path: root/packet-spnego.c
AgeCommit message (Collapse)AuthorFilesLines
2004-07-18Move dissectors to epan/dissectors directory.Gilbert Ramirez1-1694/+0
Also move ncp222.py, x11-fields, process-x11-fields.pl, make-reg-dotc, and make-reg-dotc.py. Adjust #include lines in files that include packet-*.h files. svn path=/trunk/; revision=11410
2004-07-18Set the svn:eol-style property on all text files to "native", so thatGuy Harris1-1/+1
they have LF at the end of the line on UN*X and CR/LF on Windows; hopefully this means that if a CR/LF version is checked in on Windows, the CRs will be stripped so that they show up only when checked out on Windows, not on UN*X. svn path=/trunk/; revision=11400
2004-06-04Add a mechanism where one can provide callbacks to the kerbgeros dissectorRonnie Sahlberg1-3/+3
to pass back dissection of application specific fields (octet strings) This can later be used to pick up session keys by dcerpc and similar. Currently it will initially be used by packetcable. PacketCable additions by Thomas Anders svn path=/trunk/; revision=11101
2004-05-11Make sure next_level_value isn't NULL before trying to access one of itsGerald Combs1-11/+13
members. svn path=/trunk/; revision=10846
2004-04-30Clean up the creation of the tvbuff for a mechToken so that the lengthGuy Harris1-10/+16
and reported length are both no larger than the length of the token. svn path=/trunk/; revision=10747
2004-04-30MSVC warnings removedUlf Lamping1-2/+2
svn path=/trunk/; revision=10738
2004-04-02If the packet is short, dont try to create a blob item that spans beyound ↵Ronnie Sahlberg1-1/+9
the end of the short packet since that will raise an exception and we wont even attempt to dissect those (kerberos usually) bytes that we do have in the packet. svn path=/trunk/; revision=10546
2003-07-17Add the KRB5 User-to-user OIDRichard Sharpe1-1/+4
svn path=/trunk/; revision=8036
2003-06-01Fix a small segmentation fault if we get an ASN.1 parse error, andRichard Sharpe1-7/+19
start to work on kerberos flags etc. Also prettied up the case where the responseToken was an empty string. svn path=/trunk/; revision=7767
2003-05-26Deal with cases where there's no token ID in a Kerberos blob.Guy Harris1-9/+14
svn path=/trunk/; revision=7741
2003-05-25Add the reqFlags decode ...Richard Sharpe1-4/+23
svn path=/trunk/; revision=7738
2003-05-25Adding more infrastructure so I can decode SPNEGO/GSSAPI request flags.Richard Sharpe1-1/+26
svn path=/trunk/; revision=7737
2003-05-24Begin to break out the SPNEGO/GSSAPI request flags ...Richard Sharpe1-1/+47
svn path=/trunk/; revision=7736
2003-05-24Adding support for GSSAPI GSS_Wrap tokens and refactoring the routineRichard Sharpe1-39/+67
that was already there. svn path=/trunk/; revision=7727
2003-05-23Commit the changes to allow us to dissect GSSAPI GetMIC tokens.Richard Sharpe1-1/+68
However, it is now clear in the dissection tree for NFSv4 with RPCSEC_GSS security in use that the naming is just wrong :-( svn path=/trunk/; revision=7725
2003-05-23First changes to properly support RFC1964 so that GSSAPI GetMIC and otherRichard Sharpe1-3/+28
tokens can be handled. Really, dissect-spnego-krb5 or whatever, should be renamed to something like dissect-gssapi-tokens or dissect-gssapi-rfc1964 ... svn path=/trunk/; revision=7724
2003-02-17Small explanation for why MS created their own KRB5 OID value.Richard Sharpe1-1/+9
svn path=/trunk/; revision=7160
2003-01-10In "dissect_spnego_negTokenTarg()", don't assume we've found a GSSAPIGuy Harris1-3/+9
OID value for the protocol being used in a previous packet in the GSSAPI sequence. svn path=/trunk/; revision=6896
2002-12-25Minor spelling etc updates.Richard Sharpe1-6/+5
svn path=/trunk/; revision=6816
2002-11-28Handle GSS_Wrap header information as well as context-level tokens. AGuy Harris1-39/+347
call to "gssapi_init_oid()" supplies both dissectors for context-level tokens and GSS_Wrap header information; the latter dissector should return the number of bytes of header information, so that if the header information and the message for the protocol that's using GSSAPI are treated as a single blob of data (as is the case with LDAP, but not with DCE RPC, for example), the dissector for the protocol using GSSAPI knows where to start dissecting. We associate a pointer to the entire data structure for the OID, not the handle for context-level token dissector for the OID, with conversations and frames. Make the dissector for NTLMSSP verifiers be the handler for GSS_Wrap stuff for NTLMSSP, and add support for GSS_Wrap stuff for Kerberos. Support SASL GSS-SPNEGO wrapping of LDAP messages. (XXX - this should really check for GSS-SPNEGO.) svn path=/trunk/; revision=6692
2002-11-07There can be more than one GSS-API negotiation in a conversation, so theGuy Harris1-9/+23
handle to use to dissect SPNEGO tokens has to be stored as per-frame data, not just as conversation data. svn path=/trunk/; revision=6572
2002-10-25Sometimes a cigar is just a cigar, err, umm, sometimes a KRB5 blob isGuy Harris1-31/+72
just a Kerberos message; we can distinguish that from the other two cases, so we do so, and handle all three cases. svn path=/trunk/; revision=6505
2002-10-05Make sure that we can dissect KRB5 in NFSv4 blobs.Richard Sharpe1-23/+27
svn path=/trunk/; revision=6367
2002-09-18Got rid of some nested parenthesis in the gssapi oid registrations.Tim Potter1-4/+4
svn path=/trunk/; revision=6302
2002-09-08Use -1, rather than "tvb_length_remaining(tvb, offset)", as the lengthGuy Harris1-44/+57
for items that should run to the end of the tvbuff. Make the next level dissector handle local to "dissect_spnego()". Handle negTokenInit's with mechTokens, by, when processing the mechTypes sequence in a negTokenInit, remembering the first MechType and telling "dissect_spnego_mechTypes()"'s caller about it, and having that caller use that mechType to dissect the mechToken. svn path=/trunk/; revision=6232
2002-09-08Fix documentation comments to reflext reality.Richard Sharpe1-3/+3
svn path=/trunk/; revision=6229
2002-09-08Add a "gssapi_lookup_oid()" that takes a binary OID (pointer and length)Guy Harris1-22/+14
as an argument, and looks up that OID in the GSSAPI OID hash table. Always use that routine to look up OIDs, so that we never use the result of "format_oid()" as the key (as that doesn't necessarily work). Make "gssapi_oids" static, as one should only look up GSSAPI authentication mechanism OIDs with "gssapi_lookup_oid()". In the SPNEGO dissector, free up the OID strings when we're done with them, and don't advance the offset past the OID until after we put the OID into the protocol tree. svn path=/trunk/; revision=6228
2002-09-07OK, now have KRB5 dissector playing nice.Richard Sharpe1-2/+5
svn path=/trunk/; revision=6209
2002-09-07Declare dissect_Ticket in packet-kerberos.h and include that into ↵Jörg Mayer1-1/+2
packet-spnego.c svn path=/trunk/; revision=6207
2002-09-06Properly dissect the innerContextToken for Kerberos in GSSAPI.Richard Sharpe1-26/+21
Now, all I have to do is to modularize the Kerberos dissector :-) svn path=/trunk/; revision=6192
2002-09-05Commit my changes to handle KRB5 in SPNEGO ...Richard Sharpe1-12/+149
Turns out it is a KRB5 AP-REQ ASN1 encoded, and the Kerberos dissector is going to need to be re-architected to deal with this. svn path=/trunk/; revision=6187
2002-09-04Remove a debugging printf ...Richard Sharpe1-2/+2
svn path=/trunk/; revision=6185
2002-09-04Add some level of OID naming etc ...Richard Sharpe1-8/+18
svn path=/trunk/; revision=6180
2002-09-04Fix up warnings by implementing the stuff that was left out.Richard Sharpe1-6/+36
svn path=/trunk/; revision=6174
2002-09-04Fix the handling of the NTLMSSP blobs in the case when the server asksRichard Sharpe1-2/+2
for RAW NTLMSSP, but the client actually sends SPNEGO encapsulated NTLMSSP. svn path=/trunk/; revision=6173
2002-09-03Who was that fscking idiot who put a \n into the mechListMIC format specifier!Richard Sharpe1-3/+3
svn path=/trunk/; revision=6172
2002-08-31Make "gssapi_init_oid()" take a dissector handle rather than aGuy Harris1-5/+7
registered dissector name; that means you don't have to register a dissector by name to associate it with a GSS-API security mechanism OID. svn path=/trunk/; revision=6163
2002-08-31Make sure we stop processing GSS-API tokens when we actually have finishedRichard Sharpe1-2/+2
and not try to parse unrelated info in the TVB. svn path=/trunk/; revision=6162
2002-08-31Make Tokens into subtrees etc ...Richard Sharpe1-15/+44
svn path=/trunk/; revision=6159
2002-08-31Further fixes. Properly account for the length of headers. Still some headersRichard Sharpe1-10/+19
that we do not account for properly, like Octet Strings. svn path=/trunk/; revision=6152
2002-08-30Squelch a whole bunch of compiler warnings. The remaining ones will have to ↵Richard Sharpe1-31/+20
wait until someone implements the missing bits of code. svn path=/trunk/; revision=6147
2002-08-30Fix the RCS ID and a compiler warning.Guy Harris1-2/+2
svn path=/trunk/; revision=6144
2002-08-30Some more SPNEGO fixes. Getting much closer ...Richard Sharpe1-23/+41
svn path=/trunk/; revision=6140
2002-08-30OK, this is a lot better.Richard Sharpe1-36/+51
Still have to work on the Octet string versus general string, but much of it is there now. svn path=/trunk/; revision=6137
2002-08-30Commit the latest changes to get rid of seg-faultsRichard Sharpe1-15/+54
svn path=/trunk/; revision=6136
2002-08-30More SPNEGO, now can get down to NTLMSSP if that is what the negTokenTargRichard Sharpe1-7/+100
contains. svn path=/trunk/; revision=6133
2002-08-29Some more of SPNEGO ... more to come ...Richard Sharpe1-2/+86
svn path=/trunk/; revision=6132
2002-08-29More support for SPNEGO ... Gotta handle the supportedMech and cache theRichard Sharpe1-10/+51
handle for the dissector routine yet ... Real work to do though ... svn path=/trunk/; revision=6131
2002-08-29OK, we now dissect the innerContextToken properly, and SPNEGO understands aRichard Sharpe1-4/+50
negTokenTarg, there is just more work to do on this. svn path=/trunk/; revision=6127
2002-08-29Small fix up to packet-spnego.cRichard Sharpe1-5/+1
svn path=/trunk/; revision=6120