Dario Lombardo [Sat, 4 Feb 2017 15:26:34 +0000 (16:26 +0100)]
wiretap: add cleanup routine.
The cleanup routine has been added to exit section of the applications.
Those which required a exit restyle have been patched as well.
Change-Id: I3a8787f0718ac7fef00dc58176869c7510fda7b1
Reviewed-on: https://code.wireshark.org/review/19949
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
AndersBroman [Mon, 13 Feb 2017 21:36:45 +0000 (22:36 +0100)]
[Diameter AVPs] Add 3GPP AVP 1664 to 1680 from TS 29.272
Change-Id: Iccc98e4bb6f7923c9ed0720d6fc469f5c3f74d39
Reviewed-on: https://code.wireshark.org/review/20096
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Joerg Mayer [Thu, 2 Feb 2017 18:25:10 +0000 (19:25 +0100)]
Change Qt setup from 5.5.0 to 5.8.0
Change-Id: Ic98922a9e3bf784487512c28921eb5c7d9914e53
Reviewed-on: https://code.wireshark.org/review/19962
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Peter Wu [Thu, 9 Feb 2017 14:00:19 +0000 (15:00 +0100)]
Make Libgcrypt a mandatory dependency
Removed all guards for HAVE_LIBGCRYPT, change autotools and CMake to
error out if it is not available. Update release notes, developer
documentation and README with the new status. Clarify relation with
GnuTLS in macosx-setup.sh. Install Libgcrypt via brew script.
Motivation for this change is that many dissectors depend on Libgcrypt
and having it optional increases the maintenance burden (there have been
several compile issues in the past due to the optional status).
Furthermore, wsutil has crypto code that can be replaced by Libgcrypt.
Change-Id: Idf0021b8c4cd5db70b8766f7dcc2a8b3acbf042f
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20030
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
AndersBroman [Mon, 13 Feb 2017 14:25:43 +0000 (15:25 +0100)]
[ISAKMP] Dissect 3GPP private error and status messages in NOTIFY.
Change-Id: Iaa65c1cf9f358e36e77b4a5cad2543dcbb98072e
Reviewed-on: https://code.wireshark.org/review/20090
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Mon, 13 Feb 2017 16:27:10 +0000 (17:27 +0100)]
tools: add suppressions to valgrind.
Remove leaks from libgcrypt.
Change-Id: I920e504cfcb45c41510f3edc65d2dbeefda5c5a1
Reviewed-on: https://code.wireshark.org/review/20093
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Guy Harris [Mon, 13 Feb 2017 03:33:35 +0000 (19:33 -0800)]
Further explanation in comments.
Change-Id: If88220dc39b2a6baeeefc244639992271b7f0464
Reviewed-on: https://code.wireshark.org/review/20086
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Mon, 13 Feb 2017 03:30:17 +0000 (19:30 -0800)]
Fix a comment to reflect (and better explain) reality.
Change-Id: I4d87438046c18419cea775c547c49cd3abb2089e
Reviewed-on: https://code.wireshark.org/review/20085
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Jakub Zawadzki [Sun, 12 Feb 2017 21:59:32 +0000 (22:59 +0100)]
Fix compilation without plugins.
proto.c:667:6: error: ‘dissector_plugins’ undeclared (first use in this function)
tap.c:773:20: error: ‘tap_plugins’ undeclared (first use in this function)
Change-Id: I8feaec4219dc97202bdb79d72399c5fd1d383e27
Reviewed-on: https://code.wireshark.org/review/20081
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Guy Harris [Sun, 12 Feb 2017 18:58:57 +0000 (10:58 -0800)]
Set the partial AID in the radio metadata structure.
Change-Id: I2d5a1cd7d264e8df7f4520272d6310e49cf8126d
Reviewed-on: https://code.wireshark.org/review/20080
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pascal Quantin [Sun, 12 Feb 2017 16:34:45 +0000 (17:34 +0100)]
sharkd: fix a memory leak on Windows introduced in gfe06aad
Change-Id: I907dbc924574b02d2f1b8d7668158b5b6d2c87cf
Reviewed-on: https://code.wireshark.org/review/20073
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Martin Kacer [Sat, 11 Feb 2017 14:55:05 +0000 (15:55 +0100)]
tshark removed empty line in -T ek output
Change-Id: Id4c1ab258308ecc8421a5c82b6e937a9d35bf58e
Reviewed-on: https://code.wireshark.org/review/20061
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Dario Lombardo [Sun, 12 Feb 2017 16:21:24 +0000 (17:21 +0100)]
uat: add missing parameter to documentation.
Change-Id: Ic39b00e0800c123083a6583d78eb96154b93e49f
Reviewed-on: https://code.wireshark.org/review/20075
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Diederik de Groot [Sat, 11 Feb 2017 12:41:58 +0000 (13:41 +0100)]
[skinny]: Add struct/union guards to multi-part message handlers
Improve multi-part message handling
- Calculate (sub) structure/union length
- Add a guard when iterating over multi-part message
- For fixed length messages, advance the cursor when iteration falls short of max length
Change-Id: Id2af3aa1a878328f105e173cabe2b68dd0343507
Reviewed-on: https://code.wireshark.org/review/20057
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diederik de Groot [Sat, 11 Feb 2017 12:41:58 +0000 (13:41 +0100)]
[skinny] Fix ConnectionStatRes and DialedNumber Messages protocol version >20
- ConnectionStatisticsResponse Comes in three different forms
- DialedNumber Message has variable length
Minor:
- Pass ipv4or6 connection address back to calling function (using this later on in seperate commit)
- Correct spelling mistakes
- Remove duplicates from DeviceType[]
Change-Id: Ib1619b163c12b6a4c6c86972186d828be3fd94e2
Reviewed-on: https://code.wireshark.org/review/20056
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Gerald Combs [Sun, 12 Feb 2017 16:12:26 +0000 (08:12 -0800)]
[Automatic update for 2017-02-12]
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I84ecfdd35a8f2935f950f72c01a69b70a6a80c07
Reviewed-on: https://code.wireshark.org/review/20070
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Jaap Keuter [Sun, 12 Feb 2017 11:32:10 +0000 (12:32 +0100)]
Put the definitions first
To help compilers that don't like mixed definitions, put the definitions
first.
Bug: 13398
Change-Id: I7f011feef7c7574df7a03cec87693e664be559ca
Reviewed-on: https://code.wireshark.org/review/20067
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Sun, 12 Feb 2017 10:03:13 +0000 (02:03 -0800)]
Fill in pseudo-header fields in order, and add the group ID for 11ac.
Change-Id: I0011917b77b1adc0cb6effd5d9d902f541675d78
Reviewed-on: https://code.wireshark.org/review/20066
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 12 Feb 2017 09:50:28 +0000 (01:50 -0800)]
Add a comment about wired-to-little-endian fields.
Other fields in the Prism header are in the same byte order as the magic
number; if the host generating those fields is big-endian, are these
fields little-endian or big-endian?
Change-Id: Ieb857db3ea63a673d9224cb2a7be3ff2bfb5861c
Reviewed-on: https://code.wireshark.org/review/20065
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 12 Feb 2017 09:46:09 +0000 (01:46 -0800)]
White space/style cleanup and consistency.
Go with 4-space indentation.
Also, get rid of some unnecessary brackets.
Change-Id: I07b4f126ba58ef3d013db7741d91484ae32e60d7
Reviewed-on: https://code.wireshark.org/review/20064
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 12 Feb 2017 09:32:41 +0000 (01:32 -0800)]
signal() is defined on some UN*Xes; don't use it as a variable name.
Change-Id: Iec68f35eefdc3ce17112c04477eae99e5aa58eb8
Reviewed-on: https://code.wireshark.org/review/20063
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Simon Barber [Thu, 15 Sep 2016 22:46:06 +0000 (15:46 -0700)]
Decode QCA sniffer PRISM extensions, and populate some wlan_radio
fields.
Patch received from QCA, and fixed up to build on master and pass
some fields on to wlan_radio.
Bug: 12978
Change-Id: I65ba7d07fbd76e98bb13399e46b400109387764c
Reviewed-on: https://code.wireshark.org/review/17720
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kacer [Sat, 11 Feb 2017 14:40:24 +0000 (15:40 +0100)]
tshark print_indent function
Modified epan/print.c to use function print_indent
Change-Id: Iefcb1e3c7813919c6af70d57a4f8a6f921595360
Reviewed-on: https://code.wireshark.org/review/20060
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
S. Shapira [Fri, 10 Feb 2017 14:42:38 +0000 (16:42 +0200)]
Fixing the MAC tvb creation in FP's tb dissection method
Bug: 13392
Change-Id: I387a6715164180487606ba3e9e4aaf64695aa543
Reviewed-on: https://code.wireshark.org/review/20050
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Peter Wu [Sat, 11 Feb 2017 11:02:40 +0000 (12:02 +0100)]
TLS13: handle Key Update for decryption
Generate new key upon receipt of Key Update message. Untested.
Note that the "traffic_secret" field in SslDecryptSession was unused and
since the client and server have two different encryption states, store
the application traffic secret in SslDecoder.
Change-Id: Iefca3f6cb75745a996fecb0fe7769c876dc9c4ee
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20013
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Wed, 8 Feb 2017 01:04:18 +0000 (02:04 +0100)]
TLS13: add Key Update dissection
Actual decryption support will be added later.
Ping-Bug: 12779
Change-Id: I3ff1f243fd0bd1467e84d8a6a5433c1fe71bbebf
Reviewed-on: https://code.wireshark.org/review/20012
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 21:45:55 +0000 (22:45 +0100)]
ssl-utils: add length validation for Certificate handshake message
This also introduces a new macro, "G_MAXUINT24" as symbol for 2^24-1
(this name does not exist in GLib and uncommon in Google).
Change-Id: If000f41f6286161e3a7697357fc33ae16c1e11db
Reviewed-on: https://code.wireshark.org/review/20003
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 23:48:28 +0000 (00:48 +0100)]
TLS13: fix length of Finished message
Select the full message instead of just the first 12 bytes (as was the
case in previous TLS versions. No check is added since it is too much
work for little gain (it would require looking up the hash length for
the cipher suite).
Change-Id: Iea13d5abe6a7e55b04fabacfa8919a02acd8517d
Reviewed-on: https://code.wireshark.org/review/20011
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 23:38:52 +0000 (00:38 +0100)]
ssl-utils: add length validation to CertificateRequest
Add length validation to several fields in CertificateRequest. Clarify
specification, remove unnecessary length check and add TODO for TLS 1.3.
Change-Id: Ic3aca62d90e5fad6930beb371adf10d7b7b9fbe2
Reviewed-on: https://code.wireshark.org/review/20010
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 23:01:13 +0000 (00:01 +0100)]
TLS13: add length validation for Pre-Shared Key Exchange Modes
Add length validation for expert info and add a reference.
Change-Id: Id21916b11ca924b517ea45294798692a010e7541
Reviewed-on: https://code.wireshark.org/review/20009
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 22:55:32 +0000 (23:55 +0100)]
TLS13: add length validation for Pre-Shared Key Extension
Use "ssl_add_vector" for length validation and expert info.
Change-Id: Ib38d36dfd82b78580035415d0924f1fae6cbe96d
Reviewed-on: https://code.wireshark.org/review/20008
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 22:35:29 +0000 (23:35 +0100)]
ssl-utils: update supported_groups extension
Update references, rename the old "elliptic_curves" name to
"supported_groups". Fix a wrong field name (EC Point Format now has its
own hf). Add length validation for "elliptic_curve_list".
Change-Id: I554ebb259ba7561b48dfe1cc9162a0b3b3bcdba4
Reviewed-on: https://code.wireshark.org/review/20007
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 20:41:23 +0000 (21:41 +0100)]
TLS13: add length validation for SupportedVersions
Also add reference to specification.
Change-Id: I5619ce175711f6768949f8b7eec789320100573c
Reviewed-on: https://code.wireshark.org/review/20002
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Tue, 7 Feb 2017 20:39:08 +0000 (21:39 +0100)]
ssl-utils: stylistic changes for ServerHello, HelloRetryRequest
Change "length" to "offset_end" parameter for consistency. Clarify
applicable TLS version in comments. Remove unnecessary check for length.
Change-Id: Icdc7edff9c8fdaf4c7d7349f65fed42f5344f2c3
Reviewed-on: https://code.wireshark.org/review/20001
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Jan Spevak [Fri, 3 Feb 2017 10:07:12 +0000 (11:07 +0100)]
diameter_3gpp: added decoding of TWAN-Identifier AVP
Change-Id: Ib3adec4f7abbdd0313e0017f540044ac45a8883a
Reviewed-on: https://code.wireshark.org/review/19930
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Thu, 9 Feb 2017 19:17:33 +0000 (20:17 +0100)]
wmem_list: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Change-Id: Ibbbe9fb0165eaa297c2b70bf7e478cf538e2cc33
Reviewed-on: https://code.wireshark.org/review/20040
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Fri, 3 Feb 2017 22:15:56 +0000 (23:15 +0100)]
filter_list: add cleanup function and call it on exit.
Change-Id: I51d8074cc5a63d4fd3af8852df120d6b4163217f
Reviewed-on: https://code.wireshark.org/review/19942
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Fri, 3 Feb 2017 21:41:31 +0000 (22:41 +0100)]
Clean columns on exit.
Change-Id: I950295c35fc67193d9825ebc741da151ad99e077
Reviewed-on: https://code.wireshark.org/review/19941
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Thu, 9 Feb 2017 17:28:14 +0000 (12:28 -0500)]
Convert conversation hash tables to use wmem.
Simplifies cleanup because wmem can handle the memory cleanup.
Change-Id: Idc6a9bfe5f23c83b59a5278a64b9fb706862342d
Reviewed-on: https://code.wireshark.org/review/20042
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Fri, 10 Feb 2017 07:09:38 +0000 (08:09 +0100)]
service_response_time_table (GTK) fix parameter 'data' not found in the function declaration [-Wdocumentation]
Change-Id: I6079399be6a94d3b718b31c6a21076d092adf580
Reviewed-on: https://code.wireshark.org/review/20049
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Alexis La Goutte [Fri, 10 Feb 2017 07:05:47 +0000 (08:05 +0100)]
response_time_delay_dialog (Qt): Fix warning: parameter 'user_data/data' not found in the function declaration [-Wdocumentation]
Change-Id: I592b35a3ceec477a8269f5cda0c5c363681a36aa
Reviewed-on: https://code.wireshark.org/review/20048
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Noel Power [Thu, 2 Feb 2017 15:59:22 +0000 (15:59 +0000)]
mswsp: Align parse_CAggregSpec function with MS-WSP specification.
Fix some errors in the parsing of the CAggregSpec structure, see
2.2.1.24 in the MS-WSP specification.
Change-Id: Ib281c10ab897e5c0282aa1b0d304df97a2fd14a3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/20036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Noel Power [Thu, 12 Jan 2017 10:52:23 +0000 (05:52 -0500)]
mswsp: Numerous bugfixes
1. Fix display of CTableColumn.StatusUsed & CTableColumn.LengthUsed
Both StatusUsed and LenghtUsed members were displayed as 2 byte length
values instead of single byte values.
2. Fix minor spelling mistake
3. display correct address(s) for array of address values
4. Use correct minimum CTableColumn size
This is followup patch for patch already provided for bug 13299.
The previous minimum value neglated to take into account the
CFullPropSpec structure (which is on the wire) but is represtented
as a string in the internal CTableColumn structure. Note: this doesn't
make any difference to the effectiveness of the previous patch but should
avoid confusion if someone later actually investigates the correct minimum
size.
5. Fix CPMCREATEQUERY message parsing
Following a query and subsequent clarification from dochelp@microsoft.com
the MS-WSP specification document was found to be incorrect.
CPMCreateQueryIn
|
---> CSortSet
should instead eventually point to CSortSet via the following msg structure
CPMCreateQueryIn
|
---> CInGroupSortAggregSets
|
---> CInGroupSortAggregSet
|
---> CSortSet
Change-Id: I7da6c7db817113f5542f25f078626030ad30d737
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/20031
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Thu, 9 Feb 2017 00:32:13 +0000 (19:32 -0500)]
Convert conversation data_list from GSList to wmem_tree.
Change-Id: I7eac4b4da86d1ac1ce8753f424b698a9949df00b
Reviewed-on: https://code.wireshark.org/review/20041
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Thu, 9 Feb 2017 17:25:43 +0000 (12:25 -0500)]
Add wmem_map_get_keys.
Mimic functionality of g_hash_table_get_keys
Change-Id: I7702854ed771a5b3bf7ea5295a67c42f0f477cdf
Reviewed-on: https://code.wireshark.org/review/20039
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Thu, 9 Feb 2017 15:14:46 +0000 (10:14 -0500)]
Add wmem_map_steal
Mimic functionality of g_hash_table_steal
Change-Id: Iaf4aeef951b60934569143b2d119f782aeefe380
Reviewed-on: https://code.wireshark.org/review/20038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Thu, 9 Feb 2017 00:28:25 +0000 (19:28 -0500)]
Add wmem_tree_remove32
Change-Id: Ic79fd0a2a13341dd7ba563cf3a056c51e9d16960
Reviewed-on: https://code.wireshark.org/review/20037
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Thu, 9 Feb 2017 08:48:04 +0000 (09:48 +0100)]
dof: free more memory on shutdown.
Change-Id: Ic4604cc2f999f4e669af00e37dad9b60cb06e599
Reviewed-on: https://code.wireshark.org/review/19977
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Günther Deschner [Tue, 7 Feb 2017 15:25:38 +0000 (16:25 +0100)]
dissectors: update list of controls in CTDB dissector.
Note that although some of the controls have been removed from the
protocol in upstream CTDB versions they are still present here in order
to dissect older protocol variants.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Change-Id: I67d8f69a7e920f4b1eeed21caab4d2b0b104d669
Reviewed-on: https://code.wireshark.org/review/20023
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann [Thu, 9 Feb 2017 03:31:11 +0000 (22:31 -0500)]
Add wtap_init to dftest.
Bug: 13387
Change-Id: I7dfae550f814cdc15924357996e2086eea58ecf4
Reviewed-on: https://code.wireshark.org/review/20026
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Jim Young [Mon, 30 Jan 2017 07:45:15 +0000 (02:45 -0500)]
Make the capture file's interface description filterable
This patch introduces the frame.interface_description field.
While testing this new functionality it became obvious that we have
a non-optimal interaction between the existing cfile.c's
cap_file_get_interface_name(), the recently added frame.interface_name
field and this new frame.interface_description field.
The string returned from cap_file_get_interface_name() may in fact
come from one of three different sources: the idb's interface name
(if it exists) or the idb's interface description (if that exists)
or a default text of "unknown". The string ultimately becomes the
rame.interface_name whether or not the idb had an interface name
option to begin with. This behavior does not allow one to test for
the simple presence of frame.interface_name. The new peer function
cap_file_get_interface_description() added by this patch returns
NULL instead of "unknown" if the idb does not have an interface
description. Should cap_file_get_interface_name() be similarly
modified to return NULL if the idb does not have an interface name?
Bug: 9781
Change-Id: Ie479f373c5080c004dd22bd88919838feca71e95
Reviewed-on: https://code.wireshark.org/review/19861
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann [Wed, 8 Feb 2017 21:42:05 +0000 (16:42 -0500)]
Don't duplicate memory for key values when passing into wmem_tree_insert_string.
Change-Id: Ib9d8f23faa7a9f83a975396a1be8f85078223feb
Reviewed-on: https://code.wireshark.org/review/20024
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Jaap Keuter [Tue, 7 Feb 2017 22:35:50 +0000 (23:35 +0100)]
editcap: handle too short frames in frame comparison
With option -I one can ignore the first number of bytes from the frame
while doing duplicate frame removal. This doesn't handle shorter frames
correctly. Add safeguards for this, and update the help text.
Bug: 13378
Change-Id: Ia6b65d0797f4069f0b89fa134114d88d80988211
Reviewed-on: https://code.wireshark.org/review/20004
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Dario Lombardo [Wed, 8 Feb 2017 15:15:18 +0000 (16:15 +0100)]
proto: destroy list on cleanup.
Change-Id: Icc46f1078cda4597f5a70760c96b866659092006
Reviewed-on: https://code.wireshark.org/review/20022
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Wed, 8 Feb 2017 14:58:47 +0000 (15:58 +0100)]
tap: destroy list on cleanup.
Change-Id: I24ab3d07721d338edf910b9fa8864306cbfe9dfa
Reviewed-on: https://code.wireshark.org/review/20021
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Sun, 22 Jan 2017 20:36:39 +0000 (21:36 +0100)]
dof: add shutdown routine.
Change-Id: I91bc792302f61fd8f20fa41ec067534316e26074
Reviewed-on: https://code.wireshark.org/review/19742
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Dario Lombardo [Sun, 5 Feb 2017 21:28:26 +0000 (22:28 +0100)]
addr_resolv: remove leak.
Change-Id: If4676b2982efae593084dbe951d8e0bb97189917
Reviewed-on: https://code.wireshark.org/review/19966
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Dario Lombardo [Fri, 3 Feb 2017 22:06:35 +0000 (23:06 +0100)]
sharkd: make the way it returns more similar to other apps.
The clean_exit block allows deallocation of memory on exit.
Change-Id: I52078f0e4e851b6aa5f34cbbd15eba0a4f37cae0
Reviewed-on: https://code.wireshark.org/review/19940
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Wed, 8 Feb 2017 04:07:27 +0000 (23:07 -0500)]
Switch stat tap to use wmem_tree_t instead of (sorted) GSList.
Change-Id: I172167eb20793113562b69d1e0e93a4882200404
Reviewed-on: https://code.wireshark.org/review/20019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Wed, 8 Feb 2017 02:51:43 +0000 (21:51 -0500)]
Switch follow (tables) to use wmem_tree_t instead of (sorted) GSList.
Change-Id: Iabf354d2533ae429c002b115c5de33b592019997
Reviewed-on: https://code.wireshark.org/review/20018
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Wed, 8 Feb 2017 01:18:33 +0000 (20:18 -0500)]
Switch rtd and srt tables to use wmem_tree_t instead of (sorted) GSList.
Change-Id: I54fec10801eb8f359414f34bf705767964c9725e
Reviewed-on: https://code.wireshark.org/review/20017
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Wed, 8 Feb 2017 00:44:19 +0000 (19:44 -0500)]
Switch export objects to use wmem_tree_t instead of (sorted) GSList.
Change-Id: Iaaa7b44954337c7857dbb541b727924e2de57c9d
Reviewed-on: https://code.wireshark.org/review/20016
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Fri, 3 Feb 2017 22:23:42 +0000 (23:23 +0100)]
xml: replace g_strdup with wmem_strdup.
Change-Id: Ib16bd79e117cbb54d1a8d98e79924b6bb20703a8
Reviewed-on: https://code.wireshark.org/review/19943
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Mon, 6 Feb 2017 15:51:57 +0000 (16:51 +0100)]
wmem_list: add wmem_list_insert_sorted.
This mimics the function g_list_insert_sorted.
Change-Id: I6f7ac01155588006662c8c0c138d88cea753868c
Reviewed-on: https://code.wireshark.org/review/19978
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Volodymyr Khomenko [Mon, 6 Feb 2017 17:15:09 +0000 (19:15 +0200)]
RSVDv2 support - 1st stage
Added META_OPERATION_START (Resize, ConvertToVHDSet)
Added META_OPERATION_QUERY_PROGRESS
Added QUERY_SAFE_SIZE
Minor fixes:
Using GUID data type for LinkageID, VirtualDiskId and InitiatorId, not binary blob
Fixed length for SVHDX_TUNNEL_OPERATION_HEADER
Cosmetic: unused var, code makeup
Ping-Bug: 11232
Change-Id: I4ea598367a1c12586501555f4a23d6249057484a
Reviewed-on: https://code.wireshark.org/review/19979
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Stig Bjørlykke [Tue, 7 Feb 2017 20:35:16 +0000 (21:35 +0100)]
Qt: Add check for valid profile name
Add check for a valid profile name in the Profile dialog and disable
the Ok button and mark the invalid profile if error.
The GTK dialog does not close on errors but the Qt dialog does, so
ensure the user is informed beforehand.
Change-Id: If31ffe75183066cf49e2b5a082112bfe62d6c06e
Reviewed-on: https://code.wireshark.org/review/19995
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Guy Harris [Wed, 8 Feb 2017 02:21:00 +0000 (18:21 -0800)]
Fix a comment to match we-run-on-Windows-too reality.
Change-Id: I68a299afd1d8228e7c842f66ffd3b4ee1ffb3798
Reviewed-on: https://code.wireshark.org/review/20014
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Alexis La Goutte [Tue, 7 Feb 2017 20:16:37 +0000 (21:16 +0100)]
ldap (asn1): fix indent (use 2 spaces)
Change-Id: I62d3e966928eba75dc26c2c3b6993175fe0f133e
Reviewed-on: https://code.wireshark.org/review/19994
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Peter Wu [Tue, 7 Feb 2017 19:15:08 +0000 (20:15 +0100)]
ssl-utils: add vector length validation for Client Hello
Use ssl_add_vector to process DTLS Cookie, cipher_suites,
compression_methods, client_hello_extension_list. Removed some checks
(like cipher_suite_length > 0) since (per specification) these must be
non-empty (if this is not the case, then at worst an empty tree is
visible).
Change-Id: I7ab2ef12e210d5878769478c7dfba33a799fb567
Reviewed-on: https://code.wireshark.org/review/19993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Guy Harris [Tue, 7 Feb 2017 21:35:41 +0000 (13:35 -0800)]
Make sure pid_t is defined.
Just as we include <windows.h> on Windows to get HANDLE defined, include
<sys/types.h> on UN*X to get pid_t defined.
We don't seem to need this (yet) on the master and 2.2 branches, but it
looks as if it might be necessary on the 2.0 branch. Do it everywhere.
Change-Id: I9535fa9944265746d332f8dc337e42a020b503d3
Reviewed-on: https://code.wireshark.org/review/19998
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stig Bjørlykke [Tue, 7 Feb 2017 14:30:43 +0000 (15:30 +0100)]
ui: Write recent file when applying profile changes
Write the recent file for the current profile before copying or renaming
the profile to ensure the latest changes are not lost.
Change-Id: Ib07881925b398314da0a9b2ec875da7650b84712
Reviewed-on: https://code.wireshark.org/review/19984
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Peter Wu [Tue, 7 Feb 2017 17:05:44 +0000 (18:05 +0100)]
TLS13: update NewSessionTicket dissection
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Tue, 7 Feb 2017 15:15:01 +0000 (16:15 +0100)]
TLS13: support Early Data and accept CLIENT_EARLY_TRAFFIC_SECRET
Update "early_data" extension to draft 18 (context field is gone).
Add support for "client_early_traffic_secret" to the keylog.
Support decryption of 0-RTT data (required handling cipher in Client
Hello and handling of "end_of_early_data" alert).
Tested with tls13-18-picotls-earlydata.pcap, early data decrypts
correctly. (The server data is messed up, but that is possibly the
result of broken NewSessionTicket handling which throws a dissector
exception and thus breaks the record sequence number.)
Ping-Bug: 12779
Change-Id: I9e6aeeb08111d5d977f2c0ab855f14d6d86ca87d
Reviewed-on: https://code.wireshark.org/review/19989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
AndersBroman [Tue, 7 Feb 2017 16:15:17 +0000 (17:15 +0100)]
[H248 Annex C] hf variable imported from packet-sdp,c is uint16 not int
Change-Id: I8122a88b9b203b9535e8f69f8b71d2e11dc7dac6
Reviewed-on: https://code.wireshark.org/review/19988
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Tue, 7 Feb 2017 11:36:47 +0000 (12:36 +0100)]
Update symbols
Change-Id: I4a868eb276af26ffc38e5c66f47bc9cc32f1d4de
Reviewed-on: https://code.wireshark.org/review/19985
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
AndersBroman [Tue, 7 Feb 2017 15:29:11 +0000 (16:29 +0100)]
Ubuntu 14.04 complains about unititialized variable proto_name_length
Change-Id: I325e98c9eeafaa53b5f757f4b8e5e903a31e1cc2
Reviewed-on: https://code.wireshark.org/review/19987
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Dario Lombardo [Sun, 5 Feb 2017 22:00:51 +0000 (23:00 +0100)]
stats_tree: add cleanup function.
Change-Id: Iefd264bdd79af172c245c3a30119999cca9d56c0
Reviewed-on: https://code.wireshark.org/review/19976
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Dario Lombardo [Wed, 1 Feb 2017 12:34:16 +0000 (13:34 +0100)]
prefs: free memory on cleanup.
Change-Id: I723032974e34940715ccde5c3744f8c572c6dfda
Reviewed-on: https://code.wireshark.org/review/19895
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Peter Wu [Tue, 7 Feb 2017 11:58:18 +0000 (12:58 +0100)]
ssl-utils: fix false warning about empty SNI
Server Hello can contain an empty extension, so restore the check.
Change-Id: I7d1ccfa113cd8a568def6915a80fd2791fd361df
Fixes: v2.3.0rc0-2284-g420b9e061e ("ssl-utils: add length validation for SNI extension")
Reviewed-on: https://code.wireshark.org/review/19983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Sun, 5 Feb 2017 14:55:46 +0000 (14:55 +0000)]
.mailmap: Update (of January and February )
Change-Id: If1034d7aad02640adc45b4f276e180433e901e50
Reviewed-on: https://code.wireshark.org/review/19965
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Allan Møller Madsen [Sun, 5 Feb 2017 15:03:34 +0000 (16:03 +0100)]
Add dissection of Bluetooth 5.0 AE related HCI commands
Added the following batch of HCI commands:
LE Read Maximum Advertising Data Length
LE Read Number of Supported Advertising Sets
LE Remove Advertising Set
LE Set Periodic Advertising Data
LE Set Periodic Advertising Enable
LE Set Extended Scan Parameters
LE Set Extended Scan Enable
LE Extended Create Connection
Corrected min/max interval field sizes of LE Set Extended
Advertising Parameters command and updated LE Set Extended
Advertising Enable command to use subtree for each set.
Change-Id: Id9c08189a76a0a4adc89b669b50d832f68a929aa
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michal Labedzki [Thu, 2 Feb 2017 18:31:39 +0000 (19:31 +0100)]
Bluetooth: EIR/AD: Add support for LE Features and Channel Map
Based on CSS7 specification.
Change-Id: Ibf00e3add7fcb1a2b3a22574bb63b0fddaf4adcb
Reviewed-on: https://code.wireshark.org/review/19972
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michal Labedzki [Wed, 1 Feb 2017 17:31:39 +0000 (18:31 +0100)]
Bluetooth: AD: Add support for AltBeacon
Another format of beacon in advertising packet.
Based on: https://github.com/AltBeacon/spec
User needs to use DecodeAs to use this dissector - any manufacturer's
company id may be valid.
Change-Id: I5656d9dbb70b648b2fadba7f3b525d38a2fe8e57
Reviewed-on: https://code.wireshark.org/review/19971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Mon, 6 Feb 2017 20:53:18 +0000 (12:53 -0800)]
Adjust startup count for extcap.
The number of extcap splash items is the number of extcap binaries plus
RA_EXTCAP.
Change-Id: I9702da5a94e244ddd95a845a67da9302ee41c826
Reviewed-on: https://code.wireshark.org/review/19981
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Mon, 6 Feb 2017 18:50:22 +0000 (10:50 -0800)]
GTK: Wrap static preference labels.
In the GTK+ prefrences dialog, enable wrapping and set a maximum width.
This should keep labels from making the dialog unusably wide.
Make a couple of enum preferences drop-downs instead of radio buttons.
Note that we might want to make the drop-down vs radio button behavior
automatic.
Change-Id: Ib72a2c8d5cfb99324be86f2218b6d57a395fa22c
Reviewed-on: https://code.wireshark.org/review/19980
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Fri, 3 Feb 2017 17:44:36 +0000 (18:44 +0100)]
ssl-utils: add length validation for SNI extension
Add copy of the definition in a comment, remove check for empty
extension such that export info can be added if the extension is empty.
Remove check for empty HostName, this cannot happen (and is caught by
ssl_add_vector).
Change-Id: Ie63b97e89dc7254f159abb338b52f5f894a8564d
Reviewed-on: https://code.wireshark.org/review/19939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 16:19:32 +0000 (17:19 +0100)]
ssl-utils: add length validation for Cookie extension
Also adds the definition from TLS 1.3 draft 18 spec.
Change-Id: Ic7910874507e76dcbe7ae15aff99c91496a2b590
Reviewed-on: https://code.wireshark.org/review/19938
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 16:14:52 +0000 (17:14 +0100)]
ssl-utils: add length validation for renegotiation_info extension
Add description from spec, remove zero-length extension check since it
is not allowed by specification.
Change-Id: I4bf85b36d933db3658f7788768fd794b6199187e
Reviewed-on: https://code.wireshark.org/review/19937
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 16:06:40 +0000 (17:06 +0100)]
ssl-utils: add length validation to NPN extension
Add the definition from draft 4 as well (which describes the structure
in text). Remove the check for zero length name since this is normally
not the case (according to draft specification).
Change-Id: I72c3f04a5146d4c4fa291383258246d9ba2b14be
Reviewed-on: https://code.wireshark.org/review/19936
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 14:51:31 +0000 (15:51 +0100)]
ssl-utils: add validation for ALPN
Use ssl_add_vector to ensure that the lengths are checked for validity
and that expert info is added when invalid data is encountered.
Change-Id: I5d03dce988f695cdc305f1bfff9d19ae90c5f6e2
Reviewed-on: https://code.wireshark.org/review/19935
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 14:15:10 +0000 (15:15 +0100)]
(D)TLS: simplify SignatureAndHashAlgorithm dissection
Merge the length parsing into the SignatureAndHashAlgorithm vector
parsing. Remove extra expert info which are replaced by the generic
ones.
Tested with a mutated pcap where the signature length field is off by
one (too large = expert error, too small = expert warning, as expected).
Change-Id: I43350352ae00eb42bbe5c2ee81289fb592b88f86
Reviewed-on: https://code.wireshark.org/review/19933
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 13:31:08 +0000 (14:31 +0100)]
ssl-utils: refactor "length" parameter into "offset_end" for extensions
Change all Hello extension dissector functions to accept the end of the
extension rather than the extension length. The changes are quite
mechanical: change "ext_len" to "ext_len = offset_end - offset".
Remove some "offset += ext_len" to ensure that additional unparsed data
is warned for.
The intent is that (extension) dissectors can easier check for overflow
(offset + 2 < offset_end). Later changes should remove "guint ext_len"
with appropriate changes (like replacing by ssl_add_vector).
Change-Id: Ic4846e6fd6164685c4704984136f701bec3afa58
Reviewed-on: https://code.wireshark.org/review/19932
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Fri, 3 Feb 2017 00:13:32 +0000 (01:13 +0100)]
ssl-utils: add helper for validating Variable Length Vectors
Currently variable length vectors are mostly unchecked with issues
ignored (see various "XXX - expert info"). In order to detect possible
attacks (and catch dissector issues), add helpers that extract the
vector length and that validate that a vector is correctly terminated.
Further dissection of a vector stops when not enough data is available.
The KeyShare extension and Extension itself are modified as a start,
more should follow. Future work should also ensure that the return value
represents the length after dissection (which should not exceed the
length). Also, the length field needs to be converted to an "offset_end"
value to ease overflow checking (length = offset_end - offset).
Change-Id: I6d757da2eb028f08a7b18661660313a6afd417e0
Reviewed-on: https://code.wireshark.org/review/19926
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Michal Labedzki [Sun, 5 Feb 2017 10:14:56 +0000 (11:14 +0100)]
Bluetooth: Update Assign Numbers
Updated on 5th February 2017:
- UUIDs
- Company Ids
Change-Id: I9868891ee2bdcdaa687bd45c76429f2b476889cc
Reviewed-on: https://code.wireshark.org/review/19973
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dario Lombardo [Sun, 5 Feb 2017 18:51:31 +0000 (19:51 +0100)]
rawshark: fix err code.
Change-Id: I5aec3ad14eb0f0d591691f2aa7eb8ce09341e020
Reviewed-on: https://code.wireshark.org/review/19963
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michal Labedzki [Sun, 5 Feb 2017 11:16:02 +0000 (12:16 +0100)]
Bluetooth: ATT: Implement "Resolvable Private Address"
"Resolvable Private Address" comes in Core 5.
Also fix expert infos (usage) for all GAP characteristics are
described in Core 5.
Change-Id: I8386f5908b64cb758e2a973fb6f92fabcb30885a
Reviewed-on: https://code.wireshark.org/review/19974
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michal Labedzki [Sun, 5 Feb 2017 12:04:56 +0000 (13:04 +0100)]
Bluetooth: SDP: Add HDP MDEP Data Type values for ISO/IEEE 11073-20601
Values found at Bluetooth SIG: Assign Number:
https://www.bluetooth.com/specifications/assigned-numbers/health-device-profile
Change-Id: Ic99129e717f1de22162f5e398fa5b81ff3dcdc5a
Reviewed-on: https://code.wireshark.org/review/19975
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Sat, 4 Feb 2017 22:53:10 +0000 (23:53 +0100)]
llc: replace GHashTable and glib allocator with wmem.
Change-Id: Ia7736e0faff16dd73d56a91b5a96cc715e3ce75d
Reviewed-on: https://code.wireshark.org/review/19953
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Dario Lombardo [Sat, 4 Feb 2017 22:41:10 +0000 (23:41 +0100)]
geoip_db: remove leak.
Change-Id: I40911820fa09111c167a5c526027f10381038dbb
Reviewed-on: https://code.wireshark.org/review/19952
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Michal Labedzki [Tue, 31 Jan 2017 18:27:51 +0000 (19:27 +0100)]
checkfiltername: Add llc.bluetooth_pid to the whitelist
"llc.bluetooth_pid" is now placed in bluetooth-file, it seems to be
fine, but there is a need to avoid terrible/horrible scream from
this script.
Change-Id: I0bf3f5b5f6459ab1f13a8c2c6ad12859af608e85
Reviewed-on: https://code.wireshark.org/review/19969
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
git.samba.org / metze / wireshark / wip.git / log