Wireshark-bugs: [Wireshark-bugs] [Bug 3590] New: 802.11 decryption is broken
Date: Wed, 24 Jun 2009 11:12:13 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3590

           Summary: 802.11 decryption is broken
           Product: Wireshark
           Version: SVN
          Platform: x86
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: gregs@xxxxxxxxxxx


Created an attachment (id=3190)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3190)
prevent the 802.11 dissector from removing the mic after airpdcap does as well

Build Information:
Version 1.3.0 (SVN Rev 28836)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.8, with GLib 2.14.6, with libpcap 0.9.7, with libz
1.2.3, with POSIX capabilities (Linux), without libpcre, without SMI, without
c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 1.6.3, with
Gcrypt 1.2.4, with MIT Kerberos, without GeoIP, without PortAudio, without
AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Linux 2.6.26.6-49.fc8, with libpcap version 0.9.7, GnuTLS 1.6.3,
Gcrypt 1.2.4.

Built using gcc 4.1.2 20070925 (Red Hat 4.1.2-33).

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Recent changes to the tvb code seem to have broken 802.11 decryption.  It seems
as though the AirPDCap library and 802.11 were both removing the MIC field from
the packet.  Before the change to tvb_new_child_real_data this was ok. 
However, it is causing a problem now.  Attached is a patch that no long removes
the MIC in the 802.11 dissector.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.