diff options
| author | Michael Mann <mmann78@netscape.net> | 2015-11-27 10:59:09 -0500 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2015-11-28 09:20:27 +0000 |
| commit | 44d98dafd49f7133569f0d982ddf0746c230322f (patch) | |
| tree | 6d7cd14756c95c8a7fa246cd8df1cb36dad6edca /asn1 | |
| parent | 05121be1b4ea35257bfcd8ed38d2312b1519f370 (diff) | |
Remove the GSSAPI specific members out of packet_info structure.
The last piece was the NTLMSSP dissector and that is now handled by passing a pointer to a tvbuff* as dissector data for the NTLMSSP dissector to (possibly) "return" a tvbuff* with decrypted data.
Change-Id: I2606172e4d0ebb5fc6353921d5b5f41a4792f9e5
Reviewed-on: https://code.wireshark.org/review/12232
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'asn1')
| -rw-r--r-- | asn1/spnego/packet-spnego-template.c | 127 |
1 files changed, 12 insertions, 115 deletions
diff --git a/asn1/spnego/packet-spnego-template.c b/asn1/spnego/packet-spnego-template.c index 64e5accd64..cd25fdf6a4 100644 --- a/asn1/spnego/packet-spnego-template.c +++ b/asn1/spnego/packet-spnego-template.c @@ -170,28 +170,6 @@ dissect_spnego_krb5_cfx_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinf static int dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint16 token_id, gssapi_encrypt_info_t* gssapi_encrypt); - -/* XXX - This should be TEMPORARY until these members in are removed from packet_info */ -static void packet_info_to_gssapi_encrypt(packet_info *pinfo, gssapi_encrypt_info_t* encrypt_info) -{ - encrypt_info->decrypt_gssapi_tvb = pinfo->decrypt_gssapi_tvb; - encrypt_info->gssapi_wrap_tvb = pinfo->gssapi_wrap_tvb; - encrypt_info->gssapi_encrypted_tvb = pinfo->gssapi_encrypted_tvb; - encrypt_info->gssapi_decrypted_tvb = pinfo->gssapi_decrypted_tvb; - encrypt_info->gssapi_data_encrypted = pinfo->gssapi_data_encrypted; -} - -static void gssapi_encrypt_to_packet_info(packet_info *pinfo, gssapi_encrypt_info_t* encrypt_info) -{ - pinfo->decrypt_gssapi_tvb = encrypt_info->decrypt_gssapi_tvb; - pinfo->gssapi_wrap_tvb = encrypt_info->gssapi_wrap_tvb; - pinfo->gssapi_encrypted_tvb = encrypt_info->gssapi_encrypted_tvb; - pinfo->gssapi_decrypted_tvb = encrypt_info->gssapi_decrypted_tvb; - pinfo->gssapi_data_encrypted = encrypt_info->gssapi_data_encrypted; -} - - - static int dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) { @@ -206,7 +184,6 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* d gint32 tag; guint32 len; gssapi_encrypt_info_t* encrypt_info = (gssapi_encrypt_info_t*)data; - gssapi_encrypt_info_t pass_encrypt_info; asn1_ctx_t asn1_ctx; asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); @@ -310,28 +287,7 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* d break; case KRB_TOKEN_WRAP: - /* XXX - This is setup to hopefully remove the need for these members in packet_info - * If data is supplied to dissector, use it. Otherwise convert to packet_info - */ - if (encrypt_info != NULL) - { - pass_encrypt_info = *encrypt_info; - } - else - { - packet_info_to_gssapi_encrypt(pinfo, &pass_encrypt_info); - } - - offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree, token_id, &pass_encrypt_info); - - if (encrypt_info != NULL) - { - *encrypt_info = pass_encrypt_info; - } - else - { - gssapi_encrypt_to_packet_info(pinfo, &pass_encrypt_info); - } + offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info); break; case KRB_TOKEN_DELETE_SEC_CONTEXT: @@ -343,28 +299,7 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* d break; case KRB_TOKEN_CFX_WRAP: - /* XXX - This is setup to hopefully remove the need for these members in packet_info - * If data is supplied to dissector, use it. Otherwise convert to packet_info - */ - if (encrypt_info != NULL) - { - pass_encrypt_info = *encrypt_info; - } - else - { - packet_info_to_gssapi_encrypt(pinfo, &pass_encrypt_info); - } - - offset = dissect_spnego_krb5_cfx_wrap_base(tvb, offset, pinfo, subtree, token_id, &pass_encrypt_info); - - if (encrypt_info != NULL) - { - *encrypt_info = pass_encrypt_info; - } - else - { - gssapi_encrypt_to_packet_info(pinfo, &pass_encrypt_info); - } + offset = dissect_spnego_krb5_cfx_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info); break; default: @@ -869,11 +804,12 @@ dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo } /* Is the data encrypted? */ - gssapi_encrypt->gssapi_data_encrypted=(seal_alg!=KRB_SEAL_ALG_NONE); + if (gssapi_encrypt != NULL) + gssapi_encrypt->gssapi_data_encrypted=(seal_alg!=KRB_SEAL_ALG_NONE); #ifdef HAVE_KERBEROS #define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32 - if(gssapi_encrypt->decrypt_gssapi_tvb){ + if(gssapi_encrypt && gssapi_encrypt->decrypt_gssapi_tvb){ /* if the caller did not provide a tvb, then we just use whatever is left of our current tvb. */ @@ -1041,7 +977,8 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo flags = tvb_get_guint8(tvb, offset); offset = dissect_spnego_krb5_cfx_flags(tvb, offset, tree, flags); - gssapi_encrypt->gssapi_data_encrypted=(flags & 2); + if (gssapi_encrypt != NULL) + gssapi_encrypt->gssapi_data_encrypted=(flags & 2); /* Skip the filler */ @@ -1069,6 +1006,9 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo ENC_BIG_ENDIAN); offset += 8; + if (gssapi_encrypt == NULL) /* Probably shoudn't happen, but just protect ourselves */ + return offset; + /* Checksum of plaintext padded data */ if (gssapi_encrypt->gssapi_data_encrypted) { @@ -1254,7 +1194,6 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree int offset = 0; guint16 token_id; gssapi_encrypt_info_t* encrypt_info = (gssapi_encrypt_info_t*)data; - gssapi_encrypt_info_t pass_encrypt_info; item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, 0, -1, ENC_NA); @@ -1280,28 +1219,7 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree break; case KRB_TOKEN_WRAP: - /* XXX - This is setup to hopefully remove the need for these members in packet_info - * If data is supplied to dissector, use it. Otherwise convert to packet_info - */ - if (encrypt_info != NULL) - { - pass_encrypt_info = *encrypt_info; - } - else - { - packet_info_to_gssapi_encrypt(pinfo, &pass_encrypt_info); - } - - offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree, token_id, &pass_encrypt_info); - - if (encrypt_info != NULL) - { - *encrypt_info = pass_encrypt_info; - } - else - { - gssapi_encrypt_to_packet_info(pinfo, &pass_encrypt_info); - } + offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info); break; case KRB_TOKEN_CFX_GETMIC: @@ -1309,28 +1227,7 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree break; case KRB_TOKEN_CFX_WRAP: - /* XXX - This is setup to hopefully remove the need for these members in packet_info - * If data is supplied to dissector, use it. Otherwise convert to packet_info - */ - if (encrypt_info != NULL) - { - pass_encrypt_info = *encrypt_info; - } - else - { - packet_info_to_gssapi_encrypt(pinfo, &pass_encrypt_info); - } - - offset = dissect_spnego_krb5_cfx_wrap_base(tvb, offset, pinfo, subtree, token_id, &pass_encrypt_info); - - if (encrypt_info != NULL) - { - *encrypt_info = pass_encrypt_info; - } - else - { - gssapi_encrypt_to_packet_info(pinfo, &pass_encrypt_info); - } + offset = dissect_spnego_krb5_cfx_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info); break; default: |