Age | Commit message (Collapse) | Author | Files | Lines |
|
The subjectPublicKey field of a Certificate (TBSCertificate) is defined
as type BIT STRING. The actual contents depend on the Algorithm
Identifier which is preceding the subjectPublicKey field.
This patch (aims to) add(s) support for dissection of the public key.
Notes:
Currently only RSA is "half-working" and dissected as:
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey: 3082010a0282010100b7c769e2d0eacaeb929fc08238a9ff...
modulus : 0x00b7c769e2d0eacaeb929fc08238a9ffc59cab39c28a2e26...
publicExponent: 65537
It should probably become:
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey
RSAPublicKey
modulus : ...
publicExponent: 65537
Right now DSA and DH keys are displayed instead of subjectPublicKey
due to the hf_id reuse. These should get a new hf ID instead.
TODO:
- Add public key dissections below the BIT STRING subtree. This might
require API changes to dissect_ber_bitstring.
- Import PKIX1Algorithms2008 module from RFC 5480 (Elliptic Curve
Cryptography Subject Public Key Information) which is based on the
PKIX1Algorithms88 module from RFC 3279). Then import DSA, DH and
others from it. This is more correct than exporting it from the
PKCS#1 module.
- Check field names, right now these are displayed as a rather
useless/generic BER integer field (for the DH and DSA params).
Change-Id: Ib92645433b0a0078a947ff0ac26c5e6a64877b93
|
|
Change-Id: I95dc8743b6db579eb197bd64ab2f26cf43ebc308
Reviewed-on: https://code.wireshark.org/review/9480
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Move a bunch of #defines that involve the frame control field to
packet-ieee80211.h and have the WLAN statistics tap use them rather than
hardcoded numbers.
Change-Id: I893cc50e546af67c910755357cefd86c39a1c783
Reviewed-on: https://code.wireshark.org/review/9476
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have address_to_name() be a routine that takes an address and returns a
string with a "sufficiently long" lifetime for use in columns, using the
address type's addr_name_res_str routine for most address types, rather
than having a too-small set of address types wired into it. It replaces
both the internal solve_address_to_name() routine and get_addr_name(),
and can, for example, handle the special WLAN address types rather than
leaving them unresolved even with an ethers file.
Change-Id: Id09bc412adf5d2752155650a14a77c5378af2e42
Reviewed-on: https://code.wireshark.org/review/9475
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 11330
Change-Id: I865fe694706606c091a32f58a35658800a9dacc6
Reviewed-on: https://code.wireshark.org/review/9473
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8509b9290a7255a91fa5f10a8312ca80eb94ead6
Reviewed-on: https://code.wireshark.org/review/7900
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 11326
Change-Id: I5a438bda7448f6b6b9959bdc03b0252b3cf22697
Reviewed-on: https://code.wireshark.org/review/9469
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
These routines are called from dissect_bthci_evt(), which ensures that
bluetooth_data is non-null, and passes that non-null value to the
routines.
Should fix CIDs 1306908 and 1306911.
Change-Id: Ie25de02f36bda9a9ae25ced034e758fc7f745681
Reviewed-on: https://code.wireshark.org/review/9472
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It's guaranteed to be non-null at that point. as noted by Coverity.
Should fix CID 1306904.
Fix indentation while we're at it.
Change-Id: I414844e9b6f9f01e215f42ba087a56b0544d289a
Reviewed-on: https://code.wireshark.org/review/9471
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I64d6ae733bda880f5afbe1a755799823d835bfa4
Reviewed-on: https://code.wireshark.org/review/9466
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I576be8c1a1badf6befe90a226f83e8d03f8326a7
Reviewed-on: https://code.wireshark.org/review/9470
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I79fc9b11fcdd54e0644d01b34a7f37644c85ad0f
Reviewed-on: https://code.wireshark.org/review/9468
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This seems to be a typo
Bug: 11327
Change-Id: I0182003b77f0deba9421002f5626175af30125f5
Reviewed-on: https://code.wireshark.org/review/9467
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
previous declaration.
Change-Id: Id0c3b74ac52c427d9c1efdf749dc410bc5bb450f
Reviewed-on: https://code.wireshark.org/review/9460
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The hfinfo->strings pointer is used to store a ft_framenum_type_t
Bug: 11325
Change-Id: Ia6ee1bdd4f1e6ff93907e6107fcecab56c0320de
Reviewed-on: https://code.wireshark.org/review/9458
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib6e5a48fa0b0802c920e68d3dc7d62362818d36b
Reviewed-on: https://code.wireshark.org/review/9465
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I04cdba9633d3fc131ecd9dc218bc6dd458378a35
Reviewed-on: https://code.wireshark.org/review/9464
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
lemon.c:1784: warning: implicit conversion shortens 64-bit value into a 32-bit value
lemon.c:1790: warning: implicit conversion shortens 64-bit value into a 32-bit value
1790: warning: implicit conversion shortens 64-bit value into a 32-bit value
1928: warning: implicit conversion shortens 64-bit value into a 32-bit value
2707: warning: implicit conversion shortens 64-bit value into a 32-bit value
Change-Id: Ief1b64009891de6885c2c9a6cb0e290752de889f
Reviewed-on: https://code.wireshark.org/review/9463
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Currently only DefaultBinary encoding IDs can be displayed, this commit adds the DefaultXml encoding IDs
Change-Id: I19f3693d3aa03451655058770383222c3828b570
Reviewed-on: https://code.wireshark.org/review/9442
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
of a "homegrown" method.
Change-Id: I06d7d4e9747ed8593cf40506cae3a09ae237846b
Reviewed-on: https://code.wireshark.org/review/9456
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
UINT or string) key to register dissector handles.
This was designed for RPC dissectors, but probably has use elsewhere.
Change-Id: I1bca6b50ba312129a0c4fad5cc3c18cd9297c217
Reviewed-on: https://code.wireshark.org/review/9455
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie3c6daf69a1ac155ac09794a5ec87c89bbf0607d
Reviewed-on: https://code.wireshark.org/review/9454
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
dissector function signature.
This paves the way for using dissector tables.
Change-Id: I88ac165ef9aa5bf5c05e1115f7321e18e734d683
Reviewed-on: https://code.wireshark.org/review/9453
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Update from SQLite trunk (19 April 2015)
Add include <config.h>
Fix warning: unused parameter 'argc' [-Wunused-parameter] (using _U_)
Fix implicit conversion loses integer precision
Fix comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Wsign-compare]
Fix function declaration isn’t a prototype [-Wstrict-prototypes]
Fix warning: old-style function definition [-Wold-style-definition]
Fix trailing whitespace
Fix use -T for template for epan\Makefile.nmake, epan\dfilter\Makefile.nmake, plugins\mate\Makefile.nmake, plugins\tpg\Makefile.nmake and cmake/modules/UseLemon.cmake
Fix -Wmissing-prototypes Remove unused function (acttab_free)
Add basename the filename with only filename (no path...)
Fix lemon.c:3435: warning: implicit conversion shortens 64-bit value into a 32-bit value
Add "new" version of lempar.c (3 November 2009).
LEMPAR: fix trailing whitespace
LEMPAR: fix -Wunused-parameter
Change-Id: I2df7e39c9a6846de26743a981fb76aca423fe813
Reviewed-on: https://code.wireshark.org/review/6502
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Instead of just displaying the hex representation, use parseStatusCode which adds the textual representation of the status code
Change-Id: I43b9ff846ef48d727e77cfa247b9dcea7061bbab
Reviewed-on: https://code.wireshark.org/review/9441
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
error."
This reverts commit b591f07273f4e055a286ca36b6fda5da99952b5d.
Change-Id: I73e7b6a8ea37b1d5869e785633b74c89d7476b54
Reviewed-on: https://code.wireshark.org/review/9457
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
In value string table "smb2_ioctl_vals[]" of packet-smb2.c
{0x0011C017, "FSCTL_PIPE_TRANSCEIVE" } was placed before
{0x00110018, "FSCTL_PIPE_WAIT"}
which causes "Extended value string 'smb2_ioctl_vals[]' forced to fall back
to linear search: entry , value 0x00110018 < previous entry, value
0x0011C017"
Change-Id: I99afe5aa12c031e90bb0bd4c8e8aadfffad0135d
Reviewed-on: https://code.wireshark.org/review/9449
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
size is '520' bytes, but '1042' bytes might be written.
Change-Id: Ic88bc977011eff9ae3c2a4a5ba717e78dbb1171c
Reviewed-on: https://code.wireshark.org/review/9452
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
when some
unsigned type is required in call to 'printf'.
Change-Id: I3076454502e1c98ac225d33d520be5bbe5172c2a
Reviewed-on: https://code.wireshark.org/review/9451
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7cce1769d3e3c2c70d18e247b1e1040b05715c20
Reviewed-on: https://code.wireshark.org/review/9448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11320
Change-Id: Ie1fd3f1060e13cf742923aadebe375da4389422a
Reviewed-on: https://code.wireshark.org/review/9447
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Fix a typo ("and and") while we're at it.
Change-Id: Ib68bbdf0b358f56b36cf53906f105c5ee6493ec4
Reviewed-on: https://code.wireshark.org/review/9446
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ic1fa22dee21b71b523ba5fcfc1ea1bf4c8029e6f
Reviewed-on: https://code.wireshark.org/review/9445
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ia89e49d098f86450245c73c4d06a4359a25e3d53
Reviewed-on: https://code.wireshark.org/review/9444
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I2d5fd1c640d3ac6fa60d84f2b8080eb7866b2641
Reviewed-on: https://code.wireshark.org/review/9443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ie42cca588c9d5e02279083817382ac77f4ed74d6
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9439
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I6e34bcfb2205c1647e82dd396a13b0957532c4ae
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9438
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iec4fe90d792f745d8c754afc9b18ca6f7a708caa
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9437
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The service NodeIds of OPC UA are normally encoded as 4 byte numeric NodeId.
However, it is technically also possible to encode these as (less efficient) 7 byte numeric NodeId.
This kind of NodeId was already implemented, but wrong.
Since then no one ever used this kind of NodeId for service NodeIds.
Change-Id: I8654d969604e18bce8415931e455632e72d578ef
Reviewed-on: https://code.wireshark.org/review/9435
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ibbbb89af23d0e37ea57a1079e311d8205d254ddd
Reviewed-on: https://code.wireshark.org/review/9434
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I74461666bcfc6e85a92409819e2c63811284e8f8
Reviewed-on: https://code.wireshark.org/review/9433
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Have SOURCES_TAP just contain the file names of the taps to run through
make-tap-reg.py, and pass $$PWD, properly quoted, as the "source directory"
argument to make-tap-reg.py.
Change-Id: I09382ccf9931db636aaeeb5d94c0ae029453ea9d
Reviewed-on: https://code.wireshark.org/review/9432
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
it doesn't have a specific subdissector table to invoke the DCE/RPC "Decode As" tab.
bug:10368
Change-Id: Iff94ddaf0c9f4d002be89dab480b6f9550ebd82f
Reviewed-on: https://code.wireshark.org/review/3575
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Overlay scrolling causes problems when selecting eg. the last packet in Packet List. The last packet gets covered by the scollbar.
Change-Id: If23152721a457c7834d6727fc342ee0501a07302
Reviewed-on: https://code.wireshark.org/review/9169
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
|
|
The pathnames have spaces, so they must be quoted.
At least on my VM, I had to run it as Administrator.
Change-Id: I7600edbdbe3205c7f766cc651bd6b86340efa0ff
Reviewed-on: https://code.wireshark.org/review/9429
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 11319
Change-Id: I8b746f7238729173b2ca23734e9f7fdbbe4f5110
Reviewed-on: https://code.wireshark.org/review/9232
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Fixes a bug exposed by g5265bc3.
Change-Id: Ia0775aa068f5e9e1eeb66384bac97fe57f3c957c
Reviewed-on: https://code.wireshark.org/review/9231
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
fseek() to the end, followed by ftell(), is a bit of an odd way to get
the file size. Use ws_fstat64() instead.
Check that the file is a regular file, while we're at it. This means we
don't have to check before opening.
Bug: 11268
Change-Id: I31ee20dd5568d10541375cf97b286abfc1384d1c
Reviewed-on: https://code.wireshark.org/review/9230
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
ftell() is undefined for directories. In practice, it will report
0x7fffffffffffffff on an ext4 filesystem. Ensure that the given key file
is not a directory.
By the way, this is the only user of ftell that is affected.
Bug: 11268
Change-Id: Iaecd42c9b60da9e7945703a794601773749f2d97
Reviewed-on: https://code.wireshark.org/review/9213
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Fixes about 5kB leaks in 500+ allocations.
There are still some other remaining (and not fixed in this patch
because it is hard to track them):
- The g_strdup'ed memory via MATE_PARSE for some types (cannot simply
g_free after use, it is still needed in some cases).
- cfg->transforms and cfg->transport_ranges as used in pdu_decl
(mate_grammar.lemon).
Tested on a http capture with: tshark -o mate.config:tcp.mate -r ...
where tcp.mate is from
https://wiki.wireshark.org/Mate/GettingStarted?action=AttachFile&do=get&target=tcp.mate
Change-Id: I4c06f948136fc30dfcdb56f7ac8a32a2326ae30d
Reviewed-on: https://code.wireshark.org/review/9221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|