Ethereal-dev: [Ethereal-dev] handle GSS-APi encrypted LDAP blobs
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: "Stefan (metze) Metzmacher" <metze@xxxxxxxxx>
Date: Mon, 20 Dec 2004 13:58:43 +0100
Hi Ronnie, here's a patch which makes ethereal handle GSS-API encrypted LDAP blobs (Is that what you mean by "unknown LDAP messages"?) could you or someone elese apply this? -- metze Stefan Metzmacher <metze at samba.org> www.samba.org
Index: epan/dissectors/packet-ldap.c
===================================================================
--- epan/dissectors/packet-ldap.c (revision 12788)
+++ epan/dissectors/packet-ldap.c (working copy)
@@ -59,6 +59,7 @@
/*
* 17-DEC-2004 - added basic decoding for LDAP Controls
+ * 20-DEC-2004 - added handling for GSS-API encrypted blobs
*
* Stefan Metzmacher <metze@xxxxxxxxx>
*/
@@ -624,7 +625,7 @@
return read_bytestring_value(a, tree, hf_id, new_item, s, start, length);
}
-static int check_optional_tag(ASN1_SCK *a, guint expected_cls, guint expected_tag)
+static int check_optional_tag(ASN1_SCK *a, guint expected_cls, guint expected_con, guint expected_tag)
{
guint cls, con, tag;
gboolean def;
@@ -636,7 +637,7 @@
ret = asn1_header_decode(a, &cls, &con, &tag, &def, &length);
if (ret == ASN1_ERR_NOERROR) {
- if (cls != expected_cls || con != ASN1_PRI || tag != expected_tag) {
+ if (cls != expected_cls || con != expected_con || tag != expected_tag) {
ret = ASN1_ERR_WRONG_TYPE;
}
}
@@ -1999,7 +2000,7 @@
break;
}
- ret = check_optional_tag(a, ASN1_UNI, ASN1_BOL);
+ ret = check_optional_tag(a, ASN1_UNI, ASN1_PRI, ASN1_BOL);
if (ret == ASN1_ERR_NOERROR) {
ret = read_boolean(a, ctrl_tree, hf_ldap_message_controls_critical, 0, 0);
if (ret != ASN1_ERR_NOERROR) {
@@ -2012,7 +2013,7 @@
break;
}
- ret = check_optional_tag(a, ASN1_UNI, ASN1_OTS);
+ ret = check_optional_tag(a, ASN1_UNI, ASN1_PRI, ASN1_OTS);
if (ret == ASN1_ERR_NOERROR) {
ret = read_bytestring(a, ctrl_tree, hf_ldap_message_controls_value, NULL, NULL, ASN1_UNI, ASN1_OTS);
if (ret != ASN1_ERR_NOERROR) {
@@ -2365,6 +2366,7 @@
proto_tree *gtree = NULL;
tvbuff_t *next_tvb;
ldap_conv_info_t *ldap_info=NULL;
+ int tmp_offset;
/*
@@ -2579,9 +2581,28 @@
proto_item_set_len(gitem, len);
/*
- * Now dissect the LDAP message.
+ * check if it's LDAP or an encrypted blob
*/
- dissect_ldap_message(tvb, 4 + len, pinfo, ldap_tree, ti, first_time, ldap_info, is_mscldap);
+
+ asn1_open(&a, tvb, 4 + len);
+ ret = check_optional_tag(&a, ASN1_UNI, ASN1_CON, ASN1_SEQ);
+ asn1_close(&a, &tmp_offset);
+ if (ret == ASN1_ERR_NOERROR) {
+ /*
+ * Now dissect the LDAP message.
+ */
+ dissect_ldap_message(tvb, 4 + len, pinfo, ldap_tree, ti, first_time, ldap_info, is_mscldap);
+ } else {
+ if (first_time && check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO, "LDAP GSS-API Encrypted payload (%d byte%s)",
+ sasl_length - len,
+ plurality(sasl_length - len, "", "s"));
+ }
+ proto_tree_add_text(ldap_tree, tvb, 4 + len, -1,
+ "GSS-API Encrypted payload (%d byte%s)",
+ sasl_length - len,
+ plurality(sasl_length - len, "", "s"));
+ }
} else {
/*
* We don't know how to handle other authentication mechanisms
- Follow-Ups:
- Re: [Ethereal-dev] handle GSS-APi encrypted LDAP blobs
- From: ronnie sahlberg
- Re: [Ethereal-dev] handle GSS-APi encrypted LDAP blobs
- Prev by Date: [Ethereal-dev] Re: packet-pgsql.c
- Next by Date: [Ethereal-dev] Warning with packet-radius packet-cable stuff
- Previous by thread: [Ethereal-dev] packet-dcom.c etc warnings
- Next by thread: Re: [Ethereal-dev] handle GSS-APi encrypted LDAP blobs
- Index(es):