Wireshark-commits: [Wireshark-commits] master-2.0 0d27260: WPA/WPA2 decoding fixes and improvements
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Mon, 21 Dec 2015 08:50:59 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0d272600719e90c697199db6f2419110e8be0474
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-2.0
Repository: wireshark

Commits:

0d27260 by Alexander Wetzel (alexander.wetzel@xxxxxx):

    WPA/WPA2 decoding fixes and improvements
    
    - start decoding when we have eapol1+2 packets
      Do not insist on a complete captured handshake, decode what we can.
    
    - more robust way to detect eapol #2 packets
      At least Win 10 is violating the spec on rekey by setting the secure
      bit in #2. Unpatched version shows and handles #2 as #4, breaking
      decoding after rekey.
    
    - fixed eapol rekey key handling
      Inital patch (see https://code.wireshark.org/review/8268)
      is adding redundant keys, since it scans all the time
      and not only once.
    
    - ignore tailing garbage after eapol sections in frame
      See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9065#c8
    
    Included testcase to test decode for incomplete handshakes and eapol2
    packets with secure bit set on rekey.
    
    Ping-Bug: 9065
    Change-Id: Id775088db9b5aaa80da9efdeed6902d024b5c0cd
    Reviewed-on: https://code.wireshark.org/review/11484
    Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
    Petri-Dish: Michael Mann <mmann78@xxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    (cherry picked from commit cb3dd958af31099772c8934179e113929ae0c020)
    Reviewed-on: https://code.wireshark.org/review/12775
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    

Actions performed:

    from  fc3b6a5   [airpdcap] check the length of the WPA broadcast key we calculated
    adds  0d27260   WPA/WPA2 decoding fixes and improvements


Summary of changes:
 epan/crypt/airpdcap.c                 |  367 +++++++++++++++------------------
 epan/crypt/airpdcap_debug.h           |    2 +-
 epan/crypt/airpdcap_system.h          |    3 +-
 epan/crypt/airpdcap_user.h            |   11 +
 epan/dissectors/packet-ieee80211.c    |   87 +++-----
 test/captures/wpa-test-decode.pcap.gz |  Bin 0 -> 167294 bytes
 test/config/80211_keys.tmpl           |    1 +
 test/suite-decryption.sh              |   17 ++
 8 files changed, 227 insertions(+), 261 deletions(-)
 create mode 100644 test/captures/wpa-test-decode.pcap.gz