ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 5633] New: EAP-TLS cannot re-initialize properly if previo

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Sat, 29 Jan 2011 17:19:04 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5633

           Summary: EAP-TLS cannot re-initialize properly if previous
                    EAP-TLS conversation is not properly finished.
           Product: Wireshark
           Version: 1.4.1
          Platform: x86
        OS/Version: Windows 7
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: billyjeans@xxxxxxxxx


Build Information:
Version 1.4.1 (SVN Rev 34476 from /trunk-1.4)
--
EAP-TLS cannot re-initialize properly if previous EAP-TLS conversation is not
properly finished.
If the previous EAP-TLS is not properly finished due to some reasons, 
conversation_state->eap_tls_seq will not be re-initialize to -1 which is only
called when the last EAP fragment is received.
This mechanism will cause the next EAP-TLS conversation could not be properly
processed because the next EAP fragment reassemble will try to start from
previous conversation data instead of from this conversation only. However if
conversation_state->eap_tls_seq could be reinitialized to -1 at next
EAP-Identiy, this problem should be solved.
Moreover, the "if (len > 5)" in packet-eap.c for EAP-REQUEST EAP-RESPONSE also
blocks the EAP-Identiy without type-data to be processed since in this case the
lenth field is just 5. 

The following modify of packet-eap.c seems work:

  case EAP_REQUEST:
  case EAP_RESPONSE:
    eap_type = tvb_get_guint8(tvb, 4);

    if (check_col(pinfo->cinfo, COL_INFO))
      col_append_fstr(pinfo->cinfo, COL_INFO, ", %s",
              val_to_str(eap_type, eap_type_vals,
                 "Unknown type (0x%02x)"));
    if (tree)
      proto_tree_add_uint(eap_tree, hf_eap_type, tvb, 4, 1, eap_type);

    if (len >= 5) {
      int     offset = 5;
      gint    size   = len - offset;

      switch (eap_type) {
      /*********************************************************************
      **********************************************************************/
      case EAP_TYPE_ID:
    if (tree) {
      proto_tree_add_text(eap_tree, tvb, offset, size,
                  "Identity (%d byte%s): %s",
                  size, plurality(size, "", "s"),
                  tvb_format_text(tvb, offset, size));
         }
    if(!pinfo->fd->flags.visited) {
      conversation_state->leap_state = 0;
      conversation_state->eap_tls_seq = -1;
    }
    break;

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube