From: Victor Julien Date: Fri, 2 Mar 2018 16:19:18 +0000 (+0100) Subject: smb: update to der-parser 0.5.1 X-Git-Tag: suricata-4.1.0-beta1~91 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dab055d8c83b409a0046766e29717ee45d56f25d;p=thirdparty%2Fsuricata.git smb: update to der-parser 0.5.1 --- diff --git a/rust/Cargo.toml.in b/rust/Cargo.toml.in index 55ae38997c..9bc2198cfb 100644 --- a/rust/Cargo.toml.in +++ b/rust/Cargo.toml.in @@ -18,6 +18,6 @@ debug = [] nom = "~3.2.1" libc = "^0.2.36" crc = "~1.7.0" -der-parser = "0.5.0" +der-parser = "0.5.1" ntp-parser = { version = "^0", optional = true } diff --git a/rust/src/smb/auth.rs b/rust/src/smb/auth.rs index 491818315c..f34f25ae41 100644 --- a/rust/src/smb/auth.rs +++ b/rust/src/smb/auth.rs @@ -62,18 +62,17 @@ fn parse_kerberos5_request_ticket(blob: &[u8]) -> IResult<&[u8], Kerberos5Ticket SCLogDebug!("parse_kerberos5_request_ticket: sname {:?}", ticket_vec[2]); SCLogDebug!("parse_kerberos5_request_ticket: enc-part {:?}", ticket_vec[3]); -// TODO switch to parser_der_genericstring when der-parser 0.5.1 is out - let realm = match der_parser::parse_der(ticket_vec[1].content.as_slice().unwrap()) { - IResult::Done(_, o) => o, - IResult::Incomplete(needed) => { - SCLogDebug!("parse_kerberos5_request_ticket: needed {:?}", needed); - return IResult::Incomplete(needed); - }, - IResult::Error(err) => { - SCLogDebug!("parse_kerberos5_request_ticket: err {:?}", err); - return IResult::Error(err); + let gs = match ticket_vec[1].content.as_slice() { + Ok(s) => s, + Err(_) => { + return IResult::Error(error_code!(ErrorKind::Custom(SECBLOB_KRB_FMT_ERR))); }, }; + let realm = match der_parser::parse_der_generalstring(gs) { + IResult::Done(_, o) => o, + IResult::Incomplete(needed) => { return IResult::Incomplete(needed); }, + IResult::Error(err) => { return IResult::Error(err); }, + }; SCLogDebug!("parse_kerberos5_request_ticket: realm {:?}", realm); if !(realm.class == 0 && realm.structured == 0 && realm.tag == 27) {