I just updated to ethereal 0.9.0 to get the EAPOL parsing correctly
identifier inside ethereal and found that the EAP part has a bug.
It says that the EAP Authentication = 4 is 'One Time Password' when in
fact that's value 5. The value 4 is 'MD5 Password'.
All this can be seen inside the EAP RFC
http://www.faqs.org/rfcs/rfc2284.html
Section 3
3. Initial EAP Request/Response Types
This section defines the initial set of EAP Types used in
Request/Response exchanges. More Types may be defined in follow-on
documents. The Type field is one octet and identifies the structure
of an EAP Request or Response packet. The first 3 Types are
considered special case Types. The remaining Types define
authentication exchanges. The Nak Type is valid only for Response
packets, it MUST NOT be sent in a Request. The Nak Type MUST only be
sent in repsonse to a Request which uses an authentication Type code.
All EAP implementatins MUST support Types 1-4. These Types, as well
as types 5 and 6, are defined in this document. Follow-on RFCs will
define additional EAP Types.
1 Identity
2 Notification
3 Nak (Response only)
4 MD5-Challenge
5 One-Time Password (OTP) (RFC 1938)
6 Generic Token Card
---
I'm not a member of the list, so reply to me directly or just fix the
bug for next release ;-)
Thanks
Yannick Koehler
