Wireshark-commits: [Wireshark-commits] master 6991149: [airpdcap] Add support to decrypt TDLS traff
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 4 Feb 2016 04:54:43 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6991149557ec9f82f2e90e1f95e23621dced5dfb
Submitter: Anders Broman (a.broman58@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

6991149 by Cedric Izoard (cedric.izoard@xxxxxxxxxxxx):

    [airpdcap] Add support to decrypt TDLS traffic
    
    - When scanning for keys, check for TDLS action frames
      (need to have TLDS response or confirm to derive the key)
    - When deriving PTK, also check MIC to ensure the key has been correctly
      computed.
    - As SA is between two STAs (and not STA and AP), store highest MAC
      address in sa.bssid, and the other one in sa.sta
      => Add new function (AirPDcapGetSaAddress) that will check for TDLS
      case.
    - Add test in decryption suite
    
    Bug: 11312
    Change-Id: Ieccb6a23a0ffbf3b705dac9b67c856ae2d3eeca9
    Reviewed-on: https://code.wireshark.org/review/13664
    Petri-Dish: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  2e1c181   OSPF: Wrong interpretation of Instance ID value in OSPFv3 packet
    adds  6991149   [airpdcap] Add support to decrypt TDLS traffic


Summary of changes:
 epan/crypt/airpdcap.c                      |  306 +++++++++++++++++++++++++---
 test/captures/wpa-test-decode-tdls.pcap.gz |  Bin 0 -> 3423 bytes
 test/suite-decryption.sh                   |   23 +++
 3 files changed, 296 insertions(+), 33 deletions(-)
 create mode 100644 test/captures/wpa-test-decode-tdls.pcap.gz