Try to fix the problems with the SPNEGO negTokenInit differences in Microsoft implementations

Change-Id: Ifbfca88469a6bc479072c921deba280e667c7087 Reviewed-on: https://code.wireshark.org/review/1804 Reviewed-by: Michael Mann <mmann78@netscape.net>
author: Richard Sharpe <realrichardsharpe@gmail.com> 2014-05-28 21:05:41 -0400
committer: Michael Mann <mmann78@netscape.net> 2014-05-29 01:15:26 +0000
commit: 0ed2672abf6d8a41e0ddc11358bb73d86a30fe92 (patch)
tree: 34e0a1c3508c5b262b5b7b1af0cbbc54e86c4c89 /asn1/spnego/spnego.cnf
parent: bb78e8f6e5bf770f1effbc84c44656436add5a5d (diff)
1 files changed, 31 insertions, 34 deletions
diff --git a/asn1/spnego/spnego.cnf b/asn1/spnego/spnego.cnf
index a4fcc0b388..9d9e760cb2 100644
--- a/asn1/spnego/spnego.cnf
+++ b/asn1/spnego/spnego.cnf
@@ -8,11 +8,22 @@
 #.NO_EMIT ONLY_VALS
 NegotiationToken
 
-#.TYPE_RENAME
-NegTokenInit/mechListMIC T_NegTokenInit_mechListMIC
+#.FN_BODY NegotiationToken/negTokenInit
+  gboolean is_response = actx->pinfo->ptype == PT_TCP &&
+                         actx->pinfo->srcport < 1024;
 
-#.FIELD_RENAME
-NegTokenInit/mechListMIC negTokenInit_mechListMIC
+  /*
+   * We decode as negTokenInit2 or negTokenInit depending on whether or not
+   * we are in a response or a request. That is essentially what MS-SPNG
+   * says.
+   */
+  if (is_response) {
+    return dissect_spnego_NegTokenInit2(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s,
+                                        %(ACTX)s, %(TREE)s, %(HF_INDEX)s);
+  } else {
+    return dissect_spnego_NegTokenInit(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s,
+                                       %(ACTX)s, %(TREE)s, %(HF_INDEX)s);
+  }
 
 #.FN_PARS MechType
 
@@ -121,42 +132,28 @@ NegTokenInit/mechListMIC negTokenInit_mechListMIC
      call_dissector(next_level_value->handle, mechToken_tvb, actx->pinfo, tree);
 
 
+#.FN_PARS NegTokenInit/mechListMIC
+
+  VAL_PTR = &mechListMIC_tvb
+
 #.FN_BODY NegTokenInit/mechListMIC
 
-  gint8 ber_class;
-  gboolean pc;
-  gint32 tag;
   tvbuff_t *mechListMIC_tvb;
 
+
+%(DEFAULT_BODY)s
+
+
   /*
-   * There seems to be two different forms this can take,
-   * one as an octet string, and one as a general string in a
-   * sequence.
-   *
-   * Peek at the header, and then decide which it is we're seeing.
+   * Now, we should be able to dispatch, if we've gotten a tvbuff for
+   * the MIC and we have information on how to dissect its contents.
    */
-  get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
-  if (ber_class == BER_CLASS_UNI && pc && tag == BER_UNI_TAG_SEQUENCE) {
-    /*
-     * It's a sequence.
-     */
-    return dissect_spnego_PrincipalSeq(FALSE, tvb, offset, actx, tree,
-                                       hf_spnego_mechListMIC);
-  } else {
-    /*
-     * It's not a sequence, so dissect it as an octet string,
-     * which is what it's supposed to be; that'll cause the
-     * right error report if it's not an octet string, either.
-     */
-    offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset,
-                                      hf_spnego_mechListMIC, &mechListMIC_tvb);
-
-    /*
-     * Now, we should be able to dispatch with that tvbuff.
-     */
-    if (mechListMIC_tvb && next_level_value)
-      call_dissector(next_level_value->handle, mechListMIC_tvb, actx->pinfo, tree);
-    return offset;
+  if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){
+    gssapi_oid_value *value=next_level_value;
+
+    if(value){
+      call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree);
+    }
   }
 
 #.FN_BODY NegTokenTarg/supportedMech
author	Richard Sharpe <realrichardsharpe@gmail.com>	2014-05-28 21:05:41 -0400
committer	Michael Mann <mmann78@netscape.net>	2014-05-29 01:15:26 +0000
commit	0ed2672abf6d8a41e0ddc11358bb73d86a30fe92 (patch)
tree	34e0a1c3508c5b262b5b7b1af0cbbc54e86c4c89 /asn1/spnego/spnego.cnf
parent	bb78e8f6e5bf770f1effbc84c44656436add5a5d (diff)