Adding support for GSSAPI GSS_Wrap tokens and refactoring the routine

that was already there. svn path=/trunk/; revision=7727
author: Richard Sharpe <sharpe@ns.aus.com> 2003-05-24 05:05:26 +0000
committer: Richard Sharpe <sharpe@ns.aus.com> 2003-05-24 05:05:26 +0000
commit: 0d855d0ebcb6835b2347fe0004327e697b02ace2 (patch)
tree: 1b1839868fde6f15ad565c5c975584c13f26bfa1 /packet-spnego.c
parent: f94c7971a512de7c2b08f65d5d6e05a706af13f9 (diff)
download: wireshark-0d855d0ebcb6835b2347fe0004327e697b02ace2.tar.gz
wireshark-0d855d0ebcb6835b2347fe0004327e697b02ace2.tar.bz2
wireshark-0d855d0ebcb6835b2347fe0004327e697b02ace2.zip
1 files changed, 67 insertions, 39 deletions
diff --git a/packet-spnego.c b/packet-spnego.c
index ca98dc35ca..8f835fef06 100644
--- a/packet-spnego.c
+++ b/packet-spnego.c
@@ -3,8 +3,9 @@
  * as described in RFC 2478.
  * Copyright 2002, Tim Potter <tpot@samba.org>
  * Copyright 2002, Richard Sharpe <rsharpe@ns.aus.com>
+ * Copyright 2003, Richard Sharpe <rsharpe@richardsharpe.com>
  *
- * $Id: packet-spnego.c,v 1.44 2003/05/23 18:34:58 sharpe Exp $
+ * $Id: packet-spnego.c,v 1.45 2003/05/24 05:05:26 sharpe Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
@@ -169,6 +170,8 @@ static const value_string spnego_krb5_seal_alg_vals[] = {
  */
 static int
 dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
+static int
+dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
 static void
 dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 {
@@ -320,6 +323,7 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 
 	case KRB_TOKEN_WRAP:
 
+          offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree);
 	  break;
 
 	case KRB_TOKEN_DELETE_SEC_CONTEXT:
@@ -336,20 +340,20 @@ dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 }
 
 /*
- * XXX - This is for GSSAPI GetMIC tokens ...
+ * XXX - This is for GSSAPI Wrap tokens ...
  */
 static int
-dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
+dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
 {
 	guint16 sgn_alg;
 
 	/*
 	 * The KRB5 blob conforms to RFC1964:
-	 *   USHORT (0x0101 == GSS_GetMIC)
+	 *   USHORT (0x0102 == GSS_Wrap)
 	 *   and so on } 
 	 */
 
-	/* Now, the sign algorithm ... */
+	/* Now, the sign and seal algorithms ... */
 
 	sgn_alg = tvb_get_letohs(tvb, offset);
 	proto_tree_add_uint(tree, hf_spnego_krb5_sgn_alg, tvb, offset, 2,
@@ -357,9 +361,14 @@ dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U
 
 	offset += 2;
 
+	proto_tree_add_item(tree, hf_spnego_krb5_seal_alg, tvb, offset, 2,
+			    TRUE);
+
+	offset += 2;
+
 	/* Skip the filler */
 
-	offset += 4;
+	offset += 2;
 
 	/* Encrypted sequence number */
 
@@ -395,69 +404,45 @@ dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U
 	 * of our top-level item to that offset, so it doesn't cover
 	 * the data we're wrapped around.
 	 */
-
 	return offset;
 }
 
 /*
- * XXX - is this for SPNEGO or just GSS-API?
- * RFC 1964 is "The Kerberos Version 5 GSS-API Mechanism"; presumably one
- * can directly designate Kerberos V5 as a mechanism in GSS-API, rather
- * than designating SPNEGO as the mechanism, offering Kerberos V5, and
- * getting it accepted.
+ * XXX - This is for GSSAPI GetMIC tokens ...
  */
 static int
-dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
+dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
 {
-	proto_item *item;
-	proto_tree *subtree;
-	int offset = 0;
 	guint16 sgn_alg;
 
-	item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, 0, -1, FALSE);
-
-	subtree = proto_item_add_subtree(item, ett_spnego_krb5);
-
 	/*
 	 * The KRB5 blob conforms to RFC1964:
-	 *   USHORT (0x0102 == GSS_Wrap)
+	 *   USHORT (0x0101 == GSS_GetMIC)
 	 *   and so on } 
 	 */
 
-	/* First, the token ID ... */
-
-	proto_tree_add_item(subtree, hf_spnego_krb5_tok_id, tvb, offset, 2,
-			    TRUE);
-
-	offset += 2;
-
-	/* Now, the sign and seal algorithms ... */
+	/* Now, the sign algorithm ... */
 
 	sgn_alg = tvb_get_letohs(tvb, offset);
-	proto_tree_add_uint(subtree, hf_spnego_krb5_sgn_alg, tvb, offset, 2,
+	proto_tree_add_uint(tree, hf_spnego_krb5_sgn_alg, tvb, offset, 2,
 			    sgn_alg);
 
 	offset += 2;
 
-	proto_tree_add_item(subtree, hf_spnego_krb5_seal_alg, tvb, offset, 2,
-			    TRUE);
-
-	offset += 2;
-
 	/* Skip the filler */
 
-	offset += 2;
+	offset += 4;
 
 	/* Encrypted sequence number */
 
-	proto_tree_add_item(subtree, hf_spnego_krb5_snd_seq, tvb, offset, 8,
+	proto_tree_add_item(tree, hf_spnego_krb5_snd_seq, tvb, offset, 8,
 			    TRUE);
 
 	offset += 8;
 
 	/* Checksum of plaintext padded data */
 
-	proto_tree_add_item(subtree, hf_spnego_krb5_sgn_cksum, tvb, offset, 8,
+	proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, 8,
 			    TRUE);
 
 	offset += 8;
@@ -470,7 +455,7 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree
 	 * GSS_Wrap() tokens to look the same....
 	 */
 	if (sgn_alg == KRB_SGN_ALG_HMAC) {
-	  proto_tree_add_item(subtree, hf_spnego_krb5_confounder, tvb, offset, 8,
+	  proto_tree_add_item(tree, hf_spnego_krb5_confounder, tvb, offset, 8,
 			      TRUE);
 
 	  offset += 8;
@@ -482,6 +467,49 @@ dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree
 	 * of our top-level item to that offset, so it doesn't cover
 	 * the data we're wrapped around.
 	 */
+
+	return offset;
+}
+
+/*
+ * XXX - is this for SPNEGO or just GSS-API?
+ * RFC 1964 is "The Kerberos Version 5 GSS-API Mechanism"; presumably one
+ * can directly designate Kerberos V5 as a mechanism in GSS-API, rather
+ * than designating SPNEGO as the mechanism, offering Kerberos V5, and
+ * getting it accepted.
+ */
+static int
+dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree)
+{
+	proto_item *item;
+	proto_tree *subtree;
+	int offset = 0;
+
+	item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, 0, -1, FALSE);
+
+	subtree = proto_item_add_subtree(item, ett_spnego_krb5);
+
+	/*
+	 * The KRB5 blob conforms to RFC1964:
+	 *   USHORT (0x0102 == GSS_Wrap)
+	 *   and so on } 
+	 */
+
+	/* First, the token ID ... */
+
+	proto_tree_add_item(subtree, hf_spnego_krb5_tok_id, tvb, offset, 2,
+			    TRUE);
+
+	offset += 2;
+
+        offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree);
+
+        /*
+	 * Return the offset past the checksum, so that we know where
+	 * the data we're wrapped around starts.  Also, set the length
+	 * of our top-level item to that offset, so it doesn't cover
+	 * the data we're wrapped around.
+	 */
 	proto_item_set_len(item, offset);
 	return offset;
 }
author	Richard Sharpe <sharpe@ns.aus.com>	2003-05-24 05:05:26 +0000
committer	Richard Sharpe <sharpe@ns.aus.com>	2003-05-24 05:05:26 +0000
commit	0d855d0ebcb6835b2347fe0004327e697b02ace2 (patch)
tree	1b1839868fde6f15ad565c5c975584c13f26bfa1 /packet-spnego.c
parent	f94c7971a512de7c2b08f65d5d6e05a706af13f9 (diff)
download	wireshark-0d855d0ebcb6835b2347fe0004327e697b02ace2.tar.gz wireshark-0d855d0ebcb6835b2347fe0004327e697b02ace2.tar.bz2 wireshark-0d855d0ebcb6835b2347fe0004327e697b02ace2.zip