Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 4539] New: Add Address mapping table to IEEE 802.15.4 diss

Date: Fri, 26 Feb 2010 11:04:31 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4539

           Summary: Add Address mapping table to IEEE 802.15.4 dissector
           Product: Wireshark
           Version: 1.3.x (Experimental)
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: osk@xxxxxxxxxx


Build Information:
Version 1.3.4

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.18.7, with GLib 2.22.4, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
with c-ares 1.7.0, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt
1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Feb 23
2010), with AirPcap, with new_packet_list.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, GnuTLS 2.8.5,
Gcrypt 1.4.5, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 30729

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The IEEE 802.15.4 protocol can operate on one of two types of addresses, but it
is most common to use the 16-bit short addressing mode. This presents a problem
when performing packet decryption, since it is required to know the 64-bit
extended address of the sender in order to properly decrypt a packet (it's a
part of a seed/nonce to the CCM* cipher).

This patch adds a hash table that stores any short-to-extended address mappings
that the dissector finds for later use during packet decryption. I've also
added a UAT so the user can manually add address pairs if needed.

In order to demonstrate this patch in action, decryption needs to be fixed
(Patches for bug 4505 need to be applied).

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.