diff options
author | Richard Sharpe <realrichardsharpe@gmail.com> | 2014-05-31 16:27:34 -0700 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2014-06-04 04:27:13 +0000 |
commit | 09b5361302725cc83b7c8d76282441d031050c38 (patch) | |
tree | 1ffcb9ca5c375bf80e712e342f5a382c90973534 /epan/dissectors/packet-spnego.c | |
parent | 1f17d0c6bb040c1dd4b8d95bec9751bf6a14d7e8 (diff) | |
download | wireshark-09b5361302725cc83b7c8d76282441d031050c38.tar.gz |
This fix now allows SASL/GSS-API with integrity only to be properly dissected
in that we now properly indicate the checksum and provide the wrapped token to
the LDAP dissector to dissect.
There is still a problem in that the wrong parts of the SASL packet can be
indicated when users click on some parts.
I am committing it for review and because it is much better than the current
code.
Bug:9398
Change-Id: I552fc249db26835b79abfc8793438a95f221663a
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/1905
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-spnego.c')
-rw-r--r-- | epan/dissectors/packet-spnego.c | 41 |
1 files changed, 34 insertions, 7 deletions
diff --git a/epan/dissectors/packet-spnego.c b/epan/dissectors/packet-spnego.c index b3dca1a365..adcd55b5d0 100644 --- a/epan/dissectors/packet-spnego.c +++ b/epan/dissectors/packet-spnego.c @@ -1478,13 +1478,40 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo if (pinfo->gssapi_data_encrypted) { checksum_size = 44 + ec; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + offset += checksum_size; + } else { - checksum_size = 12; - } + int inner_token_len = 0; - proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, - checksum_size, ENC_NA); - offset += checksum_size; + /* + * We know we have a wrap token, but we have to let the proto + * above us decode that, so hand it back in gssapi_wrap_tvb + * and put the checksum in the tree. + */ + + checksum_size = ec; + + inner_token_len = tvb_reported_length_remaining(tvb, offset) - + ec; + + pinfo->gssapi_wrap_tvb = tvb_new_subset(tvb, offset, + inner_token_len, inner_token_len); + + offset += inner_token_len; + + proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, + checksum_size, ENC_NA); + + /* + * Return an offset that puts our caller before the inner + * token. This is better than before, but we still see the + * checksum included in the LDAP query at times. + */ + return offset - inner_token_len; + } if(pinfo->decrypt_gssapi_tvb){ /* if the caller did not provide a tvb, then we just use @@ -1927,7 +1954,7 @@ void proto_register_spnego(void) { NULL, HFILL }}, /*--- End of included file: packet-spnego-hfarr.c ---*/ -#line 1382 "../../asn1/spnego/packet-spnego-template.c" +#line 1409 "../../asn1/spnego/packet-spnego-template.c" }; /* List of subtrees */ @@ -1950,7 +1977,7 @@ void proto_register_spnego(void) { &ett_spnego_InitialContextToken_U, /*--- End of included file: packet-spnego-ettarr.c ---*/ -#line 1392 "../../asn1/spnego/packet-spnego-template.c" +#line 1419 "../../asn1/spnego/packet-spnego-template.c" }; /* Register protocol */ |