On Mon, May 26, 2014 at 10:00 AM, Richard Sharpe
<realrichardsharpe@xxxxxxxxx> wrote:
> On Thu, May 22, 2014 at 12:37 AM, Kukosa, Tomas <tomas.kukosa@xxxxxxxxx> wrote:
>> Hi Richard,
>>
>> I do not know how to decide (and where) whether it is request or response as I have never seen SPNEGO.
>>
>> But the second half of the problem to switch between NegTokenInit and NegTokenInit2 can be solved in following way:
>>
>> #.FN_BODY NegotiationToken/negTokenInit
>> gboolean is_response = FALSE; /* get this information from somewhere */
>> if (is_response) {
>> return dissect_spnego_NegTokenInit2(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s, %(ACTX)s, %(TREE)s, %(HF_INDEX)s);
>> } else {
>> return dissect_spnego_NegTokenInit(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s, %(ACTX)s, %(TREE)s, %(HF_INDEX)s);
>> }
>> #.END
>
> Thank you for that hint. Also, I have found the pinfo pointer in the actx.
>
> However, is this an issue?
Well, it looks like it is, since epan/dissectors/packet-spnego.c ended up empty.
> [rsharpe@localhost spnego]$ make
> /usr/bin/python ../../tools/asn2wrs.py \
> -b \
> -p spnego \
> -c ./spnego.cnf \
> -s ./packet-spnego-template \
> -D . \
> -O ../../epan/dissectors \
> spnego.asn
> ASN.1 to Wireshark dissector compiler
> :0: UserWarning: The same type names for different types. Explicit
> type renaming is recommended.
> T_mechListMIC
> T_mechListMIC NegTokenInit/mechListMIC
> T_mechListMIC_01 NegTokenTarg/mechListMIC
>
> :0: UserWarning: The same field names for different types. Explicit
> field renaming is recommended.
> mechListMIC
> mechListMIC_01 OCTET_STRING NegTokenInit2/mechListMIC
> mechListMIC T_mechListMIC NegTokenInit/mechListMIC
> mechListMIC_02 T_mechListMIC_01 NegTokenTarg/mechListMIC
>
> :0: UserWarning: The same field names for different types. Explicit
> field renaming is recommended.
> mechToken
> mechToken_01 OCTET_STRING NegTokenInit2/mechToken
> mechToken T_mechToken NegTokenInit/mechToken
>
> --
> Regards,
> Richard Sharpe
> (何以解憂?唯有杜康。--曹操)
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)