Wireshark-bugs: [Wireshark-bugs] [Bug 3321] New: PATCH: Add new EnergyWise TLV to Cisco DIscover

Date: Tue, 10 Mar 2009 14:44:54 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3321

           Summary: PATCH: Add new EnergyWise TLV to Cisco DIscovery
                    Protocol dissector
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: bjulin@xxxxxxxxxx


Build Information:
Version 1.1.3 (SVN Rev 27679)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.11, with GLib 2.16.6, with libpcap 0.9.8, with libz
1.2.3.3, with POSIX capabilities (Linux), with libpcre 7.8, without SMI,
without
c-ares, with ADNS, without Lua, with GnuTLS 2.4.2, with Gcrypt 1.4.1, with MIT
Kerberos, without GeoIP, with PortAudio V19-devel (built Oct 12 2008), without
AirPcap.

Running on Linux 2.6.27-rc7charon, with libpcap version 0.9.8, GnuTLS 2.4.2,
Gcrypt 1.4.1.

Built using gcc 4.3.2.

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
These patches incrementally add support for parsing the EnergyWise TLV added to
Cisco Discovery Protocol in IOS software for Catalyst fixed switches, versions
12.2(50)SE and above.

add_cdp_tlv_type_energywise.diff adds a TLV string to the list of known values
add_cdp_energywise_static_fields.diff adds some fixed fields from the TLV
add_cdp_energywise_subtlv_tree.diff adds descent into the nested sub-TLV
add_cdp_energywise_subtlv_leaf.diff adds additional fields into the sub-TLV
leafs

Each patch should be applied on top of the previous ones.

The EnergyWise protocol also exists in a pure UDP form.  A packet capture is
included showing sample packets in both CDP-tunneled and UDP forms.  This patch
does not support the UDP form, and eventually dissectors for the two forms may
want to share subroutines, however I will be developing the dissection in the
shelter of the CDP dissector for now as there will be a learning curve involved
in making a detection routine for the UDP version, being that the UDP ports
used are configurable.

Note the captured packets are discovery packets only and more dissector rules
will doubtlessly be needed when payload communication packets are finally
captured.

Someone with cryptography experience will be needed to determine the algorithm
used in the challenge.  The EnergyWise secret used in generating these packets
was "TestSecret".


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.