aboutsummaryrefslogtreecommitdiffstats
path: root/packet-ntlmssp.c
diff options
context:
space:
mode:
authorGuy Harris <guy@alum.mit.edu>2003-07-18 05:51:21 +0000
committerGuy Harris <guy@alum.mit.edu>2003-07-18 05:51:21 +0000
commita9a326cec896e1089886b3b1b5beebe9c5ed5914 (patch)
treed74b80d350f80c34d67724b97bd2f4de47bb4a82 /packet-ntlmssp.c
parent44799be3972812585a0120669f7a82189dcca985 (diff)
downloadwireshark-a9a326cec896e1089886b3b1b5beebe9c5ed5914.tar.gz
wireshark-a9a326cec896e1089886b3b1b5beebe9c5ed5914.tar.bz2
wireshark-a9a326cec896e1089886b3b1b5beebe9c5ed5914.zip
I've seen NTLMSSP DCE RPC packets with a protection level of
DCE_C_AUTHN_LEVEL_CONNECT. svn path=/trunk/; revision=8042
Diffstat (limited to 'packet-ntlmssp.c')
-rw-r--r--packet-ntlmssp.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/packet-ntlmssp.c b/packet-ntlmssp.c
index 6257c0a379..c0a80a6358 100644
--- a/packet-ntlmssp.c
+++ b/packet-ntlmssp.c
@@ -3,7 +3,7 @@
* Devin Heitmueller <dheitmueller@netilla.com>
* Copyright 2003, Tim Potter <tpot@samba.org>
*
- * $Id: packet-ntlmssp.c,v 1.41 2003/07/16 04:20:32 tpot Exp $
+ * $Id: packet-ntlmssp.c,v 1.42 2003/07/18 05:51:21 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -1578,6 +1578,18 @@ proto_reg_handoff_ntlmssp(void)
/* Register authenticated pipe dissector */
+ /*
+ * XXX - the verifiers here seem to have a version of 1 and a body of all
+ * zeroes.
+ *
+ * XXX - DCE_C_AUTHN_LEVEL_CONNECT is, according to the DCE RPC 1.1
+ * spec, upgraded to DCE_C_AUTHN_LEVEL_PKT. Should we register
+ * any other levels here?
+ */
+ register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_CONNECT,
+ DCE_C_RPC_AUTHN_PROTOCOL_NTLMSSP,
+ &ntlmssp_sign_fns);
+
register_dcerpc_auth_subdissector(DCE_C_AUTHN_LEVEL_PKT_INTEGRITY,
DCE_C_RPC_AUTHN_PROTOCOL_NTLMSSP,
&ntlmssp_sign_fns);
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-25 06:43:47 +0000