*
* Some structures from RFC2630
*
+ * Ted Percival ted[AT]midg3t.net
+ * Support for PA-S4U2Self Kerberos packet type based on ASN.1 description
+ * in Heimdal:
+ * http://loka.it.su.se/source/xref/heimdal/heimdal/lib/asn1/k5.asn1
+ *
* $Id$
*
* Wireshark - Network traffic analyzer
#include <epan/conversation.h>
#include <epan/emem.h>
+#include <epan/asn1.h>
#include <epan/dissectors/packet-kerberos.h>
#include <epan/dissectors/packet-netbios.h>
#include <epan/dissectors/packet-tcp.h>
#include <epan/dissectors/packet-dcerpc.h>
#include <epan/dissectors/packet-gssapi.h>
+#include <epan/dissectors/packet-smb-common.h>
-#include <wiretap/file_util.h>
+#include <wsutil/file_util.h>
#define UDP_PORT_KERBEROS 88
#define TCP_PORT_KERBEROS 88
static gint hf_krb_pac_clientid = -1;
static gint hf_krb_pac_namelen = -1;
static gint hf_krb_pac_clientname = -1;
+static gint hf_krb_pac_upn_flags = -1;
+static gint hf_krb_pac_upn_upn_name = -1;
+static gint hf_krb_pac_upn_dns_name = -1;
+static gint hf_krb_pac_upn_dns_offset = -1;
+static gint hf_krb_pac_upn_dns_len = -1;
+static gint hf_krb_pac_upn_upn_offset = -1;
+static gint hf_krb_pac_upn_upn_len = -1;
static gint hf_krb_w2k_pac_entries = -1;
static gint hf_krb_w2k_pac_version = -1;
static gint hf_krb_w2k_pac_type = -1;
static gint hf_krb_PAC_PRIVSVR_CHECKSUM = -1;
static gint hf_krb_PAC_CLIENT_INFO_TYPE = -1;
static gint hf_krb_PAC_CONSTRAINED_DELEGATION = -1;
+static gint hf_krb_PAC_UPN_DNS_INFO = -1;
static gint hf_krb_encrypted_PA_ENC_TIMESTAMP = -1;
+static gint hf_krb_encrypted_enc_authorization_data = -1;
static gint hf_krb_encrypted_EncKrbCredPart = -1;
static gint hf_krb_checksum_checksum = -1;
static gint hf_krb_encrypted_PRIV = -1;
static gint hf_krb_name_string = -1;
static gint hf_krb_provsrv_location = -1;
static gint hf_krb_e_text = -1;
+static gint hf_krb_s4u2self_auth = -1;
static gint hf_krb_name_type = -1;
static gint hf_krb_lr_type = -1;
static gint hf_krb_from = -1;
static gint hf_krb_IF_RELEVANT = -1;
static gint hf_krb_addr_type = -1;
static gint hf_krb_address_ip = -1;
+static gint hf_krb_address_ipv6 = -1;
static gint hf_krb_address_netbios = -1;
static gint hf_krb_msg_type = -1;
static gint hf_krb_pvno = -1;
static gint hf_krb_smb_nt_status = -1;
static gint hf_krb_smb_unknown = -1;
static gint hf_krb_midl_blob_len = -1;
+static gint hf_krb_midl_fill_bytes = -1;
+static gint hf_krb_midl_version = -1;
+static gint hf_krb_midl_hdr_len = -1;
static gint ett_krb_kerberos = -1;
static gint ett_krb_TransitedEncoding = -1;
static gint ett_krb_PRIV_enc = -1;
static gint ett_krb_e_checksum = -1;
static gint ett_krb_PAC_MIDL_BLOB = -1;
+static gint ett_krb_PAC_DREP = -1;
+static gint ett_krb_PAC_UPN_DNS_INFO = -1;
guint32 krb5_errorcode;
#endif
#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+#ifdef _WIN32
+/* prevent redefinition warnings in kfw-2.5\inc\win_mac.h */
+#undef HAVE_STDARG_H
+#undef HAVE_SYS_TYPES_H
+#endif
#include <krb5.h>
enc_key_t *enc_key_list=NULL;
if(pinfo->fd->flags.visited){
return;
}
-printf("added key in %d\n",pinfo->fd->num);
+printf("added key in %u\n",pinfo->fd->num);
new_key=g_malloc(sizeof(enc_key_t));
- g_snprintf(new_key->key_origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %d",origin,pinfo->fd->num);
+ g_snprintf(new_key->key_origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u",origin,pinfo->fd->num);
new_key->next=enc_key_list;
enc_key_list=new_key;
new_key->keytype=keytype;
if((ret == 0) && (length>0)){
char *user_data;
-printf("woohoo decrypted keytype:%d in frame:%d\n", keytype, pinfo->fd->num);
+printf("woohoo decrypted keytype:%d in frame:%u\n", keytype, pinfo->fd->num);
proto_tree_add_text(tree, NULL, 0, 0, "[Decrypted using: %s]", ek->key_origin);
/* return a private g_malloced blob to the caller */
user_data=g_malloc(data.length);
if((ret == 0) && (length>0)){
char *user_data;
-printf("woohoo decrypted keytype:%d in frame:%d\n", keytype, pinfo->fd->num);
+printf("woohoo decrypted keytype:%d in frame:%u\n", keytype, pinfo->fd->num);
proto_tree_add_text(tree, NULL, 0, 0, "[Decrypted using: %s]", ek->key_origin);
krb5_crypto_destroy(context, crypto);
/* return a private g_malloced blob to the caller */
if(pinfo->fd->flags.visited){
return;
}
-printf("added key in %d\n",pinfo->fd->num);
+printf("added key in %u\n",pinfo->fd->num);
new_key = g_malloc(sizeof(service_key_t));
new_key->kvno = 0;
new_key->length = keylength;
new_key->contents = g_malloc(keylength);
memcpy(new_key->contents, keyvalue, keylength);
- g_snprintf(new_key->origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %d", origin, pinfo->fd->num);
+ g_snprintf(new_key->origin, KRB_MAX_ORIG_LEN, "%s learnt from frame %u", origin, pinfo->fd->num);
service_key_list = g_slist_append(service_key_list, (gpointer) new_key);
}
unsigned char buf[SERVICE_KEY_SIZE];
int newline_skip = 0, count = 0;
- if (service_key_file != NULL && stat (service_key_file, &st) == 0) {
+ if (service_key_file != NULL && ws_stat (service_key_file, &st) == 0) {
/* The service key file contains raw 192-bit (24 byte) 3DES keys.
* There can be zero, one (\n), or two (\r\n) characters between
}
}
- skf = eth_fopen(service_key_file, "rb");
+ skf = ws_fopen(service_key_file, "rb");
if (! skf) return;
while (fread(buf, SERVICE_KEY_SIZE, 1, skf) == 1) {
decrypted_data = g_malloc(length);
for(ske = service_key_list; ske != NULL; ske = g_slist_next(ske)){
+ gboolean do_continue = FALSE;
sk = (service_key_t *) ske->data;
des_fix_parity(DES3_KEY_SIZE, key, sk->contents);
*/
TRY {
id_offset = get_ber_identifier(encr_tvb, CONFOUNDER_PLUS_CHECKSUM, &cls, &pc, &tag);
- offset = get_ber_length(tree, encr_tvb, id_offset, &item_len, &ind);
+ offset = get_ber_length(encr_tvb, id_offset, &item_len, &ind);
}
CATCH (BoundsError) {
tvb_free(encr_tvb);
- continue;
+ do_continue = TRUE;
}
ENDTRY;
+ if (do_continue) continue;
+
data_len = item_len + offset - CONFOUNDER_PLUS_CHECKSUM;
if ((int) item_len + offset > length) {
tvb_free(encr_tvb);
md5_finish(&md5s, digest);
if (tvb_memeql (encr_tvb, 8, digest, 16) == 0) {
-g_warning("woohoo decrypted keytype:%d in frame:%d\n", keytype, pinfo->fd->num);
+g_warning("woohoo decrypted keytype:%d in frame:%u\n", keytype, pinfo->fd->num);
plaintext = g_malloc(data_len);
tvb_memcpy(encr_tvb, plaintext, CONFOUNDER_PLUS_CHECKSUM, data_len);
tvb_free(encr_tvb);
#endif /* HAVE_MIT_KERBEROS / HAVE_HEIMDAL_KERBEROS / HAVE_LIBNETTLE */
-
+#define INET6_ADDRLEN 16
/* TCP Record Mark */
#define KRB_RM_RESERVED 0x80000000L
come up with something better
*/
#define KRB5_PA_PAC_REQUEST 128 /* MS extension */
+#define KRB5_PA_S4U2SELF 129 /* Impersonation (Microsoft extension) */
#define KRB5_PA_PROV_SRV_LOCATION 255 /* packetcable stuff */
/* Principal name-type */
#define PAC_PRIVSVR_CHECKSUM 7
#define PAC_CLIENT_INFO_TYPE 10
#define PAC_CONSTRAINED_DELEGATION 11
+#define PAC_UPN_DNS_INFO 12
static const value_string w2k_pac_types[] = {
{ PAC_LOGON_INFO , "Logon Info" },
{ PAC_CREDENTIAL_TYPE , "Credential Type" },
{ PAC_PRIVSVR_CHECKSUM , "Privsvr Checksum" },
{ PAC_CLIENT_INFO_TYPE , "Client Info Type" },
{ PAC_CONSTRAINED_DELEGATION, "Constrained Delegation" },
+ { PAC_UPN_DNS_INFO , "UPN DNS Info" },
{ 0, NULL },
};
{ KRB5_TD_REQ_NONCE , "TD-REQ-NONCE" },
{ KRB5_TD_REQ_SEQ , "TD-REQ-SEQ" },
{ KRB5_PA_PAC_REQUEST , "PA-PAC-REQUEST" },
+ { KRB5_PA_S4U2SELF , "PA-S4U2SELF" },
{ KRB5_PA_PROV_SRV_LOCATION , "PA-PROV-SRV-LOCATION" },
{ 0 , NULL },
};
#define KRB5_AD_SESAME 65
#define KRB5_AD_OSF_DCE_PKI_CERTID 66
#define KRB5_AD_WIN2K_PAC 128
+#define KRB5_AD_SIGNTICKET 0xffffffef
static const value_string krb5_ad_types[] = {
{ KRB5_AD_IF_RELEVANT , "AD-IF-RELEVANT" },
{ KRB5_AD_INTENDED_FOR_SERVER , "AD-Intended-For-Server" },
{ KRB5_AD_SESAME , "AD-SESAME" },
{ KRB5_AD_OSF_DCE_PKI_CERTID , "AD-OSF-DCE-PKI-CertID" },
{ KRB5_AD_WIN2K_PAC , "AD-Win2k-PAC" },
+ { KRB5_AD_SIGNTICKET , "AD-SignTicket" },
{ 0 , NULL },
};
-static int dissect_krb5_application_choice(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_Application_1(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_Authenticator(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_EncTicketPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_EncAPRepPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_EncKrbPrivPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_EncKrbCredPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_EncKDCRepPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_KDC_REQ(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_KDC_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_AP_REQ(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_AP_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_SAFE(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_PRIV(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_CRED(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
-static int dissect_krb5_ERROR(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset);
+static int dissect_krb5_application_choice(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_Application_1(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_Authenticator(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_EncTicketPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_EncAPRepPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_EncKrbPrivPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_EncKrbCredPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_EncKDCRepPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_KDC_REQ(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_KDC_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_AP_REQ(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_AP_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_SAFE(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_PRIV(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_CRED(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
+static int dissect_krb5_ERROR(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
-static const ber_choice_t kerberos_applications_choice[] = {
+static const ber_old_choice_t kerberos_applications_choice[] = {
{ KRB5_MSG_TICKET, BER_CLASS_APP, KRB5_MSG_TICKET, 0, dissect_krb5_Application_1 },
{ KRB5_MSG_AUTHENTICATOR, BER_CLASS_APP, KRB5_MSG_AUTHENTICATOR, 0, dissect_krb5_Authenticator },
{ KRB5_MSG_ENC_TICKET_PART, BER_CLASS_APP, KRB5_MSG_ENC_TICKET_PART, 0, dissect_krb5_EncTicketPart },
static int
-dissect_krb5_application_choice(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_application_choice(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_choice(pinfo, tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
return offset;
}
NULL
};
static int
-dissect_krb5_APOptions(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_APOptions(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_bitstring32(FALSE, pinfo, tree, tvb, offset, APOptions_bits, hf_krb_APOptions, ett_krb_AP_Options, NULL);
+ offset=dissect_ber_bitstring32(FALSE, actx, tree, tvb, offset, APOptions_bits, hf_krb_APOptions, ett_krb_AP_Options, NULL);
return offset;
}
};
static int
-dissect_krb5_KDCOptions(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KDCOptions(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_bitstring32(FALSE, pinfo, tree, tvb, offset, KDCOptions_bits, hf_krb_KDCOptions, ett_krb_KDC_Options, NULL);
+ offset=dissect_ber_bitstring32(FALSE, actx, tree, tvb, offset, KDCOptions_bits, hf_krb_KDCOptions, ett_krb_KDC_Options, NULL);
return offset;
}
static int
-dissect_krb5_rtime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_rtime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_rtime);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_rtime);
return offset;
}
int
-dissect_krb5_ctime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_ctime);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_ctime);
return offset;
}
static int
-dissect_krb5_cusec(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_cusec(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_cusec, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_cusec, NULL);
return offset;
}
static int
-dissect_krb5_stime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_stime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_stime);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_stime);
return offset;
}
static int
-dissect_krb5_susec(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_susec(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_susec, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_susec, NULL);
return offset;
}
static int
-dissect_krb5_error_code(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_error_code(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_error_code, &krb5_errorcode);
- if(krb5_errorcode && check_col(pinfo->cinfo, COL_INFO)) {
- col_add_fstr(pinfo->cinfo, COL_INFO,
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_error_code, &krb5_errorcode);
+ if(krb5_errorcode && check_col(actx->pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(actx->pinfo->cinfo, COL_INFO,
"KRB Error: %s",
val_to_str(krb5_errorcode, krb5_error_codes,
"Unknown error code %#x"));
static int
-dissect_krb5_till(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_till(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_till);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_till);
return offset;
}
static int
-dissect_krb5_from(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_from(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_from);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_from);
return offset;
}
static int
-dissect_krb5_nonce(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_nonce(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_nonce, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_nonce, NULL);
return offset;
}
* etype[8] SEQUENCE OF INTEGER, -- EncryptionType,
*/
static int
-dissect_krb5_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint32 etype;
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(etype, krb5_encryption_types,
}
return offset;
}
-static ber_sequence_t etype_sequence_of[1] = {
+static ber_old_sequence_t etype_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_krb5_etype },
};
static int
-dissect_krb5_etype_sequence_of(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_etype_sequence_of(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, etype_sequence_of, hf_krb_etypes, ett_krb_etypes);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, etype_sequence_of, hf_krb_etypes, ett_krb_etypes);
return offset;
}
static guint32 authenticator_etype;
static int
-dissect_krb5_authenticator_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_authenticator_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &authenticator_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &authenticator_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(authenticator_etype, krb5_encryption_types,
}
static guint32 Ticket_etype;
static int
-dissect_krb5_Ticket_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_Ticket_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &Ticket_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &Ticket_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(Ticket_etype, krb5_encryption_types,
}
static guint32 AP_REP_etype;
static int
-dissect_krb5_AP_REP_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AP_REP_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &AP_REP_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &AP_REP_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(AP_REP_etype, krb5_encryption_types,
}
static guint32 PA_ENC_TIMESTAMP_etype;
static int
-dissect_krb5_PA_ENC_TIMESTAMP_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_ENC_TIMESTAMP_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &PA_ENC_TIMESTAMP_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &PA_ENC_TIMESTAMP_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(PA_ENC_TIMESTAMP_etype, krb5_encryption_types,
* }
*/
static guint32 addr_type;
-static int dissect_krb5_addr_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+static int dissect_krb5_addr_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_addr_type, &addr_type);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_addr_type, &addr_type);
return offset;
}
-static int dissect_krb5_address(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+static int dissect_krb5_address(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
gint8 class;
gboolean pc;
proto_item *it=NULL;
/* read header and len for the octet string */
- offset=dissect_ber_identifier(pinfo, tree, tvb, offset, &class, &pc, &tag);
- offset=dissect_ber_length(pinfo, tree, tvb, offset, &len, NULL);
+ offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &class, &pc, &tag);
+ offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL);
address_str=ep_alloc(256);
address_str[0]=0;
it=proto_tree_add_string_format(tree, hf_krb_address_netbios, tvb, offset, 16, netbios_name, "NetBIOS Name: %s (%s)", address_str, netbios_name_type_descr(netbios_name_type));
}
break;
+ case KRB5_ADDR_IPv6:
+ it=proto_tree_add_item(tree, hf_krb_address_ipv6, tvb, offset, INET6_ADDRLEN, FALSE);
+ g_snprintf(address_str, 256, "%s", ip6_to_str((const struct e_in6_addr *)tvb_get_ptr(tvb, offset, INET6_ADDRLEN)));
+ break;
default:
proto_tree_add_text(tree, tvb, offset, len, "KRB Address: I dont know how to parse this type of address yet");
offset+=len;
return offset;
}
-static ber_sequence_t HostAddress_sequence[] = {
+static ber_old_sequence_t HostAddress_sequence[] = {
{ BER_CLASS_CON, 0, 0, dissect_krb5_addr_type },
{ BER_CLASS_CON, 1, 0, dissect_krb5_address },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_HostAddress(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_HostAddress(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, HostAddress_sequence, hf_krb_HostAddress, ett_krb_HostAddress);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, HostAddress_sequence, hf_krb_HostAddress, ett_krb_HostAddress);
return offset;
}
static int
-dissect_krb5_s_address(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_s_address(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, HostAddress_sequence, hf_krb_s_address, ett_krb_s_address);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, HostAddress_sequence, hf_krb_s_address, ett_krb_s_address);
return offset;
}
static int
-dissect_krb5_r_address(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_r_address(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, HostAddress_sequence, hf_krb_r_address, ett_krb_r_address);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, HostAddress_sequence, hf_krb_r_address, ett_krb_r_address);
return offset;
}
* }
*
*/
-static ber_sequence_t HostAddresses_sequence_of[1] = {
+static ber_old_sequence_t HostAddresses_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_HostAddress },
};
static int
-dissect_krb5_HostAddresses(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_HostAddresses(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, HostAddresses_sequence_of, hf_krb_HostAddresses, ett_krb_HostAddresses);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, HostAddresses_sequence_of, hf_krb_HostAddresses, ett_krb_HostAddresses);
return offset;
}
/* sequence of tickets */
-static ber_sequence_t sequence_of_tickets[1] = {
+static ber_old_sequence_t sequence_of_tickets[1] = {
{ BER_CLASS_APP, 1, 0, dissect_krb5_Application_1},
};
static int
-dissect_krb5_sq_tickets(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_sq_tickets(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, sequence_of_tickets, hf_krb_sq_tickets, ett_krb_sq_tickets);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, sequence_of_tickets, hf_krb_sq_tickets, ett_krb_sq_tickets);
return offset;
}
static int
-dissect_krb5_msg_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_msg_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint32 msgtype;
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_msg_type, &msgtype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_msg_type, &msgtype);
- if (do_col_info & check_col(pinfo->cinfo, COL_INFO)) {
- col_add_str(pinfo->cinfo, COL_INFO,
+ if (do_col_info & check_col(actx->pinfo->cinfo, COL_INFO)) {
+ col_add_str(actx->pinfo->cinfo, COL_INFO,
val_to_str(msgtype, krb5_msg_types,
"Unknown msg type %#x"));
}
static int
-dissect_krb5_pvno(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_pvno(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_pvno, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_pvno, NULL);
return offset;
}
*/
guint32 name_type;
static int
-dissect_krb5_name_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_name_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_name_type, &name_type);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_name_type, &name_type);
if(tree){
proto_item_append_text(tree, " (%s):",
val_to_str(name_type, krb5_princ_types,
}
static char name_string_separator;
static int
-dissect_krb5_name_string(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_name_string(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
char name_string[256];
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_name_string, name_string, 255);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_name_string, name_string, 255);
if(tree){
proto_item_append_text(tree, "%c%s", name_string_separator, name_string);
name_string_separator='/';
return offset;
}
-static ber_sequence_t name_stringe_sequence_of[1] = {
+static ber_old_sequence_t name_stringe_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_krb5_name_string },
};
static int
-dissect_krb5_name_strings(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_name_strings(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
name_string_separator=' ';
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, name_stringe_sequence_of, -1, -1);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, name_stringe_sequence_of, -1, -1);
return offset;
}
-static ber_sequence_t PrincipalName_sequence[] = {
+static ber_old_sequence_t PrincipalName_sequence[] = {
{ BER_CLASS_CON, 0, 0, dissect_krb5_name_type },
{ BER_CLASS_CON, 1, 0, dissect_krb5_name_strings },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_sname(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_sname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PrincipalName_sequence, hf_krb_sname, ett_krb_sname);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PrincipalName_sequence, hf_krb_sname, ett_krb_sname);
return offset;
}
static int
-dissect_krb5_pname(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_pname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PrincipalName_sequence, hf_krb_pname, ett_krb_pname);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PrincipalName_sequence, hf_krb_pname, ett_krb_pname);
return offset;
}
int
-dissect_krb5_cname(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PrincipalName_sequence, hf_krb_cname, ett_krb_cname);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PrincipalName_sequence, hf_krb_cname, ett_krb_cname);
return offset;
}
int
-dissect_krb5_prealm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_prealm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_prealm, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_prealm, NULL, 0);
return offset;
}
int
-dissect_krb5_srealm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_srealm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_srealm, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_srealm, NULL, 0);
return offset;
}
int
-dissect_krb5_realm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_realm, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_realm, NULL, 0);
return offset;
}
static int
-dissect_krb5_crealm(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_crealm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_crealm, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_crealm, NULL, 0);
return offset;
}
static int
-dissect_krb5_PA_PAC_REQUEST_flag(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_PAC_REQUEST_flag(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_boolean(FALSE, pinfo, tree, tvb, offset, hf_krb_PA_PAC_REQUEST_flag);
+ offset=dissect_ber_boolean(FALSE, actx, tree, tvb, offset, hf_krb_PA_PAC_REQUEST_flag, NULL);
return offset;
}
-static ber_sequence_t PA_PAC_REQUEST_sequence[] = {
+static ber_old_sequence_t PA_PAC_REQUEST_sequence[] = {
{ BER_CLASS_CON, 0, 0, dissect_krb5_PA_PAC_REQUEST_flag },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_PA_PAC_REQUEST(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_PAC_REQUEST(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PA_PAC_REQUEST_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PA_PAC_REQUEST_sequence, -1, -1);
return offset;
}
+static int
+dissect_krb5_s4u2self_auth(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_s4u2self_auth, NULL, 0);
+ return offset;
+}
+static ber_old_sequence_t PA_S4U2SELF_sequence[] = {
+ { BER_CLASS_CON, 0, 0, dissect_krb5_cname },
+ { BER_CLASS_CON, 1, 0, dissect_krb5_realm },
+ { BER_CLASS_CON, 2, 0, dissect_krb5_Checksum },
+ { BER_CLASS_CON, 3, 0, dissect_krb5_s4u2self_auth },
+ { 0, 0, 0, NULL }
+};
+
+static int
+dissect_krb5_PA_S4U2SELF(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PA_S4U2SELF_sequence, -1, -1);
+ return offset;
+}
static int
-dissect_krb5_PA_PROV_SRV_LOCATION(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_PROV_SRV_LOCATION(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_provsrv_location, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_provsrv_location, NULL, 0);
return offset;
}
static int
-dissect_krb5_kvno(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_kvno(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_kvno, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_kvno, NULL);
return offset;
}
static int
-dissect_krb5_seq_number(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_seq_number(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_seq_number, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_seq_number, NULL);
return offset;
}
static int
-dissect_krb5_patimestamp(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_patimestamp(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_patimestamp);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_patimestamp);
return offset;
}
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_pausec(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_pausec(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_pausec, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_pausec, NULL);
return offset;
}
-static const ber_sequence_t PA_ENC_TS_ENC_sequence[] = {
+static const ber_old_sequence_t PA_ENC_TS_ENC_sequence[] = {
{ BER_CLASS_CON, 0, 0, dissect_krb5_patimestamp },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_krb5_pausec },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_decrypt_PA_ENC_TIMESTAMP (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_PA_ENC_TIMESTAMP (proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext=NULL;
int length;
* == 1
*/
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 1, length, tvb_get_ptr(tvb, offset, length), PA_ENC_TIMESTAMP_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, length, tvb_get_ptr(tvb, offset, length), PA_ENC_TIMESTAMP_etype);
}
if(plaintext){
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
- offset=dissect_ber_sequence(FALSE, pinfo, tree, next_tvb, 0, PA_ENC_TS_ENC_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, next_tvb, 0, PA_ENC_TS_ENC_sequence, -1, -1);
}
return offset;
static int
-dissect_krb5_encrypted_PA_ENC_TIMESTAMP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_PA_ENC_TIMESTAMP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_PA_ENC_TIMESTAMP, NULL);
#endif
return offset;
}
-static ber_sequence_t PA_ENC_TIMESTAMP_sequence[] = {
+static ber_old_sequence_t PA_ENC_TIMESTAMP_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_PA_ENC_TIMESTAMP_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_PA_ENC_TIMESTAMP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_ENC_TIMESTAMP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PA_ENC_TIMESTAMP_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PA_ENC_TIMESTAMP_sequence, -1, -1);
return offset;
}
static int
-dissect_krb5_etype_info_salt(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_etype_info_salt(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_etype_info_salt, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_etype_info_salt, NULL);
return offset;
}
static int
-dissect_krb5_etype_info2_salt(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_etype_info2_salt(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_etype_info2_salt, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_etype_info2_salt, NULL, 0);
return offset;
}
static int
-dissect_krb5_etype_info2_s2kparams(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_etype_info2_s2kparams(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_etype_info2_s2kparams, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_etype_info2_s2kparams, NULL);
return offset;
}
-static ber_sequence_t PA_ENCTYPE_INFO_ENTRY_sequence[] = {
+static ber_old_sequence_t PA_ENCTYPE_INFO_ENTRY_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_PA_ENCTYPE_INFO_ENTRY(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_ENCTYPE_INFO_ENTRY(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PA_ENCTYPE_INFO_ENTRY_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PA_ENCTYPE_INFO_ENTRY_sequence, -1, -1);
return offset;
}
-static ber_sequence_t PA_ENCTYPE_INFO_sequence_of[1] = {
+static ber_old_sequence_t PA_ENCTYPE_INFO_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_PA_ENCTYPE_INFO_ENTRY },
};
static int
-dissect_krb5_PA_ENCTYPE_INFO(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_ENCTYPE_INFO(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, PA_ENCTYPE_INFO_sequence_of, -1, -1);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, PA_ENCTYPE_INFO_sequence_of, -1, -1);
return offset;
}
-static ber_sequence_t PA_ENCTYPE_INFO2_ENTRY_sequence[] = {
+static ber_old_sequence_t PA_ENCTYPE_INFO2_ENTRY_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_PA_ENCTYPE_INFO2_ENTRY(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_ENCTYPE_INFO2_ENTRY(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PA_ENCTYPE_INFO2_ENTRY_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PA_ENCTYPE_INFO2_ENTRY_sequence, -1, -1);
return offset;
}
-static ber_sequence_t PA_ENCTYPE_INFO2_sequence_of[1] = {
+static ber_old_sequence_t PA_ENCTYPE_INFO2_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_PA_ENCTYPE_INFO2_ENTRY },
};
static int
-dissect_krb5_PA_ENCTYPE_INFO2(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_ENCTYPE_INFO2(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, PA_ENCTYPE_INFO2_sequence_of, -1, -1);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, PA_ENCTYPE_INFO2_sequence_of, -1, -1);
return offset;
}
static int
-dissect_krb5_PW_SALT(packet_info *pinfo _U_, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PW_SALT(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint32 nt_status;
proto_tree_add_item(tree, hf_krb_smb_nt_status, tvb, offset, 4,
TRUE);
nt_status=tvb_get_letohl(tvb, offset);
- if(nt_status && check_col(pinfo->cinfo, COL_INFO)) {
- col_append_fstr(pinfo->cinfo, COL_INFO,
+ if(nt_status && check_col(actx->pinfo->cinfo, COL_INFO)) {
+ col_append_fstr(actx->pinfo->cinfo, COL_INFO,
" NT Status: %s",
val_to_str(nt_status, NT_errors,
"Unknown error code %#x"));
*/
guint32 krb_PA_DATA_type;
static int
-dissect_krb5_PA_DATA_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_DATA_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_PA_DATA_type, &krb_PA_DATA_type);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_PA_DATA_type, &krb_PA_DATA_type);
krb_PA_DATA_type&=0xff; /*this is really just one single byte */
if(tree){
return offset;
}
static int
-dissect_krb5_PA_DATA_value(packet_info *pinfo, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_DATA_value(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_tree *tree=parent_tree;
- if(ber_last_created_item){
- tree=proto_item_add_subtree(ber_last_created_item, ett_krb_PA_DATA_tree);
+ if(actx->created_item){
+ tree=proto_item_add_subtree(actx->created_item, ett_krb_PA_DATA_tree);
}
switch(krb_PA_DATA_type){
case KRB5_PA_TGS_REQ:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_application_choice);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_application_choice);
break;
case KRB5_PA_PK_AS_REQ:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_pkinit_PA_PK_AS_REQ);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_pkinit_PA_PK_AS_REQ);
break;
case KRB5_PA_PK_AS_REP:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_pkinit_PA_PK_AS_REP);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_pkinit_PA_PK_AS_REP);
break;
case KRB5_PA_PAC_REQUEST:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_PAC_REQUEST);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_PAC_REQUEST);
+ break;
+ case KRB5_PA_S4U2SELF:
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_S4U2SELF);
break;
case KRB5_PA_PROV_SRV_LOCATION:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_PROV_SRV_LOCATION);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_PROV_SRV_LOCATION);
break;
case KRB5_PA_ENC_TIMESTAMP:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENC_TIMESTAMP);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENC_TIMESTAMP);
break;
case KRB5_PA_ENCTYPE_INFO:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO);
break;
case KRB5_PA_ENCTYPE_INFO2:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO2);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO2);
break;
case KRB5_PA_PW_SALT:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PW_SALT);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PW_SALT);
break;
default:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset,hf_krb_PA_DATA_value, NULL);
}
return offset;
/*qqq*/
}
-static ber_sequence_t PA_DATA_sequence[] = {
+static ber_old_sequence_t PA_DATA_sequence[] = {
{ BER_CLASS_CON, 1, 0, dissect_krb5_PA_DATA_type },
{ BER_CLASS_CON, 2, 0, dissect_krb5_PA_DATA_value },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_PA_DATA(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PA_DATA(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PA_DATA_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PA_DATA_sequence, -1, -1);
return offset;
}
* padata[3] SEQUENCE OF PA-DATA OPTIONAL,
*
*/
-static ber_sequence_t PA_DATA_sequence_of[1] = {
+static ber_old_sequence_t PA_DATA_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_PA_DATA },
};
static int
-dissect_krb5_padata(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_padata(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, PA_DATA_sequence_of, hf_krb_padata, ett_krb_padata);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, PA_DATA_sequence_of, hf_krb_padata, ett_krb_padata);
return offset;
}
};
static int
-dissect_krb5_TicketFlags(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_TicketFlags(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_bitstring32(FALSE, pinfo, tree, tvb, offset, TicketFlags_bits, hf_krb_TicketFlags, ett_krb_Ticket_Flags, NULL);
+ offset=dissect_ber_bitstring32(FALSE, actx, tree, tvb, offset, TicketFlags_bits, hf_krb_TicketFlags, ett_krb_Ticket_Flags, NULL);
return offset;
}
static guint32 keytype;
static int
-dissect_krb5_keytype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_keytype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_keytype, &keytype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_keytype, &keytype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(keytype, krb5_encryption_types,
static int keylength;
static const guint8 *keyvalue;
static int
-store_keyvalue(packet_info *pinfo _U_, proto_tree *tree _U_, tvbuff_t *tvb, int offset)
+store_keyvalue(proto_tree *tree _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
keylength=tvb_length_remaining(tvb, offset);
keyvalue=tvb_get_ptr(tvb, offset, keylength);
return 0;
}
static int
-dissect_krb5_keyvalue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_keyvalue(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_keyvalue, store_keyvalue);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_keyvalue, store_keyvalue);
return offset;
}
* keytype [0] int32
* keyvalue [1] octet string
*/
-static ber_sequence_t EncryptionKey_sequence[] = {
+static ber_old_sequence_t EncryptionKey_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_keytype },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_key(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_key(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncryptionKey_sequence, hf_krb_key, ett_krb_key);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncryptionKey_sequence, hf_krb_key, ett_krb_key);
#ifdef HAVE_KERBEROS
- add_encryption_key(pinfo, keytype, keylength, keyvalue, "key");
+ add_encryption_key(actx->pinfo, keytype, keylength, keyvalue, "key");
#endif
return offset;
}
static int
-dissect_krb5_subkey(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_subkey(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncryptionKey_sequence, hf_krb_subkey, ett_krb_subkey);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncryptionKey_sequence, hf_krb_subkey, ett_krb_subkey);
#ifdef HAVE_KERBEROS
- add_encryption_key(pinfo, keytype, keylength, keyvalue, "subkey");
+ add_encryption_key(actx->pinfo, keytype, keylength, keyvalue, "subkey");
#endif
return offset;
}
+static int
+dissect_krb5_PAC_DREP(proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 *drep)
+{
+ proto_item *item=NULL;
+ proto_tree *tree=NULL;
+ guint8 val;
+
+ if(parent_tree){
+ item=proto_tree_add_text(parent_tree, tvb, offset, 16, "DREP");
+ tree=proto_item_add_subtree(item, ett_krb_PAC_DREP);
+ }
+
+ val = tvb_get_guint8(tvb, offset);
+ proto_tree_add_uint(tree, hf_dcerpc_drep_byteorder, tvb, offset, 1, val>>4);
+
+ offset++;
+
+ if (drep) {
+ *drep = val;
+ }
+
+ return offset;
+}
/* This might be some sort of header that MIDL generates when creating
* marshalling/unmarshalling code for blobs that are not to be transported
* endianess and similar are not available.
*/
static int
-dissect_krb5_PAC_NDRHEADERBLOB(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_NDRHEADERBLOB(proto_tree *parent_tree, tvbuff_t *tvb, int offset, guint8 *drep, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
if(parent_tree){
- item=proto_tree_add_text(parent_tree, tvb, offset, 16, "unknown MIDL blob");
+ item=proto_tree_add_text(parent_tree, tvb, offset, 16, "MES header");
tree=proto_item_add_subtree(item, ett_krb_PAC_MIDL_BLOB);
}
- proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
- TRUE);
- offset += 4;
- proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
- TRUE);
- offset += 4;
+ /* modified DREP field that is used for stuff that is transporetd ontop
+ of non dcerpc
+ */
+ proto_tree_add_item(tree, hf_krb_midl_version, tvb, offset, 1, TRUE);
+ offset++;
- /* length of blob that follows */
- proto_tree_add_item(tree, hf_krb_midl_blob_len, tvb, offset, 4,
- TRUE);
- offset += 4;
+ offset = dissect_krb5_PAC_DREP(tree, tvb, offset, drep);
- proto_tree_add_item(tree, hf_krb_smb_unknown, tvb, offset, 4,
+
+ proto_tree_add_item(tree, hf_krb_midl_hdr_len, tvb, offset, 2, TRUE);
+ offset+=2;
+
+ proto_tree_add_item(tree, hf_krb_midl_fill_bytes, tvb, offset, 4,
TRUE);
offset += 4;
+ /* length of blob that follows */
+ proto_tree_add_item(tree, hf_krb_midl_blob_len, tvb, offset, 8,
+ TRUE);
+ offset += 8;
return offset;
}
static int
-dissect_krb5_PAC_LOGON_INFO(packet_info *pinfo, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_LOGON_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
/* skip the first 16 bytes, they are some magic created by the idl
* compiler the first 4 bytes might be flags?
*/
- offset=dissect_krb5_PAC_NDRHEADERBLOB(pinfo, tree, tvb, offset);
+ offset=dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
/* the PAC_LOGON_INFO blob */
/* fake whatever state the dcerpc runtime support needs */
di.conformant_run=0;
di.call_data=NULL;
- old_private_data=pinfo->private_data;
- pinfo->private_data=&di;
- init_ndr_pointer_list(pinfo);
- offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+ old_private_data=actx->pinfo->private_data;
+ actx->pinfo->private_data=&di;
+ init_ndr_pointer_list(actx->pinfo);
+ offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, drep,
netlogon_dissect_PAC_LOGON_INFO, NDR_POINTER_UNIQUE,
"PAC_LOGON_INFO:", -1);
- pinfo->private_data=old_private_data;
+ actx->pinfo->private_data=old_private_data;
return offset;
}
static int
-dissect_krb5_PAC_CONSTRAINED_DELEGATION(packet_info *pinfo, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_CONSTRAINED_DELEGATION(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
/* skip the first 16 bytes, they are some magic created by the idl
* compiler the first 4 bytes might be flags?
*/
- offset=dissect_krb5_PAC_NDRHEADERBLOB(pinfo, tree, tvb, offset);
+ offset=dissect_krb5_PAC_NDRHEADERBLOB(tree, tvb, offset, &drep[0], actx);
/* the PAC_CONSTRAINED_DELEGATION blob */
/* fake whatever state the dcerpc runtime support needs */
di.conformant_run=0;
di.call_data=NULL;
- old_private_data=pinfo->private_data;
- pinfo->private_data=&di;
- init_ndr_pointer_list(pinfo);
- offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
+ old_private_data=actx->pinfo->private_data;
+ actx->pinfo->private_data=&di;
+ init_ndr_pointer_list(actx->pinfo);
+ offset = dissect_ndr_pointer(tvb, offset, actx->pinfo, tree, drep,
netlogon_dissect_PAC_CONSTRAINED_DELEGATION, NDR_POINTER_UNIQUE,
"PAC_CONSTRAINED_DELEGATION:", -1);
- pinfo->private_data=old_private_data;
+ actx->pinfo->private_data=old_private_data;
+
+ return offset;
+}
+
+static int
+dissect_krb5_PAC_UPN_DNS_INFO(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+ proto_item *item=NULL;
+ proto_tree *tree=NULL;
+ guint16 dns_offset, dns_len;
+ guint16 upn_offset, upn_len;
+ const char *dn;
+ int dn_len;
+ guint16 bc;
+
+ item=proto_tree_add_item(parent_tree, hf_krb_PAC_UPN_DNS_INFO, tvb, offset, tvb_length_remaining(tvb, offset), FALSE);
+ if(parent_tree){
+ tree=proto_item_add_subtree(item, ett_krb_PAC_UPN_DNS_INFO);
+ }
+
+ /* upn */
+ upn_len = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(tree, hf_krb_pac_upn_upn_len, tvb, offset, 2, TRUE);
+ offset+=2;
+ upn_offset = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(tree, hf_krb_pac_upn_upn_offset, tvb, offset, 2, TRUE);
+ offset+=2;
+
+ /* dns */
+ dns_len = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(tree, hf_krb_pac_upn_dns_len, tvb, offset, 2, TRUE);
+ offset+=2;
+ dns_offset = tvb_get_letohs(tvb, offset);
+ proto_tree_add_item(tree, hf_krb_pac_upn_dns_offset, tvb, offset, 2, TRUE);
+ offset+=2;
+
+ /* flags */
+ proto_tree_add_item(tree, hf_krb_pac_upn_flags, tvb, offset, 4, TRUE);
+
+ /* upn */
+ offset = upn_offset;
+ dn_len = upn_len;
+ bc = tvb_length_remaining(tvb, offset);
+ dn = get_unicode_or_ascii_string(tvb, &offset,
+ TRUE, &dn_len, TRUE, TRUE, &bc);
+ proto_tree_add_string(tree, hf_krb_pac_upn_upn_name, tvb, upn_offset, upn_len, dn);
+
+ /* dns */
+ offset = dns_offset;
+ dn_len = dns_len;
+ bc = tvb_length_remaining(tvb, offset);
+ dn = get_unicode_or_ascii_string(tvb, &offset,
+ TRUE, &dn_len, TRUE, TRUE, &bc);
+ proto_tree_add_string(tree, hf_krb_pac_upn_dns_name, tvb, dns_offset, dns_len, dn);
return offset;
}
static int
-dissect_krb5_PAC_CREDENTIAL_TYPE(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_CREDENTIAL_TYPE(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
}
static int
-dissect_krb5_PAC_SERVER_CHECKSUM(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_SERVER_CHECKSUM(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
}
static int
-dissect_krb5_PAC_PRIVSVR_CHECKSUM(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_PRIVSVR_CHECKSUM(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
}
static int
-dissect_krb5_PAC_CLIENT_INFO_TYPE(packet_info *pinfo _U_, proto_tree *parent_tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PAC_CLIENT_INFO_TYPE(proto_tree *parent_tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
}
static int
-dissect_krb5_AD_WIN2K_PAC_struct(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AD_WIN2K_PAC_struct(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint32 pac_type;
guint32 pac_size;
next_tvb=tvb_new_subset(tvb, pac_offset, pac_size, pac_size);
switch(pac_type){
case PAC_LOGON_INFO:
- dissect_krb5_PAC_LOGON_INFO(pinfo, tr, next_tvb, 0);
+ dissect_krb5_PAC_LOGON_INFO(tr, next_tvb, 0, actx);
break;
case PAC_CREDENTIAL_TYPE:
- dissect_krb5_PAC_CREDENTIAL_TYPE(pinfo, tr, next_tvb, 0);
+ dissect_krb5_PAC_CREDENTIAL_TYPE(tr, next_tvb, 0, actx);
break;
case PAC_SERVER_CHECKSUM:
- dissect_krb5_PAC_SERVER_CHECKSUM(pinfo, tr, next_tvb, 0);
+ dissect_krb5_PAC_SERVER_CHECKSUM(tr, next_tvb, 0, actx);
break;
case PAC_PRIVSVR_CHECKSUM:
- dissect_krb5_PAC_PRIVSVR_CHECKSUM(pinfo, tr, next_tvb, 0);
+ dissect_krb5_PAC_PRIVSVR_CHECKSUM(tr, next_tvb, 0, actx);
break;
case PAC_CLIENT_INFO_TYPE:
- dissect_krb5_PAC_CLIENT_INFO_TYPE(pinfo, tr, next_tvb, 0);
+ dissect_krb5_PAC_CLIENT_INFO_TYPE(tr, next_tvb, 0, actx);
break;
case PAC_CONSTRAINED_DELEGATION:
- dissect_krb5_PAC_CONSTRAINED_DELEGATION(pinfo, tr, next_tvb, 0);
+ dissect_krb5_PAC_CONSTRAINED_DELEGATION(tr, next_tvb, 0, actx);
+ break;
+ case PAC_UPN_DNS_INFO:
+ dissect_krb5_PAC_UPN_DNS_INFO(tr, next_tvb, 0, actx);
break;
+
default:;
/*qqq*/
}
}
static int
-dissect_krb5_AD_WIN2K_PAC(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AD_WIN2K_PAC(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint32 entries;
guint32 version;
offset += 4;
for(i=0;i<entries;i++){
- offset=dissect_krb5_AD_WIN2K_PAC_struct(pinfo, tree, tvb, offset);
+ offset=dissect_krb5_AD_WIN2K_PAC_struct(tree, tvb, offset, actx);
}
return offset;
}
+
+int dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx);
+
+static ber_old_sequence_t AD_SIGNTICKET_sequence[] = {
+ { BER_CLASS_CON, 0, 0,
+ dissect_krb5_etype },
+ { BER_CLASS_CON, 1, 0,
+ dissect_krb5_Checksum },
+ { 0, 0, 0, NULL }
+};
+
+/* first seen in traces from vista */
+static int
+dissect_krb5_AD_SIGNTICKET(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx)
+{
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, AD_SIGNTICKET_sequence, -1, -1);
+
+ return offset;
+}
+
static guint32 IF_RELEVANT_type;
static int
-dissect_krb5_IF_RELEVANT_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_IF_RELEVANT_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_IF_RELEVANT_type, &IF_RELEVANT_type);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_IF_RELEVANT_type, &IF_RELEVANT_type);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(IF_RELEVANT_type, krb5_ad_types,
return offset;
}
static int
-dissect_krb5_IF_RELEVANT_value(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_IF_RELEVANT_value(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
switch(IF_RELEVANT_type){
case KRB5_AD_WIN2K_PAC:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_advalue, dissect_krb5_AD_WIN2K_PAC);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_advalue, dissect_krb5_AD_WIN2K_PAC);
+ break;
+ case KRB5_AD_SIGNTICKET:
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_advalue, dissect_krb5_AD_SIGNTICKET);
break;
default:
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_IF_RELEVANT_value, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_IF_RELEVANT_value, NULL);
}
return offset;
}
-static ber_sequence_t IF_RELEVANT_item_sequence[] = {
+static ber_old_sequence_t IF_RELEVANT_item_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_IF_RELEVANT_type },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_IF_RELEVANT_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_IF_RELEVANT_item(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, IF_RELEVANT_item_sequence, hf_krb_IF_RELEVANT, ett_krb_IF_RELEVANT);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, IF_RELEVANT_item_sequence, hf_krb_IF_RELEVANT, ett_krb_IF_RELEVANT);
return offset;
}
-static ber_sequence_t IF_RELEVANT_sequence_of[1] = {
+static ber_old_sequence_t IF_RELEVANT_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_IF_RELEVANT_item },
};
static int
-dissect_krb5_IF_RELEVANT(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_IF_RELEVANT(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, IF_RELEVANT_sequence_of, -1, -1);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, IF_RELEVANT_sequence_of, -1, -1);
return offset;
}
static guint32 adtype;
static int
-dissect_krb5_adtype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_adtype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_adtype, &adtype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_adtype, &adtype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(adtype, krb5_ad_types,
return offset;
}
static int
-dissect_krb5_advalue(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_advalue(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
switch(adtype){
case KRB5_AD_IF_RELEVANT:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_advalue, dissect_krb5_IF_RELEVANT);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_advalue, dissect_krb5_IF_RELEVANT);
break;
default:
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_advalue, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_advalue, NULL);
}
return offset;
}
* ad-type [0] int32
* ad-data [1] octet string
*/
-static ber_sequence_t AuthorizationData_item_sequence[] = {
+static ber_old_sequence_t AuthorizationData_item_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_adtype },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_AuthorizationData_item(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AuthorizationData_item(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, AuthorizationData_item_sequence, hf_krb_AuthorizationData, ett_krb_AuthorizationData);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, AuthorizationData_item_sequence, hf_krb_AuthorizationData, ett_krb_AuthorizationData);
return offset;
}
-static ber_sequence_t AuthorizationData_sequence_of[1] = {
+static ber_old_sequence_t AuthorizationData_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_AuthorizationData_item },
};
static int
-dissect_krb5_AuthorizationData(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AuthorizationData(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, AuthorizationData_sequence_of, -1, -1);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, AuthorizationData_sequence_of, -1, -1);
return offset;
}
static int
-dissect_krb5_transited_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_transited_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint32 trtype;
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_transitedtype, &trtype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_transitedtype, &trtype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(trtype, krb5_transited_types,
}
static int
-dissect_krb5_transited_contents(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_transited_contents(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_transitedcontents, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_transitedcontents, NULL);
return offset;
}
* tr-type [0] int32
* contents [1] octet string
*/
-static ber_sequence_t TransitedEncoding_sequence[] = {
+static ber_old_sequence_t TransitedEncoding_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_transited_type },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_transited(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_transited(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, TransitedEncoding_sequence, hf_krb_TransitedEncoding, ett_krb_TransitedEncoding);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, TransitedEncoding_sequence, hf_krb_TransitedEncoding, ett_krb_TransitedEncoding);
return offset;
}
static int
-dissect_krb5_authtime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_authtime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_authtime);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_authtime);
return offset;
}
static int
-dissect_krb5_starttime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_starttime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_starttime);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_starttime);
return offset;
}
static int
-dissect_krb5_endtime(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_endtime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_endtime);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_endtime);
return offset;
}
static int
-dissect_krb5_renew_till(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_renew_till(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_renew_till);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_renew_till);
return offset;
}
* authorization-data [10] AuthorizationData OPTIONAL
* }
*/
-static ber_sequence_t EncTicketPart_sequence[] = {
+static ber_old_sequence_t EncTicketPart_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_TicketFlags },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_EncTicketPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_EncTicketPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncTicketPart_sequence, hf_krb_EncTicketPart, ett_krb_EncTicketPart);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncTicketPart_sequence, hf_krb_EncTicketPart, ett_krb_EncTicketPart);
return offset;
}
* seq-number [3] uint32 OPTIONAL
* }
*/
-static ber_sequence_t EncAPRepPart_sequence[] = {
+static ber_old_sequence_t EncAPRepPart_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_ctime },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_EncAPRepPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_EncAPRepPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncAPRepPart_sequence, hf_krb_EncAPRepPart, ett_krb_EncAPRepPart);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncAPRepPart_sequence, hf_krb_EncAPRepPart, ett_krb_EncAPRepPart);
return offset;
}
{ 0, NULL }
};
static int
-dissect_krb5_lr_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_lr_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_lr_type, &lr_type);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_lr_type, &lr_type);
return offset;
}
static int
-dissect_krb5_lr_value(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_lr_value(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_lr_time);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_lr_time);
return offset;
}
-static ber_sequence_t LastReq_sequence[] = {
+static ber_old_sequence_t LastReq_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_lr_type },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_LastReq(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_LastReq(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, LastReq_sequence, hf_krb_LastReq, ett_krb_LastReq);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, LastReq_sequence, hf_krb_LastReq, ett_krb_LastReq);
return offset;
}
-static ber_sequence_t LastReq_sequence_of[1] = {
+static ber_old_sequence_t LastReq_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_LastReq },
};
static int
-dissect_krb5_LastReq_sequence_of(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_LastReq_sequence_of(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, LastReq_sequence_of, hf_krb_LastReqs, ett_krb_LastReqs);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, LastReq_sequence_of, hf_krb_LastReqs, ett_krb_LastReqs);
return offset;
}
static int
-dissect_krb5_key_expiration(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_key_expiration(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_key_expire);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_key_expire);
return offset;
}
-static ber_sequence_t EncKDCRepPart_sequence[] = {
+static ber_old_sequence_t EncKDCRepPart_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_key },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_EncKDCRepPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_EncKDCRepPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncKDCRepPart_sequence, hf_krb_EncKDCRepPart, ett_krb_EncKDCRepPart);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncKDCRepPart_sequence, hf_krb_EncKDCRepPart, ett_krb_EncKDCRepPart);
return offset;
}
static int
-dissect_krb5_authenticator_vno(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_authenticator_vno(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_authenticator_vno, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_authenticator_vno, NULL);
return offset;
}
/* Dissect a GSSAPI checksum as per RFC1964. This is NOT ASN.1 encoded.
*/
static int
-dissect_krb5_rfc1964_checksum(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb)
+dissect_krb5_rfc1964_checksum(asn1_ctx_t *actx _U_, proto_tree *tree, tvbuff_t *tvb)
{
int offset=0;
guint32 len;
}
/* this should now be a KRB_CRED message */
- offset=dissect_ber_choice(pinfo, tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
return offset;
static guint32 checksum_type;
static int
-dissect_krb5_checksum_type(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_checksum_type(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_checksum_type, &checksum_type);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_checksum_type, &checksum_type);
return offset;
}
static int
-dissect_krb5_checksum_checksum(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_checksum_checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
tvbuff_t *next_tvb;
switch(checksum_type){
case KRB5_CHKSUM_GSSAPI:
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_checksum_checksum, &next_tvb);
- dissect_krb5_rfc1964_checksum(pinfo, tree, next_tvb);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_checksum_checksum, &next_tvb);
+ dissect_krb5_rfc1964_checksum(actx, tree, next_tvb);
break;
default:
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_checksum_checksum, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_checksum_checksum, NULL);
}
return offset;
}
* Checksum ::= SEQUENCE {
* }
*/
-static ber_sequence_t Checksum_sequence[] = {
+static ber_old_sequence_t Checksum_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_checksum_type },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
int
-dissect_krb5_Checksum(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, Checksum_sequence, hf_krb_Checksum, ett_krb_Checksum);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, Checksum_sequence, hf_krb_Checksum, ett_krb_Checksum);
return offset;
}
* authorization-data [8] AuthorizationData OPTIONAL
* }
*/
-static ber_sequence_t Authenticator_sequence[] = {
+static ber_old_sequence_t Authenticator_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_authenticator_vno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_Authenticator(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_Authenticator(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, Authenticator_sequence, hf_krb_Authenticator, ett_krb_Authenticator);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, Authenticator_sequence, hf_krb_Authenticator, ett_krb_Authenticator);
return offset;
}
static int
-dissect_krb5_PRIV_BODY_user_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PRIV_BODY_user_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
tvbuff_t *new_tvb;
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_PRIV_BODY_user_data, &new_tvb);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_PRIV_BODY_user_data, &new_tvb);
if (new_tvb)
- call_kerberos_callbacks(pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA);
+ call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA);
return offset;
}
-static ber_sequence_t EncKrbPrivPart_sequence[] = {
+static ber_old_sequence_t EncKrbPrivPart_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_PRIV_BODY_user_data },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_EncKrbPrivPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_EncKrbPrivPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncKrbPrivPart_sequence, hf_krb_EncKrbPrivPart, ett_krb_EncKrbPrivPart);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncKrbPrivPart_sequence, hf_krb_EncKrbPrivPart, ett_krb_EncKrbPrivPart);
return offset;
}
static guint32 PRIV_etype;
static int
-dissect_krb5_PRIV_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PRIV_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &PRIV_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &PRIV_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(PRIV_etype, krb5_encryption_types,
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_decrypt_PRIV (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_PRIV (proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext=NULL;
int length;
length=tvb_length_remaining(tvb, offset);
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 13, length, tvb_get_ptr(tvb, offset, length), PRIV_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, length, tvb_get_ptr(tvb, offset, length), PRIV_etype);
}
if(plaintext){
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
- offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
}
return offset;
* }
*/
static int
-dissect_krb5_encrypted_PRIV(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_PRIV(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PRIV, dissect_krb5_decrypt_PRIV);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_PRIV, dissect_krb5_decrypt_PRIV);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_PRIV, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_PRIV, NULL);
#endif
return offset;
}
-static ber_sequence_t ENC_PRIV_sequence[] = {
+static ber_old_sequence_t ENC_PRIV_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_PRIV_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_ENC_PRIV(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_ENC_PRIV(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, ENC_PRIV_sequence, hf_krb_ENC_PRIV, ett_krb_PRIV_enc);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, ENC_PRIV_sequence, hf_krb_ENC_PRIV, ett_krb_PRIV_enc);
return offset;
}
-static ber_sequence_t PRIV_BODY_sequence[] = {
+static ber_old_sequence_t PRIV_BODY_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_PRIV(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_PRIV(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PRIV_BODY_sequence, hf_krb_PRIV_BODY, ett_krb_PRIV);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, PRIV_BODY_sequence, hf_krb_PRIV_BODY, ett_krb_PRIV);
return offset;
}
static guint32 EncKrbCredPart_etype;
static int
-dissect_krb5_EncKrbCredPart_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_EncKrbCredPart_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &EncKrbCredPart_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &EncKrbCredPart_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(EncKrbCredPart_etype, krb5_encryption_types,
-static ber_sequence_t KrbCredInfo_sequence[] = {
+static ber_old_sequence_t KrbCredInfo_sequence[] = {
{ BER_CLASS_CON, 0, 0, dissect_krb5_key },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_krb5_prealm },
{ BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_krb5_pname },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_KrbCredInfo(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KrbCredInfo(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, KrbCredInfo_sequence, hf_krb_KrbCredInfo, ett_krb_KrbCredInfo);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, KrbCredInfo_sequence, hf_krb_KrbCredInfo, ett_krb_KrbCredInfo);
return offset;
}
-static ber_sequence_t KrbCredInfo_sequence_of[1] = {
+static ber_old_sequence_t KrbCredInfo_sequence_of[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_KrbCredInfo },
};
static int
-dissect_krb5_KrbCredInfo_sequence_of(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KrbCredInfo_sequence_of(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, KrbCredInfo_sequence_of, hf_krb_KrbCredInfos, ett_krb_KrbCredInfos);
+ offset=dissect_ber_old_sequence_of(FALSE, actx, tree, tvb, offset, KrbCredInfo_sequence_of, hf_krb_KrbCredInfos, ett_krb_KrbCredInfos);
return offset;
}
-static const ber_sequence_t EncKrbCredPart_sequence[] = {
+static const ber_old_sequence_t EncKrbCredPart_sequence[] = {
{ BER_CLASS_CON, 0, 0, dissect_krb5_KrbCredInfo_sequence_of },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_krb5_nonce },
{ BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_krb5_ctime },
};
static int
-dissect_krb5_EncKrbCredPart(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_EncKrbCredPart(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, EncKrbCredPart_sequence, hf_krb_EncKrbCredPart, ett_krb_EncKrbCredPart);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, EncKrbCredPart_sequence, hf_krb_EncKrbCredPart, ett_krb_EncKrbCredPart);
return offset;
}
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_decrypt_EncKrbCredPart (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_EncKrbCredPart (proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext=NULL;
int length;
* == 14
*/
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 14, length, tvb_get_ptr(tvb, offset, length), EncKrbCredPart_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, length, tvb_get_ptr(tvb, offset, length), EncKrbCredPart_etype);
}
if(plaintext){
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "EncKrbCredPart");
+ add_new_data_source(actx->pinfo, next_tvb, "EncKrbCredPart");
- offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
}
return offset;
}
#endif
static int
-dissect_krb5_encrypted_CRED_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_CRED_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_EncKrbCredPart, dissect_krb5_decrypt_EncKrbCredPart);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_EncKrbCredPart, dissect_krb5_decrypt_EncKrbCredPart);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_EncKrbCredPart, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_EncKrbCredPart, NULL);
#endif
return offset;
}
-static ber_sequence_t encrypted_CRED_sequence[] = {
+static ber_old_sequence_t encrypted_CRED_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_EncKrbCredPart_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_encrypted_CRED(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_CRED(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, encrypted_CRED_sequence, hf_krb_CRED_enc, ett_krb_CRED_enc);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, encrypted_CRED_sequence, hf_krb_CRED_enc, ett_krb_CRED_enc);
return offset;
}
-static ber_sequence_t CRED_BODY_sequence[] = {
+static ber_old_sequence_t CRED_BODY_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_CRED(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_CRED(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, CRED_BODY_sequence, hf_krb_CRED_BODY, ett_krb_CRED);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, CRED_BODY_sequence, hf_krb_CRED_BODY, ett_krb_CRED);
return offset;
}
static int
-dissect_krb5_SAFE_BODY_user_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_SAFE_BODY_user_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
tvbuff_t *new_tvb;
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_SAFE_BODY_user_data, &new_tvb);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_SAFE_BODY_user_data, &new_tvb);
if (new_tvb)
- call_kerberos_callbacks(pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA);
+ call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA);
return offset;
}
static int
-dissect_krb5_SAFE_BODY_timestamp(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_SAFE_BODY_timestamp(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralizedTime(FALSE, pinfo, tree, tvb, offset, hf_krb_SAFE_BODY_timestamp);
+ offset=dissect_ber_GeneralizedTime(FALSE, actx, tree, tvb, offset, hf_krb_SAFE_BODY_timestamp);
return offset;
}
static int
-dissect_krb5_SAFE_BODY_usec(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_SAFE_BODY_usec(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_SAFE_BODY_usec, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_SAFE_BODY_usec, NULL);
return offset;
}
-static ber_sequence_t SAFE_BODY_sequence[] = {
+static ber_old_sequence_t SAFE_BODY_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_SAFE_BODY_user_data },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_SAFE_BODY(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_SAFE_BODY(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, SAFE_BODY_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, SAFE_BODY_sequence, -1, -1);
return offset;
}
-static ber_sequence_t SAFE_sequence[] = {
+static ber_old_sequence_t SAFE_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_SAFE(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_SAFE(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, SAFE_sequence, -1, -1);
+
+ return offset;
+}
+
+#ifdef HAVE_KERBEROS
+static guint32 enc_authorization_data_etype;
+
+static int
+dissect_krb5_decrypt_enc_authorization_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
+ guint8 *plaintext=NULL;
+ int length;
+
+ length=tvb_length_remaining(tvb, offset);
+
+ /*
+ RFC 4120 : 5.4.1
+ The key usage value used when encrypting is 5
+ if a sub-session key is used, or 4 if the session key is used.
+ */
+ if(!plaintext){
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 4, length, tvb_get_ptr(tvb, offset, length), enc_authorization_data_etype);
+ }
+ if(!plaintext){
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 5, length, tvb_get_ptr(tvb, offset, length), enc_authorization_data_etype);
+ }
+
+ if(plaintext){
+ tvbuff_t *next_tvb;
+ next_tvb = tvb_new_real_data (plaintext,
+ length,
+ length);
+ tvb_set_free_cb(next_tvb, g_free);
+ tvb_set_child_real_data_tvbuff(tvb, next_tvb);
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, SAFE_sequence, -1, -1);
+ /* Add the decrypted data to the data source list. */
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
+
+
+ proto_tree_add_text(tree, next_tvb, 0, length, "AtuhorizationData for TGS_REQ not implemented yet");
+
+ }
+ return offset;
+}
+#endif
+static int
+dissect_krb5_encrypted_enc_authorization_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+#ifdef HAVE_KERBEROS
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_enc_authorization_data, dissect_krb5_decrypt_enc_authorization_data);
+#else
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_enc_authorization_data, NULL);
+#endif
+ return offset;
+}
+
+static int
+dissect_krb5_enc_authorization_data_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+#ifndef HAVE_KERBEROS
+ guint32 enc_authorization_data_etype;
+#endif
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &enc_authorization_data_etype);
+ if(tree){
+ proto_item_append_text(tree, " %s",
+ val_to_str(enc_authorization_data_etype, krb5_encryption_types,
+ "%#x"));
+ }
return offset;
}
+static ber_old_sequence_t enc_authorization_data_sequence[] = {
+ { BER_CLASS_CON, 0, 0,
+ dissect_krb5_enc_authorization_data_etype },
+ { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
+ dissect_krb5_kvno },
+ { BER_CLASS_CON, 2, 0,
+ dissect_krb5_encrypted_enc_authorization_data },
+ { 0, 0, 0, NULL }
+};
+static int
+dissect_krb5_enc_authorization_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
+{
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, enc_authorization_data_sequence, -1, -1);
+ return offset;
+}
/*
* KDC-REQ-BODY ::= SEQUENCE {
* }
*
*/
-static ber_sequence_t KDC_REQ_BODY_sequence[] = {
+static ber_old_sequence_t KDC_REQ_BODY_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_KDCOptions },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
dissect_krb5_etype_sequence_of },
{ BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL,
dissect_krb5_HostAddresses },
-/* XXX [10] enc-authorization-data should be added */
+ { BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL,
+ dissect_krb5_enc_authorization_data },
{ BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL,
dissect_krb5_sq_tickets },
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_KDC_REQ_BODY(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KDC_REQ_BODY(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
conversation_t *conversation;
* Ref: Section 7.2.1 of
* http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
*/
- if (pinfo->destport == UDP_PORT_KERBEROS && pinfo->ptype == PT_UDP) {
- conversation = find_conversation(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
- pinfo->srcport, 0, NO_PORT_B);
+ if (actx->pinfo->destport == UDP_PORT_KERBEROS && actx->pinfo->ptype == PT_UDP) {
+ conversation = find_conversation(actx->pinfo->fd->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
+ actx->pinfo->srcport, 0, NO_PORT_B);
if (conversation == NULL) {
- conversation = conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, PT_UDP,
- pinfo->srcport, 0, NO_PORT2);
+ conversation = conversation_new(actx->pinfo->fd->num, &actx->pinfo->src, &actx->pinfo->dst, PT_UDP,
+ actx->pinfo->srcport, 0, NO_PORT2);
conversation_set_dissector(conversation, kerberos_handle_udp);
}
}
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, KDC_REQ_BODY_sequence, hf_krb_KDC_REQ_BODY, ett_krb_request);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, KDC_REQ_BODY_sequence, hf_krb_KDC_REQ_BODY, ett_krb_request);
return offset;
}
* req-body[4] KDC-REQ-BODY
* }
*/
-static ber_sequence_t KDC_REQ_sequence[] = {
+static ber_old_sequence_t KDC_REQ_sequence[] = {
{ BER_CLASS_CON, 1, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 2, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_KDC_REQ(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KDC_REQ(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, KDC_REQ_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, KDC_REQ_sequence, -1, -1);
return offset;
}
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_decrypt_authenticator_data (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_authenticator_data (proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext=NULL;
int length;
* == 11
*/
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 7, length, tvb_get_ptr(tvb, offset, length), authenticator_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, length, tvb_get_ptr(tvb, offset, length), authenticator_etype);
}
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 11, length, tvb_get_ptr(tvb, offset, length), authenticator_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, length, tvb_get_ptr(tvb, offset, length), authenticator_etype);
}
if(plaintext){
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
- offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
}
return offset;
* }
*/
static int
-dissect_krb5_encrypted_authenticator_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_authenticator_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_authenticator_data, dissect_krb5_decrypt_authenticator_data);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_authenticator_data, dissect_krb5_decrypt_authenticator_data);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_authenticator_data, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_authenticator_data, NULL);
#endif
return offset;
}
-static ber_sequence_t encrypted_authenticator_sequence[] = {
+static ber_old_sequence_t encrypted_authenticator_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_authenticator_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_encrypted_authenticator(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_authenticator(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, encrypted_authenticator_sequence, hf_krb_authenticator_enc, ett_krb_authenticator_enc);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, encrypted_authenticator_sequence, hf_krb_authenticator_enc, ett_krb_authenticator_enc);
return offset;
}
static int
-dissect_krb5_tkt_vno(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_tkt_vno(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_tkt_vno, NULL);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_tkt_vno, NULL);
return offset;
}
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_decrypt_Ticket_data (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_Ticket_data (proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext;
int length;
* 7.5.1
* All Ticket encrypted parts use usage == 2
*/
- if( (plaintext=decrypt_krb5_data(tree, pinfo, 2, length, tvb_get_ptr(tvb, offset, length), Ticket_etype)) ){
+ if( (plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, length, tvb_get_ptr(tvb, offset, length), Ticket_etype)) ){
tvbuff_t *next_tvb;
next_tvb = tvb_new_real_data (plaintext,
length,
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
- offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
}
return offset;
#endif
static int
-dissect_krb5_encrypted_Ticket_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_Ticket_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_Ticket_data, dissect_krb5_decrypt_Ticket_data);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_Ticket_data, dissect_krb5_decrypt_Ticket_data);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_Ticket_data, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_Ticket_data, NULL);
#endif
return offset;
}
-static ber_sequence_t encrypted_Ticket_sequence[] = {
+static ber_old_sequence_t encrypted_Ticket_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_Ticket_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_Ticket_encrypted(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_Ticket_encrypted(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, encrypted_Ticket_sequence, hf_krb_ticket_enc, ett_krb_ticket_enc);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, encrypted_Ticket_sequence, hf_krb_ticket_enc, ett_krb_ticket_enc);
return offset;
}
-static ber_sequence_t Application_1_sequence[] = {
+static ber_old_sequence_t Application_1_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_tkt_vno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_Application_1(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_Application_1(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, Application_1_sequence, hf_krb_ticket, ett_krb_ticket);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, Application_1_sequence, hf_krb_ticket, ett_krb_ticket);
return offset;
}
-static const ber_choice_t Ticket_choice[] = {
+static const ber_old_choice_t Ticket_choice[] = {
{ 1, BER_CLASS_APP, 1, 0,
dissect_krb5_Application_1 },
{ 0, 0, 0, 0, NULL }
};
static int
-dissect_krb5_Ticket(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_Ticket(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_choice(pinfo, tree, tvb, offset, Ticket_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, tvb, offset, Ticket_choice, -1, -1, NULL);
return offset;
}
* authenticator[4] EncryptedData
* }
*/
-static ber_sequence_t AP_REQ_sequence[] = {
+static ber_old_sequence_t AP_REQ_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_AP_REQ(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AP_REQ(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, AP_REQ_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, AP_REQ_sequence, -1, -1);
return offset;
}
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_decrypt_AP_REP_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_AP_REP_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext=NULL;
int length;
* == 11
*/
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 12, length, tvb_get_ptr(tvb, offset, length), AP_REP_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, length, tvb_get_ptr(tvb, offset, length), AP_REP_etype);
}
if(plaintext){
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
- offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
}
return offset;
static int
-dissect_krb5_encrypted_AP_REP_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_AP_REP_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_AP_REP_data, dissect_krb5_decrypt_AP_REP_data);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_AP_REP_data, dissect_krb5_decrypt_AP_REP_data);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_AP_REP_data, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_AP_REP_data, NULL);
#endif
return offset;
}
-static ber_sequence_t encrypted_AP_REP_sequence[] = {
+static ber_old_sequence_t encrypted_AP_REP_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_AP_REP_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_encrypted_AP_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_AP_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, encrypted_AP_REP_sequence, hf_krb_AP_REP_enc, ett_krb_AP_REP_enc);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, encrypted_AP_REP_sequence, hf_krb_AP_REP_enc, ett_krb_AP_REP_enc);
return offset;
}
* enc-part[2] EncryptedData
* }
*/
-static ber_sequence_t AP_REP_sequence[] = {
+static ber_old_sequence_t AP_REP_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_AP_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_AP_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, AP_REP_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, AP_REP_sequence, -1, -1);
return offset;
}
static guint32 KDC_REP_etype;
static int
-dissect_krb5_KDC_REP_etype(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KDC_REP_etype(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_krb_etype, &KDC_REP_etype);
+ offset=dissect_ber_integer(FALSE, actx, tree, tvb, offset, hf_krb_etype, &KDC_REP_etype);
if(tree){
proto_item_append_text(tree, " %s",
val_to_str(KDC_REP_etype, krb5_encryption_types,
#ifdef HAVE_KERBEROS
static int
-dissect_krb5_decrypt_KDC_REP_data (packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_decrypt_KDC_REP_data (proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
guint8 *plaintext=NULL;
int length;
* ASREP/TGSREP encryptedparts are encrypted with usage
* == 3 or
* == 8 or
- * == 9
+ * == 9
*/
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 3, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype);
}
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 8, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype);
}
if(!plaintext){
- plaintext=decrypt_krb5_data(tree, pinfo, 9, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype);
+ plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, length, tvb_get_ptr(tvb, offset, length), KDC_REP_etype);
}
if(plaintext){
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
/* Add the decrypted data to the data source list. */
- add_new_data_source(pinfo, next_tvb, "Decrypted Krb5");
+ add_new_data_source(actx->pinfo, next_tvb, "Decrypted Krb5");
- offset=dissect_ber_choice(pinfo, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(actx, tree, next_tvb, 0, kerberos_applications_choice, -1, -1, NULL);
}
return offset;
static int
-dissect_krb5_encrypted_KDC_REP_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_KDC_REP_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
#ifdef HAVE_KERBEROS
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, dissect_krb5_decrypt_KDC_REP_data);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, dissect_krb5_decrypt_KDC_REP_data);
#else
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, NULL);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_encrypted_KDC_REP_data, NULL);
#endif
return offset;
}
-static ber_sequence_t encrypted_KDC_REP_sequence[] = {
+static ber_old_sequence_t encrypted_KDC_REP_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_KDC_REP_etype },
{ BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_encrypted_KDC_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_encrypted_KDC_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, encrypted_KDC_REP_sequence, hf_krb_KDC_REP_enc, ett_krb_KDC_REP_enc);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, encrypted_KDC_REP_sequence, hf_krb_KDC_REP_enc, ett_krb_KDC_REP_enc);
return offset;
}
* enc-part[6] EncryptedData
* }
*/
-static ber_sequence_t KDC_REP_sequence[] = {
+static ber_old_sequence_t KDC_REP_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
static int
-dissect_krb5_KDC_REP(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_KDC_REP(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, KDC_REP_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, KDC_REP_sequence, -1, -1);
return offset;
}
static int
-dissect_krb5_e_text(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_e_text(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_e_text, NULL, 0);
+ offset=dissect_ber_GeneralString(actx, tree, tvb, offset, hf_krb_e_text, NULL, 0);
return offset;
}
static int
-dissect_krb5_e_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_e_data(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
switch(krb5_errorcode){
case KRB5_ET_KRB5KDC_ERR_BADOPTION:
/* ms windows kdc sends e-data of this type containing a "salt"
* that contains the nt_status code for these error codes.
*/
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_e_data, dissect_krb5_PA_DATA);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_e_data, dissect_krb5_PA_DATA);
break;
case KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED:
case KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED:
case KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP:
- offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset, hf_krb_e_data, dissect_krb5_padata);
+ offset=dissect_ber_old_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_krb_e_data, dissect_krb5_padata);
break;
default:
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_e_data, NULL);
+ offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_krb_e_data, NULL);
}
return offset;
}
* PacketCable still use.
*/
static int
-dissect_krb5_e_checksum(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_e_checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, Checksum_sequence, hf_krb_e_checksum, ett_krb_e_checksum);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, Checksum_sequence, hf_krb_e_checksum, ett_krb_e_checksum);
return offset;
}
* authentication method and optionally containing data for
* the method:
*/
-static ber_sequence_t ERROR_sequence[] = {
+static ber_old_sequence_t ERROR_sequence[] = {
{ BER_CLASS_CON, 0, 0,
dissect_krb5_pvno },
{ BER_CLASS_CON, 1, 0,
{ 0, 0, 0, NULL }
};
int
-dissect_krb5_ERROR(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
+dissect_krb5_ERROR(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_)
{
- offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, ERROR_sequence, -1, -1);
+ offset=dissect_ber_old_sequence(FALSE, actx, tree, tvb, offset, ERROR_sequence, -1, -1);
return offset;
}
All krb5 commands start with an APPL tag and thus is >=0x60
so if first byte is <=16 just blindly assume it is krb4 then
*/
- if(tvb_bytes_exist(tvb, 0, 1) && tvb_get_guint8(tvb, 0)<=0x10){
+ if(tvb_length(tvb) >= 1 && tvb_get_guint8(tvb, 0)<=0x10){
if(krb4_handle){
gboolean res;
gboolean dci, gboolean do_col_protocol, gboolean have_rm,
kerberos_callbacks *cb)
{
- int offset = 0;
- proto_tree *kerberos_tree = NULL;
- proto_item *item = NULL;
+ volatile int offset = 0;
+ proto_tree *volatile kerberos_tree = NULL;
+ proto_item *volatile item = NULL;
void *saved_private_data;
+ asn1_ctx_t asn1_ctx;
/* TCP record mark and length */
guint32 krb_rm = 0;
get_ber_identifier(tvb, offset, &tmp_class, &tmp_pc, &tmp_tag);
if(tmp_class!=BER_CLASS_APP){
+ pinfo->private_data=saved_private_data;
return 0;
}
switch(tmp_tag){
case KRB5_MSG_ERROR:
break;
default:
+ pinfo->private_data=saved_private_data;
return 0;
}
if (do_col_protocol) {
kerberos_tree = proto_item_add_subtree(item, ett_krb_kerberos);
}
}
+ asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
TRY {
- offset=dissect_ber_choice(pinfo, kerberos_tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
+ offset=dissect_ber_old_choice(&asn1_ctx, kerberos_tree, tvb, offset, kerberos_applications_choice, -1, -1, NULL);
} CATCH_ALL {
pinfo->private_data=saved_private_data;
RETHROW;
{ &hf_krb_address_ip, {
"IP Address", "kerberos.addr_ip", FT_IPv4, BASE_NONE,
NULL, 0, "IP Address", HFILL }},
+ { &hf_krb_address_ipv6, {
+ "IPv6 Address", "kerberos.addr_ipv6", FT_IPv6, BASE_NONE,
+ NULL, 0, "IPv6 Address", HFILL }},
{ &hf_krb_address_netbios, {
"NetBIOS Address", "kerberos.addr_nb", FT_STRING, BASE_NONE,
NULL, 0, "NetBIOS Address and type", HFILL }},
{ &hf_krb_e_text, {
"e-text", "kerberos.e_text", FT_STRING, BASE_NONE,
NULL, 0, "Additional (human readable) error description", HFILL }},
+ { &hf_krb_s4u2self_auth, {
+ "S4U2Self Auth", "kerberos.s4u2self.auth", FT_STRING, BASE_NONE,
+ NULL, 0, "S4U2Self authentication string", HFILL }},
{ &hf_krb_realm, {
"Realm", "kerberos.realm", FT_STRING, BASE_NONE,
NULL, 0, "Name of the Kerberos Realm", HFILL }},
{ &hf_krb_encrypted_PA_ENC_TIMESTAMP, {
"enc PA_ENC_TIMESTAMP", "kerberos.PA_ENC_TIMESTAMP.encrypted", FT_BYTES, BASE_HEX,
NULL, 0, "Encrypted PA-ENC-TIMESTAMP blob", HFILL }},
+ { &hf_krb_encrypted_enc_authorization_data, {
+ "enc-authorization-data", "kerberos.enc_authorization_data.encrypted", FT_BYTES, BASE_HEX,
+ NULL, 0, "", HFILL }},
{ &hf_krb_PAC_LOGON_INFO, {
"PAC_LOGON_INFO", "kerberos.PAC_LOGON_INFO", FT_BYTES, BASE_HEX,
NULL, 0, "PAC_LOGON_INFO structure", HFILL }},
{ &hf_krb_PAC_CONSTRAINED_DELEGATION, {
"PAC_CONSTRAINED_DELEGATION", "kerberos.PAC_CONSTRAINED_DELEGATION", FT_BYTES, BASE_HEX,
NULL, 0, "PAC_CONSTRAINED_DELEGATION structure", HFILL }},
+ { &hf_krb_PAC_UPN_DNS_INFO, {
+ "UPN_DNS_INFO", "kerberos.PAC_UPN_DNS_INFO", FT_BYTES, BASE_HEX,
+ NULL, 0, "UPN_DNS_INFO structure", HFILL }},
{ &hf_krb_checksum_checksum, {
"checksum", "kerberos.checksum.checksum", FT_BYTES, BASE_HEX,
NULL, 0, "Kerberos Checksum", HFILL }},
{ &hf_krb_pac_namelen, {
"Name Length", "kerberos.pac.namelen", FT_UINT16, BASE_DEC,
NULL, 0, "Length of client name", HFILL }},
+ { &hf_krb_pac_upn_flags, {
+ "Flags", "kerberos.pac.upn.flags", FT_UINT32, BASE_HEX,
+ NULL, 0, "UPN flags", HFILL }},
+ { &hf_krb_pac_upn_dns_offset, {
+ "DNS Offset", "kerberos.pac.upn.dns_offset", FT_UINT16, BASE_DEC,
+ NULL, 0, "", HFILL }},
+ { &hf_krb_pac_upn_dns_len, {
+ "DNS Len", "kerberos.pac.upn.dns_len", FT_UINT16, BASE_DEC,
+ NULL, 0, "", HFILL }},
+ { &hf_krb_pac_upn_upn_offset, {
+ "UPN Offset", "kerberos.pac.upn.upn_offset", FT_UINT16, BASE_DEC,
+ NULL, 0, "", HFILL }},
+ { &hf_krb_pac_upn_upn_len, {
+ "UPN Len", "kerberos.pac.upn.upn_len", FT_UINT16, BASE_DEC,
+ NULL, 0, "", HFILL }},
+ { &hf_krb_pac_upn_upn_name, {
+ "UPN Name", "kerberos.pac.upn.upn_name", FT_STRING, BASE_NONE,
+ NULL, 0, "", HFILL }},
+ { &hf_krb_pac_upn_dns_name, {
+ "DNS Name", "kerberos.pac.upn.dns_name", FT_STRING, BASE_NONE,
+ NULL, 0, "", HFILL }},
{ &hf_krb_e_checksum, {
"e-checksum", "kerberos.e_checksum", FT_NONE, BASE_DEC,
NULL, 0, "This is a Kerberos e-checksum", HFILL }},
{ "Unknown", "kerberos.smb.unknown", FT_UINT32, BASE_HEX,
NULL, 0, "unknown", HFILL }},
{ &hf_krb_midl_blob_len,
- { "Blob Length", "kerberos.midl_blob_len", FT_UINT32, BASE_DEC,
+ { "Blob Length", "kerberos.midl_blob_len", FT_UINT64, BASE_DEC,
NULL, 0, "Length of NDR encoded data that follows", HFILL }},
+ { &hf_krb_midl_fill_bytes,
+ { "Fill bytes", "kerberos.midl.fill_bytes", FT_UINT32, BASE_HEX,
+ NULL, 0, "Just some fill bytes", HFILL }},
+
+ { &hf_krb_midl_version,
+ { "Version", "kerberos.midl.version", FT_UINT8, BASE_DEC,
+ NULL, 0, "Version of pickling", HFILL }},
+
+ { &hf_krb_midl_hdr_len,
+ { "HDR Length", "kerberos.midl.hdr_len", FT_UINT16, BASE_DEC,
+ NULL, 0, "Length of header", HFILL }},
+
};
static gint *ett[] = {
&ett_krb_PAC_CLIENT_INFO_TYPE,
&ett_krb_PAC_CONSTRAINED_DELEGATION,
&ett_krb_e_checksum,
- &ett_krb_PAC_MIDL_BLOB
+ &ett_krb_PAC_MIDL_BLOB,
+ &ett_krb_PAC_DREP,
+ &ett_krb_PAC_UPN_DNS_INFO
};
module_t *krb_module;