Ethereal-dev: Re: [Ethereal-dev] RADIUS User Password

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxx>
Date: Sat, 20 Mar 2004 11:11:09 -0800
On Sat, Mar 20, 2004 at 03:45:48PM +0100, Dave Wapstra wrote:
> The User-Password attribute in a RADIUS packet is normally encrypted. 
> The RADIUS dissector has defined the User Password attribute as a 
> RADIUS_STRING. This should be a BINSTRING imho. GTK chokes on this when 
> trying to display the user password contents.

The code to handle RADIUS_STRING had some special-case stuff to handle
the User Password attribute - if the attribute's type value is 2 and
vendor-specific VSA's aren't being processed, the field's value is
passed to "rddecryptpass()", which decrypts it if it can.

The problem is that if it *can't*, it just displays the password as a
text string rather than as a byte string in hex.

I've checked in a change to make "rddecryptpass()" display the password
as a byte string in hex if it can't decrypt it, and to add a new display
type RADIUS_USERPASSWORD and use that for the User Password attribute,
and have that always use "rddecryptpass()" and have RADIUS_STRING always
use "rdconvertbuftostr()".