Is it really worth it to asn2wsr'ify the kerberos dissector?
First, the dissector currently handles two different versions of
kerberos, both the "standard" 1510 ASN but also the slightly different
ASN used by packetcable.
Second, the dissector as it is today is almost complete and dissects
virtually the entire asn for both dialects of kerberos we support,
so asn2wrs'ifying it will not really increase the coverage of it.
Third, the dissector contains a lot of special stuff that vendors
(==ms) added to kerberos that is not ans1 defined, things such as
storing nt_status codes inside salt fields and also calling off to NDR
stuff like the PAC in w2k domains
Fourth, there is a lot of code to handle the decryption feature which
also ties into the various places where krb is used un conjunction
with gss-api for decryption of packets (== dcerpc and secure ldap)
maybe it is easier and less work to just handmassage the existing
dissector to use the new signatures instead of asn2wrs'ifying it ?
On 5/7/07, Anders Broman (AL/EAB) <anders.broman@xxxxxxxxxxxx> wrote:
Hi,
Could you do the asn2wrs changes and send me the file then I could do some experiments and
see how much work is involved? At least you have taken care of T38 then there is Kerberos
and some gsm stuff so it might not be to difficult.
Regards
Anders
________________________________
Från: wireshark-dev-bounces@xxxxxxxxxxxxx genom Kukosa, Tomas
Skickat: må 2007-05-07 09:42
Till: Developer support list for Wireshark
Ämne: Re: [Wireshark-dev] [Wireshark-commits] rev21705:/trunk//trunk/plugins/asn1/:asn1.hpacket-asn1.c/trunk/epan/dissectors/:packet-MAP_DialoguePDU.cpacket-acp133.cpacket-acse.cpacket-ansi_map.c packet-ber.cpacket-ber.hpacket-camel.c ...
Hi,
BTW when you are making such large changes do not you think about
changing of packet-ber from "field oriented" to "type oriented"?
I.e. replacing
field_function() {
type_function(hf_field);
}
sequence_structure[] = {
{..., field_function},
}
with code
sequence_structure[] = {
{&hf_field, ..., type_function},
}
I did the same for PER last year and generated code is much shorter.
Unfortunately it will be probaly very hard for BER as there are much BER
code written by hands which can not be regenerated but has to be
changed.
regards,
Tomas
Mailcode: NdD2sKHg
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
(AL/EAB)
Sent: Monday, May 07, 2007 8:57 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] [Wireshark-commits] rev
21705:/trunk//trunk/plugins/asn1/:
asn1.hpacket-asn1.c/trunk/epan/dissectors/:packet-MAP_DialoguePDU.cpacke
t-acp133.c packet-acse.cpacket-ansi_map.c packet-ber.cpacket-ber.h
packet-camel.c ...
Hi,
I thought as much but there is still a lot of work to get the actx into
all the BER dissecors. I'm taking it a step
At the time.
Regards
Anders
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Kukosa, Tomas
Sent: den 7 maj 2007 07:58
To: wireshark-dev@xxxxxxxxxxxxx
Subject: Re: [Wireshark-dev] [Wireshark-commits] rev 21705:
/trunk//trunk/plugins/asn1/: asn1.h
packet-asn1.c/trunk/epan/dissectors/:
packet-MAP_DialoguePDU.cpacket-acp133.c packet-acse.c packet-ansi_map.c
packet-ber.cpacket-ber.h packet-camel.c ...
Hello Anders,
I had not checked X.690 (BER) specification before I defined PER
external structures in asn1_ctx_t.
I expected BER uses encoding based on X.680 definition.
I think we could merge most of PER and BER items in external structure.
I will move PER items one layer upper and you can reuse them later in
BER too.
Regards,
Tomas
Mailcode: NdD2sKHg
-----Original Message-----
From: wireshark-commits-bounces@xxxxxxxxxxxxx
[mailto:wireshark-commits-bounces@xxxxxxxxxxxxx] On Behalf Of
etxrab@xxxxxxxxxxxxx
Sent: Monday, May 07, 2007 12:34 AM
To: wireshark-commits@xxxxxxxxxxxxx
Subject: [Wireshark-commits] rev 21705: /trunk/ /trunk/plugins/asn1/:
asn1.h packet-asn1.c /trunk/epan/dissectors/: packet-MAP_DialoguePDU.c
packet-acp133.c packet-acse.c packet-ansi_map.c packet-ber.c
packet-ber.h packet-camel.c ...
http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=21705
User: etxrab
Date: 2007/05/06 10:34 PM
Log:
Start introducing actx to ber functions.
Directory: /trunk/plugins/asn1/
Changes Path Action
+45 -0 asn1.h Modified
+0 -1 packet-asn1.c Modified
Directory: /trunk/epan/dissectors/
Changes Path Action
+20 -20 packet-MAP_DialoguePDU.c Modified
+56 -56 packet-acp133.c Modified
+103 -103 packet-acse.c Modified
+501 -501 packet-ansi_map.c Modified
+13 -10 packet-ber.c Modified
+2 -1 packet-ber.h Modified
+434 -434 packet-camel.c Modified
+8 -8 packet-cdt.c Modified
+133 -133 packet-cmip.c Modified
(68 files not shown)
_______________________________________________
Wireshark-commits mailing list
Wireshark-commits@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-commits
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
