diff options
author | Michael Mann <mmann78@netscape.net> | 2013-06-10 02:18:55 +0000 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2013-06-10 02:18:55 +0000 |
commit | 2ee48f150d05ad615667090203e48625d23d2819 (patch) | |
tree | 3f091f2be288a39d9bad652cc670e71ef1d5a05e /epan/dissectors/packet-eap.c | |
parent | 613739da3a92592d69f1179cd2cc8634e94b7f66 (diff) |
Batch of filterable expert infos.
svn path=/trunk/; revision=49868
Diffstat (limited to 'epan/dissectors/packet-eap.c')
-rw-r--r-- | epan/dissectors/packet-eap.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/epan/dissectors/packet-eap.c b/epan/dissectors/packet-eap.c index 6e67ac85d9..7ee34494b2 100644 --- a/epan/dissectors/packet-eap.c +++ b/epan/dissectors/packet-eap.c @@ -92,6 +92,11 @@ static int hf_eap_ms_chap_v2_failure_request = -1; static gint ett_eap = -1; +static expert_field ei_eap_ms_chap_v2_length = EI_INIT; +static expert_field ei_eap_mitm_attacks = EI_INIT; +static expert_field ei_eap_md5_value_size_overflow = EI_INIT; +static expert_field ei_eap_dictionary_attacks = EI_INIT; + static dissector_handle_t ssl_handle; const value_string eap_code_vals[] = { @@ -444,7 +449,7 @@ dissect_eap_mschapv2(proto_tree *eap_tree, tvbuff_t *tvb, packet_info *pinfo, in item = proto_tree_add_item(eap_tree, hf_eap_ms_chap_v2_length, tvb, offset, 2, ENC_BIG_ENDIAN); ms_len = tvb_get_ntohs(tvb, offset); if (ms_len != size) - expert_add_info_format(pinfo, item, PI_PROTOCOL, PI_WARN, "Invalid Length"); + expert_add_info(pinfo, item, &ei_eap_ms_chap_v2_length); offset += 2; left -= 2; @@ -787,13 +792,12 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) proto_item *item; /* Warn that this is an insecure EAP type. */ - expert_add_info_format(pinfo, eap_type_item, PI_SECURITY, PI_WARN, - "Vulnerable to MITM attacks. If possible, change EAP type."); + expert_add_info(pinfo, eap_type_item, &ei_eap_mitm_attacks); item = proto_tree_add_item(eap_tree, hf_eap_md5_value_size, tvb, offset, 1, ENC_BIG_ENDIAN); if (value_size > (size - 1)) { - expert_add_info_format(pinfo, item, PI_PROTOCOL, PI_WARN, "Overflow"); + expert_add_info(pinfo, item, &ei_eap_md5_value_size_overflow); value_size = size - 1; } @@ -1051,9 +1055,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) guint8 count, namesize; /* Warn that this is an insecure EAP type. */ - expert_add_info_format(pinfo, eap_type_item, PI_SECURITY, PI_WARN, - "Vulnerable to dictionary attacks. If possible, change EAP type." - " See http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/2331_pp.pdf"); + expert_add_info(pinfo, eap_type_item, &ei_eap_dictionary_attacks); /* Version (byte) */ if (tree) { @@ -1516,11 +1518,23 @@ proto_register_eap(void) &ett_eap_exp_attr, &ett_eap_tls_flags }; + static ei_register_info ei[] = { + { &ei_eap_ms_chap_v2_length, { "eap.ms_chap_v2.length.invalid", PI_PROTOCOL, PI_WARN, "Invalid Length", EXPFILL }}, + { &ei_eap_mitm_attacks, { "eap.mitm_attacks", PI_SECURITY, PI_WARN, "Vulnerable to MITM attacks. If possible, change EAP type.", EXPFILL }}, + { &ei_eap_md5_value_size_overflow, { "eap.md5.value_size.overflow", PI_PROTOCOL, PI_WARN, "Overflow", EXPFILL }}, + { &ei_eap_dictionary_attacks, { "eap.dictionary_attacks", PI_SECURITY, PI_WARN, + "Vulnerable to dictionary attacks. If possible, change EAP type." + " See http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/2331_pp.pdf", EXPFILL }}, + }; + + expert_module_t* expert_eap; proto_eap = proto_register_protocol("Extensible Authentication Protocol", "EAP", "eap"); proto_register_field_array(proto_eap, hf, array_length(hf)); proto_register_subtree_array(ett, array_length(ett)); + expert_eap = expert_register_protocol(proto_eap); + expert_register_field_array(expert_eap, ei, array_length(ei)); new_register_dissector("eap", dissect_eap, proto_eap); register_init_routine(eap_tls_defragment_init); |