Wireshark · Ethereal-dev: [Ethereal-dev] Patch to packet-rip.c

Ethereal-dev: [Ethereal-dev] Patch to packet-rip.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Yaniv Kaul <ykaul@xxxxxxxxxxxx>

Date: Sun, 04 Jul 2004 13:03:01 +0200

Two fixes:

1. Don't try to dissect the MD5 authentication data as a route entry(RTE). It's not. I made sure it's also the last entry in the packet andit gets dissected only if MD5 authentication is used.2. Some implementation use the Auth. Data Length field value as theWHOLE Authentication data length (0xFFFF (2 bytes) + 0x0001 (2 bytes) +16 bytes of auth. data = 20) while others only as the auth. data length( = 16). Since MD5's auth data is 16 bytes anyway, I've hard coded it inthe code (in #define), and not relied on auth_data_len. I've tested iton implementations using either way and it seems to work fine.

--- packet-rip.orig.c	2004-07-04 12:39:04.000000000 +0200
+++ packet-rip.c	2004-07-04 13:01:12.000000000 +0200
@@ -75,6 +75,7 @@
 
 #define RIP_HEADER_LENGTH 4
 #define RIP_ENTRY_LENGTH 20
+#define MD5_AUTH_DATA_LEN 16
 
 static int proto_rip = -1;
 static int hf_rip_command = -1;
@@ -110,6 +111,7 @@
     guint8 version;
     guint16 family;
     gint trailer_len = 0;
+    gboolean is_md5_auth = FALSE;
 
     if (check_col(pinfo->cinfo, COL_PROTOCOL))
         col_set_str(pinfo->cinfo, COL_PROTOCOL, "RIP");
@@ -156,8 +158,11 @@
 	    case 0xFFFF:
 		if( offset == RIP_HEADER_LENGTH ) {
 			trailer_len=dissect_rip_authentication(tvb, offset, rip_tree);
+			is_md5_auth = TRUE;
 		break;
 		}
+		if(is_md5_auth && tvb_reported_length_remaining(tvb, offset) == 20)
+			break;
 		/* Intentional fall through: auth Entry MUST be the first! */
 	    default:
 	        proto_tree_add_text(rip_tree, tvb, offset,
@@ -317,13 +322,13 @@
 	proto_tree_add_text( rip_authentication_tree, tvb, offset+12, 8,
 			"Zero Padding" );
 	ti = proto_tree_add_text( rip_authentication_tree, tvb, offset-4+digest_off,
-			auth_data_len, "Authentication Data Trailer" );
+			MD5_AUTH_DATA_LEN+4, "Authentication Data Trailer" );
 	rip_authentication_tree = proto_item_add_subtree(ti, ett_auth_vec );
 	proto_tree_add_text( rip_authentication_tree, tvb, offset-4+digest_off+4,
-			auth_data_len-4, "Authentication Data: %s",
+			MD5_AUTH_DATA_LEN, "Authentication Data: %s",
 				rip_bytestring_to_str(
-					tvb_get_ptr( tvb, offset-4+digest_off+4,auth_data_len-4),
-					auth_data_len-4, ' '));
+					tvb_get_ptr( tvb, offset-4+digest_off+4,MD5_AUTH_DATA_LEN),
+					MD5_AUTH_DATA_LEN, ' '));
 	break;
     }
     return auth_data_len;

Follow-Ups:
- Re: [Ethereal-dev] Patch to packet-rip.c
  - From: Guy Harris

Prev by Date: [Ethereal-dev] [PATCH] Adding new columns for IEEE 802.11 use
Next by Date: Re: [Ethereal-dev] [PATCH] Dissect EAP-MD5, EAP-SIM, EAP-PEAP, EAP-MSCHAPv2
Previous by thread: Re: [Ethereal-dev] [PATCH] Adding new columns for IEEE 802.11 use
Next by thread: Re: [Ethereal-dev] Patch to packet-rip.c
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$