osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
wireshark/test
History
deagol 1439eb6778 IEEE 802.11: 802.1X (WPA-EAP) rekeying support 
This patch extends the existing decryption support for WPA to also
handle rekeys by checking each decrypted packet for a 4-way-handshake.

Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
(WPA-EAP).

For decrypting WPA-EAP secured packets the user must provide all used PMK's
of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
via the existing interface.
(The capture must have all 4-way-handshakes included also, starting with
the first unencrypted one.)

Every decrypted unicast packet will habe the used PMK and TK shown in the
CCMP/TKIP section below the key index in the GUI. Group packets will display the
GTK instead.

Additionally this fixes a small issue with group rekey handling, so every packet
can be selected in the GUI in random order, removing the need to manually find
the correct group keying packets prior to that.

It was tested primary with WPA-CCMP, but TKIP is also working.

One section in the code touch bluetooth 802.1X support. It should do
exactly the same, but will now also examine all decypted packets for rekeys.

Ping-Bug: 11172
Change-Id: I19d055581fce6268df888da63485a48326046748
Reviewed-on: https://code.wireshark.org/review/8268
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
 		2015-05-08 04:27:49 +00:00
..
baseline Remove svn:executable attribute. 2014-01-07 22:55:03 +00:00
captures IEEE 802.11: 802.1X (WPA-EAP) rekeying support 2015-05-08 04:27:49 +00:00
config IEEE 802.11: 802.1X (WPA-EAP) rekeying support 2015-05-08 04:27:49 +00:00
keys add a test for SSL/TLS decryption using the master secret 2014-03-13 21:42:50 +00:00
lua Change a lot of http:// URLs to https://. 2015-03-10 19:30:50 +00:00
README.test Add a test-programs target everywhere. 2015-03-13 22:41:40 +00:00
config.sh CMake: Update wslua build and test. 2015-03-12 16:37:51 +00:00
hosts.custom Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
hosts.global Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
hosts.personal Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
suite-capture.sh test suite: fix indent (use tabs) and add modelines 2014-12-23 07:27:48 +00:00
suite-clopts.sh Test suite: Make sure we have a usable locale before we run iconv. 2014-12-31 17:13:06 +00:00
suite-decryption.sh IEEE 802.11: 802.1X (WPA-EAP) rekeying support 2015-05-08 04:27:49 +00:00
suite-fileformats.sh Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
suite-io.sh Add tests for the Qt UI. 2014-10-01 22:30:33 +00:00
suite-nameres.sh CMake: Update wslua build and test. 2015-03-12 16:37:51 +00:00
suite-unittests.sh Add ftsanity.py to the unit tests. 2015-03-30 21:02:21 +00:00
suite-wslua.sh Fix the Lua FPM dissector test. 2015-03-12 10:44:14 +00:00
test-backend.sh Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
test.sh Fix Cygwin path 2015-01-12 12:40:04 +00:00

README.test 

What is it?
-----------
This is a collection of bash scripts which test the features of:

 - Wireshark
 - TShark
 - Dumpcap

Motivation
----------

The command line options of Wireshark and the companion command line tools are
numerous. This makes it hard to find newly introduced bugs doing manual testing
(try and error) with source code changes.

The current way is to do some changes, testing some scenarios by hand and
commit the code so other users will complain about new problems. This obviously
is far from being optimal.

Limitations
-----------

The test set currently provided will only do some basic tests, but even that
is far better than nothing. This may involve in time as new tests can be added
to fix problems reported by users. This will hopefully lead to a "complete"
and reliable testset in the future.

The tests are limited to command line tests, other things like unit tests or
GUI test are not included.

Prerequisites
-------------

What you'll need (to do):

 - edit the file config.sh to suit your configuration
 - build the "all" target
 - build the "test-programs" target
 - have a bash (cygwin should do well)
 - have tput (e.g. in the cygwin ncurses package)
 - you'll need a network interface with some network traffic
   (so you can run the capture tests)
 - (for non-Windows platforms) An X server for running the capture tests with
   the graphical Wireshark program.

A Test Ride
-----------

The default configuration might not be suitable for your set-up. Most settings
can be adjusted by setting an environment variable matching or by editing the
setting in config.sh.

For instance, the first network interface might not be used for traffic (like an
unconnected Ethernet port). In that case, you might want to set the environment
variable TRAFFIC_CAPTURE_IFACE to pick another interface. Use `dumpcap -D` to
get a list of devices.

On Windows, it is assumed that the user is able to perform captures. On
non-Windows platforms, the opposite is assumed. If your dumpcap executable
allows you to perform captures (for example, when it has appropriate
capabilities), then you can override the default with:

    SKIP_CAPTURE=0

If you do not want to test the binaries in the build directory, you can override
it with:

    WS_BIN_PATH=/usr/bin

When your configuration is sane, you can start test.sh which should provide a
basic menu. Just press Enter to start all tests.

It should start all the available tests. Each test will throw out a line
which should end with a green "Ok". If one of the tests fail, the script
will report it and stop at this test step.

Please remember to have some ICMP traffic on your network interface! The test
suite will ping to www.wireshark.org while running capture tests, but this will
slow down the tests.