Hi Ronnie,
could you please apply this patch
http://gitweb.samba.org/?p=metze/wireshark/wip.git;a=commitdiff;h=d4e3184d5faca653ef053b3469ad3f8ec7605b7e
With that patch decryption of aes encrypted traffic works as long as no
header signing is used.
I tried some hacks to decrypt it when header signing is on
and use a hacked mit krb5 1.6 version loaded with LD_LIBRARY_PATH
See
http://gitweb.samba.org/?p=metze/wireshark/wip.git;a=shortlog;h=refs/heads/ws-metze-gssapi-20090725
I think we should have aes specific decryption code in wireshark like we
have for arcfour in packet-spnego.c.
With this hacks I can decrypt every packet of the attached captures.
BTW: with what commandline do I have to generate pidl dissectors?
I want to add it for the DFS-R (FrsTransport) Interface.
metze
Attachment:
w2k8sp2-216-becomes-w2k8sp2-l3-dc-dfs-r-tests-01-crypt-ldap.pcap
Description: application/cap
Attachment:
w2k8sp2-216-becomes-w2k8sp2-l3-dc-dfs-r-tests-01-crypto-part.pcap
Description: application/cap
Attachment:
w2k8sp2-216-becomes-w2k8sp2-l3-dc-dfs-r-tests-01-drsuapi-part.pcap
Description: application/cap
Attachment:
w2k8sp2-215.keytab
Description: Binary data
Attachment:
signature.asc
Description: OpenPGP digital signature