| Bug ID |
12149
|
| Summary |
PPTP GRE call ID not always decoded
|
| Product |
Wireshark
|
| Version |
2.0.0
|
| Hardware |
x86-64
|
| OS |
Windows 7
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
Sample: http://packetlife.net/captures/PPTP_negotiation.cap
Find the two GRE packets, one has a call ID and length decoded, the other just
has key.
Looking in the code, call ID and length are only extracted in the case is_ppp =
TRUE, which is only set if the GRE_ACK flag is set. However some PPTP GRE
packets will not have this set, such as the example above.
I think this correct behavior is to decode call ID and length if the GRE header
flags indicate "enhanced GRE" (ie. RFC 2637). RFC 2637, Section 4.1 specifies
the key is always made up of payload length and call ID.
You are receiving this mail because:
- You are watching all bug changes.