On Mon, May 26, 2014 at 10:00 AM, Richard Sharpe <realrichardsha...@gmail.com> wrote: > On Thu, May 22, 2014 at 12:37 AM, Kukosa, Tomas <tomas.kuk...@unify.com> > wrote: >> Hi Richard, >> >> I do not know how to decide (and where) whether it is request or response as >> I have never seen SPNEGO. >> >> But the second half of the problem to switch between NegTokenInit and >> NegTokenInit2 can be solved in following way: >> >> #.FN_BODY NegotiationToken/negTokenInit >> gboolean is_response = FALSE; /* get this information from somewhere */ >> if (is_response) { >> return dissect_spnego_NegTokenInit2(%(IMPLICIT_TAG)s, %(TVB)s, >> %(OFFSET)s, %(ACTX)s, %(TREE)s, %(HF_INDEX)s); >> } else { >> return dissect_spnego_NegTokenInit(%(IMPLICIT_TAG)s, %(TVB)s, >> %(OFFSET)s, %(ACTX)s, %(TREE)s, %(HF_INDEX)s); >> } >> #.END > > Thank you for that hint. Also, I have found the pinfo pointer in the actx. > > However, is this an issue?
Well, it looks like it is, since epan/dissectors/packet-spnego.c ended up empty. > [rsharpe@localhost spnego]$ make > /usr/bin/python ../../tools/asn2wrs.py \ > -b \ > -p spnego \ > -c ./spnego.cnf \ > -s ./packet-spnego-template \ > -D . \ > -O ../../epan/dissectors \ > spnego.asn > ASN.1 to Wireshark dissector compiler > :0: UserWarning: The same type names for different types. Explicit > type renaming is recommended. > T_mechListMIC > T_mechListMIC NegTokenInit/mechListMIC > T_mechListMIC_01 NegTokenTarg/mechListMIC > > :0: UserWarning: The same field names for different types. Explicit > field renaming is recommended. > mechListMIC > mechListMIC_01 OCTET_STRING NegTokenInit2/mechListMIC > mechListMIC T_mechListMIC NegTokenInit/mechListMIC > mechListMIC_02 T_mechListMIC_01 NegTokenTarg/mechListMIC > > :0: UserWarning: The same field names for different types. Explicit > field renaming is recommended. > mechToken > mechToken_01 OCTET_STRING NegTokenInit2/mechToken > mechToken T_mechToken NegTokenInit/mechToken > > -- > Regards, > Richard Sharpe > (何以解憂?唯有杜康。--曹操) -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe