metze/wireshark/wip.git
13 months agoWireGuard: implement responder handshake decryption
Peter Wu [Thu, 26 Jul 2018 17:10:31 +0000 (19:10 +0200)]
WireGuard: implement responder handshake decryption

Transport data decryption will follow later.

Bug: 15011
Change-Id: Ib755e43ff54601405b21aeb0045b15d158bc283b
Reviewed-on: https://code.wireshark.org/review/28991
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoWireGuard: add keylog for initiation decryption with ephemeral keys
Peter Wu [Thu, 26 Jul 2018 11:54:43 +0000 (13:54 +0200)]
WireGuard: add keylog for initiation decryption with ephemeral keys

As UATs are currently unable to receive keys dynamically without manual
user interaction followed by rescanning of the pcap, add a mechanism
like ssl.keylog_file. Such keys can be extracted using the tools from
contrib/examples/extract-handshakes/ in the WireGuard source tree.

Now decryption of Initiation messages is also possible when keys
(Epriv_i) are captured from the initiator side.

Bug: 15011
Change-Id: If998bf26e818487187cc618d2eb6d4d8f5b2cc0a
Reviewed-on: https://code.wireshark.org/review/28990
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoWireGuard: implement initiation message decryption with static keys
Peter Wu [Tue, 24 Jul 2018 21:50:51 +0000 (23:50 +0200)]
WireGuard: implement initiation message decryption with static keys

Enable decryption of the static and timestamp fields when the private
static key of the responder is known. Decryption of the initiation and
response messages using private ephemeral keys will be done later.

Bug: 15011
Change-Id: Ifc9729059694700333b6677374ab467c8cb64263
Reviewed-on: https://code.wireshark.org/review/28989
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoWireGuard: implement peer identification based on MAC1
Peter Wu [Fri, 22 Jun 2018 17:36:11 +0000 (19:36 +0200)]
WireGuard: implement peer identification based on MAC1

Using long-term static public keys, it is possible to identify the
recipient of a handshake message. Add a new UAT where such keys can be
configured. Allow private keys to be configured as well since this
enables decryption of the Initiation handshake message.

Bug: 15011
Change-Id: I0d4df046824eac6c333e0df75f69f73d10ed8e5e
Reviewed-on: https://code.wireshark.org/review/28988
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agowsutil: Add Curve25519 ECDH (X25519) using Gcrypt
Peter Wu [Mon, 30 Jul 2018 16:18:40 +0000 (18:18 +0200)]
wsutil: Add Curve25519 ECDH (X25519) using Gcrypt

The WireGuard dissector will need X25519 to enable decryption, add a
Gcrypt implementation that implements the NaCl/Sodium interface.

While inspired by the MPI example in t-cv25519.c, note subtle but
important correctness/interoperability fixes: add a check for infinity
(gcry_mpi_ec_get_affine) and handle short values from gcry_mpi_print.
The last issue is ugly, perhaps the high level API (gcry_pk_decrypt)
should be used instead (which < 2% slower than this MPI implementation).
(Both issues were found through fuzzing.)

As for alternative options, Sodium is superior but would be a new
dependency. For some older performance and usability notes (comparing
crypto_scalarmult_curve25519_base (note "_base") against others), see
https://lists.gnupg.org/pipermail/gcrypt-devel/2018-July/004532.html

Performance comparison on Ubuntu 18.04 (i7-3770) between Sodium 1.0.16
against Gcrypt 1.8.3 and Gcrypt 86e5e06a (git master, future 1.9.x) by
computing 65536 times X25519(1, 8) via crypto_scalarmult_curve25519:

    Sodium (sandy2x):   1.4x faster than ref10
    Sodium (ref10):     1 (baseline)
    Gcrypt (git):       5x slower than ref10, 7x slower than sandy2x
    Gcrypt (1.8.3):     17x ref10, 24x sandy2x (took 65 seconds)

Change-Id: Ia54e73cc3cc469a6697554729aff4edd19f55630
Ping-Bug: 15011
Reviewed-on: https://code.wireshark.org/review/28987
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoWireGuard: add session tracking
Peter Wu [Fri, 8 Jun 2018 15:50:39 +0000 (17:50 +0200)]
WireGuard: add session tracking

Link messages based on the receiver/sender IDs as found in the handshake
and based on the most recently seen source IP address and port number.

Tested with "8-trace.pcap". Roaming should work but is untested.

Bug: 15011
Change-Id: I017faaae09fc8b16548c4e8b062e143960fda928
Reviewed-on: https://code.wireshark.org/review/28986
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAdd WireGuard dissector
Peter Wu [Wed, 6 Jun 2018 20:31:02 +0000 (22:31 +0200)]
Add WireGuard dissector

Initial dissection support for the WireGuard Protocol.
Decryption support will follow later.

Bug: 15011
Change-Id: Iaf7d901501e02299714c3f0e7daa56a8437d01de
Reviewed-on: https://code.wireshark.org/review/28985
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoWLAN: State type of key when reporting format error
Jaap Keuter [Mon, 6 Aug 2018 14:52:34 +0000 (16:52 +0200)]
WLAN: State type of key when reporting format error

Change-Id: I2ff1d0567b9e63ccef0c4dc92691ebb124d6a042
Reviewed-on: https://code.wireshark.org/review/28995
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agonas5gs: Bugfixes and enhancements.
AndersBroman [Tue, 7 Aug 2018 20:12:14 +0000 (22:12 +0200)]
nas5gs: Bugfixes and enhancements.

Change-Id: I34252f8f7ab59e1693174aa1a4c040668dcb388c
Reviewed-on: https://code.wireshark.org/review/29007
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAT: Allow more CMEE command types
Darien Spencer [Mon, 6 Aug 2018 16:41:19 +0000 (19:41 +0300)]
AT: Allow more CMEE command types

Code was only allowing actions, while 'test', 'read' ,'action simply' and 'response'
are also possible

Change-Id: Iee84dd77912debe96a06f0b7d6b3e1f15527ce3b
Reviewed-on: https://code.wireshark.org/review/28997
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months agosyslog: dissect more fields.
Dario Lombardo [Mon, 6 Aug 2018 08:33:18 +0000 (10:33 +0200)]
syslog: dissect more fields.

Change-Id: I278bd7643c1f801fdfd9be8e7befdd7938be33a6
Reviewed-on: https://code.wireshark.org/review/28983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
13 months agoNAS 5GS: Registration Request msg IE fixes
Swapnil Roy [Mon, 6 Aug 2018 17:47:55 +0000 (23:17 +0530)]
NAS 5GS: Registration Request msg IE fixes

Change-Id: Ie73b09f7f93a58a3b4953b0f1dde1d102c5c4b60
Reviewed-on: https://code.wireshark.org/review/28998
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAnother dictionary fix.
Guy Harris [Mon, 6 Aug 2018 19:03:56 +0000 (12:03 -0700)]
Another dictionary fix.

RFC 5447 says MIP6-Feature-Vector is a 64-bit integer, not an octet
string.

Change-Id: I676cb4de09424259a9020680d11b92b783100482
Reviewed-on: https://code.wireshark.org/review/28999
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agonas5gs: Dissect Service area list.
Anders [Mon, 6 Aug 2018 11:52:44 +0000 (13:52 +0200)]
nas5gs: Dissect Service area list.

Change-Id: If4929af65d01f404ce81d5decfba8d7bb880dcdf
Reviewed-on: https://code.wireshark.org/review/28994
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agopfcp: added conversation
Joakim Karlsson [Sun, 5 Aug 2018 17:37:11 +0000 (19:37 +0200)]
pfcp: added conversation

This change will append "Response in/to" for the messages match
in a conversation, matching sequence number

Response time was also added

Change-Id: Icca12873d7a61b8c83c132af461adeced5e7ce0e
Reviewed-on: https://code.wireshark.org/review/28979
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agotvbuff: add assertion to tvb_skip_wsp_return().
Dario Lombardo [Mon, 6 Aug 2018 08:34:53 +0000 (10:34 +0200)]
tvbuff: add assertion to tvb_skip_wsp_return().

Minor indentation fixes.

Change-Id: I0b22b1b247efc4f1db535eb1f7cb7e99c3637ba0
Reviewed-on: https://code.wireshark.org/review/28981
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months agoNAS 5GS: IE fixes as per spec v2.0.0
Swapnil Roy [Sat, 4 Aug 2018 15:24:30 +0000 (20:54 +0530)]
NAS 5GS: IE fixes as per spec v2.0.0

Change-Id: I202a26d99a4522a9e6488c5358ba7270bec19279
Reviewed-on: https://code.wireshark.org/review/28958
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoBluetooth: ATT: Implement 0x2A1F-0x2A59 remaining characteristics
Michał Łabędzki [Sun, 8 Apr 2018 08:01:25 +0000 (10:01 +0200)]
Bluetooth: ATT: Implement 0x2A1F-0x2A59 remaining characteristics

- 0x2A1F  Temperature Celsius
- 0x2A20  Temperature Fahrenheit
- 0x2A2F  Position 2D
- 0x2A30  Position 3D
- 0x2A3A  Removable
- 0x2A3B  Service Required
- 0x2A3C  Scientific Temperature Celsius
- 0x2A3D  String
- 0x2A3E  Network Availability
- 0x2A57  Digital Output
- 0x2A59  Analog Output

Change-Id: I0c5bc4ba368c26edd600730ed62990abc9f4f1f9
Reviewed-on: https://code.wireshark.org/review/28956
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months agoeditcap: Add ability to skip radiotap header.
Alexis Green [Tue, 24 Jul 2018 18:43:31 +0000 (11:43 -0700)]
editcap: Add ability to skip radiotap header.

This is useful when processing packets that were captured by multiple radios on the same channel.

Change-Id: I9dacc35294a4ed4e817014e563e7c9a54ee05e40
Reviewed-on: https://code.wireshark.org/review/28843
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAT: Fix check for numeric CME errors
Darien Spencer [Sun, 5 Aug 2018 16:26:37 +0000 (19:26 +0300)]
AT: Fix check for numeric CME errors

Allow whitespaces in numeric error codes.

Change-Id: Id9baa2b8d90519f83ecba10f9cc479e15a932e3d
Reviewed-on: https://code.wireshark.org/review/28976
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoFix typo ACC → AAC
ValdikSS [Sun, 5 Aug 2018 10:58:47 +0000 (13:58 +0300)]
Fix typo ACC → AAC

Change-Id: I1e869efc62e042cbebea2aac2759bb9bf4215b17
Reviewed-on: https://code.wireshark.org/review/28974
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
13 months agoAT: Add CIMI command
Darien Spencer [Fri, 3 Aug 2018 08:56:33 +0000 (11:56 +0300)]
AT: Add CIMI command

Change-Id: I7a03add8b48d0f360fbe5434fef866461804c2f3
Reviewed-on: https://code.wireshark.org/review/28940
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months ago[Automatic update for 2018-08-05]
Gerald Combs [Sun, 5 Aug 2018 08:17:11 +0000 (08:17 +0000)]
[Automatic update for 2018-08-05]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Ida5bdebe06ea1dd9dcb9cc2f29601c81c8cf27bd
Reviewed-on: https://code.wireshark.org/review/28968
Reviewed-by: Gerald Combs <gerald@wireshark.org>
13 months agosctp: Improve exporting PDUs
Vasil Velichkov [Thu, 2 Aug 2018 19:30:44 +0000 (22:30 +0300)]
sctp: Improve exporting PDUs

Export the PDUs in the following cases:

- When sctp.ulp_dissection is FALSE
  Not having to dissect the upper layers greatly improve exporting speed.
  Previously no PDUs were exported becuase without dissection the upper
  layer name was not available. Now in this case the exported_pdu.tag is
  set to sctp.ppi or sctp.port table and the corresponding ppi or port
  is also set in the exported_pdu.this_table_val.
- When the upper layer can't be dissected but at least one of the
  payload_proto_id, destport or srcport is not 0

Refactor and move the common parts in a dedicated functions.

Change-Id: Ie5073a5c7603e11c4a5703118fd81ac25bd924e9
Reviewed-on: https://code.wireshark.org/review/28933
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoprint.c: Print FT_CHAR fields as FT_UINT8
Vasil Velichkov [Tue, 31 Jul 2018 17:11:24 +0000 (20:11 +0300)]
print.c: Print FT_CHAR fields as FT_UINT8

This fixes the following asserts

 #2  0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e11f90 "/home/vasko/sources/wireshark/epan/print.c", line=598, func=0x7ffff4e12e20 <__func__.18585> "proto_tree_write_node_pdml",
     message=0x555555aaab70 "code should not be reached") at gtestutils.c:2532
 #3  0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555

 #2  0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e11f90 "/home/vasko/sources/wireshark/epan/print.c", line=983,
     func=0x7ffff4e12e40 <__func__.18697> "write_json_proto_node_hex_dump", message=0x555555aac9d0 "code should not be reached") at gtestutils.c:2532
 #3  0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
 #4  0x00007ffff39a8f87 in write_json_proto_node_hex_dump (node=0x7fffdc86e550, data=0x7fffffffce60) at /home/vasko/sources/wireshark/epan/print.c:983

 #2  0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e12010 "/home/vasko/sources/wireshark/epan/print.c", line=1299,
     func=0x7ffff4e12ef0 <__func__.18804> "ek_write_hex", message=0x555555aac290 "code should not be reached") at gtestutils.c:2532
 #3  0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
 #4  0x00007ffff39a9a32 in ek_write_hex (fi=0x7fffdc86e4e0, pdata=0x7fffffffce90) at /home/vasko/sources/wireshark/epan/print.c:1299

Change-Id: I48a7e87863fb6708cd668582a240e5ba71d1b5a0
Reviewed-on: https://code.wireshark.org/review/28891
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agotshark: perform NPF driver check for capture only
Peter Wu [Sat, 4 Aug 2018 22:34:05 +0000 (00:34 +0200)]
tshark: perform NPF driver check for capture only

In CI environments with no capture driver, the test_tshark_dump_glossary
test could fail because "tshark -G decodes" contains an error message.

Postpone the check until the moment where a capture is actually started.
It also no longer shows with tshark -L, -D, --version, etc.

Change-Id: I6674c6fe007c99576c777a025cd44b3f2e594b59
Reviewed-on: https://code.wireshark.org/review/28966
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAT: fix check for non-numeric CME errors
Peter Wu [Sat, 4 Aug 2018 22:46:33 +0000 (00:46 +0200)]
AT: fix check for non-numeric CME errors

Fix the digit check, testing a pointer as character is an error.

Change-Id: I1ce2898dd1cca0b61bb2da342c81bc648fdb1cf2
Fixes: v2.9.0rc0-1356-g51c6fde9c7 ("AT: Distinguish between numeric and textual CME errors")
Reviewed-on: https://code.wireshark.org/review/28962
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAT: Add CSIM command
Darien Spencer [Sat, 4 Aug 2018 14:24:30 +0000 (17:24 +0300)]
AT: Add CSIM command

Parse both commands and responses, including a call to GSM SIM dissector

Change-Id: I39624a1a088066aae6eb1e6fd61d4f73821b2345
Reviewed-on: https://code.wireshark.org/review/28959
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months ago[packet-selfm.c] - Fix handling of Response Code in Fast Message ACK Messages
Chris Bontje [Fri, 3 Aug 2018 17:49:54 +0000 (11:49 -0600)]
[packet-selfm.c] - Fix handling of Response Code in Fast Message ACK Messages

Change-Id: Ideee81186e65c929b2104b63033ee2ac9c76b161
Reviewed-on: https://code.wireshark.org/review/28944
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoASTERIX: Fix cat068/135 altitude value
Jaap Keuter [Sat, 4 Aug 2018 19:21:45 +0000 (21:21 +0200)]
ASTERIX: Fix cat068/135 altitude value

The altitude value presented is the value converted into feet.
Instead, as the label suggests, the value should be presented
as a flight level. Change the conversion as such.

Bug: 15030
Change-Id: I131f6b586c6b1f59090f93862ea13b117403c502
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/28961
Reviewed-by: Marko Hrastovec <marko.hrastovec@gmail.com>
Tested-by: Petri Dish Buildbot
13 months agoWindows: Upgrade Libgcrypt to 1.8.3
Peter Wu [Fri, 3 Aug 2018 16:49:57 +0000 (18:49 +0200)]
Windows: Upgrade Libgcrypt to 1.8.3

Re-enables AES-NI support and provides XTS mode and Blake2 hash support.
Based on Debian Buster packages with stripped binaries,
libgcrypt-mingw-w64-dev 1.8.3-1 and libgpg-error-mingw-w64-dev 1.32-1

Change-Id: Iace616926d3c8c22c92e60bdbd6346826f91db59
Reviewed-on: https://code.wireshark.org/review/28943
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months agowin-setup.ps1: make downloads faster by reusing proxy information
Peter Wu [Sat, 4 Aug 2018 09:32:32 +0000 (11:32 +0200)]
win-setup.ps1: make downloads faster by reusing proxy information

The initial proxy bypass check can take a lot of time (14 seconds).
Cache the instance to make subsequent downloads faster.

Change-Id: I3ccb99d245e0127f03d9b022d10f9ce4a89018d2
Fixes: v1.99.6rc0-344-ge3785f7aff ("win-setup.ps1 Make setup script aware of proxies")
Reviewed-on: https://code.wireshark.org/review/28953
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAT: Fix CME Error description
Darien Spencer [Sat, 4 Aug 2018 14:27:19 +0000 (17:27 +0300)]
AT: Fix CME Error description

Leftover description form the BT-HFP dissector was classifying the DTE as an
Audio Gateway, which isn't always the case.

Change-Id: If6f916026bce00dc8783d95f48e449ffa9951d37
Reviewed-on: https://code.wireshark.org/review/28960
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months ago[GSM A RR]: fix: properly dissect APDU Flags for Application Info
Vadim Yanitskiy [Sat, 4 Aug 2018 00:01:05 +0000 (07:01 +0700)]
[GSM A RR]: fix: properly dissect APDU Flags for Application Info

According to 3GPP TS 04.08, section 10.5.2.49, the APDU Flags field
is coded together with APDU ID, and occupies bits 1-3 (mask 0x70):

0 1 2 3
S T F L
. . . *  Last Segment
. . * .  First Segment
. * . .  C/R, if L=0 only, otherwise spare and set to 0
* . . .  Spare (0)

Instead of parsing all bits together as a set of integer values,
let's parse each flag individually. Moreover, the previous
definition was missing some possible bit combinations, so
this change also fixes that problem.

Change-Id: Id71fae9ef06572c1ad17aafe0be3dfb66e081b7d
Reviewed-on: https://code.wireshark.org/review/28948
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
13 months agoAT: Allow test command for AT+CGMM
Darien Spencer [Sat, 4 Aug 2018 08:21:23 +0000 (11:21 +0300)]
AT: Allow test command for AT+CGMM

Change-Id: Ifbd6cb4dcfc4dee9b174eca60aaaac9de8968303
Reviewed-on: https://code.wireshark.org/review/28950
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAT: Distinguish between numeric and textual CME errors
Darien Spencer [Sat, 4 Aug 2018 09:27:29 +0000 (12:27 +0300)]
AT: Distinguish between numeric and textual CME errors

Change-Id: Ibf57da87f0ecd3a25461b333883ae8f84b3b4e31
Reviewed-on: https://code.wireshark.org/review/28951
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agosharkd: Return frame's color-filter colors
Michał Łabędzki [Sat, 16 Jun 2018 16:22:00 +0000 (18:22 +0200)]
sharkd: Return frame's color-filter colors

Return color-filter bg/fg colors for single frame if requested.
Also return marked/ignored fields for frame.

Change-Id: I4480b733f54991c72bea1664fa6e7337812e6231
Reviewed-on: https://code.wireshark.org/review/28304
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
13 months agoat: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Fri, 3 Aug 2018 14:59:08 +0000 (14:59 +0000)]
at: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Ibe42807cfbf3ed57791d4f4beb8e95cc71ba39f4
Reviewed-on: https://code.wireshark.org/review/28942
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Darien Spencer <cusneud@mail.com>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
13 months agorfc7648: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Fri, 3 Aug 2018 14:36:52 +0000 (14:36 +0000)]
rfc7648: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Idc37628b7f3022e83b53a34f388ce976aab0888e
Reviewed-on: https://code.wireshark.org/review/28941
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
13 months ago[GSM A RR]: fix APDU ID/Flags parsing for Application Info
Vadim Yanitskiy [Fri, 3 Aug 2018 23:04:41 +0000 (06:04 +0700)]
[GSM A RR]: fix APDU ID/Flags parsing for Application Info

According to 3GPP TS 04.08, table 9.1.53.1, Application Information
message has two mandatory fields encoded in a single octet:

  - APDU ID (section 10.5.2.48) M V 1/2,
  - APDU Flags (section 10.5.2.49) M V 1/2.

For some reason, they were dissected incorrectly:

GSM A-I/F DTAP - Application Information
  Protocol Discriminator: Radio Resources Management messages (6)
    .... 0110 = Protocol discriminator: Radio Resources Management messages (0x6)
    0000 .... = Skip Indicator: No indication of selected PLMN (0)
  DTAP Radio Resources Management Message Type: Application Information (0x38)
  APDU ID
    .... 0000 = APDU ID: RRLP (GSM 04.31) LCS (0x0)
  Missing Mandatory element APDU ID, rest of dissection is suspect
    [Expert Info (Error/Protocol): Missing Mandatory element APDU ID,
                                   rest of dissection is suspect]
    [Missing Mandatory element APDU ID, rest of dissection is suspect]
      [Severity level: Error]
      [Group: Protocol]
  APDU Flags
    0000 .... = APDU Flags: Unknown (0x0)
  APDU Data
    [...]

Change-Id: Ibb248104289da8e602ac15da15ae9e8eadb42c42
Reviewed-on: https://code.wireshark.org/review/28947
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
13 months agoRANAP: decrease the min length to 7 bytes
Vasil Velichkov [Mon, 30 Jul 2018 18:20:17 +0000 (21:20 +0300)]
RANAP: decrease the min length to 7 bytes

The min length was increased to 8 in d9c70acaf4 but there are valid 7
bytes long RANAP messages that are not recognized by the heuristic
function. Revert the value to 7 as in 482a3cd1f1c

Change-Id: I5096cd905c24c87dccbc2aa4bbdccc7b0febead7
Reviewed-on: https://code.wireshark.org/review/28945
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
13 months agoLISP: add support for Reliable Transport messages
Lorand Jakab [Thu, 28 Jun 2018 14:59:12 +0000 (16:59 +0200)]
LISP: add support for Reliable Transport messages

These messages are defined in [0], and are used in some deployed
products already.

[0] https://tools.ietf.org/html/draft-kouvelas-lisp-map-server-reliable-transport-04

Change-Id: Idfbc777175c1596d3e0fa1df39602a68ee1c488f
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/28503
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoospf: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Thu, 2 Aug 2018 07:04:41 +0000 (09:04 +0200)]
ospf: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Ic40eb2ddeef30aa4f3f2d31dc7f91cec55e62508
Reviewed-on: https://code.wireshark.org/review/28926
Reviewed-by: Khalifa NDIAYE <khalifa.ndiaye@orange.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agotap_export_pdu: Fix two memory leaks
Vasil Velichkov [Thu, 2 Aug 2018 23:17:07 +0000 (02:17 +0300)]
tap_export_pdu: Fix two memory leaks

253 (8 direct, 245 indirect) bytes in 1 blocks are definitely lost in loss record 87 of 93
   at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
   by 0xBC4B3C5: g_malloc (gmem.c:99)
   by 0x13E225: exp_pdu_open (tap_export_pdu.c:128)

372 (40 direct, 332 indirect) bytes in 1 blocks are definitely lost in loss record 88 of 93
   at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
   by 0xBC4B3C5: g_malloc (gmem.c:99)
   by 0xBC62FF6: g_slice_alloc (gslice.c:1025)
   by 0xBC16984: g_array_sized_new (garray.c:194)
   by 0x13E143: exp_pdu_open (tap_export_pdu.c:93)

Change-Id: I24a3cec1dc4491032232c282b01fea04a23872b3
Reviewed-on: https://code.wireshark.org/review/28934
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoPTP: fix typo path_delay -> peer_delay
Alexis La Goutte [Fri, 3 Aug 2018 05:33:04 +0000 (05:33 +0000)]
PTP: fix typo path_delay -> peer_delay

reported by Donn Lee

Bug: 15026
Change-Id: I54bb65338a22c3d9cb691618baeb011a869182d3
Reviewed-on: https://code.wireshark.org/review/28939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoFix bug in RFC 5447 dictionary.
Guy Harris [Fri, 3 Aug 2018 04:27:00 +0000 (21:27 -0700)]
Fix bug in RFC 5447 dictionary.

Pick up the current version ("current" as in "picked up from a recent
checkout of the FreeRADIUS/freeradius-server repository on GitHub") of
dictionary.rfc5447.

See

    https://github.com/FreeRADIUS/freeradius-server/issues/2269

and some of the discussion in

    https://github.com/the-tcpdump-group/tcpdump/pull/636

Change-Id: Ib21838684ac250ff1f02fcea6c1e5ca865b4b6ff
Reviewed-on: https://code.wireshark.org/review/28935
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agotds: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Thu, 2 Aug 2018 07:05:56 +0000 (09:05 +0200)]
tds: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I951a69b44959fd4c2f24f9ce70e40cf95dd2aa2e
Reviewed-on: https://code.wireshark.org/review/28927
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
13 months agoPFCP: fix DL Buffering Duration time
Michal Slavka [Thu, 2 Aug 2018 15:10:22 +0000 (17:10 +0200)]
PFCP: fix DL Buffering Duration time

Variable units is shifted two times,in proto_tree_add_item_ret_unit and
again in the dissector.

Change-Id: Ia93bfe59730a7634201de26b37dcc8111515eea5
Reviewed-on: https://code.wireshark.org/review/28931
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
13 months agolwm2mtlv: Update for changes in wmem_strsplit()
Stig Bjørlykke [Thu, 2 Aug 2018 11:24:12 +0000 (13:24 +0200)]
lwm2mtlv: Update for changes in wmem_strsplit()

The implementation of wmem_strsplit() has changed to behave like
g_strsplit(), and this affects splitting strings starting with the
delimiter. Update URI Path splitting for the new behaviour.

Ping-Bug: 14980
Change-Id: Id50cca24861b6d0969077e604ea199d864a9036c
Reviewed-on: https://code.wireshark.org/review/28930
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
13 months agorsvp: fix this ‘if’ clause does not guard... [-Werror=misleading-indentation]
Alexis La Goutte [Thu, 2 Aug 2018 09:02:47 +0000 (09:02 +0000)]
rsvp: fix this ‘if’ clause does not guard... [-Werror=misleading-indentation]

Change-Id: I84d68dfd485c04042fd5f4e106ac0d79883085cd
Reviewed-on: https://code.wireshark.org/review/28929
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
13 months agorsvp: fix unused variable 'rsvp_xro_sobj_type_vals' [-Wunused-const-variable]
Alexis La Goutte [Thu, 2 Aug 2018 06:48:15 +0000 (08:48 +0200)]
rsvp: fix unused variable 'rsvp_xro_sobj_type_vals' [-Wunused-const-variable]

Change-Id: I82e3ea93bbcee87618ab461d8026e4d91a01bc22
Reviewed-on: https://code.wireshark.org/review/28925
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Khalifa NDIAYE <khalifa.ndiaye@orange.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
13 months agogtp: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Thu, 2 Aug 2018 07:06:37 +0000 (09:06 +0200)]
gtp: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Iac8e93a17c88f2117fc23fcda93b3769925114ab
Reviewed-on: https://code.wireshark.org/review/28928
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
13 months agoGMPLS extensions to RSVP-TE
Khalifa NDIAYE [Tue, 17 Jul 2018 12:36:05 +0000 (12:36 +0000)]
GMPLS extensions to RSVP-TE

- Ethernet line LSP encoding (RFC 6004)
- flexi-grid label (RFC 7699)
- codepoint for network-assigned label (RFC 8359)
- clean-up and bug fixes on ERO/RRO/XRO
- full support of RFC 8001, including error code

Change-Id: I3fadc59f6a3a8e5dc12f319073472324702f9aa1
Signed-off-by: khalifaND <khalifa.ndiaye@orange.com>
Reviewed-on: https://code.wireshark.org/review/28741
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agokafka: fix builds without Snappy or LZ4 support
Dario Lombardo [Wed, 1 Aug 2018 12:37:22 +0000 (14:37 +0200)]
kafka: fix builds without Snappy or LZ4 support

Avoid passing an uninitialized "raw" pointer to "proto_tree_add_item".

Change-Id: Ic7d3542b4aa5650f452aad7ac3b783769cb44eb7
Reviewed-on: https://code.wireshark.org/review/28922
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months agorfc7468: Usability improvements
Stig Bjørlykke [Wed, 1 Aug 2018 09:14:30 +0000 (11:14 +0200)]
rfc7468: Usability improvements

Put base64 decoded data on top level tree. Set COL_PROTOCOL and
add label to COL_INFO.

Change-Id: Iea68523c9b2cee0f62fd86510c216b9c00f39f2a
Reviewed-on: https://code.wireshark.org/review/28921
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agomsgpack: make return value optional.
Dario Lombardo [Wed, 25 Jul 2018 18:02:19 +0000 (20:02 +0200)]
msgpack: make return value optional.

Change-Id: I76ca5b4cdff51c68975fbc1698ecec4329382cde
Reviewed-on: https://code.wireshark.org/review/28851
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agomsgpack: fix return value for map and array.
Dario Lombardo [Sun, 29 Jul 2018 12:48:24 +0000 (14:48 +0200)]
msgpack: fix return value for map and array.

Change-Id: I438b9ed310ca9d5553a00c7d0b633d8597b4f5bc
Reviewed-on: https://code.wireshark.org/review/28881
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agocommit-msg: fixup whitespace and blank lines around "Bug" tags
Peter Wu [Mon, 23 Jul 2018 12:34:27 +0000 (14:34 +0200)]
commit-msg: fixup whitespace and blank lines around "Bug" tags

About 90 commits so far have a newline after the "Bug" tag. That breaks
the issue tracker integration and tools such as git-interpret-trailers,
so ensure that such blank lines are removed.

Change-Id: Ib73e0ab1bbf99c8c200e74a03facc5d359c82436
Reviewed-on: https://code.wireshark.org/review/28828
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agotshark: Allow exporting of PDUs to stdout
Vasil Velichkov [Wed, 1 Aug 2018 08:05:05 +0000 (11:05 +0300)]
tshark: Allow exporting of PDUs to stdout

The following command will export the PDUs to stdout
tshark -r ./test.pcapng -U "OSI layer 3" -w -

Change-Id: Idddded6bfcac458d82cdc033babc7546b67f7327
Reviewed-on: https://code.wireshark.org/review/28919
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoCast the result of g_realloc().
Guy Harris [Wed, 1 Aug 2018 09:08:53 +0000 (02:08 -0700)]
Cast the result of g_realloc().

That squelches warnings if C++ compatibility is being checked.

Change-Id: Ia3dd9852df0fbf6353a84d299a385ef63c9f1acd
Reviewed-on: https://code.wireshark.org/review/28920
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoKafka: add info when we lack decompression support
Tim Cuthbertson [Wed, 4 Jul 2018 05:03:41 +0000 (15:03 +1000)]
Kafka: add info when we lack decompression support

Change-Id: I4c1b5d84bd1a6dfa811fd8ffbd576ac8dfd448af
Reviewed-on: https://code.wireshark.org/review/28749
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoRFC 7468 is PEM-inspired, but it's not PEM.
Guy Harris [Wed, 1 Aug 2018 07:01:45 +0000 (00:01 -0700)]
RFC 7468 is PEM-inspired, but it's not PEM.

Do some renaming.

Change-Id: If8fa85370014f9618df38d97048dd1c52a4c389f
Reviewed-on: https://code.wireshark.org/review/28918
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoNo need to tell the BER dissector the file name for RFC 7468 files.
Guy Harris [Wed, 1 Aug 2018 06:24:24 +0000 (23:24 -0700)]
No need to tell the BER dissector the file name for RFC 7468 files.

It's just a hack for "raw BER data" files, giving them a file name that
includes the OID to use for the syntax.  For RFC 7468 files, the syntax
is determined from the label in the pre-encapsulation boundary.

Change-Id: Ia656f20f123d2c6a85041f83714a3a1cfefb70b1
Reviewed-on: https://code.wireshark.org/review/28916
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoDon't hide dissected data under a "Data" item.
Guy Harris [Wed, 1 Aug 2018 05:54:51 +0000 (22:54 -0700)]
Don't hide dissected data under a "Data" item.

Only put otherwise-undissectable BER data under that item.

That removes an extra layer that needs to be opened up.

Change-Id: I6b025a782ff7199c84bad46160c7c286e79b0580
Reviewed-on: https://code.wireshark.org/review/28915
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoAT: Dissect commands
Darien Spencer [Sat, 14 Jul 2018 17:22:18 +0000 (10:22 -0700)]
AT: Dissect commands

This commit introduces dissection of the different parts of the command,
showing of the command direction and origin entity, generic dissection of
'unsupported' commands, detailed dissection of several 'supported'
commands and aggregated commands dissection.

Most of the code has been taken from BT-HFP (A protocol of AT commands
over bluetooth).
Change-Id: I3516ec9c28581df8ef9c0c37f9b6ee9ec0c55938
Reviewed-on: https://code.wireshark.org/review/28699
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoradiotap: Add support for 0-length PSDUs.
Richard Sharpe [Tue, 31 Jul 2018 14:33:44 +0000 (07:33 -0700)]
radiotap: Add support for 0-length PSDUs.

Change-Id: I386c6cd84a74eda5dff32fb93b0a35eb54bc6b4b
Reviewed-on: https://code.wireshark.org/review/28884
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoDo most of the RFC 7468 file processing in the dissector.
Guy Harris [Wed, 1 Aug 2018 04:57:42 +0000 (21:57 -0700)]
Do most of the RFC 7468 file processing in the dissector.

Have the Wiretap code just do a heuristic test to see if the file looks
like a RFC 7468 file and just had the entire blob of raw file data to
the caller, with an encapsulation type of WTAP_ENCAP_RFC7468.

Have a file-rfc7468.c dissector that processes the lines of the file,
displaying all of them.  Have it extract the label from the
pre-encapsulation boundary line, and, after it's decoded the
base64-encoded data lines into a blob of data, try handing the tvbuff
with the blob to dissectors that have registered in the
"pem.preeb_label" dissector table with the appropriate label value, and
hand it to the raw BER dissector only if that fails.

This allows some files to have the content dissected as more than just a
raw blob of BER-encoded data.

Change-Id: I98db9f0beb86e5694fb8e886005a2df4fc96ba71
Reviewed-on: https://code.wireshark.org/review/28914
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoRevert "Have find_or_create_conversation() use pinfo->conv_endpoint if present."
Guy Harris [Wed, 1 Aug 2018 02:55:13 +0000 (02:55 +0000)]
Revert "Have find_or_create_conversation() use pinfo->conv_endpoint if present."

This reverts commit ba202ef36225b59eb797c5a48b8d4a4665b479c7.

Creating endpoints, and corresponding conversations, for protocols atop which TCP or UDP runs can potentially cause attempts to look up the conversation to find the conversation for that protocol rather than for TCP/UDP, which can confuse protocols running atop TCP or UDP.

Change-Id: I3ca522e54e67cc4f996d0ee841c6bb40ee6a9976
Reviewed-on: https://code.wireshark.org/review/28912
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoGet rid of a no-longer-used dissector handle.
Guy Harris [Wed, 1 Aug 2018 02:02:08 +0000 (19:02 -0700)]
Get rid of a no-longer-used dissector handle.

Change-Id: I3e5bdc0339a0f229f40a6538f93c699106941e28
Reviewed-on: https://code.wireshark.org/review/28910
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoHave find_or_create_conversation() use pinfo->conv_endpoint if present.
Guy Harris [Tue, 31 Jul 2018 22:52:46 +0000 (15:52 -0700)]
Have find_or_create_conversation() use pinfo->conv_endpoint if present.

Add conversation_new_pinfo(), which uses the endpoint if present, and
have find_or_create_conversation() use it rather than
conversation_new().

Remove find_or_create_conversation_by_id() - it's no longer needed.

Bug: 15018
Change-Id: Ib13e539751af0f071aede4ee0ed751d0cb72ba3f
Reviewed-on: https://code.wireshark.org/review/28908
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoExport some more conversation functions.
Guy Harris [Tue, 31 Jul 2018 21:44:49 +0000 (14:44 -0700)]
Export some more conversation functions.

They're used by built-in dissectors; I see no reason whatsoever to
forbid plugins from using them.

See

    https://ask.wireshark.org/question/4366/compile-plugin-with-call-to-conversation_set_port2/

Change-Id: I6a04df961c164a09b88abd8f46a1fe3420a21661
Reviewed-on: https://code.wireshark.org/review/28906
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoFor ISDN, don't create an endpoint by ID and then use it.
Guy Harris [Tue, 31 Jul 2018 21:14:04 +0000 (14:14 -0700)]
For ISDN, don't create an endpoint by ID and then use it.

That isn't working, because it depends on the notion that for every
"endpoint type" there's a "port type" for the packet_info structure;
that's not true for ISDN channels.

The whole point of "use the packet_info structure when trying to find a
conversation and create it if it doesn't exist" is to use address
information *already filled in by somebody for use by other dissectors*;
we don't do that with the ISDN channel number, because there's no *need*
to do so.

So just add a new find_or_create_conversation_by_id() routine, which
passes the packet_info structure to get the frame number, and explicitly
passes the endpoint type and ID.  Use that in the ISDN dissector.

Bug: 15018
Change-Id: Id0e997254b0eaf7cbc9261a2adff639ecbf083c0
Reviewed-on: https://code.wireshark.org/review/28904
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoImprove debugging messages.
Guy Harris [Tue, 31 Jul 2018 20:15:36 +0000 (13:15 -0700)]
Improve debugging messages.

For various attempted matches, print what we're matching against.

Change-Id: Ib915aa9bc6e6e1ea6cc7a273f261db2a4952c0c4
Reviewed-on: https://code.wireshark.org/review/28900
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoFrame numbers are unsigned.
Guy Harris [Tue, 31 Jul 2018 19:13:08 +0000 (12:13 -0700)]
Frame numbers are unsigned.

Change-Id: I07641b0a759058fe5111e10c3ccd4c8f69eeccef
Reviewed-on: https://code.wireshark.org/review/28894
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoClean up white space.
Guy Harris [Tue, 31 Jul 2018 18:24:04 +0000 (11:24 -0700)]
Clean up white space.

Change-Id: Id1eb5ec743581a0d05b82e94c78f262e7dc33f7b
Reviewed-on: https://code.wireshark.org/review/28892
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoradiotap: fix indent (use tab)
Alexis La Goutte [Tue, 31 Jul 2018 14:55:36 +0000 (14:55 +0000)]
radiotap: fix indent (use tab)

Change-Id: I9fc2320ecd760f2be92b53d57fe1e12152edf198
Reviewed-on: https://code.wireshark.org/review/28890
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
13 months agowmem_interval_tree: fix no previous prototype for ‘update_edges_after_rotation’ ...
Alexis La Goutte [Tue, 31 Jul 2018 07:29:34 +0000 (07:29 +0000)]
wmem_interval_tree: fix no previous prototype for ‘update_edges_after_rotation’ [-Wmissing-prototypes]

Change-Id: I60085243d0e57ac072246bf3374ed3b7f6078497
Reviewed-on: https://code.wireshark.org/review/28889
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoNo need to initialize cursorname_len.
Guy Harris [Tue, 31 Jul 2018 06:48:04 +0000 (23:48 -0700)]
No need to initialize cursorname_len.

Not initializing it also means that we'll get an error from compilers
with sufficiently good dataflow analysis if we use it in, or before, the
call itself, which is a Good Thing as we *shouldn't* use it before we
know it.

Change-Id: I99aa3fedd2a04f5bb6e60e0f6f8b0a3682263351
Reviewed-on: https://code.wireshark.org/review/28888
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoTDS: Fix bad proto_tree_add_item_ret_string_and_length call.
Craig Jackson [Tue, 31 Jul 2018 03:39:04 +0000 (23:39 -0400)]
TDS: Fix bad proto_tree_add_item_ret_string_and_length call.

I'm not sure why this compiled in all of the test environments. (Ubuntu and Windows, plus Buildbot.)

Change-Id: I15d281010f3f463f3929aff8918ade8b71cffff7
Reviewed-on: https://code.wireshark.org/review/28887
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agosccp: Make "lr" a generated item rather than hidden to make it obvious that it exists.
Vasil Velichkov [Mon, 30 Jul 2018 19:33:38 +0000 (22:33 +0300)]
sccp: Make "lr" a generated item rather than hidden to make it obvious that it exists.

Similar to the TCAP transaction IDs - hf_tcap_tid, hf_tcap_dtid and hf_tcap_otid.

Change-Id: Idf55c894f5c0e60844c03b7de89b56f632d0ed36
Reviewed-on: https://code.wireshark.org/review/28885
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agotds: fix uninitialized var.
Dario Lombardo [Mon, 30 Jul 2018 15:18:27 +0000 (17:18 +0200)]
tds: fix uninitialized var.

../epan/dissectors/packet-tds.c:2659:27: error: variable 'cursorname_len' is uninitialized when used here [-Werror,-Wuninitialized]
            tvb, cur + 1, cursorname_len, tds_get_char_encoding(tds_info)|ENC_NA,
                          ^~~~~~~~~~~~~~
../epan/dissectors/packet-tds.c:2653:29: note: initialize the variable 'cursorname_len' to silence this warning
        guint cursorname_len;
                            ^
                             = 0
1 error generated.

Change-Id: I21a1e34997af95097d3a916589f69b86a6fe0418
Reviewed-on: https://code.wireshark.org/review/28883
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoRelax ERF heuristic
Stephen Donnelly [Mon, 30 Jul 2018 23:50:43 +0000 (11:50 +1200)]
Relax ERF heuristic

Allow forward timestamp deltas up to 1 year, up from 7 days.
Surprisingly this was overly restrictive in some real cases.

Change-Id: I8a4bd1ca791b978aa5d2be40f7f8dd8e23db8837
Reviewed-on: https://code.wireshark.org/review/28882
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAdd WTAP_ENCAP_RUBY_MARSHAL to the table of encapsulation names.
Guy Harris [Mon, 30 Jul 2018 22:29:10 +0000 (15:29 -0700)]
Add WTAP_ENCAP_RUBY_MARSHAL to the table of encapsulation names.

Change-Id: If7362bc4e1da3c3dc22df08b52c7cadcd43d3b81
Reviewed-on: https://code.wireshark.org/review/28886
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoSCTPGraphDialog: fix displaying a single TSN
Vasil Velichkov [Tue, 24 Jul 2018 15:13:33 +0000 (18:13 +0300)]
SCTPGraphDialog: fix displaying a single TSN

When the SCTP association contains a single DATA/SACK chunk in direction
the max and min TSN values are equal and as a result the Y axis range is
(maxTSN, maxTSN) or (0, 0) and the dots for the TSN are not visible

To fix this always set the Y axis maximum to maxTSN + 1 similar to the X
axis maximum of max_secs + 1

Also removed one unused local variable

Change-Id: Id38eb4dbd13a8ebbba98d4df00f3707331bd1464
Reviewed-on: https://code.wireshark.org/review/28862
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoSCTPGraphArwndDialog: Detect max arwnd value when startArwnd is not set
Vasil Velichkov [Fri, 20 Jul 2018 22:32:55 +0000 (01:32 +0300)]
SCTPGraphArwndDialog: Detect max arwnd value when startArwnd is not set

When the capture does not contains SCTP INIT and INAT_ACK packets the
startArwnd value is 0 (not set) and as a result the Y axis range is
(0,0) and the dots are not visible

Change-Id: Iafb1981e62f28fe09b106138836c866d0dbebb27
Reviewed-on: https://code.wireshark.org/review/28861
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoGMPLS extensions to OSPF-TE
Khalifa NDIAYE [Wed, 18 Jul 2018 13:19:45 +0000 (15:19 +0200)]
GMPLS extensions to OSPF-TE

- optical spectrum occupation for fixed grid WDM links
  (RFC 7688)
- optical spectrum occupation for flexi-grid WDM links
  (RFC 8363)

Change-Id: I7a4d8f0bd0b863b51dde60bb4b04f4756a7ca99b
Signed-off-by: khalifaND <khalifa.ndiaye@orange.com>
Reviewed-on: https://code.wireshark.org/review/28751
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoAdd basic support for TDS 5 (Sybase) cursors.
Craig Jackson [Thu, 10 May 2018 16:52:22 +0000 (12:52 -0400)]
Add basic support for TDS 5 (Sybase) cursors.

Change-Id: Ie04489b5445dc473d9bc6d772c1c33270da9b363
Reviewed-on: https://code.wireshark.org/review/28835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoieee80211: don't print the mode and channel in CSA IE as HEX
Emmanuel Grumbach [Sun, 29 Jul 2018 06:41:35 +0000 (09:41 +0300)]
ieee80211: don't print the mode and channel in CSA IE as HEX

The channel and the mode are easier to read as a decimal
number.

Change-Id: Ia34901cb7e799ab1fbee3bd754b488f84c20274a
Reviewed-on: https://code.wireshark.org/review/28876
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months ago[Automatic update for 2018-07-29]
Gerald Combs [Sun, 29 Jul 2018 08:17:38 +0000 (08:17 +0000)]
[Automatic update for 2018-07-29]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Ifc25c5ee60d7c9e09ced92c45107e4ceba6c929f
Reviewed-on: https://code.wireshark.org/review/28877
Reviewed-by: Gerald Combs <gerald@wireshark.org>
13 months agoQt: Comment some of the sparkline code.
Gerald Combs [Fri, 27 Jul 2018 20:42:59 +0000 (13:42 -0700)]
Qt: Comment some of the sparkline code.

Explain some of the magic numbers and other parts of the sparkline code.

Change-Id: Idfad30e773bd852ac021326467cf03ada91f6efc
Reviewed-on: https://code.wireshark.org/review/28874
Reviewed-by: Gerald Combs <gerald@wireshark.org>
13 months agobootp: Add support for non-standard MS option 77
Graham Bloice [Thu, 26 Jul 2018 17:28:55 +0000 (18:28 +0100)]
bootp: Add support for non-standard MS option 77

MS DHCP Clients configured for the RRAS role make DHCP requests for
RAS pool IP's using a non-standard user class (option 77).

Add support for this, along with an expert info to indicate the
item is non-standard.

Change-Id: I2f18061c8635fde69cbf4c5d6d0548fadecc28cb
Reviewed-on: https://code.wireshark.org/review/28863
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
13 months agobthci_cmd: fix spelling-error-in-binary found by lintian
Alexis La Goutte [Thu, 26 Jul 2018 12:06:37 +0000 (12:06 +0000)]
bthci_cmd: fix spelling-error-in-binary found by lintian

advertisments -> advertisements

Change-Id: I52e7e9cb316f97ac6b0e083df5c7a393f27e0a1d
Reviewed-on: https://code.wireshark.org/review/28859
Reviewed-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agodebian: add lintian-overrides for libwireshark0 (spelling-error-in-binary)
Alexis La Goutte [Thu, 26 Jul 2018 12:13:16 +0000 (12:13 +0000)]
debian: add lintian-overrides for libwireshark0 (spelling-error-in-binary)

Change-Id: Ic5e2745c0245c343fd6aae13638768fd215d6d60
Reviewed-on: https://code.wireshark.org/review/28860
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agotest: do not silently ignore feature detection failures
Peter Wu [Thu, 26 Jul 2018 21:47:20 +0000 (23:47 +0200)]
test: do not silently ignore feature detection failures

When ASAN memleak detection is enabled, any memory leak would result in
an exception and subsequently all features are marked as missing.
With the default profile, any Lua plugin or certain configurations could
cause a memory leak. To avoid such interference, set the configuration
path to a dummy location and warn whenever an error happens nonetheless.

Do not call setProgramPath() immediately, there is no "tshark" binary in
the current working directory anymore. Rely on test.py to set the path.

Change-Id: Idccc3d68eb6f6bb64d3a0b32897acecc65e0dfb6
Reviewed-on: https://code.wireshark.org/review/28867
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months agoRevert "Pass all arguments to options as --option=argument."
Guy Harris [Thu, 26 Jul 2018 21:42:28 +0000 (21:42 +0000)]
Revert "Pass all arguments to options as --option=argument."

This reverts commit 137d45f52c6ff3deb56721a6e37be5c4ed8f095a.

Don't. Make. The. Argument. To. Your. Extcap. Program. Specific.
Options. Optional. (Unless they're Boolean, in which case we never
pass an argument - we just pass the option if it's true and don't
pass it if it's false.)

Change-Id: I11e4ecaa196fd94c493d51e1f73e90267e1d9b1d
Reviewed-on: https://code.wireshark.org/review/28866
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agoPass all arguments to options as --option=argument.
Guy Harris [Thu, 26 Jul 2018 21:28:34 +0000 (14:28 -0700)]
Pass all arguments to options as --option=argument.

For options with optional arguments, the only syntax that's *guaranteed*
to be handled by getopt_long() is --option=argument, not --option
argument.  The BSD/macOS version of getopt_long() only supports the
former, not the latter.

Change-Id: Icfaec9eda49f5a947961251ebd377d7c1684c823
Reviewed-on: https://code.wireshark.org/review/28865
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agocommit-msg: quote the filename, fix printed message
Peter Wu [Mon, 23 Jul 2018 11:30:35 +0000 (13:30 +0200)]
commit-msg: quote the filename, fix printed message

Quote the filename in case it contains spaces or other special chars.

Change-Id: I5ff901de0839551c06bc73b8bef631b64aff5199
Fixes: v2.9.0rc0-1078-gc20432285a ("git hooks: prevent first commit message line to exceed 80 chars.")
Reviewed-on: https://code.wireshark.org/review/28827
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
13 months ago--extcap-version requires = if it has an argument.
Guy Harris [Thu, 26 Jul 2018 20:38:20 +0000 (13:38 -0700)]
--extcap-version requires = if it has an argument.

The version argument to --extcap-version is optional, and some versions
of getopt_long() require, for a flag whose argument is optional, that
the argument be supplied as --flag=value, not --flag value.

Change-Id: I5e34132d8bb729b845ac75ff94d6d548c1c35a3d
Reviewed-on: https://code.wireshark.org/review/28864
Reviewed-by: Guy Harris <guy@alum.mit.edu>
13 months agodiameter: Update with some AVPs from TS 29.272
Joakim Karlsson [Thu, 26 Jul 2018 11:41:21 +0000 (13:41 +0200)]
diameter: Update with some AVPs from TS 29.272

Change-Id: Ia16c113821b3c48d48a193e67ae46c9b025e79aa
Reviewed-on: https://code.wireshark.org/review/28858
Reviewed-by: Anders Broman <a.broman58@gmail.com>
13 months agoMAC-LTE: Add framing/heuristic support for SR entries.
Martin Mathieson [Wed, 25 Jul 2018 21:50:18 +0000 (22:50 +0100)]
MAC-LTE: Add framing/heuristic support for SR entries.

Change-Id: Ibd1df6d904b164aec74afa7d6b259bf202808c8c
Reviewed-on: https://code.wireshark.org/review/28854
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>