diff options
| -rw-r--r-- | asn1/spnego/packet-spnego-template.c | 7 | ||||
| -rw-r--r-- | asn1/spnego/spnego.asn | 91 | ||||
| -rw-r--r-- | asn1/spnego/spnego.cnf | 65 | ||||
| -rw-r--r-- | epan/dissectors/packet-spnego.c | 196 |
4 files changed, 213 insertions, 146 deletions
diff --git a/asn1/spnego/packet-spnego-template.c b/asn1/spnego/packet-spnego-template.c index ead29a345d..ac2d9b1f64 100644 --- a/asn1/spnego/packet-spnego-template.c +++ b/asn1/spnego/packet-spnego-template.c @@ -96,13 +96,16 @@ static gint ett_spnego_krb5_cfx_flags = -1; #include "packet-spnego-ett.c" /* - * Unfortunately, we have to have a forward declaration of this, + * Unfortunately, we have to have forward declarations of thess, * as the code generated by asn2wrs includes a call before the * definition. */ -static int dissect_spnego_PrincipalSeq(gboolean implicit_tag, tvbuff_t *tvb, +static int dissect_spnego_NegTokenInit(gboolean implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index); +static int dissect_spnego_NegTokenInit2(gboolean implicit_tag, tvbuff_t *tvb, + int offset, asn1_ctx_t *actx _U_, + proto_tree *tree, int hf_index); #include "packet-spnego-fn.c" /* diff --git a/asn1/spnego/spnego.asn b/asn1/spnego/spnego.asn index 190b3f1555..b62973df2f 100644 --- a/asn1/spnego/spnego.asn +++ b/asn1/spnego/spnego.asn @@ -13,21 +13,11 @@ NegotiationToken ::= CHOICE { MechTypeList ::= SEQUENCE OF MechType -- --- In some cases, the mechListMIC is a sequence of GeneralString, --- rather than an OCTET STRING. We define that sequence here so --- that we can call its dissector. --- The IRC discussion at +-- MS-SPNG tells us that the format of a negTokenInit is actually +-- negTokenInit2 if a negTokenInit is seen in a response. It might need +-- to be the first negTokenInit seen in a response, but I am not sure. +-- It will only occur in a NegotiateProtocol response in CIFS/SMB or SMB2. -- --- http://irc.vernstok.nl/samba-technical.dy --- --- seems to suggest that it's a Kerberos principal of some sort, thanks --- to some flavor of "embrace, extend, expectorate" sequence from --- Microsoft. --- -PrincipalSeq ::= SEQUENCE { - principal [0] GeneralString -} - NegTokenInit ::= SEQUENCE { mechTypes [0] MechTypeList OPTIONAL, reqFlags [1] ContextFlags OPTIONAL, @@ -35,6 +25,19 @@ NegTokenInit ::= SEQUENCE { mechListMIC [3] OCTET STRING OPTIONAL } +NegHints ::= SEQUENCE { + hintName [0] GeneralString OPTIONAL, + hintAddress [1] OCTET STRING OPTIONAL +} + +NegTokenInit2 ::= SEQUENCE { + mechTypes [0] MechTypeList OPTIONAL, + reqFlags [1] ContextFlags OPTIONAL, + mechToken [2] OCTET STRING OPTIONAL, + negHints [3] NegHints OPTIONAL, + mechListMIC [4] OCTET STRING OPTIONAL +} + ContextFlags ::= BIT STRING { delegFlag (0), mutualFlag (1), @@ -55,46 +58,46 @@ NegTokenTarg ::= SEQUENCE { mechListMIC [3] OCTET STRING OPTIONAL } ---GSS-API DEFINITIONS ::= ---BEGIN ---MechType ::= OBJECT IDENTIFIER --- data structure definitions --- callers must be able to distinguish among --- InitialContextToken, SubsequentContextToken, --- PerMsgToken, and SealedMessage data elements --- based on the usage in which they occur -InitialContextToken ::= - -- option indication (delegation, etc.) indicated within - -- mechanism-specific token -[APPLICATION 0] IMPLICIT SEQUENCE { - thisMech MechType, - innerContextToken InnerContextToken - -- DEFINED BY thisMech - -- contents mechanism-specific +--GSS-API DEFINITIONS ::= +--BEGIN +--MechType ::= OBJECT IDENTIFIER +-- data structure definitions +-- callers must be able to distinguish among +-- InitialContextToken, SubsequentContextToken, +-- PerMsgToken, and SealedMessage data elements +-- based on the usage in which they occur +InitialContextToken ::= + -- option indication (delegation, etc.) indicated within + -- mechanism-specific token +[APPLICATION 0] IMPLICIT SEQUENCE { + thisMech MechType, + innerContextToken InnerContextToken + -- DEFINED BY thisMech + -- contents mechanism-specific -- ASN.1 structure not required - } + } -- SubsequentContextToken ::= InnerContextToken InnerContextToken ::= ANY --- interpretation based on predecessor InitialContextToken --- ASN.1 structure not required +-- interpretation based on predecessor InitialContextToken +-- ASN.1 structure not required --- PerMsgToken ::= --- as emitted by GSS_GetMIC and processed by GSS_VerifyMIC --- ASN.1 structure not required +-- PerMsgToken ::= +-- as emitted by GSS_GetMIC and processed by GSS_VerifyMIC +-- ASN.1 structure not required -- InnerMsgToken -- InnerMsgToken ::= ANY --- SealedMessage ::= --- as emitted by GSS_Wrap and processed by GSS_Unwrap --- includes internal, mechanism-defined indicator --- of whether or not encrypted --- ASN.1 structure not required --- SealedUserData - --- SealedUserData ::= ANY +-- SealedMessage ::= +-- as emitted by GSS_Wrap and processed by GSS_Unwrap +-- includes internal, mechanism-defined indicator +-- of whether or not encrypted +-- ASN.1 structure not required +-- SealedUserData + +-- SealedUserData ::= ANY -- END GSS-API DEFINITIONS diff --git a/asn1/spnego/spnego.cnf b/asn1/spnego/spnego.cnf index a4fcc0b388..9d9e760cb2 100644 --- a/asn1/spnego/spnego.cnf +++ b/asn1/spnego/spnego.cnf @@ -8,11 +8,22 @@ #.NO_EMIT ONLY_VALS NegotiationToken -#.TYPE_RENAME -NegTokenInit/mechListMIC T_NegTokenInit_mechListMIC +#.FN_BODY NegotiationToken/negTokenInit + gboolean is_response = actx->pinfo->ptype == PT_TCP && + actx->pinfo->srcport < 1024; -#.FIELD_RENAME -NegTokenInit/mechListMIC negTokenInit_mechListMIC + /* + * We decode as negTokenInit2 or negTokenInit depending on whether or not + * we are in a response or a request. That is essentially what MS-SPNG + * says. + */ + if (is_response) { + return dissect_spnego_NegTokenInit2(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s, + %(ACTX)s, %(TREE)s, %(HF_INDEX)s); + } else { + return dissect_spnego_NegTokenInit(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s, + %(ACTX)s, %(TREE)s, %(HF_INDEX)s); + } #.FN_PARS MechType @@ -121,42 +132,28 @@ NegTokenInit/mechListMIC negTokenInit_mechListMIC call_dissector(next_level_value->handle, mechToken_tvb, actx->pinfo, tree); +#.FN_PARS NegTokenInit/mechListMIC + + VAL_PTR = &mechListMIC_tvb + #.FN_BODY NegTokenInit/mechListMIC - gint8 ber_class; - gboolean pc; - gint32 tag; tvbuff_t *mechListMIC_tvb; + +%(DEFAULT_BODY)s + + /* - * There seems to be two different forms this can take, - * one as an octet string, and one as a general string in a - * sequence. - * - * Peek at the header, and then decide which it is we're seeing. + * Now, we should be able to dispatch, if we've gotten a tvbuff for + * the MIC and we have information on how to dissect its contents. */ - get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); - if (ber_class == BER_CLASS_UNI && pc && tag == BER_UNI_TAG_SEQUENCE) { - /* - * It's a sequence. - */ - return dissect_spnego_PrincipalSeq(FALSE, tvb, offset, actx, tree, - hf_spnego_mechListMIC); - } else { - /* - * It's not a sequence, so dissect it as an octet string, - * which is what it's supposed to be; that'll cause the - * right error report if it's not an octet string, either. - */ - offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, - hf_spnego_mechListMIC, &mechListMIC_tvb); - - /* - * Now, we should be able to dispatch with that tvbuff. - */ - if (mechListMIC_tvb && next_level_value) - call_dissector(next_level_value->handle, mechListMIC_tvb, actx->pinfo, tree); - return offset; + if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){ + gssapi_oid_value *value=next_level_value; + + if(value){ + call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree); + } } #.FN_BODY NegTokenTarg/supportedMech diff --git a/epan/dissectors/packet-spnego.c b/epan/dissectors/packet-spnego.c index 727a48f8de..e533214d36 100644 --- a/epan/dissectors/packet-spnego.c +++ b/epan/dissectors/packet-spnego.c @@ -90,18 +90,22 @@ static int hf_spnego_krb5_cfx_seq = -1; /*--- Included file: packet-spnego-hf.c ---*/ #line 1 "../../asn1/spnego/packet-spnego-hf.c" -static int hf_spnego_negTokenInit = -1; /* NegTokenInit */ +static int hf_spnego_negTokenInit = -1; /* T_negTokenInit */ static int hf_spnego_negTokenTarg = -1; /* NegTokenTarg */ static int hf_spnego_MechTypeList_item = -1; /* MechType */ -static int hf_spnego_principal = -1; /* GeneralString */ static int hf_spnego_mechTypes = -1; /* MechTypeList */ static int hf_spnego_reqFlags = -1; /* ContextFlags */ static int hf_spnego_mechToken = -1; /* T_mechToken */ -static int hf_spnego_negTokenInit_mechListMIC = -1; /* T_NegTokenInit_mechListMIC */ +static int hf_spnego_mechListMIC = -1; /* T_mechListMIC */ +static int hf_spnego_hintName = -1; /* GeneralString */ +static int hf_spnego_hintAddress = -1; /* OCTET_STRING */ +static int hf_spnego_mechToken_01 = -1; /* OCTET_STRING */ +static int hf_spnego_negHints = -1; /* NegHints */ +static int hf_spnego_mechListMIC_01 = -1; /* OCTET_STRING */ static int hf_spnego_negResult = -1; /* T_negResult */ static int hf_spnego_supportedMech = -1; /* T_supportedMech */ static int hf_spnego_responseToken = -1; /* T_responseToken */ -static int hf_spnego_mechListMIC = -1; /* T_mechListMIC */ +static int hf_spnego_mechListMIC_02 = -1; /* T_mechListMIC_01 */ static int hf_spnego_thisMech = -1; /* MechType */ static int hf_spnego_innerContextToken = -1; /* InnerContextToken */ /* named bits */ @@ -133,8 +137,9 @@ static gint ett_spnego_krb5_cfx_flags = -1; #line 1 "../../asn1/spnego/packet-spnego-ett.c" static gint ett_spnego_NegotiationToken = -1; static gint ett_spnego_MechTypeList = -1; -static gint ett_spnego_PrincipalSeq = -1; static gint ett_spnego_NegTokenInit = -1; +static gint ett_spnego_NegHints = -1; +static gint ett_spnego_NegTokenInit2 = -1; static gint ett_spnego_ContextFlags = -1; static gint ett_spnego_NegTokenTarg = -1; static gint ett_spnego_InitialContextToken_U = -1; @@ -143,13 +148,16 @@ static gint ett_spnego_InitialContextToken_U = -1; #line 97 "../../asn1/spnego/packet-spnego-template.c" /* - * Unfortunately, we have to have a forward declaration of this, + * Unfortunately, we have to have forward declarations of thess, * as the code generated by asn2wrs includes a call before the * definition. */ -static int dissect_spnego_PrincipalSeq(gboolean implicit_tag, tvbuff_t *tvb, +static int dissect_spnego_NegTokenInit(gboolean implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index); +static int dissect_spnego_NegTokenInit2(gboolean implicit_tag, tvbuff_t *tvb, + int offset, asn1_ctx_t *actx _U_, + proto_tree *tree, int hf_index); /*--- Included file: packet-spnego-fn.c ---*/ @@ -158,7 +166,7 @@ static int dissect_spnego_PrincipalSeq(gboolean implicit_tag, tvbuff_t *tvb, static int dissect_spnego_MechType(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 22 "../../asn1/spnego/spnego.cnf" +#line 33 "../../asn1/spnego/spnego.cnf" gssapi_oid_value *value; @@ -196,7 +204,7 @@ static const ber_sequence_t MechTypeList_sequence_of[1] = { static int dissect_spnego_MechTypeList(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 90 "../../asn1/spnego/spnego.cnf" +#line 101 "../../asn1/spnego/spnego.cnf" conversation_t *conversation; @@ -245,7 +253,7 @@ dissect_spnego_ContextFlags(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int of static int dissect_spnego_T_mechToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 111 "../../asn1/spnego/spnego.cnf" +#line 122 "../../asn1/spnego/spnego.cnf" tvbuff_t *mechToken_tvb = NULL; @@ -269,43 +277,27 @@ dissect_spnego_T_mechToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int off static int -dissect_spnego_T_NegTokenInit_mechListMIC(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 125 "../../asn1/spnego/spnego.cnf" +dissect_spnego_T_mechListMIC(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +#line 140 "../../asn1/spnego/spnego.cnf" - gint8 ber_class; - gboolean pc; - gint32 tag; tvbuff_t *mechListMIC_tvb; + + offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, + &mechListMIC_tvb); + + + /* - * There seems to be two different forms this can take, - * one as an octet string, and one as a general string in a - * sequence. - * - * Peek at the header, and then decide which it is we're seeing. + * Now, we should be able to dispatch, if we've gotten a tvbuff for + * the MIC and we have information on how to dissect its contents. */ - get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); - if (ber_class == BER_CLASS_UNI && pc && tag == BER_UNI_TAG_SEQUENCE) { - /* - * It's a sequence. - */ - return dissect_spnego_PrincipalSeq(FALSE, tvb, offset, actx, tree, - hf_spnego_mechListMIC); - } else { - /* - * It's not a sequence, so dissect it as an octet string, - * which is what it's supposed to be; that'll cause the - * right error report if it's not an octet string, either. - */ - offset = dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, - hf_spnego_mechListMIC, &mechListMIC_tvb); - - /* - * Now, we should be able to dispatch with that tvbuff. - */ - if (mechListMIC_tvb && next_level_value) - call_dissector(next_level_value->handle, mechListMIC_tvb, actx->pinfo, tree); - return offset; + if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){ + gssapi_oid_value *value=next_level_value; + + if(value){ + call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree); + } } @@ -318,7 +310,7 @@ static const ber_sequence_t NegTokenInit_sequence[] = { { &hf_spnego_mechTypes , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_spnego_MechTypeList }, { &hf_spnego_reqFlags , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_spnego_ContextFlags }, { &hf_spnego_mechToken , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_spnego_T_mechToken }, - { &hf_spnego_negTokenInit_mechListMIC, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_T_NegTokenInit_mechListMIC }, + { &hf_spnego_mechListMIC , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_T_mechListMIC }, { NULL, 0, 0, 0, NULL } }; @@ -331,6 +323,32 @@ dissect_spnego_NegTokenInit(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int of } + +static int +dissect_spnego_T_negTokenInit(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +#line 12 "../../asn1/spnego/spnego.cnf" + gboolean is_response = actx->pinfo->ptype == PT_TCP && + actx->pinfo->srcport < 1024; + + /* + * We decode as negTokenInit2 or negTokenInit depending on whether or not + * we are in a response or a request. That is essentially what MS-SPNG + * says. + */ + if (is_response) { + return dissect_spnego_NegTokenInit2(implicit_tag, tvb, offset, + actx, tree, hf_index); + } else { + return dissect_spnego_NegTokenInit(implicit_tag, tvb, offset, + actx, tree, hf_index); + } + + + + return offset; +} + + static const value_string spnego_T_negResult_vals[] = { { 0, "accept-completed" }, { 1, "accept-incomplete" }, @@ -351,7 +369,7 @@ dissect_spnego_T_negResult(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int off static int dissect_spnego_T_supportedMech(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 163 "../../asn1/spnego/spnego.cnf" +#line 160 "../../asn1/spnego/spnego.cnf" conversation_t *conversation; @@ -380,7 +398,7 @@ dissect_spnego_T_supportedMech(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int static int dissect_spnego_T_responseToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 186 "../../asn1/spnego/spnego.cnf" +#line 183 "../../asn1/spnego/spnego.cnf" tvbuff_t *responseToken_tvb; @@ -413,8 +431,8 @@ dissect_spnego_T_responseToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int static int -dissect_spnego_T_mechListMIC(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 213 "../../asn1/spnego/spnego.cnf" +dissect_spnego_T_mechListMIC_01(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +#line 210 "../../asn1/spnego/spnego.cnf" tvbuff_t *mechListMIC_tvb; @@ -447,7 +465,7 @@ static const ber_sequence_t NegTokenTarg_sequence[] = { { &hf_spnego_negResult , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_spnego_T_negResult }, { &hf_spnego_supportedMech, BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_spnego_T_supportedMech }, { &hf_spnego_responseToken, BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_spnego_T_responseToken }, - { &hf_spnego_mechListMIC , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_T_mechListMIC }, + { &hf_spnego_mechListMIC_02, BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_T_mechListMIC_01 }, { NULL, 0, 0, 0, NULL } }; @@ -461,7 +479,7 @@ dissect_spnego_NegTokenTarg(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int of static const ber_choice_t NegotiationToken_choice[] = { - { 0, &hf_spnego_negTokenInit , BER_CLASS_CON, 0, 0, dissect_spnego_NegTokenInit }, + { 0, &hf_spnego_negTokenInit , BER_CLASS_CON, 0, 0, dissect_spnego_T_negTokenInit }, { 1, &hf_spnego_negTokenTarg , BER_CLASS_CON, 1, 0, dissect_spnego_NegTokenTarg }, { 0, NULL, 0, 0, 0, NULL } }; @@ -487,15 +505,44 @@ dissect_spnego_GeneralString(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int o } -static const ber_sequence_t PrincipalSeq_sequence[] = { - { &hf_spnego_principal , BER_CLASS_CON, 0, 0, dissect_spnego_GeneralString }, + +static int +dissect_spnego_OCTET_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t NegHints_sequence[] = { + { &hf_spnego_hintName , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_spnego_GeneralString }, + { &hf_spnego_hintAddress , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_spnego_OCTET_STRING }, { NULL, 0, 0, 0, NULL } }; static int -dissect_spnego_PrincipalSeq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { +dissect_spnego_NegHints(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, - PrincipalSeq_sequence, hf_index, ett_spnego_PrincipalSeq); + NegHints_sequence, hf_index, ett_spnego_NegHints); + + return offset; +} + + +static const ber_sequence_t NegTokenInit2_sequence[] = { + { &hf_spnego_mechTypes , BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_spnego_MechTypeList }, + { &hf_spnego_reqFlags , BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, dissect_spnego_ContextFlags }, + { &hf_spnego_mechToken_01 , BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL, dissect_spnego_OCTET_STRING }, + { &hf_spnego_negHints , BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_spnego_NegHints }, + { &hf_spnego_mechListMIC_01, BER_CLASS_CON, 4, BER_FLAGS_OPTIONAL, dissect_spnego_OCTET_STRING }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_spnego_NegTokenInit2(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + NegTokenInit2_sequence, hf_index, ett_spnego_NegTokenInit2); return offset; } @@ -504,7 +551,7 @@ dissect_spnego_PrincipalSeq(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int of static int dissect_spnego_InnerContextToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 47 "../../asn1/spnego/spnego.cnf" +#line 58 "../../asn1/spnego/spnego.cnf" gssapi_oid_value *next_level_value_lcl; proto_item *item; @@ -579,7 +626,7 @@ dissect_spnego_InitialContextToken(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, /*--- End of included file: packet-spnego-fn.c ---*/ -#line 108 "../../asn1/spnego/packet-spnego-template.c" +#line 111 "../../asn1/spnego/packet-spnego-template.c" /* * This is the SPNEGO KRB5 dissector. It is not true KRB5, but some ASN.1 * wrapped blob with an OID, USHORT token ID, and a Ticket, that is also @@ -1865,10 +1912,6 @@ void proto_register_spnego(void) { { "MechType", "spnego.MechType", FT_OID, BASE_NONE, NULL, 0, NULL, HFILL }}, - { &hf_spnego_principal, - { "principal", "spnego.principal", - FT_STRING, BASE_NONE, NULL, 0, - "GeneralString", HFILL }}, { &hf_spnego_mechTypes, { "mechTypes", "spnego.mechTypes", FT_UINT32, BASE_DEC, NULL, 0, @@ -1881,10 +1924,30 @@ void proto_register_spnego(void) { { "mechToken", "spnego.mechToken", FT_BYTES, BASE_NONE, NULL, 0, NULL, HFILL }}, - { &hf_spnego_negTokenInit_mechListMIC, + { &hf_spnego_mechListMIC, { "mechListMIC", "spnego.mechListMIC", FT_BYTES, BASE_NONE, NULL, 0, - "T_NegTokenInit_mechListMIC", HFILL }}, + NULL, HFILL }}, + { &hf_spnego_hintName, + { "hintName", "spnego.hintName", + FT_STRING, BASE_NONE, NULL, 0, + "GeneralString", HFILL }}, + { &hf_spnego_hintAddress, + { "hintAddress", "spnego.hintAddress", + FT_BYTES, BASE_NONE, NULL, 0, + "OCTET_STRING", HFILL }}, + { &hf_spnego_mechToken_01, + { "mechToken", "spnego.mechToken", + FT_BYTES, BASE_NONE, NULL, 0, + "OCTET_STRING", HFILL }}, + { &hf_spnego_negHints, + { "negHints", "spnego.negHints_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_spnego_mechListMIC_01, + { "mechListMIC", "spnego.mechListMIC", + FT_BYTES, BASE_NONE, NULL, 0, + "OCTET_STRING", HFILL }}, { &hf_spnego_negResult, { "negResult", "spnego.negResult", FT_UINT32, BASE_DEC, VALS(spnego_T_negResult_vals), 0, @@ -1897,10 +1960,10 @@ void proto_register_spnego(void) { { "responseToken", "spnego.responseToken", FT_BYTES, BASE_NONE, NULL, 0, NULL, HFILL }}, - { &hf_spnego_mechListMIC, + { &hf_spnego_mechListMIC_02, { "mechListMIC", "spnego.mechListMIC", FT_BYTES, BASE_NONE, NULL, 0, - NULL, HFILL }}, + "T_mechListMIC_01", HFILL }}, { &hf_spnego_thisMech, { "thisMech", "spnego.thisMech", FT_OID, BASE_NONE, NULL, 0, @@ -1939,7 +2002,7 @@ void proto_register_spnego(void) { NULL, HFILL }}, /*--- End of included file: packet-spnego-hfarr.c ---*/ -#line 1379 "../../asn1/spnego/packet-spnego-template.c" +#line 1382 "../../asn1/spnego/packet-spnego-template.c" }; /* List of subtrees */ @@ -1954,14 +2017,15 @@ void proto_register_spnego(void) { #line 1 "../../asn1/spnego/packet-spnego-ettarr.c" &ett_spnego_NegotiationToken, &ett_spnego_MechTypeList, - &ett_spnego_PrincipalSeq, &ett_spnego_NegTokenInit, + &ett_spnego_NegHints, + &ett_spnego_NegTokenInit2, &ett_spnego_ContextFlags, &ett_spnego_NegTokenTarg, &ett_spnego_InitialContextToken_U, /*--- End of included file: packet-spnego-ettarr.c ---*/ -#line 1389 "../../asn1/spnego/packet-spnego-template.c" +#line 1392 "../../asn1/spnego/packet-spnego-template.c" }; /* Register protocol */ |