Refactor some GSS-API dissectors to accept dissector data instead of using packet_info.

This can hopefully lead to the removal of the GSS-API specific members of the packet_info structure.

Change-Id: I7622d66e9f02c6e4cb76adcf0737b35c6ec88cdd
Reviewed-on: https://code.wireshark.org/review/11509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>

4 files changed, 95 insertions, 54 deletions

diff --git a/asn1/ldap/packet-ldap-template.c b/asn1/ldap/packet-ldap-template.c
index eff9506ff7..5c4e447802 100644
--- a/asn1/ldap/packet-ldap-template.c
+++ b/asn1/ldap/packet-ldap-template.c
@@ -104,6 +104,7 @@
 #include "packet-ssl.h"
 #include "packet-ssl-utils.h"
 #include "packet-smb-common.h"
+#include "packet-gssapi.h"
 
 #include "packet-ber.h"
 #include "packet-per.h"
@@ -1213,6 +1214,7 @@ static void
 				tvbuff_t *gssapi_tvb, *plain_tvb = NULL, *decr_tvb= NULL;
 				int ver_len;
 				int tmp_length;
+				gssapi_encrypt_info_t gssapi_encrypt;
 
 				/*
 				* This is GSS-API (using SPNEGO, but we should be done with
@@ -1228,22 +1230,18 @@ static void
 				gssapi_tvb = tvb_new_subset(sasl_tvb, 4, tmp_length, sasl_len);
 
 				/* Attempt decryption of the GSSAPI wrapped data if possible */
-				pinfo->decrypt_gssapi_tvb=DECRYPT_GSSAPI_NORMAL;
-				pinfo->gssapi_wrap_tvb=NULL;
-				pinfo->gssapi_encrypted_tvb=NULL;
-				pinfo->gssapi_decrypted_tvb=NULL;
-				ver_len = call_dissector(gssapi_wrap_handle, gssapi_tvb, pinfo, sasl_tree);
+				gssapi_encrypt.gssapi_data_encrypted = FALSE;
+				gssapi_encrypt.decrypt_gssapi_tvb=DECRYPT_GSSAPI_NORMAL;
+				gssapi_encrypt.gssapi_wrap_tvb=NULL;
+				gssapi_encrypt.gssapi_encrypted_tvb=NULL;
+				gssapi_encrypt.gssapi_decrypted_tvb=NULL;
+				ver_len = call_dissector_with_data(gssapi_wrap_handle, gssapi_tvb, pinfo, sasl_tree, &gssapi_encrypt);
 				/* if we could unwrap, do a tvb shuffle */
-				if(pinfo->gssapi_decrypted_tvb){
-					decr_tvb=pinfo->gssapi_decrypted_tvb;
-				} else if (pinfo->gssapi_wrap_tvb) {
-					plain_tvb=pinfo->gssapi_wrap_tvb;
+				if(gssapi_encrypt.gssapi_decrypted_tvb){
+					decr_tvb=gssapi_encrypt.gssapi_decrypted_tvb;
+				} else if (gssapi_encrypt.gssapi_wrap_tvb) {
+					plain_tvb=gssapi_encrypt.gssapi_wrap_tvb;
 				}
-				/* tidy up */
-				pinfo->decrypt_gssapi_tvb=0;
-				pinfo->gssapi_wrap_tvb=NULL;
-				pinfo->gssapi_encrypted_tvb=NULL;
-				pinfo->gssapi_decrypted_tvb=NULL;
 
 				/*
 				* if len is 0 it probably mean that we got a PDU that is not
@@ -1259,7 +1257,7 @@ static void
 				* data; if not, just use the plaintext data.
 				*/
 				if (!decr_tvb && !plain_tvb) {
-					if(!pinfo->gssapi_data_encrypted){
+					if(!gssapi_encrypt.gssapi_data_encrypted){
 						plain_tvb = tvb_new_subset_remaining(gssapi_tvb,  ver_len);
 					}
 				}
diff --git a/epan/dissectors/packet-gssapi.c b/epan/dissectors/packet-gssapi.c
index 7f9842eb37..d6aafed303 100644
--- a/epan/dissectors/packet-gssapi.c
+++ b/epan/dissectors/packet-gssapi.c
@@ -523,16 +523,54 @@ dissect_gssapi_work(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
 	return return_offset;
 }
 
-static void
-dissect_gssapi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+static int
+dissect_gssapi_work_wrapper(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gssapi_encrypt_info_t* encrypt_info, gboolean is_verifier)
+{
+	int ret;
+
+	/* XXX - This is setup to hopefully remove the need for these members in packet_info
+	 * Setup the dissector to take them as arguments and for now, convert to
+	 * packet_info
+	 */
+	if (encrypt_info != NULL)
+	{
+		pinfo->decrypt_gssapi_tvb = encrypt_info->decrypt_gssapi_tvb;
+		pinfo->gssapi_wrap_tvb = encrypt_info->gssapi_wrap_tvb;
+		pinfo->gssapi_encrypted_tvb = encrypt_info->gssapi_encrypted_tvb;
+		pinfo->gssapi_decrypted_tvb = encrypt_info->gssapi_decrypted_tvb;
+		pinfo->gssapi_data_encrypted = encrypt_info->gssapi_data_encrypted;
+	}
+
+	ret = dissect_gssapi_work(tvb, pinfo, tree, is_verifier);
+
+	if (encrypt_info != NULL)
+	{
+		/* Reassign the data from packet_info and clean up */
+		encrypt_info->gssapi_data_encrypted = pinfo->gssapi_data_encrypted;
+		encrypt_info->decrypt_gssapi_tvb = pinfo->decrypt_gssapi_tvb;
+		encrypt_info->gssapi_wrap_tvb = pinfo->gssapi_wrap_tvb;
+		encrypt_info->gssapi_encrypted_tvb = pinfo->gssapi_encrypted_tvb;
+		encrypt_info->gssapi_decrypted_tvb = pinfo->gssapi_decrypted_tvb;
+
+		pinfo->decrypt_gssapi_tvb=0;
+		pinfo->gssapi_wrap_tvb=NULL;
+		pinfo->gssapi_encrypted_tvb=NULL;
+		pinfo->gssapi_decrypted_tvb=NULL;
+	}
+
+	return ret;
+}
+
+static int
+dissect_gssapi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
 {
-	dissect_gssapi_work(tvb, pinfo, tree, FALSE);
+	return dissect_gssapi_work_wrapper(tvb, pinfo, tree, (gssapi_encrypt_info_t*)data, FALSE);
 }
 
 static int
-dissect_gssapi_verf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
+dissect_gssapi_verf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
 {
-	return dissect_gssapi_work(tvb, pinfo, tree, TRUE);
+	return dissect_gssapi_work_wrapper(tvb, pinfo, tree, (gssapi_encrypt_info_t*)data, TRUE);
 }
 
 void
@@ -610,7 +648,7 @@ proto_register_gssapi(void)
 	expert_gssapi = expert_register_protocol(proto_gssapi);
 	expert_register_field_array(expert_gssapi, ei, array_length(ei));
 
-	register_dissector("gssapi", dissect_gssapi, proto_gssapi);
+	new_register_dissector("gssapi", dissect_gssapi, proto_gssapi);
 	new_register_dissector("gssapi_verf", dissect_gssapi_verf, proto_gssapi);
 
 	gssapi_oids = g_hash_table_new(gssapi_oid_hash, gssapi_oid_equal);
@@ -626,7 +664,7 @@ wrap_dissect_gssapi(tvbuff_t *tvb, int offset, packet_info *pinfo,
 
 	auth_tvb = tvb_new_subset_remaining(tvb, offset);
 
-	dissect_gssapi(auth_tvb, pinfo, tree);
+	dissect_gssapi(auth_tvb, pinfo, tree, NULL);
 
 	return tvb_captured_length_remaining(tvb, offset);
 }
@@ -648,6 +686,7 @@ wrap_dissect_gssapi_payload(tvbuff_t *data_tvb, tvbuff_t *auth_tvb,
 			    dcerpc_auth_info *auth_info _U_)
 {
 	tvbuff_t *result;
+	gssapi_encrypt_info_t gssapi_encrypt;
 
 	/* we need a full auth and a full data tvb or else we can't
 	   decrypt anything
@@ -656,17 +695,12 @@ wrap_dissect_gssapi_payload(tvbuff_t *data_tvb, tvbuff_t *auth_tvb,
 		return NULL;
 	}
 
-	pinfo->decrypt_gssapi_tvb=DECRYPT_GSSAPI_DCE;
-	pinfo->gssapi_wrap_tvb=NULL;
-	pinfo->gssapi_encrypted_tvb=data_tvb;
-	pinfo->gssapi_decrypted_tvb=NULL;
-	dissect_gssapi(auth_tvb, pinfo, NULL);
-	result=pinfo->gssapi_decrypted_tvb;
-
-	pinfo->decrypt_gssapi_tvb=0;
-	pinfo->gssapi_wrap_tvb=NULL;
-	pinfo->gssapi_encrypted_tvb=NULL;
-	pinfo->gssapi_decrypted_tvb=NULL;
+	gssapi_encrypt.decrypt_gssapi_tvb=DECRYPT_GSSAPI_DCE;
+	gssapi_encrypt.gssapi_wrap_tvb=NULL;
+	gssapi_encrypt.gssapi_encrypted_tvb=data_tvb;
+	gssapi_encrypt.gssapi_decrypted_tvb=NULL;
+	dissect_gssapi(auth_tvb, pinfo, NULL, &gssapi_encrypt);
+	result=gssapi_encrypt.gssapi_decrypted_tvb;
 
 	return result;
 }
diff --git a/epan/dissectors/packet-gssapi.h b/epan/dissectors/packet-gssapi.h
index 1d227dfb99..2dec82b7cd 100644
--- a/epan/dissectors/packet-gssapi.h
+++ b/epan/dissectors/packet-gssapi.h
@@ -34,6 +34,17 @@ typedef struct _gssapi_oid_value {
 	const gchar *comment;  /* For the comment */
 } gssapi_oid_value;
 
+/* Created as an attempt to remove members out of packet_info.
+   Data structure to be passed between dissectors */
+typedef struct _gssapi_encrypt_info
+{
+	guint16 decrypt_gssapi_tvb;
+	tvbuff_t *gssapi_wrap_tvb;
+	tvbuff_t *gssapi_encrypted_tvb;
+	tvbuff_t *gssapi_decrypted_tvb;
+	gboolean gssapi_data_encrypted;
+} gssapi_encrypt_info_t;
+
 /* Function prototypes */
 
 void
diff --git a/epan/dissectors/packet-ldap.c b/epan/dissectors/packet-ldap.c
index 8b247f8743..a3b43f0028 100644
--- a/epan/dissectors/packet-ldap.c
+++ b/epan/dissectors/packet-ldap.c
@@ -112,6 +112,7 @@
 #include "packet-ssl.h"
 #include "packet-ssl-utils.h"
 #include "packet-smb-common.h"
+#include "packet-gssapi.h"
 
 #include "packet-ber.h"
 #include "packet-per.h"
@@ -343,7 +344,7 @@ static int hf_ldap_graceAuthNsRemaining = -1;     /* INTEGER_0_maxInt */
 static int hf_ldap_error = -1;                    /* T_error */
 
 /*--- End of included file: packet-ldap-hf.c ---*/
-#line 193 "../../asn1/ldap/packet-ldap-template.c"
+#line 194 "../../asn1/ldap/packet-ldap-template.c"
 
 /* Initialize the subtree pointers */
 static gint ett_ldap = -1;
@@ -415,7 +416,7 @@ static gint ett_ldap_PasswordPolicyResponseValue = -1;
 static gint ett_ldap_T_warning = -1;
 
 /*--- End of included file: packet-ldap-ett.c ---*/
-#line 205 "../../asn1/ldap/packet-ldap-template.c"
+#line 206 "../../asn1/ldap/packet-ldap-template.c"
 
 static expert_field ei_ldap_exceeded_filter_length = EI_INIT;
 static expert_field ei_ldap_too_many_filter_elements = EI_INIT;
@@ -3835,7 +3836,7 @@ static int dissect_PasswordPolicyResponseValue_PDU(tvbuff_t *tvb _U_, packet_inf
 
 
 /*--- End of included file: packet-ldap-fn.c ---*/
-#line 920 "../../asn1/ldap/packet-ldap-template.c"
+#line 921 "../../asn1/ldap/packet-ldap-template.c"
 static int dissect_LDAPMessage_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, ldap_conv_info_t *ldap_info) {
 
   int offset = 0;
@@ -4132,6 +4133,7 @@ static void
 				tvbuff_t *gssapi_tvb, *plain_tvb = NULL, *decr_tvb= NULL;
 				int ver_len;
 				int tmp_length;
+				gssapi_encrypt_info_t gssapi_encrypt;
 
 				/*
 				* This is GSS-API (using SPNEGO, but we should be done with
@@ -4147,22 +4149,18 @@ static void
 				gssapi_tvb = tvb_new_subset(sasl_tvb, 4, tmp_length, sasl_len);
 
 				/* Attempt decryption of the GSSAPI wrapped data if possible */
-				pinfo->decrypt_gssapi_tvb=DECRYPT_GSSAPI_NORMAL;
-				pinfo->gssapi_wrap_tvb=NULL;
-				pinfo->gssapi_encrypted_tvb=NULL;
-				pinfo->gssapi_decrypted_tvb=NULL;
-				ver_len = call_dissector(gssapi_wrap_handle, gssapi_tvb, pinfo, sasl_tree);
+				gssapi_encrypt.gssapi_data_encrypted = FALSE;
+				gssapi_encrypt.decrypt_gssapi_tvb=DECRYPT_GSSAPI_NORMAL;
+				gssapi_encrypt.gssapi_wrap_tvb=NULL;
+				gssapi_encrypt.gssapi_encrypted_tvb=NULL;
+				gssapi_encrypt.gssapi_decrypted_tvb=NULL;
+				ver_len = call_dissector_with_data(gssapi_wrap_handle, gssapi_tvb, pinfo, sasl_tree, &gssapi_encrypt);
 				/* if we could unwrap, do a tvb shuffle */
-				if(pinfo->gssapi_decrypted_tvb){
-					decr_tvb=pinfo->gssapi_decrypted_tvb;
-				} else if (pinfo->gssapi_wrap_tvb) {
-					plain_tvb=pinfo->gssapi_wrap_tvb;
+				if(gssapi_encrypt.gssapi_decrypted_tvb){
+					decr_tvb=gssapi_encrypt.gssapi_decrypted_tvb;
+				} else if (gssapi_encrypt.gssapi_wrap_tvb) {
+					plain_tvb=gssapi_encrypt.gssapi_wrap_tvb;
 				}
-				/* tidy up */
-				pinfo->decrypt_gssapi_tvb=0;
-				pinfo->gssapi_wrap_tvb=NULL;
-				pinfo->gssapi_encrypted_tvb=NULL;
-				pinfo->gssapi_decrypted_tvb=NULL;
 
 				/*
 				* if len is 0 it probably mean that we got a PDU that is not
@@ -4178,7 +4176,7 @@ static void
 				* data; if not, just use the plaintext data.
 				*/
 				if (!decr_tvb && !plain_tvb) {
-					if(!pinfo->gssapi_data_encrypted){
+					if(!gssapi_encrypt.gssapi_data_encrypted){
 						plain_tvb = tvb_new_subset_remaining(gssapi_tvb,  ver_len);
 					}
 				}
@@ -5701,7 +5699,7 @@ void proto_register_ldap(void) {
         NULL, HFILL }},
 
 /*--- End of included file: packet-ldap-hfarr.c ---*/
-#line 2217 "../../asn1/ldap/packet-ldap-template.c"
+#line 2215 "../../asn1/ldap/packet-ldap-template.c"
   };
 
   /* List of subtrees */
@@ -5775,7 +5773,7 @@ void proto_register_ldap(void) {
     &ett_ldap_T_warning,
 
 /*--- End of included file: packet-ldap-ettarr.c ---*/
-#line 2231 "../../asn1/ldap/packet-ldap-template.c"
+#line 2229 "../../asn1/ldap/packet-ldap-template.c"
   };
   /* UAT for header fields */
   static uat_field_t custom_attribute_types_uat_fields[] = {
@@ -5942,7 +5940,7 @@ proto_reg_handoff_ldap(void)
 
 
 /*--- End of included file: packet-ldap-dis-tab.c ---*/
-#line 2381 "../../asn1/ldap/packet-ldap-template.c"
+#line 2379 "../../asn1/ldap/packet-ldap-template.c"
 
 
 }