diff options
Diffstat (limited to 'epan/dissectors/asn1/ldap/packet-ldap-template.c')
| -rw-r--r-- | epan/dissectors/asn1/ldap/packet-ldap-template.c | 518 |
1 files changed, 262 insertions, 256 deletions
diff --git a/epan/dissectors/asn1/ldap/packet-ldap-template.c b/epan/dissectors/asn1/ldap/packet-ldap-template.c index 4c5d7fa2..2a3dfa36 100644 --- a/epan/dissectors/asn1/ldap/packet-ldap-template.c +++ b/epan/dissectors/asn1/ldap/packet-ldap-template.c @@ -85,6 +85,7 @@ #include <epan/uat.h> #include <epan/charsets.h> #include <wsutil/str_util.h> +#include <wsutil/array.h> #include "packet-frame.h" #include "packet-tcp.h" #include "packet-windows-common.h" @@ -109,114 +110,114 @@ void proto_register_ldap(void); void proto_reg_handoff_ldap(void); /* Initialize the protocol and registered fields */ -static int ldap_tap = -1; -static int proto_ldap = -1; -static int proto_cldap = -1; - -static int hf_ldap_sasl_buffer_length = -1; -static int hf_ldap_response_in = -1; -static int hf_ldap_response_to = -1; -static int hf_ldap_time = -1; -static int hf_ldap_guid = -1; - -static int hf_mscldap_ntver_flags = -1; -static int hf_mscldap_ntver_flags_v1 = -1; -static int hf_mscldap_ntver_flags_v5 = -1; -static int hf_mscldap_ntver_flags_v5ex = -1; -static int hf_mscldap_ntver_flags_v5ep = -1; -static int hf_mscldap_ntver_flags_vcs = -1; -static int hf_mscldap_ntver_flags_vnt4 = -1; -static int hf_mscldap_ntver_flags_vpdc = -1; -static int hf_mscldap_ntver_flags_vip = -1; -static int hf_mscldap_ntver_flags_vl = -1; -static int hf_mscldap_ntver_flags_vgc = -1; - -static int hf_mscldap_netlogon_ipaddress_family = -1; -static int hf_mscldap_netlogon_ipaddress_port = -1; -static int hf_mscldap_netlogon_ipaddress = -1; -static int hf_mscldap_netlogon_ipaddress_ipv4 = -1; -static int hf_mscldap_netlogon_opcode = -1; -static int hf_mscldap_netlogon_flags = -1; -static int hf_mscldap_netlogon_flags_pdc = -1; -static int hf_mscldap_netlogon_flags_gc = -1; -static int hf_mscldap_netlogon_flags_ldap = -1; -static int hf_mscldap_netlogon_flags_ds = -1; -static int hf_mscldap_netlogon_flags_kdc = -1; -static int hf_mscldap_netlogon_flags_timeserv = -1; -static int hf_mscldap_netlogon_flags_closest = -1; -static int hf_mscldap_netlogon_flags_writable = -1; -static int hf_mscldap_netlogon_flags_good_timeserv = -1; -static int hf_mscldap_netlogon_flags_ndnc = -1; -static int hf_mscldap_netlogon_flags_fnc = -1; -static int hf_mscldap_netlogon_flags_dnc = -1; -static int hf_mscldap_netlogon_flags_dns = -1; -static int hf_mscldap_netlogon_flags_wdc = -1; -static int hf_mscldap_netlogon_flags_rodc = -1; -static int hf_mscldap_domain_guid = -1; -static int hf_mscldap_forest = -1; -static int hf_mscldap_domain = -1; -static int hf_mscldap_hostname = -1; -static int hf_mscldap_nb_domain_z = -1; -static int hf_mscldap_nb_domain = -1; -static int hf_mscldap_nb_hostname_z = -1; -static int hf_mscldap_nb_hostname = -1; -static int hf_mscldap_username_z = -1; -static int hf_mscldap_username = -1; -static int hf_mscldap_sitename = -1; -static int hf_mscldap_clientsitename = -1; -static int hf_mscldap_netlogon_lm_token = -1; -static int hf_mscldap_netlogon_nt_token = -1; -static int hf_ldap_sid = -1; -static int hf_ldap_AccessMask_ADS_CREATE_CHILD = -1; -static int hf_ldap_AccessMask_ADS_DELETE_CHILD = -1; -static int hf_ldap_AccessMask_ADS_LIST = -1; -static int hf_ldap_AccessMask_ADS_SELF_WRITE = -1; -static int hf_ldap_AccessMask_ADS_READ_PROP = -1; -static int hf_ldap_AccessMask_ADS_WRITE_PROP = -1; -static int hf_ldap_AccessMask_ADS_DELETE_TREE = -1; -static int hf_ldap_AccessMask_ADS_LIST_OBJECT = -1; -static int hf_ldap_AccessMask_ADS_CONTROL_ACCESS = -1; -static int hf_ldap_LDAPMessage_PDU = -1; -static int hf_ldap_object_security_flag = -1; -static int hf_ldap_ancestor_first_flag = -1; -static int hf_ldap_public_data_only_flag = -1; -static int hf_ldap_incremental_value_flag = -1; -static int hf_ldap_oid = -1; -static int hf_ldap_gssapi_encrypted_payload = -1; +static int ldap_tap; +static int proto_ldap; +static int proto_cldap; + +static int hf_ldap_sasl_buffer_length; +static int hf_ldap_response_in; +static int hf_ldap_response_to; +static int hf_ldap_time; +static int hf_ldap_guid; + +static int hf_mscldap_ntver_flags; +static int hf_mscldap_ntver_flags_v1; +static int hf_mscldap_ntver_flags_v5; +static int hf_mscldap_ntver_flags_v5ex; +static int hf_mscldap_ntver_flags_v5ep; +static int hf_mscldap_ntver_flags_vcs; +static int hf_mscldap_ntver_flags_vnt4; +static int hf_mscldap_ntver_flags_vpdc; +static int hf_mscldap_ntver_flags_vip; +static int hf_mscldap_ntver_flags_vl; +static int hf_mscldap_ntver_flags_vgc; + +static int hf_mscldap_netlogon_ipaddress_family; +static int hf_mscldap_netlogon_ipaddress_port; +static int hf_mscldap_netlogon_ipaddress; +static int hf_mscldap_netlogon_ipaddress_ipv4; +static int hf_mscldap_netlogon_opcode; +static int hf_mscldap_netlogon_flags; +static int hf_mscldap_netlogon_flags_pdc; +static int hf_mscldap_netlogon_flags_gc; +static int hf_mscldap_netlogon_flags_ldap; +static int hf_mscldap_netlogon_flags_ds; +static int hf_mscldap_netlogon_flags_kdc; +static int hf_mscldap_netlogon_flags_timeserv; +static int hf_mscldap_netlogon_flags_closest; +static int hf_mscldap_netlogon_flags_writable; +static int hf_mscldap_netlogon_flags_good_timeserv; +static int hf_mscldap_netlogon_flags_ndnc; +static int hf_mscldap_netlogon_flags_fnc; +static int hf_mscldap_netlogon_flags_dnc; +static int hf_mscldap_netlogon_flags_dns; +static int hf_mscldap_netlogon_flags_wdc; +static int hf_mscldap_netlogon_flags_rodc; +static int hf_mscldap_domain_guid; +static int hf_mscldap_forest; +static int hf_mscldap_domain; +static int hf_mscldap_hostname; +static int hf_mscldap_nb_domain_z; +static int hf_mscldap_nb_domain; +static int hf_mscldap_nb_hostname_z; +static int hf_mscldap_nb_hostname; +static int hf_mscldap_username_z; +static int hf_mscldap_username; +static int hf_mscldap_sitename; +static int hf_mscldap_clientsitename; +static int hf_mscldap_netlogon_lm_token; +static int hf_mscldap_netlogon_nt_token; +static int hf_ldap_sid; +static int hf_ldap_AccessMask_ADS_CREATE_CHILD; +static int hf_ldap_AccessMask_ADS_DELETE_CHILD; +static int hf_ldap_AccessMask_ADS_LIST; +static int hf_ldap_AccessMask_ADS_SELF_WRITE; +static int hf_ldap_AccessMask_ADS_READ_PROP; +static int hf_ldap_AccessMask_ADS_WRITE_PROP; +static int hf_ldap_AccessMask_ADS_DELETE_TREE; +static int hf_ldap_AccessMask_ADS_LIST_OBJECT; +static int hf_ldap_AccessMask_ADS_CONTROL_ACCESS; +static int hf_ldap_LDAPMessage_PDU; +static int hf_ldap_object_security_flag; +static int hf_ldap_ancestor_first_flag; +static int hf_ldap_public_data_only_flag; +static int hf_ldap_incremental_value_flag; +static int hf_ldap_oid; +static int hf_ldap_gssapi_encrypted_payload; #include "packet-ldap-hf.c" /* Initialize the subtree pointers */ -static gint ett_ldap = -1; -static gint ett_ldap_msg = -1; -static gint ett_ldap_sasl_blob = -1; -static gint ett_ldap_payload = -1; -static gint ett_mscldap_netlogon_flags = -1; -static gint ett_mscldap_ntver_flags = -1; -static gint ett_mscldap_ipdetails = -1; -static gint ett_ldap_DirSyncFlagsSubEntry = -1; +static int ett_ldap; +static int ett_ldap_msg; +static int ett_ldap_sasl_blob; +static int ett_ldap_payload; +static int ett_mscldap_netlogon_flags; +static int ett_mscldap_ntver_flags; +static int ett_mscldap_ipdetails; +static int ett_ldap_DirSyncFlagsSubEntry; #include "packet-ldap-ett.c" -static expert_field ei_ldap_exceeded_filter_length = EI_INIT; -static expert_field ei_ldap_too_many_filter_elements = EI_INIT; +static expert_field ei_ldap_exceeded_filter_length; +static expert_field ei_ldap_too_many_filter_elements; -static dissector_table_t ldap_name_dissector_table=NULL; -static const char *object_identifier_id = NULL; /* LDAP OID */ +static dissector_table_t ldap_name_dissector_table; +static const char *object_identifier_id; /* LDAP OID */ -static gboolean do_protocolop = FALSE; -static gchar *attr_type = NULL; -static gboolean is_binary_attr_type = FALSE; -static gboolean ldap_found_in_frame = FALSE; +static bool do_protocolop; +static char *attr_type; +static bool is_binary_attr_type; +static bool ldap_found_in_frame; #define TCP_PORT_RANGE_LDAP "389,3268" /* 3268 is Windows 2000 Global Catalog */ #define TCP_PORT_LDAPS 636 #define UDP_PORT_CLDAP 389 /* desegmentation of LDAP */ -static gboolean ldap_desegment = TRUE; -static guint global_ldaps_tcp_port = TCP_PORT_LDAPS; -static guint ssl_port = 0; +static bool ldap_desegment = true; +static unsigned global_ldaps_tcp_port = TCP_PORT_LDAPS; +static unsigned ssl_port; static dissector_handle_t gssapi_handle; static dissector_handle_t gssapi_wrap_handle; @@ -299,7 +300,7 @@ static void ldapstat_init(struct register_srt* srt _U_, GArray* srt_array) { srt_stat_table *ldap_srt_table; - guint32 i; + uint32_t i; ldap_srt_table = init_srt_table("LDAP Commands", NULL, srt_array, LDAP_NUM_PROCEDURES, NULL, "ldap.protocolOp", NULL); for (i = 0; i < LDAP_NUM_PROCEDURES; i++) @@ -311,7 +312,7 @@ ldapstat_init(struct register_srt* srt _U_, GArray* srt_array) static tap_packet_status ldapstat_packet(void *pldap, packet_info *pinfo, epan_dissect_t *edt _U_, const void *psi, tap_flags_t flags _U_) { - guint i = 0; + unsigned i = 0; srt_stat_table *ldap_srt_table; const ldap_call_response_t *ldap=(const ldap_call_response_t *)psi; srt_data_t *data = (srt_data_t *)pldap; @@ -320,7 +321,7 @@ ldapstat_packet(void *pldap, packet_info *pinfo, epan_dissect_t *edt _U_, const if(ldap->is_request){ return TAP_PACKET_DONT_REDRAW; } - /* if we havnt seen the request, just ignore it */ + /* if we haven't seen the request, just ignore it */ if(!ldap->req_frame){ return TAP_PACKET_DONT_REDRAW; } @@ -351,27 +352,27 @@ ldapstat_packet(void *pldap, packet_info *pinfo, epan_dissect_t *edt _U_, const * information from a bind request. */ typedef struct ldap_conv_info_t { - guint auth_type; /* authentication type */ + unsigned auth_type; /* authentication type */ char *auth_mech; /* authentication mechanism */ - guint32 first_auth_frame; /* first frame that would use a security layer */ + uint32_t first_auth_frame; /* first frame that would use a security layer */ wmem_map_t *unmatched; wmem_map_t *matched; - gboolean is_mscldap; - guint32 num_results; - gboolean start_tls_pending; - guint32 start_tls_frame; + bool is_mscldap; + uint32_t num_results; + bool start_tls_pending; + uint32_t start_tls_frame; } ldap_conv_info_t; -static guint -ldap_info_hash_matched(gconstpointer k) +static unsigned +ldap_info_hash_matched(const void *k) { const ldap_call_response_t *key = (const ldap_call_response_t *)k; return key->messageId; } -static gint -ldap_info_equal_matched(gconstpointer k1, gconstpointer k2) +static int +ldap_info_equal_matched(const void *k1, const void *k2) { const ldap_call_response_t *key1 = (const ldap_call_response_t*)k1; const ldap_call_response_t *key2 = (const ldap_call_response_t*)k2; @@ -388,16 +389,16 @@ ldap_info_equal_matched(gconstpointer k1, gconstpointer k2) return key1->messageId==key2->messageId; } -static guint -ldap_info_hash_unmatched(gconstpointer k) +static unsigned +ldap_info_hash_unmatched(const void *k) { const ldap_call_response_t *key = (const ldap_call_response_t*)k; return key->messageId; } -static gint -ldap_info_equal_unmatched(gconstpointer k1, gconstpointer k2) +static int +ldap_info_equal_unmatched(const void *k1, const void *k2) { const ldap_call_response_t *key1 = (const ldap_call_response_t*)k1; const ldap_call_response_t *key2 = (const ldap_call_response_t*)k2; @@ -453,16 +454,16 @@ static const true_false_string tfs_ntver_vl = { /* Stuff for generation/handling of fields for custom AttributeValues */ typedef struct _attribute_type_t { - gchar* attribute_type; - gchar* attribute_desc; + char* attribute_type; + char* attribute_desc; } attribute_type_t; static attribute_type_t* attribute_types; -static guint num_attribute_types; +static unsigned num_attribute_types; static GHashTable* attribute_types_hash; static hf_register_info* dynamic_hf; -static guint dynamic_hf_size; +static unsigned dynamic_hf_size; static bool attribute_types_update_cb(void *r, char **err) @@ -472,13 +473,13 @@ attribute_types_update_cb(void *r, char **err) if (rec->attribute_type == NULL) { *err = g_strdup("Attribute type can't be empty"); - return FALSE; + return false; } g_strstrip(rec->attribute_type); if (rec->attribute_type[0] == 0) { *err = g_strdup("Attribute type can't be empty"); - return FALSE; + return false; } /* Check for invalid characters (to avoid asserting out when @@ -487,11 +488,11 @@ attribute_types_update_cb(void *r, char **err) c = proto_check_field_name(rec->attribute_type); if (c) { *err = ws_strdup_printf("Attribute type can't contain '%c'", c); - return FALSE; + return false; } *err = NULL; - return TRUE; + return true; } static void * @@ -521,13 +522,13 @@ UAT_CSTRING_CB_DEF(attribute_types, attribute_desc, attribute_type_t) /* * */ -static gint* +static int* get_hf_for_header(char* attribute_type) { - gint* hf_id = NULL; + int* hf_id = NULL; if (attribute_types_hash) { - hf_id = (gint*) g_hash_table_lookup(attribute_types_hash, attribute_type); + hf_id = (int*) g_hash_table_lookup(attribute_types_hash, attribute_type); } else { hf_id = NULL; } @@ -543,7 +544,7 @@ deregister_attribute_types(void) { if (dynamic_hf) { /* Deregister all fields */ - for (guint i = 0; i < dynamic_hf_size; i++) { + for (unsigned i = 0; i < dynamic_hf_size; i++) { proto_deregister_field (proto_ldap, *(dynamic_hf[i].p_id)); g_free (dynamic_hf[i].p_id); } @@ -562,8 +563,8 @@ deregister_attribute_types(void) static void attribute_types_post_update_cb(void) { - gint* hf_id; - gchar* attribute_type; + int* hf_id; + char* attribute_type; deregister_attribute_types(); @@ -572,8 +573,8 @@ attribute_types_post_update_cb(void) dynamic_hf = g_new0(hf_register_info,num_attribute_types); dynamic_hf_size = num_attribute_types; - for (guint i = 0; i < dynamic_hf_size; i++) { - hf_id = g_new(gint,1); + for (unsigned i = 0; i < dynamic_hf_size; i++) { + hf_id = g_new(int,1); *hf_id = -1; attribute_type = g_strdup(attribute_types[i].attribute_type); @@ -625,10 +626,10 @@ static int dissect_mscldap_ntver_flags(proto_tree *parent_tree, tvbuff_t *tvb, i } /* This string contains the last LDAPString that was decoded */ -static const char *attributedesc_string=NULL; +static const char *attributedesc_string; /* This string contains the last AssertionValue that was decoded */ -static char *ldapvalue_string=NULL; +static char *ldapvalue_string; /* if the octet string contain all printable ASCII characters, then * display it as a string, othervise just display it in hex. @@ -636,10 +637,10 @@ static char *ldapvalue_string=NULL; static int dissect_ldap_AssertionValue(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index) { - gint8 ber_class; + int8_t ber_class; bool pc, ind, is_ascii; - gint32 tag; - guint32 len; + int32_t tag; + uint32_t len; if(!implicit_tag){ offset=get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); @@ -673,7 +674,7 @@ dissect_ldap_AssertionValue(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_c goto finished; } else if ( (len==16) /* GUIDs are always 16 bytes */ && (attributedesc_string && !strncmp("DomainGuid", attributedesc_string, 10))) { - guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */ + uint8_t drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */ e_guid_t uuid; /* This octet string contained a GUID */ @@ -687,7 +688,7 @@ dissect_ldap_AssertionValue(bool implicit_tag, tvbuff_t *tvb, int offset, asn1_c goto finished; } else if (attributedesc_string && !strncmp("NtVer", attributedesc_string, 5)){ - guint32 flags; + uint32_t flags; len = 0; /* get flag value to populate ldapvalue_string */ @@ -734,48 +735,48 @@ finished: } /* This string contains the last Filter item that was decoded */ -static const char *Filter_string=NULL; -static const char *and_filter_string=NULL; -static const char *or_filter_string=NULL; -static const char *substring_value=NULL; -static const char *substring_item_init=NULL; -static const char *substring_item_any=NULL; -static const char *substring_item_final=NULL; -static const char *matching_rule_string=NULL; -static gboolean matching_rule_dnattr=FALSE; +static const char *Filter_string; +static const char *and_filter_string; +static const char *or_filter_string; +static const char *substring_value; +static const char *substring_item_init; +static const char *substring_item_any; +static const char *substring_item_final; +static const char *matching_rule_string; +static bool matching_rule_dnattr=false; #define MAX_FILTER_LEN 4096 -static gint Filter_length; +static int Filter_length; #define MAX_FILTER_ELEMENTS 200 -static gint Filter_elements; +static int Filter_elements; /* Global variables */ -static gint MessageID =-1; -static gint ProtocolOp = -1; -static gint result = 0; -static proto_item *ldm_tree = NULL; /* item to add text to */ +static int MessageID =-1; +static int ProtocolOp = -1; +static int result; +static proto_item *ldm_tree; /* item to add text to */ static void ldap_do_protocolop(packet_info *pinfo) { - const gchar* valstr; + const char* valstr; if (do_protocolop) { - valstr = val_to_str(ProtocolOp, ldap_ProtocolOp_choice_vals, "Unknown (%%u)"); + valstr = val_to_str(ProtocolOp, ldap_ProtocolOp_choice_vals, "Unknown (%u)"); col_append_fstr(pinfo->cinfo, COL_INFO, "%s(%u) ", valstr, MessageID); if(ldm_tree) proto_item_append_text(ldm_tree, " %s(%d)", valstr, MessageID); - do_protocolop = FALSE; + do_protocolop = false; } } static ldap_call_response_t * -ldap_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint messageId, guint protocolOpTag, ldap_conv_info_t *ldap_info) +ldap_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, unsigned messageId, unsigned protocolOpTag, ldap_conv_info_t *ldap_info) { ldap_call_response_t lcr, *lcrp=NULL; @@ -791,7 +792,7 @@ ldap_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gu case LDAP_REQ_MODRDN: case LDAP_REQ_COMPARE: case LDAP_REQ_EXTENDED: - lcr.is_request=TRUE; + lcr.is_request=true; lcr.req_frame=pinfo->num; lcr.rep_frame=0; break; @@ -806,7 +807,7 @@ ldap_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gu case LDAP_RES_COMPARE: case LDAP_RES_EXTENDED: case LDAP_RES_INTERMEDIATE: - lcr.is_request=FALSE; + lcr.is_request=false; lcr.req_frame=0; lcr.rep_frame=pinfo->num; break; @@ -852,10 +853,9 @@ ldap_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gu lcrp->req_time=pinfo->abs_ts; lcrp->rep_frame=0; lcrp->protocolOpTag=protocolOpTag; - lcrp->is_request=TRUE; + lcrp->is_request=true; wmem_map_insert(ldap_info->unmatched, lcrp, lcrp); return NULL; - break; case LDAP_RES_BIND: case LDAP_RES_SEARCH_ENTRY: case LDAP_RES_SEARCH_REF: @@ -878,7 +878,7 @@ ldap_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gu if(!lcrp->rep_frame){ wmem_map_remove(ldap_info->unmatched, lcrp); lcrp->rep_frame=pinfo->num; - lcrp->is_request=FALSE; + lcrp->is_request=false; wmem_map_insert(ldap_info->matched, lcrp, lcrp); } } @@ -913,28 +913,28 @@ static int dissect_LDAPMessage_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree int offset = 0; asn1_ctx_t asn1_ctx; - asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, true, pinfo); asn1_ctx.private_data = ldap_info; - offset = dissect_ldap_LDAPMessage(FALSE, tvb, offset, &asn1_ctx, tree, hf_ldap_LDAPMessage_PDU); + offset = dissect_ldap_LDAPMessage(false, tvb, offset, &asn1_ctx, tree, hf_ldap_LDAPMessage_PDU); return offset; } static void dissect_ldap_payload(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, ldap_conv_info_t *ldap_info, - gboolean is_mscldap) + bool is_mscldap) { int offset = 0; - guint length_remaining; - guint msg_len = 0; + unsigned length_remaining; + unsigned msg_len = 0; int messageOffset = 0; - guint headerLength = 0; - guint length = 0; + unsigned headerLength = 0; + unsigned length = 0; tvbuff_t *msg_tvb = NULL; - gint8 ber_class; + int8_t ber_class; bool pc, ind = 0; - gint32 ber_tag; + int32_t ber_tag; attributedesc_string=NULL; @@ -1023,7 +1023,7 @@ one_more_pdu: static void ldap_frame_end(void) { - ldap_found_in_frame = FALSE; + ldap_found_in_frame = false; attr_type = NULL; ldapvalue_string = NULL; /* ? */ @@ -1042,7 +1042,7 @@ ldap_frame_end(void) Filter_elements = 0; Filter_length = 0; - do_protocolop = FALSE; + do_protocolop = false; result = 0; /* seems to be ok, but reset just in case */ @@ -1050,19 +1050,19 @@ ldap_frame_end(void) } static void - dissect_ldap_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_mscldap) + dissect_ldap_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, bool is_mscldap) { int offset = 0; conversation_t *conversation; - gboolean doing_sasl_security = FALSE; - guint length_remaining; + bool doing_sasl_security = false; + unsigned length_remaining; ldap_conv_info_t *ldap_info = NULL; proto_item *ldap_item = NULL; proto_tree *ldap_tree = NULL; - guint32 sasl_length = 0; - guint32 remaining_length = 0; - guint8 sasl_start[2] = { 0, }; - gboolean detected_sasl_security = FALSE; + uint32_t sasl_length = 0; + uint32_t remaining_length = 0; + uint8_t sasl_start[2] = { 0, }; + bool detected_sasl_security = false; ldm_tree = NULL; @@ -1090,7 +1090,7 @@ static void */ if (ldap_info->first_auth_frame != 0 && pinfo->num >= ldap_info->first_auth_frame) { - doing_sasl_security = TRUE; /* yes */ + doing_sasl_security = true; /* yes */ } } @@ -1104,27 +1104,27 @@ static void if(!doing_sasl_security && tvb_bytes_exist(tvb, offset, 6)) { sasl_length = tvb_get_ntohl(tvb, offset); remaining_length = tvb_reported_length_remaining(tvb, offset); - sasl_start[0] = tvb_get_guint8(tvb, offset+4); - sasl_start[1] = tvb_get_guint8(tvb, offset+5); + sasl_start[0] = tvb_get_uint8(tvb, offset+4); + sasl_start[1] = tvb_get_uint8(tvb, offset+5); } if ((sasl_length + 4) <= remaining_length) { if (sasl_start[0] == 0x05 && sasl_start[1] == 0x04) { /* * Likely modern kerberos signing */ - detected_sasl_security = TRUE; + detected_sasl_security = true; } else if (sasl_start[0] == 0x60) { /* * Likely ASN.1 based kerberos */ - detected_sasl_security = TRUE; + detected_sasl_security = true; } } if (detected_sasl_security) { ldap_info->auth_type=LDAP_AUTH_SASL; ldap_info->first_auth_frame=pinfo->num; - ldap_info->auth_mech=wmem_strdup(wmem_file_scope(), "UNKNOWN"); - doing_sasl_security=TRUE; + ldap_info->auth_mech=wmem_strdup(wmem_file_scope(), "GSS-SPNEGO"); + doing_sasl_security=true; } /* @@ -1140,7 +1140,7 @@ static void } else { col_clear(pinfo->cinfo, COL_INFO); register_frame_end_routine (pinfo, ldap_frame_end); - ldap_found_in_frame = TRUE; + ldap_found_in_frame = true; } ldap_item = proto_tree_add_item(tree, is_mscldap?proto_cldap:proto_ldap, tvb, 0, -1, ENC_NA); @@ -1163,10 +1163,10 @@ static void * huge lengths). */ - if (doing_sasl_security && tvb_get_guint8(tvb, offset) == 0) { + if (doing_sasl_security && tvb_get_uint8(tvb, offset) == 0) { proto_tree *sasl_tree; tvbuff_t *sasl_tvb; - guint sasl_len, sasl_msg_len, length; + unsigned sasl_len, sasl_msg_len, length; /* * Yes. The frame begins with a 4-byte big-endian length. * And we know we have at least 6 bytes @@ -1232,7 +1232,7 @@ static void * which the plaintext data, i.e. the LDAP message, begins. */ tmp_length = tvb_reported_length_remaining(sasl_tvb, 4); - if ((guint)tmp_length > sasl_len) + if ((unsigned)tmp_length > sasl_len) tmp_length = sasl_len; gssapi_tvb = tvb_new_subset_length_caplen(sasl_tvb, 4, tmp_length, sasl_len); @@ -1247,41 +1247,46 @@ static void if(ver_len==0){ return; } - if (gssapi_encrypt.gssapi_decrypted_tvb) { - tvbuff_t *decr_tvb = gssapi_encrypt.gssapi_decrypted_tvb; - proto_tree *enc_tree = NULL; + if (gssapi_encrypt.gssapi_data_encrypted) { + if (gssapi_encrypt.gssapi_decrypted_tvb) { + tvbuff_t *decr_tvb = gssapi_encrypt.gssapi_decrypted_tvb; + proto_tree *enc_tree = NULL; - /* - * The LDAP payload (blob) was encrypted and we were able to decrypt it. - * The data was signed via a MIC token, sealed (encrypted), and "wrapped" - * within the mechanism's "blob." Call dissect_ldap_payload to dissect - * one or more LDAPMessages such as searchRequest messages within this - * payload. - */ - col_set_str(pinfo->cinfo, COL_INFO, "SASL GSS-API Privacy (decrypted): "); + /* + * The LDAP payload (blob) was encrypted and we were able to decrypt it. + * The data was signed via a MIC token, sealed (encrypted), and "wrapped" + * within the mechanism's "blob." Call dissect_ldap_payload to dissect + * one or more LDAPMessages such as searchRequest messages within this + * payload. + */ + col_set_str(pinfo->cinfo, COL_INFO, "SASL GSS-API Privacy (decrypted): "); - if (sasl_tree) { - guint decr_len = tvb_reported_length(decr_tvb); + if (sasl_tree) { + unsigned decr_len = tvb_reported_length(decr_tvb); - enc_tree = proto_tree_add_subtree_format(sasl_tree, decr_tvb, 0, -1, - ett_ldap_payload, NULL, "GSS-API Encrypted payload (%d byte%s)", - decr_len, plurality(decr_len, "", "s")); - } + enc_tree = proto_tree_add_subtree_format(sasl_tree, decr_tvb, 0, -1, + ett_ldap_payload, NULL, "GSS-API Encrypted payload (%d byte%s)", + decr_len, plurality(decr_len, "", "s")); + } - dissect_ldap_payload(decr_tvb, pinfo, enc_tree, ldap_info, is_mscldap); - } - else if (gssapi_encrypt.gssapi_data_encrypted) { - /* - * The LDAP message was encrypted but couldn't be decrypted so just display the - * encrypted data all of which is found in Packet Bytes. - */ - col_add_fstr(pinfo->cinfo, COL_INFO, "SASL GSS-API Privacy: payload (%d byte%s)", - sasl_len-ver_len, plurality(sasl_len-ver_len, "", "s")); + dissect_ldap_payload(decr_tvb, pinfo, enc_tree, ldap_info, is_mscldap); + } else { + /* + * The LDAP message was encrypted but couldn't be decrypted so just display the + * encrypted data all of which is found in Packet Bytes. + */ + col_add_fstr(pinfo->cinfo, COL_INFO, "SASL GSS-API Privacy: payload (%d byte%s)", + sasl_len-ver_len, plurality(sasl_len-ver_len, "", "s")); - proto_tree_add_item(sasl_tree, hf_ldap_gssapi_encrypted_payload, gssapi_tvb, ver_len, -1, ENC_NA); - } - else { - tvbuff_t *plain_tvb = tvb_new_subset_remaining(gssapi_tvb, ver_len); + proto_tree_add_item(sasl_tree, hf_ldap_gssapi_encrypted_payload, gssapi_tvb, ver_len, -1, ENC_NA); + } + } else { + tvbuff_t *plain_tvb; + if (gssapi_encrypt.gssapi_decrypted_tvb) { + plain_tvb = gssapi_encrypt.gssapi_decrypted_tvb; + } else { + plain_tvb = tvb_new_subset_remaining(gssapi_tvb, ver_len); + } proto_tree *plain_tree = NULL; /* @@ -1293,7 +1298,7 @@ static void col_set_str(pinfo->cinfo, COL_INFO, "SASL GSS-API Integrity: "); if (sasl_tree) { - guint plain_len = tvb_reported_length(plain_tvb); + unsigned plain_len = tvb_reported_length(plain_tvb); plain_tree = proto_tree_add_subtree_format(sasl_tree, plain_tvb, 0, -1, ett_ldap_payload, NULL, "GSS-API payload (%d byte%s)", @@ -1314,15 +1319,15 @@ static void } } -int dissect_mscldap_string(tvbuff_t *tvb, int offset, int max_len, char **str) +int dissect_mscldap_string(wmem_allocator_t *scope, tvbuff_t *tvb, int offset, int max_len, char **str) { int compr_len; - const gchar *name; - guint name_len; + const char *name; + unsigned name_len; /* The name data MUST start at offset 0 of the tvb */ compr_len = get_dns_name(tvb, offset, max_len, 0, &name, &name_len); - *str = get_utf_8_string(wmem_packet_scope(), name, name_len); + *str = get_utf_8_string(scope, name, name_len); return offset + compr_len; } @@ -1418,13 +1423,13 @@ static int dissect_mscldap_netlogon_flags(proto_tree *parent_tree, tvbuff_t *tvb return offset; } -static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void* data _U_) +static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { int old_offset, offset=0; char *str; - guint16 itype; - guint16 len; - guint32 version; + uint16_t itype; + uint16_t len; + uint32_t version; int fn_len; proto_item *item; @@ -1485,17 +1490,17 @@ static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tre /* Forest */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_forest, tvb, old_offset, offset-old_offset, str); /* Domain */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_domain, tvb, old_offset, offset-old_offset, str); /* Hostname */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_hostname, tvb, old_offset, offset-old_offset, str); /* DC IP Address */ @@ -1521,42 +1526,42 @@ static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tre /* Forest */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_forest, tvb, old_offset, offset-old_offset, str); /* Domain */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_domain, tvb, old_offset, offset-old_offset, str); /* Hostname */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_hostname, tvb, old_offset, offset-old_offset, str); /* NetBIOS Domain */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_nb_domain, tvb, old_offset, offset-old_offset, str); /* NetBIOS Hostname */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_nb_hostname, tvb, old_offset, offset-old_offset, str); /* User */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_username, tvb, old_offset, offset-old_offset, str); /* Server Site */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_sitename, tvb, old_offset, offset-old_offset, str); /* Client Site */ old_offset=offset; - offset=dissect_mscldap_string(tvb, offset, 255, &str); + offset=dissect_mscldap_string(pinfo->pool, tvb, offset, 255, &str); proto_tree_add_string(tree, hf_mscldap_clientsitename, tvb, old_offset, offset-old_offset, str); /* get the version number from the end of the buffer, as the @@ -1571,7 +1576,7 @@ static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tre * This section may need to be updated if the base Windows APIs * are changed to support ipv6, which currently is not the case. * - * The desector assumes the length is based on ipv4 and + * The dissector assumes the length is based on ipv4 and * ignores the length */ @@ -1579,7 +1584,7 @@ static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tre offset +=1; - /* add IP address and desect the sockaddr_in structure */ + /* add IP address and dissect the sockaddr_in structure */ old_offset = offset + 4; item = proto_tree_add_item(tree, hf_mscldap_netlogon_ipaddress, tvb, old_offset, 4, ENC_BIG_ENDIAN); @@ -1611,7 +1616,7 @@ static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tre offset = len - 8; - /* NETLOGON_NT_VERISON Options (MS-ADTS 6.3.1.1) */ + /* NETLOGON_NT_VERSION Options (MS-ADTS 6.3.1.1) */ offset = dissect_mscldap_ntver_flags(tree, tvb, offset); /* LM Token */ @@ -1625,7 +1630,7 @@ static int dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tre } -static guint +static unsigned get_sasl_ldap_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_) { @@ -1636,15 +1641,15 @@ get_sasl_ldap_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, static int dissect_sasl_ldap_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { - dissect_ldap_pdu(tvb, pinfo, tree, FALSE); + dissect_ldap_pdu(tvb, pinfo, tree, false); return tvb_captured_length(tvb); } -static guint +static unsigned get_normal_ldap_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_) { - guint32 len; + uint32_t len; bool ind; int data_offset; @@ -1659,7 +1664,7 @@ get_normal_ldap_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, static int dissect_normal_ldap_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { - dissect_ldap_pdu(tvb, pinfo, tree, FALSE); + dissect_ldap_pdu(tvb, pinfo, tree, false); return tvb_captured_length(tvb); } @@ -1700,7 +1705,7 @@ dissect_ldap_oid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void* #define LDAP_ACCESSMASK_ADS_CONTROL_ACCESS 0x00000100 static void -ldap_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access) +ldap_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access) { static int * const access_flags[] = { &hf_ldap_AccessMask_ADS_CONTROL_ACCESS, @@ -1717,7 +1722,8 @@ ldap_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 acces proto_tree_add_bitmask_list_value(tree, tvb, offset, 4, access_flags, access); } -struct access_mask_info ldap_access_mask_info = { + +static struct access_mask_info ldap_access_mask_info = { "LDAP", /* Name of specific rights */ ldap_specific_rights, /* Dissection function */ NULL, /* Generic mapping table */ @@ -1727,7 +1733,7 @@ struct access_mask_info ldap_access_mask_info = { static int dissect_ldap_nt_sec_desc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { - dissect_nt_sec_desc(tvb, 0, pinfo, tree, NULL, TRUE, tvb_reported_length(tvb), &ldap_access_mask_info); + dissect_nt_sec_desc(tvb, 0, pinfo, tree, NULL, true, tvb_reported_length(tvb), &ldap_access_mask_info); return tvb_captured_length(tvb); } @@ -1745,7 +1751,7 @@ dissect_ldap_sid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, void* static int dissect_ldap_guid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { - guint8 drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */ + uint8_t drep[4] = { 0x10, 0x00, 0x00, 0x00}; /* fake DREP struct */ e_guid_t uuid; /* This octet string contained a GUID */ @@ -1762,8 +1768,8 @@ dissect_ldap_guid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* dat static int dissect_ldap_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) { - guint32 sasl_len; - guint32 ldap_len; + uint32_t sasl_len; + uint32_t ldap_len; bool ind; conversation_t *conversation; ldap_conv_info_t *ldap_info = NULL; @@ -1819,7 +1825,7 @@ this_was_not_sasl: * <64k * (no ldap PDUs are ever >64kb? ) */ - if(tvb_get_guint8(tvb, 0)!=0x30){ + if(tvb_get_uint8(tvb, 0)!=0x30){ goto this_was_not_normal_ldap; } @@ -1870,7 +1876,7 @@ this_was_not_normal_ldap: * It has been seen with Exchange setup to MS AD * when Exchange pretend that there is SASL but in fact data are still * in clear*/ - if ((sasl_len + 4) == (guint32)tvb_reported_length_remaining(tvb, 0)) + if ((sasl_len + 4) == (uint32_t)tvb_reported_length_remaining(tvb, 0)) tcp_dissect_pdus(tvb, pinfo, tree, ldap_desegment, 4, get_sasl_ldap_pdu_len, dissect_sasl_ldap_pdu, data); end: return tvb_captured_length(tvb); @@ -1879,7 +1885,7 @@ this_was_not_normal_ldap: static int dissect_mscldap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) { - dissect_ldap_pdu(tvb, pinfo, tree, TRUE); + dissect_ldap_pdu(tvb, pinfo, tree, true); return tvb_captured_length(tvb); } @@ -2177,7 +2183,7 @@ void proto_register_ldap(void) { }; /* List of subtrees */ - static gint *ett[] = { + static int *ett[] = { &ett_ldap, &ett_ldap_payload, &ett_ldap_sasl_blob, @@ -2230,7 +2236,7 @@ void proto_register_ldap(void) { attributes_uat = uat_new("Custom LDAP AttributeValue types", sizeof(attribute_type_t), "custom_ldap_attribute_types", - TRUE, + true, &attribute_types, &num_attribute_types, /* specifies named fields, so affects dissection @@ -2256,7 +2262,7 @@ void proto_register_ldap(void) { ldap_tap=register_tap("ldap"); - ldap_name_dissector_table = register_dissector_table("ldap.name", "LDAP Attribute Type Dissectors", proto_cldap, FT_STRING, STRING_CASE_SENSITIVE); + ldap_name_dissector_table = register_dissector_table("ldap.name", "LDAP Attribute Type Dissectors", proto_cldap, FT_STRING, STRING_CASE_INSENSITIVE); register_srt_table(proto_ldap, NULL, 1, ldapstat_packet, ldapstat_init, NULL); } |