aboutsummaryrefslogtreecommitdiffstats
path: root/asn1/spnego
AgeCommit message (Collapse)AuthorFilesLines
2009-08-04Initialize several ett_... variables to -1wmeier1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@29295 f5534014-38df-0310-8fa8-9805f1628bb7
2009-07-28When we passed the crytobuffer to krb5_c_decrypt() we never actually sahlberg1-2/+6
verified that we did have enough data in the buffer/tvb, which could lead to a SEGV. (for example if we enable KRB5 decryption but we do NOT use TCP reassembly, and the encrypted data goes beyong the end of the current segment) Change the signature to decrypt_krb5_data() to take a TVB instead of a buffer+length. Actually check that we do have the entire encrypted PDU before calling out to the kerberos libraries. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@29213 f5534014-38df-0310-8fa8-9805f1628bb7
2009-07-07Changed flags_set_truth -> tfs_set_notsetstig1-3/+3
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28989 f5534014-38df-0310-8fa8-9805f1628bb7
2009-06-26tvb_child_new_real_data() -> tvb_new_child_real_data()stig1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28845 f5534014-38df-0310-8fa8-9805f1628bb7
2009-06-25tvb_new_real_data()->tvb_child_new_real_data()etxrab1-2/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28843 f5534014-38df-0310-8fa8-9805f1628bb7
2009-06-23From Kovarththanan Rajaratnam:stig1-7/+7
Clean up header field info in asn1/*-template.c files. From me: Fixed a few typos in the patch. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28817 f5534014-38df-0310-8fa8-9805f1628bb7
2009-05-13Apply some of the patches from:etxrab1-2/+1
http://wiki.wireshark.org/Development/Optimization git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@28356 f5534014-38df-0310-8fa8-9805f1628bb7
2008-11-04Minor cleanup mostly related to proto_reg_handoffwmeier1-13/+4
Remove code for unused handles; Localize handles (in proto_reg_handoff) which need not be global; Localize (in proto_reg_handoff) "saved prefs"; Use find_dissector instead of create_dissector_handle as appropriate; Use gboolean for "initialized" flag in proto_reg_handoff. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26693 f5534014-38df-0310-8fa8-9805f1628bb7
2008-10-05use g_malloc/g_free instead of malloc/freesahlberg1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26353 f5534014-38df-0310-8fa8-9805f1628bb7
2008-10-05change u_char to unsigned char to make the osx compiler happysahlberg1-5/+5
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26351 f5534014-38df-0310-8fa8-9805f1628bb7
2008-10-05kerberos/gss enhancementssahlberg1-2/+107
add a parameter *datalen to decrypt_krb5_data() so that we can pass back the length of the decrypted blob back to the caller. This is useful for when there are "junk" at the end of the blob and thus the decrypted data is not the same size as the encrypted blob. GSS CFX is one such example. (we should have done this earlier since it might have made some other stuff easier to imlement...) make the preference setting krb_decrypt a globally visible variable so we can see its value and act on it from callers of krb decryption from outside of packet-kerberos.c i.e. from GSS CFX Make keytype == -1 a wildcard that when passed to decrypt_krb5_data() will try any/all encryption keys. This since GSS CFX does not provide the enctype in the GSS layer. (The GSS CFX enctype is only negotiated during the AP-REQ/REP so we should later pick this value up and store it in a CFX session variable. That is for a later enhancement. ) Enhance the GSS decryption (that for hitorical reasons are implemented in packet-spnego.c and not packet-gssapi.c :-) ) to also handle decryption of GSS CFX This should make wireshark able to decrypt any/all GSSAPI RFC4121 packets, if the keytab file is provided. I have successfully decrypted LDAP using GSS CFX with AES encryption with this. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26350 f5534014-38df-0310-8fa8-9805f1628bb7
2008-09-30We always use start_offset, so don't wrap it in "#ifdef HAVE_KERBEROS".gerald1-2/+0
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26301 f5534014-38df-0310-8fa8-9805f1628bb7
2008-09-29from Metzesahlberg1-1/+262
add dissection of RFC4121 krb5 blobs git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@26294 f5534014-38df-0310-8fa8-9805f1628bb7
2007-12-19asn1/*/Makefile.nmake were not part of the source package.jmayer1-1/+2
Spotted by Tomas Kukosa. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23921 f5534014-38df-0310-8fa8-9805f1628bb7
2007-12-10ANSI TCAP regenerated and tested with -T -X asn2wrs optionskukosa1-1/+1
asn2wrs has -T (tagged types support) and -X (new BER sttructures) default behavior remove all -T and -X usage git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23823 f5534014-38df-0310-8fa8-9805f1628bb7
2007-11-04Update do use the -X and -T asn2wrs flags.etxrab1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23364 f5534014-38df-0310-8fa8-9805f1628bb7
2007-10-11- Remove -e option if the generated -exp.cnf file isn't used.jmayer1-1/+1
- Add EXPORT_FILES to all files that still contain -e. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23145 f5534014-38df-0310-8fa8-9805f1628bb7
2007-10-10- Change Makefiles to include preincjmayer2-1/+3
- Add missing new directories to asn1/Makefile.nmake git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23141 f5534014-38df-0310-8fa8-9805f1628bb7
2007-10-10More conversions and updates to existing Makefile stuffjmayer4-57/+96
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23127 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-25Add a cast to squelch an MSVC warning.guy1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21944 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-25Make SND_SEQ an array of 2 guint32's, rather than an array of 8guy1-8/+5
guint8's, to squelch some compiler warnings (and clean up some comparisons). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21941 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-15actx in the rest of dissect_ber..()letxrab2-2/+4
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21773 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-13Second step in introducing asn context to BER dissectors just like in PER.etxrab2-27/+32
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21753 f5534014-38df-0310-8fa8-9805f1628bb7
2007-05-06Start introducing actx to ber functions.etxrab1-0/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21705 f5534014-38df-0310-8fa8-9805f1628bb7
2007-02-18Fix bug 1380:morriss1-2/+4
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1380 by registering the spnego dissector by name (e.g., call 'register_dissector()'). git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20837 f5534014-38df-0310-8fa8-9805f1628bb7
2007-02-17This patch looks for a confounder in GSSWrap for DES_MAC_MD5 algorithm. gal1-1/+5
This is purely empirical as I can find no standard that says it should be there. However successful LDAP/SASL/GSSAPI between AD and Java client shows it seems to be present. If the confounder is not dissected, the LDAPMessage to fail to be decoded. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20833 f5534014-38df-0310-8fa8-9805f1628bb7
2007-01-09Move cryptography code to epan/crypt.gerald1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20359 f5534014-38df-0310-8fa8-9805f1628bb7
2007-01-02Move epan/crypt-md5.[ch] to epan/crypt. Removegerald1-35/+35
epan/crypt/airpdcap_md5.[ch]. Fix up whitespace. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20277 f5534014-38df-0310-8fa8-9805f1628bb7
2006-12-13if there is a list of mechTypes in the negTokenInit then store the first onesahlberg1-16/+50
and associate it with the conversation properly. do the same for supportedMech in the negTokenTarg This will allow wireshark to decode the blob in negTokenTarg even when no supportedMech is provided. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@20129 f5534014-38df-0310-8fa8-9805f1628bb7
2006-10-29put every python script name into "" so the call won't fail on Win32 native ↵ulfl1-1/+1
python. The problem is the slash in e.g.: @$(PYTHON) ../../tools/make-dissector-reg.py is interpreted as an option instead of being part of the path. I didn't wanted to use backslashes as this might introduce new problems with cygwin's python port. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@19730 f5534014-38df-0310-8fa8-9805f1628bb7
2006-05-23Ethereal -> Wiresharkkukosa1-3/+3
asn2eth -> asn2wrs git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18214 f5534014-38df-0310-8fa8-9805f1628bb7
2006-05-21- asn2eth renamed to asn2wrskukosa2-5/+5
- remove obsolete -X option from makefiles - not generate enumerated map table for BER dissector will be regenerated later git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18199 f5534014-38df-0310-8fa8-9805f1628bb7
2006-05-21name changesahlberg2-4/+4
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18197 f5534014-38df-0310-8fa8-9805f1628bb7
2006-04-25Add distclean and maintainerclean rules.guy1-0/+4
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17999 f5534014-38df-0310-8fa8-9805f1628bb7
2006-03-30call OID subdissector for private extensiions, fix makefiles.etxrab1-2/+2
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17772 f5534014-38df-0310-8fa8-9805f1628bb7
2006-02-23Add parsertab.pyc in clean targetetxrab1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@17387 f5534014-38df-0310-8fa8-9805f1628bb7
2005-12-25microsoft does not use a confounder for spnego when using DNS/TSIGsahlberg1-4/+10
they use an additional confounder everywhere else (as it seems) but not for DNS/TSIG git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16894 f5534014-38df-0310-8fa8-9805f1628bb7
2005-11-14 - dissect_ber_object_identifier() returns value as tvbkukosa2-4/+4
- new dissect_ber_object_identifier_str() function - BER dissectors adapted and regenerated git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16501 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-21dissect_ber_octet_string() can return a null tvbuff pointer, if theguy1-12/+11
putative octet string isn't one; always check before using it to dissect, and don't call the dissector if the tvbuff is null. This should fix bug 472. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15946 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-21Some compilers don't allow a static declaration of a function insideguy2-3/+9
another function, so move the declaration of dissect_spnego_PrincipalSeq() to the top of the file. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15938 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-21An InnerContextToken comes with an OID for the mechanism, which is whatguy3-131/+225
we use to determine how to interpret the token; don't bother fetching the OID attached to the frame or conversation, as we're not using it. Indent code in the .cnf file to match the code generated by asn2eth. The mechListMIC in a NegTokenInit is sometimes a sequence containing a string; check the header of the mechListMIC and dissect it as such a sequence or as a regular item depending on whether it's a sequence or not. If we see a supportedMech in a NegTokenTarg, save next_level_value for that OID with the conversation. Dissect a responseToken in a NegTokenTarg, and a mechListMIC in a NegTokenTarg, appropriately. Get rid of "gssapi_dissector_handle()", and just use next_level_value->handle - it was never being called if next_level_value was null. When we're dissecting a KRB5 blob, just use get_ber_identifier() to get the header, so we don't report an ASN.1 error if there isn't a BER identifier there; dissect the identifier and length only if we know we have them. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15937 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-19Don't dereference a null pointer. Fixes bug 460.gerald1-1/+1
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15874 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-19In the SPNEGO dissector, don't call a subdissector if we don't have a TVB.gerald1-1/+4
Fixes bugs 448, 449, 451, 452, 454, 456, and 461. Add similar TVB checks to the BER dissector. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15869 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-15Don't use u_char - not all platforms define it, and even those that doguy1-2/+2
might require other files to be included to get it. git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15828 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-15Add a Makefile.guy1-0/+17
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15827 f5534014-38df-0310-8fa8-9805f1628bb7
2005-09-15Replace the spnego dissector with an asn2eth generated one.etxrab5-0/+1359
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15810 f5534014-38df-0310-8fa8-9805f1628bb7
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 00:01:44 +0000