* 02110-1301, USA.
*/
-use smb::kerberos_parser::krb5_parser;
+use smb::kerberos_parser::krb5_parser::parse_ap_req;
use smb::kerberos_parser::krb5::{ApReq,Realm,PrincipalName};
use log::*;
use smb::ntlmssp_records::*;
use smb::smb::*;
-use nom;
-use nom::{IResult, ErrorKind};
+use nom::{IResult, ErrorKind, le_u16};
use der_parser;
+use der_parser::parse_der_oid;
#[derive(Debug,PartialEq)]
pub struct Kerberos5Ticket {
IResult::Incomplete(needed) => { return IResult::Incomplete(needed); },
IResult::Error(err) => { return IResult::Error(err); },
};
- let (rem, base_o) = match der_parser::parse_der_oid(blob) {
- IResult::Done(rem, o) => (rem, o),
- IResult::Incomplete(needed) => { return IResult::Incomplete(needed); },
- IResult::Error(err) => { return IResult::Error(err); },
- };
- SCLogDebug!("parse_kerberos5_request: base_o {:?}", base_o);
-
- // not DER encoded 2 byte length field
- let (rem, tok_id) = match nom::le_u16(rem) {
- IResult::Done(rem, o) => (rem, o),
- IResult::Incomplete(needed) => { return IResult::Incomplete(needed); },
- IResult::Error(err) => { return IResult::Error(err); },
- };
- SCLogDebug!("parse_kerberos5_request: tok_id {}", tok_id);
-
- krb5_parser::parse_ap_req(rem)
+ do_parse!(
+ blob,
+ base_o: parse_der_oid >>
+ tok_id: le_u16 >>
+ ap_req: parse_ap_req >>
+ ({
+ SCLogDebug!("parse_kerberos5_request: base_o {:?}", base_o.as_oid());
+ SCLogDebug!("parse_kerberos5_request: tok_id {}", tok_id);
+ ap_req
+ })
+ )
}
if fuid_len == 16 {
guid_to_string(fuid)
} else if fuid_len == 2 {
- let o = format!("{:02x}{:02x}", fuid[1], fuid[0]);
- o.to_string()
+ format!("{:02x}{:02x}", fuid[1], fuid[0])
} else if fuid_len == 6 {
let pure_fid = &fuid[0..2];
- let o = format!("{:02x}{:02x}", pure_fid[1], pure_fid[0]);
- o.to_string()
+ format!("{:02x}{:02x}", pure_fid[1], pure_fid[0])
} else {
"".to_string()
}
js.set_string("dialect", &dialect);
} else {
let dialect = match &state.dialect_vec {
- &Some(ref d) => {
- match str::from_utf8(&d) {
- Ok(v) => v,
- Err(_) => "invalid",
- }
- },
- &None => { "unknown" },
+ &Some(ref d) => str::from_utf8(&d).unwrap_or("invalid"),
+ &None => "unknown",
};
js.set_string("dialect", &dialect);
}
/// take a string, unicode or ascii based on record
pub fn smb1_get_string<'a>(i: &'a[u8], r: &SmbRecord, offset: usize) -> IResult<&'a[u8], Vec<u8>> {
- do_parse!(i,
- u: value!(r.has_unicode_support())
- >> s: switch!(value!(u),
- true => apply!(smb_get_unicode_string_with_offset, offset) |
- false => call!(smb_get_ascii_string))
- >> ( s )
- )
+ if r.has_unicode_support() {
+ smb_get_unicode_string_with_offset(i, offset)
+ } else {
+ smb_get_ascii_string(i)
+ }
}
#[derive(Debug,PartialEq)]
projects / thirdparty / suricata.git / commitdiff
