Improved SPNEGO dissector available in Wireshark soon
Richard Sharpe
realrichardsharpe at gmail.com
Thu Jun 5 07:38:02 MDT 2014
On Wed, Jun 4, 2014 at 10:06 PM, Matthieu Patou <mat at samba.org> wrote:
> On 05/31/2014 12:33 PM, Richard Sharpe wrote:
>>
>> Hi folks,
>>
>> I fixed the SPNEGO dissector at long last and the fixes have been
>> merged into the Wireshark git repository.
>>
>> They are two fold:
>>
>> 1. It now correctly handles the negHints field that MS added to a
>> negTokenInit coming from a server in a NegotiateProtocol response.
>>
>> 2. It also correctly handles the mechListMIC now so that we don't
>> double dissect it in some cases.
>>
>> These changes should turn up in a version of Wireshark in the near future.
>>
>> Thanks to Simo for providing a capture that showed the second problem.
>>
> Is it pidl generated ?
No, but it is (partially) generated from the ASN.1 definition. There
is still a lot of code annotation that is needed ... (and in a weird
way.)
Have a look in wireshark-src/asn1/spnego/spnego.cnf
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list