From 0a1de06a249a376ecad78bb54bf200554ec427b0 Mon Sep 17 00:00:00 2001 From: Ronnie Sahlberg Date: Fri, 19 Aug 2005 09:47:11 +0000 Subject: From Matthias Drochner: I'll attach a patch which fixes the decoding of authenticated LDAP bind replies. The SASL credentials are always "context specific" in terms of ASN.1. I've tested the fix with DIGEST-MD5 authentication. (Without the patch, ethereal complains about a wrong type because it expects an ASN.a octet string.) (You might also consider a stricter check of the ASN.1 header type for the GSSAPI and GSS-SPNEGO cases, but I can't test this.) svn path=/trunk/; revision=15428 --- AUTHORS | 1 + epan/dissectors/packet-ldap.c | 8 +------- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/AUTHORS b/AUTHORS index fab5b2b620..a8719c5e80 100644 --- a/AUTHORS +++ b/AUTHORS @@ -2483,6 +2483,7 @@ Maria-Luiza Crivat Brice Augustin Matt Thornton Markus Seehofer +Matthias Drochner Alain Magloire was kind enough to diff --git a/epan/dissectors/packet-ldap.c b/epan/dissectors/packet-ldap.c index af306924cd..9e4c6f37af 100644 --- a/epan/dissectors/packet-ldap.c +++ b/epan/dissectors/packet-ldap.c @@ -1276,16 +1276,10 @@ static void dissect_ldap_response_bind(ASN1_SCK *a, proto_tree *tree, a->offset += cred_length; } else { if (read_bytestring(a, tree, hf_ldap_message_bind_server_credentials, - NULL, NULL, ASN1_UNI, ASN1_OTS) != ASN1_ERR_NOERROR) + NULL, NULL, ASN1_CTX, 7) != ASN1_ERR_NOERROR) return; } break; - - default: - if (read_bytestring(a, tree, hf_ldap_message_bind_server_credentials, - NULL, NULL, ASN1_CTX, 7) != ASN1_ERR_NOERROR) - return; - break; } } } -- cgit v1.2.3