Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 13155] New: Authentication Header appears in the IP header when parsing an IPv

Wireshark-bugs: [Wireshark-bugs] [Bug 13155] New: Authentication Header appears in the IP header

Date: Fri, 18 Nov 2016 13:04:13 +0000

Bug ID	13155
Summary	Authentication Header appears in the IP header when parsing an IPv6 TCP Stream
Product	Wireshark
Version	2.2.2
Hardware	x86-64
OS	Windows Server 2012 R2
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	bvasile@ixiacom.com

Created attachment 15075 [details]
IPv4 and IPv6 TCP streams with Authentication Header and IP compression

Build Information:
Version 2.2.2 (v2.2.2-0-g775fb08)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.6.1, with WinPcap (4_1_3), with GLib 2.42.0, with
zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS
3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,
with AirPcap.

Running on 64-bit Windows Server 2012R2, build 9600, with locale
English_United
States.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based
on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with
Gcrypt 1.6.2, without AirPcap.
--
I've attached two traffic captures (AH-IPcomp-IPv4.pcap and
AH-IPcomp-IPv6.pcap).
First capture contains:
- 1 IPv4 TCP stream that is protected with Authentication Header protocol and
uses IP compression.
Second capture contains:
- 1 IPv6 TCP stream that is protected with Authentication Header protocol and
uses IP compression.

On IPv4 case(click on GET packet), the Authentication Header is visible between
IP header and IP Payload Compression.

On IPv6 case(click on GET packet), the Authentication Header appears in IP
header which is not correct. It should be between IP header and IP Payload
Compression.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 13155] Authentication Header appears in the IP header when parsing an IPv6 TCP Stream
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13155] Authentication Header appears in the IP header when parsing an IPv6 TCP Stream
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 13155] Authentication Header appears in the IP header when parsing an IPv6 TCP Stream
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 13148] Missing dissector for 802.11 tag "20/40 BSS Coexistence (72)"
Next by Date: [Wireshark-bugs] [Bug 12958] Wrong JSON format returned by new -T json feature
Previous by thread: [Wireshark-bugs] [Bug 12958] Wrong JSON format returned by new -T json feature
Next by thread: [Wireshark-bugs] [Bug 13155] Authentication Header appears in the IP header when parsing an IPv6 TCP Stream
Index(es):
- Date
- Thread