diff options
author | Michael Mann <mmann78@netscape.net> | 2015-11-27 10:59:09 -0500 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2015-11-28 09:20:27 +0000 |
commit | 44d98dafd49f7133569f0d982ddf0746c230322f (patch) | |
tree | 6d7cd14756c95c8a7fa246cd8df1cb36dad6edca /epan/dissectors/packet-ntlmssp.c | |
parent | 05121be1b4ea35257bfcd8ed38d2312b1519f370 (diff) |
Remove the GSSAPI specific members out of packet_info structure.
The last piece was the NTLMSSP dissector and that is now handled by passing a pointer to a tvbuff* as dissector data for the NTLMSSP dissector to (possibly) "return" a tvbuff* with decrypted data.
Change-Id: I2606172e4d0ebb5fc6353921d5b5f41a4792f9e5
Reviewed-on: https://code.wireshark.org/review/12232
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ntlmssp.c')
-rw-r--r-- | epan/dissectors/packet-ntlmssp.c | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/epan/dissectors/packet-ntlmssp.c b/epan/dissectors/packet-ntlmssp.c index 9199d9274c..4b7c2ef950 100644 --- a/epan/dissectors/packet-ntlmssp.c +++ b/epan/dissectors/packet-ntlmssp.c @@ -1888,7 +1888,7 @@ get_encrypted_state(packet_info *pinfo, int cryptpeer) } } -static void +static tvbuff_t* decrypt_data_payload(tvbuff_t *tvb, int offset, guint32 encrypted_block_length, packet_info *pinfo, proto_tree *tree _U_, gpointer key); static void @@ -1974,7 +1974,7 @@ dissect_ntlmssp_payload(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, voi return offset; } -static void +static tvbuff_t* decrypt_data_payload(tvbuff_t *tvb, int offset, guint32 encrypted_block_length, packet_info *pinfo, proto_tree *tree _U_, gpointer key) { @@ -1999,19 +1999,19 @@ decrypt_data_payload(tvbuff_t *tvb, int offset, guint32 encrypted_block_length, pinfo->destport, 0); if (conversation == NULL) { /* There is no conversation, thus no encryption state */ - return ; + return NULL; } conv_ntlmssp_info = (ntlmssp_info *)conversation_get_proto_data(conversation, proto_ntlmssp); if (conv_ntlmssp_info == NULL) { /* There is no NTLMSSP state tied to the conversation */ - return ; + return NULL; } if (conv_ntlmssp_info->rc4_state_initialized != 1) { /* The crypto sybsystem is not initialized. This means that either the conversation did not include a challenge, or that we do not have the right password */ - return; + return NULL; } if (key != NULL) { stored_packet_ntlmssp_info = (ntlmssp_packet_info *)g_hash_table_lookup(hash_packet, key); @@ -2040,7 +2040,7 @@ decrypt_data_payload(tvbuff_t *tvb, int offset, guint32 encrypted_block_length, if (rc4_state == NULL) { /* There is no encryption state, so we cannot decrypt */ - return ; + return NULL; } /* Store the decrypted contents in the packet state struct @@ -2080,7 +2080,7 @@ decrypt_data_payload(tvbuff_t *tvb, int offset, guint32 encrypted_block_length, add_new_data_source(pinfo, decr_tvb, "Decrypted data"); - pinfo->gssapi_decrypted_tvb = decr_tvb; + return decr_tvb; } static int @@ -2343,12 +2343,16 @@ decrypt_verifier(tvbuff_t *tvb, int offset, guint32 encrypted_block_length, /* Used when NTLMSSP is done over DCE/RPC because in this case verifier and real payload are not contigious*/ static int -dissect_ntlmssp_payload_only(tvbuff_t *tvb, packet_info *pinfo, _U_ proto_tree *tree, void *data _U_) +dissect_ntlmssp_payload_only(tvbuff_t *tvb, packet_info *pinfo, _U_ proto_tree *tree, void *data) { volatile int offset = 0; proto_tree *volatile ntlmssp_tree = NULL; guint32 encrypted_block_length; + tvbuff_t *volatile decr_tvb; + tvbuff_t** ret_decr_tvb = (tvbuff_t**)data; + if (ret_decr_tvb) + *ret_decr_tvb = NULL; /* the magic ntlm is the identifier of a NTLMSSP packet that's 00 00 00 01 */ encrypted_block_length = tvb_captured_length (tvb); @@ -2381,7 +2385,9 @@ dissect_ntlmssp_payload_only(tvbuff_t *tvb, packet_info *pinfo, _U_ proto_tree * /* Version number */ /* Try to decrypt */ - decrypt_data_payload (tvb, offset, encrypted_block_length, pinfo, ntlmssp_tree, NULL); + decr_tvb = decrypt_data_payload (tvb, offset, encrypted_block_length, pinfo, ntlmssp_tree, NULL); + if (ret_decr_tvb) + *ret_decr_tvb = decr_tvb; /* let's try to hook ourselves here */ } CATCH_NONFATAL_ERRORS { @@ -2463,11 +2469,11 @@ static tvbuff_t * wrap_dissect_ntlmssp_payload_only(tvbuff_t *tvb, tvbuff_t *auth_tvb _U_, int offset, packet_info *pinfo, dcerpc_auth_info *auth_info _U_) { - tvbuff_t *data_tvb; + tvbuff_t *data_tvb, *decrypted_tvb; data_tvb = tvb_new_subset_remaining(tvb, offset); - dissect_ntlmssp_payload_only(data_tvb, pinfo, NULL, NULL); - return pinfo->gssapi_decrypted_tvb; + dissect_ntlmssp_payload_only(data_tvb, pinfo, NULL, &decrypted_tvb); + return decrypted_tvb; } #if 0 |