diff options
| author | Bill Meier <wmeier@newsguy.com> | 2010-05-11 14:34:16 +0000 |
|---|---|---|
| committer | Bill Meier <wmeier@newsguy.com> | 2010-05-11 14:34:16 +0000 |
| commit | 2af17da2c106c15df30c44d0cf4ae48e21a106df (patch) | |
| tree | f1bf7b4ac4c776d93a9d325bfc6c7e73dc3c559f /epan/dissectors/packet-kerberos.c | |
| parent | beca46d33b5688ecc3a3971589d35e722e4f8951 (diff) | |
Fix handling of pa-data-type KRB5_PA_PAC_REQUEST (& KRB5_PA_S4U2SELF).
-Define pa-data-type KRB5_PA_PAC_REQUEST properly so that it is recognized.
Fixes bug #4752 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4752)
-Also revert definition of KRB5_PA_S4U2SELF (to be a positive number).
(All of the above reverts part of SVN #31400).
-Display pa-data-type as FT_INT32.
-Display the value for pa-data-type KRB5_PA_PAC_REQUEST as Boolean (not Int).
svn path=/trunk/; revision=32752
Diffstat (limited to 'epan/dissectors/packet-kerberos.c')
| -rw-r--r-- | epan/dissectors/packet-kerberos.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/epan/dissectors/packet-kerberos.c b/epan/dissectors/packet-kerberos.c index c2a458ce6c..430e817453 100644 --- a/epan/dissectors/packet-kerberos.c +++ b/epan/dissectors/packet-kerberos.c @@ -1029,7 +1029,7 @@ g_warning("woohoo decrypted keytype:%d in frame:%u\n", keytype, pinfo->fd->num); #define KRB5_CHKSUM_KRB_DES_MAC_K 5 #define KRB5_CHKSUM_MD5 7 #define KRB5_CHKSUM_MD5_DES 8 -/* the following four comes from packetcable */ +/* the following four come from packetcable */ #define KRB5_CHKSUM_MD5_DES3 9 #define KRB5_CHKSUM_HMAC_SHA1_DES3_KD 12 #define KRB5_CHKSUM_HMAC_SHA1_DES3 13 @@ -1089,11 +1089,15 @@ g_warning("woohoo decrypted keytype:%d in frame:%u\n", keytype, pinfo->fd->num); /* preauthentication types >127 (i.e. negative ones) are app specific. Hopefully there will be no collisions here or we will have to come up with something better. - Note: These values are compared against 32-bit values in the code. + XXX: Although KRB5_PA_PAC_REQUEST is " >127 " and thus presumably + would be encoded as a negative number, various captures seen all + have this pa-data-type encoded as a positive number (0x0080). + We'll assume that KRB5_PA_S4U2SELF is also encoded as a positive number. */ -#define KRB5_PA_PAC_REQUEST -128 /* = 0xFFFFFF80 = (gint32)((gint8)0x80) MS extension */ -#define KRB5_PA_S4U2SELF -127 /* = 0xFFFFFF81 = (gint32)((gint8)0x81) Impersonation (Microsoft extension) */ -#define KRB5_PA_PROV_SRV_LOCATION -1 /* = 0xFFFFFFFF = (gint32)((gint8)0xFF) packetcable stuff */ +#define KRB5_PA_PAC_REQUEST 128 /* (Microsoft extension) */ +#define KRB5_PA_S4U2SELF 129 /* Impersonation (Microsoft extension) */ + +#define KRB5_PA_PROV_SRV_LOCATION 0xffffffff /* (gint32)0xFF) packetcable stuff */ /* Principal name-type */ #define KRB5_NT_UNKNOWN 0 @@ -5140,7 +5144,7 @@ proto_register_kerberos(void) "Signature", "kerberos.pac.signature.signature", FT_BYTES, BASE_NONE, NULL, 0, "A PAC signature blob", HFILL }}, { &hf_krb_PA_DATA_type, { - "Type", "kerberos.padata.type", FT_INT8, BASE_DEC, + "Type", "kerberos.padata.type", FT_INT32, BASE_DEC, VALS(krb5_preauthentication_types), 0, "Type of preauthentication data", HFILL }}, { &hf_krb_nonce, { "Nonce", "kerberos.nonce", FT_UINT32, BASE_DEC, @@ -5251,7 +5255,7 @@ proto_register_kerberos(void) "TransitedEncoding", "kerberos.TransitedEncoding", FT_NONE, BASE_NONE, NULL, 0, "This is a Kerberos TransitedEncoding sequence", HFILL }}, { &hf_krb_PA_PAC_REQUEST_flag, { - "PAC Request", "kerberos.pac_request.flag", FT_UINT32, BASE_DEC, + "PAC Request", "kerberos.pac_request.flag", FT_BOOLEAN, 32, NULL, 0, "This is a MS PAC Request Flag", HFILL }}, { &hf_krb_w2k_pac_entries, { "Num Entries", "kerberos.pac.entries", FT_UINT32, BASE_DEC, |