Wireshark-commits: [Wireshark-commits] master-2.0 0d27260: WPA/WPA2 decoding fixes and improvements
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0d272600719e90c697199db6f2419110e8be0474
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-2.0
Repository: wireshark
Commits:
0d27260 by Alexander Wetzel (alexander.wetzel@xxxxxx):
WPA/WPA2 decoding fixes and improvements
- start decoding when we have eapol1+2 packets
Do not insist on a complete captured handshake, decode what we can.
- more robust way to detect eapol #2 packets
At least Win 10 is violating the spec on rekey by setting the secure
bit in #2. Unpatched version shows and handles #2 as #4, breaking
decoding after rekey.
- fixed eapol rekey key handling
Inital patch (see https://code.wireshark.org/review/8268)
is adding redundant keys, since it scans all the time
and not only once.
- ignore tailing garbage after eapol sections in frame
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9065#c8
Included testcase to test decode for incomplete handshakes and eapol2
packets with secure bit set on rekey.
Ping-Bug: 9065
Change-Id: Id775088db9b5aaa80da9efdeed6902d024b5c0cd
Reviewed-on: https://code.wireshark.org/review/11484
Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
Petri-Dish: Michael Mann <mmann78@xxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
(cherry picked from commit cb3dd958af31099772c8934179e113929ae0c020)
Reviewed-on: https://code.wireshark.org/review/12775
Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
Actions performed:
from fc3b6a5 [airpdcap] check the length of the WPA broadcast key we calculated
adds 0d27260 WPA/WPA2 decoding fixes and improvements
Summary of changes:
epan/crypt/airpdcap.c | 367 +++++++++++++++------------------
epan/crypt/airpdcap_debug.h | 2 +-
epan/crypt/airpdcap_system.h | 3 +-
epan/crypt/airpdcap_user.h | 11 +
epan/dissectors/packet-ieee80211.c | 87 +++-----
test/captures/wpa-test-decode.pcap.gz | Bin 0 -> 167294 bytes
test/config/80211_keys.tmpl | 1 +
test/suite-decryption.sh | 17 ++
8 files changed, 227 insertions(+), 261 deletions(-)
create mode 100644 test/captures/wpa-test-decode.pcap.gz