diff options
| author | Alexander Wetzel <alexander.wetzel@web.de> | 2016-01-14 20:44:48 +0100 |
|---|---|---|
| committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2016-01-16 11:38:44 +0000 |
| commit | 6425ba961dc481439c2856052e6e831fa5dc426f (patch) | |
| tree | 60a2af3cfe26394f4f0b5ac8ca60914ab54ab8f3 /epan/crypt | |
| parent | e3ab748b7de499bc2c99e25b1067b5159235ec74 (diff) | |
IEEE802.11: fix EAPOL key frame detection
Use eapol key data length to differentiate between #2 and #4.
This should work around ieee802.11 client implementation errors.
Windows is setting the Secure Bit on #2 when rekeying and Bug 11994
has a sample capture with the Nonce set in #4 and are so both
violating the spec.
Bug: 11994
Change-Id: Ia9e9c68d08dae042cfa7fd9517892db211b0a00f
Reviewed-on: https://code.wireshark.org/review/13299
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan/crypt')
| -rw-r--r-- | epan/crypt/airpdcap.c | 6 | ||||
| -rw-r--r-- | epan/crypt/airpdcap_user.h | 11 |
2 files changed, 2 insertions, 15 deletions
diff --git a/epan/crypt/airpdcap.c b/epan/crypt/airpdcap.c index 4939546b31..1f22fa25ab 100644 --- a/epan/crypt/airpdcap.c +++ b/epan/crypt/airpdcap.c @@ -1267,10 +1267,8 @@ AirPDcapRsna4WHandshake( AIRPDCAP_EAP_ACK(data[offset+1])==0 && AIRPDCAP_EAP_MIC(data[offset])==1) { - /* Check nonce to differentiate between message 2 or 4 - * nonce will be non zero for message 2 and zero for message 4. - * At least needed for Windows, since it is setting the secure bit on message 2 when rekeying */ - if (!memiszero(data+offset+12, 32)) { + /* Check key data length to differentiate between message 2 or 4, same as in epan/dissectors/packet-ieee80211.c */ + if (pntoh16(data+offset+92)) { /* message 2 */ AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapRsna4WHandshake", "4-way handshake message 2", AIRPDCAP_DEBUG_LEVEL_3); diff --git a/epan/crypt/airpdcap_user.h b/epan/crypt/airpdcap_user.h index 1ba30dd76a..aeca3f08c4 100644 --- a/epan/crypt/airpdcap_user.h +++ b/epan/crypt/airpdcap_user.h @@ -78,17 +78,6 @@ /* */ /* */ /******************************************************************************/ -static inline gboolean memiszero (const void *ptr, size_t count) { - const guint8 *p = (const guint8 *)ptr; - - while (count != 0) { - if (*p != 0) - return FALSE; - p++; - count--; - } - return TRUE; -} /******************************************************************************/ /* Type definitions */ |