Wireshark-users: Re: [Wireshark-users] ZRTP version indication problem - Wireshark 1.1.2
From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Date: Mon, 16 Mar 2009 17:27:11 -0400

Please open a bug report (bugs.wireshark.org) so that this request doesn't get lost. If you could include a sample capture, that would probably help testing.

Marian Kechlibar wrote:
Hello all,

I have detected a trivial bug regarding support of the ZRTP protocol
in Wireshark 1.1.2.

The ZRTP protocol version has been increased from 1.00 to 1.10 in the
latest ZRTP protocol drafts. The binary structure of the messages is
still the same. However, when Wireshark records a ZRTP Hello packet,
it will display "Unsupported version of ZRTP protocol" instead of
"Hello Packet". That is because the ZRTP protocol version is explicitely
stated within the Hello packet and the code obviously does not recognize
1.10 as supported version yet.

The correction is trivial, at least for the person who orients himself
in the source code for ZRTP packet analyzer: add 1.1* versions to the
list of supported versions. I write 1.1* instead of 1.10, because the
ZRTP protocol draft states that all versions which differ only in the
last character of their version (say, 1.10, 1.11 and 1.1b) MUST be
interoperable.

The latest ZRTP draft also added support for Ping and PingACK messages.
However, support for them is not such a trivial enhancement, it actually
needs some extra coding...

Best regards

Marian Kechlibar
crypto developer
unregistered user of Wireshark
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe