diff options
author | Richard Sharpe <realrichardsharpe@gmail.com> | 2014-05-31 16:27:34 -0700 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2014-06-11 01:19:44 +0000 |
commit | 1fd1d3b608f4ed1988abbff2473efb578203912c (patch) | |
tree | 03286c7a849f2dbb74825e24f779e902022eb3f4 /asn1 | |
parent | 474de10d892a19d09ec10e4d5b16a025edc47df2 (diff) | |
download | wireshark-1fd1d3b608f4ed1988abbff2473efb578203912c.tar.gz |
This fix now allows SASL/GSS-API with integrity only to be properly dissected
in that we now properly indicate the checksum and provide the wrapped token to
the LDAP dissector to dissect.
There is still a problem in that the wrong parts of the SASL packet can be
indicated when users click on some parts.
I am committing it for review and because it is much better than the current
code.
Bug:9398
Change-Id: I552fc249db26835b79abfc8793438a95f221663a
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/1905
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit 09b5361302725cc83b7c8d76282441d031050c38)
Reviewed-on: https://code.wireshark.org/review/2076
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'asn1')
-rw-r--r-- | asn1/spnego/packet-spnego-template.c | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/asn1/spnego/packet-spnego-template.c b/asn1/spnego/packet-spnego-template.c index ac2d9b1f64..801ba66de7 100644 --- a/asn1/spnego/packet-spnego-template.c +++ b/asn1/spnego/packet-spnego-template.c @@ -1026,13 +1026,40 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo if (pinfo->gssapi_data_encrypted) { checksum_size = 44 + ec; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + offset += checksum_size; + } else { - checksum_size = 12; - } + int inner_token_len = 0; - proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, - checksum_size, ENC_NA); - offset += checksum_size; + /* + * We know we have a wrap token, but we have to let the proto + * above us decode that, so hand it back in gssapi_wrap_tvb + * and put the checksum in the tree. + */ + + checksum_size = ec; + + inner_token_len = tvb_reported_length_remaining(tvb, offset) - + ec; + + pinfo->gssapi_wrap_tvb = tvb_new_subset(tvb, offset, + inner_token_len, inner_token_len); + + offset += inner_token_len; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + + /* + * Return an offset that puts our caller before the inner + * token. This is better than before, but we still see the + * checksum included in the LDAP query at times. + */ + return offset - inner_token_len; + } if(pinfo->decrypt_gssapi_tvb){ /* if the caller did not provide a tvb, then we just use |