Wireshark-commits: [Wireshark-commits] master-1.12 f42616a: WPA/WPA2 decoding fixes and improvement

From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Mon, 21 Dec 2015 20:25:38 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f42616a6216454656b7b958955d336d7b304714f
Submitter: Guy Harris (guy@xxxxxxxxxxxx)
Changed: branch: master-1.12
Repository: wireshark

Commits:

f42616a by Alexander Wetzel (alexander.wetzel@xxxxxx):

    WPA/WPA2 decoding fixes and improvements
    
    - start decoding when we have eapol1+2 packets
      Do not insist on a complete captured handshake, decode what we can.
    
    - more robust way to detect eapol #2 packets
      At least Win 10 is violating the spec on rekey by setting the secure
      bit in #2. Unpatched version shows and handles #2 as #4, breaking
      decoding after rekey.
    
    - fixed eapol rekey key handling
      Inital patch (see https://code.wireshark.org/review/8268)
      is adding redundant keys, since it scans all the time
      and not only once.
    
    - ignore tailing garbage after eapol sections in frame
      See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9065#c8
    
    Included testcase to test decode for incomplete handshakes and eapol2
    packets with secure bit set on rekey.
    
    Change-Id: I5bf8ec442c262e92f2d09b706ec83bc78fec8fec
    Ping-Bug: 9065
    Reviewed-on: https://code.wireshark.org/review/12802
    Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
    

Actions performed:

    from  3065829   airpdcap: add free_key_string function, fix memleaks
    adds  f42616a   WPA/WPA2 decoding fixes and improvements


Summary of changes:
 epan/crypt/airpdcap.c                 |  366 +++++++++++++++------------------
 epan/crypt/airpdcap_system.h          |    3 +-
 epan/crypt/airpdcap_user.h            |   11 +
 epan/dissectors/packet-ieee80211.c    |   89 +++-----
 test/captures/wpa-test-decode.pcap.gz |  Bin 0 -> 167294 bytes
 test/config/80211_keys.tmpl           |    1 +
 test/suite-decryption.sh              |   17 ++
 7 files changed, 227 insertions(+), 260 deletions(-)
 create mode 100644 test/captures/wpa-test-decode.pcap.gz