Wireshark-users: Re: [Wireshark-users] ZRTP version indication problem - Wireshark 1.1.2
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Mon, 16 Mar 2009 17:14:59 -0400
Hi,
As the 'assigned maintainer' of the ZRTP dissector I'll have a look at that. Be aware that an updated dissector has already been committed to the repository, so if you can test with a buildbot build that would be great.
I'm out of the country right now, so can work on it, but if you do find a fault with the latest build please file a bugreport and attach a sample capture. I don't have any new ones of the new protocol features. 

Thanx,
Jaap

Sent from my iPhone
On 16 mrt 2009, at 08:00, Marian Kechlibar <marian.kechlibar@xxxxxxxxxxxxxx > wrote: 


Hello all,

I have detected a trivial bug regarding support of the ZRTP protocol
in Wireshark 1.1.2.

The ZRTP protocol version has been increased from 1.00 to 1.10 in the
latest ZRTP protocol drafts. The binary structure of the messages is
still the same. However, when Wireshark records a ZRTP Hello packet,
it will display "Unsupported version of ZRTP protocol" instead of
"Hello Packet". That is because the ZRTP protocol version is explicitely stated within the Hello packet and the code obviously does not recognize 
1.10 as supported version yet.

The correction is trivial, at least for the person who orients himself
in the source code for ZRTP packet analyzer: add 1.1* versions to the
list of supported versions. I write 1.1* instead of 1.10, because the
ZRTP protocol draft states that all versions which differ only in the
last character of their version (say, 1.10, 1.11 and 1.1b) MUST be
interoperable.
The latest ZRTP draft also added support for Ping and PingACK messages. However, support for them is not such a trivial enhancement, it actually 
needs some extra coding...

Best regards

Marian Kechlibar
crypto developer
unregistered user of Wireshark
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx > 
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe