Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] [Wireshark-commits]rev21705:/trunk//trunk/plugins/asn1/:asn1

From: "Anders Broman \(AL/EAB\)" <anders.broman@xxxxxxxxxxxx>
Date: Mon, 7 May 2007 11:42:49 +0200
Hi,
You are probably right. As with other stuff where "hand" made BER/PER code is used
I have made dummy files to let asn2wrs create the code to cut-and-paste to where needed
Should we check that type of code in some where and if so where?
/asn1/helpers/
		/ros
		/kerberos
		/...

Regards
Anders 

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of ronnie sahlberg
Sent: den 7 maj 2007 11:20
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] [Wireshark-commits]rev21705:/trunk//trunk/plugins/asn1/:asn1.hpacket-asn1.c/trunk/epan/dissectors/:packet-MAP_DialoguePDU.cpacket-acp133.cpacket-acse.cpacket-ansi_map.cpacket-ber.cpacket-ber.hpacket-camel.c ...

Is it really worth it to asn2wsr'ify the kerberos dissector?

First, the dissector currently handles two different versions of kerberos, both the "standard" 1510 ASN but also the slightly different ASN used by packetcable.

Second, the dissector as it is today is almost complete and dissects virtually the entire asn for both dialects of kerberos we support, so asn2wrs'ifying it will not really increase the coverage of it.

Third, the dissector contains a lot of special stuff that vendors
(==ms) added to kerberos that is not ans1 defined,    things such as
storing nt_status codes inside salt fields and also calling off to NDR stuff like the PAC in w2k domains

Fourth, there is a lot of code to handle the decryption feature  which also ties into the various places where krb is used un conjunction with gss-api for decryption of packets (== dcerpc and secure ldap)


maybe it is easier and less work to just handmassage the existing dissector to use the new signatures instead of asn2wrs'ifying it ?



On 5/7/07, Anders Broman (AL/EAB) <anders.broman@xxxxxxxxxxxx> wrote:
> Hi,
> Could you do the asn2wrs changes and send me the file then I could do 
> some experiments and see how much work is involved? At least you have 
> taken care of T38 then there is Kerberos and some gsm stuff so it might not be to difficult.
> Regards
> Anders
>
> ________________________________
>
> Från: wireshark-dev-bounces@xxxxxxxxxxxxx genom Kukosa, Tomas
> Skickat: må 2007-05-07 09:42
> Till: Developer support list for Wireshark
> Ämne: Re: [Wireshark-dev] [Wireshark-commits] rev21705:/trunk//trunk/plugins/asn1/:asn1.hpacket-asn1.c/trunk/epan/dissectors/:packet-MAP_DialoguePDU.cpacket-acp133.cpacket-acse.cpacket-ansi_map.c packet-ber.cpacket-ber.hpacket-camel.c ...
>
>
>
> Hi,
>
> BTW when you are making such large changes do not you think about 
> changing of packet-ber from "field oriented" to "type oriented"?
>
> I.e. replacing
>
>  field_function() {
>    type_function(hf_field);
>  }
>  sequence_structure[] = {
>   {..., field_function},
>  }
>
> with code
>
>  sequence_structure[] = {
>   {&hf_field, ..., type_function},
>  }
>
> I did the same for PER last year and generated code is much shorter.
>
> Unfortunately it will be probaly very hard for BER as there are much 
> BER code written by hands which can not be regenerated but has to be 
> changed.
>
> regards,
>   Tomas
>
>
> Mailcode: NdD2sKHg
> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders 
> Broman
> (AL/EAB)
> Sent: Monday, May 07, 2007 8:57 AM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] [Wireshark-commits] rev
> 21705:/trunk//trunk/plugins/asn1/:
> asn1.hpacket-asn1.c/trunk/epan/dissectors/:packet-MAP_DialoguePDU.cpac
> ke t-acp133.c packet-acse.cpacket-ansi_map.c packet-ber.cpacket-ber.h 
> packet-camel.c ...
>
> Hi,
> I thought as much but there is still a lot of work to get the actx 
> into all the BER dissecors. I'm taking it a step At the time.
> Regards
> Anders
>
> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Kukosa, 
> Tomas
> Sent: den 7 maj 2007 07:58
> To: wireshark-dev@xxxxxxxxxxxxx
> Subject: Re: [Wireshark-dev] [Wireshark-commits] rev 21705:
> /trunk//trunk/plugins/asn1/: asn1.h
> packet-asn1.c/trunk/epan/dissectors/:
> packet-MAP_DialoguePDU.cpacket-acp133.c packet-acse.c 
> packet-ansi_map.c packet-ber.cpacket-ber.h packet-camel.c ...
>
> Hello Anders,
>
> I had not checked X.690 (BER) specification before I defined PER 
> external structures in asn1_ctx_t.
> I expected BER uses encoding based on X.680 definition.
>
> I think we could merge most of PER and BER items in external structure.
>
> I will move PER items one layer upper and you can reuse them later in 
> BER too.
>
> Regards,
>   Tomas
>
>
> Mailcode: NdD2sKHg
> -----Original Message-----
> From: wireshark-commits-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-commits-bounces@xxxxxxxxxxxxx] On Behalf Of 
> etxrab@xxxxxxxxxxxxx
> Sent: Monday, May 07, 2007 12:34 AM
> To: wireshark-commits@xxxxxxxxxxxxx
> Subject: [Wireshark-commits] rev 21705: /trunk/ /trunk/plugins/asn1/:
> asn1.h packet-asn1.c /trunk/epan/dissectors/: packet-MAP_DialoguePDU.c 
> packet-acp133.c packet-acse.c packet-ansi_map.c packet-ber.c 
> packet-ber.h packet-camel.c ...
>
> http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=21705
>
> User: etxrab
> Date: 2007/05/06 10:34 PM
>
> Log:
>  Start introducing actx to ber functions.
>
> Directory: /trunk/plugins/asn1/
>   Changes    Path             Action
>   +45 -0     asn1.h           Modified
>   +0 -1      packet-asn1.c    Modified
>
> Directory: /trunk/epan/dissectors/
>   Changes    Path                         Action
>   +20 -20    packet-MAP_DialoguePDU.c     Modified
>   +56 -56    packet-acp133.c              Modified
>   +103 -103  packet-acse.c                Modified
>   +501 -501  packet-ansi_map.c            Modified
>   +13 -10    packet-ber.c                 Modified
>   +2 -1      packet-ber.h                 Modified
>   +434 -434  packet-camel.c               Modified
>   +8 -8      packet-cdt.c                 Modified
>   +133 -133  packet-cmip.c                Modified
>
>
> (68 files not shown)
> _______________________________________________
> Wireshark-commits mailing list
> Wireshark-commits@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-commits
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
>
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev