aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2019-08-14 14:55:14 +0200
committerAnders Broman <a.broman58@gmail.com>2020-01-07 12:39:04 +0000
commit2a8a604a1d8d696c7bd1a3aa4aecaaf495fe3c48 (patch)
tree79d30bf733d9a21bc1b7585304b6aa38478bb3e9
parent371c2d1bd64b16b4f279fa10a4f0636ed99fcb87 (diff)
packet-dcerpc-netlogon: split out uncrypt_sequence_strong()
Change-Id: Ie58377b319632c74ad61c2df42e690466b5c5608 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-on: https://code.wireshark.org/review/35590 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
-rw-r--r--epan/dissectors/packet-dcerpc-netlogon.c18
1 files changed, 16 insertions, 2 deletions
diff --git a/epan/dissectors/packet-dcerpc-netlogon.c b/epan/dissectors/packet-dcerpc-netlogon.c
index 46107b6eba..502a59ba05 100644
--- a/epan/dissectors/packet-dcerpc-netlogon.c
+++ b/epan/dissectors/packet-dcerpc-netlogon.c
@@ -7651,7 +7651,7 @@ static int get_seal_key(const guint8 *session_key,int key_len,guint64 sequence,g
}
-static guint64 uncrypt_sequence(guint8* session_key,guint64 checksum,guint64 enc_seq,unsigned char is_server _U_)
+static guint64 uncrypt_sequence_strong(guint8* session_key,guint64 checksum,guint64 enc_seq,unsigned char is_server _U_)
{
guint8 zeros[4] = { 0 };
guint8 buf[HASH_MD5_LENGTH];
@@ -7685,6 +7685,20 @@ static guint64 uncrypt_sequence(guint8* session_key,guint64 checksum,guint64 enc
return enc_seq;
}
+static guint64 uncrypt_sequence(guint32 flags, guint8* session_key,guint64 checksum,guint64 enc_seq,unsigned char is_server _U_)
+{
+ if (flags & NETLOGON_FLAG_AES) {
+ /* TODO */
+ return 0;
+ }
+
+ if (flags & NETLOGON_FLAG_STRONGKEY) {
+ return uncrypt_sequence_strong(session_key, checksum, enc_seq, is_server);
+ }
+
+ return 0;
+}
+
static tvbuff_t *
dissect_packet_data(tvbuff_t *tvb ,tvbuff_t *auth_tvb _U_,
int offset , packet_info *pinfo ,dcerpc_auth_info *auth_info _U_,unsigned char is_server)
@@ -7813,7 +7827,7 @@ dissect_secchan_verf(tvbuff_t *tvb, int offset, packet_info *pinfo,
else {
if(update_vars) {
vars->confounder = confounder;
- vars->seq = uncrypt_sequence(vars->session_key,digest,encrypted_seq,is_server);
+ vars->seq = uncrypt_sequence(vars->flags,vars->session_key,digest,encrypted_seq,is_server);
}
if(get_seal_key(vars->session_key,16,vars->seq,vars->encryption_key))