tvb, offset, hf_index,
2308                                             NULL);
2309
2310   return offset;
2311 }
2312
2313
2314 static const ber_sequence_t SEQUENCE_OF_SNameString_sequence_of[1] = {
2315   { &hf_kerberos_sname_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_SNameString },
2316 };
2317
2318 static int
2319 dissect_kerberos_SEQUENCE_OF_SNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2320   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2321                                       SEQUENCE_OF_SNameString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_SNameString);
2322
2323   return offset;
2324 }
2325
2326
2327 static const ber_sequence_t SName_sequence[] = {
2328   { &hf_kerberos_name_type  , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
2329   { &hf_kerberos_sname_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_SNameString },
2330   { NULL, 0, 0, 0, NULL }
2331 };
2332
2333 static int
2334 dissect_kerberos_SName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2335   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2336                                    SName_sequence, hf_index, ett_kerberos_SName);
2337
2338   return offset;
2339 }
2340
2341
2342 static const value_string kerberos_ENCTYPE_vals[] = {
2343   {   0, "eTYPE-NULL" },
2344   {   1, "eTYPE-DES-CBC-CRC" },
2345   {   2, "eTYPE-DES-CBC-MD4" },
2346   {   3, "eTYPE-DES-CBC-MD5" },
2347   {   5, "eTYPE-DES3-CBC-MD5" },
2348   {   7, "eTYPE-OLD-DES3-CBC-SHA1" },
2349   {   8, "eTYPE-SIGN-DSA-GENERATE" },
2350   {   9, "eTYPE-DSA-SHA1" },
2351   {  10, "eTYPE-RSA-MD5" },
2352   {  11, "eTYPE-RSA-SHA1" },
2353   {  12, "eTYPE-RC2-CBC" },
2354   {  13, "eTYPE-RSA" },
2355   {  14, "eTYPE-RSAES-OAEP" },
2356   {  15, "eTYPE-DES-EDE3-CBC" },
2357   {  16, "eTYPE-DES3-CBC-SHA1" },
2358   {  17, "eTYPE-AES128-CTS-HMAC-SHA1-96" },
2359   {  18, "eTYPE-AES256-CTS-HMAC-SHA1-96" },
2360   {  23, "eTYPE-ARCFOUR-HMAC-MD5" },
2361   {  24, "eTYPE-ARCFOUR-HMAC-MD5-56" },
2362   {  25, "eTYPE-CAMELLIA128-CTS-CMAC" },
2363   {  26, "eTYPE-CAMELLIA256-CTS-CMAC" },
2364   {  48, "eTYPE-ENCTYPE-PK-CROSS" },
2365   { -128, "eTYPE-ARCFOUR-MD4" },
2366   { -133, "eTYPE-ARCFOUR-HMAC-OLD" },
2367   { -135, "eTYPE-ARCFOUR-HMAC-OLD-EXP" },
2368   { -4096, "eTYPE-DES-CBC-NONE" },
2369   { -4097, "eTYPE-DES3-CBC-NONE" },
2370   { -4098, "eTYPE-DES-CFB64-NONE" },
2371   { -4099, "eTYPE-DES-PCBC-NONE" },
2372   { -4100, "eTYPE-DIGEST-MD5-NONE" },
2373   { -4101, "eTYPE-CRAM-MD5-NONE" },
2374   { 0, NULL }
2375 };
2376
2377
2378 static int
2379 dissect_kerberos_ENCTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2380 #line 225 "./asn1/kerberos/kerberos.cnf"
2381         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2382   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2383                                                 &(private_data->etype));
2384
2385
2386
2387
2388   return offset;
2389 }
2390
2391
2392
2393 static int
2394 dissect_kerberos_UInt32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2395   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2396                                                 NULL);
2397
2398   return offset;
2399 }
2400
2401
2402
2403 static int
2404 dissect_kerberos_T_encryptedTicketData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2405 #line 229 "./asn1/kerberos/kerberos.cnf"
2406 #ifdef HAVE_KERBEROS
2407         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_ticket_data);
2408 #else
2409   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2410                                        NULL);
2411
2412 #endif
2413         return offset;
2414
2415
2416
2417   return offset;
2418 }
2419
2420
2421 static const ber_sequence_t EncryptedTicketData_sequence[] = {
2422   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
2423   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2424   { &hf_kerberos_encryptedTicketData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedTicketData_cipher },
2425   { NULL, 0, 0, 0, NULL }
2426 };
2427
2428 static int
2429 dissect_kerberos_EncryptedTicketData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2430   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2431                                    EncryptedTicketData_sequence, hf_index, ett_kerberos_EncryptedTicketData);
2432
2433   return offset;
2434 }
2435
2436
2437 static const ber_sequence_t Ticket_U_sequence[] = {
2438   { &hf_kerberos_tkt_vno    , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2439   { &hf_kerberos_realm      , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
2440   { &hf_kerberos_sname      , BER_CLASS_CON, 2, 0, dissect_kerberos_SName },
2441   { &hf_kerberos_ticket_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedTicketData },
2442   { NULL, 0, 0, 0, NULL }
2443 };
2444
2445 static int
2446 dissect_kerberos_Ticket_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2447   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2448                                    Ticket_U_sequence, hf_index, ett_kerberos_Ticket_U);
2449
2450   return offset;
2451 }
2452
2453
2454
2455 static int
2456 dissect_kerberos_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2457   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2458                                       hf_index, BER_CLASS_APP, 1, FALSE, dissect_kerberos_Ticket_U);
2459
2460   return offset;
2461 }
2462
2463
2464
2465 static int
2466 dissect_kerberos_CNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2467   offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
2468                                             actx, tree, tvb, offset, hf_index,
2469                                             NULL);
2470
2471   return offset;
2472 }
2473
2474
2475 static const ber_sequence_t SEQUENCE_OF_CNameString_sequence_of[1] = {
2476   { &hf_kerberos_cname_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_CNameString },
2477 };
2478
2479 static int
2480 dissect_kerberos_SEQUENCE_OF_CNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2481   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2482                                       SEQUENCE_OF_CNameString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_CNameString);
2483
2484   return offset;
2485 }
2486
2487
2488 static const ber_sequence_t CName_sequence[] = {
2489   { &hf_kerberos_name_type  , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
2490   { &hf_kerberos_cname_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_CNameString },
2491   { NULL, 0, 0, 0, NULL }
2492 };
2493
2494 static int
2495 dissect_kerberos_CName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2496   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2497                                    CName_sequence, hf_index, ett_kerberos_CName);
2498
2499   return offset;
2500 }
2501
2502
2503 static const value_string kerberos_CKSUMTYPE_vals[] = {
2504   {   0, "cKSUMTYPE-NONE" },
2505   {   1, "cKSUMTYPE-CRC32" },
2506   {   2, "cKSUMTYPE-RSA-MD4" },
2507   {   3, "cKSUMTYPE-RSA-MD4-DES" },
2508   {   4, "cKSUMTYPE-DES-MAC" },
2509   {   5, "cKSUMTYPE-DES-MAC-K" },
2510   {   6, "cKSUMTYPE-RSA-MD4-DES-K" },
2511   {   7, "cKSUMTYPE-RSA-MD5" },
2512   {   8, "cKSUMTYPE-RSA-MD5-DES" },
2513   {   9, "cKSUMTYPE-RSA-MD5-DES3" },
2514   {  10, "cKSUMTYPE-SHA1-OTHER" },
2515   {  12, "cKSUMTYPE-HMAC-SHA1-DES3-KD" },
2516   {  13, "cKSUMTYPE-HMAC-SHA1-DES3" },
2517   {  14, "cKSUMTYPE-SHA1" },
2518   {  15, "cKSUMTYPE-HMAC-SHA1-96-AES-128" },
2519   {  16, "cKSUMTYPE-HMAC-SHA1-96-AES-256" },
2520   {  17, "cKSUMTYPE-CMAC-CAMELLIA128" },
2521   {  18, "cKSUMTYPE-CMAC-CAMELLIA256" },
2522   { 32771, "cKSUMTYPE-GSSAPI" },
2523   { -138, "cKSUMTYPE-HMAC-MD5" },
2524   { -1138, "cKSUMTYPE-HMAC-MD5-ENC" },
2525   { 0, NULL }
2526 };
2527
2528
2529 static int
2530 dissect_kerberos_CKSUMTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2531 #line 286 "./asn1/kerberos/kerberos.cnf"
2532         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2533   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2534                                                 &(private_data->checksum_type));
2535
2536
2537
2538
2539   return offset;
2540 }
2541
2542
2543
2544 static int
2545 dissect_kerberos_T_checksum(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2546 #line 290 "./asn1/kerberos/kerberos.cnf"
2547         tvbuff_t *next_tvb;
2548         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2549
2550         switch(private_data->checksum_type){
2551         case KRB5_CHKSUM_GSSAPI:
2552                 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &next_tvb);
2553                 dissect_krb5_rfc1964_checksum(actx, tree, next_tvb);
2554                 break;
2555         default:
2556                 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, NULL);
2557         }
2558         return offset;
2559
2560
2561
2562   return offset;
2563 }
2564
2565
2566 static const ber_sequence_t Checksum_sequence[] = {
2567   { &hf_kerberos_cksumtype  , BER_CLASS_CON, 0, 0, dissect_kerberos_CKSUMTYPE },
2568   { &hf_kerberos_checksum   , BER_CLASS_CON, 1, 0, dissect_kerberos_T_checksum },
2569   { NULL, 0, 0, 0, NULL }
2570 };
2571
2572 static int
2573 dissect_kerberos_Checksum(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2574   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2575                                    Checksum_sequence, hf_index, ett_kerberos_Checksum);
2576
2577   return offset;
2578 }
2579
2580
2581
2582 static int
2583 dissect_kerberos_Microseconds(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2584   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2585                                                 NULL);
2586
2587   return offset;
2588 }
2589
2590
2591
2592 static int
2593 dissect_kerberos_KerberosTime(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2594   offset = dissect_ber_GeneralizedTime(implicit_tag, actx, tree, tvb, offset, hf_index);
2595
2596   return offset;
2597 }
2598
2599
2600
2601 static int
2602 dissect_kerberos_Int32(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2603   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2604                                                 NULL);
2605
2606   return offset;
2607 }
2608
2609
2610
2611 static int
2612 dissect_kerberos_T_keytype(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2613 #line 304 "./asn1/kerberos/kerberos.cnf"
2614         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2615
2616         offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2617                                                                         &gbl_keytype);
2618         private_data->key.keytype = gbl_keytype;
2619
2620
2621
2622   return offset;
2623 }
2624
2625
2626
2627 static int
2628 dissect_kerberos_T_keyvalue(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2629 #line 311 "./asn1/kerberos/kerberos.cnf"
2630         tvbuff_t *out_tvb;
2631         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2632
2633   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2634                                        &out_tvb);
2635
2636
2637         private_data->key.keylength = tvb_reported_length(out_tvb);
2638         private_data->key.keyvalue = tvb_get_ptr(out_tvb, 0, private_data->key.keylength);
2639
2640
2641
2642   return offset;
2643 }
2644
2645
2646 static const ber_sequence_t EncryptionKey_sequence[] = {
2647   { &hf_kerberos_keytype    , BER_CLASS_CON, 0, 0, dissect_kerberos_T_keytype },
2648   { &hf_kerberos_keyvalue   , BER_CLASS_CON, 1, 0, dissect_kerberos_T_keyvalue },
2649   { NULL, 0, 0, 0, NULL }
2650 };
2651
2652 static int
2653 dissect_kerberos_EncryptionKey(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2654 #line 320 "./asn1/kerberos/kerberos.cnf"
2655         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2656
2657           offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2658                                    EncryptionKey_sequence, hf_index, ett_kerberos_EncryptionKey);
2659
2660
2661         if (private_data->key.keytype != 0) {
2662 #ifdef HAVE_KERBEROS
2663                 add_encryption_key(actx->pinfo, private_data->key.keytype, private_data->key.keylength, private_data->key.keyvalue, "key");
2664 #endif
2665         }
2666
2667
2668
2669   return offset;
2670 }
2671
2672
2673
2674 static int
2675 dissect_kerberos_T_ad_type(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2676 #line 331 "./asn1/kerberos/kerberos.cnf"
2677         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2678         offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2679                                                                         &(private_data->ad_type));
2680
2681
2682   return offset;
2683 }
2684
2685
2686
2687 static int
2688 dissect_kerberos_T_ad_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2689 #line 338 "./asn1/kerberos/kerberos.cnf"
2690         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2691
2692         switch(private_data->ad_type){
2693         case KRB5_AD_WIN2K_PAC:
2694                 offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_krb5_AD_WIN2K_PAC);
2695                 break;
2696         case KRB5_AD_IF_RELEVANT:
2697                 offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_kerberos_AD_IF_RELEVANT);
2698                 break;
2699         default:
2700                 offset=dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
2701         }
2702
2703
2704
2705   return offset;
2706 }
2707
2708
2709 static const ber_sequence_t AuthorizationData_item_sequence[] = {
2710   { &hf_kerberos_ad_type    , BER_CLASS_CON, 0, 0, dissect_kerberos_T_ad_type },
2711   { &hf_kerberos_ad_data    , BER_CLASS_CON, 1, 0, dissect_kerberos_T_ad_data },
2712   { NULL, 0, 0, 0, NULL }
2713 };
2714
2715 static int
2716 dissect_kerberos_AuthorizationData_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2717   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2718                                    AuthorizationData_item_sequence, hf_index, ett_kerberos_AuthorizationData_item);
2719
2720   return offset;
2721 }
2722
2723
2724 static const ber_sequence_t AuthorizationData_sequence_of[1] = {
2725   { &hf_kerberos_AuthorizationData_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_AuthorizationData_item },
2726 };
2727
2728 static int
2729 dissect_kerberos_AuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2730   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2731                                       AuthorizationData_sequence_of, hf_index, ett_kerberos_AuthorizationData);
2732
2733   return offset;
2734 }
2735
2736
2737 static const ber_sequence_t Authenticator_U_sequence[] = {
2738   { &hf_kerberos_authenticator_vno, BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
2739   { &hf_kerberos_crealm     , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
2740   { &hf_kerberos_cname      , BER_CLASS_CON, 2, 0, dissect_kerberos_CName },
2741   { &hf_kerberos_cksum      , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum },
2742   { &hf_kerberos_cusec      , BER_CLASS_CON, 4, 0, dissect_kerberos_Microseconds },
2743   { &hf_kerberos_ctime      , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
2744   { &hf_kerberos_subkey     , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptionKey },
2745   { &hf_kerberos_seq_number , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
2746   { &hf_kerberos_authorization_data, BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_AuthorizationData },
2747   { NULL, 0, 0, 0, NULL }
2748 };
2749
2750 static int
2751 dissect_kerberos_Authenticator_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2752   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2753                                    Authenticator_U_sequence, hf_index, ett_kerberos_Authenticator_U);
2754
2755   return offset;
2756 }
2757
2758
2759
2760 static int
2761 dissect_kerberos_Authenticator(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2762   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2763                                       hf_index, BER_CLASS_APP, 2, FALSE, dissect_kerberos_Authenticator_U);
2764
2765   return offset;
2766 }
2767
2768
2769 static const asn_namedbit TicketFlags_bits[] = {
2770   {  0, &hf_kerberos_TicketFlags_reserved, -1, -1, "reserved", NULL },
2771   {  1, &hf_kerberos_TicketFlags_forwardable, -1, -1, "forwardable", NULL },
2772   {  2, &hf_kerberos_TicketFlags_forwarded, -1, -1, "forwarded", NULL },
2773   {  3, &hf_kerberos_TicketFlags_proxiable, -1, -1, "proxiable", NULL },
2774   {  4, &hf_kerberos_TicketFlags_proxy, -1, -1, "proxy", NULL },
2775   {  5, &hf_kerberos_TicketFlags_may_postdate, -1, -1, "may-postdate", NULL },
2776   {  6, &hf_kerberos_TicketFlags_postdated, -1, -1, "postdated", NULL },
2777   {  7, &hf_kerberos_TicketFlags_invalid, -1, -1, "invalid", NULL },
2778   {  8, &hf_kerberos_TicketFlags_renewable, -1, -1, "renewable", NULL },
2779   {  9, &hf_kerberos_TicketFlags_initial, -1, -1, "initial", NULL },
2780   { 10, &hf_kerberos_TicketFlags_pre_authent, -1, -1, "pre-authent", NULL },
2781   { 11, &hf_kerberos_TicketFlags_hw_authent, -1, -1, "hw-authent", NULL },
2782   { 12, &hf_kerberos_TicketFlags_transited_policy_checked, -1, -1, "transited-policy-checked", NULL },
2783   { 13, &hf_kerberos_TicketFlags_ok_as_delegate, -1, -1, "ok-as-delegate", NULL },
2784   { 14, &hf_kerberos_TicketFlags_anonymous, -1, -1, "anonymous", NULL },
2785   { 0, NULL, 0, 0, NULL, NULL }
2786 };
2787
2788 static int
2789 dissect_kerberos_TicketFlags(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2790   offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
2791                                     TicketFlags_bits, hf_index, ett_kerberos_TicketFlags,
2792                                     NULL);
2793
2794   return offset;
2795 }
2796
2797
2798
2799 static int
2800 dissect_kerberos_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2801   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
2802                                        NULL);
2803
2804   return offset;
2805 }
2806
2807
2808 static const ber_sequence_t TransitedEncoding_sequence[] = {
2809   { &hf_kerberos_tr_type    , BER_CLASS_CON, 0, 0, dissect_kerberos_Int32 },
2810   { &hf_kerberos_contents   , BER_CLASS_CON, 1, 0, dissect_kerberos_OCTET_STRING },
2811   { NULL, 0, 0, 0, NULL }
2812 };
2813
2814 static int
2815 dissect_kerberos_TransitedEncoding(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2816   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2817                                    TransitedEncoding_sequence, hf_index, ett_kerberos_TransitedEncoding);
2818
2819   return offset;
2820 }
2821
2822
2823 static const value_string kerberos_ADDR_TYPE_vals[] = {
2824   { KERBEROS_ADDR_TYPE_IPV4, "iPv4" },
2825   { KERBEROS_ADDR_TYPE_CHAOS, "cHAOS" },
2826   { KERBEROS_ADDR_TYPE_XEROX, "xEROX" },
2827   { KERBEROS_ADDR_TYPE_ISO, "iSO" },
2828   { KERBEROS_ADDR_TYPE_DECNET, "dECNET" },
2829   { KERBEROS_ADDR_TYPE_APPLETALK, "aPPLETALK" },
2830   { KERBEROS_ADDR_TYPE_NETBIOS, "nETBIOS" },
2831   { KERBEROS_ADDR_TYPE_IPV6, "iPv6" },
2832   { 0, NULL }
2833 };
2834
2835
2836 static int
2837 dissect_kerberos_ADDR_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2838 #line 352 "./asn1/kerberos/kerberos.cnf"
2839         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2840   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2841                                                 &(private_data->addr_type));
2842
2843
2844
2845
2846   return offset;
2847 }
2848
2849
2850
2851 static int
2852 dissect_kerberos_T_address(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2853 #line 174 "./asn1/kerberos/kerberos.cnf"
2854         gint8 appclass;
2855         gboolean pc;
2856         gint32 tag;
2857         guint32 len;
2858         const char *address_str;
2859         proto_item *it=NULL;
2860         kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
2861
2862         /* read header and len for the octet string */
2863         offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &appclass, &pc, &tag);
2864         offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL);
2865
2866         switch(private_data->addr_type){
2867         case KERBEROS_ADDR_TYPE_IPV4:
2868                 it=proto_tree_add_item(tree, hf_krb_address_ip, tvb, offset, 4, ENC_BIG_ENDIAN);
2869                 address_str = tvb_ip_to_str(tvb, offset);
2870                 break;
2871         case KERBEROS_ADDR_TYPE_NETBIOS:
2872                 {
2873                 char netbios_name[(NETBIOS_NAME_LEN - 1)*4 + 1];
2874                 int netbios_name_type;
2875                 int netbios_name_len = (NETBIOS_NAME_LEN - 1)*4 + 1;
2876
2877                 netbios_name_type = process_netbios_name(tvb_get_ptr(tvb, offset, 16), netbios_name, netbios_name_len);
2878                 address_str = wmem_strdup_printf(wmem_packet_scope(), "%s<%02x>", netbios_name, netbios_name_type);
2879                 it=proto_tree_add_string_format(tree, hf_krb_address_netbios, tvb, offset, 16, netbios_name, "NetBIOS Name: %s (%s)", address_str, netbios_name_type_descr(netbios_name_type));
2880                 }
2881                 break;
2882         case KERBEROS_ADDR_TYPE_IPV6:
2883                 it=proto_tree_add_item(tree, hf_krb_address_ipv6, tvb, offset, INET6_ADDRLEN, ENC_NA);
2884                 address_str = tvb_ip6_to_str(tvb, offset);
2885                 break;
2886         default:
2887                 proto_tree_add_expert(tree, actx->pinfo, &ei_kerberos_address, tvb, offset, len);
2888                 address_str = NULL;
2889         }
2890
2891         /* push it up two levels in the decode pane */
2892         if(it && address_str){
2893                 proto_item_append_text(proto_item_get_parent(it), " %s",address_str);
2894                 proto_item_append_text(proto_item_get_parent_nth(it, 2), " %s",address_str);
2895         }
2896
2897         offset+=len;
2898         return offset;
2899
2900
2901
2902
2903   return offset;
2904 }
2905
2906
2907 static const ber_sequence_t HostAddress_sequence[] = {
2908   { &hf_kerberos_addr_type  , BER_CLASS_CON, 0, 0, dissect_kerberos_ADDR_TYPE },
2909   { &hf_kerberos_address    , BER_CLASS_CON, 1, 0, dissect_kerberos_T_address },
2910   { NULL, 0, 0, 0, NULL }
2911 };
2912
2913 static int
2914 dissect_kerberos_HostAddress(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2915   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2916                                    HostAddress_sequence, hf_index, ett_kerberos_HostAddress);
2917
2918   return offset;
2919 }
2920
2921
2922 static const ber_sequence_t HostAddresses_sequence_of[1] = {
2923   { &hf_kerberos_HostAddresses_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_HostAddress },
2924 };
2925
2926 static int
2927 dissect_kerberos_HostAddresses(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2928   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
2929                                       HostAddresses_sequence_of, hf_index, ett_kerberos_HostAddresses);
2930
2931   return offset;
2932 }
2933
2934
2935 static const ber_sequence_t EncTicketPart_U_sequence[] = {
2936   { &hf_kerberos_flags      , BER_CLASS_CON, 0, 0, dissect_kerberos_TicketFlags },
2937   { &hf_kerberos_key        , BER_CLASS_CON, 1, 0, dissect_kerberos_EncryptionKey },
2938   { &hf_kerberos_crealm     , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm },
2939   { &hf_kerberos_cname      , BER_CLASS_CON, 3, 0, dissect_kerberos_CName },
2940   { &hf_kerberos_transited  , BER_CLASS_CON, 4, 0, dissect_kerberos_TransitedEncoding },
2941   { &hf_kerberos_authtime   , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
2942   { &hf_kerberos_starttime  , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2943   { &hf_kerberos_endtime    , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime },
2944   { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
2945   { &hf_kerberos_caddr      , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
2946   { &hf_kerberos_authorization_data, BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_AuthorizationData },
2947   { NULL, 0, 0, 0, NULL }
2948 };
2949
2950 static int
2951 dissect_kerberos_EncTicketPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2952   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
2953                                    EncTicketPart_U_sequence, hf_index, ett_kerberos_EncTicketPart_U);
2954
2955   return offset;
2956 }
2957
2958
2959
2960 static int
2961 dissect_kerberos_EncTicketPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2962   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
2963                                       hf_index, BER_CLASS_APP, 3, FALSE, dissect_kerberos_EncTicketPart_U);
2964
2965   return offset;
2966 }
2967
2968
2969 static const value_string kerberos_MESSAGE_TYPE_vals[] = {
2970   {  10, "krb-as-req" },
2971   {  11, "krb-as-rep" },
2972   {  12, "krb-tgs-req" },
2973   {  13, "krb-tgs-rep" },
2974   {  14, "krb-ap-req" },
2975   {  15, "krb-ap-rep" },
2976   {  20, "krb-safe" },
2977   {  21, "krb-priv" },
2978   {  22, "krb-cred" },
2979   {  30, "krb-error" },
2980   { 0, NULL }
2981 };
2982
2983
2984 static int
2985 dissect_kerberos_MESSAGE_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
2986 #line 68 "./asn1/kerberos/kerberos.cnf"
2987 guint32 msgtype;
2988
2989   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
2990                                                 &msgtype);
2991
2992
2993
2994
2995 #line 73 "./asn1/kerberos/kerberos.cnf"
2996         if (gbl_do_col_info) {
2997                 col_add_str(actx->pinfo->cinfo, COL_INFO,
2998                         val_to_str(msgtype, krb5_msg_types,
2999                         "Unknown msg type %#x"));
3000         }
3001         gbl_do_col_info=FALSE;
3002
3003 #if 0
3004         /* append the application type to the tree */
3005         proto_item_append_text(tree, " %s", val_to_str(msgtype, krb5_msg_types, "Unknown:0x%x"));
3006 #endif
3007
3008
3009   return offset;
3010 }
3011
3012
3013 static const value_string kerberos_PADATA_TYPE_vals[] = {
3014   {   0, "kRB5-PADATA-NONE" },
3015   {   1, "kRB5-PADATA-TGS-REQ" },
3016   {   1, "kRB5-PADATA-AP-REQ" },
3017   {   2, "kRB5-PADATA-ENC-TIMESTAMP" },
3018   {   3, "kRB5-PADATA-PW-SALT" },
3019   {   5, "kRB5-PADATA-ENC-UNIX-TIME" },
3020   {   6, "kRB5-PADATA-SANDIA-SECUREID" },
3021   {   7, "kRB5-PADATA-SESAME" },
3022   {   8, "kRB5-PADATA-OSF-DCE" },
3023   {   9, "kRB5-PADATA-CYBERSAFE-SECUREID" },
3024   {  10, "kRB5-PADATA-AFS3-SALT" },
3025   {  11, "kRB5-PADATA-ETYPE-INFO" },
3026   {  12, "kRB5-PADATA-SAM-CHALLENGE" },
3027   {  13, "kRB5-PADATA-SAM-RESPONSE" },
3028   {  14, "kRB5-PADATA-PK-AS-REQ-19" },
3029   {  15, "kRB5-PADATA-PK-AS-REP-19" },
3030   {  15, "kRB5-PADATA-PK-AS-REQ-WIN" },
3031   {  16, "kRB5-PADATA-PK-AS-REQ" },
3032   {  17, "kRB5-PADATA-PK-AS-REP" },
3033   {  18, "kRB5-PADATA-PA-PK-OCSP-RESPONSE" },
3034   {  19, "kRB5-PADATA-ETYPE-INFO2" },
3035   {  20, "kRB5-PADATA-USE-SPECIFIED-KVNO" },
3036   {  20, "kRB5-PADATA-SVR-REFERRAL-INFO" },
3037   {  21, "kRB5-PADATA-SAM-REDIRECT" },
3038   {  22, "kRB5-PADATA-GET-FROM-TYPED-DATA" },
3039   {  23, "kRB5-PADATA-SAM-ETYPE-INFO" },
3040   {  25, "kRB5-PADATA-SERVER-REFERRAL" },
3041   { 102, "kRB5-PADATA-TD-KRB-PRINCIPAL" },
3042   { 104, "kRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS" },
3043   { 105, "kRB5-PADATA-PK-TD-CERTIFICATE-INDEX" },
3044   { 106, "kRB5-PADATA-TD-APP-DEFINED-ERROR" },
3045   { 107, "kRB5-PADATA-TD-REQ-NONCE" },
3046   { 108, "kRB5-PADATA-TD-REQ-SEQ" },
3047   { 128, "kRB5-PADATA-PA-PAC-REQUEST" },
3048   { 129, "kRB5-PADATA-S4U2SELF" },
3049   { 132, "kRB5-PADATA-PK-AS-09-BINDING" },
3050   { 133, "kRB5-PADATA-CLIENT-CANONICALIZED" },
3051   { 0, NULL }
3052 };
3053
3054
3055 static int
3056 dissect_kerberos_PADATA_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3057 #line 121 "./asn1/kerberos/kerberos.cnf"
3058         kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
3059   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
3060                                                 &(private_data->padata_type));
3061
3062
3063
3064 #line 124 "./asn1/kerberos/kerberos.cnf"
3065         if(tree){
3066                 proto_item_append_text(tree, " %s",
3067                         val_to_str(private_data->padata_type, krb5_preauthentication_types,
3068                         "Unknown:%d"));
3069         }
3070
3071
3072   return offset;
3073 }
3074
3075
3076
3077 static int
3078 dissect_kerberos_T_padata_value(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3079 #line 131 "./asn1/kerberos/kerberos.cnf"
3080         proto_tree *sub_tree=tree;
3081         kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
3082
3083         if(actx->created_item){
3084                 sub_tree=proto_item_add_subtree(actx->created_item, ett_kerberos_PA_DATA);
3085         }
3086
3087         switch(private_data->padata_type){
3088         case KRB5_PA_TGS_REQ:
3089                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
3090                 break;
3091         case KRB5_PA_PK_AS_REQ:
3092                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsReq);
3093                 break;
3094         case KRB5_PA_PK_AS_REP:
3095                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsRep);
3096                 break;
3097         case KRB5_PA_PAC_REQUEST:
3098                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_KERB_PA_PAC_REQUEST);
3099                 break;
3100         case KRB5_PA_S4U2SELF:
3101                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U2Self);
3102                 break;
3103         case KRB5_PA_PROV_SRV_LOCATION:
3104                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PA_PROV_SRV_LOCATION);
3105                 break;
3106         case KRB5_PA_ENC_TIMESTAMP:
3107                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_ENC_TIMESTAMP);
3108                 break;
3109         case KRB5_PA_ENCTYPE_INFO:
3110                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO);
3111                 break;
3112         case KRB5_PA_ENCTYPE_INFO2:
3113                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO2);
3114                 break;
3115         case KRB5_PA_PW_SALT:
3116                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PW_SALT);
3117                 break;
3118         default:
3119                 offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, NULL);
3120         }
3121
3122
3123
3124   return offset;
3125 }
3126
3127
3128 static const ber_sequence_t PA_DATA_sequence[] = {
3129   { &hf_kerberos_padata_type, BER_CLASS_CON, 1, 0, dissect_kerberos_PADATA_TYPE },
3130   { &hf_kerberos_padata_value, BER_CLASS_CON, 2, 0, dissect_kerberos_T_padata_value },
3131   { NULL, 0, 0, 0, NULL }
3132 };
3133
3134 static int
3135 dissect_kerberos_PA_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3136   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3137                                    PA_DATA_sequence, hf_index, ett_kerberos_PA_DATA);
3138
3139   return offset;
3140 }
3141
3142
3143 static const ber_sequence_t SEQUENCE_OF_PA_DATA_sequence_of[1] = {
3144   { &hf_kerberos_padata_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_PA_DATA },
3145 };
3146
3147 static int
3148 dissect_kerberos_SEQUENCE_OF_PA_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3149   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3150                                       SEQUENCE_OF_PA_DATA_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_PA_DATA);
3151
3152   return offset;
3153 }
3154
3155
3156 static const asn_namedbit KDCOptions_bits[] = {
3157   {  0, &hf_kerberos_KDCOptions_reserved, -1, -1, "reserved", NULL },
3158   {  1, &hf_kerberos_KDCOptions_forwardable, -1, -1, "forwardable", NULL },
3159   {  2, &hf_kerberos_KDCOptions_forwarded, -1, -1, "forwarded", NULL },
3160   {  3, &hf_kerberos_KDCOptions_proxiable, -1, -1, "proxiable", NULL },
3161   {  4, &hf_kerberos_KDCOptions_proxy, -1, -1, "proxy", NULL },
3162   {  5, &hf_kerberos_KDCOptions_allow_postdate, -1, -1, "allow-postdate", NULL },
3163   {  6, &hf_kerberos_KDCOptions_postdated, -1, -1, "postdated", NULL },
3164   {  7, &hf_kerberos_KDCOptions_unused7, -1, -1, "unused7", NULL },
3165   {  8, &hf_kerberos_KDCOptions_renewable, -1, -1, "renewable", NULL },
3166   {  9, &hf_kerberos_KDCOptions_unused9, -1, -1, "unused9", NULL },
3167   { 10, &hf_kerberos_KDCOptions_unused10, -1, -1, "unused10", NULL },
3168   { 11, &hf_kerberos_KDCOptions_opt_hardware_auth, -1, -1, "opt-hardware-auth", NULL },
3169   { 14, &hf_kerberos_KDCOptions_request_anonymous, -1, -1, "request-anonymous", NULL },
3170   { 15, &hf_kerberos_KDCOptions_canonicalize, -1, -1, "canonicalize", NULL },
3171   { 16, &hf_kerberos_KDCOptions_constrained_delegation, -1, -1, "constrained-delegation", NULL },
3172   { 26, &hf_kerberos_KDCOptions_disable_transited_check, -1, -1, "disable-transited-check", NULL },
3173   { 27, &hf_kerberos_KDCOptions_renewable_ok, -1, -1, "renewable-ok", NULL },
3174   { 28, &hf_kerberos_KDCOptions_enc_tkt_in_skey, -1, -1, "enc-tkt-in-skey", NULL },
3175   { 30, &hf_kerberos_KDCOptions_renew, -1, -1, "renew", NULL },
3176   { 31, &hf_kerberos_KDCOptions_validate, -1, -1, "validate", NULL },
3177   { 0, NULL, 0, 0, NULL, NULL }
3178 };
3179
3180 static int
3181 dissect_kerberos_KDCOptions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3182   offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
3183                                     KDCOptions_bits, hf_index, ett_kerberos_KDCOptions,
3184                                     NULL);
3185
3186   return offset;
3187 }
3188
3189
3190 static const ber_sequence_t SEQUENCE_OF_ENCTYPE_sequence_of[1] = {
3191   { &hf_kerberos_kDC_REQ_BODY_etype_item, BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_kerberos_ENCTYPE },
3192 };
3193
3194 static int
3195 dissect_kerberos_SEQUENCE_OF_ENCTYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3196   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3197                                       SEQUENCE_OF_ENCTYPE_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_ENCTYPE);
3198
3199   return offset;
3200 }
3201
3202
3203
3204 static int
3205 dissect_kerberos_T_encryptedAuthorizationData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3206 #line 237 "./asn1/kerberos/kerberos.cnf"
3207 #ifdef HAVE_KERBEROS
3208         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authenticator_data);
3209 #else
3210   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3211                                        NULL);
3212
3213 #endif
3214         return offset;
3215
3216
3217
3218   return offset;
3219 }
3220
3221
3222 static const ber_sequence_t EncryptedAuthorizationData_sequence[] = {
3223   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3224   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3225   { &hf_kerberos_encryptedAuthorizationData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedAuthorizationData_cipher },
3226   { NULL, 0, 0, 0, NULL }
3227 };
3228
3229 static int
3230 dissect_kerberos_EncryptedAuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3231   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3232                                    EncryptedAuthorizationData_sequence, hf_index, ett_kerberos_EncryptedAuthorizationData);
3233
3234   return offset;
3235 }
3236
3237
3238 static const ber_sequence_t SEQUENCE_OF_Ticket_sequence_of[1] = {
3239   { &hf_kerberos_additional_tickets_item, BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_kerberos_Ticket },
3240 };
3241
3242 static int
3243 dissect_kerberos_SEQUENCE_OF_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3244   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3245                                       SEQUENCE_OF_Ticket_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_Ticket);
3246
3247   return offset;
3248 }
3249
3250
3251 static const ber_sequence_t KDC_REQ_BODY_sequence[] = {
3252   { &hf_kerberos_kdc_options, BER_CLASS_CON, 0, 0, dissect_kerberos_KDCOptions },
3253   { &hf_kerberos_cname      , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_CName },
3254   { &hf_kerberos_realm      , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm },
3255   { &hf_kerberos_sname      , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_SName },
3256   { &hf_kerberos_from       , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3257   { &hf_kerberos_till       , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3258   { &hf_kerberos_rtime      , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3259   { &hf_kerberos_nonce      , BER_CLASS_CON, 7, 0, dissect_kerberos_UInt32 },
3260   { &hf_kerberos_kDC_REQ_BODY_etype, BER_CLASS_CON, 8, 0, dissect_kerberos_SEQUENCE_OF_ENCTYPE },
3261   { &hf_kerberos_addresses  , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3262   { &hf_kerberos_enc_authorization_data, BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptedAuthorizationData },
3263   { &hf_kerberos_additional_tickets, BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_Ticket },
3264   { NULL, 0, 0, 0, NULL }
3265 };
3266
3267 static int
3268 dissect_kerberos_KDC_REQ_BODY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3269 #line 356 "./asn1/kerberos/kerberos.cnf"
3270         conversation_t *conversation;
3271
3272         /*
3273          * UDP replies to KDC_REQs are sent from the server back to the client's
3274          * source port, similar to the way TFTP works.  Set up a conversation
3275          * accordingly.
3276          *
3277          * Ref: Section 7.2.1 of
3278          * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
3279          */
3280         if (actx->pinfo->destport == UDP_PORT_KERBEROS && actx->pinfo->ptype == PT_UDP) {
3281                 conversation = find_conversation(actx->pinfo->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
3282                                                                                         actx->pinfo->srcport, 0, NO_PORT_B);
3283                 if (conversation == NULL) {
3284                         conversation = conversation_new(actx->pinfo->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
3285                                                                                         actx->pinfo->srcport, 0, NO_PORT2);
3286                         conversation_set_dissector(conversation, kerberos_handle_udp);
3287                 }
3288         }
3289
3290           offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3291                                    KDC_REQ_BODY_sequence, hf_index, ett_kerberos_KDC_REQ_BODY);
3292
3293
3294
3295
3296   return offset;
3297 }
3298
3299
3300 static const ber_sequence_t KDC_REQ_sequence[] = {
3301   { &hf_kerberos_pvno       , BER_CLASS_CON, 1, 0, dissect_kerberos_INTEGER_5 },
3302   { &hf_kerberos_msg_type   , BER_CLASS_CON, 2, 0, dissect_kerberos_MESSAGE_TYPE },
3303   { &hf_kerberos_padata     , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA },
3304   { &hf_kerberos_req_body   , BER_CLASS_CON, 4, 0, dissect_kerberos_KDC_REQ_BODY },
3305   { NULL, 0, 0, 0, NULL }
3306 };
3307
3308 static int
3309 dissect_kerberos_KDC_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3310   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3311                                    KDC_REQ_sequence, hf_index, ett_kerberos_KDC_REQ);
3312
3313   return offset;
3314 }
3315
3316
3317
3318 static int
3319 dissect_kerberos_AS_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3320   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3321                                       hf_index, BER_CLASS_APP, 10, FALSE, dissect_kerberos_KDC_REQ);
3322
3323   return offset;
3324 }
3325
3326
3327
3328 static int
3329 dissect_kerberos_T_encryptedKDCREPData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3330 #line 245 "./asn1/kerberos/kerberos.cnf"
3331 #ifdef HAVE_KERBEROS
3332         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KDC_REP_data);
3333 #else
3334   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3335                                        NULL);
3336
3337 #endif
3338         return offset;
3339
3340
3341
3342   return offset;
3343 }
3344
3345
3346 static const ber_sequence_t EncryptedKDCREPData_sequence[] = {
3347   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3348   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3349   { &hf_kerberos_encryptedKDCREPData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKDCREPData_cipher },
3350   { NULL, 0, 0, 0, NULL }
3351 };
3352
3353 static int
3354 dissect_kerberos_EncryptedKDCREPData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3355   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3356                                    EncryptedKDCREPData_sequence, hf_index, ett_kerberos_EncryptedKDCREPData);
3357
3358   return offset;
3359 }
3360
3361
3362 static const ber_sequence_t KDC_REP_sequence[] = {
3363   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3364   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3365   { &hf_kerberos_padata     , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA },
3366   { &hf_kerberos_crealm     , BER_CLASS_CON, 3, 0, dissect_kerberos_Realm },
3367   { &hf_kerberos_cname      , BER_CLASS_CON, 4, 0, dissect_kerberos_CName },
3368   { &hf_kerberos_ticket     , BER_CLASS_CON, 5, 0, dissect_kerberos_Ticket },
3369   { &hf_kerberos_kDC_REP_enc_part, BER_CLASS_CON, 6, 0, dissect_kerberos_EncryptedKDCREPData },
3370   { NULL, 0, 0, 0, NULL }
3371 };
3372
3373 static int
3374 dissect_kerberos_KDC_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3375   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3376                                    KDC_REP_sequence, hf_index, ett_kerberos_KDC_REP);
3377
3378   return offset;
3379 }
3380
3381
3382
3383 static int
3384 dissect_kerberos_AS_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3385   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3386                                       hf_index, BER_CLASS_APP, 11, FALSE, dissect_kerberos_KDC_REP);
3387
3388   return offset;
3389 }
3390
3391
3392
3393 static int
3394 dissect_kerberos_TGS_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3395   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3396                                       hf_index, BER_CLASS_APP, 12, FALSE, dissect_kerberos_KDC_REQ);
3397
3398   return offset;
3399 }
3400
3401
3402
3403 static int
3404 dissect_kerberos_TGS_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3405   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3406                                       hf_index, BER_CLASS_APP, 13, FALSE, dissect_kerberos_KDC_REP);
3407
3408   return offset;
3409 }
3410
3411
3412 static const asn_namedbit APOptions_bits[] = {
3413   {  0, &hf_kerberos_APOptions_reserved, -1, -1, "reserved", NULL },
3414   {  1, &hf_kerberos_APOptions_use_session_key, -1, -1, "use-session-key", NULL },
3415   {  2, &hf_kerberos_APOptions_mutual_required, -1, -1, "mutual-required", NULL },
3416   { 0, NULL, 0, 0, NULL, NULL }
3417 };
3418
3419 static int
3420 dissect_kerberos_APOptions(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3421   offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset,
3422                                     APOptions_bits, hf_index, ett_kerberos_APOptions,
3423                                     NULL);
3424
3425   return offset;
3426 }
3427
3428
3429 static const ber_sequence_t AP_REQ_U_sequence[] = {
3430   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3431   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3432   { &hf_kerberos_ap_options , BER_CLASS_CON, 2, 0, dissect_kerberos_APOptions },
3433   { &hf_kerberos_ticket     , BER_CLASS_CON, 3, 0, dissect_kerberos_Ticket },
3434   { &hf_kerberos_authenticator_01, BER_CLASS_CON, 4, 0, dissect_kerberos_EncryptedAuthorizationData },
3435   { NULL, 0, 0, 0, NULL }
3436 };
3437
3438 static int
3439 dissect_kerberos_AP_REQ_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3440   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3441                                    AP_REQ_U_sequence, hf_index, ett_kerberos_AP_REQ_U);
3442
3443   return offset;
3444 }
3445
3446
3447
3448 static int
3449 dissect_kerberos_AP_REQ(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3450   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3451                                       hf_index, BER_CLASS_APP, 14, FALSE, dissect_kerberos_AP_REQ_U);
3452
3453   return offset;
3454 }
3455
3456
3457
3458 static int
3459 dissect_kerberos_T_encryptedAPREPData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3460 #line 261 "./asn1/kerberos/kerberos.cnf"
3461 #ifdef HAVE_KERBEROS
3462         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_AP_REP_data);
3463 #else
3464   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3465                                        NULL);
3466
3467 #endif
3468         return offset;
3469
3470
3471
3472   return offset;
3473 }
3474
3475
3476 static const ber_sequence_t EncryptedAPREPData_sequence[] = {
3477   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3478   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3479   { &hf_kerberos_encryptedAPREPData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedAPREPData_cipher },
3480   { NULL, 0, 0, 0, NULL }
3481 };
3482
3483 static int
3484 dissect_kerberos_EncryptedAPREPData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3485   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3486                                    EncryptedAPREPData_sequence, hf_index, ett_kerberos_EncryptedAPREPData);
3487
3488   return offset;
3489 }
3490
3491
3492 static const ber_sequence_t AP_REP_U_sequence[] = {
3493   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3494   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3495   { &hf_kerberos_aP_REP_enc_part, BER_CLASS_CON, 2, 0, dissect_kerberos_EncryptedAPREPData },
3496   { NULL, 0, 0, 0, NULL }
3497 };
3498
3499 static int
3500 dissect_kerberos_AP_REP_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3501   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3502                                    AP_REP_U_sequence, hf_index, ett_kerberos_AP_REP_U);
3503
3504   return offset;
3505 }
3506
3507
3508
3509 static int
3510 dissect_kerberos_AP_REP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3511   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3512                                       hf_index, BER_CLASS_APP, 15, FALSE, dissect_kerberos_AP_REP_U);
3513
3514   return offset;
3515 }
3516
3517
3518
3519 static int
3520 dissect_kerberos_T_kRB_SAFE_BODY_user_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3521 #line 379 "./asn1/kerberos/kerberos.cnf"
3522         tvbuff_t *new_tvb;
3523         offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
3524         if (new_tvb) {
3525                 call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA, (kerberos_callbacks*)actx->private_data);
3526         }
3527
3528
3529
3530   return offset;
3531 }
3532
3533
3534 static const ber_sequence_t KRB_SAFE_BODY_sequence[] = {
3535   { &hf_kerberos_kRB_SAFE_BODY_user_data, BER_CLASS_CON, 0, 0, dissect_kerberos_T_kRB_SAFE_BODY_user_data },
3536   { &hf_kerberos_timestamp  , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3537   { &hf_kerberos_usec       , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3538   { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3539   { &hf_kerberos_s_address  , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3540   { &hf_kerberos_r_address  , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3541   { NULL, 0, 0, 0, NULL }
3542 };
3543
3544 static int
3545 dissect_kerberos_KRB_SAFE_BODY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3546   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3547                                    KRB_SAFE_BODY_sequence, hf_index, ett_kerberos_KRB_SAFE_BODY);
3548
3549   return offset;
3550 }
3551
3552
3553 static const ber_sequence_t KRB_SAFE_U_sequence[] = {
3554   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3555   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3556   { &hf_kerberos_safe_body  , BER_CLASS_CON, 2, 0, dissect_kerberos_KRB_SAFE_BODY },
3557   { &hf_kerberos_cksum      , BER_CLASS_CON, 3, 0, dissect_kerberos_Checksum },
3558   { NULL, 0, 0, 0, NULL }
3559 };
3560
3561 static int
3562 dissect_kerberos_KRB_SAFE_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3563   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3564                                    KRB_SAFE_U_sequence, hf_index, ett_kerberos_KRB_SAFE_U);
3565
3566   return offset;
3567 }
3568
3569
3570
3571 static int
3572 dissect_kerberos_KRB_SAFE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3573   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3574                                       hf_index, BER_CLASS_APP, 20, FALSE, dissect_kerberos_KRB_SAFE_U);
3575
3576   return offset;
3577 }
3578
3579
3580
3581 static int
3582 dissect_kerberos_T_encryptedKrbPrivData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3583 #line 269 "./asn1/kerberos/kerberos.cnf"
3584 #ifdef HAVE_KERBEROS
3585         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PRIV_data);
3586 #else
3587   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3588                                        NULL);
3589
3590 #endif
3591         return offset;
3592
3593
3594
3595   return offset;
3596 }
3597
3598
3599 static const ber_sequence_t EncryptedKrbPrivData_sequence[] = {
3600   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3601   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3602   { &hf_kerberos_encryptedKrbPrivData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKrbPrivData_cipher },
3603   { NULL, 0, 0, 0, NULL }
3604 };
3605
3606 static int
3607 dissect_kerberos_EncryptedKrbPrivData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3608   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3609                                    EncryptedKrbPrivData_sequence, hf_index, ett_kerberos_EncryptedKrbPrivData);
3610
3611   return offset;
3612 }
3613
3614
3615 static const ber_sequence_t KRB_PRIV_U_sequence[] = {
3616   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3617   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3618   { &hf_kerberos_kRB_PRIV_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedKrbPrivData },
3619   { NULL, 0, 0, 0, NULL }
3620 };
3621
3622 static int
3623 dissect_kerberos_KRB_PRIV_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3624   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3625                                    KRB_PRIV_U_sequence, hf_index, ett_kerberos_KRB_PRIV_U);
3626
3627   return offset;
3628 }
3629
3630
3631
3632 static int
3633 dissect_kerberos_KRB_PRIV(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3634   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3635                                       hf_index, BER_CLASS_APP, 21, FALSE, dissect_kerberos_KRB_PRIV_U);
3636
3637   return offset;
3638 }
3639
3640
3641
3642 static int
3643 dissect_kerberos_T_encryptedKrbCredData_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3644 #line 277 "./asn1/kerberos/kerberos.cnf"
3645 #ifdef HAVE_KERBEROS
3646         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_CRED_data);
3647 #else
3648   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
3649                                        NULL);
3650
3651 #endif
3652         return offset;
3653
3654
3655
3656
3657   return offset;
3658 }
3659
3660
3661 static const ber_sequence_t EncryptedKrbCredData_sequence[] = {
3662   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
3663   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3664   { &hf_kerberos_encryptedKrbCredData_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_encryptedKrbCredData_cipher },
3665   { NULL, 0, 0, 0, NULL }
3666 };
3667
3668 static int
3669 dissect_kerberos_EncryptedKrbCredData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3670   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3671                                    EncryptedKrbCredData_sequence, hf_index, ett_kerberos_EncryptedKrbCredData);
3672
3673   return offset;
3674 }
3675
3676
3677 static const ber_sequence_t KRB_CRED_U_sequence[] = {
3678   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
3679   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
3680   { &hf_kerberos_tickets    , BER_CLASS_CON, 2, 0, dissect_kerberos_SEQUENCE_OF_Ticket },
3681   { &hf_kerberos_kRB_CRED_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedKrbCredData },
3682   { NULL, 0, 0, 0, NULL }
3683 };
3684
3685 static int
3686 dissect_kerberos_KRB_CRED_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3687   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3688                                    KRB_CRED_U_sequence, hf_index, ett_kerberos_KRB_CRED_U);
3689
3690   return offset;
3691 }
3692
3693
3694
3695 static int
3696 dissect_kerberos_KRB_CRED(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3697   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3698                                       hf_index, BER_CLASS_APP, 22, FALSE, dissect_kerberos_KRB_CRED_U);
3699
3700   return offset;
3701 }
3702
3703
3704 static const value_string kerberos_LR_TYPE_vals[] = {
3705   {   0, "lR-NONE" },
3706   {   1, "lR-INITIAL-TGT" },
3707   {   2, "lR-INITIAL" },
3708   {   3, "lR-ISSUE-USE-TGT" },
3709   {   4, "lR-RENEWAL" },
3710   {   5, "lR-REQUEST" },
3711   {   6, "lR-PW-EXPTIME" },
3712   {   7, "lR-ACCT-EXPTIME" },
3713   { 0, NULL }
3714 };
3715
3716
3717 static int
3718 dissect_kerberos_LR_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3719   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
3720                                                 NULL);
3721
3722   return offset;
3723 }
3724
3725
3726 static const ber_sequence_t LastReq_item_sequence[] = {
3727   { &hf_kerberos_lr_type    , BER_CLASS_CON, 0, 0, dissect_kerberos_LR_TYPE },
3728   { &hf_kerberos_lr_value   , BER_CLASS_CON, 1, 0, dissect_kerberos_KerberosTime },
3729   { NULL, 0, 0, 0, NULL }
3730 };
3731
3732 static int
3733 dissect_kerberos_LastReq_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3734   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3735                                    LastReq_item_sequence, hf_index, ett_kerberos_LastReq_item);
3736
3737   return offset;
3738 }
3739
3740
3741 static const ber_sequence_t LastReq_sequence_of[1] = {
3742   { &hf_kerberos_LastReq_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_LastReq_item },
3743 };
3744
3745 static int
3746 dissect_kerberos_LastReq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3747   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3748                                       LastReq_sequence_of, hf_index, ett_kerberos_LastReq);
3749
3750   return offset;
3751 }
3752
3753
3754 static const ber_sequence_t METHOD_DATA_sequence_of[1] = {
3755   { &hf_kerberos_METHOD_DATA_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_PA_DATA },
3756 };
3757
3758 static int
3759 dissect_kerberos_METHOD_DATA(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3760   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3761                                       METHOD_DATA_sequence_of, hf_index, ett_kerberos_METHOD_DATA);
3762
3763   return offset;
3764 }
3765
3766
3767 static const ber_sequence_t EncKDCRepPart_sequence[] = {
3768   { &hf_kerberos_key        , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey },
3769   { &hf_kerberos_last_req   , BER_CLASS_CON, 1, 0, dissect_kerberos_LastReq },
3770   { &hf_kerberos_nonce      , BER_CLASS_CON, 2, 0, dissect_kerberos_UInt32 },
3771   { &hf_kerberos_key_expiration, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3772   { &hf_kerberos_flags      , BER_CLASS_CON, 4, 0, dissect_kerberos_TicketFlags },
3773   { &hf_kerberos_authtime   , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime },
3774   { &hf_kerberos_starttime  , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3775   { &hf_kerberos_endtime    , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime },
3776   { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3777   { &hf_kerberos_srealm     , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm },
3778   { &hf_kerberos_sname      , BER_CLASS_CON, 10, 0, dissect_kerberos_SName },
3779   { &hf_kerberos_caddr      , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3780   { &hf_kerberos_encrypted_pa_data, BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_METHOD_DATA },
3781   { NULL, 0, 0, 0, NULL }
3782 };
3783
3784 static int
3785 dissect_kerberos_EncKDCRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3786   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3787                                    EncKDCRepPart_sequence, hf_index, ett_kerberos_EncKDCRepPart);
3788
3789   return offset;
3790 }
3791
3792
3793
3794 static int
3795 dissect_kerberos_EncASRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3796   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3797                                       hf_index, BER_CLASS_APP, 25, FALSE, dissect_kerberos_EncKDCRepPart);
3798
3799   return offset;
3800 }
3801
3802
3803
3804 static int
3805 dissect_kerberos_EncTGSRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3806   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3807                                       hf_index, BER_CLASS_APP, 26, FALSE, dissect_kerberos_EncKDCRepPart);
3808
3809   return offset;
3810 }
3811
3812
3813 static const ber_sequence_t EncAPRepPart_U_sequence[] = {
3814   { &hf_kerberos_ctime      , BER_CLASS_CON, 0, 0, dissect_kerberos_KerberosTime },
3815   { &hf_kerberos_cusec      , BER_CLASS_CON, 1, 0, dissect_kerberos_Microseconds },
3816   { &hf_kerberos_subkey     , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_EncryptionKey },
3817   { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3818   { NULL, 0, 0, 0, NULL }
3819 };
3820
3821 static int
3822 dissect_kerberos_EncAPRepPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3823   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3824                                    EncAPRepPart_U_sequence, hf_index, ett_kerberos_EncAPRepPart_U);
3825
3826   return offset;
3827 }
3828
3829
3830
3831 static int
3832 dissect_kerberos_EncAPRepPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3833   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3834                                       hf_index, BER_CLASS_APP, 27, FALSE, dissect_kerberos_EncAPRepPart_U);
3835
3836   return offset;
3837 }
3838
3839
3840
3841 static int
3842 dissect_kerberos_T_encKrbPrivPart_user_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3843 #line 386 "./asn1/kerberos/kerberos.cnf"
3844         tvbuff_t *new_tvb;
3845         offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
3846         if (new_tvb) {
3847                 call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA, (kerberos_callbacks*)actx->private_data);
3848         }
3849
3850
3851   return offset;
3852 }
3853
3854
3855 static const ber_sequence_t EncKrbPrivPart_sequence[] = {
3856   { &hf_kerberos_encKrbPrivPart_user_data, BER_CLASS_CON, 0, 0, dissect_kerberos_T_encKrbPrivPart_user_data },
3857   { &hf_kerberos_timestamp  , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3858   { &hf_kerberos_usec       , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3859   { &hf_kerberos_seq_number , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3860   { &hf_kerberos_s_address  , BER_CLASS_CON, 4, 0, dissect_kerberos_HostAddress },
3861   { &hf_kerberos_r_address  , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3862   { NULL, 0, 0, 0, NULL }
3863 };
3864
3865 static int
3866 dissect_kerberos_EncKrbPrivPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3867   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3868                                    EncKrbPrivPart_sequence, hf_index, ett_kerberos_EncKrbPrivPart);
3869
3870   return offset;
3871 }
3872
3873
3874
3875 static int
3876 dissect_kerberos_ENC_KRB_PRIV_PART(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3877   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3878                                       hf_index, BER_CLASS_APP, 28, FALSE, dissect_kerberos_EncKrbPrivPart);
3879
3880   return offset;
3881 }
3882
3883
3884 static const ber_sequence_t SEQUENCE_OF_KerberosString_sequence_of[1] = {
3885   { &hf_kerberos_name_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_KerberosString },
3886 };
3887
3888 static int
3889 dissect_kerberos_SEQUENCE_OF_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3890   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3891                                       SEQUENCE_OF_KerberosString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KerberosString);
3892
3893   return offset;
3894 }
3895
3896
3897 static const ber_sequence_t PrincipalName_sequence[] = {
3898   { &hf_kerberos_name_type  , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE },
3899   { &hf_kerberos_name_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_KerberosString },
3900   { NULL, 0, 0, 0, NULL }
3901 };
3902
3903 static int
3904 dissect_kerberos_PrincipalName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3905   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3906                                    PrincipalName_sequence, hf_index, ett_kerberos_PrincipalName);
3907
3908   return offset;
3909 }
3910
3911
3912 static const ber_sequence_t KrbCredInfo_sequence[] = {
3913   { &hf_kerberos_key        , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey },
3914   { &hf_kerberos_prealm     , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3915   { &hf_kerberos_pname      , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
3916   { &hf_kerberos_flags      , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_TicketFlags },
3917   { &hf_kerberos_authtime   , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3918   { &hf_kerberos_starttime  , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3919   { &hf_kerberos_endtime    , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3920   { &hf_kerberos_renew_till , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3921   { &hf_kerberos_srealm     , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
3922   { &hf_kerberos_sname      , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_SName },
3923   { &hf_kerberos_caddr      , BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses },
3924   { NULL, 0, 0, 0, NULL }
3925 };
3926
3927 static int
3928 dissect_kerberos_KrbCredInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3929   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3930                                    KrbCredInfo_sequence, hf_index, ett_kerberos_KrbCredInfo);
3931
3932   return offset;
3933 }
3934
3935
3936 static const ber_sequence_t SEQUENCE_OF_KrbCredInfo_sequence_of[1] = {
3937   { &hf_kerberos_ticket_info_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_KrbCredInfo },
3938 };
3939
3940 static int
3941 dissect_kerberos_SEQUENCE_OF_KrbCredInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3942   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
3943                                       SEQUENCE_OF_KrbCredInfo_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KrbCredInfo);
3944
3945   return offset;
3946 }
3947
3948
3949 static const ber_sequence_t EncKrbCredPart_U_sequence[] = {
3950   { &hf_kerberos_ticket_info, BER_CLASS_CON, 0, 0, dissect_kerberos_SEQUENCE_OF_KrbCredInfo },
3951   { &hf_kerberos_nonce      , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
3952   { &hf_kerberos_timestamp  , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
3953   { &hf_kerberos_usec       , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
3954   { &hf_kerberos_s_address  , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3955   { &hf_kerberos_r_address  , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddress },
3956   { NULL, 0, 0, 0, NULL }
3957 };
3958
3959 static int
3960 dissect_kerberos_EncKrbCredPart_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3961   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
3962                                    EncKrbCredPart_U_sequence, hf_index, ett_kerberos_EncKrbCredPart_U);
3963
3964   return offset;
3965 }
3966
3967
3968
3969 static int
3970 dissect_kerberos_EncKrbCredPart(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
3971   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
3972                                       hf_index, BER_CLASS_APP, 29, FALSE, dissect_kerberos_EncKrbCredPart_U);
3973
3974   return offset;
3975 }
3976
3977
3978 static const value_string kerberos_ERROR_CODE_vals[] = {
3979   {   0, "eRR-NONE" },
3980   {   1, "eRR-NAME-EXP" },
3981   {   2, "eRR-SERVICE-EXP" },
3982   {   3, "eRR-BAD-PVNO" },
3983   {   4, "eRR-C-OLD-MAST-KVNO" },
3984   {   5, "eRR-S-OLD-MAST-KVNO" },
3985   {   6, "eRR-C-PRINCIPAL-UNKNOWN" },
3986   {   7, "eRR-S-PRINCIPAL-UNKNOWN" },
3987   {   8, "eRR-PRINCIPAL-NOT-UNIQUE" },
3988   {   9, "eRR-NULL-KEY" },
3989   {  10, "eRR-CANNOT-POSTDATE" },
3990   {  11, "eRR-NEVER-VALID" },
3991   {  12, "eRR-POLICY" },
3992   {  13, "eRR-BADOPTION" },
3993   {  14, "eRR-ETYPE-NOSUPP" },
3994   {  15, "eRR-SUMTYPE-NOSUPP" },
3995   {  16, "eRR-PADATA-TYPE-NOSUPP" },
3996   {  17, "eRR-TRTYPE-NOSUPP" },
3997   {  18, "eRR-CLIENT-REVOKED" },
3998   {  19, "eRR-SERVICE-REVOKED" },
3999   {  20, "eRR-TGT-REVOKED" },
4000   {  21, "eRR-CLIENT-NOTYET" },
4001   {  22, "eRR-SERVICE-NOTYET" },
4002   {  23, "eRR-KEY-EXP" },
4003   {  24, "eRR-PREAUTH-FAILED" },
4004   {  25, "eRR-PREAUTH-REQUIRED" },
4005   {  26, "eRR-SERVER-NOMATCH" },
4006   {  27, "eRR-MUST-USE-USER2USER" },
4007   {  28, "eRR-PATH-NOT-ACCEPTED" },
4008   {  29, "eRR-SVC-UNAVAILABLE" },
4009   {  31, "eRR-BAD-INTEGRITY" },
4010   {  32, "eRR-TKT-EXPIRED" },
4011   {  33, "eRR-TKT-NYV" },
4012   {  34, "eRR-REPEAT" },
4013   {  35, "eRR-NOT-US" },
4014   {  36, "eRR-BADMATCH" },
4015   {  37, "eRR-SKEW" },
4016   {  38, "eRR-BADADDR" },
4017   {  39, "eRR-BADVERSION" },
4018   {  40, "eRR-MSG-TYPE" },
4019   {  41, "eRR-MODIFIED" },
4020   {  42, "eRR-BADORDER" },
4021   {  43, "eRR-ILL-CR-TKT" },
4022   {  44, "eRR-BADKEYVER" },
4023   {  45, "eRR-NOKEY" },
4024   {  46, "eRR-MUT-FAIL" },
4025   {  47, "eRR-BADDIRECTION" },
4026   {  48, "eRR-METHOD" },
4027   {  49, "eRR-BADSEQ" },
4028   {  50, "eRR-INAPP-CKSUM" },
4029   {  51, "pATH-NOT-ACCEPTED" },
4030   {  52, "eRR-RESPONSE-TOO-BIG" },
4031   {  60, "eRR-GENERIC" },
4032   {  61, "eRR-FIELD-TOOLONG" },
4033   {  62, "eRROR-CLIENT-NOT-TRUSTED" },
4034   {  63, "eRROR-KDC-NOT-TRUSTED" },
4035   {  64, "eRROR-INVALID-SIG" },
4036   {  65, "eRR-KEY-TOO-WEAK" },
4037   {  66, "eRR-CERTIFICATE-MISMATCH" },
4038   {  67, "eRR-NO-TGT" },
4039   {  68, "eRR-WRONG-REALM" },
4040   {  69, "eRR-USER-TO-USER-REQUIRED" },
4041   {  70, "eRR-CANT-VERIFY-CERTIFICATE" },
4042   {  71, "eRR-INVALID-CERTIFICATE" },
4043   {  72, "eRR-REVOKED-CERTIFICATE" },
4044   {  73, "eRR-REVOCATION-STATUS-UNKNOWN" },
4045   {  74, "eRR-REVOCATION-STATUS-UNAVAILABLE" },
4046   {  75, "eRR-CLIENT-NAME-MISMATCH" },
4047   {  76, "eRR-KDC-NAME-MISMATCH" },
4048   { 0, NULL }
4049 };
4050
4051
4052 static int
4053 dissect_kerberos_ERROR_CODE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4054 #line 86 "./asn1/kerberos/kerberos.cnf"
4055   offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index,
4056                                                 &krb5_errorcode);
4057
4058
4059
4060
4061 #line 89 "./asn1/kerberos/kerberos.cnf"
4062         if(krb5_errorcode) {
4063                 col_add_fstr(actx->pinfo->cinfo, COL_INFO,
4064                         "KRB Error: %s",
4065                         val_to_str(krb5_errorcode, krb5_error_codes,
4066                         "Unknown error code %#x"));
4067         }
4068
4069         return offset;
4070
4071   return offset;
4072 }
4073
4074
4075
4076 static int
4077 dissect_kerberos_T_e_data(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4078 #line 99 "./asn1/kerberos/kerberos.cnf"
4079         switch(krb5_errorcode){
4080         case KRB5_ET_KRB5KDC_ERR_BADOPTION:
4081         case KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED:
4082         case KRB5_ET_KRB5KDC_ERR_KEY_EXP:
4083         case KRB5_ET_KRB5KDC_ERR_POLICY:
4084                 /* ms windows kdc sends e-data of this type containing a "salt"
4085                  * that contains the nt_status code for these error codes.
4086                  */
4087                 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_PA_DATA);
4088                 break;
4089         case KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED:
4090         case KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED:
4091         case KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP:
4092                 offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_SEQUENCE_OF_PA_DATA);
4093
4094                 break;
4095         default:
4096                 offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, NULL);
4097         }
4098
4099
4100
4101
4102   return offset;
4103 }
4104
4105
4106 static const ber_sequence_t KRB_ERROR_U_sequence[] = {
4107   { &hf_kerberos_pvno       , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 },
4108   { &hf_kerberos_msg_type   , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE },
4109   { &hf_kerberos_ctime      , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime },
4110   { &hf_kerberos_cusec      , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Microseconds },
4111   { &hf_kerberos_stime      , BER_CLASS_CON, 4, 0, dissect_kerberos_KerberosTime },
4112   { &hf_kerberos_susec      , BER_CLASS_CON, 5, 0, dissect_kerberos_Microseconds },
4113   { &hf_kerberos_error_code , BER_CLASS_CON, 6, 0, dissect_kerberos_ERROR_CODE },
4114   { &hf_kerberos_crealm     , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
4115   { &hf_kerberos_cname      , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_CName },
4116   { &hf_kerberos_realm      , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm },
4117   { &hf_kerberos_sname      , BER_CLASS_CON, 10, 0, dissect_kerberos_SName },
4118   { &hf_kerberos_e_text     , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString },
4119   { &hf_kerberos_e_data     , BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_T_e_data },
4120   { &hf_kerberos_e_checksum , BER_CLASS_CON, 13, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum },
4121   { NULL, 0, 0, 0, NULL }
4122 };
4123
4124 static int
4125 dissect_kerberos_KRB_ERROR_U(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4126   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4127                                    KRB_ERROR_U_sequence, hf_index, ett_kerberos_KRB_ERROR_U);
4128
4129   return offset;
4130 }
4131
4132
4133
4134 static int
4135 dissect_kerberos_KRB_ERROR(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4136   offset = dissect_ber_tagged_type(implicit_tag, actx, tree, tvb, offset,
4137                                       hf_index, BER_CLASS_APP, 30, FALSE, dissect_kerberos_KRB_ERROR_U);
4138
4139   return offset;
4140 }
4141
4142
4143 static const ber_choice_t Applications_choice[] = {
4144   { KERBEROS_APPLICATIONS_TICKET, &hf_kerberos_ticket     , BER_CLASS_APP, 1, BER_FLAGS_NOOWNTAG, dissect_kerberos_Ticket },
4145   { KERBEROS_APPLICATIONS_AUTHENTICATOR, &hf_kerberos_authenticator, BER_CLASS_APP, 2, BER_FLAGS_NOOWNTAG, dissect_kerberos_Authenticator },
4146   { KERBEROS_APPLICATIONS_ENCTICKETPART, &hf_kerberos_encTicketPart, BER_CLASS_APP, 3, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncTicketPart },
4147   { KERBEROS_APPLICATIONS_AS_REQ, &hf_kerberos_as_req     , BER_CLASS_APP, 10, BER_FLAGS_NOOWNTAG, dissect_kerberos_AS_REQ },
4148   { KERBEROS_APPLICATIONS_AS_REP, &hf_kerberos_as_rep     , BER_CLASS_APP, 11, BER_FLAGS_NOOWNTAG, dissect_kerberos_AS_REP },
4149   { KERBEROS_APPLICATIONS_TGS_REQ, &hf_kerberos_tgs_req    , BER_CLASS_APP, 12, BER_FLAGS_NOOWNTAG, dissect_kerberos_TGS_REQ },
4150   { KERBEROS_APPLICATIONS_TGS_REP, &hf_kerberos_tgs_rep    , BER_CLASS_APP, 13, BER_FLAGS_NOOWNTAG, dissect_kerberos_TGS_REP },
4151   { KERBEROS_APPLICATIONS_AP_REQ, &hf_kerberos_ap_req     , BER_CLASS_APP, 14, BER_FLAGS_NOOWNTAG, dissect_kerberos_AP_REQ },
4152   { KERBEROS_APPLICATIONS_AP_REP, &hf_kerberos_ap_rep     , BER_CLASS_APP, 15, BER_FLAGS_NOOWNTAG, dissect_kerberos_AP_REP },
4153   { KERBEROS_APPLICATIONS_KRB_SAFE, &hf_kerberos_krb_safe   , BER_CLASS_APP, 20, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_SAFE },
4154   { KERBEROS_APPLICATIONS_KRB_PRIV, &hf_kerberos_krb_priv   , BER_CLASS_APP, 21, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_PRIV },
4155   { KERBEROS_APPLICATIONS_KRB_CRED, &hf_kerberos_krb_cred   , BER_CLASS_APP, 22, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_CRED },
4156   { KERBEROS_APPLICATIONS_ENCASREPPART, &hf_kerberos_encASRepPart, BER_CLASS_APP, 25, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncASRepPart },
4157   { KERBEROS_APPLICATIONS_ENCTGSREPPART, &hf_kerberos_encTGSRepPart, BER_CLASS_APP, 26, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncTGSRepPart },
4158   { KERBEROS_APPLICATIONS_ENCAPREPPART, &hf_kerberos_encAPRepPart, BER_CLASS_APP, 27, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncAPRepPart },
4159   { KERBEROS_APPLICATIONS_ENCKRBPRIVPART, &hf_kerberos_encKrbPrivPart, BER_CLASS_APP, 28, BER_FLAGS_NOOWNTAG, dissect_kerberos_ENC_KRB_PRIV_PART },
4160   { KERBEROS_APPLICATIONS_ENCKRBCREDPART, &hf_kerberos_encKrbCredPart, BER_CLASS_APP, 29, BER_FLAGS_NOOWNTAG, dissect_kerberos_EncKrbCredPart },
4161   { KERBEROS_APPLICATIONS_KRB_ERROR, &hf_kerberos_krb_error  , BER_CLASS_APP, 30, BER_FLAGS_NOOWNTAG, dissect_kerberos_KRB_ERROR },
4162   { 0, NULL, 0, 0, 0, NULL }
4163 };
4164
4165 static int
4166 dissect_kerberos_Applications(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4167   offset = dissect_ber_choice(actx, tree, tvb, offset,
4168                                  Applications_choice, hf_index, ett_kerberos_Applications,
4169                                  NULL);
4170
4171   return offset;
4172 }
4173
4174
4175
4176 static int
4177 dissect_kerberos_T_pA_ENC_TIMESTAMP_cipher(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4178 #line 253 "./asn1/kerberos/kerberos.cnf"
4179 #ifdef HAVE_KERBEROS
4180         offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
4181 #else
4182   offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index,
4183                                        NULL);
4184
4185 #endif
4186         return offset;
4187
4188
4189
4190   return offset;
4191 }
4192
4193
4194 static const ber_sequence_t PA_ENC_TIMESTAMP_sequence[] = {
4195   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
4196   { &hf_kerberos_kvno       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_UInt32 },
4197   { &hf_kerberos_pA_ENC_TIMESTAMP_cipher, BER_CLASS_CON, 2, 0, dissect_kerberos_T_pA_ENC_TIMESTAMP_cipher },
4198   { NULL, 0, 0, 0, NULL }
4199 };
4200
4201 static int
4202 dissect_kerberos_PA_ENC_TIMESTAMP(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4203   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4204                                    PA_ENC_TIMESTAMP_sequence, hf_index, ett_kerberos_PA_ENC_TIMESTAMP);
4205
4206   return offset;
4207 }
4208
4209
4210 static const ber_sequence_t ETYPE_INFO_ENTRY_sequence[] = {
4211   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
4212   { &hf_kerberos_salt       , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_OCTET_STRING },
4213   { NULL, 0, 0, 0, NULL }
4214 };
4215
4216 static int
4217 dissect_kerberos_ETYPE_INFO_ENTRY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4218   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4219                                    ETYPE_INFO_ENTRY_sequence, hf_index, ett_kerberos_ETYPE_INFO_ENTRY);
4220
4221   return offset;
4222 }
4223
4224
4225 static const ber_sequence_t ETYPE_INFO_sequence_of[1] = {
4226   { &hf_kerberos_ETYPE_INFO_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_ETYPE_INFO_ENTRY },
4227 };
4228
4229 static int
4230 dissect_kerberos_ETYPE_INFO(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4231   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
4232                                       ETYPE_INFO_sequence_of, hf_index, ett_kerberos_ETYPE_INFO);
4233
4234   return offset;
4235 }
4236
4237
4238 static const ber_sequence_t ETYPE_INFO2_ENTRY_sequence[] = {
4239   { &hf_kerberos_etype      , BER_CLASS_CON, 0, 0, dissect_kerberos_ENCTYPE },
4240   { &hf_kerberos_salt_01    , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString },
4241   { &hf_kerberos_s2kparams  , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_OCTET_STRING },
4242   { NULL, 0, 0, 0, NULL }
4243 };
4244
4245 static int
4246 dissect_kerberos_ETYPE_INFO2_ENTRY(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4247   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4248                                    ETYPE_INFO2_ENTRY_sequence, hf_index, ett_kerberos_ETYPE_INFO2_ENTRY);
4249
4250   return offset;
4251 }
4252
4253
4254 static const ber_sequence_t ETYPE_INFO2_sequence_of[1] = {
4255   { &hf_kerberos_ETYPE_INFO2_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_kerberos_ETYPE_INFO2_ENTRY },
4256 };
4257
4258 static int
4259 dissect_kerberos_ETYPE_INFO2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4260   offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset,
4261                                       ETYPE_INFO2_sequence_of, hf_index, ett_kerberos_ETYPE_INFO2);
4262
4263   return offset;
4264 }
4265
4266
4267
4268 static int
4269 dissect_kerberos_AD_IF_RELEVANT(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4270   offset = dissect_kerberos_AuthorizationData(implicit_tag, tvb, offset, actx, tree, hf_index);
4271
4272   return offset;
4273 }
4274
4275
4276
4277 static int
4278 dissect_kerberos_GeneralString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4279   offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString,
4280                                             actx, tree, tvb, offset, hf_index,
4281                                             NULL);
4282
4283   return offset;
4284 }
4285
4286
4287 static const ber_sequence_t PA_S4U2Self_sequence[] = {
4288   { &hf_kerberos_name       , BER_CLASS_CON, 0, 0, dissect_kerberos_PrincipalName },
4289   { &hf_kerberos_realm      , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm },
4290   { &hf_kerberos_cksum      , BER_CLASS_CON, 2, 0, dissect_kerberos_Checksum },
4291   { &hf_kerberos_auth       , BER_CLASS_CON, 3, 0, dissect_kerberos_GeneralString },
4292   { NULL, 0, 0, 0, NULL }
4293 };
4294
4295 static int
4296 dissect_kerberos_PA_S4U2Self(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4297   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4298                                    PA_S4U2Self_sequence, hf_index, ett_kerberos_PA_S4U2Self);
4299
4300   return offset;
4301 }
4302
4303
4304
4305 static int
4306 dissect_kerberos_BOOLEAN(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4307   offset = dissect_ber_boolean(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
4308
4309   return offset;
4310 }
4311
4312
4313 static const ber_sequence_t KERB_PA_PAC_REQUEST_sequence[] = {
4314   { &hf_kerberos_include_pac, BER_CLASS_CON, 0, 0, dissect_kerberos_BOOLEAN },
4315   { NULL, 0, 0, 0, NULL }
4316 };
4317
4318 static int
4319 dissect_kerberos_KERB_PA_PAC_REQUEST(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4320   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4321                                    KERB_PA_PAC_REQUEST_sequence, hf_index, ett_kerberos_KERB_PA_PAC_REQUEST);
4322
4323   return offset;
4324 }
4325
4326
4327 static const ber_sequence_t ChangePasswdData_sequence[] = {
4328   { &hf_kerberos_newpasswd  , BER_CLASS_CON, 0, 0, dissect_kerberos_OCTET_STRING },
4329   { &hf_kerberos_targname   , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName },
4330   { &hf_kerberos_targrealm  , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm },
4331   { NULL, 0, 0, 0, NULL }
4332 };
4333
4334 int
4335 dissect_kerberos_ChangePasswdData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
4336   offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
4337                                    ChangePasswdData_sequence, hf_index, ett_kerberos_ChangePasswdData);
4338
4339   return offset;
4340 }
4341
4342
4343 /*--- End of included file: packet-kerberos-fn.c ---*/
4344 #line 1985 "./asn1/kerberos/packet-kerberos-template.c"
4345
4346 /* Make wrappers around exported functions for now */
4347 int
4348 dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4349 {
4350         return dissect_kerberos_Checksum(FALSE, tvb, offset, actx, tree, hf_kerberos_cksum);
4351
4352 }
4353
4354 int
4355 dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4356 {
4357         return dissect_kerberos_KerberosTime(FALSE, tvb, offset, actx, tree, hf_kerberos_ctime);
4358 }
4359
4360
4361 int
4362 dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4363 {
4364         return dissect_kerberos_PrincipalName(FALSE, tvb, offset, actx, tree, hf_kerberos_cname);
4365 }
4366 int
4367 dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
4368 {
4369         return dissect_kerberos_Realm(FALSE, tvb, offset, actx, tree, hf_kerberos_realm);
4370 }
4371
4372
4373 static gint
4374 dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
4375     gboolean dci, gboolean do_col_protocol, gboolean have_rm,
4376     kerberos_callbacks *cb)
4377 {
4378         volatile int offset = 0;
4379         proto_tree *volatile kerberos_tree = NULL;
4380         proto_item *volatile item = NULL;
4381         asn1_ctx_t asn1_ctx;
4382
4383         /* TCP record mark and length */
4384         guint32 krb_rm = 0;
4385         gint krb_reclen = 0;
4386
4387         gbl_do_col_info=dci;
4388
4389         if (have_rm) {
4390                 krb_rm = tvb_get_ntohl(tvb, offset);
4391                 krb_reclen = kerberos_rm_to_reclen(krb_rm);
4392                 /*
4393                  * What is a reasonable size limit?
4394                  */
4395                 if (krb_reclen > 10 * 1024 * 1024) {
4396                         return (-1);
4397                 }
4398
4399                 if (do_col_protocol) {
4400                         col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4401                 }
4402
4403                 if (tree) {
4404                         item = proto_tree_add_item(tree, proto_kerberos, tvb, 0, -1, ENC_NA);
4405                         kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
4406                 }
4407
4408                 show_krb_recordmark(kerberos_tree, tvb, offset, krb_rm);
4409                 offset += 4;
4410         } else {
4411                 /* Do some sanity checking here,
4412                  * All krb5 packets start with a TAG class that is BER_CLASS_APP
4413                  * and a tag value that is either of the values below:
4414                  * If it doesn't look like kerberos, return 0 and let someone else have
4415                  * a go at it.
4416                  */
4417                 gint8 tmp_class;
4418                 gboolean tmp_pc;
4419                 gint32 tmp_tag;
4420
4421                 get_ber_identifier(tvb, offset, &tmp_class, &tmp_pc, &tmp_tag);
4422                 if(tmp_class!=BER_CLASS_APP){
4423                         return 0;
4424                 }
4425                 switch(tmp_tag){
4426                         case KRB5_MSG_TICKET:
4427                         case KRB5_MSG_AUTHENTICATOR:
4428                         case KRB5_MSG_ENC_TICKET_PART:
4429                         case KRB5_MSG_AS_REQ:
4430                         case KRB5_MSG_AS_REP:
4431                         case KRB5_MSG_TGS_REQ:
4432                         case KRB5_MSG_TGS_REP:
4433                         case KRB5_MSG_AP_REQ:
4434                         case KRB5_MSG_AP_REP:
4435                         case KRB5_MSG_ENC_AS_REP_PART:
4436                         case KRB5_MSG_ENC_TGS_REP_PART:
4437                         case KRB5_MSG_ENC_AP_REP_PART:
4438                         case KRB5_MSG_ENC_KRB_PRIV_PART:
4439                         case KRB5_MSG_ENC_KRB_CRED_PART:
4440                         case KRB5_MSG_SAFE:
4441                         case KRB5_MSG_PRIV:
4442                         case KRB5_MSG_ERROR:
4443                                 break;
4444                         default:
4445                                 return 0;
4446                 }
4447         if (do_col_protocol) {
4448                         col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4449         }
4450         if (gbl_do_col_info) {
4451                         col_clear(pinfo->cinfo, COL_INFO);
4452                 }
4453                 if (tree) {
4454                         item = proto_tree_add_item(tree, proto_kerberos, tvb, 0, -1, ENC_NA);
4455                         kerberos_tree = proto_item_add_subtree(item, ett_kerberos);
4456                 }
4457         }
4458         asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
4459         asn1_ctx.private_data = cb;
4460
4461         TRY {
4462                 offset=dissect_kerberos_Applications(FALSE, tvb, offset, &asn1_ctx , kerberos_tree, /* hf_index */ -1);
4463         } CATCH_BOUNDS_ERRORS {
4464                 RETHROW;
4465         } ENDTRY;
4466
4467         proto_item_set_len(item, offset);
4468         return offset;
4469 }
4470
4471 /*
4472  * Display the TCP record mark.
4473  */
4474 void
4475 show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm)
4476 {
4477         gint rec_len;
4478         proto_tree *rm_tree;
4479
4480         if (tree == NULL)
4481                 return;
4482
4483         rec_len = kerberos_rm_to_reclen(krb_rm);
4484         rm_tree = proto_tree_add_subtree_format(tree, tvb, start, 4, ett_krb_recordmark, NULL,
4485                 "Record Mark: %u %s", rec_len, plurality(rec_len, "byte", "bytes"));
4486         proto_tree_add_boolean(rm_tree, hf_krb_rm_reserved, tvb, start, 4, krb_rm);
4487         proto_tree_add_uint(rm_tree, hf_krb_rm_reclen, tvb, start, 4, krb_rm);
4488 }
4489
4490 gint
4491 dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info, kerberos_callbacks *cb)
4492 {
4493         return (dissect_kerberos_common(tvb, pinfo, tree, do_col_info, FALSE, FALSE, cb));
4494 }
4495
4496 guint32
4497 kerberos_output_keytype(void)
4498 {
4499         return gbl_keytype;
4500 }
4501
4502 static gint
4503 dissect_kerberos_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
4504 {
4505         /* Some weird kerberos implementation apparently do krb4 on the krb5 port.
4506            Since all (except weirdo transarc krb4 stuff) use
4507            an opcode <=16 in the first byte, use this to see if it might
4508            be krb4.
4509            All krb5 commands start with an APPL tag and thus is >=0x60
4510            so if first byte is <=16  just blindly assume it is krb4 then
4511         */
4512         if(tvb_captured_length(tvb) >= 1 && tvb_get_guint8(tvb, 0)<=0x10){
4513                 if(krb4_handle){
4514                         gboolean res;
4515
4516                         res=call_dissector_only(krb4_handle, tvb, pinfo, tree, NULL);
4517                         return res;
4518                 }else{
4519                         return 0;
4520                 }
4521         }
4522
4523
4524         return dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, FALSE, NULL);
4525 }
4526
4527 gint
4528 kerberos_rm_to_reclen(guint krb_rm)
4529 {
4530     return (krb_rm & KRB_RM_RECLEN);
4531 }
4532
4533 guint
4534 get_krb_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_)
4535 {
4536         guint krb_rm;
4537         gint pdulen;
4538
4539         krb_rm = tvb_get_ntohl(tvb, offset);
4540         pdulen = kerberos_rm_to_reclen(krb_rm);
4541         return (pdulen + 4);
4542 }
4543 static void
4544 kerberos_prefs_apply_cb(void) {
4545 #ifdef HAVE_LIBNETTLE
4546         clear_keytab();
4547         read_keytab_file(keytab_filename);
4548 #endif
4549 }
4550
4551 static int
4552 dissect_kerberos_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
4553 {
4554         pinfo->fragmented = TRUE;
4555         if (dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, TRUE, NULL) < 0) {
4556                 /*
4557                  * The dissector failed to recognize this as a valid
4558                  * Kerberos message.  Mark it as a continuation packet.
4559                  */
4560                 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
4561         }
4562
4563         return tvb_captured_length(tvb);
4564 }
4565
4566 static int
4567 dissect_kerberos_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
4568 {
4569         col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
4570         col_clear(pinfo->cinfo, COL_INFO);
4571
4572         tcp_dissect_pdus(tvb, pinfo, tree, krb_desegment, 4, get_krb_pdu_len,
4573                                          dissect_kerberos_tcp_pdu, data);
4574         return tvb_captured_length(tvb);
4575 }
4576
4577 /*--- proto_register_kerberos -------------------------------------------*/
4578 void proto_register_kerberos(void) {
4579
4580         /* List of fields */
4581
4582         static hf_register_info hf[] = {
4583         { &hf_krb_rm_reserved, {
4584                 "Reserved", "kerberos.rm.reserved", FT_BOOLEAN, 32,
4585                 TFS(&tfs_set_notset), KRB_RM_RESERVED, "Record mark reserved bit", HFILL }},
4586         { &hf_krb_rm_reclen, {
4587                 "Record Length", "kerberos.rm.length", FT_UINT32, BASE_DEC,
4588                 NULL, KRB_RM_RECLEN, NULL, HFILL }},
4589         { &hf_krb_provsrv_location, {
4590                 "PROVSRV Location", "kerberos.provsrv_location", FT_STRING, BASE_NONE,
4591                 NULL, 0, "PacketCable PROV SRV Location", HFILL }},
4592         { &hf_krb_smb_nt_status,
4593                 { "NT Status", "kerberos.smb.nt_status", FT_UINT32, BASE_HEX,
4594                 VALS(NT_errors), 0, "NT Status code", HFILL }},
4595         { &hf_krb_smb_unknown,
4596                 { "Unknown", "kerberos.smb.unknown", FT_UINT32, BASE_HEX,
4597                 NULL, 0, NULL, HFILL }},
4598         { &hf_krb_address_ip, {
4599                 "IP Address", "kerberos.addr_ip", FT_IPv4, BASE_NONE,
4600                 NULL, 0, NULL, HFILL }},
4601         { &hf_krb_address_ipv6, {
4602                 "IPv6 Address", "kerberos.addr_ipv6", FT_IPv6, BASE_NONE,
4603                 NULL, 0, NULL, HFILL }},
4604         { &hf_krb_address_netbios, {
4605                 "NetBIOS Address", "kerberos.addr_nb", FT_STRING, BASE_NONE,
4606                 NULL, 0, "NetBIOS Address and type", HFILL }},
4607         { &hf_krb_gssapi_len, {
4608                 "Length", "kerberos.gssapi.len", FT_UINT32, BASE_DEC,
4609                 NULL, 0, "Length of GSSAPI Bnd field", HFILL }},
4610         { &hf_krb_gssapi_bnd, {
4611                 "Bnd", "kerberos.gssapi.bdn", FT_BYTES, BASE_NONE,
4612                 NULL, 0, "GSSAPI Bnd field", HFILL }},
4613         { &hf_krb_gssapi_c_flag_deleg, {
4614                 "Deleg", "kerberos.gssapi.checksum.flags.deleg", FT_BOOLEAN, 32,
4615                 TFS(&tfs_gss_flags_deleg), KRB5_GSS_C_DELEG_FLAG, NULL, HFILL }},
4616         { &hf_krb_gssapi_c_flag_mutual, {
4617                 "Mutual", "kerberos.gssapi.checksum.flags.mutual", FT_BOOLEAN, 32,
4618                 TFS(&tfs_gss_flags_mutual), KRB5_GSS_C_MUTUAL_FLAG, NULL, HFILL }},
4619         { &hf_krb_gssapi_c_flag_replay, {
4620                 "Replay", "kerberos.gssapi.checksum.flags.replay", FT_BOOLEAN, 32,
4621                 TFS(&tfs_gss_flags_replay), KRB5_GSS_C_REPLAY_FLAG, NULL, HFILL }},
4622         { &hf_krb_gssapi_c_flag_sequence, {
4623                 "Sequence", "kerberos.gssapi.checksum.flags.sequence", FT_BOOLEAN, 32,
4624                 TFS(&tfs_gss_flags_sequence), KRB5_GSS_C_SEQUENCE_FLAG, NULL, HFILL }},
4625         { &hf_krb_gssapi_c_flag_conf, {
4626                 "Conf", "kerberos.gssapi.checksum.flags.conf", FT_BOOLEAN, 32,
4627                 TFS(&tfs_gss_flags_conf), KRB5_GSS_C_CONF_FLAG, NULL, HFILL }},
4628         { &hf_krb_gssapi_c_flag_integ, {
4629                 "Integ", "kerberos.gssapi.checksum.flags.integ", FT_BOOLEAN, 32,
4630                 TFS(&tfs_gss_flags_integ), KRB5_GSS_C_INTEG_FLAG, NULL, HFILL }},
4631         { &hf_krb_gssapi_c_flag_dce_style, {
4632                 "DCE-style", "kerberos.gssapi.checksum.flags.dce-style", FT_BOOLEAN, 32,
4633                 TFS(&tfs_gss_flags_dce_style), KRB5_GSS_C_DCE_STYLE, NULL, HFILL }},
4634         { &hf_krb_gssapi_dlgopt, {
4635                 "DlgOpt", "kerberos.gssapi.dlgopt", FT_UINT16, BASE_DEC,
4636                 NULL, 0, "GSSAPI DlgOpt", HFILL }},
4637         { &hf_krb_gssapi_dlglen, {
4638                 "DlgLen", "kerberos.gssapi.dlglen", FT_UINT16, BASE_DEC,
4639                 NULL, 0, "GSSAPI DlgLen", HFILL }},
4640         { &hf_krb_midl_blob_len, {
4641                 "Blob Length", "kerberos.midl_blob_len", FT_UINT64, BASE_DEC,
4642                 NULL, 0, "Length of NDR encoded data that follows", HFILL }},
4643         { &hf_krb_midl_fill_bytes, {
4644                 "Fill bytes", "kerberos.midl.fill_bytes", FT_UINT32, BASE_HEX,
4645                 NULL, 0, "Just some fill bytes", HFILL }},
4646         { &hf_krb_midl_version, {
4647         "Version", "kerberos.midl.version", FT_UINT8, BASE_DEC,
4648         NULL, 0, "Version of pickling", HFILL }},
4649         { &hf_krb_midl_hdr_len, {
4650                 "HDR Length", "kerberos.midl.hdr_len", FT_UINT16, BASE_DEC,
4651                 NULL, 0, "Length of header", HFILL }},
4652         { &hf_krb_pac_signature_type, {
4653                 "Type", "kerberos.pac.signature.type", FT_INT32, BASE_DEC,
4654                 NULL, 0, "PAC Signature Type", HFILL }},
4655         { &hf_krb_pac_signature_signature, {
4656                 "Signature", "kerberos.pac.signature.signature", FT_BYTES, BASE_NONE,
4657                 NULL, 0, "A PAC signature blob", HFILL }},
4658         { &hf_krb_w2k_pac_entries, {
4659                 "Num Entries", "kerberos.pac.entries", FT_UINT32, BASE_DEC,
4660                 NULL, 0, "Number of W2k PAC entries", HFILL }},
4661         { &hf_krb_w2k_pac_version, {
4662                 "Version", "kerberos.pac.version", FT_UINT32, BASE_DEC,
4663                 NULL, 0, "Version of PAC structures", HFILL }},
4664         { &hf_krb_w2k_pac_type, {
4665                 "Type", "kerberos.pac.type", FT_UINT32, BASE_DEC,
4666                 VALS(w2k_pac_types), 0, "Type of W2k PAC entry", HFILL }},
4667         { &hf_krb_w2k_pac_size, {
4668                 "Size", "kerberos.pac.size", FT_UINT32, BASE_DEC,
4669                 NULL, 0, "Size of W2k PAC entry", HFILL }},
4670         { &hf_krb_w2k_pac_offset, {
4671                 "Offset", "kerberos.pac.offset", FT_UINT32, BASE_DEC,
4672                 NULL, 0, "Offset to W2k PAC entry", HFILL }},
4673         { &hf_krb_pac_clientid, {
4674                 "ClientID", "kerberos.pac.clientid", FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL,
4675                 NULL, 0, "ClientID Timestamp", HFILL }},
4676         { &hf_krb_pac_namelen, {
4677                 "Name Length", "kerberos.pac.namelen", FT_UINT16, BASE_DEC,
4678                 NULL, 0, "Length of client name", HFILL }},
4679         { &hf_krb_pac_clientname, {
4680                 "Name", "kerberos.pac.name", FT_STRING, BASE_NONE,
4681                 NULL, 0, "Name of the Client in the PAC structure", HFILL }},
4682         { &hf_krb_pac_logon_info, {
4683                 "PAC_LOGON_INFO", "kerberos.pac_logon_info", FT_BYTES, BASE_NONE,
4684                 NULL, 0, "PAC_LOGON_INFO structure", HFILL }},
4685         { &hf_krb_pac_credential_type, {
4686                 "PAC_CREDENTIAL_TYPE", "kerberos.pac_credential_type", FT_BYTES, BASE_NONE,
4687                 NULL, 0, "PAC_CREDENTIAL_TYPE structure", HFILL }},
4688         { &hf_krb_pac_server_checksum, {
4689                 "PAC_SERVER_CHECKSUM", "kerberos.pac_server_checksum", FT_BYTES, BASE_NONE,
4690                 NULL, 0, "PAC_SERVER_CHECKSUM structure", HFILL }},
4691         { &hf_krb_pac_privsvr_checksum, {
4692                 "PAC_PRIVSVR_CHECKSUM", "kerberos.pac_privsvr_checksum", FT_BYTES, BASE_NONE,
4693                 NULL, 0, "PAC_PRIVSVR_CHECKSUM structure", HFILL }},
4694         { &hf_krb_pac_client_info_type, {
4695                 "PAC_CLIENT_INFO_TYPE", "kerberos.pac_client_info_type", FT_BYTES, BASE_NONE,
4696                 NULL, 0, "PAC_CLIENT_INFO_TYPE structure", HFILL }},
4697         { &hf_krb_pac_s4u_delegation_info, {
4698                 "PAC_S4U_DELEGATION_INFO", "kerberos.pac_s4u_delegation_info", FT_BYTES, BASE_NONE,
4699                 NULL, 0, "PAC_S4U_DELEGATION_INFO structure", HFILL }},
4700         { &hf_krb_pac_upn_dns_info, {
4701                 "UPN_DNS_INFO", "kerberos.pac_upn_dns_info", FT_BYTES, BASE_NONE,
4702                 NULL, 0, "UPN_DNS_INFO structure", HFILL }},
4703         { &hf_krb_pac_upn_flags, {
4704                 "Flags", "kerberos.pac.upn.flags", FT_UINT32, BASE_HEX,
4705                 NULL, 0, "UPN flags", HFILL }},
4706         { &hf_krb_pac_upn_dns_offset, {
4707                 "DNS Offset", "kerberos.pac.upn.dns_offset", FT_UINT16, BASE_DEC,
4708                 NULL, 0, NULL, HFILL }},
4709         { &hf_krb_pac_upn_dns_len, {
4710                 "DNS Len", "kerberos.pac.upn.dns_len", FT_UINT16, BASE_DEC,
4711                 NULL, 0, NULL, HFILL }},
4712         { &hf_krb_pac_upn_upn_offset, {
4713                 "UPN Offset", "kerberos.pac.upn.upn_offset", FT_UINT16, BASE_DEC,
4714                 NULL, 0, NULL, HFILL }},
4715         { &hf_krb_pac_upn_upn_len, {
4716                 "UPN Len", "kerberos.pac.upn.upn_len", FT_UINT16, BASE_DEC,
4717                 NULL, 0, NULL, HFILL }},
4718         { &hf_krb_pac_upn_upn_name, {
4719                 "UPN Name", "kerberos.pac.upn.upn_name", FT_STRING, BASE_NONE,
4720                 NULL, 0, NULL, HFILL }},
4721         { &hf_krb_pac_upn_dns_name, {
4722                 "DNS Name", "kerberos.pac.upn.dns_name", FT_STRING, BASE_NONE,
4723                 NULL, 0, NULL, HFILL }},
4724
4725
4726 /*--- Included file: packet-kerberos-hfarr.c ---*/
4727 #line 1 "./asn1/kerberos/packet-kerberos-hfarr.c"
4728     { &hf_kerberos_ticket,
4729       { "ticket", "kerberos.ticket_element",
4730         FT_NONE, BASE_NONE, NULL, 0,
4731         NULL, HFILL }},
4732     { &hf_kerberos_authenticator,
4733       { "authenticator", "kerberos.authenticator_element",
4734         FT_NONE, BASE_NONE, NULL, 0,
4735         NULL, HFILL }},
4736     { &hf_kerberos_encTicketPart,
4737       { "encTicketPart", "kerberos.encTicketPart_element",
4738         FT_NONE, BASE_NONE, NULL, 0,
4739         NULL, HFILL }},
4740     { &hf_kerberos_as_req,
4741       { "as-req", "kerberos.as_req_element",
4742         FT_NONE, BASE_NONE, NULL, 0,
4743         NULL, HFILL }},
4744     { &hf_kerberos_as_rep,
4745       { "as-rep", "kerberos.as_rep_element",
4746         FT_NONE, BASE_NONE, NULL, 0,
4747         NULL, HFILL }},
4748     { &hf_kerberos_tgs_req,
4749       { "tgs-req", "kerberos.tgs_req_element",
4750         FT_NONE, BASE_NONE, NULL, 0,
4751         NULL, HFILL }},
4752     { &hf_kerberos_tgs_rep,
4753       { "tgs-rep", "kerberos.tgs_rep_element",
4754         FT_NONE, BASE_NONE, NULL, 0,
4755         NULL, HFILL }},
4756     { &hf_kerberos_ap_req,
4757       { "ap-req", "kerberos.ap_req_element",
4758         FT_NONE, BASE_NONE, NULL, 0,
4759         NULL, HFILL }},
4760     { &hf_kerberos_ap_rep,
4761       { "ap-rep", "kerberos.ap_rep_element",
4762         FT_NONE, BASE_NONE, NULL, 0,
4763         NULL, HFILL }},
4764     { &hf_kerberos_krb_safe,
4765       { "krb-safe", "kerberos.krb_safe_element",
4766         FT_NONE, BASE_NONE, NULL, 0,
4767         NULL, HFILL }},
4768     { &hf_kerberos_krb_priv,
4769       { "krb-priv", "kerberos.krb_priv_element",
4770         FT_NONE, BASE_NONE, NULL, 0,
4771         NULL, HFILL }},
4772     { &hf_kerberos_krb_cred,
4773       { "krb-cred", "kerberos.krb_cred_element",
4774         FT_NONE, BASE_NONE, NULL, 0,
4775         NULL, HFILL }},
4776     { &hf_kerberos_encASRepPart,
4777       { "encASRepPart", "kerberos.encASRepPart_element",
4778         FT_NONE, BASE_NONE, NULL, 0,
4779         NULL, HFILL }},
4780     { &hf_kerberos_encTGSRepPart,
4781       { "encTGSRepPart", "kerberos.encTGSRepPart_element",
4782         FT_NONE, BASE_NONE, NULL, 0,
4783         NULL, HFILL }},
4784     { &hf_kerberos_encAPRepPart,
4785       { "encAPRepPart", "kerberos.encAPRepPart_element",
4786         FT_NONE, BASE_NONE, NULL, 0,
4787         NULL, HFILL }},
4788     { &hf_kerberos_encKrbPrivPart,
4789       { "encKrbPrivPart", "kerberos.encKrbPrivPart_element",
4790         FT_NONE, BASE_NONE, NULL, 0,
4791         "ENC_KRB_PRIV_PART", HFILL }},
4792     { &hf_kerberos_encKrbCredPart,
4793       { "encKrbCredPart", "kerberos.encKrbCredPart_element",
4794         FT_NONE, BASE_NONE, NULL, 0,
4795         NULL, HFILL }},
4796     { &hf_kerberos_krb_error,
4797       { "krb-error", "kerberos.krb_error_element",
4798         FT_NONE, BASE_NONE, NULL, 0,
4799         NULL, HFILL }},
4800     { &hf_kerberos_name_type,
4801       { "name-type", "kerberos.name_type",
4802         FT_INT32, BASE_DEC, VALS(kerberos_NAME_TYPE_vals), 0,
4803         NULL, HFILL }},
4804     { &hf_kerberos_name_string,
4805       { "name-string", "kerberos.name_string",
4806         FT_UINT32, BASE_DEC, NULL, 0,
4807         "SEQUENCE_OF_KerberosString", HFILL }},
4808     { &hf_kerberos_name_string_item,
4809       { "KerberosString", "kerberos.KerberosString",
4810         FT_STRING, BASE_NONE, NULL, 0,
4811         NULL, HFILL }},
4812     { &hf_kerberos_cname_string,
4813       { "cname-string", "kerberos.cname_string",
4814         FT_UINT32, BASE_DEC, NULL, 0,
4815         "SEQUENCE_OF_CNameString", HFILL }},
4816     { &hf_kerberos_cname_string_item,
4817       { "CNameString", "kerberos.CNameString",
4818         FT_STRING, BASE_NONE, NULL, 0,
4819         NULL, HFILL }},
4820     { &hf_kerberos_sname_string,
4821       { "sname-string", "kerberos.sname_string",
4822         FT_UINT32, BASE_DEC, NULL, 0,
4823         "SEQUENCE_OF_SNameString", HFILL }},
4824     { &hf_kerberos_sname_string_item,
4825       { "SNameString", "kerberos.SNameString",
4826         FT_STRING, BASE_NONE, NULL, 0,
4827         NULL, HFILL }},
4828     { &hf_kerberos_addr_type,
4829       { "addr-type", "kerberos.addr_type",
4830         FT_INT32, BASE_DEC, VALS(kerberos_ADDR_TYPE_vals), 0,
4831         NULL, HFILL }},
4832     { &hf_kerberos_address,
4833       { "address", "kerberos.address",
4834         FT_BYTES, BASE_NONE, NULL, 0,
4835         NULL, HFILL }},
4836     { &hf_kerberos_HostAddresses_item,
4837       { "HostAddress", "kerberos.HostAddress_element",
4838         FT_NONE, BASE_NONE, NULL, 0,
4839         NULL, HFILL }},
4840     { &hf_kerberos_AuthorizationData_item,
4841       { "AuthorizationData item", "kerberos.AuthorizationData_item_element",
4842         FT_NONE, BASE_NONE, NULL, 0,
4843         NULL, HFILL }},
4844     { &hf_kerberos_ad_type,
4845       { "ad-type", "kerberos.ad_type",
4846         FT_INT32, BASE_DEC, VALS(krb5_ad_types), 0,
4847         NULL, HFILL }},
4848     { &hf_kerberos_ad_data,
4849       { "ad-data", "kerberos.ad_data",
4850         FT_BYTES, BASE_NONE, NULL, 0,
4851         NULL, HFILL }},
4852     { &hf_kerberos_padata_type,
4853       { "padata-type", "kerberos.padata_type",
4854         FT_INT32, BASE_DEC, VALS(kerberos_PADATA_TYPE_vals), 0,
4855         NULL, HFILL }},
4856     { &hf_kerberos_padata_value,
4857       { "padata-value", "kerberos.padata_value",
4858         FT_BYTES, BASE_NONE, NULL, 0,
4859         NULL, HFILL }},
4860     { &hf_kerberos_keytype,
4861       { "keytype", "kerberos.keytype",
4862         FT_INT32, BASE_DEC, NULL, 0,
4863         NULL, HFILL }},
4864     { &hf_kerberos_keyvalue,
4865       { "keyvalue", "kerberos.keyvalue",
4866         FT_BYTES, BASE_NONE, NULL, 0,
4867         NULL, HFILL }},
4868     { &hf_kerberos_cksumtype,
4869       { "cksumtype", "kerberos.cksumtype",
4870         FT_INT32, BASE_DEC, VALS(kerberos_CKSUMTYPE_vals), 0,
4871         NULL, HFILL }},
4872     { &hf_kerberos_checksum,
4873       { "checksum", "kerberos.checksum",
4874         FT_BYTES, BASE_NONE, NULL, 0,
4875         NULL, HFILL }},
4876     { &hf_kerberos_etype,
4877       { "etype", "kerberos.etype",
4878         FT_INT32, BASE_DEC, VALS(kerberos_ENCTYPE_vals), 0,
4879         "ENCTYPE", HFILL }},
4880     { &hf_kerberos_kvno,
4881       { "kvno", "kerberos.kvno",
4882         FT_UINT32, BASE_DEC, NULL, 0,
4883         "UInt32", HFILL }},
4884     { &hf_kerberos_encryptedTicketData_cipher,
4885       { "cipher", "kerberos.cipher",
4886         FT_BYTES, BASE_NONE, NULL, 0,
4887         "T_encryptedTicketData_cipher", HFILL }},
4888     { &hf_kerberos_encryptedAuthorizationData_cipher,
4889       { "cipher", "kerberos.cipher",
4890         FT_BYTES, BASE_NONE, NULL, 0,
4891         "T_encryptedAuthorizationData_cipher", HFILL }},
4892     { &hf_kerberos_encryptedKDCREPData_cipher,
4893       { "cipher", "kerberos.cipher",
4894         FT_BYTES, BASE_NONE, NULL, 0,
4895         "T_encryptedKDCREPData_cipher", HFILL }},
4896     { &hf_kerberos_encryptedAPREPData_cipher,
4897       { "cipher", "kerberos.cipher",
4898         FT_BYTES, BASE_NONE, NULL, 0,
4899         "T_encryptedAPREPData_cipher", HFILL }},
4900     { &hf_kerberos_encryptedKrbPrivData_cipher,
4901       { "cipher", "kerberos.cipher",
4902         FT_BYTES, BASE_NONE, NULL, 0,
4903         "T_encryptedKrbPrivData_cipher", HFILL }},
4904     { &hf_kerberos_encryptedKrbCredData_cipher,
4905       { "cipher", "kerberos.cipher",
4906         FT_BYTES, BASE_NONE, NULL, 0,
4907         "T_encryptedKrbCredData_cipher", HFILL }},
4908     { &hf_kerberos_tkt_vno,
4909       { "tkt-vno", "kerberos.tkt_vno",
4910         FT_UINT32, BASE_DEC, NULL, 0,
4911         "INTEGER_5", HFILL }},
4912     { &hf_kerberos_realm,
4913       { "realm", "kerberos.realm",
4914         FT_STRING, BASE_NONE, NULL, 0,
4915         NULL, HFILL }},
4916     { &hf_kerberos_sname,
4917       { "sname", "kerberos.sname_element",
4918         FT_NONE, BASE_NONE, NULL, 0,
4919         NULL, HFILL }},
4920     { &hf_kerberos_ticket_enc_part,
4921       { "enc-part", "kerberos.enc_part_element",
4922         FT_NONE, BASE_NONE, NULL, 0,
4923         "EncryptedTicketData", HFILL }},
4924     { &hf_kerberos_flags,
4925       { "flags", "kerberos.flags",
4926         FT_BYTES, BASE_NONE, NULL, 0,
4927         "TicketFlags", HFILL }},
4928     { &hf_kerberos_key,
4929       { "key", "kerberos.key_element",
4930         FT_NONE, BASE_NONE, NULL, 0,
4931         "EncryptionKey", HFILL }},
4932     { &hf_kerberos_crealm,
4933       { "crealm", "kerberos.crealm",
4934         FT_STRING, BASE_NONE, NULL, 0,
4935         "Realm", HFILL }},
4936     { &hf_kerberos_cname,
4937       { "cname", "kerberos.cname_element",
4938         FT_NONE, BASE_NONE, NULL, 0,
4939         NULL, HFILL }},
4940     { &hf_kerberos_transited,
4941       { "transited", "kerberos.transited_element",
4942         FT_NONE, BASE_NONE, NULL, 0,
4943         "TransitedEncoding", HFILL }},
4944     { &hf_kerberos_authtime,
4945       { "authtime", "kerberos.authtime",
4946         FT_STRING, BASE_NONE, NULL, 0,
4947         "KerberosTime", HFILL }},
4948     { &hf_kerberos_starttime,
4949       { "starttime", "kerberos.starttime",
4950         FT_STRING, BASE_NONE, NULL, 0,
4951         "KerberosTime", HFILL }},
4952     { &hf_kerberos_endtime,
4953       { "endtime", "kerberos.endtime",
4954         FT_STRING, BASE_NONE, NULL, 0,
4955         "KerberosTime", HFILL }},
4956     { &hf_kerberos_renew_till,
4957       { "renew-till", "kerberos.renew_till",
4958         FT_STRING, BASE_NONE, NULL, 0,
4959         "KerberosTime", HFILL }},
4960     { &hf_kerberos_caddr,
4961       { "caddr", "kerberos.caddr",
4962         FT_UINT32, BASE_DEC, NULL, 0,
4963         "HostAddresses", HFILL }},
4964     { &hf_kerberos_authorization_data,
4965       { "authorization-data", "kerberos.authorization_data",
4966         FT_UINT32, BASE_DEC, NULL, 0,
4967         "AuthorizationData", HFILL }},
4968     { &hf_kerberos_tr_type,
4969       { "tr-type", "kerberos.tr_type",
4970         FT_INT32, BASE_DEC, NULL, 0,
4971         "Int32", HFILL }},
4972     { &hf_kerberos_contents,
4973       { "contents", "kerberos.contents",
4974         FT_BYTES, BASE_NONE, NULL, 0,
4975         "OCTET_STRING", HFILL }},
4976     { &hf_kerberos_pvno,
4977       { "pvno", "kerberos.pvno",
4978         FT_UINT32, BASE_DEC, NULL, 0,
4979         "INTEGER_5", HFILL }},
4980     { &hf_kerberos_msg_type,
4981       { "msg-type", "kerberos.msg_type",
4982         FT_INT32, BASE_DEC, VALS(kerberos_MESSAGE_TYPE_vals), 0,
4983         "MESSAGE_TYPE", HFILL }},
4984     { &hf_kerberos_padata,
4985       { "padata", "kerberos.padata",
4986         FT_UINT32, BASE_DEC, NULL, 0,
4987         "SEQUENCE_OF_PA_DATA", HFILL }},
4988     { &hf_kerberos_padata_item,
4989       { "PA-DATA", "kerberos.PA_DATA_element",
4990         FT_NONE, BASE_NONE, NULL, 0,
4991         NULL, HFILL }},
4992     { &hf_kerberos_req_body,
4993       { "req-body", "kerberos.req_body_element",
4994         FT_NONE, BASE_NONE, NULL, 0,
4995         "KDC_REQ_BODY", HFILL }},
4996     { &hf_kerberos_kdc_options,
4997       { "kdc-options", "kerberos.kdc_options",
4998         FT_BYTES, BASE_NONE, NULL, 0,
4999         "KDCOptions", HFILL }},
5000     { &hf_kerberos_from,
5001       { "from", "kerberos.from",
5002         FT_STRING, BASE_NONE, NULL, 0,
5003         "KerberosTime", HFILL }},
5004     { &hf_kerberos_till,
5005       { "till", "kerberos.till",
5006         FT_STRING, BASE_NONE, NULL, 0,
5007         "KerberosTime", HFILL }},
5008     { &hf_kerberos_rtime,
5009       { "rtime", "kerberos.rtime",
5010         FT_STRING, BASE_NONE, NULL, 0,
5011         "KerberosTime", HFILL }},
5012     { &hf_kerberos_nonce,
5013       { "nonce", "kerberos.nonce",
5014         FT_UINT32, BASE_DEC, NULL, 0,
5015         "UInt32", HFILL }},
5016     { &hf_kerberos_kDC_REQ_BODY_etype,
5017       { "etype", "kerberos.etype",
5018         FT_UINT32, BASE_DEC, NULL, 0,
5019         "SEQUENCE_OF_ENCTYPE", HFILL }},
5020     { &hf_kerberos_kDC_REQ_BODY_etype_item,
5021       { "ENCTYPE", "kerberos.ENCTYPE",
5022         FT_INT32, BASE_DEC, VALS(kerberos_ENCTYPE_vals), 0,
5023         NULL, HFILL }},
5024     { &hf_kerberos_addresses,
5025       { "addresses", "kerberos.addresses",
5026         FT_UINT32, BASE_DEC, NULL, 0,
5027         "HostAddresses", HFILL }},
5028     { &hf_kerberos_enc_authorization_data,
5029       { "enc-authorization-data", "kerberos.enc_authorization_data_element",
5030         FT_NONE, BASE_NONE, NULL, 0,
5031         "EncryptedAuthorizationData", HFILL }},
5032     { &hf_kerberos_additional_tickets,
5033       { "additional-tickets", "kerberos.additional_tickets",
5034         FT_UINT32, BASE_DEC, NULL, 0,
5035         "SEQUENCE_OF_Ticket", HFILL }},
5036     { &hf_kerberos_additional_tickets_item,
5037       { "Ticket", "kerberos.Ticket_element",
5038         FT_NONE, BASE_NONE, NULL, 0,
5039         NULL, HFILL }},
5040     { &hf_kerberos_kDC_REP_enc_part,
5041       { "enc-part", "kerberos.enc_part_element",
5042         FT_NONE, BASE_NONE, NULL, 0,
5043         "EncryptedKDCREPData", HFILL }},
5044     { &hf_kerberos_last_req,
5045       { "last-req", "kerberos.last_req",
5046         FT_UINT32, BASE_DEC, NULL, 0,
5047         "LastReq", HFILL }},
5048     { &hf_kerberos_key_expiration,
5049       { "key-expiration", "kerberos.key_expiration",
5050         FT_STRING, BASE_NONE, NULL, 0,
5051         "KerberosTime", HFILL }},
5052     { &hf_kerberos_srealm,
5053       { "srealm", "kerberos.srealm",
5054         FT_STRING, BASE_NONE, NULL, 0,
5055         "Realm", HFILL }},
5056     { &hf_kerberos_encrypted_pa_data,
5057       { "encrypted-pa-data", "kerberos.encrypted_pa_data",
5058         FT_UINT32, BASE_DEC, NULL, 0,
5059         "METHOD_DATA", HFILL }},
5060     { &hf_kerberos_LastReq_item,
5061       { "LastReq item", "kerberos.LastReq_item_element",
5062         FT_NONE, BASE_NONE, NULL, 0,
5063         NULL, HFILL }},
5064     { &hf_kerberos_lr_type,
5065       { "lr-type", "kerberos.lr_type",
5066         FT_INT32, BASE_DEC, VALS(kerberos_LR_TYPE_vals), 0,
5067         NULL, HFILL }},
5068     { &hf_kerberos_lr_value,
5069       { "lr-value", "kerberos.lr_value",
5070         FT_STRING, BASE_NONE, NULL, 0,
5071         "KerberosTime", HFILL }},
5072     { &hf_kerberos_ap_options,
5073       { "ap-options", "kerberos.ap_options",
5074         FT_BYTES, BASE_NONE, NULL, 0,
5075         "APOptions", HFILL }},
5076     { &hf_kerberos_authenticator_01,
5077       { "authenticator", "kerberos.authenticator_element",
5078         FT_NONE, BASE_NONE, NULL, 0,
5079         "EncryptedAuthorizationData", HFILL }},
5080     { &hf_kerberos_authenticator_vno,
5081       { "authenticator-vno", "kerberos.authenticator_vno",
5082         FT_UINT32, BASE_DEC, NULL, 0,
5083         "INTEGER_5", HFILL }},
5084     { &hf_kerberos_cksum,
5085       { "cksum", "kerberos.cksum_element",
5086         FT_NONE, BASE_NONE, NULL, 0,
5087         "Checksum", HFILL }},
5088     { &hf_kerberos_cusec,
5089       { "cusec", "kerberos.cusec",
5090         FT_UINT32, BASE_DEC, NULL, 0,
5091         "Microseconds", HFILL }},
5092     { &hf_kerberos_ctime,
5093       { "ctime", "kerberos.ctime",
5094         FT_STRING, BASE_NONE, NULL, 0,
5095         "KerberosTime", HFILL }},
5096     { &hf_kerberos_subkey,
5097       { "subkey", "kerberos.subkey_element",
5098         FT_NONE, BASE_NONE, NULL, 0,
5099         "EncryptionKey", HFILL }},
5100     { &hf_kerberos_seq_number,
5101       { "seq-number", "kerberos.seq_number",
5102         FT_UINT32, BASE_DEC, NULL, 0,
5103         "UInt32", HFILL }},
5104     { &hf_kerberos_aP_REP_enc_part,
5105       { "enc-part", "kerberos.enc_part_element",
5106         FT_NONE, BASE_NONE, NULL, 0,
5107         "EncryptedAPREPData", HFILL }},
5108     { &hf_kerberos_safe_body,
5109       { "safe-body", "kerberos.safe_body_element",
5110         FT_NONE, BASE_NONE, NULL, 0,
5111         "KRB_SAFE_BODY", HFILL }},
5112     { &hf_kerberos_kRB_SAFE_BODY_user_data,
5113       { "user-data", "kerberos.user_data",
5114         FT_BYTES, BASE_NONE, NULL, 0,
5115         "T_kRB_SAFE_BODY_user_data", HFILL }},
5116     { &hf_kerberos_timestamp,
5117       { "timestamp", "kerberos.timestamp",
5118         FT_STRING, BASE_NONE, NULL, 0,
5119         "KerberosTime", HFILL }},
5120     { &hf_kerberos_usec,
5121       { "usec", "kerberos.usec",
5122         FT_UINT32, BASE_DEC, NULL, 0,
5123         "Microseconds", HFILL }},
5124     { &hf_kerberos_s_address,
5125       { "s-address", "kerberos.s_address_element",
5126         FT_NONE, BASE_NONE, NULL, 0,
5127         "HostAddress", HFILL }},
5128     { &hf_kerberos_r_address,
5129       { "r-address", "kerberos.r_address_element",
5130         FT_NONE, BASE_NONE, NULL, 0,
5131         "HostAddress", HFILL }},
5132     { &hf_kerberos_kRB_PRIV_enc_part,
5133       { "enc-part", "kerberos.enc_part_element",
5134         FT_NONE, BASE_NONE, NULL, 0,
5135         "EncryptedKrbPrivData", HFILL }},
5136     { &hf_kerberos_encKrbPrivPart_user_data,
5137       { "user-data", "kerberos.user_data",
5138         FT_BYTES, BASE_NONE, NULL, 0,
5139         "T_encKrbPrivPart_user_data", HFILL }},
5140     { &hf_kerberos_tickets,
5141       { "tickets", "kerberos.tickets",
5142         FT_UINT32, BASE_DEC, NULL, 0,
5143         "SEQUENCE_OF_Ticket", HFILL }},
5144     { &hf_kerberos_tickets_item,
5145       { "Ticket", "kerberos.Ticket_element",
5146         FT_NONE, BASE_NONE, NULL, 0,
5147         NULL, HFILL }},
5148     { &hf_kerberos_kRB_CRED_enc_part,
5149       { "enc-part", "kerberos.enc_part_element",
5150         FT_NONE, BASE_NONE, NULL, 0,
5151         "EncryptedKrbCredData", HFILL }},
5152     { &hf_kerberos_ticket_info,
5153       { "ticket-info", "kerberos.ticket_info",
5154         FT_UINT32, BASE_DEC, NULL, 0,
5155         "SEQUENCE_OF_KrbCredInfo", HFILL }},
5156     { &hf_kerberos_ticket_info_item,
5157       { "KrbCredInfo", "kerberos.KrbCredInfo_element",
5158         FT_NONE, BASE_NONE, NULL, 0,
5159         NULL, HFILL }},
5160     { &hf_kerberos_prealm,
5161       { "prealm", "kerberos.prealm",
5162         FT_STRING, BASE_NONE, NULL, 0,
5163         "Realm", HFILL }},
5164     { &hf_kerberos_pname,
5165       { "pname", "kerberos.pname_element",
5166         FT_NONE, BASE_NONE, NULL, 0,
5167         "PrincipalName", HFILL }},
5168     { &hf_kerberos_stime,
5169       { "stime", "kerberos.stime",
5170         FT_STRING, BASE_NONE, NULL, 0,
5171         "KerberosTime", HFILL }},
5172     { &hf_kerberos_susec,
5173       { "susec", "kerberos.susec",
5174         FT_UINT32, BASE_DEC, NULL, 0,
5175         "Microseconds", HFILL }},
5176     { &hf_kerberos_error_code,
5177       { "error-code", "kerberos.error_code",
5178         FT_INT32, BASE_DEC, VALS(kerberos_ERROR_CODE_vals), 0,
5179         NULL, HFILL }},
5180     { &hf_kerberos_e_text,
5181       { "e-text", "kerberos.e_text",
5182         FT_STRING, BASE_NONE, NULL, 0,
5183         "KerberosString", HFILL }},
5184     { &hf_kerberos_e_data,
5185       { "e-data", "kerberos.e_data",
5186         FT_BYTES, BASE_NONE, NULL, 0,
5187         NULL, HFILL }},
5188     { &hf_kerberos_e_checksum,
5189       { "e-checksum", "kerberos.e_checksum_element",
5190         FT_NONE, BASE_NONE, NULL, 0,
5191         "Checksum", HFILL }},
5192     { &hf_kerberos_METHOD_DATA_item,
5193       { "PA-DATA", "kerberos.PA_DATA_element",
5194         FT_NONE, BASE_NONE, NULL, 0,
5195         NULL, HFILL }},
5196     { &hf_kerberos_pA_ENC_TIMESTAMP_cipher,
5197       { "cipher", "kerberos.cipher",
5198         FT_BYTES, BASE_NONE, NULL, 0,
5199         "T_pA_ENC_TIMESTAMP_cipher", HFILL }},
5200     { &hf_kerberos_salt,
5201       { "salt", "kerberos.salt",
5202         FT_BYTES, BASE_NONE, NULL, 0,
5203         "OCTET_STRING", HFILL }},
5204     { &hf_kerberos_ETYPE_INFO_item,
5205       { "ETYPE-INFO-ENTRY", "kerberos.ETYPE_INFO_ENTRY_element",
5206         FT_NONE, BASE_NONE, NULL, 0,
5207         NULL, HFILL }},
5208     { &hf_kerberos_salt_01,
5209       { "salt", "kerberos.salt",
5210         FT_STRING, BASE_NONE, NULL, 0,
5211         "KerberosString", HFILL }},
5212     { &hf_kerberos_s2kparams,
5213       { "s2kparams", "kerberos.s2kparams",
5214         FT_BYTES, BASE_NONE, NULL, 0,
5215         "OCTET_STRING", HFILL }},
5216     { &hf_kerberos_ETYPE_INFO2_item,
5217       { "ETYPE-INFO2-ENTRY", "kerberos.ETYPE_INFO2_ENTRY_element",
5218         FT_NONE, BASE_NONE, NULL, 0,
5219         NULL, HFILL }},
5220     { &hf_kerberos_name,
5221       { "name", "kerberos.name_element",
5222         FT_NONE, BASE_NONE, NULL, 0,
5223         "PrincipalName", HFILL }},
5224     { &hf_kerberos_auth,
5225       { "auth", "kerberos.auth",
5226         FT_STRING, BASE_NONE, NULL, 0,
5227         "GeneralString", HFILL }},
5228     { &hf_kerberos_include_pac,
5229       { "include-pac", "kerberos.include_pac",
5230         FT_BOOLEAN, BASE_NONE, NULL, 0,
5231         "BOOLEAN", HFILL }},
5232     { &hf_kerberos_newpasswd,
5233       { "newpasswd", "kerberos.newpasswd",
5234         FT_BYTES, BASE_NONE, NULL, 0,
5235         "OCTET_STRING", HFILL }},
5236     { &hf_kerberos_targname,
5237       { "targname", "kerberos.targname_element",
5238         FT_NONE, BASE_NONE, NULL, 0,
5239         "PrincipalName", HFILL }},
5240     { &hf_kerberos_targrealm,
5241       { "targrealm", "kerberos.targrealm",
5242         FT_STRING, BASE_NONE, NULL, 0,
5243         "Realm", HFILL }},
5244     { &hf_kerberos_APOptions_reserved,
5245       { "reserved", "kerberos.reserved",
5246         FT_BOOLEAN, 8, NULL, 0x80,
5247         NULL, HFILL }},
5248     { &hf_kerberos_APOptions_use_session_key,
5249       { "use-session-key", "kerberos.use-session-key",
5250         FT_BOOLEAN, 8, NULL, 0x40,
5251         NULL, HFILL }},
5252     { &hf_kerberos_APOptions_mutual_required,
5253       { "mutual-required", "kerberos.mutual-required",
5254         FT_BOOLEAN, 8, NULL, 0x20,
5255         NULL, HFILL }},
5256     { &hf_kerberos_TicketFlags_reserved,
5257       { "reserved", "kerberos.reserved",
5258         FT_BOOLEAN, 8, NULL, 0x80,
5259         NULL, HFILL }},
5260     { &hf_kerberos_TicketFlags_forwardable,
5261       { "forwardable", "kerberos.forwardable",
5262         FT_BOOLEAN, 8, NULL, 0x40,
5263         NULL, HFILL }},
5264     { &hf_kerberos_TicketFlags_forwarded,
5265       { "forwarded", "kerberos.forwarded",
5266         FT_BOOLEAN, 8, NULL, 0x20,
5267         NULL, HFILL }},
5268     { &hf_kerberos_TicketFlags_proxiable,
5269       { "proxiable", "kerberos.proxiable",
5270         FT_BOOLEAN, 8, NULL, 0x10,
5271         NULL, HFILL }},
5272     { &hf_kerberos_TicketFlags_proxy,
5273       { "proxy", "kerberos.proxy",
5274         FT_BOOLEAN, 8, NULL, 0x08,
5275         NULL, HFILL }},
5276     { &hf_kerberos_TicketFlags_may_postdate,
5277       { "may-postdate", "kerberos.may-postdate",
5278         FT_BOOLEAN, 8, NULL, 0x04,
5279         NULL, HFILL }},
5280     { &hf_kerberos_TicketFlags_postdated,
5281       { "postdated", "kerberos.postdated",
5282         FT_BOOLEAN, 8, NULL, 0x02,
5283         NULL, HFILL }},
5284     { &hf_kerberos_TicketFlags_invalid,
5285       { "invalid", "kerberos.invalid",
5286         FT_BOOLEAN, 8, NULL, 0x01,
5287         NULL, HFILL }},
5288     { &hf_kerberos_TicketFlags_renewable,
5289       { "renewable", "kerberos.renewable",
5290         FT_BOOLEAN, 8, NULL, 0x80,
5291         NULL, HFILL }},
5292     { &hf_kerberos_TicketFlags_initial,
5293       { "initial", "kerberos.initial",
5294         FT_BOOLEAN, 8, NULL, 0x40,
5295         NULL, HFILL }},
5296     { &hf_kerberos_TicketFlags_pre_authent,
5297       { "pre-authent", "kerberos.pre-authent",
5298         FT_BOOLEAN, 8, NULL, 0x20,
5299         NULL, HFILL }},
5300     { &hf_kerberos_TicketFlags_hw_authent,
5301       { "hw-authent", "kerberos.hw-authent",
5302         FT_BOOLEAN, 8, NULL, 0x10,
5303         NULL, HFILL }},
5304     { &hf_kerberos_TicketFlags_transited_policy_checked,
5305       { "transited-policy-checked", "kerberos.transited-policy-checked",
5306         FT_BOOLEAN, 8, NULL, 0x08,
5307         NULL, HFILL }},
5308     { &hf_kerberos_TicketFlags_ok_as_delegate,
5309       { "ok-as-delegate", "kerberos.ok-as-delegate",
5310         FT_BOOLEAN, 8, NULL, 0x04,
5311         NULL, HFILL }},
5312     { &hf_kerberos_TicketFlags_anonymous,
5313       { "anonymous", "kerberos.anonymous",
5314         FT_BOOLEAN, 8, NULL, 0x02,
5315         NULL, HFILL }},
5316     { &hf_kerberos_KDCOptions_reserved,
5317       { "reserved", "kerberos.reserved",
5318         FT_BOOLEAN, 8, NULL, 0x80,
5319         NULL, HFILL }},
5320     { &hf_kerberos_KDCOptions_forwardable,
5321       { "forwardable", "kerberos.forwardable",
5322         FT_BOOLEAN, 8, NULL, 0x40,
5323         NULL, HFILL }},
5324     { &hf_kerberos_KDCOptions_forwarded,
5325       { "forwarded", "kerberos.forwarded",
5326         FT_BOOLEAN, 8, NULL, 0x20,
5327         NULL, HFILL }},
5328     { &hf_kerberos_KDCOptions_proxiable,
5329       { "proxiable", "kerberos.proxiable",
5330         FT_BOOLEAN, 8, NULL, 0x10,
5331         NULL, HFILL }},
5332     { &hf_kerberos_KDCOptions_proxy,
5333       { "proxy", "kerberos.proxy",
5334         FT_BOOLEAN, 8, NULL, 0x08,
5335         NULL, HFILL }},
5336     { &hf_kerberos_KDCOptions_allow_postdate,
5337       { "allow-postdate", "kerberos.allow-postdate",
5338         FT_BOOLEAN, 8, NULL, 0x04,
5339         NULL, HFILL }},
5340     { &hf_kerberos_KDCOptions_postdated,
5341       { "postdated", "kerberos.postdated",
5342         FT_BOOLEAN, 8, NULL, 0x02,
5343         NULL, HFILL }},
5344     { &hf_kerberos_KDCOptions_unused7,
5345       { "unused7", "kerberos.unused7",
5346         FT_BOOLEAN, 8, NULL, 0x01,
5347         NULL, HFILL }},
5348     { &hf_kerberos_KDCOptions_renewable,
5349       { "renewable", "kerberos.renewable",
5350         FT_BOOLEAN, 8, NULL, 0x80,
5351         NULL, HFILL }},
5352     { &hf_kerberos_KDCOptions_unused9,
5353       { "unused9", "kerberos.unused9",
5354         FT_BOOLEAN, 8, NULL, 0x40,
5355         NULL, HFILL }},
5356     { &hf_kerberos_KDCOptions_unused10,
5357       { "unused10", "kerberos.unused10",
5358         FT_BOOLEAN, 8, NULL, 0x20,
5359         NULL, HFILL }},
5360     { &hf_kerberos_KDCOptions_opt_hardware_auth,
5361       { "opt-hardware-auth", "kerberos.opt-hardware-auth",
5362         FT_BOOLEAN, 8, NULL, 0x10,
5363         NULL, HFILL }},
5364     { &hf_kerberos_KDCOptions_request_anonymous,
5365       { "request-anonymous", "kerberos.request-anonymous",
5366         FT_BOOLEAN, 8, NULL, 0x02,
5367         NULL, HFILL }},
5368     { &hf_kerberos_KDCOptions_canonicalize,
5369       { "canonicalize", "kerberos.canonicalize",
5370         FT_BOOLEAN, 8, NULL, 0x01,
5371         NULL, HFILL }},
5372     { &hf_kerberos_KDCOptions_constrained_delegation,
5373       { "constrained-delegation", "kerberos.constrained-delegation",
5374         FT_BOOLEAN, 8, NULL, 0x80,
5375         NULL, HFILL }},
5376     { &hf_kerberos_KDCOptions_disable_transited_check,
5377       { "disable-transited-check", "kerberos.disable-transited-check",
5378         FT_BOOLEAN, 8, NULL, 0x20,
5379         NULL, HFILL }},
5380     { &hf_kerberos_KDCOptions_renewable_ok,
5381       { "renewable-ok", "kerberos.renewable-ok",
5382         FT_BOOLEAN, 8, NULL, 0x10,
5383         NULL, HFILL }},
5384     { &hf_kerberos_KDCOptions_enc_tkt_in_skey,
5385       { "enc-tkt-in-skey", "kerberos.enc-tkt-in-skey",
5386         FT_BOOLEAN, 8, NULL, 0x08,
5387         NULL, HFILL }},
5388     { &hf_kerberos_KDCOptions_renew,
5389       { "renew", "kerberos.renew",
5390         FT_BOOLEAN, 8, NULL, 0x02,
5391         NULL, HFILL }},
5392     { &hf_kerberos_KDCOptions_validate,
5393       { "validate", "kerberos.validate",
5394         FT_BOOLEAN, 8, NULL, 0x01,
5395         NULL, HFILL }},
5396
5397 /*--- End of included file: packet-kerberos-hfarr.c ---*/
5398 #line 2366 "./asn1/kerberos/packet-kerberos-template.c"
5399         };
5400
5401         /* List of subtrees */
5402         static gint *ett[] = {
5403                 &ett_kerberos,
5404                 &ett_krb_recordmark,
5405                 &ett_krb_pac,
5406                 &ett_krb_pac_drep,
5407                 &ett_krb_pac_midl_blob,
5408                 &ett_krb_pac_logon_info,
5409                 &ett_krb_pac_s4u_delegation_info,
5410                 &ett_krb_pac_upn_dns_info,
5411                 &ett_krb_pac_server_checksum,
5412                 &ett_krb_pac_privsvr_checksum,
5413                 &ett_krb_pac_client_info_type,
5414
5415 /*--- Included file: packet-kerberos-ettarr.c ---*/
5416 #line 1 "./asn1/kerberos/packet-kerberos-ettarr.c"
5417     &ett_kerberos_Applications,
5418     &ett_kerberos_PrincipalName,
5419     &ett_kerberos_SEQUENCE_OF_KerberosString,
5420     &ett_kerberos_CName,
5421     &ett_kerberos_SEQUENCE_OF_CNameString,
5422     &ett_kerberos_SName,
5423     &ett_kerberos_SEQUENCE_OF_SNameString,
5424     &ett_kerberos_HostAddress,
5425     &ett_kerberos_HostAddresses,
5426     &ett_kerberos_AuthorizationData,
5427     &ett_kerberos_AuthorizationData_item,
5428     &ett_kerberos_PA_DATA,
5429     &ett_kerberos_EncryptionKey,
5430     &ett_kerberos_Checksum,
5431     &ett_kerberos_EncryptedTicketData,
5432     &ett_kerberos_EncryptedAuthorizationData,
5433     &ett_kerberos_EncryptedKDCREPData,
5434     &ett_kerberos_EncryptedAPREPData,
5435     &ett_kerberos_EncryptedKrbPrivData,
5436     &ett_kerberos_EncryptedKrbCredData,
5437     &ett_kerberos_Ticket_U,
5438     &ett_kerberos_EncTicketPart_U,
5439     &ett_kerberos_TransitedEncoding,
5440     &ett_kerberos_KDC_REQ,
5441     &ett_kerberos_SEQUENCE_OF_PA_DATA,
5442     &ett_kerberos_KDC_REQ_BODY,
5443     &ett_kerberos_SEQUENCE_OF_ENCTYPE,
5444     &ett_kerberos_SEQUENCE_OF_Ticket,
5445     &ett_kerberos_KDC_REP,
5446     &ett_kerberos_EncKDCRepPart,
5447     &ett_kerberos_LastReq,
5448     &ett_kerberos_LastReq_item,
5449     &ett_kerberos_AP_REQ_U,
5450     &ett_kerberos_Authenticator_U,
5451     &ett_kerberos_AP_REP_U,
5452     &ett_kerberos_EncAPRepPart_U,
5453     &ett_kerberos_KRB_SAFE_U,
5454     &ett_kerberos_KRB_SAFE_BODY,
5455     &ett_kerberos_KRB_PRIV_U,
5456     &ett_kerberos_EncKrbPrivPart,
5457     &ett_kerberos_KRB_CRED_U,
5458     &ett_kerberos_EncKrbCredPart_U,
5459     &ett_kerberos_SEQUENCE_OF_KrbCredInfo,
5460     &ett_kerberos_KrbCredInfo,
5461     &ett_kerberos_KRB_ERROR_U,
5462     &ett_kerberos_METHOD_DATA,
5463     &ett_kerberos_PA_ENC_TIMESTAMP,
5464     &ett_kerberos_ETYPE_INFO_ENTRY,
5465     &ett_kerberos_ETYPE_INFO,
5466     &ett_kerberos_ETYPE_INFO2_ENTRY,
5467     &ett_kerberos_ETYPE_INFO2,
5468     &ett_kerberos_APOptions,
5469     &ett_kerberos_TicketFlags,
5470     &ett_kerberos_KDCOptions,
5471     &ett_kerberos_PA_S4U2Self,
5472     &ett_kerberos_KERB_PA_PAC_REQUEST,
5473     &ett_kerberos_ChangePasswdData,
5474
5475 /*--- End of included file: packet-kerberos-ettarr.c ---*/
5476 #line 2382 "./asn1/kerberos/packet-kerberos-template.c"
5477         };
5478
5479         static ei_register_info ei[] = {
5480                 { &ei_kerberos_decrypted_keytype, { "kerberos.decrypted_keytype", PI_SECURITY, PI_CHAT, "Decryted keytype", EXPFILL }},
5481                 { &ei_kerberos_address, { "kerberos.address.unknown", PI_UNDECODED, PI_WARN, "KRB Address: I don't know how to parse this type of address yet", EXPFILL }},
5482                 { &ei_krb_gssapi_dlglen, { "kerberos.gssapi.dlglen.error", PI_MALFORMED, PI_ERROR, "DlgLen is not the same as number of bytes remaining", EXPFILL }},
5483         };
5484
5485         expert_module_t* expert_krb;
5486         module_t *krb_module;
5487
5488         proto_kerberos = proto_register_protocol("Kerberos", "KRB5", "kerberos");
5489         proto_register_field_array(proto_kerberos, hf, array_length(hf));
5490         proto_register_subtree_array(ett, array_length(ett));
5491         expert_krb = expert_register_protocol(proto_kerberos);
5492         expert_register_field_array(expert_krb, ei, array_length(ei));
5493
5494         /* Register preferences */
5495         krb_module = prefs_register_protocol(proto_kerberos, kerberos_prefs_apply_cb);
5496         prefs_register_bool_preference(krb_module, "desegment",
5497         "Reassemble Kerberos over TCP messages spanning multiple TCP segments",
5498         "Whether the Kerberos dissector should reassemble messages spanning multiple TCP segments."
5499         " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
5500         &krb_desegment);
5501 #ifdef HAVE_KERBEROS
5502         prefs_register_bool_preference(krb_module, "decrypt",
5503         "Try to decrypt Kerberos blobs",
5504         "Whether the dissector should try to decrypt "
5505         "encrypted Kerberos blobs. This requires that the proper "
5506         "keytab file is installed as well.", &krb_decrypt);
5507
5508         prefs_register_filename_preference(krb_module, "file",
5509                                    "Kerberos keytab file",
5510                                    "The keytab file containing all the secrets",
5511                                    &keytab_filename);
5512 #endif
5513
5514 }
5515 static int wrap_dissect_gss_kerb(tvbuff_t *tvb, int offset, packet_info *pinfo,
5516                                  proto_tree *tree, dcerpc_info *di _U_,guint8 *drep _U_)
5517 {
5518         tvbuff_t *auth_tvb;
5519
5520         auth_tvb = tvb_new_subset_remaining(tvb, offset);
5521
5522         dissect_kerberos_main(auth_tvb, pinfo, tree, FALSE, NULL);
5523
5524         return tvb_captured_length_remaining(tvb, offset);
5525 }
5526
5527
5528 static dcerpc_auth_subdissector_fns gss_kerb_auth_connect_fns = {
5529         wrap_dissect_gss_kerb,                      /* Bind */
5530         wrap_dissect_gss_kerb,                      /* Bind ACK */
5531         wrap_dissect_gss_kerb,                      /* AUTH3 */
5532         NULL,                                       /* Request verifier */
5533         NULL,                                       /* Response verifier */
5534         NULL,                                       /* Request data */
5535         NULL                                        /* Response data */
5536 };
5537
5538 static dcerpc_auth_subdissector_fns gss_kerb_auth_sign_fns = {
5539         wrap_dissect_gss_kerb,                      /* Bind */
5540         wrap_dissect_gss_kerb,                      /* Bind ACK */
5541         wrap_dissect_gss_kerb,                      /* AUTH3 */
5542         wrap_dissect_gssapi_verf,                   /* Request verifier */
5543         wrap_dissect_gssapi_verf,                   /* Response verifier */
5544         NULL,                                       /* Request data */
5545         NULL                                        /* Response data */
5546 };
5547
5548 static dcerpc_auth_subdissector_fns gss_kerb_auth_seal_fns = {
5549         wrap_dissect_gss_kerb,                      /* Bind */
5550         wrap_dissect_gss_kerb,                      /* Bind ACK */
5551         wrap_dissect_gss_kerb,                      /* AUTH3 */
5552         wrap_dissect_gssapi_verf,                   /* Request verifier */
5553         wrap_dissect_gssapi_verf,                   /* Response verifier */
5554         wrap_dissect_gssapi_payload,                /* Request data */
5555         wrap_dissect_gssapi_payload                 /* Response data */
5556 };
5557
5558
5559
5560 void
5561 proto_reg_handoff_kerberos(void)
5562 {
5563         dissector_handle_t kerberos_handle_tcp;
5564
5565         krb4_handle = find_dissector_add_dependency("krb4", proto_kerberos);
5566
5567         kerberos_handle_udp = create_dissector_handle(dissect_kerberos_udp,
5568         proto_kerberos);
5569
5570         kerberos_handle_tcp = create_dissector_handle(dissect_kerberos_tcp,
5571         proto_kerberos);
5572
5573         dissector_add_uint("udp.port", UDP_PORT_KERBEROS, kerberos_handle_udp);
5574         dissector_add_uint("tcp.port", TCP_PORT_KERBEROS, kerberos_handle_tcp);
5575
5576         register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_CONNECT,
5577                                                                           DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5578                                                                           &gss_kerb_auth_connect_fns);
5579
5580         register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_INTEGRITY,
5581                                                                           DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5582                                                                           &gss_kerb_auth_sign_fns);
5583
5584         register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_PRIVACY,
5585                                                                           DCE_C_RPC_AUTHN_PROTOCOL_GSS_KERBEROS,
5586                                                                           &gss_kerb_auth_seal_fns);
5587 }
5588
5589 /*
5590  * Editor modelines  -  http://www.wireshark.org/tools/modelines.html
5591  *
5592  * Local variables:
5593  * c-basic-offset: 8
5594  * tab-width: 8
5595  * indent-tabs-mode: t
5596  * End:
5597  *
5598  * vi: set shiftwidth=8 tabstop=8 noexpandtab:
5599  * :indentSize=8:tabSize=8:noTabs=false:
5600  */
Unnamed repository; edit this file to name it for gitweb.