Ethereal-dev: Re: [Ethereal-dev] Patch to packet-dns.c (2) - fixes a display error

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxx>
Date: Mon, 22 Nov 2004 00:28:43 -0800
Yaniv Kaul wrote:
Apparently, the Mode and Error of TKey were highlighting a word off of where they should have. 
Attached diff contains a fix for this


Checked in.


as well as my previous patch (for TKEY with NTLMSSP data).
Not checked in for this patch, as I'd already checked it in for the first patch. 

BTW, a comment I put in near that code a while ago says

                /*
                 * XXX - in at least one capture, this appears to
                 * be an NTLMSSP blob, with no ASN.1 in it, in
                 * a query.
                 *
                 * See RFC 3645 which might indicate what's going
                 * on here.  (The key is an output_token from
                 * GSS_Init_sec_context.)
                 *
                 * How the heck do we know what method is being
                 * used, so we know how to decode the key?  Do we
                 * have to look at the algorithm name, e.g.
                 * "gss.microsoft.com"?  We currently do as the
                 * the SMB dissector does in some cases, and check
                 * whether the security blob begins with "NTLMSSP".
                 */
Is there another way of finding out the type of token, or is the current heuristic the best way?