diff options
| -rw-r--r-- | asn1/spnego/packet-spnego-template.c | 37 | ||||
| -rw-r--r-- | epan/dissectors/packet-ldap.c | 5 | ||||
| -rw-r--r-- | epan/dissectors/packet-spnego.c | 41 |
3 files changed, 70 insertions, 13 deletions
diff --git a/asn1/spnego/packet-spnego-template.c b/asn1/spnego/packet-spnego-template.c index ac2d9b1f64..801ba66de7 100644 --- a/asn1/spnego/packet-spnego-template.c +++ b/asn1/spnego/packet-spnego-template.c @@ -1026,13 +1026,40 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo if (pinfo->gssapi_data_encrypted) { checksum_size = 44 + ec; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + offset += checksum_size; + } else { - checksum_size = 12; - } + int inner_token_len = 0; - proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, - checksum_size, ENC_NA); - offset += checksum_size; + /* + * We know we have a wrap token, but we have to let the proto + * above us decode that, so hand it back in gssapi_wrap_tvb + * and put the checksum in the tree. + */ + + checksum_size = ec; + + inner_token_len = tvb_reported_length_remaining(tvb, offset) - + ec; + + pinfo->gssapi_wrap_tvb = tvb_new_subset(tvb, offset, + inner_token_len, inner_token_len); + + offset += inner_token_len; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + + /* + * Return an offset that puts our caller before the inner + * token. This is better than before, but we still see the + * checksum included in the LDAP query at times. + */ + return offset - inner_token_len; + } if(pinfo->decrypt_gssapi_tvb){ /* if the caller did not provide a tvb, then we just use diff --git a/epan/dissectors/packet-ldap.c b/epan/dissectors/packet-ldap.c index 9ee60544dd..536e52da41 100644 --- a/epan/dissectors/packet-ldap.c +++ b/epan/dissectors/packet-ldap.c @@ -4129,7 +4129,10 @@ static void /* if we could unwrap, do a tvb shuffle */ if(pinfo->gssapi_decrypted_tvb){ decr_tvb=pinfo->gssapi_decrypted_tvb; + } else if (pinfo->gssapi_wrap_tvb) { + plain_tvb=pinfo->gssapi_wrap_tvb; } + /* tidy up */ pinfo->decrypt_gssapi_tvb=0; pinfo->gssapi_wrap_tvb=NULL; @@ -4149,7 +4152,7 @@ static void * see if the wrapping involved encryption of the * data; if not, just use the plaintext data. */ - if (!decr_tvb) { + if (!decr_tvb && !plain_tvb) { if(!pinfo->gssapi_data_encrypted){ plain_tvb = tvb_new_subset_remaining(gssapi_tvb, ver_len); } diff --git a/epan/dissectors/packet-spnego.c b/epan/dissectors/packet-spnego.c index b3dca1a365..adcd55b5d0 100644 --- a/epan/dissectors/packet-spnego.c +++ b/epan/dissectors/packet-spnego.c @@ -1478,13 +1478,40 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo if (pinfo->gssapi_data_encrypted) { checksum_size = 44 + ec; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + offset += checksum_size; + } else { - checksum_size = 12; - } + int inner_token_len = 0; - proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, - checksum_size, ENC_NA); - offset += checksum_size; + /* + * We know we have a wrap token, but we have to let the proto + * above us decode that, so hand it back in gssapi_wrap_tvb + * and put the checksum in the tree. + */ + + checksum_size = ec; + + inner_token_len = tvb_reported_length_remaining(tvb, offset) - + ec; + + pinfo->gssapi_wrap_tvb = tvb_new_subset(tvb, offset, + inner_token_len, inner_token_len); + + offset += inner_token_len; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + + /* + * Return an offset that puts our caller before the inner + * token. This is better than before, but we still see the + * checksum included in the LDAP query at times. + */ + return offset - inner_token_len; + } if(pinfo->decrypt_gssapi_tvb){ /* if the caller did not provide a tvb, then we just use @@ -1927,7 +1954,7 @@ void proto_register_spnego(void) { NULL, HFILL }}, /*--- End of included file: packet-spnego-hfarr.c ---*/ -#line 1382 "../../asn1/spnego/packet-spnego-template.c" +#line 1409 "../../asn1/spnego/packet-spnego-template.c" }; /* List of subtrees */ @@ -1950,7 +1977,7 @@ void proto_register_spnego(void) { &ett_spnego_InitialContextToken_U, /*--- End of included file: packet-spnego-ettarr.c ---*/ -#line 1392 "../../asn1/spnego/packet-spnego-template.c" +#line 1419 "../../asn1/spnego/packet-spnego-template.c" }; /* Register protocol */ |