Wireshark · Wireshark-dev: Re: [Wireshark-dev] Kerberos pre-auth type constants

Wireshark-dev: Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?

From: Bill Meier <wmeier@xxxxxxxxxxx>

Date: Mon, 03 May 2010 11:01:41 -0400

Kaul wrote:

On Mon, May 3, 2010 at 4:47 PM, Anders Broman <anders.broman@xxxxxxxxxxxx>wrote:

 Hi,
Note that packet-kerberos-template.c isn't used to generate
packet-kerberos.c currently, I would guess
that the info in packet-kerberos-template.c is copied from the current hand
written dissector.
Regards
Anders



Yes, I've just discovered that. And indeed, changing the value in
packet-kerberos.c seems to solve the issue.
Y.

When I looked at this some time back, I convinced myself (ISTR viatesting) that the 'dissect_ber_integer' in 'dissect_krb5_PA_DATA_type'

returned a 32-bit 'FFFFFF80' for a KRB5_PA_PAC_REQUEST byte of 0x80.

The same appeared to also be true for KRB5_PA_S4U2SELF &KRB5_PA_PROV_SRV_LOCATION.



Can you supply a capture so I can look into this ???

(Maybe the best way is to create a bug report and attach a capture file.You can mark the attachment as private if needed).


Thanks

Bill

Follow-Ups:
- Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
  - From: Bill Meier

References:
- [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
  - From: Kaul
- Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
  - From: Anders Broman
- Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
  - From: Kaul

Prev by Date: Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
Next by Date: Re: [Wireshark-dev] Best way to handle a variable-length NULL-terminated string in a tvb
Previous by thread: Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
Next by thread: Re: [Wireshark-dev] Kerberos pre-auth type constants - MS extensions are wrong?
Index(es):
- Date
- Thread