Ethereal-dev: [Ethereal-dev] kerberos patch
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Will Fiveash <William.Fiveash@xxxxxxx>
Date: Fri, 7 Oct 2005 13:52:54 -0500
I've modified the packet-kerberos.c to support PA-ETYPE-INFO2 type and the new aes128-cts-hmac-sha1-96 and aes256-cts-hmac-sha1-96 enctypes. The patch (for 0.10.12) is attached. -- Will Fiveash Sun Microsystems Inc. Austin, TX, USA (TZ=CST6CDT)
--- /export/willf/src/ethereal/orig/ethereal-0.10.12/epan/dissectors/packet-kerberos.c Tue Jul 26 14:26:41 2005 +++ packet-kerberos.c Fri Oct 7 11:02:00 2005 @@ -142,6 +142,8 @@ static gint hf_krb_PA_DATA_type = -1; static gint hf_krb_PA_DATA_value = -1; static gint hf_krb_etype_info_salt = -1; +static gint hf_krb_etype_info2_salt = -1; +static gint hf_krb_etype_info2_s2kparams = -1; static gint hf_krb_SAFE_BODY_user_data = -1; static gint hf_krb_PRIV_BODY_user_data = -1; static gint hf_krb_realm = -1; @@ -843,6 +845,8 @@ #define KRB5_ENCTYPE_RSA_ES_OEAP_ENV 14 #define KRB5_ENCTYPE_DES_EDE3_CBC_ENV 15 #define KRB5_ENCTYPE_DES3_CBC_SHA1 16 +#define KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 17 +#define KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 18 #define KRB5_ENCTYPE_DES_CBC_MD5_NT 20 #define KERB_ENCTYPE_RC4_HMAC 23 #define KERB_ENCTYPE_RC4_HMAC_EXP 24 @@ -909,6 +913,7 @@ #define KRB5_PA_PK_AS_REQ 14 #define KRB5_PA_PK_AS_REP 15 #define KRB5_PA_DASS 16 +#define KRB5_PA_ENCTYPE_INFO2 19 #define KRB5_PA_USE_SPECIFIED_KVNO 20 #define KRB5_PA_SAM_REDIRECT 21 #define KRB5_PA_GET_FROM_TYPED_DATA 22 @@ -1145,6 +1150,7 @@ { KRB5_PA_CYBERSAFE_SECUREID , "PA-CYBERSAFE-SECURID" }, { KRB5_PA_AFS3_SALT , "PA-AFS3-SALT" }, { KRB5_PA_ENCTYPE_INFO , "PA-ENCTYPE-INFO" }, + { KRB5_PA_ENCTYPE_INFO2 , "PA-ENCTYPE-INFO2" }, { KRB5_PA_SAM_CHALLENGE , "PA-SAM-CHALLENGE" }, { KRB5_PA_SAM_RESPONSE , "PA-SAM-RESPONSE" }, { KRB5_PA_PK_AS_REQ , "PA-PK-AS-REQ" }, @@ -1187,6 +1193,8 @@ { KRB5_ENCTYPE_RSA_ES_OEAP_ENV, "rsa-es-oeap-env" }, { KRB5_ENCTYPE_DES_EDE3_CBC_ENV, "des-ede3-cbc-env" }, { KRB5_ENCTYPE_DES3_CBC_SHA1 , "des3-cbc-sha1" }, + { KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 , "aes128-cts-hmac-sha1-96" }, + { KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 , "aes256-cts-hmac-sha1-96" }, { KRB5_ENCTYPE_DES_CBC_MD5_NT , "des-cbc-md5-nt" }, { KERB_ENCTYPE_RC4_HMAC , "rc4-hmac" }, { KERB_ENCTYPE_RC4_HMAC_EXP , "rc4-hmac-exp" }, @@ -1947,6 +1955,20 @@ return offset; } +int +dissect_krb5_etype_info2_salt(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +{ + offset=dissect_ber_GeneralString(pinfo, tree, tvb, offset, hf_krb_etype_info2_salt, NULL, 0); + return offset; +} + +static int +dissect_krb5_etype_info2_s2kparams(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +{ + offset=dissect_ber_octet_string(FALSE, pinfo, tree, tvb, offset, hf_krb_etype_info2_s2kparams, NULL); + return offset; +} + static ber_sequence_t PA_ENCTYPE_INFO_ENTRY_sequence[] = { { BER_CLASS_CON, 0, 0, dissect_krb5_etype }, @@ -1973,6 +1995,34 @@ return offset; } +static ber_sequence_t PA_ENCTYPE_INFO2_ENTRY_sequence[] = { + { BER_CLASS_CON, 0, 0, + dissect_krb5_etype }, + { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, + dissect_krb5_etype_info2_salt }, + { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL, + dissect_krb5_etype_info2_s2kparams }, + { 0, 0, 0, NULL } +}; +static int +dissect_krb5_PA_ENCTYPE_INFO2_ENTRY(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +{ + offset=dissect_ber_sequence(FALSE, pinfo, tree, tvb, offset, PA_ENCTYPE_INFO2_ENTRY_sequence, -1, -1); + + return offset; +} + +static ber_sequence_t PA_ENCTYPE_INFO2_sequence_of[1] = { + { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_krb5_PA_ENCTYPE_INFO2_ENTRY }, +}; +static int +dissect_krb5_PA_ENCTYPE_INFO2(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset) +{ + offset=dissect_ber_sequence_of(FALSE, pinfo, tree, tvb, offset, PA_ENCTYPE_INFO2_sequence_of, -1, -1); + + return offset; +} + /* * PA-DATA ::= SEQUENCE { * padata-type[1] INTEGER, @@ -2026,6 +2076,9 @@ case KRB5_PA_ENCTYPE_INFO: offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO); break; + case KRB5_PA_ENCTYPE_INFO2: + offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, dissect_krb5_PA_ENCTYPE_INFO2); + break; default: offset=dissect_ber_octet_string_wcb(FALSE, pinfo, tree, tvb, offset,hf_krb_PA_DATA_value, NULL); } @@ -4141,6 +4194,12 @@ { &hf_krb_etype_info_salt, { "Salt", "kerberos.etype_info.salt", FT_BYTES, BASE_HEX, NULL, 0, "Salt", HFILL }}, + { &hf_krb_etype_info2_salt, { + "Salt", "kerberos.etype_info2.salt", FT_BYTES, BASE_HEX, + NULL, 0, "Salt", HFILL }}, + { &hf_krb_etype_info2_s2kparams, { + "Salt", "kerberos.etype_info.s2kparams", FT_BYTES, BASE_HEX, + NULL, 0, "S2kparams", HFILL }}, { &hf_krb_SAFE_BODY_user_data, { "User Data", "kerberos.SAFE_BODY.user_data", FT_BYTES, BASE_HEX, NULL, 0, "SAFE BODY userdata field", HFILL }},
Attachment:
pgpFvDykYhoK4.pgp
Description: PGP signature
- Follow-Ups:
- [Ethereal-dev] Re: kerberos patch
- From: ronnie sahlberg
- [Ethereal-dev] Re: kerberos patch
- Prev by Date: Re: [Ethereal-dev] Updates and a new feature
- Next by Date: [Ethereal-dev] Re: [Ethereal-cvs] rev 16131:
- Previous by thread: [Ethereal-dev] Re: New dissector for PVFS2
- Next by thread: [Ethereal-dev] Re: kerberos patch
- Index(es):