"byteorder",
"crc",
"der-parser 6.0.1",
+ "der-parser 8.2.0",
"digest",
"flate2",
"hex",
sawp-modbus = "~0.11.0"
sawp = "~0.11.0"
-der-parser = "~6.0"
-kerberos-parser = "~0.7.1"
+der-parser = "~8.2.0"
+kerberos-parser = { version = "~0.7.1", default_features = false }
+
+# Kerberos parsing still depends on der-parser 6.0.1.
+der-parser6 = { package = "der-parser", version = "~6.0.1", default_features = false }
+
ntp-parser = "~0.6.0"
ipsec-parser = "~0.7.0"
snmp-parser = "~0.9.0"
* 02110-1301, USA.
*/
-use der_parser::ber::{parse_ber_recursive, BerObject, BerObjectContent, BerTag};
+use der_parser::ber::{parse_ber_recursive, BerObject, BerObjectContent, Tag};
use nom7::Err;
use std::convert::TryFrom;
fn check_object(obj: &BerObject, ad: &DetectAsn1Data) -> Option<Asn1Check> {
// get length
// Note that if length is indefinite (BER), this will return None
- let len = obj.header.len.primitive().ok()?;
+ let len = obj.header.length().definite().ok()?;
// oversize_length will check if a node has a length greater than
// the user supplied length
if let Some(oversize_length) = ad.oversize_length {
// to ignore is greater than the length decoded (in bits)
if ad.bitstring_overflow
&& (obj.header.is_universal()
- && obj.header.tag == BerTag::BitString
+ && obj.header.tag() == Tag::BitString
&& obj.header.is_primitive())
{
if let BerObjectContent::BitString(bits, _v) = &obj.content {
// and the buffer is greater than 256, the array is overflown
if ad.double_overflow
&& (obj.header.is_universal()
- && obj.header.tag == BerTag::RealType
+ && obj.header.tag() == Tag::RealType
&& obj.header.is_primitive())
{
if let Ok(data) = obj.content.as_slice() {
use nom7::IResult;
use nom7::error::{ErrorKind, ParseError};
use nom7::number::streaming::le_u16;
-use der_parser;
-use der_parser::der::parse_der_oid;
-use der_parser::error::BerError;
+use der_parser6;
+use der_parser6::der::parse_der_oid;
+use der_parser6::error::BerError;
use kerberos_parser::krb5::{ApReq, PrincipalName, Realm};
use kerberos_parser::krb5_parser::parse_ap_req;
fn parse_kerberos5_request_do(blob: &[u8]) -> IResult<&[u8], ApReq, SecBlobError>
{
- let (_,b) = der_parser::parse_der(blob).map_err(nom7::Err::convert)?;
+ let (_,b) = der_parser6::parse_der(blob).map_err(nom7::Err::convert)?;
let blob = b.as_slice().or(
Err(nom7::Err::Error(SecBlobError::KrbFmtError))
)?;
use nom7::{Err, IResult};
use nom7::number::streaming::be_u32;
use der_parser::der::der_read_element_header;
-use der_parser::ber::BerClass;
+use der_parser::ber::Class;
use kerberos_parser::krb5_parser;
use kerberos_parser::krb5::{EncryptionType,ErrorCode,MessageType,PrincipalName,Realm};
use crate::applayer::{self, *};
match der_read_element_header(i) {
Ok((_rem,hdr)) => {
// Kerberos messages start with an APPLICATION header
- if hdr.class != BerClass::Application { return 0; }
- match hdr.tag.0 {
+ if hdr.class() != Class::Application { return 0; }
+ match hdr.tag().0 {
10 => {
self.req_id = 10;
},
};
self.req_id = 0;
},
- _ => { SCLogDebug!("unknown/unsupported tag {}", hdr.tag); },
+ _ => { SCLogDebug!("unknown/unsupported tag {}", hdr.tag()); },
}
0
},
match der_read_element_header(slice) {
Ok((rem, ref hdr)) => {
// Kerberos messages start with an APPLICATION header
- if hdr.class != BerClass::Application { return ALPROTO_FAILED; }
+ if hdr.class() != Class::Application { return ALPROTO_FAILED; }
// Tag number should be <= 30
- if hdr.tag.0 > 30 { return ALPROTO_FAILED; }
+ if hdr.tag().0 > 30 { return ALPROTO_FAILED; }
// Kerberos messages contain sequences
if rem.is_empty() || rem[0] != 0x30 { return ALPROTO_FAILED; }
// Check kerberos version
use crate::smb::smb::*;
use nom7::{Err, IResult};
-use der_parser::ber::BerObjectContent;
-use der_parser::der::{parse_der_oid, parse_der_sequence};
+use der_parser6::ber::BerObjectContent;
+use der_parser6::der::{parse_der_oid, parse_der_sequence};
fn parse_secblob_get_spnego(blob: &[u8]) -> IResult<&[u8], &[u8], SecBlobError>
{
- let (rem, base_o) = der_parser::parse_der(blob).map_err(Err::convert)?;
+ let (rem, base_o) = der_parser6::parse_der(blob).map_err(Err::convert)?;
SCLogDebug!("parse_secblob_get_spnego: base_o {:?}", base_o);
let d = match base_o.content.as_slice() {
Err(_) => { return Err(Err::Error(SecBlobError::NotSpNego)); },
fn parse_secblob_spnego_start(blob: &[u8]) -> IResult<&[u8], &[u8], SecBlobError>
{
- let (rem, o) = der_parser::parse_der(blob).map_err(Err::convert)?;
+ let (rem, o) = der_parser6::parse_der(blob).map_err(Err::convert)?;
let d = match o.content.as_slice() {
Ok(d) => {
SCLogDebug!("d: next data len {}",d.len());
Ok(s) => s,
_ => { continue; },
};
- let o = match der_parser::parse_der(n) {
+ let o = match der_parser6::parse_der(n) {
Ok((_,x)) => x,
_ => { continue; },
};
projects / thirdparty / suricata.git / commitdiff
