I have no current changes pending for packet-ber.c
the only things pending i have is packet-kerberos.c
<ad>
NEW BETTER FASTER ULTRA TURBO PLUS MEGA 2000
NOW WITH DISSECTION OF W2K PAC STRUCTURES!!!
</ad>
there are still "issues" due to my ignorance of how heimdal works
that causes it to leak memory.
it is easy to fix but i am just distracted since the PAC_LOGON_INFO
structure as described in the
ietf draft does not exactly match the decrypted blob i have.
(draft says : this is (identical to) NETLOGON/VALIDATE_SAM_INFO2
but my decrypted blob seems to contain 20 bytes extra before the described
structure
and it seems to lack 2 of the 6 unique pointers in the middle of it.
could be mistake on my side doing the ndr decoding with pen n paper also.
has been known to happen)
as soon as I get
1, PAC_LOGON_INFO to decode properly
2, have fixed the meory leaks
3, someone(not me) adds the automake magic for heimdal detection
then I plan to add it to cvs.
I can post the latest prototype version later tonight if you want to test
it.
If the changes are not too big, even if the changes the API send tehm to
the list and i will update
my prototype kerberos version, no need to hold back needed changes just
because I cant check in a kerberos
thing right now.
Oh. If some has or can create a capture file of a user mapping a share on
a file server in a w2k domain (so SessionSetupAndX contains
a kerberos blob which in turn contains a PAC_LOGON_INFO struct) and also
make a copy of the keytab file holding the principals for the server
and send to me it would help immensly to get the PAC_LOGON_INFO thing sorted
out.
----- Original Message -----
From: "Tomas Kukosa" <tomas.kukosa@xxxxxxxxxxx>
To: "Ethereal development" <ethereal-dev@xxxxxxxxxxxx>
Sent: Thursday, March 04, 2004 5:48 PM
Subject: Re: [Ethereal-dev] kerberos update
> Hi Ronnie,
> when dou you plan to put it into the CVS?
> I would like to make some changes into packet-ber but I do not want to mak
e them when you
> have some BER related code in your "working-buffer":-).
>
> Regards,
> Tomas
>
> Ronnie Sahlberg wrote:
>
> > Attached is a slightly updated version of packet kerberos.
> >
> > To test it you must have heimdal installed and you must uncomment the
two
> > HAVE_KERBEROS and HAVE_HEIMDAL_KERBEROS defines.
> > Secondly you must modify the Makefile to add 'krb5-config --cflags' and
> > 'krb5-config --libs'
> > to the build flags.
> > Third you must put the keytabfile in the directory from where you run
> > ethereal. It must be named : krb5.keytab
> >
> > With this it will decrypt and dissect kerberos blobs. Example capture
file
> > and keytab file are in my previous posts.
> >
> >
> >
> > This only works on unix hosts where heimdal is available.
> > If someone is interested in win32, could someone test if the DLLs from
> > http://www.stacken.kth.se/~thn/ktelnet
> > (which are native win32 DLLs) combined with the headers from the heimdal
> > source
> > could be used to build a working version for kerberos decryption for w32
> > ?
> >
> > best regards
> > ronnie sahlberg
> >
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev