ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 12880] New: Support dissecting AVPs in EAP-TTLS payload

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Sun, 11 Sep 2016 22:42:35 +0000
Bug ID 12880
Summary Support dissecting AVPs in EAP-TTLS payload
Product Wireshark
Version 2.2.0
Hardware x86
OS All
Status UNCONFIRMED
Severity Major
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Created attachment 14905 [details]
quick & dirty patch to hook up the diameter dissector to the SSL dissector for
EAP-TTLS payloads

Build Information:
Wireshark 2.2.0 (bae2e8e from master)

Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.48.1, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.11.0, with Lua 5.2.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with MIT
Kerberos, with GeoIP, with QtMultimedia, without AirPcap.

Running on Linux 4.6.0-1-amd64, with locale LC_CTYPE=de_DE.UTF-8,
LC_NUMERIC=de_DE.UTF-8, LC_TIME=en_DK.UTF-8, LC_COLLATE=de_DE.UTF-8,
LC_MONETARY=de_DE.UTF-8, LC_MESSAGES=C, LC_PAPER=de_DE.UTF-8,
LC_NAME=de_DE.UTF-8, LC_ADDRESS=de_DE.UTF-8, LC_TELEPHONE=de_DE.UTF-8,
LC_MEASUREMENT=de_DE.UTF-8, LC_IDENTIFICATION=de_DE.UTF-8, with libpcap version
1.7.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with zlib 1.2.8.
Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz (with SSE4.2)

Built using gcc 6.1.1 20160802.

--
EAP-TTLS sends attribute-value pairs (AVPs) over the TLS-secured tunnel, see
RFC5281 section 10: https://tools.ietf.org/html/rfc5281#section-10

Wireshark already has a diameter dissector, but it’s not hooked up to the SSL
dissector.

The attached patch fixes that in a quick & dirty fashion. I don’t have the time
to start a code review and polish up the code, so I’m looking for someone to
bring it upstream.

Thanks!

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube