diff options
| author | Isaac Boukris <iboukris@gmail.com> | 2018-12-04 03:30:56 +0200 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2018-12-04 07:49:26 +0000 |
| commit | 453e72299c9d18b5e2adaea90e62e96e16b1cac6 (patch) | |
| tree | 066128bd509de64f7a773299def51a576d6dd1ce /epan/dissectors/asn1/kerberos/kerberos.cnf | |
| parent | 9cba325fc8d6367d7e0d2fd6788c685da63f419f (diff) | |
krb5: do not dissect PA-S4U-X509-USER inside encrypted-pa-data
According to MS-SFU 2.2.2 PA_S4U_X509_USER checksum section;
PA-S4U-X509-USER may be returned inside encrypted-pa-data, but
it contains just the checksum data so do not try to dissect it.
Quote:
The padata of type 130 in the encrypted-pa-data field contains
the checksum value in the S4U request concatenated with the
checksum value in the S4U reply.
Change-Id: Ia124f56914ef2fefd5b0a64fccd176911321f246
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-on: https://code.wireshark.org/review/30908
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/asn1/kerberos/kerberos.cnf')
| -rw-r--r-- | epan/dissectors/asn1/kerberos/kerberos.cnf | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/epan/dissectors/asn1/kerberos/kerberos.cnf b/epan/dissectors/asn1/kerberos/kerberos.cnf index dadbddd92a..93667cdce2 100644 --- a/epan/dissectors/asn1/kerberos/kerberos.cnf +++ b/epan/dissectors/asn1/kerberos/kerberos.cnf @@ -157,7 +157,11 @@ guint32 msgtype; offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U2Self); break; case KRB5_PADATA_S4U_X509_USER: - offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U_X509_USER); + if(!private_data->is_enc_padata) { + offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U_X509_USER); + }else{ + offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, NULL); + } break; case KRB5_PA_PROV_SRV_LOCATION: offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PA_PROV_SRV_LOCATION); @@ -410,6 +414,13 @@ AuthorizationData/_item/ad-type STRINGS=VALS(krb5_ad_types) call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA, (kerberos_callbacks*)actx->private_data); } +#.FN_HDR EncKDCRepPart/encrypted-pa-data + kerberos_private_data_t* private_data = kerberos_get_private_data(actx); + private_data->is_enc_padata = TRUE; + +#.FN_FTR EncKDCRepPart/encrypted-pa-data + private_data->is_enc_padata = FALSE; + #.FN_HDR AS-REQ kerberos_private_data_t* private_data = kerberos_get_private_data(actx); private_data->is_request = TRUE; |