Wireshark · Wireshark-commits: [Wireshark-commits] master daf8b80: packet-kerberos: avoid guessing the KDC_REP keyusage were possib

[Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>]

URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=daf8b802d862a19ea46d2b4ac683c4c2fe50321e
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

daf8b80 by Stefan Metzmacher (metze@xxxxxxxxx):

    packet-kerberos: avoid guessing the KDC_REP keyusage were possible
    
    We already know about the top level message type.
    
    So we only need an autodetection for the TGS-REP.
    We could also avoid that, but that would need state to
    match TGS-REQ with TGS-REP.
    
    But if we client used FAST and we got a strengthen_key,
    we're sure an authenticator subkey was used.
    
    Windows don't use an authenticator subkey without FAST,
    but heimdal does.
    
    For now try 8 before 9 in order to avoid overhead and false
    positives for the 'kerberos.missing_keytype' filter in pure
    windows captures.
    
    Change-Id: If974dda735cd2aa5b1920c26309e5e2081723e4f
    Signed-off-by: Stefan Metzmacher <metze@xxxxxxxxx>
    Reviewed-on: https://code.wireshark.org/review/37299
    Petri-Dish: Anders Broman <a.broman58@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  fd9ed55   packet-kerberos: avoid guessing the authorization_data keyusage
     add  daf8b80   packet-kerberos: avoid guessing the KDC_REP keyusage were possible


Summary of changes:
 .../asn1/kerberos/packet-kerberos-template.c       | 49 +++++++++++++++----
 epan/dissectors/packet-kerberos.c                  | 55 +++++++++++++++++-----
 2 files changed, 83 insertions(+), 21 deletions(-)