2007-01-12 00:54:13 +00:00
|
|
|
/* airpcap_debug.h
|
|
|
|
*
|
|
|
|
* Copyright (c) 2006 CACE Technologies, Davis (California)
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
2018-03-08 14:53:58 +00:00
|
|
|
* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0-only)
|
2007-01-12 00:54:13 +00:00
|
|
|
*/
|
|
|
|
|
2018-02-23 17:43:29 +00:00
|
|
|
#ifndef _DOT11DECRYPT_DEBUG_H
|
|
|
|
#define _DOT11DECRYPT_DEBUG_H
|
2006-12-05 21:06:09 +00:00
|
|
|
|
2021-04-11 09:18:58 +00:00
|
|
|
#define WS_LOG_DOMAIN "dot11decrypt"
|
2019-04-23 11:50:40 +00:00
|
|
|
|
2021-04-11 09:18:58 +00:00
|
|
|
#include "dot11decrypt_interop.h"
|
|
|
|
#include <wsutil/wslog.h>
|
2006-12-05 21:06:09 +00:00
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
/* Debug section: internal function to print debug information */
|
|
|
|
/* */
|
2021-04-11 09:18:58 +00:00
|
|
|
#ifndef WS_DISABLE_DEBUG
|
2015-01-09 22:15:39 +00:00
|
|
|
|
2021-07-26 00:11:14 +00:00
|
|
|
#define DEBUG_DUMP(name, ptr, size, level) \
|
|
|
|
ws_log_buffer_full(WS_LOG_DOMAIN, level, __FILE__, __LINE__, G_STRFUNC, ptr, size, 72, name);
|
2021-04-11 09:18:58 +00:00
|
|
|
|
|
|
|
#else /* defined WS_DISABLE_DEBUG */
|
2006-12-05 21:06:09 +00:00
|
|
|
|
2021-07-26 00:11:14 +00:00
|
|
|
#define DEBUG_DUMP(name, ptr, size, level)
|
Add WPA group key decryption from Brian Stormont, via bug 1420:
Although this patch successfully recognizes group keys and decrypts packets
properly using the group key, there is a limitation. If an AP is using key
rotation, clicking on individual packets in a trace may not properly decrypt a
packet encrypted with a group key. This is because the current structure used
in Wireshark only supports one active unicast and one active group key. If a
new key has been seen, but you are looking at a packet encrypted with an older
key, it will not decrypt. The summary lines, however, do show the packets
properly decrypted.
I've written up a much longer and more detailed explanation in a comment in the
code, along with a proposed idea for a solution, plus a clunky work-around in
the GUI when using the current code.
I also suspect there might still be a problem with decrypting TKIP groups keys
that are sent using WPA2 authentication. In the most common operation, if you
are using WPA2, you'll also be using AES keys. It's not a common AP
configuration to use WPA2 with TKIP. In fact, most APs don't seem to support
it. Since it is an uncommon setup, I haven't put aside the time to test this
patch against such an AP. I do have access to an AP that supports this, so
when I have the time I'll test it and if needed, will submit another patch to
handle that odd-ball condition.
From me:
Remove the decrypt element of s_rijndael_ctx (which was unused, as indicated
in the comments).
Preserve the GPL licensing text in several files (which the patch shouldn't
have removed).
Remove changes that added whitespace.
Convert C++-style comments to C-style.
Update to include recent SVN changes (e.g. renaming variables named "index").
Remove extraneous printf's.
Define DEBUG_DUMP in airpdcap_debug.h.
Comment out some instances of DEBUG_DUMP.
Change malloc/free to g_malloc/g_free.
Use g_memdup instead of allocating and copying.
Use gint16 instead of INT16 in airpdcap_rijndael.c.
Add Brian to AUTHORS.
svn path=/trunk/; revision=25879
2008-07-30 22:32:21 +00:00
|
|
|
|
2021-04-11 09:18:58 +00:00
|
|
|
#endif /* ?defined WS_DISABLE_DEBUG */
|
2006-12-05 21:06:09 +00:00
|
|
|
|
|
|
|
|
2018-02-23 17:43:29 +00:00
|
|
|
#endif /* ?defined _DOT11DECRYPT_DEBUG_H */
|