osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

ISAKMP: Fix handling of cert requests without CA 

Check IKEv1 Certificate Request Payloads for an empty
Certificate Authority field, which is allowed by RFC 2408.
Suppress dissection of this field if it is indeed empty.

Change-Id: Ifb997e460a4c12003215fde86c374cfc769c5d72
Reviewed-on: https://code.wireshark.org/review/17501
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This commit is contained in:
Mirko Parthey 2016-09-05 16:39:45 +02:00 committed by Alexis La Goutte
parent 474199a974
commit 70f3737c3e
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
epan/dissectors/packet-isakmp.c
View File

@ -4148,6 +4148,9 @@ dissect_certreq(tvbuff_t *tvb, int offset, int length, proto_tree *tree, int isa
if (isakmp_version == 1)
{
if (length == 0)
return;
switch(cert_type){
case 4:
dissect_x509if_Name(FALSE, tvb, offset, &asn1_ctx, tree, hf_isakmp_certreq_authority_sig);