aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--packet-dcerpc-krb5rpc.c6
-rw-r--r--packet-kerberos.c42
-rw-r--r--packet-kerberos.h18
-rw-r--r--packet-kpasswd.c6
-rw-r--r--packet-pktc.c87
-rw-r--r--packet-spnego.c6
-rw-r--r--packet-telnet.c6
7 files changed, 142 insertions, 29 deletions
diff --git a/packet-dcerpc-krb5rpc.c b/packet-dcerpc-krb5rpc.c
index e82ee3fe03..390d7ee8f8 100644
--- a/packet-dcerpc-krb5rpc.c
+++ b/packet-dcerpc-krb5rpc.c
@@ -5,7 +5,7 @@
* This information is based off the released idl files from opengroup.
* ftp://ftp.opengroup.org/pub/dce122/dce/src/security.tar.gz security/idl/krb5rpc.idl
*
- * $Id: packet-dcerpc-krb5rpc.c,v 1.8 2004/01/27 04:15:48 guy Exp $
+ * $Id: packet-dcerpc-krb5rpc.c,v 1.9 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -94,7 +94,7 @@ krb5rpc_dissect_sendto_kdc_rqst (tvbuff_t * tvb, int offset,
remain = tvb_length_remaining(tvb, offset);
krb5_tvb = tvb_new_subset (tvb, offset, remain, remain);
- offset = dissect_kerberos_main (krb5_tvb, pinfo, subtree, TRUE);
+ offset = dissect_kerberos_main (krb5_tvb, pinfo, subtree, TRUE, NULL);
return offset;
@@ -140,7 +140,7 @@ krb5rpc_dissect_sendto_kdc_resp (tvbuff_t * tvb, int offset,
remain = tvb_length_remaining(tvb, offset);
krb5_tvb = tvb_new_subset (tvb, offset, remain, remain);
- offset = dissect_kerberos_main (krb5_tvb, pinfo, subtree, TRUE);
+ offset = dissect_kerberos_main (krb5_tvb, pinfo, subtree, TRUE, NULL);
offset += 16; /* no idea what this is, probably just extended encrypted text. */
return offset;
diff --git a/packet-kerberos.c b/packet-kerberos.c
index 3e72d58310..4740cba2d9 100644
--- a/packet-kerberos.c
+++ b/packet-kerberos.c
@@ -23,7 +23,7 @@
*
* Some structures from RFC2630
*
- * $Id: packet-kerberos.c,v 1.67 2004/05/27 08:22:04 sahlberg Exp $
+ * $Id: packet-kerberos.c,v 1.68 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -58,6 +58,7 @@
#include <epan/strutil.h>
+#include "packet-kerberos.h"
#include "packet-netbios.h"
#include "packet-tcp.h"
#include "prefs.h"
@@ -260,7 +261,24 @@ guint32 krb5_errorcode;
static int do_col_info;
+static void
+call_kerberos_callbacks(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int tag)
+{
+ kerberos_callbacks *cb=(kerberos_callbacks *)pinfo->private_data;
+
+ if(!cb){
+ return;
+ }
+ while(cb->tag){
+ if(cb->tag==tag){
+ cb->callback(pinfo, tvb, tree);
+ return;
+ }
+ cb++;
+ }
+ return;
+}
@@ -2488,7 +2506,9 @@ dissect_krb5_PRIV(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offse
static int
dissect_krb5_SAFE_BODY_user_data(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset)
{
- offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_SAFE_BODY_user_data, NULL);
+ tvbuff_t *new_tvb;
+ offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_SAFE_BODY_user_data, &new_tvb);
+ call_kerberos_callbacks(pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA);
return offset;
}
static int
@@ -3167,7 +3187,8 @@ static void dissect_kerberos_tcp(tvbuff_t *tvb, packet_info *pinfo,
proto_tree *tree);
static gint dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo,
proto_tree *tree, int do_col_info,
- gboolean have_rm);
+ gboolean have_rm,
+ kerberos_callbacks *cb);
static gint kerberos_rm_to_reclen(guint krb_rm);
static void dissect_kerberos_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo,
proto_tree *tree);
@@ -3176,9 +3197,9 @@ static guint get_krb_pdu_len(tvbuff_t *tvb, int offset);
gint
-dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info)
+dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info, kerberos_callbacks *cb)
{
- return (dissect_kerberos_common(tvb, pinfo, tree, do_col_info, FALSE));
+ return (dissect_kerberos_common(tvb, pinfo, tree, do_col_info, FALSE, cb));
}
static void
@@ -3187,7 +3208,7 @@ dissect_kerberos_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, "KRB5");
- (void)dissect_kerberos_common(tvb, pinfo, tree, TRUE, FALSE);
+ (void)dissect_kerberos_common(tvb, pinfo, tree, TRUE, FALSE, NULL);
}
static gint
@@ -3211,7 +3232,7 @@ static void
dissect_kerberos_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
pinfo->fragmented = TRUE;
- if (dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE) < 0) {
+ if (dissect_kerberos_common(tvb, pinfo, tree, TRUE, TRUE, NULL) < 0) {
/*
* The dissector failed to recognize this as a valid
* Kerberos message. Mark it as a continuation packet.
@@ -3256,16 +3277,19 @@ show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm)
static gint
dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
- int dci, gboolean have_rm)
+ int dci, gboolean have_rm, kerberos_callbacks *cb)
{
int offset = 0;
proto_tree *kerberos_tree = NULL;
proto_item *item = NULL;
+ void *saved_private_data;
/* TCP record mark and length */
guint32 krb_rm = 0;
gint krb_reclen = 0;
+ saved_private_data=pinfo->private_data;
+ pinfo->private_data=cb;
do_col_info=dci;
if (tree) {
@@ -3280,6 +3304,7 @@ dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
* What is a reasonable size limit?
*/
if (krb_reclen > 10 * 1024 * 1024) {
+ pinfo->private_data=saved_private_data;
return (-1);
}
show_krb_recordmark(kerberos_tree, tvb, offset, krb_rm);
@@ -3289,6 +3314,7 @@ dissect_kerberos_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
offset=dissect_ber_choice(pinfo, kerberos_tree, tvb, offset, kerberos_applications_choice, -1, -1);
proto_item_set_len(item, offset);
+ pinfo->private_data=saved_private_data;
return offset;
}
diff --git a/packet-kerberos.h b/packet-kerberos.h
index 042fc20e23..ad53f589bb 100644
--- a/packet-kerberos.h
+++ b/packet-kerberos.h
@@ -1,6 +1,6 @@
/* packet-kerberos.h
*
- * $Id: packet-kerberos.h,v 1.7 2003/04/25 21:29:19 guy Exp $
+ * $Id: packet-kerberos.h,v 1.8 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -24,9 +24,23 @@
#ifndef __PACKET_KERBEROS_H
#define __PACKET_KERBEROS_H
+/* This is a list of callback functions a caller can use to specify that
+ octet strings in kerberos to be passed back to application specific
+ dissectors, outside of kerberos.
+ This is used for dissection of application specific data for PacketCable
+ KRB_SAFE user data and eventually to pass kerberos session keys
+ to future DCERPC decryption and other uses.
+ The list is terminated by {0, NULL }
+*/
+#define KRB_CBTAG_SAFE_USER_DATA 1
+typedef struct _kerberos_callbacks {
+ int tag;
+ int (*callback)(packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree);
+} kerberos_callbacks;
+
/* Function prototypes */
gint
-dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info);
+dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int do_col_info, kerberos_callbacks *cb);
#endif /* __PACKET_KERBEROS_H */
diff --git a/packet-kpasswd.c b/packet-kpasswd.c
index c26444686b..2a4a4788b8 100644
--- a/packet-kpasswd.c
+++ b/packet-kpasswd.c
@@ -4,7 +4,7 @@
*
* See RFC 3244
*
- * $Id: packet-kpasswd.c,v 1.2 2004/02/16 09:42:10 sahlberg Exp $
+ * $Id: packet-kpasswd.c,v 1.3 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -66,7 +66,7 @@ dissect_kpasswd_ap_req_data(packet_info *pinfo _U_, tvbuff_t *tvb, proto_tree *p
it=proto_tree_add_item(parent_tree, hf_kpasswd_ap_req_data, tvb, 0, -1, FALSE);
tree=proto_item_add_subtree(it, ett_ap_req_data);
}
- dissect_kerberos_main(tvb, pinfo, tree, FALSE);
+ dissect_kerberos_main(tvb, pinfo, tree, FALSE, NULL);
}
static void
@@ -79,7 +79,7 @@ dissect_kpasswd_krb_priv_message(packet_info *pinfo _U_, tvbuff_t *tvb, proto_tr
it=proto_tree_add_item(parent_tree, hf_kpasswd_krb_priv_message, tvb, 0, -1, FALSE);
tree=proto_item_add_subtree(it, ett_krb_priv_message);
}
- dissect_kerberos_main(tvb, pinfo, tree, FALSE);
+ dissect_kerberos_main(tvb, pinfo, tree, FALSE, NULL);
}
diff --git a/packet-pktc.c b/packet-pktc.c
index e0ca591c67..fd08924c32 100644
--- a/packet-pktc.c
+++ b/packet-pktc.c
@@ -8,7 +8,7 @@
* Ronnie Sahlberg 2004
* Thomas Anders 2004
*
- * $Id: packet-pktc.c,v 1.5 2004/05/25 09:41:03 guy Exp $
+ * $Id: packet-pktc.c,v 1.6 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -38,6 +38,7 @@
#include "packet-kerberos.h"
#define PKTC_PORT 1293
+#define PKTC_MTAFQDNMAP_PORT 2246
static int proto_pktc = -1;
static gint hf_pktc_app_spec_data = -1;
@@ -66,10 +67,12 @@ static gint hf_pktc_ack_required_flag = -1;
static gint hf_pktc_sha1_hmac = -1;
static gint hf_pktc_sec_param_lifetime = -1;
static gint hf_pktc_grace_period = -1;
+static gint hf_pktc_mtafqdnmap = -1;
static gint ett_pktc = -1;
static gint ett_pktc_app_spec_data = -1;
static gint ett_pktc_list_of_ciphersuites = -1;
+static gint ett_pktc_mtafqdnmap = -1;
#define KMMID_WAKEUP 0x01
#define KMMID_AP_REQUEST 0x02
@@ -189,7 +192,7 @@ dissect_pktc_app_specific_data(packet_info *pinfo _U_, proto_tree *parent_tree,
break;
default:
- proto_tree_add_text(tree, tvb, offset, 1, "Dont know how to parse this type of KMMID yet");
+ proto_tree_add_text(tree, tvb, offset, 1, "Unknown KMMID");
tvb_get_guint8(tvb, 9999); /* bail out and inform user we cant dissect the packet */
};
break;
@@ -207,7 +210,7 @@ dissect_pktc_app_specific_data(packet_info *pinfo _U_, proto_tree *parent_tree,
break;
default:
- proto_tree_add_text(tree, tvb, offset, 1, "Dont know how to parse this type of KMMID yet");
+ proto_tree_add_text(tree, tvb, offset, 1, "Unknown KMMID");
tvb_get_guint8(tvb, 9999); /* bail out and inform user we cant dissect the packet */
};
break;
@@ -263,7 +266,7 @@ dissect_pktc_list_of_ciphersuites(packet_info *pinfo _U_, proto_tree *parent_tre
}
break;
default:
- proto_tree_add_text(tree, tvb, offset, 1, "Dont know how to parse this type of Algorithm Identifier yet");
+ proto_tree_add_text(tree, tvb, offset, 1, "Unknown DOI");
tvb_get_guint8(tvb, 9999); /* bail out and inform user we cant dissect the packet */
}
@@ -298,7 +301,7 @@ dissect_pktc_ap_request(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int
/* AP Request kerberos blob */
pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
- offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE);
+ offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE, NULL);
/* Server Nonce */
snonce=tvb_get_ntohl(tvb, offset);
@@ -329,7 +332,7 @@ dissect_pktc_ap_reply(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int o
/* AP Reply kerberos blob */
pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
- offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE);
+ offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE, NULL);
/* app specific data */
offset=dissect_pktc_app_specific_data(pinfo, tree, tvb, offset, doi, KMMID_AP_REPLY);
@@ -427,11 +430,56 @@ dissect_pktc_error_reply(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, in
/* KRB_ERROR */
pktc_tvb = tvb_new_subset(tvb, offset, -1, -1);
- offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE);
+ offset += dissect_kerberos_main(pktc_tvb, pinfo, tree, FALSE, NULL);
return offset;
}
+static int
+dissect_pktc_appspecificdata(packet_info *pinfo, tvbuff_t *tvb, proto_tree *tree)
+{
+ int offset=0;
+ /*XXX add dissection of the app specific data here */
+ return offset;
+}
+
+static kerberos_callbacks cb[] = {
+ { KRB_CBTAG_SAFE_USER_DATA, dissect_pktc_appspecificdata },
+ { 0, NULL }
+};
+
+static void
+dissect_pktc_mtafqdnmap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+{
+ int offset=0;
+ proto_tree *pktc_mtafqdnmap_tree = NULL;
+ proto_item *item = NULL;
+ tvbuff_t *pktc_mtafqdnmap_tvb;
+
+ if (check_col(pinfo->cinfo, COL_PROTOCOL))
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "PKTC");
+
+ if (tree) {
+ item = proto_tree_add_item(tree, proto_pktc, tvb, 0, 0, FALSE);
+ pktc_mtafqdnmap_tree = proto_item_add_subtree(item, ett_pktc_mtafqdnmap);
+ }
+
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "MTAFQDNMAP %s",
+ pinfo->srcport == pinfo->match_port ? "Reply":"Request");
+ }
+
+ /* KRB_AP_RE[QP] */
+ pktc_mtafqdnmap_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ offset += dissect_kerberos_main(pktc_mtafqdnmap_tvb, pinfo, pktc_mtafqdnmap_tree, FALSE, NULL);
+
+ /* KRB_SAFE */
+ pktc_mtafqdnmap_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ offset += dissect_kerberos_main(pktc_mtafqdnmap_tvb, pinfo, pktc_mtafqdnmap_tree, FALSE, cb);
+
+ proto_item_set_len(item, offset);
+}
+
static void
dissect_pktc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
@@ -599,3 +647,28 @@ proto_reg_handoff_pktc(void)
pktc_handle = create_dissector_handle(dissect_pktc, proto_pktc);
dissector_add("udp.port", PKTC_PORT, pktc_handle);
}
+
+void
+proto_register_pktc_mtafqdnmap(void)
+{
+ static hf_register_info hf[] = {
+ { &hf_pktc_mtafqdnmap, {
+ "MTAFQDNMAP", "pktc.mtafqdnmap", FT_BOOLEAN, BASE_NONE,
+ NULL, 0, "MTAFQDNMAP Message", HFILL }},
+ };
+ static gint *ett[] = {
+ &ett_pktc_mtafqdnmap,
+ };
+
+ proto_register_field_array(proto_pktc, hf, array_length(hf));
+ proto_register_subtree_array(ett, array_length(ett));
+}
+
+void
+proto_reg_handoff_pktc_mtafqdnmap(void)
+{
+ dissector_handle_t pktc_mtafqdnmap_handle;
+
+ pktc_mtafqdnmap_handle = create_dissector_handle(dissect_pktc_mtafqdnmap, proto_pktc);
+ dissector_add("udp.port", PKTC_MTAFQDNMAP_PORT, pktc_mtafqdnmap_handle);
+}
diff --git a/packet-spnego.c b/packet-spnego.c
index c4362e9726..36459770da 100644
--- a/packet-spnego.c
+++ b/packet-spnego.c
@@ -5,7 +5,7 @@
* Copyright 2002, Richard Sharpe <rsharpe@ns.aus.com>
* Copyright 2003, Richard Sharpe <rsharpe@richardsharpe.com>
*
- * $Id: packet-spnego.c,v 1.55 2004/05/11 02:02:44 gerald Exp $
+ * $Id: packet-spnego.c,v 1.56 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -348,7 +348,7 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
* return.
*/
krb5_tvb = tvb_new_subset(tvb, offset, -1, -1);
- offset = dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE);
+ offset = dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE, NULL);
return;
default:
@@ -375,7 +375,7 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
case KRB_TOKEN_AP_REP:
case KRB_TOKEN_AP_ERR:
krb5_tvb = tvb_new_subset(tvb, offset, -1, -1);
- offset = dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE);
+ offset = dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE, NULL);
break;
case KRB_TOKEN_GETMIC:
diff --git a/packet-telnet.c b/packet-telnet.c
index a416c94420..e062201287 100644
--- a/packet-telnet.c
+++ b/packet-telnet.c
@@ -2,7 +2,7 @@
* Routines for Telnet packet dissection; see RFC 854 and RFC 855
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
*
- * $Id: packet-telnet.c,v 1.45 2004/02/25 09:31:07 guy Exp $
+ * $Id: packet-telnet.c,v 1.46 2004/06/04 01:56:25 sahlberg Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -756,7 +756,7 @@ dissect_krb5_authentication_data(packet_info *pinfo, tvbuff_t *tvb, int offset,
if((acmd==TN_AC_IS)&&(krb5_cmd==TN_KRB5_TYPE_AUTH)){
krb5_tvb=unescape_and_tvbuffify_telnet_option(pinfo, tvb, offset, len);
if(krb5_tvb)
- dissect_kerberos_main(krb5_tvb, pinfo, tree, FALSE);
+ dissect_kerberos_main(krb5_tvb, pinfo, tree, FALSE, NULL);
else
proto_tree_add_text(tree, tvb, offset, len, "Kerberos blob (too long to dissect - length %u > %u",
len, MAX_KRB5_BLOB_LEN);
@@ -776,7 +776,7 @@ dissect_krb5_authentication_data(packet_info *pinfo, tvbuff_t *tvb, int offset,
/* IAC SB AUTHENTICATION REPLY <authentication-type-pair> RESPONSE <KRB_AP_REP message> IAC SE */
if((acmd==TN_AC_REPLY)&&(krb5_cmd==TN_KRB5_TYPE_RESPONSE)){
krb5_tvb=unescape_and_tvbuffify_telnet_option(pinfo, tvb, offset, len);
- dissect_kerberos_main(krb5_tvb, pinfo, tree, FALSE);
+ dissect_kerberos_main(krb5_tvb, pinfo, tree, FALSE, NULL);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 16:25:15 +0000