Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 9398] dissectors bug with a SASL/GSSAPI/Kerberos security layer employing inte

Wireshark-bugs: [Wireshark-bugs] [Bug 9398] dissectors bug with a SASL/GSSAPI/Kerberos security

Date: Sat, 31 May 2014 22:24:01 +0000

Comment # 6 on bug 9398 from Richard Sharpe

OK, the following patch does a much better job, but is still wrong in that it
does not associate the correct bytes with the LDAP query :-(

diff --git a/asn1/spnego/packet-spnego-template.c
b/asn1/spnego/packet-spnego-te
index ac2d9b1..aaac8a2 100644
--- a/asn1/spnego/packet-spnego-template.c
+++ b/asn1/spnego/packet-spnego-template.c
@@ -1026,13 +1026,29 @@ dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int
off

        if (pinfo->gssapi_data_encrypted) {
                checksum_size = 44 + ec;
+
+               proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb,
offset,
+                                   checksum_size, ENC_NA);
+               offset += checksum_size;
+
        } else {
-               checksum_size = 12;
-       }
+               int inner_token_len = 0;

-       proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset,
-                           checksum_size, ENC_NA);
-       offset += checksum_size;
+               checksum_size = ec;
+
+               inner_token_len = tvb_reported_length_remaining(tvb, offset) -
+                                       ec;
+
+               pinfo->gssapi_wrap_tvb = tvb_new_subset(tvb, offset,
+                                               inner_token_len,
inner_token_len
+
+               offset += inner_token_len;
+
+               proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb,
offset,
+                                   checksum_size, ENC_NA);
+
+               return offset;
+       }

        if(pinfo->decrypt_gssapi_tvb){
                /* if the caller did not provide a tvb, then we just use
diff --git a/epan/dissectors/packet-ldap.c b/epan/dissectors/packet-ldap.c
index 9ee6054..536e52d 100644
--- a/epan/dissectors/packet-ldap.c
+++ b/epan/dissectors/packet-ldap.c
@@ -4129,7 +4129,10 @@ static void
                                /* if we could unwrap, do a tvb shuffle */
                                if(pinfo->gssapi_decrypted_tvb){
                                        decr_tvb=pinfo->gssapi_decrypted_tvb;
+                               } else if (pinfo->gssapi_wrap_tvb) {
+                                       plain_tvb=pinfo->gssapi_wrap_tvb;
                                }
+
                                /* tidy up */
                                pinfo->decrypt_gssapi_tvb=0;
                                pinfo->gssapi_wrap_tvb=NULL;
@@ -4149,7 +4152,7 @@ static void
                                * see if the wrapping involved encryption of
the
                                * data; if not, just use the plaintext data.
                                */
-                               if (!decr_tvb) {
+                               if (!decr_tvb && !plain_tvb) {
                                        if(!pinfo->gssapi_data_encrypted){
                                                plain_tvb =
tvb_new_subset_remai
                                        }

You are receiving this mail because:

You are watching all bug changes.

Prev by Date: [Wireshark-bugs] [Bug 10122] Buildbot crash output: fuzz-2014-05-20-5906.pcap
Next by Date: [Wireshark-bugs] [Bug 9398] dissectors bug with a SASL/GSSAPI/Kerberos security layer employing integrity only (no encryption)
Previous by thread: [Wireshark-bugs] [Bug 9398] dissectors bug with a SASL/GSSAPI/Kerberos security layer employing integrity only (no encryption)
Next by thread: [Wireshark-bugs] [Bug 9398] dissectors bug with a SASL/GSSAPI/Kerberos security layer employing integrity only (no encryption)
Index(es):
- Date
- Thread