https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13745
Bug ID: 13745
Summary: RADIUS: Vendor-Specific Extended Attributes (RFC 6929)
are not correctly decoded
Product: Wireshark
Version: 2.3.x (Experimental)
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: Normal
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: mareko.pal...@gmail.com
Target Milestone: ---
Build Information:
TShark (Wireshark) 2.3.0 (ac016c1d65 from master.el6)
Copyright 1998-2017 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, without POSIX capabilities, without libnl, with
GLib 2.44.1, with zlib 1.2.3, without SMI, without c-ares, with Lua 5.1.4, with
GnuTLS 3.5.11, with Gcrypt 1.4.5, with MIT Kerberos, without GeoIP, without
nghttp2, without LZ4, without Snappy, with libxml2 2.7.6.
Running on Linux 2.6.32-220.7.1.el6.x86_64, with Intel(R) Xeon(R) CPU
X3440 @ 2.53GHz (with SSE4.2), with 15943 MB of physical memory, with locale
en_US.UTF-8, with libpcap version 1.7.2, with GnuTLS 3.5.11, with Gcrypt 1.4.5,
with zlib 1.2.3.
Built using gcc 6.3.0.
--
Please see bug 13176 for details about RFC 6929 implementation:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13176
The issue is that extended attributes are not interpreted correctly.
VSA type is taken from vendor's dictionary as "normal" attributes instead of
extended ones.
For VSAs in the RFC 6929 we should take attributes from vendor's dictionary
section followed by "format=Extended-Vendor-Specific-1":
http://freeradius.org/radiusd/man/dictionary.html
Example: The following dictionary entries seems to be ignored (specified with
"format=Extended-Vendor-Specific-1"):
BEGIN-VENDOR Alcatel-IPD format=Extended-Vendor-Specific-1
ATTRIBUTE Alc-PPPoE-Client-Service 1 integer
ATTRIBUTE Alc-PPPoE-Client-MAC 2 string
...
END-VENDOR Alcatel-IPD
Instead of this wireshark takes attributes from vendor's section without
"format=" keyword.
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe