Wireshark · Ethereal-dev: Re: [ethereal-dev] krb5 packet decoder

Ethereal-dev: Re: [ethereal-dev] krb5 packet decoder

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Wes Hardaker <wjhardaker@xxxxxxxxxxx>

Date: 30 Jul 2000 17:16:43 -0700

>>>>> On Sun, 30 Jul 2000 01:27:32 -0700, Guy Harris <gharris@xxxxxxxxxxxx> said:

>> I'll probably clean it up more in the future at some unknown time.  If
>> anyone else wants to play with (ie, fix) it, however, I thought I'd
>> post it now at least.

Guy> So does that mean "it's probably in good enough shape to check in
Guy> with at most some minor tweaking" (as long as it correctly
Guy> decides enough of Kerberos to be interesting, and isn't known to
Guy> dump core or spew out lots of debugging messages on packets it
Guy> can't handle, it's arguably good enough to check in), or "you
Guy> probably want to do a fair bit of work on it, or wait for the
Guy> future cleanup, before checking it in"?  (I have no Kerberos
Guy> traces with which to test it.)

It's solid enough to handle most cases just fine.  If you send it a
krb4 packet across a krb5 port, well you're on your own then.  It
shouldn't die, it should just fail to decode it I think.

The majority of the client<->kdc packets are parsed just fine.  I have 
a bit more that could be parsed better, and the options aren't printed 
out in an intelligent manner.

But, yes, I think you could check it in.

(I already took out the billions of hex-print debugging output before
sending it to you ;-)

>> #ifdef linux
>> #include <dlfcn.h>
>> #endif

Guy> That's not necessary - that's in the SNMP dissector because it
Guy> does some run-time linking hackery to work around the binary
Guy> compatibility problems in UCD SNMP 4.1.1, but, as the Kerberos
Guy> dissector doesn't call "dlopen()" and company, it's not needed
Guy> there.

I see you figured out which decoder I used as a template ;-)

Thanks, I'll remove them from my copy.  I just copied a bunch of
headers in not knowing if they were for the package or the packet
filter specifically.

>> #include "etypes.h"
>> #include "packet-ipx.h"

Guy> Those probably also aren't needed - Kerberos probably doesn't
Guy> need to know Ethernet type values or IPX socket values, unlike
Guy> SNMP, which can run atop raw Ethernet or IPX and thus needs to
Guy> register its Ethernet type and IPX socket values with the
Guy> Ethertype and IPX dissectors.

I'll drop those too.  Thanks.

-- 
"Ninjas aren't dangerous.  They're more afraid of you than you are of them."

Follow-Ups:
- Re: [ethereal-dev] krb5 packet decoder
  - From: Guy Harris

References:
- [ethereal-dev] krb5 packet decoder
  - From: Wes Hardaker
- Re: [ethereal-dev] krb5 packet decoder
  - From: Guy Harris

Prev by Date: [ethereal-dev] 0.8.10: IPv6 fragmention header patch
Next by Date: Re: [ethereal-dev] pipe capture checked in
Previous by thread: Re: [ethereal-dev] krb5 packet decoder
Next by thread: Re: [ethereal-dev] krb5 packet decoder
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$