Age | Commit message (Collapse) | Author | Files | Lines |
|
svn path=/trunk/; revision=8036
|
|
start to work on kerberos flags etc.
Also prettied up the case where the responseToken was an empty string.
svn path=/trunk/; revision=7767
|
|
svn path=/trunk/; revision=7741
|
|
svn path=/trunk/; revision=7738
|
|
svn path=/trunk/; revision=7737
|
|
svn path=/trunk/; revision=7736
|
|
that was already there.
svn path=/trunk/; revision=7727
|
|
However, it is now clear in the dissection tree for NFSv4 with RPCSEC_GSS
security in use that the naming is just wrong :-(
svn path=/trunk/; revision=7725
|
|
tokens can be handled.
Really, dissect-spnego-krb5 or whatever, should be renamed to something like
dissect-gssapi-tokens or dissect-gssapi-rfc1964 ...
svn path=/trunk/; revision=7724
|
|
svn path=/trunk/; revision=7160
|
|
OID value for the protocol being used in a previous packet in the GSSAPI
sequence.
svn path=/trunk/; revision=6896
|
|
svn path=/trunk/; revision=6816
|
|
call to "gssapi_init_oid()" supplies both dissectors for context-level
tokens and GSS_Wrap header information; the latter dissector should
return the number of bytes of header information, so that if the header
information and the message for the protocol that's using GSSAPI are
treated as a single blob of data (as is the case with LDAP, but not with
DCE RPC, for example), the dissector for the protocol using GSSAPI knows
where to start dissecting.
We associate a pointer to the entire data structure for the OID, not the
handle for context-level token dissector for the OID, with conversations
and frames.
Make the dissector for NTLMSSP verifiers be the handler for GSS_Wrap
stuff for NTLMSSP, and add support for GSS_Wrap stuff for Kerberos.
Support SASL GSS-SPNEGO wrapping of LDAP messages. (XXX - this should
really check for GSS-SPNEGO.)
svn path=/trunk/; revision=6692
|
|
handle to use to dissect SPNEGO tokens has to be stored as per-frame
data, not just as conversation data.
svn path=/trunk/; revision=6572
|
|
just a Kerberos message; we can distinguish that from the other two
cases, so we do so, and handle all three cases.
svn path=/trunk/; revision=6505
|
|
svn path=/trunk/; revision=6367
|
|
svn path=/trunk/; revision=6302
|
|
for items that should run to the end of the tvbuff.
Make the next level dissector handle local to "dissect_spnego()".
Handle negTokenInit's with mechTokens, by, when processing the mechTypes
sequence in a negTokenInit, remembering the first MechType and telling
"dissect_spnego_mechTypes()"'s caller about it, and having that caller
use that mechType to dissect the mechToken.
svn path=/trunk/; revision=6232
|
|
svn path=/trunk/; revision=6229
|
|
as an argument, and looks up that OID in the GSSAPI OID hash table.
Always use that routine to look up OIDs, so that we never use the result
of "format_oid()" as the key (as that doesn't necessarily work).
Make "gssapi_oids" static, as one should only look up GSSAPI
authentication mechanism OIDs with "gssapi_lookup_oid()".
In the SPNEGO dissector, free up the OID strings when we're done with
them, and don't advance the offset past the OID until after we put the
OID into the protocol tree.
svn path=/trunk/; revision=6228
|
|
svn path=/trunk/; revision=6209
|
|
packet-spnego.c
svn path=/trunk/; revision=6207
|
|
Now, all I have to do is to modularize the Kerberos dissector :-)
svn path=/trunk/; revision=6192
|
|
Turns out it is a KRB5 AP-REQ ASN1 encoded, and the Kerberos dissector is
going to need to be re-architected to deal with this.
svn path=/trunk/; revision=6187
|
|
svn path=/trunk/; revision=6185
|
|
svn path=/trunk/; revision=6180
|
|
svn path=/trunk/; revision=6174
|
|
for RAW NTLMSSP, but the client actually sends SPNEGO encapsulated NTLMSSP.
svn path=/trunk/; revision=6173
|
|
svn path=/trunk/; revision=6172
|
|
registered dissector name; that means you don't have to register a
dissector by name to associate it with a GSS-API security mechanism OID.
svn path=/trunk/; revision=6163
|
|
and not try to parse unrelated info in the TVB.
svn path=/trunk/; revision=6162
|
|
svn path=/trunk/; revision=6159
|
|
that we do not account for properly, like Octet Strings.
svn path=/trunk/; revision=6152
|
|
wait until someone implements the missing bits of code.
svn path=/trunk/; revision=6147
|
|
svn path=/trunk/; revision=6144
|
|
svn path=/trunk/; revision=6140
|
|
Still have to work on the Octet string versus general string, but
much of it is there now.
svn path=/trunk/; revision=6137
|
|
svn path=/trunk/; revision=6136
|
|
contains.
svn path=/trunk/; revision=6133
|
|
svn path=/trunk/; revision=6132
|
|
handle for the dissector routine yet ...
Real work to do though ...
svn path=/trunk/; revision=6131
|
|
negTokenTarg, there is just more work to do on this.
svn path=/trunk/; revision=6127
|
|
svn path=/trunk/; revision=6120
|
|
svn path=/trunk/; revision=6119
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
svn path=/trunk/; revision=6117
|
|
svn path=/trunk/; revision=6110
|
|
Still more to come. SHould have the negTokenInit done soon, then onto the
negTokenTarg ...
svn path=/trunk/; revision=6109
|
|
More tonight?
svn path=/trunk/; revision=6108
|
|
svn path=/trunk/; revision=6106
|
|
It is not correct yet, as we really should parse the ASN1 stuff correctly.
I have mainly added comments, and then will work on parsing the structures
better.
svn path=/trunk/; revision=6104
|