Adding upstream version 4.2.2.upstream/4.2.2

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 130 insertions, 0 deletions

diff --git a/epan/dissectors/asn1/credssp/credssp.cnf b/epan/dissectors/asn1/credssp/credssp.cnf
new file mode 100644
index 00000000..a55b1507
--- /dev/null
+++ b/epan/dissectors/asn1/credssp/credssp.cnf
@@ -0,0 +1,130 @@
+# credssp.cnf
+# Credential Security Support Provider (CredSSP) conformance file
+
+#.PDU
+TSRequest
+
+#.FN_PARS TSRequest/version VAL_PTR = &credssp_ver
+
+#.FN_BODY TSRequest/authInfo VAL_PTR = &auth_tvb
+	tvbuff_t *auth_tvb = NULL;
+	tvbuff_t *decr_tvb = NULL;
+	gssapi_encrypt_info_t gssapi_encrypt;
+
+	%(DEFAULT_BODY)s
+
+	memset(&gssapi_encrypt, 0, sizeof(gssapi_encrypt));
+	gssapi_encrypt.decrypt_gssapi_tvb=DECRYPT_GSSAPI_NORMAL;
+	call_dissector_with_data(gssapi_wrap_handle, auth_tvb, actx->pinfo, tree, &gssapi_encrypt);
+	decr_tvb = gssapi_encrypt.gssapi_decrypted_tvb;
+
+	if(decr_tvb != NULL)
+		dissect_credssp_TSCredentials(FALSE, decr_tvb, 0, actx, tree, hf_credssp_TSCredentials);
+
+#.FN_BODY TSRequest/pubKeyAuth VAL_PTR = &auth_tvb
+	tvbuff_t *auth_tvb = NULL;
+	tvbuff_t *decr_tvb = NULL;
+	gssapi_encrypt_info_t gssapi_encrypt;
+
+	%(DEFAULT_BODY)s
+
+	memset(&gssapi_encrypt, 0, sizeof(gssapi_encrypt));
+	gssapi_encrypt.decrypt_gssapi_tvb=DECRYPT_GSSAPI_NORMAL;
+	call_dissector_with_data(gssapi_wrap_handle, auth_tvb, actx->pinfo, tree, &gssapi_encrypt);
+	decr_tvb = gssapi_encrypt.gssapi_decrypted_tvb;
+
+	if(decr_tvb != NULL)
+		proto_tree_add_item(tree, hf_credssp_decr_PublicKeyAuth, decr_tvb, 0, -1, ENC_NA);
+
+#.FN_BODY TSRequest/errorCode
+
+	if (credssp_ver < 3) {
+		return 0;
+	}
+
+	%(DEFAULT_BODY)s
+
+
+#.FN_BODY TSRequest/clientNonce
+
+	if (credssp_ver < 5) {
+		return 0;
+	}
+
+	%(DEFAULT_BODY)s
+
+
+#.FN_PARS TSCredentials/credType VAL_PTR = &creds_type
+#.FN_PARS TSCredentials/credentials VAL_PTR = &creds_tvb
+
+#.FN_BODY TSCredentials/credentials
+	tvbuff_t *creds_tvb = NULL;
+
+	%(DEFAULT_BODY)s
+
+	switch(creds_type) {
+	case TS_PASSWORD_CREDS:
+		dissect_credssp_TSPasswordCreds(FALSE, creds_tvb, 0, actx, tree, hf_credssp_TSPasswordCreds);
+		break;
+	case TS_SMARTCARD_CREDS:
+		dissect_credssp_TSSmartCardCreds(FALSE, creds_tvb, 0, actx, tree, hf_credssp_TSSmartCardCreds);
+		break;
+	case TS_REMOTEGUARD_CREDS:
+		dissect_credssp_TSRemoteGuardCreds(FALSE, creds_tvb, 0, actx, tree, hf_credssp_TSRemoteGuardCreds);
+		break;
+	}
+
+
+#.FN_PARS NegoData/_item/negoToken VAL_PTR = &token_tvb
+
+#.FN_BODY NegoData/_item/negoToken
+	tvbuff_t *token_tvb = NULL;
+
+	%(DEFAULT_BODY)s
+
+	if(token_tvb != NULL)
+		call_dissector(gssapi_handle, token_tvb, actx->pinfo, tree);
+
+
+#.TYPE_ATTR
+TSRemoteGuardPackageCred/packageName TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
+
+#.FN_BODY TSRemoteGuardPackageCred/packageName VAL_PTR = &pname
+	tvbuff_t *pname = NULL;
+
+	offset = dissect_ber_octet_string(implicit_tag, actx, NULL, tvb, offset, hf_index, &pname);
+
+	if(pname != NULL) {
+		gint nlen = tvb_captured_length(pname);
+
+		if (nlen == sizeof(kerberos_pname) && memcmp(tvb_get_ptr(pname, 0, nlen), kerberos_pname, nlen) == 0) {
+			credssp_TS_RGC_package = TS_RGC_KERBEROS;
+		} else if (nlen == sizeof(ntlm_pname) && memcmp(tvb_get_ptr(pname, 0, nlen), ntlm_pname, nlen) == 0) {
+			credssp_TS_RGC_package = TS_RGC_NTLM;
+		}
+		proto_tree_add_item(tree, hf_index, pname, 0, -1, ENC_UTF_16|ENC_LITTLE_ENDIAN);
+	}
+
+#.FN_BODY TSRemoteGuardPackageCred/credBuffer VAL_PTR = &creds
+	tvbuff_t *creds= NULL;
+	proto_tree *subtree;
+
+	%(DEFAULT_BODY)s
+
+	if (!creds)
+		return offset;
+
+	switch(credssp_TS_RGC_package) {
+	case TS_RGC_KERBEROS:
+		subtree = proto_item_add_subtree(actx->created_item, ett_credssp_RGC_CredBuffer);
+		dissect_kerberos_KERB_TICKET_LOGON(creds, 0, actx, subtree);
+		break;
+	case TS_RGC_NTLM:
+		subtree = proto_item_add_subtree(actx->created_item, ett_credssp_RGC_CredBuffer);
+		dissect_ntlmssp_NTLM_REMOTE_SUPPLEMENTAL_CREDENTIAL(creds, 0, subtree);
+		break;
+	}
+
+#.END
+
+