diff options
author | Stefan Metzmacher <metze@samba.org> | 2019-12-24 01:38:39 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2020-01-22 18:22:30 +0000 |
commit | 560f1209467c38851690ddd9539dcd5a39ad030d (patch) | |
tree | 7412682a13ed769862d6df1a78ccbea1e19453fe /epan/dissectors/packet-spnego.c | |
parent | b0d959eef80bf311a59f1949f8fc11ac64a97178 (diff) |
packet-spnego: make use of decrypt_krb5_krb_cfx_dce()
This commit will finally allow the decryption of DCERPC
traffic with AES-keys and header signing.
Change-Id: I3a76541493976c9f4d3d228757e8fe0e08a0f02c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35711
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-spnego.c')
-rw-r--r-- | epan/dissectors/packet-spnego.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/epan/dissectors/packet-spnego.c b/epan/dissectors/packet-spnego.c index 1481680b02..a0b0540eec 100644 --- a/epan/dissectors/packet-spnego.c +++ b/epan/dissectors/packet-spnego.c @@ -1113,7 +1113,7 @@ decrypt_gssapi_krb_cfx_wrap(proto_tree *tree, packet_info *pinfo, tvbuff_t *checksum_tvb, gssapi_encrypt_info_t* gssapi_encrypt, - guint16 ec, + guint16 ec _U_, guint16 rrc, int keytype, unsigned int usage) @@ -1128,6 +1128,21 @@ decrypt_gssapi_krb_cfx_wrap(proto_tree *tree, return; } + if (gssapi_encrypt->decrypt_gssapi_tvb==DECRYPT_GSSAPI_DCE) { + tvbuff_t *out_tvb = NULL; + + out_tvb = decrypt_krb5_krb_cfx_dce(tree, pinfo, usage, keytype, + gssapi_encrypt->gssapi_header_tvb, + gssapi_encrypt->gssapi_encrypted_tvb, + gssapi_encrypt->gssapi_trailer_tvb, + checksum_tvb); + if (out_tvb) { + gssapi_encrypt->gssapi_decrypted_tvb = out_tvb; + add_new_data_source(pinfo, gssapi_encrypt->gssapi_decrypted_tvb, "Decrypted GSS-Krb5 CFX DCE"); + } + return; + } + datalen = tvb_captured_length(checksum_tvb) + tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb); rotated = (guint8 *)wmem_alloc(pinfo->pool, datalen); @@ -1136,10 +1151,6 @@ decrypt_gssapi_krb_cfx_wrap(proto_tree *tree, tvb_memcpy(gssapi_encrypt->gssapi_encrypted_tvb, rotated + tvb_captured_length(checksum_tvb), 0, tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb)); - if (gssapi_encrypt->decrypt_gssapi_tvb==DECRYPT_GSSAPI_DCE) { - rrc += ec; - } - rrc_rotate(rotated, datalen, rrc, TRUE); next_tvb=tvb_new_child_real_data(gssapi_encrypt->gssapi_encrypted_tvb, rotated, @@ -1922,7 +1933,7 @@ void proto_register_spnego(void) { NULL, HFILL }}, /*--- End of included file: packet-spnego-hfarr.c ---*/ -#line 1377 "./asn1/spnego/packet-spnego-template.c" +#line 1388 "./asn1/spnego/packet-spnego-template.c" }; /* List of subtrees */ @@ -1945,7 +1956,7 @@ void proto_register_spnego(void) { &ett_spnego_InitialContextToken_U, /*--- End of included file: packet-spnego-ettarr.c ---*/ -#line 1387 "./asn1/spnego/packet-spnego-template.c" +#line 1398 "./asn1/spnego/packet-spnego-template.c" }; static ei_register_info ei[] = { |