Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] packet-kerberos.c: hand-written or ASN.1?

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Wed, 27 Jan 2010 19:30:00 +1100
packet-kerberos.c is handwritten.

packet-kerberos contains a whoole lot more than just rfc1510
(it even handles a pre rfc version of 1510 with a slightly different
asn, used by packetcable)


The vast majority of the code in apcket-kerberos.c is not really the
actual pdu definitions as of 1510
but things likes vast numbers of microsoft (and other) extensions to
various fields.

value strings   that are not defined in 1510

and of course, the whole decryption code   and microsoft PAC code.


Since the packetstructure in rfc1510 is such a very small part of
packet-kerberos.c  I dont think it is worth it to move it to
machinegenerated code.
(and if doing so, we would have to use a modified asn anyway, to not
break packetcable)



I think it is best if you just enhance the hf fields, one by one, as
you find them too terse.




regards
ronnie sahlberg




On Wed, Jan 27, 2010 at 6:25 PM, Stephen Fisher
<steve@xxxxxxxxxxxxxxxxxx> wrote:
> I've started working with Kerberos at work, and I was analyzing packets
> with Wireshark when I noticed that a number of the packet detail field
> names are pretty terse.  Is packet-kerberos.c written by hand, generated
> with ASN.1 or both?  I'm guessing both.  Is there a move to change it to
> entirely one way or the other?  I was wanting to expand some field names
> for things such as cusec.  I realize that hf_krb_cusec has a description
> for the status line of "micro second component of client time" but I
> still think that cusec could be expanded in the details pane.  Maybe
> something like "Client microseconds" or "Microseconds" under a Client
> tree title.
>
>
> Steve
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>