| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
between dissectors instead of using packet_info.h
The only remaining explicit user of the packet_info members is the NTLMSSP dissector. However, there may be "hidden" use of it in the spnego dissector passing between ASN.1 functions.
Someone more familiar with the protocols could possibly trim some of the "extra copies" between packet_info and gssapi_encrypt_info_t structure, but I went the "better safe than sorry" route.
Change-Id: I160d2cfccadc5f49b128609223cdff0162c3ca85
Reviewed-on: https://code.wireshark.org/review/11575
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since ssl_dissector_[add|delete] only take TCP dissectors, remove the parameter and just use it within the "internal" ssl_association_add call.
Change-Id: I0fdf941389934c20cbacf910250e17520614e706
Reviewed-on: https://code.wireshark.org/review/11591
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
DISSECTOR_TABLE_ALLOW_DUPLICATE
Change-Id: Id4d8d9a2d2befee7b82ac4e0e6f2f1b8f03b4532
Reviewed-on: https://code.wireshark.org/review/11603
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
packet_info.
This can hopefully lead to the removal of the GSS-API specific members of the packet_info structure.
Change-Id: I7622d66e9f02c6e4cb76adcf0737b35c6ec88cdd
Reviewed-on: https://code.wireshark.org/review/11509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8bc9af431e70243b05f4f0ce8c2b8ee451383788
Reviewed-on: https://code.wireshark.org/review/11463
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Idaf07e31876b453f88c5fd7e886c72dffcb35a96
Reviewed-on: https://code.wireshark.org/review/11492
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
we can #include <wsutils/wsgcrypt.h> without doing the check ourselves
Change-Id: I248431bdb6cfa1bd85b794ec04ce1e4fcd3a7d2d
Reviewed-on: https://code.wireshark.org/review/11483
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Success Response message
According to RFC 6062, once the connection is established, data is sent as-is
To stop the STUN dissector from interfering, add the ability to specify a starting
frame for a conversation dissector and use it
Bug: 11641
Change-Id: I65ca96bddacf70444009c0642ea22173fa68992e
Reviewed-on: https://code.wireshark.org/review/11372
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I6d0a87e301145f43af0c0ccba44c1dbb2f84adb2
Ping-Bug: 9887
Reviewed-on: https://code.wireshark.org/review/11242
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Replace remaining calls to SET_ADDRESS, CMP_ADDRESS, ADDRESSES_EQUAL,
COPY_ADDRESS, and COPY_ADDRESS_SHALLOW with their lower-case
equivalents.
Replace all ADD_ADDRESS_TO_HASH calls with add_address_to_hash.
Change-Id: I4cff857d7a84085abe0bccd52d2605d2a468bf6f
Reviewed-on: https://code.wireshark.org/review/11229
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.
Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 4479
Change-Id: I41de06f2e3eea0c44edd659ed053f628406550c6
Reviewed-on: https://code.wireshark.org/review/11125
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
calling RSA Public Key dissection
Bug: 11612
Change-Id: Ia1279b5991604631241398ab19f0652e36a2114e
Reviewed-on: https://code.wireshark.org/review/11144
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 11611
Change-Id: Ide8a26f74c99405b53acf394041ddf4a599da90a
Reviewed-on: https://code.wireshark.org/review/11143
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The subjectPublicKey field of a Certificate (TBSCertificate) is defined
as type BIT STRING. The actual contents depend on the Algorithm
Identifier which is preceding the subjectPublicKey field.
This patch adds support for dissection of the public key for RSA
public keys which show up below the subjectPublicKey tree:
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey: 3082010a0282010100b7c769e2d0eacaeb929fc08238a9ff...
modulus : 0x00b7c769e2d0eacaeb929fc08238a9ffc59cab39c28a2e26...
publicExponent: 65537
Change-Id: Ib92645433b0a0078a947ff0ac26c5e6a64877b93
Reviewed-on: https://code.wireshark.org/review/10967
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I79c19f887cc868cb861631fe6926f0ec2b903a8c
Reviewed-on: https://code.wireshark.org/review/11111
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 11602
Change-Id: I56b9db19eca416c288f36c1f3a4faa7e22b38c8f
Reviewed-on: https://code.wireshark.org/review/11109
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Load RSA private keys based on their public key instead of relying on
the user to specify a valid address and port mapping. This is more
reliable and prepares for simplification of the SSL Keys dialog.
After this change, the "address" part of the UAT dialog will be ignored
when loading the private key. The port+protocol mapping is still
imported, but should probably be removed too.
Change-Id: I4d7a2bfcf63d17e66e336ef770759f20510fc176
Reviewed-on: https://code.wireshark.org/review/10766
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This commit extends h225 and h245 dissectors to support dissection
of ipv6 packets.
Change-Id: Id8c045344711a96f15d619ddd72065aa3712c429
Reviewed-on: https://code.wireshark.org/review/10799
Reviewed-by: Tomáš Kukosa <tomas.kukosa@unify.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Remove variadic macros restriction (c99, c++11 feature) from
README.developer. GCC, Clang, MSVC 2005 all support it.
Enable -Wno-variadic-macros in configure.ac and CMakeLists.txt when
-Wpedantic is enabled (which would enable -Wvariadic-macros).
For all files matching 'define\s*\w+[0-9]\(', replace "FOO[0-9]" by
"FOO" and adjust the macro definition accordingly. The nbap dissector
was regenerated after adjusting its template and .cnf file. The
generated code is the same since all files disabled the debug macros.
Discussed at:
https://www.wireshark.org/lists/wireshark-dev/201209/msg00142.html
https://www.wireshark.org/lists/wireshark-dev/201510/msg00012.html
Change-Id: I3b2e22487db817cbbaac774a592669a4f44314b2
Reviewed-on: https://code.wireshark.org/review/10781
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I95660eb302fde06c2034b023e60c7b83c67fe71b
Reviewed-on: https://code.wireshark.org/review/10680
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
RSA private keys are typically not found in network captures, so let's
just remove it. This removal avoids overloading the pkcs1.modulus
field with the same meaning from two different contexts (RSAPrivateKey
and RSAPublicKey).
Change-Id: I65239718e6fc801fc53fa46c467dc86620aa3b29
Reviewed-on: https://code.wireshark.org/review/10546
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
In the past large integers would be displayed as text, later on this
was changed into a "proper" header field. In most cases you do not want
to see "ber.64bit_uint_as_bytes" though, but the original field name.
This patch allows fields that are marked as FT_BYTES to be displayed
with their original header field details (name, description, etc.).
Change-Id: I4ab1a4cce649a225c73298fbf4dcf1692c693a03
Reviewed-on: https://code.wireshark.org/review/10539
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Inspired by: https://www.wireshark.org/lists/wireshark-users/201508/msg00023.html
Change-Id: Ib632b79aef5cbb4c83965a276ec955be43493455
Reviewed-on: https://code.wireshark.org/review/10472
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
This is further encouragement to not try to manually create a bitstring while formatting a field.
Change-Id: I4efbeb39a210cf1fd26203cd8560859276b333b0
Reviewed-on: https://code.wireshark.org/review/10494
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I91c66f81d245b4398fecbd4c6b655baad5431b53
Reviewed-on: https://code.wireshark.org/review/10489
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
It prevents proper update of Info column, and various other things
Change-Id: I355c46e6f6b3f923250d6b5bf720ea052ef3b646
Reviewed-on: https://code.wireshark.org/review/10488
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
As pointed out by checkAPI.pl
Change-Id: I603465614236ec41d1050e6e3452dbf9021bf1d5
Reviewed-on: https://code.wireshark.org/review/10468
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Report the exception and continue dissection of the end of RRC message
This is useful when there is an invalid NAS EPS message like in bug 11513
Change-Id: I74154892fe8125df57ef5a6966273d6df777977a
Reviewed-on: https://code.wireshark.org/review/10463
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
When set, this brings back the dissection code that was removed in g84a8c1d (bug 5696)
Bug: 11475
Change-Id: Iba6b0ec6490e2971a3670d13cb3b84351b69f126
Reviewed-on: https://code.wireshark.org/review/10399
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 11505
Change-Id: I87cc676426dceed05a9a95bb515c4fb2535ac9c5
Reviewed-on: https://code.wireshark.org/review/10400
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
These aren't "true" shadow issues, but the script doesn't completely understand C syntax (for things like struct member names "time" and "index"). But fixing them creates less noise.
Change-Id: I5a2db1549095824530428529e86cab453c031a04
Reviewed-on: https://code.wireshark.org/review/10368
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
http://personal.strath.ac.uk/robert.c.atkinson/papers/sgms2011.pdf
implies that appid, length and the two reserved fields are mandatory
just try to dissect them, don't check if there's enough bytes remaining
correct a typo while at it
Change-Id: I09a315fc2c70161af527dca5661f877e09b63ff6
Reviewed-on: https://code.wireshark.org/review/10273
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I0e8047fca7f24e60e4db8ad77254bcff5f8d6651
Reviewed-on: https://code.wireshark.org/review/10257
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
V3 versions of Camel.
Add ASN1 code for EstablishTemporaryConnectionArgV2
Bug: 11466
Change-Id: I0dbb9c83e520c269dd567f3c3bc34c99c9aa5e15
Reviewed-on: https://code.wireshark.org/review/10249
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
indicating failure.
Bug: 11056
Change-Id: Iaa6b7ca07626b78c77e3c1507726ec579764a582
Reviewed-on: https://code.wireshark.org/review/10181
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1549eb55e1fa87c46e2493c37f3ed352970b794b
Reviewed-on: https://code.wireshark.org/review/10168
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
[-Wmissing-prototypes]
Change-Id: I0aedefbb77899ebceac7fb08249faf47964d785b
Reviewed-on: https://code.wireshark.org/review/10163
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I641a9525ec5a6315cc4a2d97506a885605b3504b
Reviewed-on: https://code.wireshark.org/review/10170
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: I6fe835e78e58faabd5cfeeb84e39793b48d3df25
Reviewed-on: https://code.wireshark.org/review/10167
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: Ibe4cf8d004c6c94f745e5c620100af9483fa6a31
Reviewed-on: https://code.wireshark.org/review/9934
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This is initial support for reloading Lua plugins without
restarting the application.
Still todo:
- Deregister FileHandlers
- Support deregister ProtoField with existing abbrev (same_name_hfinfo)
- Add a progress dialog when reloading many plugins
- Search for memory leakages in wslua functions
Change-Id: I48870d8741251705ca15ffe1068613fcb0cb18c1
Reviewed-on: https://code.wireshark.org/review/5028
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I945bbbb3b10258f22c60b04b19cf55671fc6ed94
Reviewed-on: https://code.wireshark.org/review/9933
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Bug: 11430
Change-Id: Ia4196ff693806dc1e20eae4075dda7dfe272c5b6
Reviewed-on: https://code.wireshark.org/review/9941
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: If71dd8a04050ce11e37ad88ee862419313c06639
Reviewed-on: https://code.wireshark.org/review/9946
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: If1315496d231e5c8efc44b9235ec8ffb3ce9d8a9
Reviewed-on: https://code.wireshark.org/review/9880
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
As it turns out we *do* need to free table elements. We also need to
free the tables themselves and clear the table array. Do so.
Change-Id: Ic1c81388eac8f47f74caea0169c79685a83aaff9
Reviewed-on: https://code.wireshark.org/review/9901
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Convert both the MAP statistics and summary. As with the GSM A stats
this are mostly untested.
Change-Id: Ibd3a7346b09d1401e78724c0197ec2a38deb97a3
Reviewed-on: https://code.wireshark.org/review/9883
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
