Wireshark-dev: Re: [Wireshark-dev] [Wireshark-commits] rev 20049: /trunk/ /trunk/epan/dissector

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Wed, 06 Dec 2006 14:53:31 -0800
Joerg Mayer wrote:
> Gerald,
> 
> On Tue, Dec 05, 2006 at 07:24:27PM +0000, gerald@xxxxxxxxxxxxx wrote:
>> Log:
>>  From Davide Schiera and Giorgio Tino: Add initial WPA/WPA2 decryption
>>  support.
>>  
>>  WEP key preferences have been overloaded to allow WPA keys.  The
>>  decryption code currently uses Windows-specific data types, but can be
>>  converted to use glib equivalents.
> 
> I'm currently not quite happy with the direction the wireless
> developemnt in Wireshark is heading:
> 
> Basically many useful new features are tied to airpcap, which is windows
> only. This latest step adds WPA/WPA2 decryption which should be an os
> independend thing and I can't understand why the code is tied to airpcap
> instead of using just wireshark code.
> If someone had sent this patch to wireshark-dev I would have asked them
> to change the code to work without aipcap, as it seems unnecessary to
> me. Maybe you can shed some light as to why it was done this way.

The WPA code (specifically the modules in the airpdcap directory) is
Windows-specific because we might use same code base for WPA decryption
in Wireshark and in the Airpcap driver.  We're working on
de-Windows-izing the code, which should be done in the next few days.
At that point we can remove the HAVE_AIRPDCAP define.

BTW, we now have encryption code in airpdcap/* and epan/crypt-*.[ch].
(including duplicate MD5 implementations).  Should this all be moved to
a common directory, e.g. epan/crypt/?

As far as the Airpcap code being Windows-specific: we've tried to
generalize it so that it can be adapted to other platforms.  There's no
reason the code that calls airpcap_if_set_device_channel() under Windows
can't (and shouldn't) use the SIOCSIWFREQ ioctl under Linux.