Age | Commit message (Collapse) | Author | Files | Lines |
|
Just as we include <windows.h> on Windows to get HANDLE defined, include
<sys/types.h> on UN*X to get pid_t defined.
We don't seem to need this (yet) on the master and 2.2 branches, but it
looks as if it might be necessary on the 2.0 branch. Do it everywhere.
Change-Id: I9535fa9944265746d332f8dc337e42a020b503d3
Reviewed-on: https://code.wireshark.org/review/19998
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Write the recent file for the current profile before copying or renaming
the profile to ensure the latest changes are not lost.
Change-Id: Ib07881925b398314da0a9b2ec875da7650b84712
Reviewed-on: https://code.wireshark.org/review/19984
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Update "early_data" extension to draft 18 (context field is gone).
Add support for "client_early_traffic_secret" to the keylog.
Support decryption of 0-RTT data (required handling cipher in Client
Hello and handling of "end_of_early_data" alert).
Tested with tls13-18-picotls-earlydata.pcap, early data decrypts
correctly. (The server data is messed up, but that is possibly the
result of broken NewSessionTicket handling which throws a dissector
exception and thus breaks the record sequence number.)
Ping-Bug: 12779
Change-Id: I9e6aeeb08111d5d977f2c0ab855f14d6d86ca87d
Reviewed-on: https://code.wireshark.org/review/19989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I8122a88b9b203b9535e8f69f8b71d2e11dc7dac6
Reviewed-on: https://code.wireshark.org/review/19988
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I4a868eb276af26ffc38e5c66f47bc9cc32f1d4de
Reviewed-on: https://code.wireshark.org/review/19985
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I325e98c9eeafaa53b5f757f4b8e5e903a31e1cc2
Reviewed-on: https://code.wireshark.org/review/19987
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: Iefd264bdd79af172c245c3a30119999cca9d56c0
Reviewed-on: https://code.wireshark.org/review/19976
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: I723032974e34940715ccde5c3744f8c572c6dfda
Reviewed-on: https://code.wireshark.org/review/19895
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Server Hello can contain an empty extension, so restore the check.
Change-Id: I7d1ccfa113cd8a568def6915a80fd2791fd361df
Fixes: v2.3.0rc0-2284-g420b9e061e ("ssl-utils: add length validation for SNI extension")
Reviewed-on: https://code.wireshark.org/review/19983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If1034d7aad02640adc45b4f276e180433e901e50
Reviewed-on: https://code.wireshark.org/review/19965
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Added the following batch of HCI commands:
LE Read Maximum Advertising Data Length
LE Read Number of Supported Advertising Sets
LE Remove Advertising Set
LE Set Periodic Advertising Data
LE Set Periodic Advertising Enable
LE Set Extended Scan Parameters
LE Set Extended Scan Enable
LE Extended Create Connection
Corrected min/max interval field sizes of LE Set Extended
Advertising Parameters command and updated LE Set Extended
Advertising Enable command to use subtree for each set.
Change-Id: Id9c08189a76a0a4adc89b669b50d832f68a929aa
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Based on CSS7 specification.
Change-Id: Ibf00e3add7fcb1a2b3a22574bb63b0fddaf4adcb
Reviewed-on: https://code.wireshark.org/review/19972
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Another format of beacon in advertising packet.
Based on: https://github.com/AltBeacon/spec
User needs to use DecodeAs to use this dissector - any manufacturer's
company id may be valid.
Change-Id: I5656d9dbb70b648b2fadba7f3b525d38a2fe8e57
Reviewed-on: https://code.wireshark.org/review/19971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The number of extcap splash items is the number of extcap binaries plus
RA_EXTCAP.
Change-Id: I9702da5a94e244ddd95a845a67da9302ee41c826
Reviewed-on: https://code.wireshark.org/review/19981
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
In the GTK+ prefrences dialog, enable wrapping and set a maximum width.
This should keep labels from making the dialog unusably wide.
Make a couple of enum preferences drop-downs instead of radio buttons.
Note that we might want to make the drop-down vs radio button behavior
automatic.
Change-Id: Ib72a2c8d5cfb99324be86f2218b6d57a395fa22c
Reviewed-on: https://code.wireshark.org/review/19980
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add copy of the definition in a comment, remove check for empty
extension such that export info can be added if the extension is empty.
Remove check for empty HostName, this cannot happen (and is caught by
ssl_add_vector).
Change-Id: Ie63b97e89dc7254f159abb338b52f5f894a8564d
Reviewed-on: https://code.wireshark.org/review/19939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Also adds the definition from TLS 1.3 draft 18 spec.
Change-Id: Ic7910874507e76dcbe7ae15aff99c91496a2b590
Reviewed-on: https://code.wireshark.org/review/19938
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add description from spec, remove zero-length extension check since it
is not allowed by specification.
Change-Id: I4bf85b36d933db3658f7788768fd794b6199187e
Reviewed-on: https://code.wireshark.org/review/19937
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add the definition from draft 4 as well (which describes the structure
in text). Remove the check for zero length name since this is normally
not the case (according to draft specification).
Change-Id: I72c3f04a5146d4c4fa291383258246d9ba2b14be
Reviewed-on: https://code.wireshark.org/review/19936
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Use ssl_add_vector to ensure that the lengths are checked for validity
and that expert info is added when invalid data is encountered.
Change-Id: I5d03dce988f695cdc305f1bfff9d19ae90c5f6e2
Reviewed-on: https://code.wireshark.org/review/19935
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Merge the length parsing into the SignatureAndHashAlgorithm vector
parsing. Remove extra expert info which are replaced by the generic
ones.
Tested with a mutated pcap where the signature length field is off by
one (too large = expert error, too small = expert warning, as expected).
Change-Id: I43350352ae00eb42bbe5c2ee81289fb592b88f86
Reviewed-on: https://code.wireshark.org/review/19933
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change all Hello extension dissector functions to accept the end of the
extension rather than the extension length. The changes are quite
mechanical: change "ext_len" to "ext_len = offset_end - offset".
Remove some "offset += ext_len" to ensure that additional unparsed data
is warned for.
The intent is that (extension) dissectors can easier check for overflow
(offset + 2 < offset_end). Later changes should remove "guint ext_len"
with appropriate changes (like replacing by ssl_add_vector).
Change-Id: Ic4846e6fd6164685c4704984136f701bec3afa58
Reviewed-on: https://code.wireshark.org/review/19932
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Currently variable length vectors are mostly unchecked with issues
ignored (see various "XXX - expert info"). In order to detect possible
attacks (and catch dissector issues), add helpers that extract the
vector length and that validate that a vector is correctly terminated.
Further dissection of a vector stops when not enough data is available.
The KeyShare extension and Extension itself are modified as a start,
more should follow. Future work should also ensure that the return value
represents the length after dissection (which should not exceed the
length). Also, the length field needs to be converted to an "offset_end"
value to ease overflow checking (length = offset_end - offset).
Change-Id: I6d757da2eb028f08a7b18661660313a6afd417e0
Reviewed-on: https://code.wireshark.org/review/19926
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Updated on 5th February 2017:
- UUIDs
- Company Ids
Change-Id: I9868891ee2bdcdaa687bd45c76429f2b476889cc
Reviewed-on: https://code.wireshark.org/review/19973
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I5aec3ad14eb0f0d591691f2aa7eb8ce09341e020
Reviewed-on: https://code.wireshark.org/review/19963
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
"Resolvable Private Address" comes in Core 5.
Also fix expert infos (usage) for all GAP characteristics are
described in Core 5.
Change-Id: I8386f5908b64cb758e2a973fb6f92fabcb30885a
Reviewed-on: https://code.wireshark.org/review/19974
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Values found at Bluetooth SIG: Assign Number:
https://www.bluetooth.com/specifications/assigned-numbers/health-device-profile
Change-Id: Ic99129e717f1de22162f5e398fa5b81ff3dcdc5a
Reviewed-on: https://code.wireshark.org/review/19975
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ia7736e0faff16dd73d56a91b5a96cc715e3ce75d
Reviewed-on: https://code.wireshark.org/review/19953
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: I40911820fa09111c167a5c526027f10381038dbb
Reviewed-on: https://code.wireshark.org/review/19952
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
"llc.bluetooth_pid" is now placed in bluetooth-file, it seems to be
fine, but there is a need to avoid terrible/horrible scream from
this script.
Change-Id: I0bf3f5b5f6459ab1f13a8c2c6ad12859af608e85
Reviewed-on: https://code.wireshark.org/review/19969
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I7d84e67723196d9b39f6007950ec8fb95fe9a50e
Reviewed-on: https://code.wireshark.org/review/19934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
DataIn field should be three-state enum (not boolean)
See https://msdn.microsoft.com/en-us/library/dn393496.aspx
Fixed HandleStateShared value of QUERY_SHARED_VIRTUAL_DISK_SUPPORT reply
See https://msdn.microsoft.com/en-us/library/dn409282.aspx
Added VHDSET disk format (used by RSVD v2).
Change-Id: I7a9528e680dd4fede7e982d98316af5ef40cff3b
Reviewed-on: https://code.wireshark.org/review/19964
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add the 'in' operator to the list of available operators, where 'eq'
operator would be present also. Setup the curly bracket expression in
the filter and allow for multiple enums to be selected.
Bug: 12808
Change-Id: I42b328bcb3328521d193d9cdae56577eb66f8e15
Reviewed-on: https://code.wireshark.org/review/19913
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: Ic3553d0e987fc7c0eafbe42a517f46212d137edc
Reviewed-on: https://code.wireshark.org/review/19959
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I8d521200b645b7a7b73c1da1d466bfd992c70c17
Reviewed-on: https://code.wireshark.org/review/19957
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ib3c35d332ef4c4b1b6d66d5fb9de7f87bcf15461
Reviewed-on: https://code.wireshark.org/review/19956
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Bug: 12847
Change-Id: I8a560dc44dceb06123d8bcecd512d132ee4ebb0d
Reviewed-on: https://code.wireshark.org/review/19671
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Rework Application Layer fragment reassembly to handle
out of order fragments (seen over UDP).
Change-Id: Ifd2bffba30f0a419a5f82ea6b9d2d221f7d6d276
Reviewed-on: https://code.wireshark.org/review/19947
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Change-Id: I85535dfdb7b064ba81f44ed08c3b1e84e7204e9e
Reviewed-on: https://code.wireshark.org/review/19954
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Icadbf65ad186c775b2a0ca8596d5bf4ba66e4c68
Reviewed-on: https://code.wireshark.org/review/19873
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: If9a3ba7fbd93374b4c63be7ce37510be5c2848f0
Reviewed-on: https://code.wireshark.org/review/19948
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ia61e8ffb4499e2ea25e66e9e05a6d2881f15d6ae
Reviewed-on: https://code.wireshark.org/review/19914
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I460b053880ed43a7377b7696531bbaeb0fd0d68b
Reviewed-on: https://code.wireshark.org/review/19764
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I17e652bf9c6e8a17c57afa0bc7bb909636152d15
Reviewed-on: https://code.wireshark.org/review/19945
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I54402822ee24214d13e052c0379514a39de16980
Reviewed-on: https://code.wireshark.org/review/19944
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8d1e9d587f7d47a9064d7b2e0c89f31dc41854ea
Reviewed-on: https://code.wireshark.org/review/19946
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id96ce391b9957ac37705c503bea35395ee3d358d
Reviewed-on: https://code.wireshark.org/review/19207
Reviewed-by: Paul Williamson <paul@mustbeart.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Decodes the options and meta length fields added with LWW for
{set,del}_with_meta request commands.
Decodes get_meta responses extra field.
Please see https://issues.couchbase.com/browse/MB-22003
Change-Id: Ie5205e8188a32d59145c4f9c499b16c7a7997274
Reviewed-on: https://code.wireshark.org/review/19928
Reviewed-by: Dave Rigby <daver@couchbase.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
* It must be multiple of 4 Octets otherwise NULL padding should be there
Change-Id: I7563b0407bd70d1f0b7aac8597ce3a757a08925e
Reviewed-on: https://code.wireshark.org/review/19893
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|