Commit some more changes ... getting closer ...

svn path=/trunk/; revision=6106

1 files changed, 171 insertions, 73 deletions

diff --git a/packet-spnego.c b/packet-spnego.c
index 919920f2e4..e88da43af8 100644
--- a/packet-spnego.c
+++ b/packet-spnego.c
@@ -1,9 +1,10 @@
-/* packet-snego.c
+/* packet-spnego.c
  * Routines for the simple and protected GSS-API negotiation mechanism
  * as described in rfc2478.
  * Copyright 2002, Tim Potter <tpot@samba.org>
+ * Copyright 2002, Richard Sharpe <rsharpe@ns.aus.com>
  *
- * $Id: packet-spnego.c,v 1.2 2002/08/27 23:21:53 sharpe Exp $
+ * $Id: packet-spnego.c,v 1.3 2002/08/28 00:19:10 sharpe Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
@@ -40,9 +41,25 @@
 
 #include "packet-gssapi.h"
 
+#define SPNEGO_negTokenInit 0
+#define SPNEGO_negTokenTarg 1
+#define SPNEGO_mechTypes 0
+#define SPNEGO_reqFlags 1
+#define SPNEGO_mechToken 2
+#define SPNEGO_mechListMIC 3
+#define SPNEGO_negResult 0
+#define SPNEGO_accept_completed 0
+#define SPNEGO_accept_incomplete 1
+#define SPNEGO_reject 2
+#define SPNEGO_supportedMech 1
+#define SPNEGO_responseToken 2
+#define SPNEGO_mechListMIC 3
+
 static int proto_spnego = -1;
 
 static int hf_spnego = -1;
+static int hf_spnego_neg_token_init = -1;
+static int hf_spnego_neg_token_targ = -1; 
 
 static gint ett_spnego = -1;
 
@@ -71,13 +88,11 @@ dissect_parse_error(tvbuff_t *tvb, int offset, packet_info *pinfo,
 }
 
 static void
-dissect_spnego(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
+dissect_spnego_negTokenInit(tvbuff_t *tvb, packet_info *pinfo _U_, 
+			    proto_tree *tree, ASN1_SCK *hnd)
 {
 	proto_item *item;
 	proto_tree *subtree;
-	int length = tvb_length_remaining(tvb, 0);
-	int ret, offset = 0;
-	ASN1_SCK hnd;
 	gboolean def;
 	guint len1, len, cls, con, tag, nbytes;
 	subid_t *oid;
@@ -86,55 +101,27 @@ dissect_spnego(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
 	gchar *oid_string;
 	proto_item *sub_item;
 	proto_tree *oid_subtree;
-
-	item = proto_tree_add_item(
-		tree, hf_spnego, tvb, offset, length, FALSE);
-
-	subtree = proto_item_add_subtree(item, ett_spnego);
+	int ret, offset = 0;
 
 	/*
-	 * The TVB contains a [0] header and a sequence that consists of an 
-	 * object ID and a blob containing the data ...
-	 * Actually, it contains, according to RFC2478:
-         * NegotiationToken ::= CHOICE { 
-	 *          negTokenInit [0] NegTokenInit, 
-	 *          negTokenTarg [1] NegTokenTarg } 
+	 * Here is what we need to get ...
 	 * NegTokenInit ::= SEQUENCE { 
 	 *          mechTypes [0] MechTypeList OPTIONAL, 
 	 *          reqFlags [1] ContextFlags OPTIONAL, 
 	 *          mechToken [2] OCTET STRING OPTIONAL, 
 	 *          mechListMIC [3] OCTET STRING OPTIONAL } 
-         * NegTokenTarg ::= SEQUENCE { 
-	 *          negResult [0] ENUMERATED { 
-	 *              accept_completed (0), 
-	 *              accept_incomplete (1), 
-	 *              reject (2) } OPTIONAL, 
-         *          supportedMech [1] MechType OPTIONAL, 
-         *          responseToken [2] OCTET STRING OPTIONAL, 
-         *          mechListMIC [3] OCTET STRING OPTIONAL }
-         * 
-	 * Windows typically includes mechTypes and mechListMic ('NONE' 
-	 * in the case of NTLMSSP only).
-         * It seems to duplicate the responseToken into the mechListMic field
-         * as well. Naughty, naughty.
-         *
-         * FIXME, the following code is broken so far.
-	 */
-	asn1_open(&hnd, tvb, offset);
 
-	/*
-	 * Get the first header ... 
 	 */
 
-	ret = asn1_header_decode(&hnd, &cls, &con, &tag, &def, &len1);
+ 	ret = asn1_header_decode(hnd, &cls, &con, &tag, &def, &len1);
 
 	if (ret != ASN1_ERR_NOERROR) {
 		dissect_parse_error(tvb, offset, pinfo, subtree,
-				    "SPNEGO context header", ret);
+				    "SPNEGO sequence header", ret);
 		goto done;
 	}
 
-	if (!(cls == ASN1_CTX && con == ASN1_CON && tag == 0)) {
+	if (!(cls == ASN1_UNI && con == ASN1_CON && tag == ASN1_SEQ)) {
 		proto_tree_add_text(
 			subtree, tvb, offset, 0,
 			"Unknown header (cls=%d, con=%d, tag=%d)",
@@ -142,51 +129,63 @@ dissect_spnego(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
 		goto done;
 	}
 
-	/*
-	 * Get the sequence next ...
-	 */
+	while (len1) {
 
-	ret = asn1_header_decode(&hnd, &cls, &con, &tag, &def, &len1);
+	  /*
+	   * Another context header ... It could be MechTypeList, but that
+	   * is optional, Hmmm ... what if it was empty?
+	   */
 
-	if (ret != ASN1_ERR_NOERROR) {
-		dissect_parse_error(tvb, offset, pinfo, subtree,
-				    "SPNEGO sequence header", ret);
-		goto done;
-	}
+	  ret = asn1_header_decode(hnd, &cls, &con, &tag, &def, &len);
 
-	if (!(cls == ASN1_UNI && con == ASN1_CON && tag == ASN1_SEQ)) {
-		proto_tree_add_text(
-			subtree, tvb, offset, 0,
-			"Unknown header (cls=%d, con=%d, tag=%d)",
-			cls, con, tag);
-		goto done;
-	}
+	  if (ret != ASN1_ERR_NOERROR) {
+	    dissect_parse_error(tvb, offset, pinfo, subtree,
+				"SPNEGO context header", ret);
+	    goto done;
+	  }
 
-	/*
-	 * Another context header ... this is but ugly
-	 */
+	  if (!(cls == ASN1_CTX && con == ASN1_CON && tag == 0)) {
+	    proto_tree_add_text(
+				subtree, tvb, offset, 0,
+				"Unknown header (cls=%d, con=%d, tag=%d)",
+				cls, con, tag);
+	    goto done;
+	  }
 
-	ret = asn1_header_decode(&hnd, &cls, &con, &tag, &def, &len1);
+	  /* Should be one of the fields */
 
-	if (ret != ASN1_ERR_NOERROR) {
-		dissect_parse_error(tvb, offset, pinfo, subtree,
-				    "SPNEGO context header", ret);
-		goto done;
-	}
+	  switch (tag) {
+
+	  case SPNEGO_mechTypes:
+
+	    break;
+
+	  case SPNEGO_reqFlags:
+
+	    break;
+
+	  case SPNEGO_mechToken:
+
+	    break;
+
+	  case SPNEGO_mechListMIC:
+
+	    break;
+
+	  default:
+
+	    break;
+	  }
+
+	  len1 -= len;
 
-	if (!(cls == ASN1_CTX && con == ASN1_CON && tag == 0)) {
-		proto_tree_add_text(
-			subtree, tvb, offset, 0,
-			"Unknown header (cls=%d, con=%d, tag=%d)",
-			cls, con, tag);
-		goto done;
 	}
 
 	/* 
 	 * Last sequence header and then the ObjID.
 	 */
 
-	ret = asn1_header_decode(&hnd, &cls, &con, &tag, &def, &len1);
+	ret = asn1_header_decode(hnd, &cls, &con, &tag, &def, &len1);
 
 	if (ret != ASN1_ERR_NOERROR) {
 		dissect_parse_error(tvb, offset, pinfo, subtree,
@@ -202,13 +201,13 @@ dissect_spnego(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
 		goto done;
 	}
 
-	offset = hnd.offset;
+	offset = hnd->offset;
 
 	/*
 	 * Now, the object ID ... 
 	 */
 
-	ret = asn1_oid_decode(&hnd, &oid, &len, &nbytes);
+	ret = asn1_oid_decode(hnd, &oid, &len, &nbytes);
 
 	if (ret != ASN1_ERR_NOERROR) {
 		dissect_parse_error(tvb, offset, pinfo, subtree,
@@ -254,6 +253,105 @@ dissect_spnego(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
 	}
 
  done:
+} 
+
+static void
+dissect_spnego_negTokenTarg(tvbuff_t *tvb, packet_info *pinfo _U_, 
+			    proto_tree *tree)
+
+{
+	proto_item *item;
+	proto_tree *subtree;
+
+}
+
+static void
+dissect_spnego(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
+{
+	proto_item *item;
+	proto_tree *subtree;
+	int length = tvb_length_remaining(tvb, 0);
+	int ret, offset = 0;
+	ASN1_SCK hnd;
+	gboolean def;
+	guint len1, len, cls, con, tag, nbytes;
+
+	item = proto_tree_add_item(
+		tree, hf_spnego, tvb, offset, length, FALSE);
+
+	subtree = proto_item_add_subtree(item, ett_spnego);
+
+	/*
+	 * The TVB contains a [0] header and a sequence that consists of an 
+	 * object ID and a blob containing the data ...
+	 * Actually, it contains, according to RFC2478:
+         * NegotiationToken ::= CHOICE { 
+	 *          negTokenInit [0] NegTokenInit, 
+	 *          negTokenTarg [1] NegTokenTarg } 
+	 * NegTokenInit ::= SEQUENCE { 
+	 *          mechTypes [0] MechTypeList OPTIONAL, 
+	 *          reqFlags [1] ContextFlags OPTIONAL, 
+	 *          mechToken [2] OCTET STRING OPTIONAL, 
+	 *          mechListMIC [3] OCTET STRING OPTIONAL } 
+         * NegTokenTarg ::= SEQUENCE { 
+	 *          negResult [0] ENUMERATED { 
+	 *              accept_completed (0), 
+	 *              accept_incomplete (1), 
+	 *              reject (2) } OPTIONAL, 
+         *          supportedMech [1] MechType OPTIONAL, 
+         *          responseToken [2] OCTET STRING OPTIONAL, 
+         *          mechListMIC [3] OCTET STRING OPTIONAL }
+         * 
+	 * Windows typically includes mechTypes and mechListMic ('NONE' 
+	 * in the case of NTLMSSP only).
+         * It seems to duplicate the responseToken into the mechListMic field
+         * as well. Naughty, naughty.
+         *
+         * FIXME, the following code is broken so far.
+	 */
+	asn1_open(&hnd, tvb, offset);
+
+	/*
+	 * Get the first header ... 
+	 */
+
+	ret = asn1_header_decode(&hnd, &cls, &con, &tag, &def, &len1);
+
+	if (ret != ASN1_ERR_NOERROR) {
+		dissect_parse_error(tvb, offset, pinfo, subtree,
+				    "SPNEGO context header", ret);
+		goto done;
+	}
+
+	if (!(cls == ASN1_CTX && con == ASN1_CON && tag == 0)) {
+		proto_tree_add_text(
+			subtree, tvb, offset, 0,
+			"Unknown header (cls=%d, con=%d, tag=%d)",
+			cls, con, tag);
+		goto done;
+	}
+
+	/* 
+	 * The Tag is one of negTokenInit or negTokenTarg
+	 */
+
+	switch (tag) {
+
+	case SPNEGO_negTokenInit:
+
+	  break;
+
+	case SPNEGO_negTokenTarg:
+
+	  break;
+
+	default: /* Broken, what to do? */
+
+	  break;
+	}
+
+
+ done:
 	asn1_close(&hnd, &offset);
 
 }