Age | Commit message (Collapse) | Author | Files | Lines |
|
between dissectors instead of using packet_info.h
The only remaining explicit user of the packet_info members is the NTLMSSP dissector. However, there may be "hidden" use of it in the spnego dissector passing between ASN.1 functions.
Someone more familiar with the protocols could possibly trim some of the "extra copies" between packet_info and gssapi_encrypt_info_t structure, but I went the "better safe than sorry" route.
Change-Id: I160d2cfccadc5f49b128609223cdff0162c3ca85
Reviewed-on: https://code.wireshark.org/review/11575
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They've been deprecated for a very long time. Replace them with
getaddrinfo. Note that we might not want to do synchronous name
resolution at all.
Add HAVE_GETADDRINFO to the KfW win-mac.h collision list.
Change-Id: If59ce8a038776eadd6cd1794ed0e2dad8bf8a22c
Reviewed-on: https://code.wireshark.org/review/6958
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Don't throw its declaration in file.h, as it's not defined in file.c.
Instead, include it in epan/dissectors/packet-kerberos.h and include
that wherever read_keytab_file() is called.
Yes, that means you also have to include <epan/asn1.h> and, therefore,
you have to include <epan/packet.h>. Yes, that should be cleaned up,
perhaps by splitting the Kerberos support code into "stuff that handles
encryption keys without any reference to dissection" and "stuff that
does dissection-related work".
Change-Id: Ide5c31e6d85e6011d57202f728dbc656e36138ef
Reviewed-on: https://code.wireshark.org/review/6210
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Wrap its declarations in the usual "extern "C"" stuff.
Change-Id: I353ab334bc08a69fdacaaab5672edf758b14766a
Reviewed-on: https://code.wireshark.org/review/6201
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Added RFC 3244 ChangePasswdData to the kerberos dissector.
This is the last dissector using the "old BER" functions.
Change-Id: I1d79047103c07c268d08e652745391f1ac37c82c
Reviewed-on: https://code.wireshark.org/review/1198
Reviewed-by: Tomáš Kukosa <tomas.kukosa@unify.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ib8945cdad149b71e3f79bd88032fd10f55ba556d
Reviewed-on: https://code.wireshark.org/review/1174
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Icd05d4941fdacac44094fafbad07f08ec4cbe976
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/364
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Also remove old WS_VAR_IMPORT define and related Makefile magic
everywhere in the project.
svn path=/trunk/; revision=47992
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
that can be called by dissectoirs using kerberos keytab files.
This function will load a new keytab file on demand, if it is changed in
the preferences.
The previous code had you save the preferences and then restart
wireshark which is suboptimal from a user friendly perspective
svn path=/trunk/; revision=30384
|
|
verified that we did have enough data in the buffer/tvb, which could
lead to a SEGV.
(for example if we enable KRB5 decryption but we do NOT use TCP
reassembly, and the encrypted data goes beyong the end of the current
segment)
Change the signature to decrypt_krb5_data() to take a TVB instead of a
buffer+length.
Actually check that we do have the entire encrypted PDU before calling
out to the kerberos libraries.
svn path=/trunk/; revision=29213
|
|
svn path=/trunk/; revision=26485
|
|
template and .cnf file.
svn path=/trunk/; revision=26484
|
|
add a parameter *datalen to decrypt_krb5_data() so that we can pass back
the length of the decrypted blob back to the caller.
This is useful for when there are "junk" at the end of the blob and thus
the decrypted data is not the same size as the encrypted blob.
GSS CFX is one such example.
(we should have done this earlier since it might have made some other
stuff easier to imlement...)
make the preference setting krb_decrypt a globally visible variable so
we can see its value and act on it from callers of krb decryption from
outside of packet-kerberos.c i.e. from GSS CFX
Make keytype == -1 a wildcard that when passed to decrypt_krb5_data()
will try any/all encryption keys.
This since GSS CFX does not provide the enctype in the GSS layer.
(The GSS CFX enctype is only negotiated during the AP-REQ/REP so we
should later pick this value up and store it in a CFX session variable.
That is for a later enhancement.
)
Enhance the GSS decryption (that for hitorical reasons are implemented
in packet-spnego.c and not packet-gssapi.c :-) )
to also handle decryption of GSS CFX
This should make wireshark able to decrypt any/all GSSAPI RFC4121
packets, if the keytab file is provided.
I have successfully decrypted LDAP using GSS CFX with AES encryption
with this.
svn path=/trunk/; revision=26350
|
|
svn path=/trunk/; revision=21753
|
|
svn path=/trunk/; revision=21705
|
|
tcp_dissect_pdus() to also include a packet_info pointer.
there are many reasons why some protocols actually need to be able to access the pinfo structure while determining the pdu size
svn path=/trunk/; revision=19751
|
|
svn path=/trunk/; revision=18196
|
|
kpasswd over tcp support
svn path=/trunk/; revision=16885
|
|
structure. Handle that.
Don't muck with the columns, or put a top-level Kerberos protocol item
into the protocol tree, until we decide that we really have a Kerberos
packet.
Do, however, clear the Info column if we're dissecting the Kerberos
protocol.
svn path=/trunk/; revision=15590
|
|
pointers either "void *" or "guint8 *", to reduce the level of compiler
warnings (the data in question is largely binary in those cases).
svn path=/trunk/; revision=14886
|
|
svn path=/trunk/; revision=14809
|
|
svn path=/trunk/; revision=14701
|
|
updates to KINK
svn path=/trunk/; revision=14453
|
|
also when linked with mit kerberos
svn path=/trunk/; revision=13850
|
|
and prepare for gssapi mit support
svn path=/trunk/; revision=13849
|
|
svn path=/trunk/; revision=13646
|
|
svn path=/trunk/; revision=13641
|
|
KRB_PRIV structure for kpasswd requests and replies.
decrypt and behold the new password in plaintext in all its glory
(given you have the keytab with the old one of course)
svn path=/trunk/; revision=13586
|
|
svn path=/trunk/; revision=13583
|
|
svn path=/trunk/; revision=12426
|
|
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410
|