summaryrefslogtreecommitdiffstats
path: root/epan/dissectors/asn1/kerberos/packet-kerberos-template.h
diff options
context:
space:
mode:
Diffstat (limited to 'epan/dissectors/asn1/kerberos/packet-kerberos-template.h')
-rw-r--r--epan/dissectors/asn1/kerberos/packet-kerberos-template.h52
1 files changed, 40 insertions, 12 deletions
diff --git a/epan/dissectors/asn1/kerberos/packet-kerberos-template.h b/epan/dissectors/asn1/kerberos/packet-kerberos-template.h
index 4f776ae9..62de8990 100644
--- a/epan/dissectors/asn1/kerberos/packet-kerberos-template.h
+++ b/epan/dissectors/asn1/kerberos/packet-kerberos-template.h
@@ -48,11 +48,11 @@ typedef struct _kerberos_callbacks {
/* Function prototypes */
-gboolean
+bool
kerberos_is_win2k_pkinit(asn1_ctx_t *actx);
-gint
-dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean do_col_info, kerberos_callbacks *cb);
+int
+dissect_kerberos_main(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, bool do_col_info, kerberos_callbacks *cb);
int
dissect_krb5_Checksum(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
@@ -62,14 +62,14 @@ dissect_krb5_ctime(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx
int dissect_krb5_cname(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
int dissect_krb5_realm(proto_tree *tree, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_);
-guint32 kerberos_output_keytype(void);
+uint32_t kerberos_output_keytype(void);
-guint get_krb_pdu_len(packet_info *, tvbuff_t *tvb, int offset, void *data _U_);
+unsigned get_krb_pdu_len(packet_info *, tvbuff_t *tvb, int offset, void *data _U_);
-gint kerberos_rm_to_reclen(guint krb_rm);
+int kerberos_rm_to_reclen(unsigned krb_rm);
void
-show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, gint start, guint32 krb_rm);
+show_krb_recordmark(proto_tree *tree, tvbuff_t *tvb, int start, uint32_t krb_rm);
int
dissect_kerberos_KERB_TICKET_LOGON(tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree);
@@ -89,20 +89,48 @@ typedef struct _enc_key_t {
struct _enc_key_t *next;
int keytype;
int keylength;
- guint8 keyvalue[KRB_MAX_KEY_LENGTH];
+ uint8_t keyvalue[KRB_MAX_KEY_LENGTH];
char key_origin[KRB_MAX_ORIG_LEN+1];
int fd_num; /* remember where we learned a key */
- guint id; /* a unique id of the key, relative to fd_num */
+ unsigned id; /* a unique id of the key, relative to fd_num */
char id_str[KRB_MAX_ID_STR_LEN+1];
+ /* EncTicketPart_key */
+ bool is_ticket_key;
+ /* EncAPRepPart_subkey */
+ bool is_ap_rep_key;
+ /*
+ * for now taken from dissect_krb5_PAC_UPN_DNS_INFO,
+ * we could also use dissect_krb5_PAC_LOGON_INFO if needed
+ *
+ * we get device_sid from dissect_krb5_PAC_DEVICE_INFO if available.
+ *
+ * We remember these from the PAC and
+ * attach it to EncTicketPart_key so it
+ * might be valid if is_ticket_key is true.
+ *
+ * When learning a EncAPRepPart_subkey
+ * we copy the details from the EncTicketPart_key,
+ * so when is_ap_rep_key is true we may also have it.
+ *
+ * So application protocols like SMB2 could use the
+ * is_ap_rep_key=true key details in order to identify
+ * the authenticated user.
+ */
+ struct {
+ const char *account_name;
+ const char *account_domain;
+ const char *account_sid;
+ const char *device_sid;
+ } pac_names;
struct _enc_key_t *same_list;
- guint num_same;
+ unsigned num_same;
struct _enc_key_t *src1;
struct _enc_key_t *src2;
} enc_key_t;
extern enc_key_t *enc_key_list;
extern wmem_map_t *kerberos_longterm_keys;
-guint8 *
+uint8_t *
decrypt_krb5_data(proto_tree *tree, packet_info *pinfo,
int usage,
tvbuff_t *crypototvb,
@@ -121,7 +149,7 @@ decrypt_krb5_krb_cfx_dce(proto_tree *tree,
#endif /* HAVE_HEIMDAL_KERBEROS || HAVE_MIT_KERBEROS */
-extern gboolean krb_decrypt;
+extern bool krb_decrypt;
#endif /* HAVE_KERBEROS */
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 01:13:00 +0000