| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
For WPA security association (SA) entries are created on sucessful
PTK derivation from 4-way handshake frames. WEP though don't use
4-way handshake frames for key derivation and therefore no SA entry
is created. Still WEP decryption implementaton expects to find
an SA otherwise the decryption is skipped.
Fix broken WEP decryption by removing the check for an existing SA
entry and instead form the SA on first successful decryption.
Add also a test for WEP decryption.
Fixes: v3.3.0rc0-1263-g099d241046 ("dot11decrypt: Avoid allocating SA on packet decryption")
|
|
|
|
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
|
|
Add support for TK user input keys. With this Wireshark can
decrypt packet captures where 4WHS frames are missing and
packet captures with non-supported AKMS, for example
802.11r / Fast BSS Transitioning.
Decryption using user TK works as a backup if the normal
decryption flow does not succeed. Having TK decryption keys
added will affect general IEEE 802.11 dissector performance
as each encrypted packet will be tested with every TK.
Worst case scenario is plenty of TKs where none of them
matches encrypted frames.
On successful user TK decryption an SA is formed based on
parameters used to decrypt the frame. This SA is similar to
what is formed when Wireshark detects and derive keys from
4WHS messages. With the SA entry in place the decryption
performance (success case) should be on par with "normal"
decryption flow.
Bug: 16579
Change-Id: I72c2c1e2c6693131d3ba07f8ddb8ff772c1b54a9
Reviewed-on: https://code.wireshark.org/review/37217
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The function used to search for an SA allocates one entry if none
exists. Searching for an SA is done in many places including on
packet decryption. In practise this means for every encrypted packet
with unique STA/BSSID an SA is allocated. This is a waste both from a
memory and performance point of view but also a limitation as with
the old static array SA storage decryption would fail when max
number of SAs is reached. i.e. decryption would fail for captures
with more than 256 unique STA/BSSids.
Separate the searching for SA entries and allocation of new SAs to
avoid allocating unnecessary SA entries.
Change-Id: I7ddc9ac4bad5d69e273f97f8f8fb38d34b59a854
Reviewed-on: https://code.wireshark.org/review/37308
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Simplify the SA storage by replacing the static array with a
hash table. This way there's no need to keep track of whether
an entry is used or not and no need to traverse the whole
array for the non-matching case. This change should benefit
performance but was mainly done to prepare for coming changes
where code adding and searching for SA entries is modified. With
this change in place those changes become cleaner.
Change-Id: Ide572c5e4e7e872f1654d8d8f288cd6451f04435
Reviewed-on: https://code.wireshark.org/review/37307
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The function tracing functions DEBUG_TRACE_START/END are only
used in a few functions and START/END often don't match making
them unreliable. Remove these macros and their usage as it
clutters code without adding any useful debug capabilities.
Change-Id: I7ea214c07ba1f35cc546942b5d4737f5752d20a7
Reviewed-on: https://code.wireshark.org/review/37306
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Remove some unused defines, function parameters and functions.
Change-Id: I1bbc3ff7e0a9d11e8521ddf24b35113d8e332f08
Reviewed-on: https://code.wireshark.org/review/37305
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I0917dee336d52fad6bdfeaefa24620021270a6b0
Reviewed-on: https://code.wireshark.org/review/36898
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Coverity Scan reports an out-of-bounds acccess on memcopy from addr1
of 802.11 mac header. This out-of-bounds access is a controlled access
knowing that addr2 and addr3 is located in memory right after addr1.
Type cast to a guint8 pointer to indicate that there's no fix length.
This should silent the Coverity Scan error reported.
Coverity CID 1460754
Change-Id: Ief2280f1b686deebf3aba74f19a5730c66d4d313
Reviewed-on: https://code.wireshark.org/review/36706
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Coverity CID 1450217
Change-Id: I51a3c3cca5c3850a2f8e9de5b4cca9f0efaca4a8
Reviewed-on: https://code.wireshark.org/review/36705
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
dot11decrypt_util.c:34:6: warning: no previous prototype for ‘dot11decrypt_construct_aad’ [-Wmissing-prototypes]
Change-Id: Ideda2d18de88aed9d3fd045a02ead6446b0dbfce
Reviewed-on: https://code.wireshark.org/review/36653
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
dot11decrypt_system.h:274:11: warning: parameter 'decrypt_data' not found in the function declaration [-Wdocumentation]
dot11decrypt_system.h:277:11: warning: parameter 'decrypt_len' not found in the function declaration [-Wdocumentation]
dot11decrypt_system.h:279:11: warning: parameter 'key' not found in the function declaration [-Wdocumentation]
Change-Id: I9a0d1dd29ddd130b9425a38645777e4eb05e9fa3
Reviewed-on: https://code.wireshark.org/review/36540
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
MFP enabled connections with SHA-256 key management (IEEE 802.11w) use
EAPOL key version == 3. This case was missing making decryption of such
connections fail. Allow key version 3 to handle these too.
Change-Id: If9e3fcc5c3bbfb46e82b39dfed5b2a74787a4f16
Reviewed-on: https://code.wireshark.org/review/36534
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
From version 1.5.0 of libgcrypt there's support for AES unwrap. Use the
libcrypt function when available.
While at it also make AES_unwrap a static function of dot11decrypt.c
Change-Id: I4f69a766df3ea19ce25122e8d2fd1086f440995b
Reviewed-on: https://code.wireshark.org/review/36431
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for decrypting GCMP/GCMP-256 encrypted IEEE 802.11 traffic
Bug: 16197
Change-Id: I907d772665141c8be10a9f4a187bd76594c8d2e4
Reviewed-on: https://code.wireshark.org/review/36346
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The function to construct AAD is same for both CCMP and GCMP so move
it to a new internal utility c file for later use by both
implementations.
Change-Id: I8c8ffe0f492d5860e2bcd266b4d936383598b47e
Reviewed-on: https://code.wireshark.org/review/36358
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for decrypting CCMP-256 encrypted IEEE 802.11 traffic
Bug: 16197
Change-Id: I0c9ee09e5b71cb02e6d2381049fd5bbb02686f7f
Reviewed-on: https://code.wireshark.org/review/36344
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Simplify the CCMP decryption implementation by letting libgcrypt
handle decryption, authentication and integrity check. This aims
to simplify the implementation in preparation for CCMP-256
decryption support where changes to the CCMP decryption implementation
is anyway needed.
Even though performance optimization was not the target for this
change it appears decryption speed is improved as well.
Change-Id: I6c36315291672f6313c9303ab8e50afb87aea9ce
Reviewed-on: https://code.wireshark.org/review/36343
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When decrypting a frame the decryption occurs in a temporary buffer.
After successful decryption the decrypted frame is first copied back,
then a memmove operation is used to remove the CCMP header mid frame.
As the mac header is not encrypted there's no need to copy that part
back again after decryption. This means there's no mid frame data
that must be removed. Instead just copy the relevant portion and
save one memmove operation.
Change-Id: I24b938a6f5fac5a23cd0132aefe9ce258b352ef8
Reviewed-on: https://code.wireshark.org/review/36342
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The offset parameter to functions Dot11DecryptWepMng and Dot11DecryptRsnaMng
is always same as mac_header_len so not needed anymore.
Change-Id: I298e207c9317051b634aabd3f6a0e0921687b4d4
Reviewed-on: https://code.wireshark.org/review/36341
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The temporary buffer to store calculated mic is too short to keep
the message digest when using HMAC-SHA384 algo. HMAC-SHA384 yields
a message digest of 48 bytes so increase buffer size to make room
for the largest possible value.
Ping-Bug: 16197
Change-Id: I36fd094c39ce77329fb303fa181d286be694ae65
Reviewed-on: https://code.wireshark.org/review/35067
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The key derivation function (Dot11DecryptRsnaKdfX) used for
deriving PTK use some hard coded hash length values making
it fail to generate full / correct PTK for 704 bit long PTK.
Fix by replacing hard coded values with acutal hash length
values.
Ping-Bug: 16197
Change-Id: I48847cdb019672dde76174efb0f17514c58ace51
Reviewed-on: https://code.wireshark.org/review/35066
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
With AKMS 00-0F-AC:12 a 384 bit long PMK shall be used. To be able
to support key derivation and decryption from this larger sized
PMK the user PSK / PMK key input validation code is updated as well
as the various places where a hard coded PMK size is used.
Ping-Bug: 16197
Change-Id: I39c9337e8a84095246e3db5ef33dc96fb78e5dc3
Reviewed-on: https://code.wireshark.org/review/35065
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Use AKM, cipher suite and group cipher suite from RSNA to determine
key lenghts and offsets. This allows keys of different lengths
for PTK derivation, MIC validation etc.
Ping-Bug: 16197
Change-Id: I9a721fb9811db89357218b50a2a107cf945d3dae
Reviewed-on: https://code.wireshark.org/review/35064
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Not all AKMS use same MIC length. Last part to support both 16 byte
24 byte long MIC is to actually make use of the now known in mic
length in MIC check / validation function. Instead of hardcoded
length use the length in eapol_parsed struct received from
dissector.
Ping-Bug: 16197
Change-Id: I6585b7a54de4def9e5ff846c19f12059b90ffdf6
Reviewed-on: https://code.wireshark.org/review/35063
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Simplify the still quite complex Dot11DecryptScanEapolForKeys function
and further reduce frame parsing inside Dot11Decrypt engine. This is
done by breaking out the EAPOL keydata decryption step into a new
function Dot11DecryptDecryptKeyData to be called from dissector.
After this Dot11DecryptScanEapolForKeys can now focus on one
task, to scan for keys in (unencrypted) EAPOL key frames.
With keydata decryption step separated from the broadcast
key parsing step the dissectors' GTK parsing can replace
the Dot11Decrypt internal RSN GTK TAG parsing.
Change-Id: I3b89f40586b8b7dbe2ff74cfc30761010d5b80bc
Reviewed-on: https://code.wireshark.org/review/35022
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Break out the group handshake parsing from Dot11DecryptScanEapolForKeys
to a separate function. With this Dot11DecryptScanEapolForKeys logics
is simplified to either handle 4-way handshake or group handshake
message.
Change-Id: I2714d26623812066c888f7fea4b21eb03f22e510
Reviewed-on: https://code.wireshark.org/review/35021
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
To be able to support authentication key management suites that use
different MIC, PMK, PTK lengths the engine would need to be extended
to support parsing EAPOL Key frames with variable field lengts. Though
as the IEEE 802.11 dissector already support this the alternative
(implemented in this patch) is to remove the EAPOL frame parsing inside
the engine and have the dissector feed it with a struct of parsed
fields instead.
For this a new type DOT11DECRYPT_EAPOL_PARSED is exported and
dot11decrypt now expects dissector to fill this struct with parsed
EAPOL fields before calling Dot11DecryptScanEapolForKeys.
Dissection of EAPOL fields is scattered over several functions in the
dissector code so parsed fields are temporarily stored in proto data
and then gathered before fed into dot11decrypt engine.
Change-Id: Ic6aeb4900f373dcde1ea3f1f0f24df2ae827576e
Reviewed-on: https://code.wireshark.org/review/35020
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
EAPOL key message type is known by dissector so no need for dot11decrypt
to parse frames to determine this. Instead feed engine with message
type from dissector. With this some code duplication can be avoided.
Change-Id: Icfd119186ebab5b0db29968df3eb94275d921e76
Reviewed-on: https://code.wireshark.org/review/34929
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
As a step towards removing the parsing of frames inside dot11decrypt
engine separate the key extraction step from the decryption step.
Two new functions for extracting keys are now provided by the
do11decrypt engine. One to be called for EAPOL key frames that
will extract and feed the engine with keys present in 4-way handshake
and group handshake messages. And one to be called for TDLS action
frames to extract keys and feed the engine with keys during TDLS
session establishement.
The old Dot11DecryptPacketProcess function called for all 802.11
frames is simplified and now only has one purpose. To decrypt
encrypted packets. Hence renamed to Dot11DecryptDecryptPacket.
Change-Id: Idb38d538f435ec352c6bbb200a09bc2a2347c42e
Reviewed-on: https://code.wireshark.org/review/34928
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
The debug log macros are really long and require function name as
one parameter. This makes debug log lines either too wide or span
several lines of source code. Shorten the macro defines and make
use of G_STRFUNC to avoid manual function name entries in code.
NOTE: A bonus of removing all the manual function name entries is
that browsing/searching the code for function names is much easier.
Change-Id: Ia643f56df76e4a1b01ee6e6818cd61ec01047d33
Reviewed-on: https://code.wireshark.org/review/34927
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Support Extended Key ID for Individually Addressed Frames from
IEEE 802.11 - 2016.
Extended Key ID allows unicast (PTK) keys to also use key ID 1 and has
an additional RSN attribute "KeyID" in EAPOL #3.
Add the additional attribute KeyID to the RSN parser, stop assuming
unicast keys are only using key ID 0 and add a test case to verify
Extended Key ID parsing and decoding.
Change-Id: I43005c74df561be5524fa3738149781f50dafa14
Reviewed-on: https://code.wireshark.org/review/34883
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
If GTK cannot be found inside a successfully decrypted wireless frame
the dot11crypt engine returns incorrect decrypted data length of 0
bytes. As the IEEE802.11 dissector does not check the length of the
decrypted frame the number of bytes allocated and copied to wmem ends
up being a negative number (i.e. a huge unsigned number). This results
in a SIGSEGV crash while copying data.
Fix this both by returning a correct length from dot11crypt engine
and add extra an protection to the IEEE802.11 dissector if the length
for any (other) reason still would end up being a negative number.
Bug: 16058
Change-Id: I9d0d1cf50498dece2e008222eebbb3edc8f10159
Reviewed-on: https://code.wireshark.org/review/34558
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
dot11decrypt.c:1686:46: error: 'group_cipher' was marked unused but was used
&group_cipher, &cipher, &akm);
Change-Id: Ie7b9eba44eaf9bf160ca6eb6bb7373b7ba3fd8cb
Reviewed-on: https://code.wireshark.org/review/33371
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Fix coverity scan issues:
- Insecure data handling (CID 1444231)
- Unchecked return value (CID 1444234)
Introduced by:
9cf77ec5e1 ieee80211: Support decrypting WPA3-Personal / SAE captures
Change-Id: I8eb581750d2b0519f03f92873433f79409b0386b
Reviewed-on: https://code.wireshark.org/review/32546
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
PTK key derivation algorithm for WPA1 uses SHA1 not MD5.
MD5 is used for MIC only.
To avoid regression also add a decrypt test for WPA1 with
GTK rekeying.
Change-Id: Iabcf40c2f74d5dbc1d72cba0718c77020d97f61f
Fixes: v3.1.0rc0-342-g9cf77ec5e1 ("ieee80211: Support decrypting WPA3-Personal / SAE captures")
Reviewed-on: https://code.wireshark.org/review/32691
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add support for decryping OWE (Opportunistic Wireless Encryption)
captures.
Ping-Bug: 15621
Change-Id: I223fd0cd96260408bce2b5d7661f216c351da8a8
Reviewed-on: https://code.wireshark.org/review/32524
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Clang
Change-Id: Ie03b269c67a31638b5fd8e709ea839456db41fbf
Reviewed-on: https://code.wireshark.org/review/32551
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add support for decrypting IEEE 802.11 WPA3-Personal / SAE traffic.
SAE uses AES encryption but a different key derivation function (KDF)
making Wireshark fail to decrypt such captures. Also both KDF and
decryption method is determined based only on EAPOL key description
version. This is not enough to figure out that SAE is being used.
Implement the alternative KDF needed to derive valid PTK. Also
implement a function to parse pairwise + group cipher suites and
auth key management type from RSNE tag. Using this new function
together with a number of new cipher and AKM lookup functions
correct KDF for SAE can be selected.
Bug: 15621
Change-Id: I8f6c917af1c9642c276a244943dd35f850ee3757
Reviewed-on: https://code.wireshark.org/review/32485
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add header files lists to add_library() so that Visual Studio can pick them
up and include them in a "Header Files" folder for easier navigation within
Visual Studio.
Change-Id: I7cd8e39550f4db67eed8205593060ae8b4a5b1b9
Reviewed-on: https://code.wireshark.org/review/31289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: If6fc3aab7ad4fc634567121f7b9541bc6f6c5766
Reviewed-on: https://code.wireshark.org/review/30926
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Encrypted packets were decrypted two times. One time to scan for
new keys. If no keys were found the decrypted data was simply
discarded. Then later on the packet was decrypted again for
dissection.
Avoid decrypting packets two times by storing the result from first
decryption if no key was found. Skip the second attempt.
Note though that in the special case where a key was actually found
inside an encrypted packet the decryption will still be performed
twice. First time decrypt, discover the key, and return the EAPOL
keydata. Second time decrypt and return the decrypted frame.
Change-Id: I1acd0060d4e1f351fb15070f8d7aa78c0035ce39
Reviewed-on: https://code.wireshark.org/review/30568
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Decrypt EAPOL keydata information and have it dissected with the
ieee80211 dissector.
This is achieved by letting the Dot11Decrypt engine retrieve the EAPOL
keydata decrypted while extracting the GTK during 4-way handshake.
The ieee80211 dissector then stores the decrypted data in packet proto
data so that the wlan_rsna_eapol subdissector can retrieve it for
dissection.
Change-Id: I2145f47396cf3261b40e623fddc9ed06b3d7e72b
Reviewed-on: https://code.wireshark.org/review/30530
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ibc2f20a895f7aaf4fc5988eb8814124a68dd886e
Reviewed-on: https://code.wireshark.org/review/30583
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
In preparation for decrypting and dissecting EAPOL keydata in
ieee80211 dissector move the RC4 decryption and key copy into
separate helper functions.
Change-Id: I13f3e981038f48526032e263b6eb3c9e3496abbe
Reviewed-on: https://code.wireshark.org/review/30546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Warning found by Clang
Change-Id: I33c6e456bc8c4bae47f4df1457799cb0d09b520f
Reviewed-on: https://code.wireshark.org/review/28289
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: Id25ea93aee888eda665f52da4c00d75970ee69e8
Reviewed-on: https://code.wireshark.org/review/28253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I97dae4b6325fe5fe952c579e1d1ab3f0b37f461a
Reviewed-on: https://code.wireshark.org/review/28249
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
