Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I0de1c332a6052c20f6afbe1e51dfb14e18485891
Reviewed-on: https://code.wireshark.org/review/19899
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Many of the register_init_routine/register_cleanup_routine functions
are for initializing and cleaning up a GHashtable.
wmem_map_new_autoreset can do that automatically, so convert many
of the simple cases.
Change-Id: I93e1f435845fd5a5e5286487e9f0092fae052f3e
Reviewed-on: https://code.wireshark.org/review/19912
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I25fd598f3c2bd75548213140e93198b611f30d4b
Reviewed-on: https://code.wireshark.org/review/19900
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: I87d842e3efe9f82eaaab81347dfb79d6c0932792
Reviewed-on: https://code.wireshark.org/review/19491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ibed5c2418d1dd400fe586d40681fb5ba90efbd9f
Reviewed-on: https://code.wireshark.org/review/19906
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Iac6027e4b1449a77bc6b0a3d089634a296b8e802
Reviewed-on: https://code.wireshark.org/review/19904
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ia8d1a7ca4ce7e8754ab97ffe5f6e11181f08b264
Reviewed-on: https://code.wireshark.org/review/19905
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I739e0cd9ebe35049b6633a9cfa0f793d66823f9a
Reviewed-on: https://code.wireshark.org/review/19901
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: If68a73c05bfc301e1cfdba75c090305a5b454979
Reviewed-on: https://code.wireshark.org/review/19902
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ia6cb39cbf6d5b50d39746f38758433a7541219a2
Reviewed-on: https://code.wireshark.org/review/19896
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I21d0ab5619cde9a43b96eaff351fa338e317f4f9
Reviewed-on: https://code.wireshark.org/review/19897
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id1f46ed533980e67bf18aa13fcc828bf1f5e7f6e
Reviewed-on: https://code.wireshark.org/review/19898
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
"decoder->flow" could result in a NULL pointer dereference if a null
cipher was in use (caught by Clang static analyzer).
Answering the questions:
- DTLS records fragments do not need to be reassembled, thus there is no
flow. The Handshake messages have their own fragment_offset field and
thus there is no need to maintain an extra flow.
- Actually one datagram can contain multiple records (RFC 6347, 4.1.1),
but this is not implemented yet. The key can however not be "0"
though, it must match the offsets from ssl_get_record_info.
Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
Change-Id: Iac367a68a2936559cd5d557f877c5598114cadca
Reviewed-on: https://code.wireshark.org/review/19892
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Current code is not able to detect missing mandatory information elements
because the macro will return once the end of the payload is reached.
Remove this check from all mandatory IE macros, and put it at the beginning
of optional IE ones. It should allow to detect any missing mandatory IE
while still stopping message dissection in case optional IEs are not
present.
Change-Id: Ie820740e25c1d03ee3462fa4a913c3a7870fcc2d
Reviewed-on: https://code.wireshark.org/review/19816
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Dissection of all new HCI command/events related with
Bluetooh 5.0 feature 'PHY update - LE 2M and LE Coded'
Change-Id: I212cb368d3295ba36eb0ca34329df566cae1611b
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19849
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
|
|
"default" frame information sets no retransmission or more fragments.
Bug: 13015
Change-Id: I1c8a29fe06d0b38abc789c8e454dc484490186f9
Reviewed-on: https://code.wireshark.org/review/19891
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
'SslFlow *' (aka 'struct _SslFlow *') [-Wformat-pedantic]
Change-Id: Iec574db8c28d2e02136e6c4119e5688b21112299
Reviewed-on: https://code.wireshark.org/review/19889
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
‘dissect_openflow_message_v5’ [-Wredundant-decls]
Change-Id: I6340f0b903af1371e69172b05650c49fc18b8890
Reviewed-on: https://code.wireshark.org/review/19888
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Per the Nasdaq TotalView-ITCH v2/3 protocol specifications the
NASDAQ-ITCH dissector needs be able to dissect a MoldUDP payload.
Change-Id: Id5194930025a9abdfb1663234233fd51e525a34b
Reviewed-on: https://code.wireshark.org/review/19847
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Shutdown communication is now also allowed on Admin Reset NOTIFICATION messages:
https://tools.ietf.org/rfcdiff?url2=draft-ietf-idr-shutdown-04.txt
Change-Id: I6450d3d5de5aef4bd709ba2b211ca717784b00a7
Reviewed-on: https://code.wireshark.org/review/19886
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I1b7dd1835fe60852b8c90f0ce5e240813cad89d1
Reviewed-on: https://code.wireshark.org/review/15574
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ic6de84a37b501e9c62a7d37071b2b081a1a1dd50
Reviewed-on: https://code.wireshark.org/review/19885
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
All cases of the "original" format_text have been handled to add the
proper wmem allocator scope. Remove the "original" format_text
and replace it with one that has a wmem allocator as a parameter.
Change-Id: I278b93bcb4a17ff396413b75cd332f5fc2666719
Reviewed-on: https://code.wireshark.org/review/19884
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Document structure, did not put much effort in there as the format is
subject to change (untested, no pcap available).
Change-Id: I2da8c4e005d65314158d038bc0af7411773d8fba
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19865
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
See https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.3.1
Change-Id: I35e049d991be4c242ef2b84db3a322c6a13d2f96
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19860
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Extract the content type and handle padding per
https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-5.2
When TLS 1.3 is detected, rename the "Content Type" field to "Opaque
[Content] Type" and add a new generated field for the content type that
was extracted from the decrypted contents.
Change-Id: I149a5d7e2493dded6e2c0190e170fa350f76466e
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19859
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Note that RPK (RFC 7250) is not well-defined and is left untouched.
https://github.com/tlswg/tls13-spec/issues/722
Certificate extensions dissections remains a task for later.
Change-Id: I62276e59db94429e4c09058aca3c08f390ec3af7
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19864
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
digitally-signed is gone in TLS 1.3. ClientKeyExchange/ServerKeyExchange
are gone, so effectively modifying this function is good enough to cover
CertificateVerify dissection (ssl_dissect_hnd_cli_cert_verify).
See https://tools.ietf.org/html/draft-ietf-tls-tls13-18#page-58
Change-Id: I07f621bc088d810a3f35343bec7a0a3303b1426b
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19866
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I88bc4924add4d89c1386cb1be9d27233cef861f1
Reviewed-on: https://code.wireshark.org/review/19867
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I0569326140c88a6dd2d7e2b8819c9f5323a98670
Reviewed-on: https://code.wireshark.org/review/19810
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It's only use is in dissectors or other tree creation APIs (where
packet scope is valid), so have it use format_text_wmem with
wmem_packet_scope().
Change-Id: I1f34e284a870c9844c6b27f4ae08a1e7efe54098
Reviewed-on: https://code.wireshark.org/review/19883
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The bare essentials are now in place to perform decryption
(HKDF-Expand-Label, calculation of traffic secrets, AEAD integration).
Can successfully decrypt the initial handshake message. Only AES ciphers
are supported, ChaCha20-Poly1305 still needs to be added.
Note: "decryption" indeed works, but dissection needs to be updated. The
padding must be stripped and the content type extracted.
Ping-Bug: 12779
Change-Id: I3869c9ae5131e57519be99c5f439c4fa68841bae
Reviewed-on: https://code.wireshark.org/review/19858
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Unauthenticated data should not be displayed as valid. Validate the
authentication tag, similar like how MAC checks are done for block
ciphers. This requires Libgcrypt 1.6 or newer.
Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.
Change-Id: Iee15f4ccc5bbe01a50677167fa9c50c1ffe382d3
Reviewed-on: https://code.wireshark.org/review/19853
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The current ssl_decrypt_record is hard to understand due to mixing CBC
concepts (MAC, padding) with AEAD. Extract the AEAD functionality and
use better variable naming.
The "Plaintext" debug print now includes just the plaintext (the auth
tag is stripped). A write_iv.data_len check is added just to be sure and
more prep work is done for auth tag validation and TLS 1.3 support.
Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.
Change-Id: I94dd2fd70e1281d85c954abfe523f7483d9ac68b
Reviewed-on: https://code.wireshark.org/review/19852
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Use NULL scope to be safe.
Change-Id: I1967737cf6a1c90cc2e0476d3f2ace63aa0c9153
Reviewed-on: https://code.wireshark.org/review/19857
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It's only use is in dissectors, so have it use
format_text_wmem with wmem_packet_scope().
Change-Id: I22121324fd47aee32174b65104458ad2ef329bd7
Reviewed-on: https://code.wireshark.org/review/19856
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows for a wmem_allocator for users of format_text who want
it (dissectors for wmem_packet_scope()). This lessens the role of
current format_text functionality in hopes that it will eventually
be replaced.
Change-Id: I970557a65e32aa79634a3fcc654ab641b871178e
Reviewed-on: https://code.wireshark.org/review/19855
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Vendor ID
Change-Id: Idf40de8bfa76cbe4437a157fc90bd994d4b2233e
Reviewed-on: https://code.wireshark.org/review/19872
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
coaps port is defined in RFC 7252, section 12.7.
CoAP (RFC 7252) is defined only for UDP, not TCP. For TCP, the frame
format is slightly different (draft-ietf-core-coap-tcp-tls-05) and
needs more dissector changes, so remove registration for now.
Change-Id: I1fc7163086f8fe66986565aa24b579ef24f72550
Ping-Bug: 13370
Reviewed-on: https://code.wireshark.org/review/19870
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Also unconditionally show the encrypted appdata record, matching the SSL
dissector. Now the bytes are always linked to a field.
Change-Id: Ie65cd5fc6620d53da46a94cdb1972863702b452c
Reviewed-on: https://code.wireshark.org/review/19868
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: I674afef24938f3b860171d87640a6228ee042e82
Reviewed-on: https://code.wireshark.org/review/19862
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
The Great Britain Companion Specification specifies how energy meters
will communicate in the UK. This patch adds names for attributes and
commands from the Smart Energy Metering cluster that are used within
that specification.
Futhermore take care of Change 19481 for ZigBee Smart Energy.
Bug: 13360
Change-Id: Ia229265f9dc2168c8977303f3540c2ffc1bb5a0a
Reviewed-on: https://code.wireshark.org/review/19768
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
format_text_wsp is fed into by tvb_format_text_wsp and tvb_format_stringzpad_wsp
so those functions need to add a wmem allocated parameter as well.
Most of the changes came from tvb_format_text_wsp and tvb_format_stringzpad_wsp
being changed more so than format_text_wsp.
Change-Id: I52214ca107016f0e96371a9a8430aa89336f91d7
Reviewed-on: https://code.wireshark.org/review/19851
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id749c41947c6300f2c82ed947352c336f9e45b72
Reviewed-on: https://code.wireshark.org/review/19838
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0815bf008ed056e3cd400a24fb10abb4ca88c3ce
Reviewed-on: https://code.wireshark.org/review/19854
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Idcea59f6fc84238f04d9ffc11a0088ef97beec0c
Reviewed-on: https://code.wireshark.org/review/19844
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The record sequence number is 64-bit, not 32-bit. This applies to all
SSLv3/TLS/DTLS versions. Without this fix, after about four million
records, the wrong MAC is calculated (for TLS 1.2) or decryption will
fail (for TLS 1.3).
Change-Id: I05e5e8bc4229ac443a1b06c5fe984fb885eab1ca
Reviewed-on: https://code.wireshark.org/review/19824
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: Ic13f60a3e700f3d8325063079f032eda47eaf22f
Reviewed-on: https://code.wireshark.org/review/19848
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I4a55af48f03ec5940c2a5fd902a57c7b06ac0e37
Reviewed-on: https://code.wireshark.org/review/19839
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|