git.samba.org - metze/wireshark/wip.git/log

extcap: destroy hash tables on exit.

Change-Id: Ia6a1d8a45c36aff7f2bea8bde2ed5f308bddd2e1
Reviewed-on: https://code.wireshark.org/review/19919
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>

sharkd: fix warning C4090: 'function' : different 'const' qualifiers

According to https://msdn.microsoft.com/en-us/library/windows/desktop/ms682425(v=vs.85).aspx
the lpCommandLine argument must not be const as is may cause an access violation.

Change-Id: Iedd77663cd21ca8df542595890fbc7023f2c9c2b
Reviewed-on: https://code.wireshark.org/review/19922
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

dfilter-macro: add cleanup routine.

Change-Id: I3de59c0366e9bec058de144eb136abaca24b5911
Reviewed-on: https://code.wireshark.org/review/19918
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

stream: clean up reassembly table.

Change-Id: I71bc19eed5de342cd794938e3eb21545249d4853
Reviewed-on: https://code.wireshark.org/review/19917
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix builds without libpcap.

capture_opts_cleanup() doesn't exist if we're building without libpcap,
so don't call it if we're building without libpcap.

Change-Id: I9ae33b0c13af2785b5adb380a5b03e89116f67df
Reviewed-on: https://code.wireshark.org/review/19925
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix builds without libpcap.

capture_opts_cleanup() doesn't exist if we're building without libpcap,
so don't call it if we're building without libpcap.

Change-Id: I6c9defea15fac7df5533269c4945b965d9a67c25
Reviewed-on: https://code.wireshark.org/review/19924
Reviewed-by: Guy Harris <guy@alum.mit.edu>

capture_opts: free memory on exit to avoid leak.

This required a restyle of the way the different apps exit.

Change-Id: Iedf728488954cc415b620ff0284d2e60f38f87d2
Reviewed-on: https://code.wireshark.org/review/19780
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

NFSv4.2 mode_umask support

Add support for the NFSV4.2 mode_umask attribute which will be initially
supported by Linux v4.10.

Change-Id: Id98e20cd0ed93bf7ad9b2246e9e05299f3d7a9fc
Reviewed-on: https://code.wireshark.org/review/19921
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

dtls: Support Decode As for selecting appdata dissector

Being able to override (set) the application data dissector without
hacks (RSA keys dialog) would be nice. Modelled after
v2.3.0rc0-481-gafa2605e43 ("Support Decode As for {SSL,TLS}-over-TCP.")

Change-Id: Ic4c5ca55e8f20ad599c41c1df58b24f3bced2281
Reviewed-on: https://code.wireshark.org/review/19869
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

wsutil/sober128: remove unused macros and functions

Removed unused macros/functions that are apparently imported from
LibTomCrypt, only LOAD32L and STORE32L are needed. Remove code that
tries to distinguish between little/big endian, since WORDS_BIGENDIAN
was never defined, this would never have worked on big endian anyway.

Remove the special ROR "optimization" for GCC on i386, modern compilers
are able to optimize it to exactly the same thing. The generic
LOAD32L/STORE32L macros are less optimized (as can be seen in the
generated code), but this was not noticable in the mean running time.

Tested with the packet capture from bug 3232, the result is the same:

tshark -ocorosync_totemnet.private_keys:example.com -r corosync-totemsrp--key:example.com--2nodes.pcap -Vx

Bug: 13368
Change-Id: I59bf27d7dd990bbcd5ad34a1797f4a6c8a04512d
Reviewed-on: https://code.wireshark.org/review/19894
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

xml: use wmem allocators and replace GHashTable with wmem_map_t.

Change-Id: I9dbddc6fd4a5eaa458843343b3e9b8e1832bde8f
Reviewed-on: https://code.wireshark.org/review/19630
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

sharkd: make it compile without libGeoIP.

Change-Id: Ief867ce8552136298bd6bd6879ec482cc5b38b6f
Reviewed-on: https://code.wireshark.org/review/19887
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>

imf: convert GHashTable to wmem_map

Change-Id: Ia5bd6af88db76bbe4e0a267c30b6f7749b23e299
Reviewed-on: https://code.wireshark.org/review/19903
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

Rawshark: Add a memory limit (-m) option.

Add an option to rawshark that lets the user set a maximum memory limit.

Change-Id: Ie102ee5f6ba5aec90a35bd63297184c7dc37662c
Reviewed-on: https://code.wireshark.org/review/19911
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ncp: convert GHashTable to wmem_map_t.

Change-Id: I0de1c332a6052c20f6afbe1e51dfb14e18485891
Reviewed-on: https://code.wireshark.org/review/19899
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

GHashtable -> wmem_map conversions

Many of the register_init_routine/register_cleanup_routine functions
are for initializing and cleaning up a GHashtable.
wmem_map_new_autoreset can do that automatically, so convert many
of the simple cases.

Change-Id: I93e1f435845fd5a5e5286487e9f0092fae052f3e
Reviewed-on: https://code.wireshark.org/review/19912
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

iso15765: convert GHashTable to wmem_map.

Change-Id: I25fd598f3c2bd75548213140e93198b611f30d4b
Reviewed-on: https://code.wireshark.org/review/19900
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

tools: add a Gtk/GNOME suppression file.

As described here https://wiki.gnome.org/Valgrind valgrind can be
tuned for Gtk/GNOME (glib) software by this official (or so) suppression
file. Add it to the standard valgrind script to reduce the output
for those functions out of Wireshark scope.

Change-Id: I5dbc91ce82a890c9c02b624289ced96909be5f84
Reviewed-on: https://code.wireshark.org/review/19910
Reviewed-by: Dario Lombardo <lomato@gmail.com>

Qt: Add extcap placeholder parameter

Added a parameter to set placeholder text in textBox.

Change-Id: Iccf92fe60abc78be8f0fa112c0c9eb78890674b5
Reviewed-on: https://code.wireshark.org/review/12463
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>

Make some more protocols into pinos.

Change-Id: I87d842e3efe9f82eaaab81347dfb79d6c0932792
Reviewed-on: https://code.wireshark.org/review/19491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Use INVALID_SOCKET for an invalid socket handle.

-1 is fine on UN*X, but, on Windows, it's INVALID_SOCKET. We define
INVALID_SOCKET as (-1) on UN*X, so it can be used on both platforms.

Change-Id: Ib2269ddf98c352a1d3c85e44006cc49d80750a78
Reviewed-on: https://code.wireshark.org/review/19909
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix some more UN*X-vs-Windows issues.

Change-Id: Ie9ad31289f0572a7e7249fcb3305849673536f05
Reviewed-on: https://code.wireshark.org/review/19908
Reviewed-by: Guy Harris <guy@alum.mit.edu>

frame: use wmem instead of glib allocator.

Change-Id: Ibed5c2418d1dd400fe586d40681fb5ba90efbd9f
Reviewed-on: https://code.wireshark.org/review/19906
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

h460: use wmem for strdup.

Change-Id: Iac6027e4b1449a77bc6b0a3d089634a296b8e802
Reviewed-on: https://code.wireshark.org/review/19904
Reviewed-by: Michael Mann <mmann78@netscape.net>

h248: convert GTree to wmem_tree.

Change-Id: Ia8d1a7ca4ce7e8754ab97ffe5f6e11181f08b264
Reviewed-on: https://code.wireshark.org/review/19905
Reviewed-by: Michael Mann <mmann78@netscape.net>

ipmi: use wmem instead of glib allocator.

Change-Id: I739e0cd9ebe35049b6633a9cfa0f793d66823f9a
Reviewed-on: https://code.wireshark.org/review/19901
Reviewed-by: Michael Mann <mmann78@netscape.net>

hdcp2: convert GHashTable to wmem_map.

Change-Id: If68a73c05bfc301e1cfdba75c090305a5b454979
Reviewed-on: https://code.wireshark.org/review/19902
Reviewed-by: Michael Mann <mmann78@netscape.net>

proto: free memory on cleanup.

Change-Id: Ia6cb39cbf6d5b50d39746f38758433a7541219a2
Reviewed-on: https://code.wireshark.org/review/19896
Reviewed-by: Michael Mann <mmann78@netscape.net>

ieee802a: add shutdown routine.

Change-Id: I21d0ab5619cde9a43b96eaff351fa338e317f4f9
Reviewed-on: https://code.wireshark.org/review/19897
Reviewed-by: Michael Mann <mmann78@netscape.net>

ndps: convert GHashtable to wmem_map.

Change-Id: Id1f46ed533980e67bf18aa13fcc828bf1f5e7f6e
Reviewed-on: https://code.wireshark.org/review/19898
Reviewed-by: Michael Mann <mmann78@netscape.net>

dtls: avoid possible NULL deref

"decoder->flow" could result in a NULL pointer dereference if a null
cipher was in use (caught by Clang static analyzer).

Answering the questions:
- DTLS records fragments do not need to be reassembled, thus there is no
  flow. The Handshake messages have their own fragment_offset field and
  thus there is no need to maintain an extra flow.
- Actually one datagram can contain multiple records (RFC 6347, 4.1.1),
  but this is not implemented yet. The key can however not be "0"
  though, it must match the offsets from ssl_get_record_info.

Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
Change-Id: Iac367a68a2936559cd5d557f877c5598114cadca
Reviewed-on: https://code.wireshark.org/review/19892
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

GSM A / NAS-EPS: detect missing mandatory information elements

Current code is not able to detect missing mandatory information elements
because the macro will return once the end of the payload is reached.
Remove this check from all mandatory IE macros, and put it at the beginning
of optional IE ones. It should allow to detect any missing mandatory IE
while still stopping message dissection in case optional IEs are not
present.

Change-Id: Ie820740e25c1d03ee3462fa4a913c3a7870fcc2d
Reviewed-on: https://code.wireshark.org/review/19816
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Bluetooth 5.0, HCI command/event PHY update dissection

Dissection of all new HCI command/events related with
Bluetooh 5.0 feature 'PHY update - LE 2M and LE Coded'

Change-Id: I212cb368d3295ba36eb0ca34329df566cae1611b
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19849
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>

packet-btle.c: If frame information is missing, provide a default.

"default" frame information sets no retransmission or more fragments.

Bug: 13015
Change-Id: I1c8a29fe06d0b38abc789c8e454dc484490186f9
Reviewed-on: https://code.wireshark.org/review/19891
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Expand a comment to give more details.

(Dear Microsoft: why did you choose not to support line buffering in
the MSVC "standard I/O library" routines?)

Change-Id: I5add94d2c83e73e9845fea0f355a1923fddf2deb
Reviewed-on: https://code.wireshark.org/review/19890
Reviewed-by: Guy Harris <guy@alum.mit.edu>

sharkd: windows support

Change-Id: I6581bacdea49416cc26431f66b093f36b39c5a67
Reviewed-on: https://code.wireshark.org/review/19829
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ssl-utils: fix format specifies type 'void *' but the argument has type 'SslFlow *' (aka 'struct _SslFlow *') [-Wformat-pedantic]

Change-Id: Iec574db8c28d2e02136e6c4119e5688b21112299
Reviewed-on: https://code.wireshark.org/review/19889
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Openflow (v5): fix redundant redeclaration of ‘dissect_openflow_message_v5’ [-Wredundant-decls]

Change-Id: I6340f0b903af1371e69172b05650c49fc18b8890
Reviewed-on: https://code.wireshark.org/review/19888
Reviewed-by: Michael Mann <mmann78@netscape.net>

Don't provide GTK setup by default.

Update comments to reflect the behaviour as well.

Update comment inside the

Change-Id: Id3629b217a2adc096fd6b0cb0221270e92ebd5da
Reviewed-on: https://code.wireshark.org/review/19875
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

Add Decode As capabilities to MoldUDP dissector

Per the Nasdaq TotalView-ITCH v2/3 protocol specifications the
NASDAQ-ITCH dissector needs be able to dissect a MoldUDP payload.

Change-Id: Id5194930025a9abdfb1663234233fd51e525a34b
Reviewed-on: https://code.wireshark.org/review/19847
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Also show BGP Shutdown communication on admin reset

Shutdown communication is now also allowed on Admin Reset NOTIFICATION messages:
https://tools.ietf.org/rfcdiff?url2=draft-ietf-idr-shutdown-04.txt

Change-Id: I6450d3d5de5aef4bd709ba2b211ca717784b00a7
Reviewed-on: https://code.wireshark.org/review/19886
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

PAPI: Add dissection of Licence Manager

Change-Id: I1b7dd1835fe60852b8c90f0ce5e240813cad89d1
Reviewed-on: https://code.wireshark.org/review/15574
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add wmem allocator parameter to format_uri

Change-Id: Ic6de84a37b501e9c62a7d37071b2b081a1a1dd50
Reviewed-on: https://code.wireshark.org/review/19885
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

format_text_wmem -> format_text

All cases of the "original" format_text have been handled to add the
proper wmem allocator scope. Remove the "original" format_text
and replace it with one that has a wmem allocator as a parameter.

Change-Id: I278b93bcb4a17ff396413b75cd332f5fc2666719
Reviewed-on: https://code.wireshark.org/review/19884
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Enable some more tests.

The "Microsecond pcap-ng via stdin" and "Nanosecond pcap-ng via stdin"
tests work here on macOS and Windows (likely due to g8a141fe), so
enable them.

Change-Id: I148d02f0cc23162d782457e1d8f0e7c2c0dc6932
Reviewed-on: https://code.wireshark.org/review/19877
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

TLS13: partial update of CertificateRequest for draft -18

Document structure, did not put much effort in there as the format is
subject to change (untested, no pcap available).

Change-Id: I2da8c4e005d65314158d038bc0af7411773d8fba
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19865
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TLS13: add Encrypted Extensions

See https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.3.1

Change-Id: I35e049d991be4c242ef2b84db3a322c6a13d2f96
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19860
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TLS13: handle content type from decrypted record

Extract the content type and handle padding per
https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-5.2

When TLS 1.3 is detected, rename the "Content Type" field to "Opaque
[Content] Type" and add a new generated field for the content type that
was extracted from the decrypted contents.

Change-Id: I149a5d7e2493dded6e2c0190e170fa350f76466e
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19859
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TLS13: update Certificate for draft -18

Note that RPK (RFC 7250) is not well-defined and is left untouched.
https://github.com/tlswg/tls13-spec/issues/722

Certificate extensions dissections remains a task for later.

Change-Id: I62276e59db94429e4c09058aca3c08f390ec3af7
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19864
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TLS13: fix CertificateVerify dissection for -18

digitally-signed is gone in TLS 1.3. ClientKeyExchange/ServerKeyExchange
are gone, so effectively modifying this function is good enough to cover
CertificateVerify dissection (ssl_dissect_hnd_cli_cert_verify).

See https://tools.ietf.org/html/draft-ietf-tls-tls13-18#page-58

Change-Id: I07f621bc088d810a3f35343bec7a0a3303b1426b
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19866
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Support for NSH with Ethernet encapsulation

Change-Id: I88bc4924add4d89c1386cb1be9d27233cef861f1
Reviewed-on: https://code.wireshark.org/review/19867
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

WSDG: Update some of the NSIS text.

Recommend v3 instead of v2.

Change-Id: I13260611dd6b12372aba8938a87574cd9a8e1a47
Reviewed-on: https://code.wireshark.org/review/19880
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

test: add (D)TLS test for AEAD ciphers

TLS and DTLS share the same code for decryption of AEAD ciphers.
Add tests for all possible AEAD cipher modes (GCM, CCM, CCM_8).
PSK is used to reduce the handshake size (removing certificates).

The decryption suite passes these tests on:

* Libgcrypt 1.6.5 (Ubuntu 14.04)
* Libgcrypt 1.7.6 (Arch Linux)
* Libgcrypt 1.4.5 (CentOS 6). Note that the GnuTLS packages are too old,
so tests that depend on RSA keys fail here (but the new tests pass).

Change-Id: If0dc5b94223fb247062e23960ff66dfdd4f7a902
Reviewed-on: https://code.wireshark.org/review/19850
Reviewed-by: Anders Broman <a.broman58@gmail.com>

BGP: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I0569326140c88a6dd2d7e2b8819c9f5323a98670
Reviewed-on: https://code.wireshark.org/review/19810
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

format_text -> format_text_wmem for wlan dialogs

format_text_wmem uses NULL scope in GUI dialogs

Change-Id: Ifaa342e034de9f99b59169cdf0c7ddc52ff67597
Reviewed-on: https://code.wireshark.org/review/19882
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Have tvb_format_text use wmem_packet_scope() memory.

It's only use is in dissectors or other tree creation APIs (where
packet scope is valid), so have it use format_text_wmem with
wmem_packet_scope().

Change-Id: I1f34e284a870c9844c6b27f4ae08a1e7efe54098
Reviewed-on: https://code.wireshark.org/review/19883
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

TLS: add bare essentials for TLS 1.3 decryption support

The bare essentials are now in place to perform decryption
(HKDF-Expand-Label, calculation of traffic secrets, AEAD integration).
Can successfully decrypt the initial handshake message. Only AES ciphers
are supported, ChaCha20-Poly1305 still needs to be added.

Note: "decryption" indeed works, but dissection needs to be updated. The
padding must be stripped and the content type extracted.

Ping-Bug: 12779
Change-Id: I3869c9ae5131e57519be99c5f439c4fa68841bae
Reviewed-on: https://code.wireshark.org/review/19858
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssl-utils: add AEAD authentication check

Unauthenticated data should not be displayed as valid. Validate the
authentication tag, similar like how MAC checks are done for block
ciphers. This requires Libgcrypt 1.6 or newer.

Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.

Change-Id: Iee15f4ccc5bbe01a50677167fa9c50c1ffe382d3
Reviewed-on: https://code.wireshark.org/review/19853
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssl-utils: refactor AEAD decryption handling

The current ssl_decrypt_record is hard to understand due to mixing CBC
concepts (MAC, padding) with AEAD. Extract the AEAD functionality and
use better variable naming.

The "Plaintext" debug print now includes just the plaintext (the auth
tag is stripped). A write_iv.data_len check is added just to be sure and
more prep work is done for auth tag validation and TLS 1.3 support.

Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.

Change-Id: I94dd2fd70e1281d85c954abfe523f7483d9ac68b
Reviewed-on: https://code.wireshark.org/review/19852
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Have hfinfo_format_text use format_text_wmem.

Use NULL scope to be safe.

Change-Id: I1967737cf6a1c90cc2e0476d3f2ace63aa0c9153
Reviewed-on: https://code.wireshark.org/review/19857
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Have tvb_format_stringzpad use wmem_packet_scope() memory.

It's only use is in dissectors, so have it use
format_text_wmem with wmem_packet_scope().

Change-Id: I22121324fd47aee32174b65104458ad2ef329bd7
Reviewed-on: https://code.wireshark.org/review/19856
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add format_text_wmem.

This allows for a wmem_allocator for users of format_text who want
it (dissectors for wmem_packet_scope()). This lessens the role of
current format_text functionality in hopes that it will eventually
be replaced.

Change-Id: I970557a65e32aa79634a3fcc654ab641b871178e
Reviewed-on: https://code.wireshark.org/review/19855
Reviewed-by: Michael Mann <mmann78@netscape.net>

ISAKMP: Add Forticlient (connect License and EndPoint Control) from Fortinet Vendor ID

Change-Id: Idf40de8bfa76cbe4437a157fc90bd994d4b2233e
Reviewed-on: https://code.wireshark.org/review/19872
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

coap: add support for coaps (DTLS-secured CoAP)

coaps port is defined in RFC 7252, section 12.7.

CoAP (RFC 7252) is defined only for UDP, not TCP. For TCP, the frame
format is slightly different (draft-ietf-core-coap-tcp-tls-05) and
needs more dissector changes, so remove registration for now.

Change-Id: I1fc7163086f8fe66986565aa24b579ef24f72550
Ping-Bug: 13370
Reviewed-on: https://code.wireshark.org/review/19870
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

dtls: fallback to data dissector if nothing took care of it

Also unconditionally show the encrypted appdata record, matching the SSL
dissector. Now the bytes are always linked to a field.

Change-Id: Ie65cd5fc6620d53da46a94cdb1972863702b452c
Reviewed-on: https://code.wireshark.org/review/19868
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Dumpcap: Improve an error message.

Dumpcap doesn't yet support capturing pcapng from stdin. On Windows,
make sure we invalidate our file handle so that instead of printing

"Error reading from pipe: The operation completed successfully. (error 0)"

we show the more useful

"Capturing from a pipe doesn't support pcapng format."

Change-Id: I472c1bf5c8520c9ee3fe4b6299a6e0250262ea51
Reviewed-on: https://code.wireshark.org/review/19876
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: Use system DateTimeFormat in QDateTimeEdit

In extcap argument ExtArgTimestamp set DisplayFormat to system DateTimeFormat.

Change-Id: I281d6cc1aa59e785a75d6f1c8ff9780ba5ad9eba
Reviewed-on: https://code.wireshark.org/review/19863
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>

Remove unused variable initialization.

Change-Id: I674afef24938f3b860171d87640a6228ee042e82
Reviewed-on: https://code.wireshark.org/review/19862
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

ZigBee: Add attribute and command names from Metering used with GBCS.

The Great Britain Companion Specification specifies how energy meters
will communicate in the UK. This patch adds names for attributes and
commands from the Smart Energy Metering cluster that are used within
that specification.

Futhermore take care of Change 19481 for ZigBee Smart Energy.

Bug: 13360
Change-Id: Ia229265f9dc2168c8977303f3540c2ffc1bb5a0a
Reviewed-on: https://code.wireshark.org/review/19768
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Have format_text_wsp use wmem allocated memory.

format_text_wsp is fed into by tvb_format_text_wsp and tvb_format_stringzpad_wsp
so those functions need to add a wmem allocated parameter as well.
Most of the changes came from tvb_format_text_wsp and tvb_format_stringzpad_wsp
being changed more so than format_text_wsp.

Change-Id: I52214ca107016f0e96371a9a8430aa89336f91d7
Reviewed-on: https://code.wireshark.org/review/19851
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Convert GHashTable -> wmem_map_t for ASN.1 disseectors

Change-Id: Id749c41947c6300f2c82ed947352c336f9e45b72
Reviewed-on: https://code.wireshark.org/review/19838
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Clean up indentation.

Change-Id: I0815bf008ed056e3cd400a24fb10abb4ca88c3ce
Reviewed-on: https://code.wireshark.org/review/19854
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Have format_text_chr use wmem allocated memory.

Change-Id: Idcea59f6fc84238f04d9ffc11a0088ef97beec0c
Reviewed-on: https://code.wireshark.org/review/19844
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

(D)TLS: fix type of record sequence number

The record sequence number is 64-bit, not 32-bit. This applies to all
SSLv3/TLS/DTLS versions. Without this fix, after about four million
records, the wrong MAC is calculated (for TLS 1.2) or decryption will
fail (for TLS 1.3).

Change-Id: I05e5e8bc4229ac443a1b06c5fe984fb885eab1ca
Reviewed-on: https://code.wireshark.org/review/19824
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Use g_list_prepend, it's more efficient.

Change-Id: Ic13f60a3e700f3d8325063079f032eda47eaf22f
Reviewed-on: https://code.wireshark.org/review/19848
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix typo in autogen.sh

Change-Id: I7048dc9bf49a1e83302563db269c6a89a17c6df0
Reviewed-on: https://code.wireshark.org/review/19843
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

[Automatic update for 2017-01-29]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I4a55af48f03ec5940c2a5fd902a57c7b06ac0e37
Reviewed-on: https://code.wireshark.org/review/19839
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Register reassembly tables

Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.

Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ipx: Convert GHashtable to wmem_map

Change-Id: If7994b2bc5d341f381e0f15a0d6179ad73bf9367
Reviewed-on: https://code.wireshark.org/review/19763
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssl: add expert info for unexpected messages in TLS 1.3

This will also avoid invoking ssl_finalize_decryption which will not be
used for TLS 1.3.

Change-Id: I958508276488764ad1a82e6412504bcd72f3b995
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19823
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Bugfix MPEG descriptor Logon Initialize Descriptor tag.

Do length checks in case not all fields are present to prevent
malformed packets.

Bug: 13237
Change-Id: Ie7cc3006fa33f1dedeffb09a4f35adb8dee8e9f6
Ping-Bug: 13238
Reviewed-on: https://code.wireshark.org/review/19390
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix decoding of T.30 over T.38.

In change 9bcac48403de9aff6435d0f48028ae1f72f64528, "t30.hdlc" was
inadvertently changed to "t30.hdlc""rtp"; this meant that we didn't
actually find the T.30 dissector, as we were looking for it under the
name "t30.hdlcrtp".

Change-Id: Ic1c1daf558926afdb43ac9220940f3ac0159d247
Reviewed-on: https://code.wireshark.org/review/19835
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Allow Decode As for T.38-over-TCP and T.38-over-UDP.

This got lost as part of change 9132706b2dca67c4991edf0f3779d1d43d4b3f65
- that removed the explicit registering, with a port number, in the
tcp.port and udp.port dissector tables, *without* replacing it with a
dissector_add_for_decode_as() registering it *without* a port number.

Change-Id: I9ae22418553c143d51f9a78f5c0901f2f6490351
Reviewed-on: https://code.wireshark.org/review/19832
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Revert "Check whether we need -lm for fmod."

This reverts commit aaac50cfde090f4c7e71472ae8bf8e8ea67a1d44.

Not clear that this is the problem.

Change-Id: I5a0547eb4fda1a1ac7a6548c75ba6bc5e4b82d61
Reviewed-on: https://code.wireshark.org/review/19830
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Check whether we need -lm for fmod.

Apparently, fmod may be in -lm even if cos isn't.

Change-Id: Ifef1246ccd1ae1e17e4bbbab120c6181092c7786
Reviewed-on: https://code.wireshark.org/review/19827
Reviewed-by: Guy Harris <guy@alum.mit.edu>

tcap: convert GHashTables into wmem.

Change-Id: I95509cada53d363320a5a5d9e36612d7a85d7ef3
Reviewed-on: https://code.wireshark.org/review/19741
Reviewed-by: Michael Mann <mmann78@netscape.net>

wmem_map_new -> wmem_map_new_autoreset

A few dissectors can benefit from the conversion.

Change-Id: I3b7d54926b79314009e271960aff61870a115390
Reviewed-on: https://code.wireshark.org/review/19826
Reviewed-by: Michael Mann <mmann78@netscape.net>

wmem: Delay creation of map table until its needed

wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(), ...)
doesn't have "file" scope ready at startup to create hash table
and will assert.

Change-Id: I3437f45ef42bf8635e4d504cf073fc3fb0c9a8cd
Reviewed-on: https://code.wireshark.org/review/19825
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>

TLS: fix decryption of renegotiated sessions

Renegotiated sessions may interleave application data with handshake
records. These handshake records should however not be included in the
flow associated with the application data. This fixes a regression in
the previous patch, now the "1.12 Step: SSL Decryption (renegotiation)"
test passes again.

Also remove duplicate DTLS data sources for decrypted records.

Change-Id: I46d416ffba11a7c25c5a682b3b53f06d10d4ab79
Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
Reviewed-on: https://code.wireshark.org/review/19822
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

qsig: Remove unnecessary hash table functionality

The information from qsig_opcode2oid_hashtable could be derived directly from
qsig_op_tab, and get_op() can serve as a lookup instead of qsig_oid2op_hashtable.

Change-Id: Ibc5b20ff9ff46b1644c6a6c2c90ee1c4ac131e45
Reviewed-on: https://code.wireshark.org/review/19743
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add wmem_map_new_autoreset

This can be used similarly to wmem_tree_new_autoreset for hash tables that need
reset after capture file change.

Change-Id: I3a2f0b0a0cad3eca46266523c594d3d7aac17489
Reviewed-on: https://code.wireshark.org/review/19794
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>

decode_as: Initialize decode_as_list after free

Initialize decode_as_list = NULL after free to avoid random crashes
in g_list functions after changing profile.

This bug was introduced in g5c7b0b96

Change-Id: Ibc752f245115c5a426989e20e0ab9d0f0faac43d
Reviewed-on: https://code.wireshark.org/review/19821
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Revert "MPLS: relax pw_eth_heuristic and improve 1st nibble logic"

This reverts commit 01ddd93a7296b54a2048de74691984a7e78e4cb9.

Change-Id: I90f19fec52d3f1edc63fd00e614173a0154503d4
Reviewed-on: https://code.wireshark.org/review/19820
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Snort: add a preference to show alert in reassembled frame

Change-Id: Ia29d451857995b186c88193c9722ae156eb3f66d
Reviewed-on: https://code.wireshark.org/review/19729
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

MPLS: relax pw_eth_heuristic and improve 1st nibble logic

relax pw_eth_heuristic and, at the same time, improve
the 1st nibble logic in dissect_mpls in order to disambiguate
between Ethernet pseudo-wire without a control word, with the MAC
address's first nibble being 4/6 and IPv4/6 packet.

Bug: 13301
Change-Id: If4697c2e40271d84e2db11a9f64ee60a8657e164
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19599
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Updated parsing of ParticipantMessageData submessages.

Zero-length octet sequences don't need to show <MISSING> for their contents.

Change-Id: I89662ff8cd29563981ba9e1b34dc82023b6a070e
Reviewed-on: https://code.wireshark.org/review/19755
Reviewed-by: Juan Jose Martin Carrascosa <juanjo@rti.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

rtmpt: Ensure sequence count is incremented for stored fragments

Bug: 13347
Change-Id: I351c80dea8ac7a9f2540b40782b1cc5c0b8fdaed
Reviewed-on: https://code.wireshark.org/review/19777
Reviewed-by: Anders Broman <a.broman58@gmail.com>

(D)TLS: consolidate and simplify decrypted records handling

Previously there was a distinction between decrypted handshake
Application Data records ("Decrypted SSL data") and some others (like
Alerts, Handshake and Heartbeat, "Decrypted SSL record"). Remove this
distinction and always decrypt the payload before passing it on and
always display a data sources for decrypted contents ("Decrypted SSL").

This is prepatory work for TLS 1.3 support where the content type is
located in the encrypted record, having the record decryption in one
place makes it easier to adapt.

Change-Id: I92c51c7f9e87e5c93231d28c39a8e896f5afd1ef
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19789
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Add exported packet files to the recent files

Update the recent files list when exporting specified packets to file.

Change-Id: I4e7dd7f943aa99ab9d5f3fd88444d730434970e9
Reviewed-on: https://code.wireshark.org/review/19818
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

GPTv2: add CIoT optim support indication and ePCO IEs dissection

Change-Id: I87239a5af8476c1285e68cfbd45e62b89f1440eb
Reviewed-on: https://code.wireshark.org/review/19808
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>