diff options
| author | Michael Mann <mmann78@netscape.net> | 2015-05-18 07:40:49 -0400 |
|---|---|---|
| committer | Michael Mann <mmann78@netscape.net> | 2015-10-19 17:23:06 +0000 |
| commit | 3fe2c6eef4353f02363bbe547513f73384e2d598 (patch) | |
| tree | 1aaabbec32412ab01d5bed97fc54682ce5520175 | |
| parent | 6b128409a751f419dad8f55d626dc44b56011495 (diff) | |
Separate out sname and cname in Kerberos dissector.
Bug: 4479
Change-Id: I41de06f2e3eea0c44edd659ed053f628406550c6
Reviewed-on: https://code.wireshark.org/review/11125
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
| -rw-r--r-- | asn1/kerberos/KerberosV5Spec2.asn | 34 | ||||
| -rw-r--r-- | epan/dissectors/packet-kerberos.c | 151 |
2 files changed, 151 insertions, 34 deletions
diff --git a/asn1/kerberos/KerberosV5Spec2.asn b/asn1/kerberos/KerberosV5Spec2.asn index 35ac6fe30e..fb3f4e8b56 100644 --- a/asn1/kerberos/KerberosV5Spec2.asn +++ b/asn1/kerberos/KerberosV5Spec2.asn @@ -49,6 +49,8 @@ Microseconds ::= INTEGER (0..999999) -- microseconds KerberosString ::= GeneralString (IA5String) +CNameString ::= GeneralString (IA5String) +SNameString ::= GeneralString (IA5String) Realm ::= KerberosString @@ -58,6 +60,16 @@ PrincipalName ::= SEQUENCE { name-string [1] SEQUENCE OF KerberosString } +CName ::= SEQUENCE { + name-type [0] NAME-TYPE, + cname-string [1] SEQUENCE OF CNameString +} + +SName ::= SEQUENCE { + name-type [0] NAME-TYPE, + sname-string [1] SEQUENCE OF SNameString +} + KerberosTime ::= GeneralizedTime -- with no fractional seconds HostAddress ::= SEQUENCE { @@ -147,7 +159,7 @@ EncryptedKrbCredData ::= SEQUENCE { Ticket ::= [APPLICATION 1] SEQUENCE { tkt-vno [0] INTEGER (5), realm [1] Realm, - sname [2] PrincipalName, + sname [2] SName, enc-part [3] EncryptedTicketData } @@ -156,7 +168,7 @@ EncTicketPart ::= [APPLICATION 3] SEQUENCE { flags [0] TicketFlags, key [1] EncryptionKey, crealm [2] Realm, - cname [3] PrincipalName, + cname [3] CName, transited [4] TransitedEncoding, authtime [5] KerberosTime, starttime [6] KerberosTime OPTIONAL, @@ -206,12 +218,12 @@ KDC-REQ ::= SEQUENCE { KDC-REQ-BODY ::= SEQUENCE { kdc-options [0] KDCOptions, - cname [1] PrincipalName OPTIONAL + cname [1] CName OPTIONAL -- Used only in AS-REQ --, realm [2] Realm -- Server's realm -- Also client's in AS-REQ --, - sname [3] PrincipalName OPTIONAL, + sname [3] SName OPTIONAL, from [4] KerberosTime OPTIONAL, -- this field is not optional in the kerberos spec, however, in the packetcable spec it is optional @@ -269,7 +281,7 @@ KDC-REP ::= SEQUENCE { padata [2] SEQUENCE OF PA-DATA OPTIONAL -- NOTE: not empty --, crealm [3] Realm, - cname [4] PrincipalName, + cname [4] CName, ticket [5] Ticket, enc-part [6] EncryptedKDCREPData -- EncASRepPart or EncTGSRepPart, @@ -291,7 +303,7 @@ EncKDCRepPart ::= SEQUENCE { endtime [7] KerberosTime, renew-till [8] KerberosTime OPTIONAL, srealm [9] Realm, - sname [10] PrincipalName, + sname [10] SName, caddr [11] HostAddresses OPTIONAL, encrypted-pa-data[12] METHOD-DATA OPTIONAL -- from k5.asn } @@ -320,7 +332,7 @@ AP-REQ ::= [APPLICATION 14] SEQUENCE { Authenticator ::= [APPLICATION 2] SEQUENCE { authenticator-vno [0] INTEGER (5), crealm [1] Realm, - cname [2] PrincipalName, + cname [2] CName, cksum [3] Checksum OPTIONAL, cusec [4] Microseconds, ctime [5] KerberosTime, @@ -406,7 +418,7 @@ KrbCredInfo ::= SEQUENCE { endtime [6] KerberosTime OPTIONAL, renew-till [7] KerberosTime OPTIONAL, srealm [8] Realm OPTIONAL, - sname [9] PrincipalName OPTIONAL, + sname [9] SName OPTIONAL, caddr [10] HostAddresses OPTIONAL } @@ -421,9 +433,9 @@ KRB-ERROR ::= [APPLICATION 30] SEQUENCE { -- error-code [6] Int32, error-code [6] ERROR-CODE, -- Use k5.asn crealm [7] Realm OPTIONAL, - cname [8] PrincipalName OPTIONAL, + cname [8] CName OPTIONAL, realm [9] Realm -- service realm --, - sname [10] PrincipalName -- service name --, + sname [10] SName -- service name --, e-text [11] KerberosString OPTIONAL, e-data [12] OCTET STRING OPTIONAL, e-checksum [13] Checksum OPTIONAL -- used by PacketCable @@ -471,7 +483,7 @@ AD-IF-RELEVANT ::= AuthorizationData AD-KDCIssued ::= SEQUENCE { ad-checksum [0] Checksum, i-realm [1] Realm OPTIONAL, - i-sname [2] PrincipalName OPTIONAL, + i-sname [2] SName OPTIONAL, elements [3] AuthorizationData } diff --git a/epan/dissectors/packet-kerberos.c b/epan/dissectors/packet-kerberos.c index 6fa601937d..271b17719a 100644 --- a/epan/dissectors/packet-kerberos.c +++ b/epan/dissectors/packet-kerberos.c @@ -200,6 +200,10 @@ static int hf_kerberos_krb_error = -1; /* KRB_ERROR */ static int hf_kerberos_name_type = -1; /* NAME_TYPE */ static int hf_kerberos_name_string = -1; /* SEQUENCE_OF_KerberosString */ static int hf_kerberos_name_string_item = -1; /* KerberosString */ +static int hf_kerberos_cname_string = -1; /* SEQUENCE_OF_CNameString */ +static int hf_kerberos_cname_string_item = -1; /* CNameString */ +static int hf_kerberos_sname_string = -1; /* SEQUENCE_OF_SNameString */ +static int hf_kerberos_sname_string_item = -1; /* SNameString */ static int hf_kerberos_addr_type = -1; /* ADDR_TYPE */ static int hf_kerberos_address = -1; /* T_address */ static int hf_kerberos_HostAddresses_item = -1; /* HostAddress */ @@ -222,12 +226,12 @@ static int hf_kerberos_encryptedKrbPrivData_cipher = -1; /* T_encryptedKrbPrivD static int hf_kerberos_encryptedKrbCredData_cipher = -1; /* T_encryptedKrbCredData_cipher */ static int hf_kerberos_tkt_vno = -1; /* INTEGER_5 */ static int hf_kerberos_realm = -1; /* Realm */ -static int hf_kerberos_sname = -1; /* PrincipalName */ +static int hf_kerberos_sname = -1; /* SName */ static int hf_kerberos_ticket_enc_part = -1; /* EncryptedTicketData */ static int hf_kerberos_flags = -1; /* TicketFlags */ static int hf_kerberos_key = -1; /* EncryptionKey */ static int hf_kerberos_crealm = -1; /* Realm */ -static int hf_kerberos_cname = -1; /* PrincipalName */ +static int hf_kerberos_cname = -1; /* CName */ static int hf_kerberos_transited = -1; /* TransitedEncoding */ static int hf_kerberos_authtime = -1; /* KerberosTime */ static int hf_kerberos_starttime = -1; /* KerberosTime */ @@ -365,6 +369,10 @@ static gint ett_krb_pac_client_info_type = -1; static gint ett_kerberos_Applications = -1; static gint ett_kerberos_PrincipalName = -1; static gint ett_kerberos_SEQUENCE_OF_KerberosString = -1; +static gint ett_kerberos_CName = -1; +static gint ett_kerberos_SEQUENCE_OF_CNameString = -1; +static gint ett_kerberos_SName = -1; +static gint ett_kerberos_SEQUENCE_OF_SNameString = -1; static gint ett_kerberos_HostAddress = -1; static gint ett_kerberos_HostAddresses = -1; static gint ett_kerberos_AuthorizationData = -1; @@ -2292,29 +2300,40 @@ dissect_kerberos_NAME_TYPE(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int off } -static const ber_sequence_t SEQUENCE_OF_KerberosString_sequence_of[1] = { - { &hf_kerberos_name_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_KerberosString }, + +static int +dissect_kerberos_SNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString, + actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t SEQUENCE_OF_SNameString_sequence_of[1] = { + { &hf_kerberos_sname_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_SNameString }, }; static int -dissect_kerberos_SEQUENCE_OF_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +dissect_kerberos_SEQUENCE_OF_SNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, - SEQUENCE_OF_KerberosString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KerberosString); + SEQUENCE_OF_SNameString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_SNameString); return offset; } -static const ber_sequence_t PrincipalName_sequence[] = { +static const ber_sequence_t SName_sequence[] = { { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE }, - { &hf_kerberos_name_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_KerberosString }, + { &hf_kerberos_sname_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_SNameString }, { NULL, 0, 0, 0, NULL } }; static int -dissect_kerberos_PrincipalName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +dissect_kerberos_SName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, - PrincipalName_sequence, hf_index, ett_kerberos_PrincipalName); + SName_sequence, hf_index, ett_kerberos_SName); return offset; } @@ -2418,7 +2437,7 @@ dissect_kerberos_EncryptedTicketData(gboolean implicit_tag _U_, tvbuff_t *tvb _U static const ber_sequence_t Ticket_U_sequence[] = { { &hf_kerberos_tkt_vno , BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 }, { &hf_kerberos_realm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm }, - { &hf_kerberos_sname , BER_CLASS_CON, 2, 0, dissect_kerberos_PrincipalName }, + { &hf_kerberos_sname , BER_CLASS_CON, 2, 0, dissect_kerberos_SName }, { &hf_kerberos_ticket_enc_part, BER_CLASS_CON, 3, 0, dissect_kerberos_EncryptedTicketData }, { NULL, 0, 0, 0, NULL } }; @@ -2442,6 +2461,45 @@ dissect_kerberos_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset } + +static int +dissect_kerberos_CNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_GeneralString, + actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t SEQUENCE_OF_CNameString_sequence_of[1] = { + { &hf_kerberos_cname_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_CNameString }, +}; + +static int +dissect_kerberos_SEQUENCE_OF_CNameString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, + SEQUENCE_OF_CNameString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_CNameString); + + return offset; +} + + +static const ber_sequence_t CName_sequence[] = { + { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE }, + { &hf_kerberos_cname_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_CNameString }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_kerberos_CName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + CName_sequence, hf_index, ett_kerberos_CName); + + return offset; +} + + static const value_string kerberos_CKSUMTYPE_vals[] = { { 0, "cKSUMTYPE-NONE" }, { 1, "cKSUMTYPE-CRC32" }, @@ -2679,7 +2737,7 @@ dissect_kerberos_AuthorizationData(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, static const ber_sequence_t Authenticator_U_sequence[] = { { &hf_kerberos_authenticator_vno, BER_CLASS_CON, 0, 0, dissect_kerberos_INTEGER_5 }, { &hf_kerberos_crealm , BER_CLASS_CON, 1, 0, dissect_kerberos_Realm }, - { &hf_kerberos_cname , BER_CLASS_CON, 2, 0, dissect_kerberos_PrincipalName }, + { &hf_kerberos_cname , BER_CLASS_CON, 2, 0, dissect_kerberos_CName }, { &hf_kerberos_cksum , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum }, { &hf_kerberos_cusec , BER_CLASS_CON, 4, 0, dissect_kerberos_Microseconds }, { &hf_kerberos_ctime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime }, @@ -2878,7 +2936,7 @@ static const ber_sequence_t EncTicketPart_U_sequence[] = { { &hf_kerberos_flags , BER_CLASS_CON, 0, 0, dissect_kerberos_TicketFlags }, { &hf_kerberos_key , BER_CLASS_CON, 1, 0, dissect_kerberos_EncryptionKey }, { &hf_kerberos_crealm , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm }, - { &hf_kerberos_cname , BER_CLASS_CON, 3, 0, dissect_kerberos_PrincipalName }, + { &hf_kerberos_cname , BER_CLASS_CON, 3, 0, dissect_kerberos_CName }, { &hf_kerberos_transited , BER_CLASS_CON, 4, 0, dissect_kerberos_TransitedEncoding }, { &hf_kerberos_authtime , BER_CLASS_CON, 5, 0, dissect_kerberos_KerberosTime }, { &hf_kerberos_starttime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, @@ -3192,9 +3250,9 @@ dissect_kerberos_SEQUENCE_OF_Ticket(gboolean implicit_tag _U_, tvbuff_t *tvb _U_ static const ber_sequence_t KDC_REQ_BODY_sequence[] = { { &hf_kerberos_kdc_options, BER_CLASS_CON, 0, 0, dissect_kerberos_KDCOptions }, - { &hf_kerberos_cname , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName }, + { &hf_kerberos_cname , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_CName }, { &hf_kerberos_realm , BER_CLASS_CON, 2, 0, dissect_kerberos_Realm }, - { &hf_kerberos_sname , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName }, + { &hf_kerberos_sname , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_kerberos_SName }, { &hf_kerberos_from , BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, { &hf_kerberos_till , BER_CLASS_CON, 5, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, { &hf_kerberos_rtime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, @@ -3306,7 +3364,7 @@ static const ber_sequence_t KDC_REP_sequence[] = { { &hf_kerberos_msg_type , BER_CLASS_CON, 1, 0, dissect_kerberos_MESSAGE_TYPE }, { &hf_kerberos_padata , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_kerberos_SEQUENCE_OF_PA_DATA }, { &hf_kerberos_crealm , BER_CLASS_CON, 3, 0, dissect_kerberos_Realm }, - { &hf_kerberos_cname , BER_CLASS_CON, 4, 0, dissect_kerberos_PrincipalName }, + { &hf_kerberos_cname , BER_CLASS_CON, 4, 0, dissect_kerberos_CName }, { &hf_kerberos_ticket , BER_CLASS_CON, 5, 0, dissect_kerberos_Ticket }, { &hf_kerberos_kDC_REP_enc_part, BER_CLASS_CON, 6, 0, dissect_kerberos_EncryptedKDCREPData }, { NULL, 0, 0, 0, NULL } @@ -3717,7 +3775,7 @@ static const ber_sequence_t EncKDCRepPart_sequence[] = { { &hf_kerberos_endtime , BER_CLASS_CON, 7, 0, dissect_kerberos_KerberosTime }, { &hf_kerberos_renew_till , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, { &hf_kerberos_srealm , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm }, - { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_PrincipalName }, + { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_SName }, { &hf_kerberos_caddr , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses }, { &hf_kerberos_encrypted_pa_data, BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_METHOD_DATA }, { NULL, 0, 0, 0, NULL } @@ -3789,7 +3847,6 @@ dissect_kerberos_T_encKrbPrivPart_user_data(gboolean implicit_tag _U_, tvbuff_t call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA, (kerberos_callbacks*)actx->private_data); } - return offset; } @@ -3823,6 +3880,34 @@ dissect_kerberos_ENC_KRB_PRIV_PART(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, } +static const ber_sequence_t SEQUENCE_OF_KerberosString_sequence_of[1] = { + { &hf_kerberos_name_string_item, BER_CLASS_UNI, BER_UNI_TAG_GeneralString, BER_FLAGS_NOOWNTAG, dissect_kerberos_KerberosString }, +}; + +static int +dissect_kerberos_SEQUENCE_OF_KerberosString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence_of(implicit_tag, actx, tree, tvb, offset, + SEQUENCE_OF_KerberosString_sequence_of, hf_index, ett_kerberos_SEQUENCE_OF_KerberosString); + + return offset; +} + + +static const ber_sequence_t PrincipalName_sequence[] = { + { &hf_kerberos_name_type , BER_CLASS_CON, 0, 0, dissect_kerberos_NAME_TYPE }, + { &hf_kerberos_name_string, BER_CLASS_CON, 1, 0, dissect_kerberos_SEQUENCE_OF_KerberosString }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_kerberos_PrincipalName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + PrincipalName_sequence, hf_index, ett_kerberos_PrincipalName); + + return offset; +} + + static const ber_sequence_t KrbCredInfo_sequence[] = { { &hf_kerberos_key , BER_CLASS_CON, 0, 0, dissect_kerberos_EncryptionKey }, { &hf_kerberos_prealm , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm }, @@ -3833,7 +3918,7 @@ static const ber_sequence_t KrbCredInfo_sequence[] = { { &hf_kerberos_endtime , BER_CLASS_CON, 6, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, { &hf_kerberos_renew_till , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosTime }, { &hf_kerberos_srealm , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm }, - { &hf_kerberos_sname , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName }, + { &hf_kerberos_sname , BER_CLASS_CON, 9, BER_FLAGS_OPTIONAL, dissect_kerberos_SName }, { &hf_kerberos_caddr , BER_CLASS_CON, 10, BER_FLAGS_OPTIONAL, dissect_kerberos_HostAddresses }, { NULL, 0, 0, 0, NULL } }; @@ -4026,9 +4111,9 @@ static const ber_sequence_t KRB_ERROR_U_sequence[] = { { &hf_kerberos_susec , BER_CLASS_CON, 5, 0, dissect_kerberos_Microseconds }, { &hf_kerberos_error_code , BER_CLASS_CON, 6, 0, dissect_kerberos_ERROR_CODE }, { &hf_kerberos_crealm , BER_CLASS_CON, 7, BER_FLAGS_OPTIONAL, dissect_kerberos_Realm }, - { &hf_kerberos_cname , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_PrincipalName }, + { &hf_kerberos_cname , BER_CLASS_CON, 8, BER_FLAGS_OPTIONAL, dissect_kerberos_CName }, { &hf_kerberos_realm , BER_CLASS_CON, 9, 0, dissect_kerberos_Realm }, - { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_PrincipalName }, + { &hf_kerberos_sname , BER_CLASS_CON, 10, 0, dissect_kerberos_SName }, { &hf_kerberos_e_text , BER_CLASS_CON, 11, BER_FLAGS_OPTIONAL, dissect_kerberos_KerberosString }, { &hf_kerberos_e_data , BER_CLASS_CON, 12, BER_FLAGS_OPTIONAL, dissect_kerberos_T_e_data }, { &hf_kerberos_e_checksum , BER_CLASS_CON, 13, BER_FLAGS_OPTIONAL, dissect_kerberos_Checksum }, @@ -4723,6 +4808,22 @@ void proto_register_kerberos(void) { { "KerberosString", "kerberos.KerberosString", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }}, + { &hf_kerberos_cname_string, + { "cname-string", "kerberos.cname_string", + FT_UINT32, BASE_DEC, NULL, 0, + "SEQUENCE_OF_CNameString", HFILL }}, + { &hf_kerberos_cname_string_item, + { "CNameString", "kerberos.CNameString", + FT_STRING, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_kerberos_sname_string, + { "sname-string", "kerberos.sname_string", + FT_UINT32, BASE_DEC, NULL, 0, + "SEQUENCE_OF_SNameString", HFILL }}, + { &hf_kerberos_sname_string_item, + { "SNameString", "kerberos.SNameString", + FT_STRING, BASE_NONE, NULL, 0, + NULL, HFILL }}, { &hf_kerberos_addr_type, { "addr-type", "kerberos.addr_type", FT_INT32, BASE_DEC, VALS(kerberos_ADDR_TYPE_vals), 0, @@ -4814,7 +4915,7 @@ void proto_register_kerberos(void) { { &hf_kerberos_sname, { "sname", "kerberos.sname_element", FT_NONE, BASE_NONE, NULL, 0, - "PrincipalName", HFILL }}, + NULL, HFILL }}, { &hf_kerberos_ticket_enc_part, { "enc-part", "kerberos.enc_part_element", FT_NONE, BASE_NONE, NULL, 0, @@ -4834,7 +4935,7 @@ void proto_register_kerberos(void) { { &hf_kerberos_cname, { "cname", "kerberos.cname_element", FT_NONE, BASE_NONE, NULL, 0, - "PrincipalName", HFILL }}, + NULL, HFILL }}, { &hf_kerberos_transited, { "transited", "kerberos.transited_element", FT_NONE, BASE_NONE, NULL, 0, @@ -5315,6 +5416,10 @@ void proto_register_kerberos(void) { &ett_kerberos_Applications, &ett_kerberos_PrincipalName, &ett_kerberos_SEQUENCE_OF_KerberosString, + &ett_kerberos_CName, + &ett_kerberos_SEQUENCE_OF_CNameString, + &ett_kerberos_SName, + &ett_kerberos_SEQUENCE_OF_SNameString, &ett_kerberos_HostAddress, &ett_kerberos_HostAddresses, &ett_kerberos_AuthorizationData, |