Wireshark-commits: [Wireshark-commits] master 3fdabc6: dot11decrypt: Let dissector parse eapol fram
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fdabc62d44c029fa40769c66bab24f9a2b33180
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark
Commits:
3fdabc6 by Mikael Kanstrup (mikael.kanstrup@xxxxxxxx):
dot11decrypt: Let dissector parse eapol frames
To be able to support authentication key management suites that use
different MIC, PMK, PTK lengths the engine would need to be extended
to support parsing EAPOL Key frames with variable field lengts. Though
as the IEEE 802.11 dissector already support this the alternative
(implemented in this patch) is to remove the EAPOL frame parsing inside
the engine and have the dissector feed it with a struct of parsed
fields instead.
For this a new type DOT11DECRYPT_EAPOL_PARSED is exported and
dot11decrypt now expects dissector to fill this struct with parsed
EAPOL fields before calling Dot11DecryptScanEapolForKeys.
Dissection of EAPOL fields is scattered over several functions in the
dissector code so parsed fields are temporarily stored in proto data
and then gathered before fed into dot11decrypt engine.
Change-Id: Ic6aeb4900f373dcde1ea3f1f0f24df2ae827576e
Reviewed-on: https://code.wireshark.org/review/35020
Petri-Dish: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
Actions performed:
from c938841 travis: add arch name to linux builds.
add 3fdabc6 dot11decrypt: Let dissector parse eapol frames
Summary of changes:
epan/crypt/dot11decrypt.c | 265 ++++++++-----------------------------
epan/crypt/dot11decrypt_system.h | 25 +++-
epan/dissectors/packet-eapol.c | 11 ++
epan/dissectors/packet-eapol.h | 1 +
epan/dissectors/packet-ieee80211.c | 107 +++++++++++----
5 files changed, 173 insertions(+), 236 deletions(-)