git.samba.org - metze/wireshark/wip.git/log

checkAPIs.pl: support for new-style dissectors in check_hf_entries

Tested with dissectors like epan/dissectors/packet-netlink-sock_diag.c.

Change-Id: Icb43892d68896a8f61f4c0caf413327f0479f007
Reviewed-on: https://code.wireshark.org/review/29754
Reviewed-by: Anders Broman <a.broman58@gmail.com>

skinny: remove comment that matches field label (callState)

Fixes checkAPIs error:

Error: the blurb for hf_skinny_callState ("CallState") matches the
field name ("callState") in epan/dissectors/packet-skinny.c

Change-Id: Id12396eb101bf66e148aed95d5c773b90d06ff34
Fixes: v1.99.0-rc1-1511-g276a697a6b ("[RFC] Skinny: Rewrite using automatic code generation")
Reviewed-on: https://code.wireshark.org/review/29747
Reviewed-by: Anders Broman <a.broman58@gmail.com>

proto.h: add type checks for VALS/VALS64/VALS_EXT_PTR/TFS/RVALS

These macros were evil as they silently ignored bad casts. Together with
an updated checkAPIs.pl, this should reduce the likelihood of errors.

Change-Id: I40ecc48a57b2061b4c65db4f4f7fffff21f159a8
Reviewed-on: https://code.wireshark.org/review/29757
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

FP: Show E-DCH entity in tree

Change-Id: I28755b38b168bc30ea4dc1addba3d9b5b31b3870
Reviewed-on: https://code.wireshark.org/review/29761
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

rawshark: avoid RVALS for casting hfinfo->strings

No functional change, it just makes gcc -Wc++-compat happy.

Change-Id: I9001373686ccafd3252089ced8e5b630efbcaca2
Reviewed-on: https://code.wireshark.org/review/29760
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

erf: do not use VALS to cast a void pointer

No functional change, but makes gcc -Wc++-compat happy.

Change-Id: I3e90b6b1fdc6d558dfd410dffff3abc7cc3df10e
Reviewed-on: https://code.wireshark.org/review/29759
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

netlink-*: fix various VALS/TFS misuse

No functional change, this just updates the annotations.

Change-Id: I5517a6fd65452db128cdaaa6a90df8c578b5e8d0
Reviewed-on: https://code.wireshark.org/review/29753
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

lte-rrc: avoid BASE_EXT_STRING field without strings

Change-Id: Ifb2b721972de8d80af20f24a6bfd3b17d593e0bd
Fixes: v2.5.0rc0-2357-gc634a73c95 ("LTE RRC: upgrade dissector to v15.0.1")
Reviewed-on: https://code.wireshark.org/review/29746
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

epan: fix various misannotations of VALS/RVALS/VALS64/TFS

No functional change, just using the correct macro for value_strings.
Other fixes: Taking the address of the first element of an array gives
the same address as the array itself. An array of a structure with a
single element is the same as the single element itself (packet-sprt.c).

Change-Id: I08bc9de49fbd1659a6700ace863e5f05144c7b3e
Reviewed-on: https://code.wireshark.org/review/29752
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

simple: fix value_string type mismatch with simple.link16.rc

Due to alignment, mapping a range_string as value_string happens to work
on 64-bit systems. On 32-bit systems it will treat it as an empty list.
In either case, this type confusion is undesired, fix accordingly.

Change-Id: I6f1a249caf822acae2628e7f2df492bab6cc1c5c
Fixes: v2.1.0rc0-1726-geeae61bc93 ("packet-simple: SIMPLE dissector")
Reviewed-on: https://code.wireshark.org/review/29751
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

ospf: avoid BASE_EXT_STRING without strings

dissect_ospf_lsa_mpls uses gmpls_sonet_signal_type_str_ext to map the
first byte, so do the same for the field definition. The function
actually uses proto_tree_add_uint_format, so this does not make much of
a difference though.

Change-Id: Idba0c1b882ce81512bac221f98464f1322986fa8
Fixes: v1.99.6rc0-12-g4afaad75d5 ("Remove proto_tree_add_text from packet-ospf.c")
Reviewed-on: https://code.wireshark.org/review/29750
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

ieee80211: fix potential crash due to value_string type mismatch

Mixing 32-bit and 64-bit value_strings could lead to a crash.

Change-Id: Iedfae66103046a478ce5198416247d256dc1840e
Fixes: v2.9.0rc0-1769-gad6eb33684 ("WIP:ieee80211.c: Add support for D3.0 of 802.11ax")
Reviewed-on: https://code.wireshark.org/review/29749
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

nfapi: fix potential crash with nfapi.csi.rs.flag due to type mismatch

Pass a "true_false_string" instead of a "value_string".

Change-Id: I371b344fd56925ce242467e37a68ca6e3eb61b93
Fixes: v2.5.0rc0-1331-g1dd0111f5e ("Initial submission of the nfapi dissector")
Reviewed-on: https://code.wireshark.org/review/29748
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: use application error codes for some frames

Since draft -07, the application/transport error code space was split.
RST_STREAM and APPLICATION_CLOSE use application-specific error codes.
Likewise for STOP_SENDING, but the value zero is not special there. See
https://tools.ietf.org/html/draft-ietf-quic-transport-14#section-11.4

Change-Id: I8ed9ce66b248c638921212dc7de03ae1168ca2ae
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29738
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: simplify and fix frame item length in some cases

Some frames (like ACK) did not update the frame type tree size. Fix this
and reduce code duplication. Remove extra empty lines while at it.

Change-Id: If2e8d616af4ea6067c5901b96ad2d4dd7a9fbfdd
Reviewed-on: https://code.wireshark.org/review/29723
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: simplify PADDING frame

Report the correct amount of padding (including the "Frame Type" field)
and remove the explicit padding field.

Change-Id: I4ecfb0daae0bca727400b9db5ac9881d404120cf
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29692
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Try to discourage the use of APIs via counting.

Add the ability to specify maximum function counts for each group to
checkAPIs. Add maximum counts for the "termoutput" and "abort" groups
where needed. Show summaries in various checkAPI targets.

Switch uses of ws_g_warning back to plain g_warning.

Change-Id: I5cbddc8c671729e424eed8551f69116d16491976
Reviewed-on: https://code.wireshark.org/review/29721
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

XRA: Display length information in XRA protocol description. Set correct length of XRA header.

Change-Id: I8bde77dca812f2d4eeb21c8d502799894e93c463
Reviewed-on: https://code.wireshark.org/review/29741
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: Change E-DCH type choosing condition

Change-Id: If6f07db858c92cd82ff2049c631606a00aba13dc
Reviewed-on: https://code.wireshark.org/review/29742
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

quic: put quic_connection_add_cid into ifdef.

It's used by dissect_quic_frame_type only, that is defined within
HAVE_LIBGCRYPT_AEAD.

Change-Id: Ib670930fcc0f8334c99884a0d6c45dbd00777e87
Reviewed-on: https://code.wireshark.org/review/29737
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

NAS-5GS: Add dissection of Parameters content and bug fixes.

Change-Id: Ie7d51a2dba425072407217340f96c70831277cd8
Reviewed-on: https://code.wireshark.org/review/29736
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

quic: mark unused parameter in quic_process_payload.

Change-Id: I60b9d2aee936f2ff0b6d3ef414ce1a5f825b2762
Reviewed-on: https://code.wireshark.org/review/29735
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

GTPv2: Update 8.38 MM Context.

Change-Id: Ie04878b92133c00a668fea74736c694d4e9a87dc
Reviewed-on: https://code.wireshark.org/review/29732
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: recognize short header packets after connection migration

Improve QUIC heuristics to detect Short Header packets that have a DCID
matching with an earlier connection. Tested with "picoquicdemo -f".

Change-Id: I0c28e527ffa29784f8752a695e2d22bdea9797c4
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29728
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: small connection tracking optimization

Track valid CID lengths, this makes it possible to detect whether any
valid QUIC long packet is present in the capture and allows for skipping
some hash-table lookups.

Change-Id: I20db2ca1d40af2a9b34fffe24b4b636f358d5795
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29727
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: use NCI to improve connection tracking

Short packets failed to be decrypted because no connection could be
matched after connection migration. Slightly refactor addition of new
connections (keyed by CID) to prepare for further changes.

Tested with "picoquicdemo -f" (5ecdabd9e31d, draft -14). Requires Decode
As QUIC since heuristics does not detect QUIC short header packets).

Change-Id: I0309f077d7d190c51e8998016ed513f8bac8c301
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29726
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: Add new initial_max_stream_* TP (draft -14)

Split initial_max_stream_data (0) into
* initial_max_stream_data_bidi_local (0),
* initial_max_stream_data_bidi_remote (10),
* initial_max_stream_data_uni (11)

Change-Id: I4ab7785059391f91703c9cdee9fcd111ad7e88a6
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29722
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

make-manuf.py: Add response headers.

Add comments containing the resonse headers for the URLs we fetch.
standards-oui.ieee.org currently returns inconsistent results depending
on which host you happen to resolve.

Change-Id: I4adba7e51628d0350ba8e091523807ec85009700
Reviewed-on: https://code.wireshark.org/review/29729
Reviewed-by: Gerald Combs <gerald@wireshark.org>

update-tx: Fix our file list.

LUPDATE_FILES is a string, not an array.

Change-Id: Ibeef6fd45805f82eeff8c26f7110779603d9d30a
Reviewed-on: https://code.wireshark.org/review/29724
Reviewed-by: Gerald Combs <gerald@wireshark.org>

QUIC: Add frame type on Connection Close (draft -13)

Change-Id: I94fe93236f5ff93ce15d80665ac13294d3a993ba
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29698
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

docsis: minor improvements in displaying MDD TLV 22.4.2

Change-Id: I29d74f5e940c07fb59453391bd26ee1bd9409143
Reviewed-on: https://code.wireshark.org/review/29717
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: Remove old Hello Extension (26)

Remove in draft-13

Ping-Bug: 13881
Change-Id: I572dfded151569ddce3c0c90f8775a3b4a2052ba
Reviewed-on: https://code.wireshark.org/review/29720
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Fix a checkAPIs warning.

Switch a g_warning to ws_g_warning in packet.c.

Change-Id: I3191bc7d66e1de782b45bfaac1173dbd27a346e4
Reviewed-on: https://code.wireshark.org/review/29718
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

TRANSUM: fix crash with current top of tree

ssl filters were renamed to tls.
Also protect against not found fields to avoid a crash in the future.

Change-Id: I181a252557b8261fa134b1331c31096a6205635f
Reviewed-on: https://code.wireshark.org/review/29715
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

docsis: add MDD TLV 21, 22 support

Change-Id: I3ced696fb0e12f1fb46065c35d10c7d0e828f57b
Reviewed-on: https://code.wireshark.org/review/29714
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

PROFINET: AM_Reserved is added on AM_FirmwareOnlyInformation
block

According to specification, AM_FirmwareOnlyInformation is
extended with AM_Reserved.
Dissection of I&M3 was only for read response. Dissection is
also added for write request.

Change-Id: I281efa2324416b0f98d22ee4e50f2c8f711e2913
Reviewed-on: https://code.wireshark.org/review/29693
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

tshark memory leak: g_free(cf_name) moved under 'clean_exit' label

Change-Id: Ie29af2e2ff2eac2e3a97323175391070c7bceb73
Reviewed-on: https://code.wireshark.org/review/29710
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Make the maximum block size big enough for max-size D-Bus packets.

Change-Id: I352db07084294629160f16f6cf1e07f902a2844f
Reviewed-on: https://code.wireshark.org/review/29711
Reviewed-by: Guy Harris <guy@alum.mit.edu>

QUIC: drop support for draft -12

The CONNECTION_CLOSE frame changes in draft -13. Instead of adding
compatibility for draft -12, let's drop it and focus on draft -14.

Change-Id: I535666741bb7ea4b31f5aa259edd341fc641d9c3
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29705
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

make-manuf.py: Add back our user agent.

Change-Id: I39c54fa38c791f3244075b03a0045babc4f249ec
Reviewed-on: https://code.wireshark.org/review/29706
Reviewed-by: Gerald Combs <gerald@wireshark.org>

QUIC: fix decryption failure with larger PKN (draft -13)

The packet number prefix was missing.

Change-Id: Ia82e7d2131a364c8448084c77f638495da748213
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29704
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot

QUIC: Remove error code UNSOLICITED_PATH_RESPONSE (draft -14)

Change-Id: I887cce2069c16fc8d1b560f43c053780d32a5852
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29703
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Change value ACK_ECN (draft -14)

with draft-14, it is now 0x1a (following order) and not 0x20

Change-Id: I0fe992d1525494e3499a85052621b995164d837a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29702
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: implement new Retry Packet (draft -14)

Packet Length and dummy PKN were removed, ODCIL got changed.
https://tools.ietf.org/html/draft-ietf-quic-transport-14#section-4.4
Tested with ngtcp2-14.pcap from the linked bug.

Change-Id: I004643634ea94e538c08d077fcb2f397c83bfcd1
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29689
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Initial support of draft -14

Update quic_version_vals value string
and update spec URL (and invariants spec)

Change-Id: I89067a53bbab9fbbc79b8da625a74c96d8ec2605
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29701
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Update Error codes (draft -13)

FRAME_FORMAT_ERROR -> FRAME_ENCODING_ERROR (0x7)
New INVALID_MIGRATION (0xC)

Always no yet supported CRYPTO_ERROR (ex FRAME_ERROR)

Change-Id: I99b2c726184fb16da2f690e3971f124b166b10ea
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29700
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Add new Frame type (draft-13)

Add New Token (0x19) and ACK ECN (0x20)

Change-Id: I8e54f3190194da87f671a4341929b0286f084dd9
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29699
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: CRYPT => CRYPTO

Change-Id: I3d8f2390b297e344db5fa1597c451314f8fd3943
Ping-Bug:13881
Reviewed-on: https://code.wireshark.org/review/29697
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: fix Initial decryption with Token field (draft -13)

With the addition of the Token field, the authenticated header could
grow larger than the previous limit and trigger an assertion failure.

Change-Id: I28a89b348492e211a544e01d9b829c0101fc8468
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: fix connection tracking/decryption after Retry (draft -13)

Since draft -13, the Initial Packet following a Retry Packet no longer
continues the handshake, but is instead treated as a new "first Initial
Packet" which results in a new cryptographic state. See
https://tools.ietf.org/html/draft-ietf-quic-transport-13#section-4.4.1

Tested with ngtcp2-14.pcap (draft -14).

Change-Id: I534d7d77717bc08ba615e5dea936e623deb63e00
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29691
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: implement new Retry Packet (draft -13)

The Retry Packet is not encrypted at all since draft -13 so instead of
complicating dissect_quic_long_header, let's create a separate routine
that also prepares for draft -14 support. No pcap available, spec link:
https://tools.ietf.org/html/draft-ietf-quic-transport-13#section-4.4.2

Change-Id: I32f03d723213b857a6140d0f1348baf51df4385e
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29687
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

NAS5GS: Bugfixes and small enhancements.

Change-Id: I953c734f448548cdab4ab7af7736a02074393dc9
Reviewed-on: https://code.wireshark.org/review/29688
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: implement decryption using new traffic secrets (draft -13)

QUIC draft -12 and before used the TLS Exporter to derive the protected
payload secrets. Starting with draft -13, the handshake and 1-RTT
protected payloads use keys derived during the TLS 1.3 handshake (but
with the "quic " label for HKDF-Expand-Label instead of "tls13 ").

That unfortunately means that previous CLIENT_HANDSHAKE_TRAFFIC_SECRET,
SERVER_TRAFFIC_SECRET_0, etc. are unusable. As a quick workaround,
extend the key log format with new labels similar to the old one (but
with "QUIC_" prepended to it).

To match draft -13, rename the original "handshake cipher/secret" to
"initial cipher/secret" and add a new "handshake cipher".

Potential limitation: if the client/server addresses/ports change since
the Initial Packet, then a new TLS session is created in the TLS
dissector. Attempting to retrieve secrets after the change will fail
since the Client Random is empty and the secret cannot be linked.

Another more common limitation: (Certificate) handshake messages that
span multiple CRYPTO frames are not correctly recognized.

Change-Id: I2932c3cc851fae51e8becf859db53ccc5f4beeda
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29677
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

packet-rsl: Fix dissection of "CB Command Type" IE

The "CB Command Type" IE is described in 3GPP TS 48.058 Section 9.3.41,
and consists of three fields. Prior to this patch, the dissector would
decode none of them and instead produce a non-applicable "channel type"
dissection.

Change-Id: Ibb97432871df1276524fe96512ac1b67d5c5d3f0
Reviewed-on: https://code.wireshark.org/review/29683
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: Remove #if 0'd code

Change-Id: I26802540239fbb94112e60bea4b10b2ca237d7f4
Reviewed-on: https://code.wireshark.org/review/29685
Reviewed-by: Anders Broman <a.broman58@gmail.com>

FP: Remove #if 0'd code

Change-Id: I422cc21bec0b9b12747dfc0d370ec4cf479a6e25
Reviewed-on: https://code.wireshark.org/review/29682
Reviewed-by: Anders Broman <a.broman58@gmail.com>

FP: HS-DSCH - Use RLC mode from NBAP

If found in NBAP, use the RLC Mode indicated and spare guessing by the MAC-d Flow ID.

Change-Id: Ie46922d53863667db630957a771092bc5ad00912
Reviewed-on: https://code.wireshark.org/review/29686
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: refactor packet protection cipher initialization

The old key update mechanism was never tested and was probably broken
(using "pp_state->cipher[1 - key_phase]" does not seem correct). To
prepare for the handshake cipher (draft -13), refactor it a bit and
remove the PKN parameter.

Change-Id: I481cc00e2e1d44024a709f8b4115ffe5924988e7
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29676
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: use single field for all long header payloads

Until draft -12 all payloads were the same. To prepare for draft -13
where different ciphers are used, combine them for now to make
refactoring easier.

Change-Id: I2df57ea48b8f5fda4b1d96f0fa35d64a32ccebf8
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29675
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: wire up CRYPTO frames with TLS 1.3 Handshake (draft -13)

This recognizes the Client/Server Hello message in the Initial Packets.
Full (handshake) decryption remains a task for later.
Prevent STREAM 0 from being treated as TLS while at it.

Change-Id: I27193a15be777c568b6b009141cbc59bcf3e8ad6
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29646
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Add TP disable migration from draft-13

add new Transport Parameter disable_migration(9) from draft-13

Ping-Bug: 13881
Change-Id: Ie80cc16c8548264875311f4a66e43bd7bfcb883e
Reviewed-on: https://code.wireshark.org/review/29674
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Fix typo and align code

Ping-Bug: 13881
Change-Id: I2377f4e1d193c8a2948f6cfebb029a1c80d370b3
Reviewed-on: https://code.wireshark.org/review/29672
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Update TP to draft-12

Add new TP preferred_address and also update comment

Ping-Bug: 13881
Change-Id: I94d015769165933ef76123a338982b3a4238fb59
Reviewed-on: https://code.wireshark.org/review/29671
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Update assigned Transport Parameters (draft-13)

There is a conflict with some other extensions (compressed_certificate...)

with draft-13, QUIC use 0xffa5 (65445) for Transport Parameters extensions

Ping-Bug: 13881
Change-Id: Iaeeb21dd68038fbb8865d91c89f3216bd4a97af5
Reviewed-on: https://code.wireshark.org/review/29673
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

QUIC: Remove OMIT_CONNECTION_ID Transport Parameter

Remove in draft -11

Ping-Bug: 13881
Change-Id: I27275167f006e30afe9f2a5eff43692fa3be4315
Reviewed-on: https://code.wireshark.org/review/29670
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

gsm-gsup: correct value OSMO_GSUP_CANCEL_TYPE_*

The value has to be reduced by one as the comment already describes.

Change-Id: Ib33465e0450f05779856f23800fc3bb1703cbff6
Reviewed-on: https://code.wireshark.org/review/29678
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

[Automatic update for 2018-09-16]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I0dd227496fdf196a63f29e57aac716c41a70dd48
Reviewed-on: https://code.wireshark.org/review/29679
Reviewed-by: Gerald Combs <gerald@wireshark.org>

FP: Fix trying to resolve out-of-range LCHID

LCHID value of 15 indicates 'BCCH or PCCH' over
HSDSCH and hence the MAC Content shouldn't
be resolve by the ID.
Also, make separate 'c/t' and 'lchid' concepts
in the dch conversation info parsing.

Bug: 14889
Change-Id: I7a3a8556108caf60c527e4cb5241dfad4ea9a331
Reviewed-on: https://code.wireshark.org/review/29657
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssl,ssl-utils: remove PCT support

This protocol was superseded by SSLv3 and has been disabled in MS
products long time ago.

Change-Id: If29bcfad394ba55c7d6605626762c29055a02ae9
Reviewed-on: https://code.wireshark.org/review/29667
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

lwm2mtlv: Show resource name in a generated item

Change-Id: I9892755f8a97e535ba893ec7987df3a0bf39870a
Reviewed-on: https://code.wireshark.org/review/29663
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

rdp: fix Unused href entry: epan/dissectors/packet-rdp.c: hf_rdp_unused

Change-Id: I49e8a503daa28b90d4a6adcb28d789383b641116
Reviewed-on: https://code.wireshark.org/review/29666
Reviewed-by: Sergey Avseyev <sergey.avseyev@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

couchbase: fix Unused href entry: epan/dissectors/packet-couchbase.c: hf_flex_frame

Change-Id: I3d0422f0e433ec9f3056b327b5e3da5e0510437d
Reviewed-on: https://code.wireshark.org/review/29665
Reviewed-by: Sergey Avseyev <sergey.avseyev@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: remove draft -11 support

Draft -11 was more or less complete, but complicates PKN handling. Drop
it and update references to draft -13 (not the latest (-14) as we are
trying to get -12 and -13 ready before moving on).

Drop the "Short Packet Type" field and add a new field for three
reserved bits. The Third, Fourth and Google QUIC Demultiplexing bits are
not shown now for simplicity reasons.

Change-Id: Ibf4e281a54488aab14f5c9ca48ecc532e9701b12
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29668
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

packet.h: fix wrong parameter doc for register_dissector_table_alias

Change-Id: I27512d19264309472be61ebc4ca2db40d2f79d32
Fixes: v2.9.0rc0-1828-g5dbc202063 ("Add support for aliases to dissector tables.")
Reviewed-on: https://code.wireshark.org/review/29669
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Add support for aliases to dissector tables.

Add register_dissector_table_alias, similar proto_register_alias. Add
aliases for ssl.port, and ssl.handshake.extensions_alpn_str, and
dtls.handshake.extensions_alpn_str.

Change-Id: I87c3215e2872883ed0f581557e08c84f2dba12a0
Reviewed-on: https://code.wireshark.org/review/29652
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Aeron: Update disector on the latest aeron protocol specification

1, update frame fields and offset
2, shift heartbeat frame from data frame which is a special data frame
3, support rtt frame supported by aeron in java
4, revise data/pad frame length alignment to 32 bytes but not 8 bytes
5, remove frame length alignment from setup,nak,err,and rtt frame
6, fix rtt frame length
Bug: 15111
Change-Id: Ic627a9773850fa6bceacd313ddeba521487815e2
Reviewed-on: https://code.wireshark.org/review/29407
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Debian: Add missing symbols.

Change-Id: I8c1b91d56466c15e797c5404b49dc7de57b8a2f5
Reviewed-on: https://code.wireshark.org/review/29664
Reviewed-by: Gerald Combs <gerald@wireshark.org>

QUIC: recognize CRYPTO frame (draft -13)

Avoids malformed packet warnings. Actual TLS handshake/alert protocol
support will be done later.

Change-Id: I87e783ab12a10afad7c0372a0b3a900a5e37f6e1
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29642
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

make-manuf.py: Improve truncation.

If the PyICU module is available, use it to truncate manufacturer
names by grapheme clusters.

Change-Id: Ib7dcbb126809df496a534f44a47871a1b28dc539
Reviewed-on: https://code.wireshark.org/review/29660
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Test: Fix a copy+paste error.

Change-Id: Id040b05af022752672f2d56d4796f0c71352e7b1
Reviewed-on: https://code.wireshark.org/review/29658
Reviewed-by: Gerald Combs <gerald@wireshark.org>

evs: Start dissecting a bit of speech data.

Change-Id: I30ad1c083c2e3ed920245f0421b280b5b9b16336
Reviewed-on: https://code.wireshark.org/review/29656
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: split per-packet state to fix packet coalescing

Packet coalescing requires separate state for every QUIC packet. Split
the state as each UDP datagram can contain multiple QUIC packets.

Most datagrams will have only one packet, so to avoid multiple
allocations, just embed the first packet into the datagram info and use
a linked list for simplicity.

Change-Id: Ib921e68a7312c6eccb5601b8951ff64cc9ea49cd
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29647
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

opcua: prevent opcua dissector crash by limiting nesting depth

The OPC UA types DiagnosticInfo, Variant and ExtensionObject can be
nested, which can lead to stack overflows when parsing specially
crafted packets. This is fixed by storing the current nesting depth
as expert info.
The corresponding CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12086
The corresponding security bulletin of the OPC Foundation is https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf

Change-Id: I5f6da3a3e269f6db1b690b77470ddf60045bcedd
Reviewed-on: https://code.wireshark.org/review/29645
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Start renaming SSL to TLS.

Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.

Fix the test_tls_master_secret test while we're here.

Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

QUIC: fix Initial dissection (draft -13)

Recognize the Token field in the Initial Packet. Accept Initial Packet
from server and adjust connection tracking logic to take this into
account.

Tested with ngtcp2-13.pcap, now the Initial packets can be decrypted
(even if the containing frames are not correctly handled).

Change-Id: I5937fb85172a2f93d1b4a4ed7667474ec04f95fc
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29641
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: use HKDF-Expand-Label (draft -13)

Prepare for draft -13 support. A comment references draft -14 since the
draft -13 text is wrong (it lacks the context argument).

Change-Id: I3f2c59d2640693959372ebe0de3b58f67b5588b9
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29640
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: implement draft -12 decryption (PNE and PP)

Packet number encryption (draft -12 + PR 1389) is implemented. The
payload protection has been updated to use the decrypted PKN as well.

Caveats: since the packet number is initially unavailable, the previous
approach on detecting legitimate key updates no longer works. This
change breaks Key Update support which needs to be revisited later. Due
to how PKN lengths and decrypted results are stored (one per datagram),
packet coalesing is also not fully supported.

Bug: 13881
Change-Id: I13c63578cec7f7f74a404b1a7a8fc85026a14252
Reviewed-on: https://code.wireshark.org/review/29637
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Prefs: Add a check for aliased protocol preferences.

Add a check to set_pref for aliased protocols alongside the checks for
protocols we've renamed in the past.

Change-Id: I62ad2ddb17d66bd7385635bfa6ca1dd58fad6ad5
Reviewed-on: https://code.wireshark.org/review/29651
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

DHCP: Fixup whitespace.

Change-Id: Iaf56751dff81ff9f5c59e1e99ca93aafb38a934d
Reviewed-on: https://code.wireshark.org/review/29650
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ieee80211: parse the 9th byte of the Extended Capability as a byte

Some of the bits were parsed as a bit of a WORD, and others as
a bit of BYTE leading to a bug in the display.

Bug: 15133
Change-Id: Ie6877c4a4a79fcc802afec49436370cf22a6bfae
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Reviewed-on: https://code.wireshark.org/review/29633
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

evs: Put CMR "rate" in Info column.

Change-Id: I99447ac80751dea53849bd0575804dc7e74a27c5
Reviewed-on: https://code.wireshark.org/review/29638
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gtp: move column append outside IF brackets

Column appended never happen on IPv4/IPv6 since latest refactor

Change-Id: Icc85cfa8136386a440b226959f9df4a980a2658e
Reviewed-on: https://code.wireshark.org/review/29644
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

MTP2 bitstream dissector - dissect MTP2 packets from RTP stream

Change-Id: I704c68caa8cd8aa60c6417e6ee038db5f6507686
Reviewed-on: https://code.wireshark.org/review/29506
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

tvbtest: Remove an unused function.

It looks like "skip" hasn't been required since 2011.

Change-Id: Idaf53943519fa76e362aaecc6999f9971a359348
Reviewed-on: https://code.wireshark.org/review/29643
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ospf: fix conlict

'ospf.mpls.pri' exists multiple times with NOT compatible types: FT_FLOAT and FT_UINT8

Change-Id: Iea0b662d0a9ff4a7ea7363ef4ef049d11d5a5dca
Reviewed-on: https://code.wireshark.org/review/29608
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

AT: Add CSUPI command

Change-Id: I501bd0e00a20b39e4c53bdd7e5e2b9b3c5234469
Reviewed-on: https://code.wireshark.org/review/29635
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: create QUIC-specific cipher context

This makes it easier to track the packet number cipher.

Change-Id: I220935e91c324e0a641306c590f55af4992ee2e1
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29636
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

AT: Fix rejection values

Dissect functions for CNUM/VTS were returning TRUE for all wrong role/type combinations instead of FALSE ( = Rejecting the parameter )

Change-Id: I1aae5b76db83cef6b59f5244c05a67b2110f8969
Reviewed-on: https://code.wireshark.org/review/29634
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Revert "Some older compilers don't allow diagnostic pragmas inside a function."

This reverts commit f94cfa0cdc37955a5c68687af01bf4ad35ce27bd.

Reason for revert: we don't use those diagnostic pragmas with those
older compilers.

Change-Id: I5154527dcc3813fb893c382059cb33538f2d29f7
Reviewed-on: https://code.wireshark.org/review/29639
Reviewed-by: Guy Harris <guy@alum.mit.edu>

nas_5gs: can't decode 5GS NAS PDU when there are multiple NSSAIs.

Use dummy length in proto_tree_add_subtree_format(),
proto_item_set_len() will set the correct length later.
Bug: 15120
Change-Id: I7a56f3d1541b75eb53bc03750b6402a8b78a8251
Reviewed-on: https://code.wireshark.org/review/29465
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>