diff options
author | pascal <pascal@localhost> | 2012-04-25 21:02:48 +0000 |
---|---|---|
committer | pascal <pascal@localhost> | 2012-04-25 21:02:48 +0000 |
commit | f0a6f372aca6848cff23dd4e0ad8e1df7b035a3b (patch) | |
tree | 0496d1b9f1383b53d37a1811c5dd39e2bf34e4e3 /epan/dissectors/packet-rpc.c | |
parent | 7a15d6be8749eed8d8b77e98555eda6db08f6baf (diff) |
From Niels de Vos:
dissect AUTH_RSA as Gluster AUTH-flavor
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7190
svn path=/trunk/; revision=42244
Diffstat (limited to 'epan/dissectors/packet-rpc.c')
-rw-r--r-- | epan/dissectors/packet-rpc.c | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/epan/dissectors/packet-rpc.c b/epan/dissectors/packet-rpc.c index 039aeee290..2f0a671bc5 100644 --- a/epan/dissectors/packet-rpc.c +++ b/epan/dissectors/packet-rpc.c @@ -62,6 +62,11 @@ * RFC 2695, "Authentication Mechanisms for ONC RPC" * * although we don't currently dissect AUTH_DES or AUTH_KERB. + * + * RFC 5531, "Appendix C: Current Number Assignments" defines AUTH_RSA. + * AUTH_RSA is not implemented for any known RPC-protocols. The Gluster + * protocols (ab)use AUTH_RSA for their own AUTH-flavor. AUTH_RSA is + * therefore dissected as the inofficial AUTH_GLUSTER. */ /* desegmentation of RPC over TCP */ @@ -101,6 +106,7 @@ const value_string rpc_auth_flavor[] = { { AUTH_UNIX, "AUTH_UNIX" }, { AUTH_SHORT, "AUTH_SHORT" }, { AUTH_DES, "AUTH_DES" }, + { AUTH_RSA, "AUTH_RSA/Gluster" }, { RPCSEC_GSS, "RPCSEC_GSS" }, { AUTH_GSSAPI, "AUTH_GSSAPI" }, { RPCSEC_GSS_KRB5, "RPCSEC_GSS_KRB5" }, @@ -192,6 +198,8 @@ static int hf_rpc_auth_flavor = -1; static int hf_rpc_auth_length = -1; static int hf_rpc_auth_machinename = -1; static int hf_rpc_auth_stamp = -1; +static int hf_rpc_auth_lk_owner = -1; +static int hf_rpc_auth_pid = -1; static int hf_rpc_auth_uid = -1; static int hf_rpc_auth_gid = -1; static int hf_rpc_authgss_v = -1; @@ -1042,6 +1050,59 @@ dissect_rpc_authdes_cred(tvbuff_t* tvb, proto_tree* tree, int offset) } static int +dissect_rpc_authgluster_cred(tvbuff_t* tvb, proto_tree* tree, int offset) +{ + guint gids_count; + guint gids_i; + guint gids_entry; + proto_item *gitem = NULL; + proto_tree *gtree = NULL; + + offset = dissect_rpc_uint64(tvb, tree, hf_rpc_auth_lk_owner, offset); + offset = dissect_rpc_uint32(tvb, tree, hf_rpc_auth_pid, offset); + offset = dissect_rpc_uint32(tvb, tree, hf_rpc_auth_uid, offset); + offset = dissect_rpc_uint32(tvb, tree, hf_rpc_auth_gid, offset); + + gids_count = tvb_get_ntohl(tvb,offset); + if (tree) { + gitem = proto_tree_add_text(tree, tvb, offset, + 4+gids_count*4, "Auxiliary GIDs (%d)", gids_count); + gtree = proto_item_add_subtree(gitem, ett_rpc_gids); + } + offset += 4; + + /* first, open with [ */ + if (tree && gids_count > 0) + proto_item_append_text(gitem, " ["); + + for (gids_i = 0 ; gids_i < gids_count; gids_i++) { + gids_entry = tvb_get_ntohl(tvb,offset); + if (gtree) { + proto_tree_add_uint(gtree, hf_rpc_auth_gid, tvb, + offset, 4, gids_entry); + } + + /* add at most 16 GIDs to the text */ + if (tree && gids_i < 16) { + if (gids_i > 0) + proto_item_append_text(gitem, ", "); + + proto_item_append_text(gitem, "%d", gids_entry); + } else if (tree && gids_i == 16) { + proto_item_append_text(gitem, "..."); + } + offset += 4; + } + + /* finally, close with ] */ + if (tree && gids_count > 0) + proto_item_append_text(gitem, "]"); + + return offset; +} + + +static int dissect_rpc_authgssapi_cred(tvbuff_t* tvb, proto_tree* tree, int offset) { guint agc_v; @@ -1101,6 +1162,11 @@ dissect_rpc_cred(tvbuff_t* tvb, proto_tree* tree, int offset, dissect_rpc_authdes_cred(tvb, ctree, offset+8); break; + case AUTH_RSA: + /* AUTH_RSA is (ab)used by Gluster */ + dissect_rpc_authgluster_cred(tvb, ctree, offset+8); + break; + case RPCSEC_GSS: dissect_rpc_authgss_cred(tvb, ctree, offset+8, pinfo, rpc_conv_info); break; @@ -3774,6 +3840,12 @@ proto_register_rpc(void) { &hf_rpc_auth_stamp, { "Stamp", "rpc.auth.stamp", FT_UINT32, BASE_HEX, NULL, 0, NULL, HFILL }}, + { &hf_rpc_auth_lk_owner, { + "Lock Owner", "rpc.auth.lk_owner", FT_UINT64, BASE_DEC, + NULL, 0, NULL, HFILL }}, + { &hf_rpc_auth_pid, { + "PID", "rpc.auth.pid", FT_UINT32, BASE_DEC, + NULL, 0, NULL, HFILL }}, { &hf_rpc_auth_uid, { "UID", "rpc.auth.uid", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }}, |