Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: packet-kerberos.c: hand-written or ASN.1?

From: ronnie sahlberg <ronniesahlberg () gmail com>
Date: Wed, 27 Jan 2010 19:30:57 +1100
ouch,   it is partially machinegenerated!

when did that happen ? :-)


On Wed, Jan 27, 2010 at 7:30 PM, ronnie sahlberg
<ronniesahlberg () gmail com> wrote:

packet-kerberos.c is handwritten.

packet-kerberos contains a whoole lot more than just rfc1510
(it even handles a pre rfc version of 1510 with a slightly different
asn, used by packetcable)


The vast majority of the code in apcket-kerberos.c is not really the
actual pdu definitions as of 1510
but things likes vast numbers of microsoft (and other) extensions to
various fields.

value strings   that are not defined in 1510

and of course, the whole decryption code   and microsoft PAC code.


Since the packetstructure in rfc1510 is such a very small part of
packet-kerberos.c  I dont think it is worth it to move it to
machinegenerated code.
(and if doing so, we would have to use a modified asn anyway, to not
break packetcable)



I think it is best if you just enhance the hf fields, one by one, as
you find them too terse.




regards
ronnie sahlberg




On Wed, Jan 27, 2010 at 6:25 PM, Stephen Fisher
<steve () stephen-fisher com> wrote:

I've started working with Kerberos at work, and I was analyzing packets
with Wireshark when I noticed that a number of the packet detail field
names are pretty terse.  Is packet-kerberos.c written by hand, generated
with ASN.1 or both?  I'm guessing both.  Is there a move to change it to
entirely one way or the other?  I was wanting to expand some field names
for things such as cusec.  I realize that hf_krb_cusec has a description
for the status line of "micro second component of client time" but I
still think that cusec could be expanded in the details pane.  Maybe
something like "Client microseconds" or "Microseconds" under a Client
tree title.


Steve

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe




___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: