summaryrefslogtreecommitdiffstats
path: root/epan/dissectors/asn1/spnego
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:34:10 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:34:10 +0000
commite4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc (patch)
tree68cb5ef9081156392f1dd62a00c6ccc1451b93df /epan/dissectors/asn1/spnego
parentInitial commit. (diff)
downloadwireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.tar.xz
wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.zip
Adding upstream version 4.2.2.upstream/4.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'epan/dissectors/asn1/spnego')
-rw-r--r--epan/dissectors/asn1/spnego/CMakeLists.txt34
-rw-r--r--epan/dissectors/asn1/spnego/packet-spnego-template.c1464
-rw-r--r--epan/dissectors/asn1/spnego/spnego.asn104
-rw-r--r--epan/dissectors/asn1/spnego/spnego.cnf215
4 files changed, 1817 insertions, 0 deletions
diff --git a/epan/dissectors/asn1/spnego/CMakeLists.txt b/epan/dissectors/asn1/spnego/CMakeLists.txt
new file mode 100644
index 00000000..20041788
--- /dev/null
+++ b/epan/dissectors/asn1/spnego/CMakeLists.txt
@@ -0,0 +1,34 @@
+# CMakeLists.txt
+#
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 1998 Gerald Combs
+#
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+
+set( PROTOCOL_NAME spnego )
+
+set( PROTO_OPT )
+
+set( EXT_ASN_FILE_LIST
+)
+
+set( ASN_FILE_LIST
+ ${PROTOCOL_NAME}.asn
+)
+
+set( EXTRA_DIST
+ ${ASN_FILE_LIST}
+ packet-${PROTOCOL_NAME}-template.c
+ ${PROTOCOL_NAME}.cnf
+)
+
+set( SRC_FILES
+ ${EXTRA_DIST}
+ ${EXT_ASN_FILE_LIST}
+)
+
+set( A2W_FLAGS -b )
+
+ASN2WRS()
diff --git a/epan/dissectors/asn1/spnego/packet-spnego-template.c b/epan/dissectors/asn1/spnego/packet-spnego-template.c
new file mode 100644
index 00000000..25fcfa08
--- /dev/null
+++ b/epan/dissectors/asn1/spnego/packet-spnego-template.c
@@ -0,0 +1,1464 @@
+/* packet-spnego-template.c
+ * Routines for the simple and protected GSS-API negotiation mechanism
+ * as described in RFC 2478.
+ * Copyright 2002, Tim Potter <tpot@samba.org>
+ * Copyright 2002, Richard Sharpe <rsharpe@ns.aus.com>
+ * Copyright 2003, Richard Sharpe <rsharpe@richardsharpe.com>
+ * Copyright 2005, Ronnie Sahlberg (krb decryption)
+ * Copyright 2005, Anders Broman (converted to asn2wrs generated dissector)
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+/* The heimdal code for decryption of GSSAPI wrappers using heimdal comes from
+ Heimdal 1.6 and has been modified for wireshark's requirements.
+*/
+
+#include "config.h"
+
+#include <epan/packet.h>
+#include <epan/expert.h>
+#include <epan/asn1.h>
+#include <epan/conversation.h>
+#include <epan/proto_data.h>
+#include <wsutil/wsgcrypt.h>
+#include "packet-gssapi.h"
+#include "packet-kerberos.h"
+#include "packet-ber.h"
+
+#define PNAME "Simple Protected Negotiation"
+#define PSNAME "SPNEGO"
+#define PFNAME "spnego"
+
+void proto_register_spnego(void);
+void proto_reg_handoff_spnego(void);
+
+static dissector_handle_t spnego_wrap_handle;
+
+/* Initialize the protocol and registered fields */
+static int proto_spnego = -1;
+static int proto_spnego_krb5 = -1;
+
+
+static int hf_spnego_wraptoken = -1;
+static int hf_spnego_krb5_oid;
+static int hf_spnego_krb5 = -1;
+static int hf_spnego_krb5_tok_id = -1;
+static int hf_spnego_krb5_sgn_alg = -1;
+static int hf_spnego_krb5_seal_alg = -1;
+static int hf_spnego_krb5_snd_seq = -1;
+static int hf_spnego_krb5_sgn_cksum = -1;
+static int hf_spnego_krb5_confounder = -1;
+static int hf_spnego_krb5_filler = -1;
+static int hf_spnego_krb5_cfx_flags = -1;
+static int hf_spnego_krb5_cfx_flags_01 = -1;
+static int hf_spnego_krb5_cfx_flags_02 = -1;
+static int hf_spnego_krb5_cfx_flags_04 = -1;
+static int hf_spnego_krb5_cfx_ec = -1;
+static int hf_spnego_krb5_cfx_rrc = -1;
+static int hf_spnego_krb5_cfx_seq = -1;
+
+#include "packet-spnego-hf.c"
+
+/* Global variables */
+static const char *MechType_oid;
+gssapi_oid_value *next_level_value;
+gboolean saw_mechanism = FALSE;
+
+
+/* Initialize the subtree pointers */
+static gint ett_spnego = -1;
+static gint ett_spnego_wraptoken = -1;
+static gint ett_spnego_krb5 = -1;
+static gint ett_spnego_krb5_cfx_flags = -1;
+
+#include "packet-spnego-ett.c"
+
+static expert_field ei_spnego_decrypted_keytype = EI_INIT;
+static expert_field ei_spnego_unknown_header = EI_INIT;
+
+static dissector_handle_t spnego_handle;
+static dissector_handle_t spnego_krb5_handle;
+static dissector_handle_t spnego_krb5_wrap_handle;
+
+/*
+ * Unfortunately, we have to have forward declarations of these,
+ * as the code generated by asn2wrs includes a call before the
+ * definition.
+ */
+static int dissect_spnego_NegTokenInit(bool implicit_tag, tvbuff_t *tvb,
+ int offset, asn1_ctx_t *actx _U_,
+ proto_tree *tree, int hf_index);
+static int dissect_spnego_NegTokenInit2(bool implicit_tag, tvbuff_t *tvb,
+ int offset, asn1_ctx_t *actx _U_,
+ proto_tree *tree, int hf_index);
+
+#include "packet-spnego-fn.c"
+/*
+ * This is the SPNEGO KRB5 dissector. It is not true KRB5, but some ASN.1
+ * wrapped blob with an OID, USHORT token ID, and a Ticket, that is also
+ * ASN.1 wrapped by the looks of it. It conforms to RFC1964.
+ */
+
+#define KRB_TOKEN_AP_REQ 0x0001
+#define KRB_TOKEN_AP_REP 0x0002
+#define KRB_TOKEN_AP_ERR 0x0003
+#define KRB_TOKEN_GETMIC 0x0101
+#define KRB_TOKEN_WRAP 0x0102
+#define KRB_TOKEN_DELETE_SEC_CONTEXT 0x0201
+#define KRB_TOKEN_TGT_REQ 0x0004
+#define KRB_TOKEN_TGT_REP 0x0104
+#define KRB_TOKEN_CFX_GETMIC 0x0404
+#define KRB_TOKEN_CFX_WRAP 0x0405
+
+static const value_string spnego_krb5_tok_id_vals[] = {
+ { KRB_TOKEN_AP_REQ, "KRB5_AP_REQ"},
+ { KRB_TOKEN_AP_REP, "KRB5_AP_REP"},
+ { KRB_TOKEN_AP_ERR, "KRB5_ERROR"},
+ { KRB_TOKEN_GETMIC, "KRB5_GSS_GetMIC" },
+ { KRB_TOKEN_WRAP, "KRB5_GSS_Wrap" },
+ { KRB_TOKEN_DELETE_SEC_CONTEXT, "KRB5_GSS_Delete_sec_context" },
+ { KRB_TOKEN_TGT_REQ, "KERB_TGT_REQUEST" },
+ { KRB_TOKEN_TGT_REP, "KERB_TGT_REPLY" },
+ { KRB_TOKEN_CFX_GETMIC, "KRB_TOKEN_CFX_GetMic" },
+ { KRB_TOKEN_CFX_WRAP, "KRB_TOKEN_CFX_WRAP" },
+ { 0, NULL}
+};
+
+#define KRB_SGN_ALG_DES_MAC_MD5 0x0000
+#define KRB_SGN_ALG_MD2_5 0x0001
+#define KRB_SGN_ALG_DES_MAC 0x0002
+#define KRB_SGN_ALG_HMAC 0x0011
+
+static const value_string spnego_krb5_sgn_alg_vals[] = {
+ { KRB_SGN_ALG_DES_MAC_MD5, "DES MAC MD5"},
+ { KRB_SGN_ALG_MD2_5, "MD2.5"},
+ { KRB_SGN_ALG_DES_MAC, "DES MAC"},
+ { KRB_SGN_ALG_HMAC, "HMAC"},
+ { 0, NULL}
+};
+
+#define KRB_SEAL_ALG_DES_CBC 0x0000
+#define KRB_SEAL_ALG_RC4 0x0010
+#define KRB_SEAL_ALG_NONE 0xffff
+
+static const value_string spnego_krb5_seal_alg_vals[] = {
+ { KRB_SEAL_ALG_DES_CBC, "DES CBC"},
+ { KRB_SEAL_ALG_RC4, "RC4"},
+ { KRB_SEAL_ALG_NONE, "None"},
+ { 0, NULL}
+};
+
+/*
+ * XXX - is this for SPNEGO or just GSS-API?
+ * RFC 1964 is "The Kerberos Version 5 GSS-API Mechanism"; presumably one
+ * can directly designate Kerberos V5 as a mechanism in GSS-API, rather
+ * than designating SPNEGO as the mechanism, offering Kerberos V5, and
+ * getting it accepted.
+ */
+static int
+dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
+static int
+dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint16 token_id, gssapi_encrypt_info_t* gssapi_encrypt);
+static int
+dissect_spnego_krb5_cfx_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree);
+static int
+dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint16 token_id, gssapi_encrypt_info_t* gssapi_encrypt);
+
+static int
+dissect_spnego_krb5(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
+{
+ proto_item *item;
+ proto_tree *subtree;
+ int offset = 0;
+ guint16 token_id;
+ const char *oid;
+ tvbuff_t *krb5_tvb;
+ gint8 ber_class;
+ bool pc, ind = 0;
+ gint32 tag;
+ guint32 len;
+ gssapi_encrypt_info_t* encrypt_info = (gssapi_encrypt_info_t*)data;
+ asn1_ctx_t asn1_ctx;
+ asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
+
+ item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, offset, -1, ENC_NA);
+
+ subtree = proto_item_add_subtree(item, ett_spnego_krb5);
+
+ /*
+ * The KRB5 blob conforms to RFC1964:
+ * [APPLICATION 0] {
+ * OID,
+ * USHORT (0x0001 == AP-REQ, 0x0002 == AP-REP, 0x0003 == ERROR),
+ * OCTET STRING }
+ *
+ * However, for some protocols, the KRB5 blob starts at the SHORT
+ * and has no DER encoded header etc.
+ *
+ * It appears that for some other protocols the KRB5 blob is just
+ * a Kerberos message, with no [APPLICATION 0] header, no OID,
+ * and no USHORT.
+ *
+ * So:
+ *
+ * If we see an [APPLICATION 0] HEADER, we show the OID and
+ * the USHORT, and then dissect the rest as a Kerberos message.
+ *
+ * If we see an [APPLICATION 14] or [APPLICATION 15] header,
+ * we assume it's an AP-REQ or AP-REP message, and dissect
+ * it all as a Kerberos message.
+ *
+ * Otherwise, we show the USHORT, and then dissect the rest
+ * as a Kerberos message.
+ */
+
+ /*
+ * Get the first header ...
+ */
+ get_ber_identifier(tvb, offset, &ber_class, &pc, &tag);
+ if (ber_class == BER_CLASS_APP && pc) {
+ /*
+ * [APPLICATION <tag>]
+ */
+ offset = dissect_ber_identifier(pinfo, subtree, tvb, offset, &ber_class, &pc, &tag);
+ offset = dissect_ber_length(pinfo, subtree, tvb, offset, &len, &ind);
+
+ switch (tag) {
+
+ case 0:
+ /*
+ * [APPLICATION 0]
+ */
+
+ /* Next, the OID */
+ offset=dissect_ber_object_identifier_str(FALSE, &asn1_ctx, subtree, tvb, offset, hf_spnego_krb5_oid, &oid);
+
+ token_id = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(subtree, hf_spnego_krb5_tok_id, tvb, offset, 2, token_id);
+
+ offset += 2;
+
+ break;
+
+ case 14: /* [APPLICATION 14] */
+ case 15: /* [APPLICATION 15] */
+ /*
+ * No token ID - just dissect as a Kerberos message and
+ * return.
+ */
+ dissect_kerberos_main(tvb, pinfo, subtree, FALSE, NULL);
+ return tvb_captured_length(tvb);
+
+ default:
+ proto_tree_add_expert_format(subtree, pinfo, &ei_spnego_unknown_header, tvb, offset, 0,
+ "Unknown header (class=%d, pc=%d, tag=%d)", ber_class, pc, tag);
+ goto done;
+ }
+ } else {
+ /* Next, the token ID ... */
+
+ token_id = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(subtree, hf_spnego_krb5_tok_id, tvb, offset, 2, token_id);
+
+ offset += 2;
+ }
+
+ switch (token_id) {
+
+ case KRB_TOKEN_TGT_REQ:
+ offset = dissect_kerberos_TGT_REQ(FALSE, tvb, offset, &asn1_ctx, subtree, -1);
+ break;
+ case KRB_TOKEN_TGT_REP:
+ offset = dissect_kerberos_TGT_REP(FALSE, tvb, offset, &asn1_ctx, subtree, -1);
+ break;
+
+ case KRB_TOKEN_AP_REQ:
+ case KRB_TOKEN_AP_REP:
+ case KRB_TOKEN_AP_ERR:
+ krb5_tvb = tvb_new_subset_remaining(tvb, offset);
+ offset += dissect_kerberos_main(krb5_tvb, pinfo, subtree, FALSE, NULL);
+ break;
+
+ case KRB_TOKEN_GETMIC:
+ offset = dissect_spnego_krb5_getmic_base(tvb, offset, pinfo, subtree);
+ break;
+
+ case KRB_TOKEN_WRAP:
+ offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info);
+ break;
+
+ case KRB_TOKEN_DELETE_SEC_CONTEXT:
+
+ break;
+
+ case KRB_TOKEN_CFX_GETMIC:
+ offset = dissect_spnego_krb5_cfx_getmic_base(tvb, offset, pinfo, subtree);
+ break;
+
+ case KRB_TOKEN_CFX_WRAP:
+ offset = dissect_spnego_krb5_cfx_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info);
+ break;
+
+ default:
+
+ break;
+ }
+
+ done:
+ proto_item_set_len(item, offset);
+ return tvb_captured_length(tvb);
+}
+
+#ifdef HAVE_KERBEROS
+#ifndef KEYTYPE_ARCFOUR_56
+# define KEYTYPE_ARCFOUR_56 24
+#endif
+#ifndef KEYTYPE_ARCFOUR_HMAC
+# define KEYTYPE_ARCFOUR_HMAC 23
+#endif
+/* XXX - We should probably do a configure-time check for this instead */
+#ifndef KRB5_KU_USAGE_SEAL
+# define KRB5_KU_USAGE_SEAL 22
+#endif
+
+static int
+arcfour_mic_key(const guint8 *key_data, size_t key_size, int key_type,
+ const guint8 *cksum_data, size_t cksum_size,
+ guint8 *key6_data)
+{
+ guint8 k5_data[HASH_MD5_LENGTH];
+ guint8 T[4] = { 0 };
+
+ if (key_type == KEYTYPE_ARCFOUR_56) {
+ guint8 L40[14] = "fortybits";
+ memcpy(L40 + 10, T, sizeof(T));
+ if (ws_hmac_buffer(GCRY_MD_MD5, k5_data, L40, 14, key_data, key_size)) {
+ return 0;
+ }
+ memset(&k5_data[7], 0xAB, 9);
+ } else {
+ if (ws_hmac_buffer(GCRY_MD_MD5, k5_data, T, 4, key_data, key_size)) {
+ return 0;
+ }
+ }
+
+ if (ws_hmac_buffer(GCRY_MD_MD5, key6_data, cksum_data, cksum_size, k5_data, HASH_MD5_LENGTH)) {
+ return 0;
+ }
+ return 0;
+}
+
+static int
+usage2arcfour(int usage)
+{
+ switch (usage) {
+ case 3: /*KRB5_KU_AS_REP_ENC_PART 3 */
+ case 9: /*KRB5_KU_TGS_REP_ENC_PART_SUB_KEY 9 */
+ return 8;
+ case 22: /*KRB5_KU_USAGE_SEAL 22 */
+ return 13;
+ case 23: /*KRB5_KU_USAGE_SIGN 23 */
+ return 15;
+ case 24: /*KRB5_KU_USAGE_SEQ 24 */
+ return 0;
+ default :
+ return 0;
+ }
+}
+
+static int
+arcfour_mic_cksum(guint8 *key_data, int key_length,
+ unsigned int usage,
+ guint8 sgn_cksum[8],
+ const guint8 *v1, size_t l1,
+ const guint8 *v2, size_t l2,
+ const guint8 *v3, size_t l3)
+{
+ static const guint8 signature[] = "signaturekey";
+ guint8 ksign_c[HASH_MD5_LENGTH];
+ guint8 t[4];
+ guint8 digest[HASH_MD5_LENGTH];
+ int rc4_usage;
+ guint8 cksum[HASH_MD5_LENGTH];
+ gcry_md_hd_t md5_handle;
+
+ rc4_usage=usage2arcfour(usage);
+ if (ws_hmac_buffer(GCRY_MD_MD5, ksign_c, signature, sizeof(signature), key_data, key_length)) {
+ return 0;
+ }
+
+ if (gcry_md_open(&md5_handle, GCRY_MD_MD5, 0)) {
+ return 0;
+ }
+ t[0] = (rc4_usage >> 0) & 0xFF;
+ t[1] = (rc4_usage >> 8) & 0xFF;
+ t[2] = (rc4_usage >> 16) & 0xFF;
+ t[3] = (rc4_usage >> 24) & 0xFF;
+ gcry_md_write(md5_handle, t, 4);
+ gcry_md_write(md5_handle, v1, l1);
+ gcry_md_write(md5_handle, v2, l2);
+ gcry_md_write(md5_handle, v3, l3);
+ memcpy(digest, gcry_md_read(md5_handle, 0), HASH_MD5_LENGTH);
+ gcry_md_close(md5_handle);
+
+ if (ws_hmac_buffer(GCRY_MD_MD5, cksum, digest, HASH_MD5_LENGTH, ksign_c, HASH_MD5_LENGTH)) {
+ return 0;
+ }
+
+ memcpy(sgn_cksum, cksum, 8);
+
+ return 0;
+}
+
+/*
+ * Verify padding of a gss wrapped message and return its length.
+ */
+static int
+gssapi_verify_pad(guint8 *wrapped_data, int wrapped_length,
+ int datalen,
+ int *padlen)
+{
+ guint8 *pad;
+ int padlength;
+ int i;
+
+ pad = wrapped_data + wrapped_length - 1;
+ padlength = *pad;
+
+ if (padlength > datalen)
+ return 1;
+
+ for (i = padlength; i > 0 && *pad == padlength; i--, pad--);
+ if (i != 0)
+ return 2;
+
+ *padlen = padlength;
+
+ return 0;
+}
+
+static int
+decrypt_arcfour(gssapi_encrypt_info_t* gssapi_encrypt, guint8 *input_message_buffer, guint8 *output_message_buffer,
+ guint8 *key_value, int key_size, int key_type)
+{
+ guint8 Klocaldata[16];
+ int ret;
+ int datalen;
+ guint8 k6_data[16];
+ guint32 SND_SEQ[2];
+ guint8 Confounder[8];
+ guint8 cksum_data[8];
+ int cmp;
+ int conf_flag;
+ int padlen = 0;
+ gcry_cipher_hd_t rc4_handle;
+ int i;
+
+ datalen = tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb);
+
+ if(tvb_get_ntohs(gssapi_encrypt->gssapi_wrap_tvb, 4)==0x1000){
+ conf_flag=1;
+ } else if (tvb_get_ntohs(gssapi_encrypt->gssapi_wrap_tvb, 4)==0xffff){
+ conf_flag=0;
+ } else {
+ return -3;
+ }
+
+ if(tvb_get_ntohs(gssapi_encrypt->gssapi_wrap_tvb, 6)!=0xffff){
+ return -4;
+ }
+
+ ret = arcfour_mic_key(key_value, key_size, key_type,
+ tvb_get_ptr(gssapi_encrypt->gssapi_wrap_tvb, 16, 8),
+ 8, /* SGN_CKSUM */
+ k6_data);
+ if (ret) {
+ return -5;
+ }
+
+ tvb_memcpy(gssapi_encrypt->gssapi_wrap_tvb, SND_SEQ, 8, 8);
+ if (gcry_cipher_open (&rc4_handle, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0)) {
+ return -12;
+ }
+ if (gcry_cipher_setkey(rc4_handle, k6_data, sizeof(k6_data))) {
+ gcry_cipher_close(rc4_handle);
+ return -13;
+ }
+ gcry_cipher_decrypt(rc4_handle, (guint8 *)SND_SEQ, 8, NULL, 0);
+ gcry_cipher_close(rc4_handle);
+
+ memset(k6_data, 0, sizeof(k6_data));
+
+
+
+ if (SND_SEQ[1] != 0xFFFFFFFF && SND_SEQ[1] != 0x00000000) {
+ return -6;
+ }
+
+
+ for (i = 0; i < 16; i++)
+ Klocaldata[i] = ((guint8 *)key_value)[i] ^ 0xF0;
+
+ ret = arcfour_mic_key(Klocaldata,sizeof(Klocaldata),key_type,
+ (const guint8 *)SND_SEQ, 4,
+ k6_data);
+ memset(Klocaldata, 0, sizeof(Klocaldata));
+ if (ret) {
+ return -7;
+ }
+
+ if(conf_flag) {
+
+ tvb_memcpy(gssapi_encrypt->gssapi_wrap_tvb, Confounder, 24, 8);
+ if (gcry_cipher_open (&rc4_handle, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0)) {
+ return -14;
+ }
+ if (gcry_cipher_setkey(rc4_handle, k6_data, sizeof(k6_data))) {
+ gcry_cipher_close(rc4_handle);
+ return -15;
+ }
+
+ gcry_cipher_decrypt(rc4_handle, Confounder, 8, NULL, 0);
+ gcry_cipher_decrypt(rc4_handle, output_message_buffer, datalen, input_message_buffer, datalen);
+ gcry_cipher_close(rc4_handle);
+ } else {
+ tvb_memcpy(gssapi_encrypt->gssapi_wrap_tvb, Confounder, 24, 8);
+ memcpy(output_message_buffer, input_message_buffer, datalen);
+ }
+ memset(k6_data, 0, sizeof(k6_data));
+
+ /* only normal (i.e. non DCE style wrapping use padding ? */
+ if(gssapi_encrypt->decrypt_gssapi_tvb==DECRYPT_GSSAPI_NORMAL){
+ ret = gssapi_verify_pad(output_message_buffer,datalen,datalen, &padlen);
+ if (ret) {
+ return -9;
+ }
+ datalen -= padlen;
+ }
+
+ /* don't know what the checksum looks like for dce style gssapi */
+ if(gssapi_encrypt->decrypt_gssapi_tvb==DECRYPT_GSSAPI_NORMAL){
+ ret = arcfour_mic_cksum(key_value, key_size, KRB5_KU_USAGE_SEAL,
+ cksum_data,
+ tvb_get_ptr(gssapi_encrypt->gssapi_wrap_tvb, 0, 8), 8,
+ Confounder, sizeof(Confounder), output_message_buffer,
+ datalen + padlen);
+ if (ret) {
+ return -10;
+ }
+
+ cmp = tvb_memeql(gssapi_encrypt->gssapi_wrap_tvb, 16, cksum_data, 8); /* SGN_CKSUM */
+ if (cmp) {
+ return -11;
+ }
+ }
+
+ return datalen;
+}
+
+
+
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+
+static void
+decrypt_gssapi_krb_arcfour_wrap(proto_tree *tree _U_, packet_info *pinfo, tvbuff_t *tvb, int keytype, gssapi_encrypt_info_t* gssapi_encrypt)
+{
+ int ret;
+ enc_key_t *ek;
+ int length;
+ const guint8 *original_data;
+
+ guint8 *cryptocopy=NULL; /* workaround for pre-0.6.1 heimdal bug */
+ guint8 *output_message_buffer;
+
+ length=tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb);
+ original_data=tvb_get_ptr(gssapi_encrypt->gssapi_encrypted_tvb, 0, length);
+
+ /* don't do anything if we are not attempting to decrypt data */
+/*
+ if(!krb_decrypt){
+ return;
+ }
+*/
+ /* XXX we should only do this for first time, then store somewhere */
+ /* XXX We also need to re-read the keytab when the preference changes */
+
+ cryptocopy=(guint8 *)wmem_alloc(pinfo->pool, length);
+ output_message_buffer=(guint8 *)wmem_alloc(pinfo->pool, length);
+
+ for(ek=enc_key_list;ek;ek=ek->next){
+ /* shortcircuit and bail out if enctypes are not matching */
+ if(ek->keytype!=keytype){
+ continue;
+ }
+
+ /* pre-0.6.1 versions of Heimdal would sometimes change
+ the cryptotext data even when the decryption failed.
+ This would obviously not work since we iterate over the
+ keys. So just give it a copy of the crypto data instead.
+ This has been seen for RC4-HMAC blobs.
+ */
+ memcpy(cryptocopy, original_data, length);
+ ret=decrypt_arcfour(gssapi_encrypt,
+ cryptocopy,
+ output_message_buffer,
+ ek->keyvalue,
+ ek->keylength,
+ ek->keytype);
+ if (ret >= 0) {
+ expert_add_info_format(pinfo, NULL, &ei_spnego_decrypted_keytype,
+ "Decrypted keytype %d in frame %u using %s",
+ ek->keytype, pinfo->num, ek->key_origin);
+
+ gssapi_encrypt->gssapi_decrypted_tvb=tvb_new_child_real_data(tvb, output_message_buffer, ret, ret);
+ add_new_data_source(pinfo, gssapi_encrypt->gssapi_decrypted_tvb, "Decrypted GSS-Krb5");
+ return;
+ }
+ }
+}
+
+/* borrowed from heimdal */
+static int
+rrc_rotate(guint8 *data, int len, guint16 rrc, int unrotate)
+{
+ guint8 *tmp, buf[256];
+ size_t left;
+
+ if (len == 0)
+ return 0;
+
+ rrc %= len;
+
+ if (rrc == 0)
+ return 0;
+
+ left = len - rrc;
+
+ if (rrc <= sizeof(buf)) {
+ tmp = buf;
+ } else {
+ tmp = (guint8 *)g_malloc(rrc);
+ if (tmp == NULL)
+ return -1;
+ }
+
+ if (unrotate) {
+ memcpy(tmp, data, rrc);
+ memmove(data, data + rrc, left);
+ memcpy(data + left, tmp, rrc);
+ } else {
+ memcpy(tmp, data + left, rrc);
+ memmove(data + rrc, data, left);
+ memcpy(data, tmp, rrc);
+ }
+
+ if (rrc > sizeof(buf))
+ g_free(tmp);
+
+ return 0;
+}
+
+
+static void
+decrypt_gssapi_krb_cfx_wrap(proto_tree *tree,
+ packet_info *pinfo,
+ tvbuff_t *checksum_tvb,
+ gssapi_encrypt_info_t* gssapi_encrypt,
+ guint16 ec _U_,
+ guint16 rrc,
+ int keytype,
+ unsigned int usage)
+{
+ guint8 *rotated;
+ guint8 *output;
+ int datalen;
+ tvbuff_t *next_tvb;
+
+ /* don't do anything if we are not attempting to decrypt data */
+ if(!krb_decrypt){
+ return;
+ }
+
+ if (gssapi_encrypt->decrypt_gssapi_tvb==DECRYPT_GSSAPI_DCE) {
+ tvbuff_t *out_tvb = NULL;
+
+ out_tvb = decrypt_krb5_krb_cfx_dce(tree, pinfo, usage, keytype,
+ gssapi_encrypt->gssapi_header_tvb,
+ gssapi_encrypt->gssapi_encrypted_tvb,
+ gssapi_encrypt->gssapi_trailer_tvb,
+ checksum_tvb);
+ if (out_tvb) {
+ gssapi_encrypt->gssapi_decrypted_tvb = out_tvb;
+ add_new_data_source(pinfo, gssapi_encrypt->gssapi_decrypted_tvb, "Decrypted GSS-Krb5 CFX DCE");
+ }
+ return;
+ }
+
+ datalen = tvb_captured_length(checksum_tvb) + tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb);
+
+ rotated = (guint8 *)wmem_alloc(pinfo->pool, datalen);
+
+ tvb_memcpy(checksum_tvb, rotated, 0, tvb_captured_length(checksum_tvb));
+ tvb_memcpy(gssapi_encrypt->gssapi_encrypted_tvb, rotated + tvb_captured_length(checksum_tvb),
+ 0, tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb));
+
+ rrc_rotate(rotated, datalen, rrc, TRUE);
+
+ next_tvb=tvb_new_child_real_data(gssapi_encrypt->gssapi_encrypted_tvb, rotated,
+ datalen, datalen);
+ add_new_data_source(pinfo, next_tvb, "GSSAPI CFX");
+
+ output = decrypt_krb5_data(tree, pinfo, usage, next_tvb, keytype, &datalen);
+
+ if (output) {
+ guint8 *outdata;
+
+ outdata = (guint8 *)wmem_memdup(pinfo->pool, output, tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb));
+
+ gssapi_encrypt->gssapi_decrypted_tvb=tvb_new_child_real_data(gssapi_encrypt->gssapi_encrypted_tvb,
+ outdata,
+ tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb),
+ tvb_captured_length(gssapi_encrypt->gssapi_encrypted_tvb));
+ add_new_data_source(pinfo, gssapi_encrypt->gssapi_decrypted_tvb, "Decrypted GSS-Krb5");
+ }
+}
+
+#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
+
+
+#endif
+
+/*
+ * This is for GSSAPI Wrap tokens ...
+ */
+static int
+dissect_spnego_krb5_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint16 token_id, gssapi_encrypt_info_t* gssapi_encrypt)
+{
+ guint16 sgn_alg, seal_alg;
+#ifdef HAVE_KERBEROS
+ int start_offset=offset;
+#else
+ (void) pinfo;
+ (void) token_id;
+#endif
+
+ /*
+ * The KRB5 blob conforms to RFC1964:
+ * USHORT (0x0102 == GSS_Wrap)
+ * and so on }
+ */
+
+ /* Now, the sign and seal algorithms ... */
+
+ sgn_alg = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(tree, hf_spnego_krb5_sgn_alg, tvb, offset, 2, sgn_alg);
+
+ offset += 2;
+
+ seal_alg = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(tree, hf_spnego_krb5_seal_alg, tvb, offset, 2, seal_alg);
+
+ offset += 2;
+
+ /* Skip the filler */
+
+ offset += 2;
+
+ /* Encrypted sequence number */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_snd_seq, tvb, offset, 8, ENC_NA);
+
+ offset += 8;
+
+ /* Checksum of plaintext padded data */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, 8, ENC_NA);
+
+ offset += 8;
+
+ /*
+ * At least according to draft-brezak-win2k-krb-rc4-hmac-04,
+ * if the signing algorithm is KRB_SGN_ALG_HMAC, there's an
+ * extra 8 bytes of "Random confounder" after the checksum.
+ * It certainly confounds code expecting all Kerberos 5
+ * GSS_Wrap() tokens to look the same....
+ */
+ if ((sgn_alg == KRB_SGN_ALG_HMAC) ||
+ /* there also seems to be a confounder for DES MAC MD5 - certainly seen when using with
+ SASL with LDAP between a Java client and Active Directory. If this breaks other things
+ we may need to make this an option. gal 17/2/06 */
+ (sgn_alg == KRB_SGN_ALG_DES_MAC_MD5)) {
+ proto_tree_add_item(tree, hf_spnego_krb5_confounder, tvb, offset, 8, ENC_NA);
+ offset += 8;
+ }
+
+ /* Is the data encrypted? */
+ if (gssapi_encrypt != NULL)
+ gssapi_encrypt->gssapi_data_encrypted=(seal_alg!=KRB_SEAL_ALG_NONE);
+
+#ifdef HAVE_KERBEROS
+#define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32
+ if(gssapi_encrypt && gssapi_encrypt->decrypt_gssapi_tvb){
+ /* if the caller did not provide a tvb, then we just use
+ whatever is left of our current tvb.
+ */
+ if(!gssapi_encrypt->gssapi_encrypted_tvb){
+ int len;
+ len=tvb_reported_length_remaining(tvb,offset);
+ if(len>tvb_captured_length_remaining(tvb, offset)){
+ /* no point in trying to decrypt,
+ we don't have the full pdu.
+ */
+ return offset;
+ }
+ gssapi_encrypt->gssapi_encrypted_tvb = tvb_new_subset_length(
+ tvb, offset, len);
+ }
+
+ /* if this is KRB5 wrapped rc4-hmac */
+ if((token_id==KRB_TOKEN_WRAP)
+ &&(sgn_alg==KRB_SGN_ALG_HMAC)
+ &&(seal_alg==KRB_SEAL_ALG_RC4)){
+ /* do we need to create a tvb for the wrapper
+ as well ?
+ */
+ if(!gssapi_encrypt->gssapi_wrap_tvb){
+ gssapi_encrypt->gssapi_wrap_tvb = tvb_new_subset_length(
+ tvb, start_offset-2,
+ GSS_ARCFOUR_WRAP_TOKEN_SIZE);
+ }
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+ decrypt_gssapi_krb_arcfour_wrap(tree,
+ pinfo,
+ tvb,
+ KEYTYPE_ARCFOUR_HMAC,
+ gssapi_encrypt);
+#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
+ }
+ }
+#endif
+ /*
+ * Return the offset past the checksum, so that we know where
+ * the data we're wrapped around starts. Also, set the length
+ * of our top-level item to that offset, so it doesn't cover
+ * the data we're wrapped around.
+ *
+ * Note that for DCERPC the GSSAPI blobs comes after the data it wraps,
+ * not before.
+ */
+ return offset;
+}
+
+/*
+ * XXX - This is for GSSAPI GetMIC tokens ...
+ */
+static int
+dissect_spnego_krb5_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
+{
+ guint16 sgn_alg;
+
+ /*
+ * The KRB5 blob conforms to RFC1964:
+ * USHORT (0x0101 == GSS_GetMIC)
+ * and so on }
+ */
+
+ /* Now, the sign algorithm ... */
+
+ sgn_alg = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(tree, hf_spnego_krb5_sgn_alg, tvb, offset, 2, sgn_alg);
+
+ offset += 2;
+
+ /* Skip the filler */
+
+ offset += 4;
+
+ /* Encrypted sequence number */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_snd_seq, tvb, offset, 8, ENC_NA);
+
+ offset += 8;
+
+ /* Checksum of plaintext padded data */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, 8, ENC_NA);
+
+ offset += 8;
+
+ /*
+ * At least according to draft-brezak-win2k-krb-rc4-hmac-04,
+ * if the signing algorithm is KRB_SGN_ALG_HMAC, there's an
+ * extra 8 bytes of "Random confounder" after the checksum.
+ * It certainly confounds code expecting all Kerberos 5
+ * GSS_Wrap() tokens to look the same....
+ *
+ * The exception is DNS/TSIG where there is no such confounder
+ * so we need to test here if there are more bytes in our tvb or not.
+ * -- ronnie
+ */
+ if (tvb_reported_length_remaining(tvb, offset)) {
+ if (sgn_alg == KRB_SGN_ALG_HMAC) {
+ proto_tree_add_item(tree, hf_spnego_krb5_confounder, tvb, offset, 8, ENC_NA);
+
+ offset += 8;
+ }
+ }
+
+ /*
+ * Return the offset past the checksum, so that we know where
+ * the data we're wrapped around starts. Also, set the length
+ * of our top-level item to that offset, so it doesn't cover
+ * the data we're wrapped around.
+ */
+
+ return offset;
+}
+
+static int
+dissect_spnego_krb5_cfx_flags(tvbuff_t *tvb, int offset,
+ proto_tree *spnego_krb5_tree,
+ guint8 cfx_flags _U_)
+{
+ static int * const flags[] = {
+ &hf_spnego_krb5_cfx_flags_04,
+ &hf_spnego_krb5_cfx_flags_02,
+ &hf_spnego_krb5_cfx_flags_01,
+ NULL
+ };
+
+ proto_tree_add_bitmask(spnego_krb5_tree, tvb, offset, hf_spnego_krb5_cfx_flags, ett_spnego_krb5_cfx_flags, flags, ENC_NA);
+ return (offset + 1);
+}
+
+/*
+ * This is for GSSAPI CFX Wrap tokens ...
+ */
+static int
+dissect_spnego_krb5_cfx_wrap_base(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint16 token_id _U_, gssapi_encrypt_info_t* gssapi_encrypt)
+{
+ guint8 flags;
+ guint16 ec;
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+ guint16 rrc;
+#else
+ (void) pinfo;
+#endif
+ int checksum_size;
+ int start_offset=offset;
+
+ /*
+ * The KRB5 blob conforms to RFC4121:
+ * USHORT (0x0504)
+ * and so on }
+ */
+
+ /* Now, the sign and seal algorithms ... */
+
+ flags = tvb_get_guint8(tvb, offset);
+ offset = dissect_spnego_krb5_cfx_flags(tvb, offset, tree, flags);
+
+ if (gssapi_encrypt != NULL)
+ gssapi_encrypt->gssapi_data_encrypted=(flags & 2);
+
+ /* Skip the filler */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_filler, tvb, offset, 1, ENC_NA);
+ offset += 1;
+
+ /* EC */
+ ec = tvb_get_ntohs(tvb, offset);
+ proto_tree_add_item(tree, hf_spnego_krb5_cfx_ec, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
+
+ /* RRC */
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+ rrc = tvb_get_ntohs(tvb, offset);
+#endif
+ proto_tree_add_item(tree, hf_spnego_krb5_cfx_rrc, tvb, offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
+
+ /* sequence number */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_cfx_seq, tvb, offset, 8, ENC_BIG_ENDIAN);
+ offset += 8;
+
+ if (gssapi_encrypt == NULL) /* Probably shoudn't happen, but just protect ourselves */
+ return offset;
+
+ /* Checksum of plaintext padded data */
+
+ if (gssapi_encrypt->gssapi_data_encrypted) {
+ checksum_size = 44 + ec;
+
+ proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, checksum_size, ENC_NA);
+ offset += checksum_size;
+
+ } else {
+ int returned_offset;
+ int inner_token_len = 0;
+
+ /*
+ * We know we have a wrap token, but we have to let the proto
+ * above us decode that, so hand it back in gssapi_wrap_tvb
+ * and put the checksum in the tree.
+ */
+
+ checksum_size = ec;
+
+ inner_token_len = tvb_reported_length_remaining(tvb, offset);
+ if (inner_token_len > ec) {
+ inner_token_len -= ec;
+ }
+
+ /*
+ * We handle only the two common cases for now
+ * (rrc == 0 and rrc == ec)
+ */
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+ if (rrc == ec) {
+ proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, checksum_size, ENC_NA);
+ offset += checksum_size;
+ }
+#endif
+
+ returned_offset = offset;
+ gssapi_encrypt->gssapi_wrap_tvb = tvb_new_subset_length(tvb, offset,
+ inner_token_len);
+
+ offset += inner_token_len;
+
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+ if (rrc == 0)
+#endif
+ {
+ proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, checksum_size, ENC_NA);
+ }
+
+ /*
+ * Return an offset that puts our caller before the inner
+ * token. This is better than before, but we still see the
+ * checksum included in the LDAP query at times.
+ */
+ return returned_offset;
+ }
+
+ if(gssapi_encrypt->decrypt_gssapi_tvb){
+ /* if the caller did not provide a tvb, then we just use
+ whatever is left of our current tvb.
+ */
+ if(!gssapi_encrypt->gssapi_encrypted_tvb){
+ int len;
+ len=tvb_reported_length_remaining(tvb,offset);
+ if(len>tvb_captured_length_remaining(tvb, offset)){
+ /* no point in trying to decrypt,
+ we don't have the full pdu.
+ */
+ return offset;
+ }
+ gssapi_encrypt->gssapi_encrypted_tvb = tvb_new_subset_length_caplen(
+ tvb, offset, len, len);
+ }
+
+ if (gssapi_encrypt->gssapi_data_encrypted) {
+ /* do we need to create a tvb for the wrapper
+ as well ?
+ */
+ if(!gssapi_encrypt->gssapi_wrap_tvb){
+ gssapi_encrypt->gssapi_wrap_tvb = tvb_new_subset_length(
+ tvb, start_offset-2,
+ offset - (start_offset-2));
+ }
+ }
+ }
+
+#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
+{
+ tvbuff_t *checksum_tvb = tvb_new_subset_length(tvb, 16, checksum_size);
+
+ if (gssapi_encrypt->gssapi_data_encrypted) {
+ if(gssapi_encrypt->gssapi_encrypted_tvb){
+ decrypt_gssapi_krb_cfx_wrap(tree,
+ pinfo,
+ checksum_tvb,
+ gssapi_encrypt,
+ ec,
+ rrc,
+ -1,
+ (flags & 0x0001)?
+ KRB5_KU_USAGE_ACCEPTOR_SEAL:
+ KRB5_KU_USAGE_INITIATOR_SEAL);
+ }
+ }
+}
+#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
+
+ /*
+ * Return the offset past the checksum, so that we know where
+ * the data we're wrapped around starts. Also, set the length
+ * of our top-level item to that offset, so it doesn't cover
+ * the data we're wrapped around.
+ *
+ * Note that for DCERPC the GSSAPI blobs comes after the data it wraps,
+ * not before.
+ */
+ return offset;
+}
+
+/*
+ * XXX - This is for GSSAPI CFX GetMIC tokens ...
+ */
+static int
+dissect_spnego_krb5_cfx_getmic_base(tvbuff_t *tvb, int offset, packet_info *pinfo _U_, proto_tree *tree)
+{
+ guint8 flags;
+ int checksum_size;
+
+ /*
+ * The KRB5 blob conforms to RFC4121:
+ * USHORT (0x0404 == GSS_GetMIC)
+ * and so on }
+ */
+
+ flags = tvb_get_guint8(tvb, offset);
+ offset = dissect_spnego_krb5_cfx_flags(tvb, offset, tree, flags);
+
+ /* Skip the filler */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_filler, tvb, offset, 5, ENC_NA);
+ offset += 5;
+
+ /* sequence number */
+
+ proto_tree_add_item(tree, hf_spnego_krb5_cfx_seq, tvb, offset, 8, ENC_BIG_ENDIAN);
+ offset += 8;
+
+ /* Checksum of plaintext padded data */
+
+ checksum_size = tvb_captured_length_remaining(tvb, offset);
+
+ proto_tree_add_item(tree, hf_spnego_krb5_sgn_cksum, tvb, offset, checksum_size, ENC_NA);
+ offset += checksum_size;
+
+ /*
+ * Return the offset past the checksum, so that we know where
+ * the data we're wrapped around starts. Also, set the length
+ * of our top-level item to that offset, so it doesn't cover
+ * the data we're wrapped around.
+ */
+
+ return offset;
+}
+
+/*
+ * XXX - is this for SPNEGO or just GSS-API?
+ * RFC 1964 is "The Kerberos Version 5 GSS-API Mechanism"; presumably one
+ * can directly designate Kerberos V5 as a mechanism in GSS-API, rather
+ * than designating SPNEGO as the mechanism, offering Kerberos V5, and
+ * getting it accepted.
+ */
+static int
+dissect_spnego_krb5_wrap(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void *data)
+{
+ proto_item *item;
+ proto_tree *subtree;
+ int offset = 0;
+ guint16 token_id;
+ gssapi_encrypt_info_t* encrypt_info = (gssapi_encrypt_info_t*)data;
+
+ item = proto_tree_add_item(tree, hf_spnego_krb5, tvb, 0, -1, ENC_NA);
+
+ subtree = proto_item_add_subtree(item, ett_spnego_krb5);
+
+ /*
+ * The KRB5 blob conforms to RFC1964:
+ * USHORT (0x0102 == GSS_Wrap)
+ * and so on }
+ */
+
+ /* First, the token ID ... */
+
+ token_id = tvb_get_letohs(tvb, offset);
+ proto_tree_add_uint(subtree, hf_spnego_krb5_tok_id, tvb, offset, 2, token_id);
+
+ offset += 2;
+
+ switch (token_id) {
+ case KRB_TOKEN_GETMIC:
+ offset = dissect_spnego_krb5_getmic_base(tvb, offset, pinfo, subtree);
+ break;
+
+ case KRB_TOKEN_WRAP:
+ offset = dissect_spnego_krb5_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info);
+ break;
+
+ case KRB_TOKEN_CFX_GETMIC:
+ offset = dissect_spnego_krb5_cfx_getmic_base(tvb, offset, pinfo, subtree);
+ break;
+
+ case KRB_TOKEN_CFX_WRAP:
+ offset = dissect_spnego_krb5_cfx_wrap_base(tvb, offset, pinfo, subtree, token_id, encrypt_info);
+ break;
+
+ default:
+
+ break;
+ }
+
+ /*
+ * Return the offset past the checksum, so that we know where
+ * the data we're wrapped around starts. Also, set the length
+ * of our top-level item to that offset, so it doesn't cover
+ * the data we're wrapped around.
+ */
+ proto_item_set_len(item, offset);
+ return offset;
+}
+
+/* Spnego stuff from here */
+
+static int
+dissect_spnego_wrap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
+{
+ proto_item *item;
+ proto_tree *subtree;
+ int offset = 0;
+ asn1_ctx_t asn1_ctx;
+ asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
+
+ MechType_oid = NULL;
+
+ /*
+ * We need this later, so lets get it now ...
+ * It has to be per-frame as there can be more than one GSS-API
+ * negotiation in a conversation.
+ */
+
+
+ item = proto_tree_add_item(tree, proto_spnego, tvb, offset, -1, ENC_NA);
+
+ subtree = proto_item_add_subtree(item, ett_spnego);
+ /*
+ * The TVB contains a [0] header and a sequence that consists of an
+ * object ID and a blob containing the data ...
+ * XXX - is this RFC 2743's "Mechanism-Independent Token Format",
+ * with the "optional" "use in non-initial tokens" being chosen.
+ * ASN1 code addet to spnego.asn to handle this.
+ */
+
+ offset = dissect_spnego_InitialContextToken(FALSE, tvb, offset, &asn1_ctx , subtree, -1);
+
+ return offset;
+}
+
+
+static int
+dissect_spnego(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data _U_)
+{
+ proto_item *item;
+ proto_tree *subtree;
+ int offset = 0;
+ conversation_t *conversation;
+ asn1_ctx_t asn1_ctx;
+ asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
+
+ /*
+ * We need this later, so lets get it now ...
+ * It has to be per-frame as there can be more than one GSS-API
+ * negotiation in a conversation.
+ */
+ next_level_value = (gssapi_oid_value *)p_get_proto_data(wmem_file_scope(), pinfo, proto_spnego, 0);
+ if (!next_level_value && !pinfo->fd->visited) {
+ /*
+ * No handle attached to this frame, but it's the first
+ * pass, so it'd be attached to the conversation.
+ * If we have a conversation, try to get the handle,
+ * and if we get one, attach it to the frame.
+ */
+ conversation = find_conversation_pinfo(pinfo, 0);
+
+ if (conversation) {
+ next_level_value = (gssapi_oid_value *)conversation_get_proto_data(conversation, proto_spnego);
+ if (next_level_value)
+ p_add_proto_data(wmem_file_scope(), pinfo, proto_spnego, 0, next_level_value);
+ }
+ }
+
+ item = proto_tree_add_item(parent_tree, proto_spnego, tvb, offset, -1, ENC_NA);
+
+ subtree = proto_item_add_subtree(item, ett_spnego);
+
+ /*
+ * The TVB contains a [0] header and a sequence that consists of an
+ * object ID and a blob containing the data ...
+ * Actually, it contains, according to RFC2478:
+ * NegotiationToken ::= CHOICE {
+ * negTokenInit [0] NegTokenInit,
+ * negTokenTarg [1] NegTokenTarg }
+ * NegTokenInit ::= SEQUENCE {
+ * mechTypes [0] MechTypeList OPTIONAL,
+ * reqFlags [1] ContextFlags OPTIONAL,
+ * mechToken [2] OCTET STRING OPTIONAL,
+ * mechListMIC [3] OCTET STRING OPTIONAL }
+ * NegTokenTarg ::= SEQUENCE {
+ * negResult [0] ENUMERATED {
+ * accept_completed (0),
+ * accept_incomplete (1),
+ * reject (2) } OPTIONAL,
+ * supportedMech [1] MechType OPTIONAL,
+ * responseToken [2] OCTET STRING OPTIONAL,
+ * mechListMIC [3] OCTET STRING OPTIONAL }
+ *
+ * Windows typically includes mechTypes and mechListMic ('NONE'
+ * in the case of NTLMSSP only).
+ * It seems to duplicate the responseToken into the mechListMic field
+ * as well. Naughty, naughty.
+ *
+ */
+ dissect_spnego_NegotiationToken(FALSE, tvb, offset, &asn1_ctx, subtree, -1);
+ return tvb_captured_length(tvb);
+}
+
+/*--- proto_register_spnego -------------------------------------------*/
+void proto_register_spnego(void) {
+
+ /* List of fields */
+ static hf_register_info hf[] = {
+ { &hf_spnego_wraptoken,
+ { "wrapToken", "spnego.wraptoken",
+ FT_NONE, BASE_NONE, NULL, 0x0, "SPNEGO wrapToken",
+ HFILL}},
+ { &hf_spnego_krb5,
+ { "krb5_blob", "spnego.krb5.blob", FT_BYTES,
+ BASE_NONE, NULL, 0, NULL, HFILL }},
+ { &hf_spnego_krb5_oid,
+ { "KRB5 OID", "spnego.krb5_oid", FT_STRING,
+ BASE_NONE, NULL, 0, NULL, HFILL }},
+ { &hf_spnego_krb5_tok_id,
+ { "krb5_tok_id", "spnego.krb5.tok_id", FT_UINT16, BASE_HEX,
+ VALS(spnego_krb5_tok_id_vals), 0, "KRB5 Token Id", HFILL}},
+ { &hf_spnego_krb5_sgn_alg,
+ { "krb5_sgn_alg", "spnego.krb5.sgn_alg", FT_UINT16, BASE_HEX,
+ VALS(spnego_krb5_sgn_alg_vals), 0, "KRB5 Signing Algorithm", HFILL}},
+ { &hf_spnego_krb5_seal_alg,
+ { "krb5_seal_alg", "spnego.krb5.seal_alg", FT_UINT16, BASE_HEX,
+ VALS(spnego_krb5_seal_alg_vals), 0, "KRB5 Sealing Algorithm", HFILL}},
+ { &hf_spnego_krb5_snd_seq,
+ { "krb5_snd_seq", "spnego.krb5.snd_seq", FT_BYTES, BASE_NONE,
+ NULL, 0, "KRB5 Encrypted Sequence Number", HFILL}},
+ { &hf_spnego_krb5_sgn_cksum,
+ { "krb5_sgn_cksum", "spnego.krb5.sgn_cksum", FT_BYTES, BASE_NONE,
+ NULL, 0, "KRB5 Data Checksum", HFILL}},
+ { &hf_spnego_krb5_confounder,
+ { "krb5_confounder", "spnego.krb5.confounder", FT_BYTES, BASE_NONE,
+ NULL, 0, "KRB5 Confounder", HFILL}},
+ { &hf_spnego_krb5_filler,
+ { "krb5_filler", "spnego.krb5.filler", FT_BYTES, BASE_NONE,
+ NULL, 0, "KRB5 Filler", HFILL}},
+ { &hf_spnego_krb5_cfx_flags,
+ { "krb5_cfx_flags", "spnego.krb5.cfx_flags", FT_UINT8, BASE_HEX,
+ NULL, 0, "KRB5 CFX Flags", HFILL}},
+ { &hf_spnego_krb5_cfx_flags_01,
+ { "SendByAcceptor", "spnego.krb5.send_by_acceptor", FT_BOOLEAN, 8,
+ TFS (&tfs_set_notset), 0x01, NULL, HFILL}},
+ { &hf_spnego_krb5_cfx_flags_02,
+ { "Sealed", "spnego.krb5.sealed", FT_BOOLEAN, 8,
+ TFS (&tfs_set_notset), 0x02, NULL, HFILL}},
+ { &hf_spnego_krb5_cfx_flags_04,
+ { "AcceptorSubkey", "spnego.krb5.acceptor_subkey", FT_BOOLEAN, 8,
+ TFS (&tfs_set_notset), 0x04, NULL, HFILL}},
+ { &hf_spnego_krb5_cfx_ec,
+ { "krb5_cfx_ec", "spnego.krb5.cfx_ec", FT_UINT16, BASE_DEC,
+ NULL, 0, "KRB5 CFX Extra Count", HFILL}},
+ { &hf_spnego_krb5_cfx_rrc,
+ { "krb5_cfx_rrc", "spnego.krb5.cfx_rrc", FT_UINT16, BASE_DEC,
+ NULL, 0, "KRB5 CFX Right Rotation Count", HFILL}},
+ { &hf_spnego_krb5_cfx_seq,
+ { "krb5_cfx_seq", "spnego.krb5.cfx_seq", FT_UINT64, BASE_DEC,
+ NULL, 0, "KRB5 Sequence Number", HFILL}},
+
+#include "packet-spnego-hfarr.c"
+ };
+
+ /* List of subtrees */
+ static gint *ett[] = {
+ &ett_spnego,
+ &ett_spnego_wraptoken,
+ &ett_spnego_krb5,
+ &ett_spnego_krb5_cfx_flags,
+
+#include "packet-spnego-ettarr.c"
+ };
+
+ static ei_register_info ei[] = {
+ { &ei_spnego_decrypted_keytype, { "spnego.decrypted_keytype", PI_SECURITY, PI_CHAT, "Decrypted keytype", EXPFILL }},
+ { &ei_spnego_unknown_header, { "spnego.unknown_header", PI_PROTOCOL, PI_WARN, "Unknown header", EXPFILL }},
+ };
+
+ expert_module_t* expert_spnego;
+
+ /* Register protocol */
+ proto_spnego = proto_register_protocol(PNAME, PSNAME, PFNAME);
+
+ spnego_handle = register_dissector("spnego", dissect_spnego, proto_spnego);
+ spnego_wrap_handle = register_dissector("spnego-wrap", dissect_spnego_wrap, proto_spnego);
+
+ proto_spnego_krb5 = proto_register_protocol("SPNEGO-KRB5", "SPNEGO-KRB5", "spnego-krb5");
+
+ spnego_krb5_handle = register_dissector("spnego-krb5", dissect_spnego_krb5, proto_spnego_krb5);
+ spnego_krb5_wrap_handle = register_dissector("spnego-krb5-wrap", dissect_spnego_krb5_wrap, proto_spnego_krb5);
+
+ /* Register fields and subtrees */
+ proto_register_field_array(proto_spnego, hf, array_length(hf));
+ proto_register_subtree_array(ett, array_length(ett));
+ expert_spnego = expert_register_protocol(proto_spnego);
+ expert_register_field_array(expert_spnego, ei, array_length(ei));
+}
+
+
+/*--- proto_reg_handoff_spnego ---------------------------------------*/
+void proto_reg_handoff_spnego(void) {
+
+ /* Register protocol with GSS-API module */
+
+ gssapi_init_oid("1.3.6.1.5.5.2", proto_spnego, ett_spnego,
+ spnego_handle, spnego_wrap_handle,
+ "SPNEGO - Simple Protected Negotiation");
+
+ /* Register both the one MS created and the real one */
+ /*
+ * Thanks to Jean-Baptiste Marchand and Richard B Ward, the
+ * mystery of the MS KRB5 OID is cleared up. It was due to a library
+ * that did not handle OID components greater than 16 bits, and was
+ * fixed in Win2K SP2 as well as WinXP.
+ * See the archive of <ietf-krb-wg@anl.gov> for the thread topic
+ * SPNEGO implementation issues. 3-Dec-2002.
+ */
+ gssapi_init_oid("1.2.840.48018.1.2.2", proto_spnego_krb5, ett_spnego_krb5,
+ spnego_krb5_handle, spnego_krb5_wrap_handle,
+ "MS KRB5 - Microsoft Kerberos 5");
+ gssapi_init_oid("1.2.840.113554.1.2.2", proto_spnego_krb5, ett_spnego_krb5,
+ spnego_krb5_handle, spnego_krb5_wrap_handle,
+ "KRB5 - Kerberos 5");
+ gssapi_init_oid("1.2.840.113554.1.2.2.3", proto_spnego_krb5, ett_spnego_krb5,
+ spnego_krb5_handle, spnego_krb5_wrap_handle,
+ "KRB5 - Kerberos 5 - User to User");
+
+}
+
+/*
+ * Editor modelines
+ *
+ * Local Variables:
+ * c-basic-offset: 2
+ * tab-width: 8
+ * indent-tabs-mode: nil
+ * End:
+ *
+ * ex: set shiftwidth=2 tabstop=8 expandtab:
+ * :indentSize=2:tabSize=8:noTabs=true:
+ */
diff --git a/epan/dissectors/asn1/spnego/spnego.asn b/epan/dissectors/asn1/spnego/spnego.asn
new file mode 100644
index 00000000..b62973df
--- /dev/null
+++ b/epan/dissectors/asn1/spnego/spnego.asn
@@ -0,0 +1,104 @@
+Spnego {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) snego(2)}
+-- (1.3.6.1.5.5.2)
+DEFINITIONS ::=
+
+BEGIN
+
+MechType::= OBJECT IDENTIFIER
+
+NegotiationToken ::= CHOICE {
+ negTokenInit [0] NegTokenInit,
+ negTokenTarg [1] NegTokenTarg }
+
+MechTypeList ::= SEQUENCE OF MechType
+
+--
+-- MS-SPNG tells us that the format of a negTokenInit is actually
+-- negTokenInit2 if a negTokenInit is seen in a response. It might need
+-- to be the first negTokenInit seen in a response, but I am not sure.
+-- It will only occur in a NegotiateProtocol response in CIFS/SMB or SMB2.
+--
+NegTokenInit ::= SEQUENCE {
+ mechTypes [0] MechTypeList OPTIONAL,
+ reqFlags [1] ContextFlags OPTIONAL,
+ mechToken [2] OCTET STRING OPTIONAL,
+ mechListMIC [3] OCTET STRING OPTIONAL
+ }
+
+NegHints ::= SEQUENCE {
+ hintName [0] GeneralString OPTIONAL,
+ hintAddress [1] OCTET STRING OPTIONAL
+}
+
+NegTokenInit2 ::= SEQUENCE {
+ mechTypes [0] MechTypeList OPTIONAL,
+ reqFlags [1] ContextFlags OPTIONAL,
+ mechToken [2] OCTET STRING OPTIONAL,
+ negHints [3] NegHints OPTIONAL,
+ mechListMIC [4] OCTET STRING OPTIONAL
+}
+
+ContextFlags ::= BIT STRING {
+ delegFlag (0),
+ mutualFlag (1),
+ replayFlag (2),
+ sequenceFlag (3),
+ anonFlag (4),
+ confFlag (5),
+ integFlag (6)
+}
+
+NegTokenTarg ::= SEQUENCE {
+ negResult [0] ENUMERATED {
+ accept-completed (0),
+ accept-incomplete (1),
+ reject (2) } OPTIONAL,
+ supportedMech [1] MechType OPTIONAL,
+ responseToken [2] OCTET STRING OPTIONAL,
+ mechListMIC [3] OCTET STRING OPTIONAL
+}
+
+--GSS-API DEFINITIONS ::=
+--BEGIN
+--MechType ::= OBJECT IDENTIFIER
+-- data structure definitions
+-- callers must be able to distinguish among
+-- InitialContextToken, SubsequentContextToken,
+-- PerMsgToken, and SealedMessage data elements
+-- based on the usage in which they occur
+InitialContextToken ::=
+ -- option indication (delegation, etc.) indicated within
+ -- mechanism-specific token
+[APPLICATION 0] IMPLICIT SEQUENCE {
+ thisMech MechType,
+ innerContextToken InnerContextToken
+ -- DEFINED BY thisMech
+ -- contents mechanism-specific
+ -- ASN.1 structure not required
+ }
+
+-- SubsequentContextToken ::= InnerContextToken
+
+InnerContextToken ::= ANY
+-- interpretation based on predecessor InitialContextToken
+-- ASN.1 structure not required
+
+-- PerMsgToken ::=
+-- as emitted by GSS_GetMIC and processed by GSS_VerifyMIC
+-- ASN.1 structure not required
+-- InnerMsgToken
+
+-- InnerMsgToken ::= ANY
+
+-- SealedMessage ::=
+-- as emitted by GSS_Wrap and processed by GSS_Unwrap
+-- includes internal, mechanism-defined indicator
+-- of whether or not encrypted
+-- ASN.1 structure not required
+-- SealedUserData
+
+-- SealedUserData ::= ANY
+
+-- END GSS-API DEFINITIONS
+
+END
diff --git a/epan/dissectors/asn1/spnego/spnego.cnf b/epan/dissectors/asn1/spnego/spnego.cnf
new file mode 100644
index 00000000..7558d0c7
--- /dev/null
+++ b/epan/dissectors/asn1/spnego/spnego.cnf
@@ -0,0 +1,215 @@
+# spnego.cnf
+# spnego conformation file
+
+#.EXPORTS
+
+#.PDU
+
+#.NO_EMIT ONLY_VALS
+NegotiationToken
+
+#.FN_BODY NegotiationToken/negTokenInit
+ bool is_response = actx->pinfo->ptype == PT_TCP &&
+ actx->pinfo->srcport < 1024;
+
+ /*
+ * We decode as negTokenInit2 or negTokenInit depending on whether or not
+ * we are in a response or a request. That is essentially what MS-SPNG
+ * says.
+ */
+ if (is_response) {
+ return dissect_spnego_NegTokenInit2(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s,
+ %(ACTX)s, %(TREE)s, %(HF_INDEX)s);
+ } else {
+ return dissect_spnego_NegTokenInit(%(IMPLICIT_TAG)s, %(TVB)s, %(OFFSET)s,
+ %(ACTX)s, %(TREE)s, %(HF_INDEX)s);
+ }
+
+#.FN_PARS MechType
+
+ FN_VARIANT = _str VAL_PTR = &MechType_oid
+
+#.FN_BODY MechType
+
+ gssapi_oid_value *value;
+
+%(DEFAULT_BODY)s
+
+ value = gssapi_lookup_oid_str(MechType_oid);
+
+ /*
+ * Tell our caller the first mechanism we see, so that if
+ * this is a negTokenInit with a mechToken, it can interpret
+ * the mechToken according to the first mechType. (There
+ * might not have been any indication of the mechType
+ * in prior frames, so we can't necessarily use the
+ * mechanism from the conversation; i.e., a negTokenInit
+ * can contain the initial security token for the desired
+ * mechanism of the initiator - that's the first mechanism
+ * in the list.)
+ */
+ if (!saw_mechanism) {
+ if (value)
+ next_level_value = value;
+ saw_mechanism = TRUE;
+ }
+
+#.FN_BODY InnerContextToken
+
+ gssapi_oid_value *next_level_value_lcl;
+ proto_item *item;
+ proto_tree *subtree;
+ tvbuff_t *token_tvb;
+ int len;
+
+ /*
+ * XXX - what should we do if this OID doesn't match the value
+ * attached to the frame or conversation? (That would be
+ * bogus, but that's not impossible - some broken implementation
+ * might negotiate some security mechanism but put the OID
+ * for some other security mechanism in GSS_Wrap tokens.)
+ * Does it matter?
+ */
+ next_level_value_lcl = gssapi_lookup_oid_str(MechType_oid);
+
+ /*
+ * Now dissect the GSS_Wrap token; it's assumed to be in the
+ * rest of the tvbuff.
+ */
+ item = proto_tree_add_item(tree, hf_spnego_wraptoken, tvb, offset, -1, ENC_NA);
+
+ subtree = proto_item_add_subtree(item, ett_spnego_wraptoken);
+
+ /*
+ * Now, we should be able to dispatch after creating a new TVB.
+ * The subdissector must return the length of the part of the
+ * token it dissected, so we can return the length of the part
+ * we (and it) dissected.
+ */
+ token_tvb = tvb_new_subset_remaining(tvb, offset);
+ if (next_level_value_lcl && next_level_value_lcl->wrap_handle) {
+ len = call_dissector(next_level_value_lcl->wrap_handle, token_tvb, actx->pinfo,
+ subtree);
+ if (len == 0)
+ offset = tvb_reported_length(tvb);
+ else
+ offset = offset + len;
+ } else
+ offset = tvb_reported_length(tvb);
+
+#.FN_BODY MechTypeList
+
+ conversation_t *conversation;
+
+ saw_mechanism = FALSE;
+
+%(DEFAULT_BODY)s
+
+ /*
+ * If we saw a mechType we need to store it in case the negTokenTarg
+ * does not provide a supportedMech.
+ */
+ if(saw_mechanism){
+ conversation = find_or_create_conversation(actx->pinfo);
+ conversation_add_proto_data(conversation, proto_spnego, next_level_value);
+ }
+
+#.FN_PARS NegTokenInit/mechToken
+
+ VAL_PTR = &mechToken_tvb
+
+#.FN_BODY NegTokenInit/mechToken
+
+ tvbuff_t *mechToken_tvb = NULL;
+
+%(DEFAULT_BODY)s
+
+ /*
+ * Now, we should be able to dispatch, if we've gotten a tvbuff for
+ * the token and we have information on how to dissect its contents.
+ */
+ if (mechToken_tvb && next_level_value)
+ call_dissector(next_level_value->handle, mechToken_tvb, actx->pinfo, tree);
+
+#.FN_BODY NegTokenTarg/supportedMech
+
+ conversation_t *conversation;
+
+ saw_mechanism = FALSE;
+
+%(DEFAULT_BODY)s
+
+ /*
+ * If we saw an explicit mechType we store this in the conversation so that
+ * it will override any mechType we might have picked up from the
+ * negTokenInit.
+ */
+ if(saw_mechanism){
+ conversation = find_or_create_conversation(actx->pinfo);
+ conversation_add_proto_data(conversation, proto_spnego, next_level_value);
+ }
+
+
+#.FN_PARS NegTokenTarg/responseToken
+
+ VAL_PTR = &responseToken_tvb
+
+#.FN_BODY NegTokenTarg/responseToken
+
+ tvbuff_t *responseToken_tvb;
+
+
+%(DEFAULT_BODY)s
+
+
+ /*
+ * Now, we should be able to dispatch, if we've gotten a tvbuff for
+ * the token and we have information on how to dissect its contents.
+ * However, we should make sure that there is something in the
+ * response token ...
+ */
+ if (responseToken_tvb && (tvb_reported_length(responseToken_tvb) > 0) ){
+ gssapi_oid_value *value=next_level_value;
+
+ if(value){
+ call_dissector(value->handle, responseToken_tvb, actx->pinfo, tree);
+ }
+ }
+
+
+#.FN_BODY NegTokenTarg/mechListMIC VAL_PTR = &mechListMIC_tvb
+
+ tvbuff_t *mechListMIC_tvb;
+
+
+%(DEFAULT_BODY)s
+
+
+ /*
+ * Now, we should be able to dispatch, if we've gotten a tvbuff for
+ * the token and we have information on how to dissect its contents.
+ * However, we should make sure that there is something in the
+ * response token ...
+ */
+ if (mechListMIC_tvb && (tvb_reported_length(mechListMIC_tvb) > 0) ){
+ gssapi_oid_value *value=next_level_value;
+
+ if(value){
+ call_dissector(value->handle, mechListMIC_tvb, actx->pinfo, tree);
+ }
+ }
+
+#.END
+
+#
+# Editor modelines - https://www.wireshark.org/tools/modelines.html
+#
+# Local variables:
+# c-basic-offset: 2
+# tab-width: 8
+# indent-tabs-mode: nil
+# End:
+#
+# vi: set shiftwidth=2 tabstop=8 expandtab:
+# :indentSize=2:tabSize=8:noTabs=true:
+#