@ -20,7 +20,7 @@ use kerberos_parser::krb5::{ApReq,Realm,PrincipalName};
use nom ;
use nom ::IResult ;
use nom ::error ::{ ErrorKind , ParseError } ;
use nom ::number ::streaming ::le_u16 ;
use nom ::number ::complete ::le_u16 ;
use der_parser ;
use der_parser ::error ::BerError ;
use der_parser ::der ::parse_der_oid ;
@ -29,6 +29,7 @@ use der_parser::der::parse_der_oid;
pub enum SecBlobError {
NotSpNego ,
KrbFmtError ,
KrbReqError ,
Ber ( BerError ) ,
NomError ( ErrorKind ) ,
}
@ -60,18 +61,17 @@ fn parse_kerberos5_request_do(blob: &[u8]) -> IResult<&[u8], ApReq, SecBlobError
let blob = b . as_slice ( ) . or (
Err ( nom ::Err ::Error ( SecBlobError ::KrbFmtError ) )
) ? ;
do_parse ! (
blob ,
_base_o : parse_der_oid > >
_tok_id : le_u16 > >
ap_req : parse_ap_req > >
( {
SCLogDebug ! ( "parse_kerberos5_request: base_o {:?}" , _base_o . as_oid ( ) ) ;
SCLogDebug ! ( "parse_kerberos5_request: tok_id {}" , _tok_id ) ;
ap_req
} )
)
. map_err ( nom ::Err ::convert )
let ( blob , _ ) = parse_der_oid ( blob ) . map_err ( nom ::Err ::convert ) ? ;
let ( blob , _ ) = le_u16 ( blob ) ? ;
// Should be parse_ap_req(blob).map_err(nom::Err::convert)
// But upgraded kerberos parser uses a newer der_parser crate
// Hence the enum `der_parser::error::BerError` are different
// and we cannot convert to SecBlobError with the From impl
// Next is to upgrade the der_parser crate (and nom to nom7 by the way)
match parse_ap_req ( blob ) {
Ok ( ( blob , ap_req ) ) = > Ok ( ( blob , ap_req ) ) ,
_ = > Err ( nom ::Err ::Error ( SecBlobError ::KrbReqError ) ) ,
}
}
pub fn parse_kerberos5_request ( blob : & [ u8 ] ) -> IResult < & [ u8 ] , Kerberos5Ticket , SecBlobError >
Philippe Antoine
3 years ago
committed by
Victor Julien