42544c8c44
Add support for TK user input keys. With this Wireshark can decrypt packet captures where 4WHS frames are missing and packet captures with non-supported AKMS, for example 802.11r / Fast BSS Transitioning. Decryption using user TK works as a backup if the normal decryption flow does not succeed. Having TK decryption keys added will affect general IEEE 802.11 dissector performance as each encrypted packet will be tested with every TK. Worst case scenario is plenty of TKs where none of them matches encrypted frames. On successful user TK decryption an SA is formed based on parameters used to decrypt the frame. This SA is similar to what is formed when Wireshark detects and derive keys from 4WHS messages. With the SA entry in place the decryption performance (success case) should be on par with "normal" decryption flow. Bug: 16579 Change-Id: I72c2c1e2c6693131d3ba07f8ddb8ff772c1b54a9 Reviewed-on: https://code.wireshark.org/review/37217 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com> |
||
---|---|---|
.. | ||
baseline | ||
captures | ||
config | ||
keys | ||
lua | ||
suite_dfilter | ||
suite_dissectors | ||
conftest.py | ||
fixtures.py | ||
fixtures_ws.py | ||
hosts.custom | ||
hosts.global | ||
hosts.personal | ||
matchers.py | ||
README.test | ||
sampleif.py | ||
subprocesstest.py | ||
suite_capture.py | ||
suite_clopts.py | ||
suite_decryption.py | ||
suite_dissection.py | ||
suite_extcaps.py | ||
suite_fileformats.py | ||
suite_follow.py | ||
suite_io.py | ||
suite_mergecap.py | ||
suite_nameres.py | ||
suite_outputformats.py | ||
suite_release.py | ||
suite_sharkd.py | ||
suite_text2pcap.py | ||
suite_unittests.py | ||
suite_wslua.py | ||
test.py | ||
travis-upload-artifacts.sh | ||
util_dump_dhcp_pcap.py |
Wireshark Tests The recommended steps to prepare for and to run tests: * Install two Python packages, pytest: `pip install pytest pytest-xdist` * Build programs (“wireshark”, “tshark”, etc.): `ninja` * Build additional programs for the “unittests” suite: `ninja test-programs` * Run tests in the build directory: `pytest` Replace `ninja test-programs` by `make test-programs` as needed. See the “Wireshark Tests” chapter of the Developer's Guide for details: https://www.wireshark.org/docs/wsdg_html_chunked/ChapterTests.html If you need to update the baseline files use the following commands (on a Linux system) mkdir ~/.config/wireshark/profiles/ctest TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap > test/baseline/dhcp.ek TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T json -r test/captures/dhcp.pcap > test/baseline/dhcp.json TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T jsonraw -r test/captures/dhcp.pcap > test/baseline/dhcp.jsonraw