Wireshark · Ethereal-dev: [Ethereal-dev] Re: nettle support on windows

Ethereal-dev: [Ethereal-dev] Re: nettle support on windows

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>

Date: Fri, 8 Apr 2005 05:41:51 -0400

Why do you want to link with nettle?

AFAIKT   The ethereal support and use for nettle is for the special
case to handle
packetcable-style kerberos decryption.

It will NOT work for decrypting normal CIFS traffic and sing-and-seal
to a normal AD DC.

The kerberos support with nettle differs from the (so far only unix
kerberos suport) heimdal and mit in that nettle
1, only supports reading keys from krb4 style encryption key files,
srvtab or whatever they were called.
standard krb5.keytab files are not understood nor suported.
2, it can only decrypt the special non-1510 version of kerberos that
only packetcable use since it uses different pdu padding compared to
normal kerberos.

we should merge the two styles of implementation together  so at least
the 'read keytabfile' functions can be used with any of the filetypes.

then we should maybe link with mit on windows so normal kjerberos can
be decrypted on windows, and also always link with nettle on unix as
well  and have a krb5 preference : Decrypt kerberos as KRB5 or
PacketCable  where the user can control which style of decryption to
choose.
The preference should default to KRB5 since those users are more
frequent than packetcable users.

I think many many more users (like all serious cifs users) would
benefit from having ethereal on windows linked with mit for windows.
Best would be to link always with both MIT and nettle (since nettle
will be useful for many non-kerberos related decryption things   such
as ipsec decryption)

On Wed, 06 Apr 2005 12:47:23 +0200, Lars Roland <lars.roland@xxxxxxx> wrote:
> Hello all,
> 
> I'd like to use the nettle library in ethereal on windows.
> It looks like Gerald did that successfully in the past.
> See http://www.ethereal.com/lists/ethereal-dev/200410/msg00226.html .
> Unfortunately the link to the precompiled library in that message isn't 
> valid anymore and I haven't found any hint in the sources of nettle and 
> googling didn't help me either, how to build it on windows.
> 
> Any help appreciated.
> 
> Regards,
> Lars
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>

Follow-Ups:
- Re: [Ethereal-dev] Re: nettle support on windows
  - From: Lars Roland

References:
- [Ethereal-dev] nettle support on windows
  - From: Lars Roland

Prev by Date: Re: [Ethereal-dev] [Patch] Write graph functionality
Next by Date: [Ethereal-dev] Re: Ethereal patch for fcels
Previous by thread: Re: [Ethereal-dev] nettle support on windows
Next by thread: Re: [Ethereal-dev] Re: nettle support on windows
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$