private_data->fast_armor_ ...
authorStefan Metzmacher <metze@samba.org>
Thu, 19 Feb 2015 14:15:36 +0000 (15:15 +0100)
committerStefan Metzmacher <metze@samba.org>
Wed, 17 Oct 2018 14:09:07 +0000 (16:09 +0200)
Change-Id: I377b61d4af3b4e8927321ef770193ad1fc128ec2

epan/dissectors/asn1/kerberos/kerberos.cnf
epan/dissectors/asn1/kerberos/packet-kerberos-template.c

index c361043e650244686210e79a44437baec3ec493c..66ca433fc167f05976ffbe2262851c1a088532d5 100644 (file)
@@ -382,9 +382,35 @@ guint32 msgtype;
        if (private_data->key.keytype != 0 && private_data->key.keylength > 0) {
 ##ifdef HAVE_KERBEROS
                add_encryption_key(actx->pinfo, private_data->key.keytype, private_data->key.keylength, private_data->key.keyvalue, "key");
+##if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+               if (private_data->fast_armor_within_enc_ticket_part &&
+                   private_data->fast_armor_ticket_sessionkey_needed)
+               {
+                       private_date->fast_armor_ticket_sessionkey = enc_key_list;
+                       private_data->fast_armor_ticket_sessionkey_needed = FALSE;
+               }
+               if (private_data->fast_armor_within_authenticator &&
+                   private_data->fast_armor_remote_subkey_needed)
+               {
+                       private_date->fast_armor_remote_subkey = enc_key_list;
+                       private_data->fast_armor_remote_subkey_needed = FALSE;
+               }
+##endif
 ##endif
        }
 
+#.FN_BODY Authenticator
+       kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
+       private_data->fast_armor_within_authenticator = TRUE;
+%(DEFAULT_BODY)s
+       private_data->fast_armor_within_authenticator = FALSE;
+
+#.FN_BODY EncTicketPart
+       kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
+       private_data->fast_armor_within_enc_ticket_part = TRUE;
+%(DEFAULT_BODY)s
+       private_data->fast_armor_within_enc_ticket_part = FALSE;
+
 #.FN_BODY AUTHDATA-TYPE VAL_PTR=&(private_data->ad_type)
        kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
 %(DEFAULT_BODY)s
@@ -483,10 +509,37 @@ guint32 msgtype;
 
 #.FN_BODY KrbFastArmor/armor-value
        kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
+       gboolean fast_armor_request = FALSE;
 
        switch(private_data->fast_type){
        case KERBEROS_FX_FAST_ARMOR_AP_REQUEST:
+               if (!private_data->fast_armor_request) {
+                       fast_armor_request = TRUE;
+                       private_data->fast_armor_request = TRUE;
+                       private_data->fast_armor_within_enc_ticket_part = FALSE;
+                       private_data->fast_armor_ticket_sessionkey_needed = TRUE;
+                       private_data->fast_armor_ticket_sessionkey = NULL;
+                       private_data->fast_armor_within_authenticator = FALSE;
+                       private_data->fast_armor_remote_subkey_needed = TRUE;
+                       private_data->fast_armor_remote_subkey = NULL;
+               }
                offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_kerberos_Applications);
+               if (fast_armor_request) {
+                       if (private_data->fast_armor_ticket_sessionkey != NULL &&
+                           private_date->fast_armor_remote_subkey != NULL)
+                       {
+metze
+                               add_encryption_key(actx->pinfo, private_data->key.keytype, private_data->key.keylength, private_data->key.keyvalue, "key");
+                       }
+
+                       private_data->fast_armor_request = FALSE;
+                       private_data->fast_armor_within_enc_ticket_part = FALSE;
+                       private_data->fast_armor_ticket_sessionkey_needed = FALSE;
+                       private_data->fast_armor_ticket_sessionkey = NULL;
+                       private_data->fast_armor_within_authenticator = FALSE;
+                       private_data->fast_armor_remote_subkey_needed = FALSE;
+                       private_data->fast_armor_remote_subkey = NULL;
+               }
                break;
        default:
                offset=dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, NULL);
index f35815d6bbdefcf5242c8529a068c5bc924632e0..7c308df08b000bc15a0cd8f75ec5b86265a07636 100644 (file)
@@ -102,6 +102,13 @@ typedef struct {
        guint32 addr_type;
        guint32 checksum_type;
        guint32 fast_type;
+       gboolean fast_armor_request;
+       gboolean fast_armor_within_enc_ticket_part;
+       gboolean fast_armor_ticket_sessionkey_needed;
+       const enc_key_t *fast_armor_ticket_sessionkey;
+       gboolean fast_armor_within_authenticator;
+       gboolean fast_armor_remote_subkey_needed;
+       const enc_key_t *fast_armor_remote_subkey;
 } kerberos_private_data_t;
 
 static dissector_handle_t kerberos_handle_udp;