diff options
| author | Dhiru Kholia <dhiru.kholia@gmail.com> | 2018-06-19 09:44:49 +0530 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2018-06-21 03:35:50 +0000 |
| commit | c678cf8a6a022f7bd964a0122da86c9bb5a9f4be (patch) | |
| tree | ec4ed0e047b4fcf3bbce8d3a8f778066f7f28949 /epan/dissectors/packet-dhcpv6.c | |
| parent | 6b13c05da11e7735b4a50995c23ecf309d55a62d (diff) | |
DHCPv6: Improve dissection of packets using HMAC-MD5 authentication
See https://tools.ietf.org/html/rfc3315#section-21.4.1 (Use of the
Authentication Option in the Delayed Authentication Protocol) for
more details.
Sample DHCPv6 authentication .pcap files can be found at,
https://github.com/kholia/my-pcaps
Change-Id: Ife252c4e3c114c865324df26313c6b7d57988e5a
Signed-off-by: Dhiru Kholia <dhiru.kholia@gmail.com>
Reviewed-on: https://code.wireshark.org/review/28334
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-dhcpv6.c')
| -rw-r--r-- | epan/dissectors/packet-dhcpv6.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/epan/dissectors/packet-dhcpv6.c b/epan/dissectors/packet-dhcpv6.c index d022f80624..ee4ba44639 100644 --- a/epan/dissectors/packet-dhcpv6.c +++ b/epan/dissectors/packet-dhcpv6.c @@ -95,6 +95,9 @@ static int hf_auth_algorithm = -1; static int hf_auth_rdm = -1; static int hf_auth_replay_detection = -1; static int hf_auth_info = -1; +static int hf_auth_realm = -1; +static int hf_auth_key_id = -1; +static int hf_auth_md5_data = -1; static int hf_opt_unicast = -1; static int hf_opt_status_code = -1; static int hf_opt_status_msg = -1; @@ -1369,6 +1372,7 @@ dhcpv6_option(tvbuff_t *tvb, packet_info *pinfo, proto_tree *bp_tree, int i; guint16 duidtype; guint32 enterprise_no; + guint algorithm; /* option type and length must be present */ if ((eoff - off) < 4) { @@ -1778,11 +1782,20 @@ dhcpv6_option(tvbuff_t *tvb, packet_info *pinfo, proto_tree *bp_tree, } proto_tree_add_item(subtree, hf_auth_protocol, tvb, off, 1, ENC_BIG_ENDIAN); - proto_tree_add_item(subtree, hf_auth_algorithm, tvb, off+1, 1, ENC_BIG_ENDIAN); + proto_tree_add_item_ret_uint(subtree, hf_auth_algorithm, tvb, off+1, 1, ENC_BIG_ENDIAN, &algorithm); proto_tree_add_item(subtree, hf_auth_rdm, tvb, off+2, 1, ENC_BIG_ENDIAN); proto_tree_add_item(subtree, hf_auth_replay_detection, tvb, off+3, 8, ENC_NA); - if (optlen != 11) + if (optlen > 11+20 && algorithm == 1) { // RFC 3315, HMAC-MD5 (16) + Key ID (4) => 20 bytes + if (optlen-11-20 < 256) { + proto_tree_add_item(subtree, hf_auth_realm, tvb, off+11, optlen-11-20, ENC_ASCII|ENC_NA); + } else { + expert_add_info_format(pinfo, option_item, &ei_dhcpv6_malformed_option, "DHCP realm: probably malformed option"); + } + proto_tree_add_item(subtree, hf_auth_key_id, tvb, off+optlen-16-4, 4, ENC_BIG_ENDIAN); + proto_tree_add_item(subtree, hf_auth_md5_data, tvb, off+optlen-16, 16, ENC_NA); + } else { proto_tree_add_item(subtree, hf_auth_info, tvb, off+11, optlen-11, ENC_NA); + } break; case OPTION_UNICAST: if (optlen != 16) { @@ -2417,6 +2430,12 @@ proto_register_dhcpv6(void) { "Replay Detection", "dhcpv6.auth.replay_detection", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL}}, { &hf_auth_info, { "Authentication Information", "dhcpv6.auth.info", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL}}, + { &hf_auth_realm, + { "DHCP realm", "dhcpv6.auth.realm", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }}, + { &hf_auth_key_id, + {"Key ID", "dhcpv6.auth.key_id", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL}}, + { &hf_auth_md5_data, + {"HMAC-MD5 data", "dhcpv6.auth.md5_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL}}, { &hf_opt_unicast, { "IPv6 address", "dhcpv6.unicast", FT_IPv6, BASE_NONE, NULL, 0x0, NULL, HFILL}}, { &hf_opt_status_code, |