Hi Pascal,
2012/10/22 Pascal Quantin
<pascal.quantin@xxxxxxxxx>
Le 20/10/2012 17:33, Sho Amano a écrit :
> Okey, I figured out that following quick hack works for me. Now I can see
> the decrypted TCP packets.
> (build running on Ubuntu 12.04 amd64)
>
> $ svn diff
> Index: epan/dissectors/packet-ieee80211.c
> ===================================================================
> --- epan/dissectors/packet-ieee80211.c (revision 45658)
> +++ epan/dissectors/packet-ieee80211.c (working copy)
> @@ -17369,7 +17369,7 @@
> keys->Keys[keys->nKeys] = key;
> keys->nKeys++;
> }
> - else if(dk->type == AIRPDCAP_KEY_TYPE_WPA_PMK)
> + else if(dk->type == AIRPDCAP_KEY_TYPE_WPA_PSK)
> {
> key.KeyType = AIRPDCAP_KEY_TYPE_WPA_PMK;
>
>
> Thanks.
Hi Sho,
thanks for the report and patch. I committed a slightly different
version in r45696 and scheduled it for backport in 1.8.4.
Thanks, I tried r45696 on Ubuntu 12.04 (amd64) and it worked well.
But I have some questions.
packet-ieee80211.c, line 17374:
Since we convert PSK (64-byte ASCII) into PMK (32-byte binary) on line 17377,
what's the point of setting key.KeyType = AIRPDCAP_KEY_TYPE_WPA_PSK ?
packet-ieee80211.c, line 17380:
Using debugger, I verified that bytes->len is 32. So it is always smaller than
AIRPDCAP_WPA_PSK_LEN, which is 64.
packet-ieee80211.c, line 17381:
Since we are using the converted PMK, maybe we should copy it into key.KeyData.Wpa.Pmk?
(I know that is actually the same place :-)
Thanks.
Sho
Regards,
Pascal.