Re: [patch] 802.11 printing akm and cipher suite lists in tcpdump
Friendly weekly ping
On Thu, Jun 02, 2022 at 11:43:30PM +0300, Mikhail wrote:
> Recently I bought a router with WPA3 support and decided to investigate
> wireless dump with WPA3 config, during the process I've found a small
> bug in tcpdump - it doesn't print all akms, also the printing logic is
> flawed if more than one akm or pairwise cipher is presented - there is
> extra addition to the data index.
>
> Tested with multiple akms, can't test with multiple ciphers, since my
> router doesn't support such configuration.
>
> diff --git usr.sbin/tcpdump/print-802_11.c usr.sbin/tcpdump/print-802_11.c
> index b0641a29279..14ecbdc6cfc 100644
> --- usr.sbin/tcpdump/print-802_11.c
> +++ usr.sbin/tcpdump/print-802_11.c
> @@ -860,6 +860,9 @@ ieee80211_print_akm(uint8_t selector[4])
> case 6:
> printf("SHA256-PSK");
> break;
> + case 8:
> + printf("SAE");
> + break;
> default:
> printf("%d", selector[3]);
> break;
> @@ -910,7 +913,7 @@ ieee80211_print_rsn(u_int8_t *data, u_int len)
> printf(",cipher%s ", nciphers > 1 ? "s" : "");
> for (i = 0; i < nciphers; i++) {
> for (j = 0; j < 4; j++)
> - selector[j] = data[i + j];
> + selector[j] = data[j];
> ieee80211_print_rsncipher(selector);
> if (i < nciphers - 1)
> printf(" ");
> @@ -931,11 +934,11 @@ ieee80211_print_rsn(u_int8_t *data, u_int len)
> }
>
> printf(",akm%s ", nakms > 1 ? "s" : "");
> - for (i = 0; i < nciphers; i++) {
> + for (i = 0; i < nakms; i++) {
> for (j = 0; j < 4; j++)
> - selector[j] = data[i + j];
> + selector[j] = data[j];
> ieee80211_print_akm(selector);
> - if (i < nciphers - 1)
> + if (i < nakms - 1)
> printf(" ");
> data += 4;
> }
[patch] 802.11 printing akm and cipher suite lists in tcpdump
Recently I bought a router with WPA3 support and decided to investigate
wireless dump with WPA3 config, during the process I've found a small
bug in tcpdump - it doesn't print all akms, also the printing logic is
flawed if more than one akm or pairwise cipher is presented - there is
extra addition to the data index.
Tested with multiple akms, can't test with multiple ciphers, since my
router doesn't support such configuration.
diff --git usr.sbin/tcpdump/print-802_11.c usr.sbin/tcpdump/print-802_11.c
index b0641a29279..14ecbdc6cfc 100644
--- usr.sbin/tcpdump/print-802_11.c
+++ usr.sbin/tcpdump/print-802_11.c
@@ -860,6 +860,9 @@ ieee80211_print_akm(uint8_t selector[4])
case 6:
printf("SHA256-PSK");
break;
+ case 8:
+ printf("SAE");
+ break;
default:
printf("%d", selector[3]);
break;
@@ -910,7 +913,7 @@ ieee80211_print_rsn(u_int8_t *data, u_int len)
printf(",cipher%s ", nciphers > 1 ? "s" : "");
for (i = 0; i < nciphers; i++) {
for (j = 0; j < 4; j++)
- selector[j] = data[i + j];
+ selector[j] = data[j];
ieee80211_print_rsncipher(selector);
if (i < nciphers - 1)
printf(" ");
@@ -931,11 +934,11 @@ ieee80211_print_rsn(u_int8_t *data, u_int len)
}
printf(",akm%s ", nakms > 1 ? "s" : "");
- for (i = 0; i < nciphers; i++) {
+ for (i = 0; i < nakms; i++) {
for (j = 0; j < 4; j++)
- selector[j] = data[i + j];
+ selector[j] = data[j];
ieee80211_print_akm(selector);
- if (i < nciphers - 1)
+ if (i < nakms - 1)
printf(" ");
data += 4;
}
