Wireshark-commits: [Wireshark-commits] master 6991149: [airpdcap] Add support to decrypt TDLS traff
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6991149557ec9f82f2e90e1f95e23621dced5dfb
Submitter: Anders Broman (a.broman58@xxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
6991149 by Cedric Izoard (cedric.izoard@xxxxxxxxxxxx):
[airpdcap] Add support to decrypt TDLS traffic
- When scanning for keys, check for TDLS action frames
(need to have TLDS response or confirm to derive the key)
- When deriving PTK, also check MIC to ensure the key has been correctly
computed.
- As SA is between two STAs (and not STA and AP), store highest MAC
address in sa.bssid, and the other one in sa.sta
=> Add new function (AirPDcapGetSaAddress) that will check for TDLS
case.
- Add test in decryption suite
Bug: 11312
Change-Id: Ieccb6a23a0ffbf3b705dac9b67c856ae2d3eeca9
Reviewed-on: https://code.wireshark.org/review/13664
Petri-Dish: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
Actions performed:
from 2e1c181 OSPF: Wrong interpretation of Instance ID value in OSPFv3 packet
adds 6991149 [airpdcap] Add support to decrypt TDLS traffic
Summary of changes:
epan/crypt/airpdcap.c | 306 +++++++++++++++++++++++++---
test/captures/wpa-test-decode-tdls.pcap.gz | Bin 0 -> 3423 bytes
test/suite-decryption.sh | 23 +++
3 files changed, 296 insertions(+), 33 deletions(-)
create mode 100644 test/captures/wpa-test-decode-tdls.pcap.gz