Attached is one that works. Here are the other two small changes
required. This is for those who want to play around with it. I need to
find some captures with real NegoEx payloads in SPNEGO, but I suspect
that only Windows 8 supports it, although I am not sure. The one from
Sharkfest only shows NEGOEX as one of the mechanisms available along
with NTLMSSP. I have the spec so I can start coding but until I see
some real packets it is hard to say I have it correct.
Index: epan/CMakeLists.txt
===================================================================
--- epan/CMakeLists.txt (revision 43186)
+++ epan/CMakeLists.txt (working copy)
@@ -893,6 +893,7 @@
dissectors/packet-ndmp.c
dissectors/packet-ndp.c
dissectors/packet-ndps.c
+ dissectors/packet-negoex.c
dissectors/packet-netanalyzer.c
dissectors/packet-netbios.c
dissectors/packet-netdump.c
Index: epan/dissectors/Makefile.common
===================================================================
--- epan/dissectors/Makefile.common (revision 43186)
+++ epan/dissectors/Makefile.common (working copy)
@@ -814,6 +814,7 @@
packet-ndmp.c \
packet-ndp.c \
packet-ndps.c \
+ packet-negoex.c \
packet-netanalyzer.c \
packet-netbios.c \
packet-netdump.c \
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
/* packet-negoex.c
* Dissect the NEGOEX security protocol
* Copyright 2012 Richard Sharpe <realrichardsharpe@xxxxxxxxx>
* Routines for The Extended GSS-API Negotiation Mechanism
*
* $Id: packet-negoex.c 42904 2012-05-29 21:51:52Z rsharpe $
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@xxxxxxxxxxxxx>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* Just set me to activate debug #define DEBUG_NEGOEX */
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <glib.h>
#include <epan/packet.h>
#include "packet-windows-common.h"
#include "packet-smb-common.h"
#include "packet-frame.h"
#include <epan/asn1.h>
#include "packet-kerberos.h"
#include <epan/prefs.h>
#include <epan/emem.h>
#include <epan/tap.h>
#include <epan/expert.h>
#include "packet-dcerpc.h"
#include "packet-gssapi.h"
#include <wsutil/crc32.h>
static int proto_negoex = -1;
static gint ett_negoex = -1;
static void
dissect_negoex(tvbuff_t *tvb, __attribute__((unused))packet_info *pinfo, proto_tree *tree)
{
volatile int offset = 0;
proto_tree *volatile negoex_tree = NULL;
proto_item *tf = NULL;
/* Set up the NEGOEX payload */
if (tree) {
tf = proto_tree_add_item(tree, proto_negoex, tvb, offset, -1, ENC_NA);
}
}
static void
negoex_init_protocol(void)
{
}
void
proto_register_negoex(void)
{
static hf_register_info hf[] = {
};
static gint *ett[] = {
};
/*module_t *negoex_module = NULL; */
proto_negoex = proto_register_protocol (
"The Extended GSS-API Negotiation Mechanism", /* name */
"NEGOEX", /* short name */
"negoex" /* abbrev */
);
proto_register_field_array(proto_negoex, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
register_init_routine(&negoex_init_protocol);
/* negoex_module = prefs_register_protocol(proto_negoex, NULL);*/
register_dissector("negoex", dissect_negoex, proto_negoex);
}
void
proto_reg_handoff_negoex(void)
{
dissector_handle_t negoex_handle;
/* Register protocol with the GSS-API module */
negoex_handle = find_dissector("negoex");
gssapi_init_oid("1.3.6.1.4.1.311.2.2.30", proto_negoex, ett_negoex,
negoex_handle, NULL,
"NEGOEX - The Extended GSS-API Negotiation Mechanism");
}
/*
* Editor modelines - http://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 2
* tab-width: 8
* indent-tabs-mode: nil
* End:
*
* vi: set shiftwidth=2 tabstop=8 expandtab:
* :indentSize=2:tabSize=8:noTabs=true:
*/