Merging upstream version 4.4.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-09-19 04:14:53 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-09-19 04:14:53 +0000
commit: a86c5f7cae7ec9a3398300555a0b644689d946a1 (patch)
tree: 39fe4b107c71174fd1e8a8ceb9a4d2aa14116248 /epan/dissectors/asn1/kerberos/kerberos.cnf
parent: Releasing progress-linux version 4.2.6-1~progress7.99u1. (diff)
download: wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.tar.xz
wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.zip
1 files changed, 85 insertions, 105 deletions
diff --git a/epan/dissectors/asn1/kerberos/kerberos.cnf b/epan/dissectors/asn1/kerberos/kerberos.cnf
index fb7b92ae..2a5dab5d 100644
--- a/epan/dissectors/asn1/kerberos/kerberos.cnf
+++ b/epan/dissectors/asn1/kerberos/kerberos.cnf
@@ -83,6 +83,12 @@ Principal
 PROV-SRV-LOCATION
 SAMFlags
 TYPED-DATA
+KRB5-PFS-GROUP
+KRB5-PFS-SELECTION
+KRB5-PFS-SELECTIONS
+KRB5-PFS-PROPOSE
+KRB5-PFS-ACCEPT
+KRB5-PFS-ERROR
 
 #.NO_EMIT ONLY_VALS
 Applications
@@ -100,7 +106,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY MESSAGE-TYPE VAL_PTR = &msgtype
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  guint32 msgtype;
+  uint32_t msgtype;
 
 %(DEFAULT_BODY)s
 
@@ -110,7 +116,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
       val_to_str(msgtype, krb5_msg_types,
       "Unknown msg type %#x"));
   }
-  gbl_do_col_info=FALSE;
+  gbl_do_col_info=false;
 
 ##if 0
   /* append the application type to the tree */
@@ -134,34 +140,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.END
 #.FN_BODY KRB-ERROR/_untag/e-data
-  kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-
-  switch (private_data->errorcode) {
-  case KRB5_ET_KRB5KDC_ERR_BADOPTION:
-  case KRB5_ET_KRB5KDC_ERR_CLIENT_REVOKED:
-  case KRB5_ET_KRB5KDC_ERR_KEY_EXP:
-  case KRB5_ET_KRB5KDC_ERR_POLICY:
-    /* ms windows kdc sends e-data of this type containing a "salt"
-     * that contains the nt_status code for these error codes.
-     */
-    private_data->try_nt_status = TRUE;
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_PA_DATA);
-    break;
-  case KRB5_ET_KRB5KDC_ERR_PREAUTH_REQUIRED:
-  case KRB5_ET_KRB5KDC_ERR_PREAUTH_FAILED:
-  case KRB5_ET_KRB5KDC_ERR_ETYPE_NOSUPP:
-  case KRB5_ET_KDC_ERR_WRONG_REALM:
-  case KRB5_ET_KDC_ERR_PREAUTH_EXPIRED:
-  case KRB5_ET_KDC_ERR_MORE_PREAUTH_DATA_REQUIRED:
-  case KRB5_ET_KDC_ERR_PREAUTH_BAD_AUTHENTICATION_SET:
-  case KRB5_ET_KDC_ERR_UNKNOWN_CRITICAL_FAST_OPTIONS:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_T_rEP_SEQUENCE_OF_PA_DATA);
-    break;
-  default:
-    offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_kerberos_e_data, NULL);
-    break;
-  }
-
+  offset = dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_kerberos_e_data, dissect_kerberos_T_e_data_octets);
 
 #.FN_BODY PADATA-TYPE VAL_PTR=&(private_data->padata_type)
   kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
@@ -181,18 +160,18 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
    * we need to defer calling dissect_kerberos_PA_FX_FAST_REQUEST,
    * see dissect_kerberos_defer_PA_FX_FAST_REQUEST()
    */
-  private_data->PA_FX_FAST_REQUEST = (struct _kerberos_PA_FX_FAST_REQUEST) { .defer = TRUE, };
+  private_data->PA_FX_FAST_REQUEST = (struct _kerberos_PA_FX_FAST_REQUEST) { .defer = true, };
 %(DEFAULT_BODY)s
   if (private_data->PA_FX_FAST_REQUEST.tvb != NULL) {
     struct _kerberos_PA_FX_FAST_REQUEST used_stack = private_data->PA_FX_FAST_REQUEST;
-    private_data->PA_FX_FAST_REQUEST = (struct _kerberos_PA_FX_FAST_REQUEST) { .defer = FALSE, };
+    private_data->PA_FX_FAST_REQUEST = (struct _kerberos_PA_FX_FAST_REQUEST) { .defer = false, };
 
     /*
      * dissect_kerberos_defer_PA_FX_FAST_REQUEST() remembered
      * a tvb, so replay dissect_kerberos_PA_FX_FAST_REQUEST()
      * here.
      */
-    dissect_kerberos_PA_FX_FAST_REQUEST(FALSE,
+    dissect_kerberos_PA_FX_FAST_REQUEST(false,
                                         used_stack.tvb,
                                         0,
                                         actx,
@@ -215,97 +194,100 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
   switch(private_data->padata_type){
   case KERBEROS_PA_TGS_REQ:
     private_data->within_PA_TGS_REQ++;
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
     private_data->within_PA_TGS_REQ--;
     break;
   case KERBEROS_PA_PK_AS_REP_19:
-    private_data->is_win2k_pkinit = TRUE;
+    private_data->is_win2k_pkinit = true;
     if (kerberos_private_is_kdc_req(private_data)) {
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PA_PK_AS_REQ_Win2k);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PA_PK_AS_REQ_Win2k);
     } else {
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PA_PK_AS_REP_Win2k);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PA_PK_AS_REP_Win2k);
     }
     break;
   case KERBEROS_PA_PK_AS_REQ:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsReq);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsReq);
     break;
   case KERBEROS_PA_PK_AS_REP:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsRep);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_pkinit_PaPkAsRep);
     break;
   case KERBEROS_PA_PAC_REQUEST:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_PAC_REQUEST);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_PAC_REQUEST);
     break;
   case KERBEROS_PA_FOR_USER: /* S4U2SELF */
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U2Self);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U2Self);
     break;
   case KERBEROS_PA_FOR_X509_USER:
     if(private_data->msg_type == KRB5_MSG_AS_REQ){
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_x509af_Certificate);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_x509af_Certificate);
     }else if(private_data->is_enc_padata){
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, NULL);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, NULL);
     }else{
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U_X509_USER);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_S4U_X509_USER);
     }
     break;
   case KERBEROS_PA_PROV_SRV_LOCATION:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PA_PROV_SRV_LOCATION);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PA_PROV_SRV_LOCATION);
     break;
   case KERBEROS_PA_ENC_TIMESTAMP:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_ENC_TIMESTAMP);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_ENC_TIMESTAMP);
     break;
   case KERBEROS_PA_ETYPE_INFO:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO);
     break;
   case KERBEROS_PA_ETYPE_INFO2:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO2);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_ETYPE_INFO2);
     break;
   case KERBEROS_PA_PW_SALT:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PW_SALT);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_krb5_PW_SALT);
     break;
   case KERBEROS_PA_AUTH_SET_SELECTED:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_AUTHENTICATION_SET_ELEM);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_AUTHENTICATION_SET_ELEM);
     break;
   case KERBEROS_PA_FX_FAST:
     if (kerberos_private_is_kdc_req(private_data)) {
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_defer_PA_FX_FAST_REQUEST);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_defer_PA_FX_FAST_REQUEST);
     }else{
-      offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_FX_FAST_REPLY);
+      offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_FX_FAST_REPLY);
     }
     break;
   case KERBEROS_PA_FX_ERROR:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications);
     break;
   case KERBEROS_PA_ENCRYPTED_CHALLENGE:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_EncryptedChallenge);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_EncryptedChallenge);
     break;
   case KERBEROS_PA_KERB_KEY_LIST_REQ:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset, hf_index, dissect_kerberos_PA_KERB_KEY_LIST_REQ);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset, hf_index, dissect_kerberos_PA_KERB_KEY_LIST_REQ);
     break;
   case KERBEROS_PA_KERB_KEY_LIST_REP:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset, hf_index, dissect_kerberos_PA_KERB_KEY_LIST_REP);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset, hf_index, dissect_kerberos_PA_KERB_KEY_LIST_REP);
     break;
   case KERBEROS_PA_SUPPORTED_ETYPES:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_SUPPORTED_ENCTYPES);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_SUPPORTED_ENCTYPES);
     break;
   case KERBEROS_PA_PAC_OPTIONS:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset, hf_index, dissect_kerberos_PA_PAC_OPTIONS);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset, hf_index, dissect_kerberos_PA_PAC_OPTIONS);
     break;
   case KERBEROS_PA_REQ_ENC_PA_REP:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Checksum);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Checksum);
     break;
   case KERBEROS_PA_SPAKE:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_SPAKE);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_PA_SPAKE);
+    break;
+  case KERBEROS_PA_SRP:
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_KRB5_SRP_PA_APPLICATIONS);
     break;
   default:
-    offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, NULL);
+    offset=dissect_ber_octet_string_wcb(false, actx, sub_tree, tvb, offset,hf_index, NULL);
     break;
   }
 
 #.FN_BODY HostAddress/address
-  gint8 appclass;
+  int8_t appclass;
   bool pc;
-  gint32 tag;
-  guint32 len;
+  int32_t tag;
+  uint32_t len;
   const char *address_str;
   proto_item *it=NULL;
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
@@ -358,56 +340,56 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY EncryptedTicketData/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_ticket_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_ticket_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedAuthorizationData/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authorization_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authorization_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedAuthenticator/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authenticator_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authenticator_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedKDCREPData/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KDC_REP_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KDC_REP_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY PA-ENC-TIMESTAMP/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PA_ENC_TIMESTAMP);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedAPREPData/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_AP_REP_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_AP_REP_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedKrbPrivData/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PRIV_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PRIV_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedKrbCredData/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_CRED_data);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_CRED_data);
 ##else
 %(DEFAULT_BODY)s
 ##endif
@@ -422,11 +404,11 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
   switch(private_data->checksum_type){
   case KRB5_CHKSUM_GSSAPI:
-    offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &next_tvb);
+    offset=dissect_ber_octet_string(false, actx, tree, tvb, offset, hf_index, &next_tvb);
     dissect_krb5_rfc1964_checksum(actx, tree, next_tvb);
     break;
   default:
-    offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, NULL);
+    offset=dissect_ber_octet_string(false, actx, tree, tvb, offset, hf_index, NULL);
     break;
   }
 
@@ -475,7 +457,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY Authenticator/_untag/subkey
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  gint save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
+  int save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
   kerberos_key_save_fn saved_encryption_key_fn = private_data->save_encryption_key_fn;
   private_data->save_encryption_key_parent_hf_index = hf_kerberos_authenticator;
 ##ifdef HAVE_KERBEROS
@@ -487,7 +469,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY EncAPRepPart/_untag/subkey
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  gint save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
+  int save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
   kerberos_key_save_fn saved_encryption_key_fn = private_data->save_encryption_key_fn;
   private_data->save_encryption_key_parent_hf_index = hf_kerberos_encAPRepPart;
 ##ifdef HAVE_KERBEROS
@@ -499,7 +481,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY EncKDCRepPart/key
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  gint save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
+  int save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
   kerberos_key_save_fn saved_encryption_key_fn = private_data->save_encryption_key_fn;
   switch (private_data->msg_type) {
   case KERBEROS_APPLICATIONS_AS_REP:
@@ -520,7 +502,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY EncTicketPart/_untag/key
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  gint save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
+  int save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
   kerberos_key_save_fn saved_encryption_key_fn = private_data->save_encryption_key_fn;
   private_data->save_encryption_key_parent_hf_index = hf_kerberos_encTicketPart;
 ##ifdef HAVE_KERBEROS
@@ -532,7 +514,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY KrbCredInfo/key
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  gint save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
+  int save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
   kerberos_key_save_fn saved_encryption_key_fn = private_data->save_encryption_key_fn;
   private_data->save_encryption_key_parent_hf_index = hf_kerberos_ticket_info_item;
 ##ifdef HAVE_KERBEROS
@@ -544,7 +526,7 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 
 #.FN_BODY PA-KERB-KEY-LIST-REP/_item
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
-  gint save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
+  int save_encryption_key_parent_hf_index = private_data->save_encryption_key_parent_hf_index;
   kerberos_key_save_fn saved_encryption_key_fn = private_data->save_encryption_key_fn;
   private_data->save_encryption_key_parent_hf_index = hf_kerberos_kerbKeyListRep_key;
 ##ifdef HAVE_KERBEROS
@@ -595,33 +577,31 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
   kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
 %(DEFAULT_BODY)s
 
-#.FN_BODY KDC-REQ-BODY
-  conversation_t *conversation;
+#.FN_BODY KDC-REQ
+  kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
+  %(DEFAULT_BODY)s
+  if (private_data->krb5_conv != NULL) {
+     krb5_conf_add_request(actx);
+  }
 
-  /*
-   * UDP replies to KDC_REQs are sent from the server back to the client's
-   * source port, similar to the way TFTP works.  Set up a conversation
-   * accordingly.
-   *
-   * Ref: Section 7.2.1 of
-   * http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-07.txt
-   */
-  if (actx->pinfo->destport == UDP_PORT_KERBEROS && actx->pinfo->ptype == PT_UDP) {
-    conversation = find_conversation(actx->pinfo->num, &actx->pinfo->src, &actx->pinfo->dst, CONVERSATION_UDP,
-                      actx->pinfo->srcport, 0, NO_PORT_B);
-    if (conversation == NULL) {
-      conversation = conversation_new(actx->pinfo->num, &actx->pinfo->src, &actx->pinfo->dst, CONVERSATION_UDP,
-                      actx->pinfo->srcport, 0, NO_PORT2);
-      conversation_set_dissector(conversation, kerberos_handle_udp);
-    }
+#.FN_BODY KDC-REP
+  kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
+  %(DEFAULT_BODY)s
+  if (private_data->krb5_conv != NULL) {
+     krb5_conf_add_response(actx);
   }
 
+#.FN_BODY KRB-ERROR
+  kerberos_private_data_t *private_data = kerberos_get_private_data(actx);
   %(DEFAULT_BODY)s
+  if (private_data->krb5_conv != NULL) {
+     krb5_conf_add_response(actx);
+  }
 
 #.FN_BODY KRB-SAFE-BODY/user-data
   kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
   tvbuff_t *new_tvb;
-  offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
+  offset=dissect_ber_octet_string(false, actx, tree, tvb, offset, hf_index, &new_tvb);
   if (new_tvb) {
     call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_SAFE_USER_DATA, private_data->callbacks);
   }
@@ -629,35 +609,35 @@ KrbFastArmorTypes PROT_PREFIX UPPER_CASE
 #.FN_BODY EncKrbPrivPart/user-data
   kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
   tvbuff_t *new_tvb;
-  offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &new_tvb);
+  offset=dissect_ber_octet_string(false, actx, tree, tvb, offset, hf_index, &new_tvb);
   if (new_tvb) {
     call_kerberos_callbacks(actx->pinfo, tree, new_tvb, KRB_CBTAG_PRIV_USER_DATA, private_data->callbacks);
   }
 
 #.FN_HDR EncKDCRepPart/encrypted-pa-data
   kerberos_private_data_t* private_data = kerberos_get_private_data(actx);
-  private_data->is_enc_padata = TRUE;
+  private_data->is_enc_padata = true;
 
 #.FN_FTR EncKDCRepPart/encrypted-pa-data
-  private_data->is_enc_padata = FALSE;
+  private_data->is_enc_padata = false;
 
 #.FN_BODY EncryptedKrbFastReq/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KrbFastReq);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KrbFastReq);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedKrbFastResponse/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KrbFastResponse);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KrbFastResponse);
 ##else
 %(DEFAULT_BODY)s
 ##endif
 
 #.FN_BODY EncryptedChallenge/cipher
 ##ifdef HAVE_KERBEROS
-  offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_EncryptedChallenge);
+  offset=dissect_ber_octet_string_wcb(false, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_EncryptedChallenge);
 ##else
 %(DEFAULT_BODY)s
 ##endif
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-09-19 04:14:53 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-09-19 04:14:53 +0000
commit	a86c5f7cae7ec9a3398300555a0b644689d946a1 (patch)
tree	39fe4b107c71174fd1e8a8ceb9a4d2aa14116248 /epan/dissectors/asn1/kerberos/kerberos.cnf
parent	Releasing progress-linux version 4.2.6-1~progress7.99u1. (diff)
download	wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.tar.xz wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.zip