Wireshark-bugs: [Wireshark-bugs] [Bug 4375] Kerberos PKInit pre authentication type
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4375
--- Comment #2 from Ravi Chintakunta <ravi.kanth@xxxxxxxxxxx> 2010-01-08 06:14:13 PST ---
(In reply to comment #1)
> (In reply to comment #0)
> > The pre authentication type for Kerberos PKINIT does not match with
> > http://www.ietf.org/rfc/rfc4556.txt. For example, for
> >
> > pa-pk-as-req INTEGER ::= 16
> >
> > wireshark displays the data as pa-dass and does not analyze the data correctly.
>
> 1. There have been some recent updates to the kerberos dissector.
> Although this problem sounds different than that reported in Bug #4363, it
> would be appreciated if you could download a recent development version of
> Wireshark from http://www.wireshark.org/download/automated/win32/ and
> verify that the problem still exists.
>
> 2. If the problem still exists, Can you attach a (small) capture file
> showing the problem ??
> If needed, you can mark the attachment as private.
I have tried the development version Version 1.3.3-SVN-31446 (SVN Rev 31446
from /trunk) and see the same behavior.
In
http://anonsvn.wireshark.org/viewvc/trunk/asn1/kerberos/packet-kerberos-template.c?view=co&content-type=text%2Fplain
you may see these declarations:
#define KRB5_PA_PK_AS_REQ 14
#define KRB5_PA_PK_AS_REP 15
#define KRB5_PA_DASS 16
These definitions are in line with:
http://tools.ietf.org/html/draft-ietf-cat-kerberos-pk-init-09
And which have been redefined in:
http://www.ietf.org/rfc/rfc4556.txt
where in PA-PK-AS-REQ = 16 and PA-PK-AS-REP = 17.
Microsoft seems to support both of them:
http://download.microsoft.com/download/a/e/6/ae6e4142-aa58-45c6-8dcf-a657e5900cd3/%5BMS-PKCA%5D.pdf
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
