diff options
| author | David Fort <contact@hardening-consulting.com> | 2021-06-30 16:18:27 +0200 |
|---|---|---|
| committer | Wireshark GitLab Utility <gerald+gitlab-utility@wireshark.org> | 2021-07-01 07:18:16 +0000 |
| commit | 3874621667caf3de55d28b564458a42053c8f130 (patch) | |
| tree | 9134fd30770b5e5dd88bf9dd1a65cd98fac1d487 /epan/dissectors | |
| parent | d9328a98396d18dfa1ecea2e60925f32ffbc2a9c (diff) | |
spnego: also interpret the mechList field
In NegTokenTarg the mechListMIC field can be dissected using the gss_wrap dissector.
Diffstat (limited to 'epan/dissectors')
| -rw-r--r-- | epan/dissectors/asn1/spnego/packet-spnego-template.c | 2 | ||||
| -rw-r--r-- | epan/dissectors/asn1/spnego/spnego.cnf | 23 | ||||
| -rw-r--r-- | epan/dissectors/packet-spnego.c | 43 |
3 files changed, 65 insertions, 3 deletions
diff --git a/epan/dissectors/asn1/spnego/packet-spnego-template.c b/epan/dissectors/asn1/spnego/packet-spnego-template.c index a4f9a50009..ce46efdb58 100644 --- a/epan/dissectors/asn1/spnego/packet-spnego-template.c +++ b/epan/dissectors/asn1/spnego/packet-spnego-template.c @@ -84,7 +84,7 @@ static dissector_handle_t spnego_krb5_handle; static dissector_handle_t spnego_krb5_wrap_handle; /* - * Unfortunately, we have to have forward declarations of thess, + * Unfortunately, we have to have forward declarations of these, * as the code generated by asn2wrs includes a call before the * definition. */ diff --git a/epan/dissectors/asn1/spnego/spnego.cnf b/epan/dissectors/asn1/spnego/spnego.cnf index 9974795e67..518165eac9 100644 --- a/epan/dissectors/asn1/spnego/spnego.cnf +++ b/epan/dissectors/asn1/spnego/spnego.cnf @@ -176,6 +176,29 @@ NegotiationToken } } + +#.FN_BODY NegTokenTarg/mechListMIC VAL_PTR = &mechListMIC_tvb + + tvbuff_t *mechListMIC_tvb; + + +%(DEFAULT_BODY)s + + + /* + * Now, we should be able to dispatch, if we've gotten a tvbuff for + * the token and we have information on how to dissect its contents. + * However, we should make sure that there is something in the + * response token ... + */ + if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){ + gssapi_oid_value *value=next_level_value; + + if(value){ + call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree); + } + } + #.END # diff --git a/epan/dissectors/packet-spnego.c b/epan/dissectors/packet-spnego.c index 1cb06cc9b7..475ec6dc7e 100644 --- a/epan/dissectors/packet-spnego.c +++ b/epan/dissectors/packet-spnego.c @@ -85,6 +85,7 @@ static int hf_spnego_negHints = -1; /* NegHints */ static int hf_spnego_negResult = -1; /* T_negResult */ static int hf_spnego_supportedMech = -1; /* T_supportedMech */ static int hf_spnego_responseToken = -1; /* T_responseToken */ +static int hf_spnego_mechListMIC_01 = -1; /* T_mechListMIC */ static int hf_spnego_thisMech = -1; /* MechType */ static int hf_spnego_innerContextToken = -1; /* InnerContextToken */ /* named bits */ @@ -134,7 +135,7 @@ static dissector_handle_t spnego_krb5_handle; static dissector_handle_t spnego_krb5_wrap_handle; /* - * Unfortunately, we have to have forward declarations of thess, + * Unfortunately, we have to have forward declarations of these, * as the code generated by asn2wrs includes a call before the * definition. */ @@ -388,6 +389,40 @@ dissect_spnego_T_responseToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int + + return offset; +} + + + +static int +dissect_spnego_T_mechListMIC(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +#line 181 "./asn1/spnego/spnego.cnf" + + tvbuff_t *mechListMIC_tvb; + + + offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, + &mechListMIC_tvb); + + + + /* + * Now, we should be able to dispatch, if we've gotten a tvbuff for + * the token and we have information on how to dissect its contents. + * However, we should make sure that there is something in the + * response token ... + */ + if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){ + gssapi_oid_value *value=next_level_value; + + if(value){ + call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree); + } + } + + + return offset; } @@ -396,7 +431,7 @@ static const ber_sequence_t NegTokenTarg_sequence[] = { { &hf_spnego_negResult , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_spnego_T_negResult }, { &hf_spnego_supportedMech, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_spnego_T_supportedMech }, { &hf_spnego_responseToken, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_spnego_T_responseToken }, - { &hf_spnego_mechListMIC , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_OCTET_STRING }, + { &hf_spnego_mechListMIC_01, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_T_mechListMIC }, { NULL, 0, 0, 0, NULL } }; @@ -1901,6 +1936,10 @@ void proto_register_spnego(void) { { "responseToken", "spnego.responseToken", FT_BYTES, BASE_NONE, NULL, 0, NULL, HFILL }}, + { &hf_spnego_mechListMIC_01, + { "mechListMIC", "spnego.mechListMIC", + FT_BYTES, BASE_NONE, NULL, 0, + NULL, HFILL }}, { &hf_spnego_thisMech, { "thisMech", "spnego.thisMech", FT_OID, BASE_NONE, NULL, 0, |