Age | Commit message (Collapse) | Author | Files | Lines |
|
TODO
- pull AEAD init/check outside function (for re-use with TLS1.3?)
- fix sequence number for nonce, need to check what is wrong
- more testing (+ extend test suite)? CCM seems to work. GCM auth check
seems still broken.
- test with older libgcrypt versions (currently tested with 1.7.6).
Change-Id: I94dd2fd70e1281d85c954abfe523f7483d9ac68b
|
|
The record sequence number is 64-bit, not 32-bit. This applies to all
SSLv3/TLS/DTLS versions. Without this fix, after about four million
records, the wrong MAC is calculated (for TLS 1.2) or decryption will
fail (for TLS 1.3).
Change-Id: I05e5e8bc4229ac443a1b06c5fe984fb885eab1ca
|
|
This will also avoid invoking ssl_finalize_decryption which will not be
used for TLS 1.3.
Change-Id: I958508276488764ad1a82e6412504bcd72f3b995
Ping-Bug: 12779
|
|
Renegotiated sessions may interleave application data with handshake
records. These handshake records should however not be included in the
flow associated with the application data. This fixes a regression in
the previous patch, now the "1.12 Step: SSL Decryption (renegotiation)"
test passes again.
Also remove duplicate DTLS data sources for decrypted records.
Change-Id: I46d416ffba11a7c25c5a682b3b53f06d10d4ab79
Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
|
|
Initialize decode_as_list = NULL after free to avoid random crashes
in g_list functions after changing profile.
This bug was introduced in g5c7b0b96
Change-Id: Ibc752f245115c5a426989e20e0ab9d0f0faac43d
Reviewed-on: https://code.wireshark.org/review/19821
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
This reverts commit 01ddd93a7296b54a2048de74691984a7e78e4cb9.
Change-Id: I90f19fec52d3f1edc63fd00e614173a0154503d4
Reviewed-on: https://code.wireshark.org/review/19820
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ia29d451857995b186c88193c9722ae156eb3f66d
Reviewed-on: https://code.wireshark.org/review/19729
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
relax pw_eth_heuristic and, at the same time, improve
the 1st nibble logic in dissect_mpls in order to disambiguate
between Ethernet pseudo-wire without a control word, with the MAC
address's first nibble being 4/6 and IPv4/6 packet.
Bug: 13301
Change-Id: If4697c2e40271d84e2db11a9f64ee60a8657e164
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19599
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Zero-length octet sequences don't need to show <MISSING> for their contents.
Change-Id: I89662ff8cd29563981ba9e1b34dc82023b6a070e
Reviewed-on: https://code.wireshark.org/review/19755
Reviewed-by: Juan Jose Martin Carrascosa <juanjo@rti.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 13347
Change-Id: I351c80dea8ac7a9f2540b40782b1cc5c0b8fdaed
Reviewed-on: https://code.wireshark.org/review/19777
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Previously there was a distinction between decrypted handshake
Application Data records ("Decrypted SSL data") and some others (like
Alerts, Handshake and Heartbeat, "Decrypted SSL record"). Remove this
distinction and always decrypt the payload before passing it on and
always display a data sources for decrypted contents ("Decrypted SSL").
This is prepatory work for TLS 1.3 support where the content type is
located in the encrypted record, having the record decryption in one
place makes it easier to adapt.
Change-Id: I92c51c7f9e87e5c93231d28c39a8e896f5afd1ef
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19789
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I87239a5af8476c1285e68cfbd45e62b89f1440eb
Reviewed-on: https://code.wireshark.org/review/19808
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I4c9eff4248f25c15ef4d525e0a4360bf3bdb480c
Reviewed-on: https://code.wireshark.org/review/19813
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
When saving preferences the strings in string lists must not be
escaped with g_strescape() because this will destroy UTF-8 characters.
Because this strings only should use printable characters we manually
escape quote and backslash, and skip non-printable.
Bug: 13342
Change-Id: I57e492dff746a5ecc0aee809f946a615ad110b4d
Reviewed-on: https://code.wireshark.org/review/19738
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Implemented by BoringSSL, an older description can be found at:
https://github.com/google/boringssl/commit/e776cc29568e520aaabc83188cc7db7991f0b776
Implementation pending at OpenSSL:
https://github.com/openssl/openssl/pull/2287
NSS bug (still open):
https://bugzilla.mozilla.org/show_bug.cgi?id=1287711
Proposal for PicoTLS:
https://github.com/h2o/picotls/issues/6
Change-Id: Ib597f48e296d286d8f6d30873ca03e7d6324a3c4
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19801
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2855c83c6b5e9add3f34d72a2f2ed3394bf79b78
Reviewed-on: https://code.wireshark.org/review/19761
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
That field parsed as Big Endian, while all data in ZigBee is Little Endian.
Not change to LE.
Change-Id: I782ba5d17ca9f2208dc4e2f08ca2c731f4d683e4
Reviewed-on: https://code.wireshark.org/review/19800
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 13346
Change-Id: I83175fefeef5035039e378dd68ffdcd0787970b8
Reviewed-on: https://code.wireshark.org/review/19775
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I22b64a10ab3d0dcaccbea775b03ef3f82797697f
Reviewed-on: https://code.wireshark.org/review/19784
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 13348
Change-Id: I64abc79475087f1c971419629b5c86e646123f3f
Reviewed-on: https://code.wireshark.org/review/19776
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Do the NLRI length checks in the switch cases for each route type, and
do them for *all* route types, rather than throwing a random check in
for one particular route type.
There is no need to fail up front for unknown route types; at least
dissect the type and length, and fail in the switch statement.
Dissect the route descriptor in each of the switch cases, after the
length check, rather than doing it up front.
Add a comment noting where the prefix route type comes from.
Change-Id: Iae26ecd467d4b36dbcf52e7998bd2881405281aa
Reviewed-on: https://code.wireshark.org/review/19774
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6e4fc624e6b4270a1db2b680e4d449c504bd56ee
Reviewed-on: https://code.wireshark.org/review/19773
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I547dd12479b9634d8176eca9fd2ae6c9e1f87981
Reviewed-on: https://code.wireshark.org/review/19772
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ided8496b1d57a7906c805bca4ed848903d553721
Reviewed-on: https://code.wireshark.org/review/19771
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I30812657e3fa5dc21e64ed2fb7605e5f2a36ab03
Reviewed-on: https://code.wireshark.org/review/19770
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Adds support for IndigoCare nursecall protocols
Bug: 13241
Change-Id: I83098c15d467ea42da8301c6b6a5568d9892fc60
Reviewed-on: https://code.wireshark.org/review/19224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ida9d2e6d632104ec3c6594f5ec500fec49a971a4
Reviewed-on: https://code.wireshark.org/review/19754
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I17a8b51dbcb502624a83177135b31fdbe72fa118
Reviewed-on: https://code.wireshark.org/review/19753
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3f950ce227818b6dae11ac89e4a8ec636294a6ec
Reviewed-on: https://code.wireshark.org/review/19740
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
|
|
Point to the FreeRADIUS man page for the dictionary file format, and
mention features we don't support - including features *not* documented
in the man page.
Change-Id: I08085062a6abcafb9dd0abe5b1edee53187ea23f
Reviewed-on: https://code.wireshark.org/review/19762
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Count using ints instead of guint16s.
Make sure dissect_packetcable_ccc_option and
dissect_packetcable_cccV6_option return positive values while we're
here.
Bug: 13345
Change-Id: Ic303ddc266f46ee3144e079731742c85808faf37
Reviewed-on: https://code.wireshark.org/review/19747
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Count using a guint instead of a guint8.
Bug: 13344
Change-Id: Ic7d337dbb29b92ebb8332f50fd47b5ba2aa3f41e
Reviewed-on: https://code.wireshark.org/review/19746
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Support all four mode adaptation input and output interfaces defined in
SatLabs reference document sl_561, "Mode Adaptation Input and Output
Interfaces for DVB-S2 equipment", instead of only the two modes that use
a sync byte.
There is nothing in the packet format that specifies which format is in
use, so we have to guess based on the possible occurrence of a sync byte
and the CRC-protected BBHEADER that follows the mode adaptation header,
which is a different length for each format. This is a heuristic dissector,
so if none of the four formats match, we just return.
Unfortunately, the BBHEADER CRC is only 8 bits, so there can be false
matches rather often. We detect when the packet matches more than one format,
and issue an expert info diagnostic. It is also possible for a UDP packet
that isn't DVB-S2 at all to match spuriously, with probability around 1%
(assuming random data). This is acceptable for a heuristic dissector,
especially one that is initially disabled.
Standardize spelling per sl_561: adaption -> adaptation
Change-Id: Iffc73ed01c72d1247e2378d648ffe0d7c1f21612
Reviewed-on: https://code.wireshark.org/review/19708
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Display also release (and build)
Change-Id: Ib97f47a0b0179712a82f0aee0ca079a05b8b590c
Reviewed-on: https://code.wireshark.org/review/19730
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib376127546aa15806ed37a7c26fe29b0fa80225c
Reviewed-on: https://code.wireshark.org/review/19722
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This portion of the code was never completed.
Complete it.
Change-Id: Iaa139b8c6d50a5ce3a7039000e9af38fab3d6124
Signed-off-by: Benoît Canet <benoit@scylladb.com>
Reviewed-on: https://code.wireshark.org/review/19725
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Fixed FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT dissector
to show fields of response properly - see
https://msdn.microsoft.com/en-us/library/dn409282.aspx
Mapped few SMB2 IOCTL codes related to RSVD to names
(like FSCTL_STORAGE_QOS_CONTROL that is defined by MS-SQOS
as a helper for RSVD protocol)
Added RSVD-specific SMB2 status codes
(used in SMB2 transport when RSVD is in use or inited)
See https://msdn.microsoft.com/en-us/library/dn392518.aspx
Change-Id: I04d80df234505e8b32773ac95cf0b73f07cc5581
Reviewed-on: https://code.wireshark.org/review/19693
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
[-Wmissing-prototypes]
Change-Id: Idb4b821e013a79777897d2f837cb8c3861e3c85f
Reviewed-on: https://code.wireshark.org/review/19724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I75ec9ed3b0ef02d18dee79f629291e7bc1c81467
Reviewed-on: https://code.wireshark.org/review/19726
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Move "struct preference" into prefs.c, essentially creating a "private"
structure to handle preferences. The 2 motivating factors were:
1. Better memory management so that clients/users of API don't have to worry
about it.
2. Hide the ugliness of the union stuff and make it transparent to the API.
A few bugs related to preference <-> Decode As integration were fixed
while in the neighborhood.
Change-Id: I509b9a236235d066b139c98222b701475e0ed365
Reviewed-on: https://code.wireshark.org/review/19578
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When using a data printer for the red/black tree it is fed with the
nodes of the tree. But nodes can be either subtree or data nodes.
Don't feed the subtree nodes to the data printer. The data printer can't
recognize it as such, can't handle it, or worse, could break stuff.
Change-Id: Ibbc1311d901c0d0c52e710f951dd53620f2c3d0f
Reviewed-on: https://code.wireshark.org/review/19652
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1cc180abd7e73e5aea55b1b7eef9dc4b0e66e164
Reviewed-on: https://code.wireshark.org/review/19692
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Since the fix for bug 13289, an empty string can be returned by get_dns_name.
Ensure that:
- a malformed encoding with no characters and a length > 1 triggers an exception
- the formatted version is used to add info in tree.
Bug: 13339
Change-Id: I88125a351904eabb5cededfbfe1d5ef14ea61ecc
Reviewed-on: https://code.wireshark.org/review/19714
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I948d342a29aacc2212076359e5b073113c50c5de
Reviewed-on: https://code.wireshark.org/review/19697
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Icea963384c16b1ad5387a885219d0621b470181b
Reviewed-on: https://code.wireshark.org/review/19699
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9694a8e817e357061a60c425fb5881d525ed8143
Reviewed-on: https://code.wireshark.org/review/19695
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Also use g_hash_table_new_full to ease the free procedure.
Change-Id: I0a411cccbd651cca18e94a048722bf5520903deb
Reviewed-on: https://code.wireshark.org/review/19691
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ifbbfc1ff71c32c2e9b758b55d32bff9a1ccd1576
Reviewed-on: https://code.wireshark.org/review/19689
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I52c00fa143c8562cdb195679f28590d7f2bb30c8
Reviewed-on: https://code.wireshark.org/review/19709
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: I9924425f1754c151552f41e23d20c7d4e6f1bf29
Reviewed-on: https://code.wireshark.org/review/19696
Reviewed-by: Michael Mann <mmann78@netscape.net>
|