Wireshark · Ethereal-cvs: [Ethereal-cvs] cvs commit: ethereal packet-dcerpc.c packet-dcerpc.h packet-ntlmssp.c

Ethereal-cvs: [Ethereal-cvs] cvs commit: ethereal packet-dcerpc.c packet-dcerpc.h packet-ntlms

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Tim Potter <tpot@xxxxxxxxxxxxxxxxx>

Date: Fri, 26 Sep 2003 01:30:13 -0500 (CDT)

tpot        2003/09/26 01:30:13 CDT

  Modified files:
    .                    packet-dcerpc.c packet-dcerpc.h 
                         packet-ntlmssp.c 
  Log:
  This commit refactors the dcerpc authentication subdissectors for
  handling encrypted request/response PDUs.  Instead of having
  dissection function pointers which perform both decryption and
  dissection, the function pointers now only decrypt the DCERPC fragment
  payload.  Dissection is handled by the dcerpc_try_handoff() function
  (with DCERPC fragment reassembly if necessary).
  
  Details:
  
   - Move the dcerpc_auth_info struct into dcerpc.h as it is now used in
     the function prototype for the decryption function handlers.
  
   - decode_encrypted_data() was refactored to take a boolean request
     parameter instead of passing the DCERPC PDU packet type.
  
   - A tvbuff_t * data field was added to dcerpc_auth to hold the
     verifier.  This is passed as an argument to the decryption function
     handlers.
  
   - Dissection of verifiers in request and response PDUs was moved to
     before the payload.
  
   - The dissect_dcerpc_cn_stub() function was refactored to perform
     the decryption process and hand decrypted data to the reassembly
     code instead of performing the decryption after reassembly.
  
   - Removed references to decrypted_info_t as it's not necessary
     anymore.
  
  Code was tested using encrypted and unencrypted fragmented PDUs.
  Before this commit ethereal could not dissect unencrypted (!)
  fragmented PDUs correctly.
  
  Revision  Changes    Path
  1.142     +105 -125  ethereal/packet-dcerpc.c
  1.35      +22 -10    ethereal/packet-dcerpc.h
  1.45      +14 -43    ethereal/packet-ntlmssp.c

Prev by Date: [Ethereal-cvs] cvs commit: ethereal packet-dcerpc.c
Next by Date: [Ethereal-cvs] cvs commit: ethereal packet-lapb.c
Previous by thread: [Ethereal-cvs] cvs commit: ethereal/gtk bootp_stat.c dcerpc_stat.c fc_stat.c http_stat.c io_stat.c mgcp_stat.c rpc_stat.c rtp_analysis.c rtp_stream_dlg.c smb_stat.c wsp_stat.c
Next by thread: [Ethereal-cvs] cvs commit: ethereal packet-lapb.c
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$