Current, when you trace a TTLS session, you won't see much.
With this patch you see more.
Background
----------
The Extended Authorization Protocol EAP is used by various things, but
AFAIK mostly by the wireless authentication 802.1x. EAP defines loooots
of sub-protocols.
EAP-TLS is an SSL-based authentication where both the supplicant (client)
and authenticator (server) have their mutual SSL keys.
EAP-TTLS is more like your usualy web-browser setup. The supplicant has
the ssl-public key from the authenticator, set's up an TLS session and
checks the identity of the server. My patch allows this to be observed in
Ethereal.
Once this is done, then inside the TLS connection another protocol, e.g.
PAP, CHAP, MSCHAPv2 or even another full EAP checks the identity the
client. I have no patch for this and no clue on how to do this :-)
Attached
--------
Patch
small dump a (failed) 802.1x session
--
MN-Logistik GmbH http://www.mn-logistik.de
Holger Schurig
Dieselstr. 18
61191 Rosbach v.d.Höhe
Tel: (+49) 6003 9141 0 Fax: (+49) 6003 9141 49
#
# Patch managed by http://www.mn-logistik.de/unsupported/pxa250/patcher
#
--- ethereal/packet-eap.c~ttls
+++ ethereal/packet-eap.c
@@ -70,6 +70,7 @@
#define EAP_TYPE_NAK 3
#define EAP_TYPE_TLS 13
#define EAP_TYPE_LEAP 17
+#define EAP_TYPE_TTLS 21
static const value_string eap_type_vals[] = {
{EAP_TYPE_ID, "Identity [RFC2284]" },
@@ -92,7 +93,7 @@
{ 18, "Nokia IP smart card authentication [Haverinen]" },
{ 19, "SRP-SHA1 Part 1 [Carlson]" },
{ 20, "SRP-SHA1 Part 2 [Carlson]" },
- { 21, "EAP-TTLS [Funk]" },
+ {EAP_TYPE_TTLS,"EAP-TTLS [Funk]" },
{ 22, "Remote Access Service [Fields]" },
{ 23, "UMTS Authentication and Key Agreement [Haverinen]" },
{ 24, "EAP-3Com Wireless [Young]" },
@@ -431,6 +432,7 @@
/*********************************************************************
EAP-TLS
**********************************************************************/
+ case EAP_TYPE_TTLS:
case EAP_TYPE_TLS:
{
guint8 flags = tvb_get_guint8(tvb, offset);
Attachment:
dump
Description: Binary data