Add support for S1G beacon to dot11

[rkinder2023]

Brief description

S1G beacon is unsupported currently, this diff adds support + unit test.

Scapy version

7dcb5fe

Python version

3.12.2

Operating system

MacOS Sonoma 14.4

Additional environment information

No response

How to reproduce

New feature - support S1G beacon.

Actual result

No response

Expected result

No response

Related resources

No response

[rkinder2023]

Here is the patch.

diff --git a/scapy/layers/dot11.py b/scapy/layers/dot11.py
index 8ed4d38c..45b942af 100644
--- a/scapy/layers/dot11.py
+++ b/scapy/layers/dot11.py
@@ -712,7 +712,7 @@ class Dot11(Packet):
         _Dot11MacField("addr1", ETHER_ANY, 1),
         ConditionalField(
             _Dot11MacField("addr2", ETHER_ANY, 2),
-            lambda pkt: (pkt.type != 1 or
+            lambda pkt: (pkt.type not in [1, 3] or
                          pkt.subtype in [0x4, 0x5, 0x6, 0x8, 0x9, 0xa, 0xb, 0xe, 0xf]),
         ),
         ConditionalField(
@@ -720,7 +720,7 @@ class Dot11(Packet):
             lambda pkt: (pkt.type in [0, 2] or
                          ((pkt.type, pkt.subtype) == (1, 6) and pkt.cfe == 6)),
         ),
-        ConditionalField(LEShortField("SC", 0), lambda pkt: pkt.type != 1),
+        ConditionalField(LEShortField("SC", 0), lambda pkt: pkt.type not in [1, 3]),
         ConditionalField(
             _Dot11MacField("addr4", ETHER_ANY, 4),
             lambda pkt: (pkt.type == 2 and
@@ -1829,6 +1829,12 @@ class Dot11CSA(Packet):
     ]
 
 
+class Dot11S1GBeacon(_Dot11EltUtils):
+    name = "802.11 S1G Beacon"
+    fields_desc = [LEIntField("timestamp", 0),
+                   ByteField("change_seq", 0)]
+
+
 ###################
 # 802.11 Security #
 ###################
@@ -1978,6 +1984,7 @@ bind_layers(Dot11, Dot11ReassoResp, subtype=3, type=0)
 bind_layers(Dot11, Dot11ProbeReq, subtype=4, type=0)
 bind_layers(Dot11, Dot11ProbeResp, subtype=5, type=0)
 bind_layers(Dot11, Dot11Beacon, subtype=8, type=0)
+bind_layers(Dot11, Dot11S1GBeacon, subtype=1, type=3)
 bind_layers(Dot11, Dot11ATIM, subtype=9, type=0)
 bind_layers(Dot11, Dot11Disas, subtype=10, type=0)
 bind_layers(Dot11, Dot11Auth, subtype=11, type=0)
@@ -1985,6 +1992,7 @@ bind_layers(Dot11, Dot11Deauth, subtype=12, type=0)
 bind_layers(Dot11, Dot11Action, subtype=13, type=0)
 bind_layers(Dot11, Dot11Ack, subtype=13, type=1)
 bind_layers(Dot11Beacon, Dot11Elt,)
+bind_layers(Dot11S1GBeacon, Dot11Elt,)
 bind_layers(Dot11AssoReq, Dot11Elt,)
 bind_layers(Dot11AssoResp, Dot11Elt,)
 bind_layers(Dot11ReassoReq, Dot11Elt,)
diff --git a/test/scapy/layers/dot11.uts b/test/scapy/layers/dot11.uts
index 944df86d..b63bb7d4 100644
--- a/test/scapy/layers/dot11.uts
+++ b/test/scapy/layers/dot11.uts
@@ -763,3 +763,12 @@ assert pkt[Dot11EltVHTOperation].VHT_Operation_Info
 assert pkt[Dot11EltVHTOperation].VHT_Operation_Info.channel_width == 1
 assert pkt[Dot11EltVHTOperation].VHT_Operation_Info.channel_center0 == 42
 assert pkt[Dot11EltVHTOperation].VHT_Operation_Info.channel_center1 == 50
+
+= Dot11S1GBeacon
+
+pkt=Dot11(b"\x1c\x18\x00\x00,/u\x1c\x103hq\xf8\x00\x00\xd5\x08\x01\x00d\x00\x00\x00\x00\x00\x05\x02\x00\x01\xd9\x0f\x9e\x00@\x18\x80\x0c\x00\x02@\x00\xfe\x00\xfc\x01\x00\xe8\x06\x06\x18&(\xc4\xcc\xd6\x02d\x00\x00\nWiFiDiving\xdd\x18\x00P\xf2\x02\x01\x01\x01\x00\x03\xa4\xd5\x01'\xa4\xd5\x01BC\xd5\x01b2\xd5\x01")
+assert pkt[Dot11].type == 3
+assert pkt[Dot11].subtype == 1
+assert pkt[Dot11].addr1 == '2c:2f:75:1c:10:33'
+assert pkt[Dot11S1GBeacon].timestamp == 16281960
+assert pkt[Dot11Elt::{"ID": 0}].info == b"WiFiDiving"

s1g_beacon.txt

[rkinder2023]

PS: would appreciate if I can have branch creation permissions so I can just submit a PR.

[gpotter2]

Thanks !
You can fork scapy and create a PR from your fork :)

[rkinder2023]

@gpotter2, thanks - I'll give it a try.

[rkinder2023]

@gpotter2, who do I ping to get help on the PR? I see that coverage went down significantly with my patch, although I can't see why.