Age | Commit message (Collapse) | Author | Files | Lines |
|
A call of the 'memcpy' function will lead to the '& tmp_key' buffer becoming out of range.
Change-Id: I615a6c3e0dab8cfc2d240b6b39cff387e0689f35
Reviewed-on: https://code.wireshark.org/review/8796
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
See http://www.viva64.com/en/b/0328/ for details
Change-Id: Ic9ddfd690b49401c96cb8a4a277c671f9824be31
Reviewed-on: https://code.wireshark.org/review/8775
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
While we are at it, put back some debug logs that were removed in g1439eb6 (otherwise msgbuf is no more initialized)
Change-Id: Ie34c4f2e638bc3ee77a0565446de37a15385dc0d
Reviewed-on: https://code.wireshark.org/review/8389
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I944cac044a8b091cbe5d85cd63a8c698a82b8559
Reviewed-on: https://code.wireshark.org/review/8388
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
In AirPDcapRsnaPwd2PskStep(), digest[] holds an SSID plus 4 bytes of
count, so the size is MAX_SSID_LENGTH plus 4, and digest1[] holds an
SHA-1 digest, so the size is SHA1_DIGEST_LEN.
That makes it a bit clearer why those are the sizes.
Change-Id: I58ed6643f57675375f7f369470d600382323315f
Reviewed-on: https://code.wireshark.org/review/8387
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I5b0405f814d439c1d5ce329a817475102be483af
Reviewed-on: https://code.wireshark.org/review/8373
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I64424731e4d5f94c7b69436b5318b67a14471171
Reviewed-on: https://code.wireshark.org/review/8372
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have it allocate the buffer for the unwrapped key and return a pointer
to it, rather than having it be handed a buffer for that key.
That makes it a bit easier to validate, in AES_unwrap, that we don't
write past the end of the buffer.
Change-Id: Id02852c23054b3ed33eeeb383e7aa6cf12d02ed9
Reviewed-on: https://code.wireshark.org/review/8371
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Hopefully that'll make it a little easier to make sure that we're not
overflowing arrays.
Change-Id: I770df045ef9a45fd486c1271ea424b3334bb39d2
Reviewed-on: https://code.wireshark.org/review/8370
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
of AirPDcapRsnaPwd2PskStep()
g1439eb6 changed AIRPDCAP_WPA_PSK_LEN from 64 bytes to 32 bytes, leading to a stack corruption in AirPDcapRsnaPwd2Psk() function
Change-Id: Ibf51f6749715055cd84906a144214ed44c85256b
Reviewed-on: https://code.wireshark.org/review/8358
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This patch extends the existing decryption support for WPA to also
handle rekeys by checking each decrypted packet for a 4-way-handshake.
Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
(WPA-EAP).
For decrypting WPA-EAP secured packets the user must provide all used PMK's
of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
via the existing interface.
(The capture must have all 4-way-handshakes included also, starting with
the first unencrypted one.)
Every decrypted unicast packet will habe the used PMK and TK shown in the
CCMP/TKIP section below the key index in the GUI. Group packets will display the
GTK instead.
Additionally this fixes a small issue with group rekey handling, so every packet
can be selected in the GUI in random order, removing the need to manually find
the correct group keying packets prior to that.
It was tested primary with WPA-CCMP, but TKIP is also working.
One section in the code touch bluetooth 802.1X support. It should do
exactly the same, but will now also examine all decypted packets for rekeys.
Ping-Bug: 11172
Change-Id: I19d055581fce6268df888da63485a48326046748
Reviewed-on: https://code.wireshark.org/review/8268
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The sha1 function outputs a multiple of 20 bytes while the ptk buffer
has only a size of 64 bytes. Follow the hint in 802.11i-2004, page 164
and use an output buffer of 80 octets.
Noticed when running Wireshark with ASAN, on exit it would try to free a
"next" pointer which was filled with sha1 garbage. It probably got
triggered via 3f8fbb734915aaf74eb006898e8fabb007afbf48 which made
AirPDcap responsible for managing its own memory.
Bug: 10849
Change-Id: I10c1b9c2e224e5571d746c01fc389f86d25994a1
Reviewed-on: https://code.wireshark.org/review/7645
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id50ce3e707056cca8f30052f05c451ce431b39b5
Reviewed-on: https://code.wireshark.org/review/6632
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(The other calls are just wrapped in macros)
Change-Id: I6a029dddf7742ba95510ec24cec30553461e48c6
Reviewed-on: https://code.wireshark.org/review/6558
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Most of the remaining ep_ uses are grouped with specific functionality.
Change-Id: I8fa64a17acc6bcdcf6891b2d28715ac0c58f1a4a
Reviewed-on: https://code.wireshark.org/review/6484
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ied1094dd3c6ad176fea830c0857ba43e09d3cb10
Reviewed-on: https://code.wireshark.org/review/6457
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ifcda8328dedec0ef4104c3a124d6246f99493750
Reviewed-on: https://code.wireshark.org/review/6389
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I90dbf0b31fc737150a01533763a7869b34c68cb6
Reviewed-on: https://code.wireshark.org/review/6220
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
security association structure.
Change-Id: I2f573a0626bab44aaca1ac6716bf5ac3d6a9b7ed
Reviewed-on: https://code.wireshark.org/review/3553
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
A little bit of guess work is involved as the group key can use a
different cipher to the pairwise key, and we are trying to do this
purely based on the EAPOL messages with no prior knowledge of the
associate request. We try to guess the cipher based on the lengths.
Bug:8734
Change-Id: I4c456b45939c00a9d1122406891f704fa037349c
Reviewed-on: https://code.wireshark.org/review/3183
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Always call $(top_srcdir)/tools/checkAPIs.pl with -sourcedir=$(srcdir)
from Makefile.am to allow out-of-source 'make checkapi'.
Change-Id: I60d7e0079984a8ededdacf4517a0738486fa7973
Reviewed-on: https://code.wireshark.org/review/1294
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed :sed -i '/^\/\* \$Id\$ \*\//,+0 d') ( /* $Id */ )
Change-Id: I46e928d7f2a307c35876ed5d34cb6b7cccfcd6e9
Reviewed-on: https://code.wireshark.org/review/886
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Copyright or info about file...)
Change-Id: I90ba8b1c3ec8406b0c3365a69a8555837fc4bbb1
Reviewed-on: https://code.wireshark.org/review/515
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I8116f63ff88687c8db3fd6e8e23b22ab2f759af0
Reviewed-on: https://code.wireshark.org/review/385
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
obvious that the returned string is ephemeral, and opens up the original names
in the API for versions that take a wmem pool (and thus can work in any scope).
svn path=/trunk/; revision=54249
|
|
pntohs -> pntoh16
pntohl -> pntoh32
pletohs -> pletoh16
pletohl -> pletoh32
phtons -> phton16
phtonl -> phton32
svn path=/trunk/; revision=53652
|
|
airpdcap.c:470:18: error: declaration of 'address' shadows a global declaration [-Werror=shadow]
airpdcap.c:611:18: error: declaration of 'address' shadows a global declaration [-Werror=shadow]
svn path=/trunk/; revision=53216
|
|
svn path=/trunk/; revision=53214
|
|
airpdcap.c:131:11: error: parameter 'password' not found in the function declaration [-Werror,-Wdocumentation]
* @param password [IN] pointer to a password (sequence of between 8 and
^~~~~~~~
airpdcap.c:154:11: error: parameter 'password' not found in the function declaration [-Werror,-Wdocumentation]
* @param password [IN] pointer to a password (sequence of between 8 and
^~~~~~~~
svn path=/trunk/; revision=51254
|
|
svn path=/trunk/; revision=51108
|
|
svn path=/trunk/; revision=51103
|
|
This means wsutil now links against libcrypt.
Protect a bunch of the crypt header files from multiple inclusion.
svn path=/trunk/; revision=51100
|
|
step.
svn path=/trunk/; revision=48848
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8446)
Needed to convert use of old IEEE802.11 preference strings to UAT. Since UAT is self-contained within its own file, the entire preference file doesn't need to be rewritten/saved when UAT values are changed.
svn path=/trunk/; revision=48308
|
|
Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to placate recent autotools.
svn path=/trunk/; revision=48261
|
|
remove C++ incompatibilities
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416
svn path=/trunk/; revision=48006
|
|
Also remove old WS_VAR_IMPORT define and related Makefile magic
everywhere in the project.
svn path=/trunk/; revision=47992
|
|
svn path=/trunk/; revision=47898
|
|
svn path=/trunk/; revision=47802
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8177)
svn path=/trunk/; revision=47314
|
|
on newer GCC's when _DEBUG is #defined.
Found while investigating
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8177
svn path=/trunk/; revision=47309
|
|
int" instead.
bugs 7825-7827 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7825)
svn path=/trunk/; revision=46928
|
|
airpdcap: For FromDS and ToDS both set use magic
All 802.11 data frames on the AMP link shall be sent with ToDS and FromDS
bits in the Frame Control field both set to one. Currently for this packets
we get different associations for the same EAPOL sequence since addr2 and
addr1 change.
svn path=/trunk/; revision=45923
|
|
Add 802.11 AMP LLC/SNAP header
Add LLC/SNAP header specified in BLUETOOTH SPECIFICATION Version 4.0 [Vol 5]
802.11 Protocol Adaptation Layer Functional Specification.
The SNAP header composed of the OUI of the Bluetooth SIG and the protocol
identifier given in spec mentioned shall be used to distinguish AMP 4-way handshake
messages from external security traffic. Decode this traffic as 802.1X authentication.
Part of
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7633
svn path=/trunk/; revision=45920
|
|
svn path=/trunk/; revision=45016
|
|
Use LIBGCRYPT_CFLAGS if we have it.
svn path=/trunk/; revision=44758
|
|
Split md5_hmac for incremental use
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7680
svn path=/trunk/; revision=44710
|
|
Split sha1_hmac for incremental use.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7680
svn path=/trunk/; revision=44709
|