Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Iff833bf5c197959c8decb62d6ce794c6d0415fb7
Reviewed-on: https://code.wireshark.org/review/26978
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
B4 frames have no length octet at L2 level, but instead a L2 pseudo
length octet at L3. We must call the proper dissector for decoding
them, and gsm_a_ccch supports L2 pseudo length.
This addresses the LAPDm side of
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14105
Ping-Bug: 14105
Change-Id: I5743dc6153a1adae60b8d9564f345861edc3fca4
Reviewed-on: https://code.wireshark.org/review/26798
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The RSL SACCH INFO MODIFY / RSL SACCH FILL messages contain a
SI5 / SI6 / SI5bis / SI5ter message. Those SI are (like the SI on CCCH)
sent as UI frame in downlink direction. Since Phase 2, the "L2
pseudo-length field is part of the L3 message, and not stripped /
interpreted at L2.
3GPP TS 44.006 states that a special B4 frame format is used on the
SACCH downlink for UI frames, which is basically a normal B frame, but
with no length field at L2, shifting the length field into L3 where it
becomes the L2 pseudo-length.
From RSL, we need to call a variant of the RR dissector that is able to
decode a L3 message that includes a L2 pseudo-length. This is,
paradoxically, not the "gsm_a_sacch" dissector, as that one is only used
for B-frames, i.e. actual LAPDm ABM frames. We must use the "gsm_a_ccch"
dissector.
See also the discussion in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14105
as well as https://lists.osmocom.org/pipermail/openbsc/2017-December/011545.html
and https://osmocom.org/issues/3059 for further background information.
Ping-Bug: 14105
Change-Id: Icdad2b7698d5d7d613cacceec6a3d848b946306c
Reviewed-on: https://code.wireshark.org/review/26797
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Switch to a single Doyxgen configuration which was generated using a
recent version of Doxygen and customized to suit our needs. Add
wsar_html and wsar_html_zip targets to CMake. Update some Doxygen markup
and documentation as needed.
Change-Id: Ic8a424b292c35a26f74ae0b53322265683e56e69
Reviewed-on: https://code.wireshark.org/review/26976
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic2498c7acd6a1a522be45094148402ee34a6b4d1
Reviewed-on: https://code.wireshark.org/review/26958
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie95cf37f9cd283545693e290340a7489cc989c95
Reviewed-on: https://code.wireshark.org/review/26970
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
In order to simplify the display filter scanner, try to restrict the use
of dots ('.') in field names. Forbid leading dots, does not affect
current dissectors. Fix '..' typo in fpp dissector and forbid it. Forbid
trailing dots after fixing dissectors: some of them just have an excess
dot, others are missing a name after the dot.
Change-Id: I6e58a04ef0306ee8c16fbf6a3cabb076d7fc69c9
Reviewed-on: https://code.wireshark.org/review/26967
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The previous fix was incomplete and would still result in duplicate PDU
dissections starting from the second reassembled PDU in a TLS stream.
The reason for that is that "nxtseq" is the absolute offset within a TLS
application data stream where the current segment ends while the
reassembled PDU length ("ipfd_head->datalen") is likely smaller than
"nxtseq".
Note: this fix assumes that the there won't be another (partial) PDU
following a reassembled PDU in a single packet (that is, the condition
"nxtseq > msp->nxtpdu" is assumed not to occur). If that is not the
case, a different issue occurs which needs another fix (more work):
"Reassembly error, protocol SSL: Frame already added in first pass".
Change-Id: Ib546f6e85baa0670c2c6a31ee8de87422004ecf3
Bug: 14596
Fixes: v2.1.0rc0-1521-gcefd1d4910 ("ssl: avoid duplicate PDU dissections")
Reviewed-on: https://code.wireshark.org/review/26935
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Drop support of draft-08 and draft-09
with draft-10, PONG frame type is remove (and ACK use the same value)"
Bug: 13881
Change-Id: Iaf99da18bf8cc4fcfc43bbed2d60d6978405651c
Reviewed-on: https://code.wireshark.org/review/26964
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ib56212e09d41fc76494d8186c77541302700104c
Reviewed-on: https://code.wireshark.org/review/26952
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Update manuf, services enterprise numbers, translations, and other items.
Change-Id: I50b0c7211bfde3e0a17b4580e18fa423ab8fbdf1
Reviewed-on: https://code.wireshark.org/review/26953
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Fix to fill in some missing const in Display
Change-Id: Ic9fa51eef84cefffc29f7424246e707c560ba1d0
Reviewed-on: https://code.wireshark.org/review/26892
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
No longer report decoded experimenter values as undecoded which
was causing incorrect offset handling.
Change-Id: If902f8c8c5b53b8062e88229d67728bb67557062
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Reviewed-on: https://code.wireshark.org/review/26888
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I919621b8c4c809eb181d563251eeb099b767ad82
Reviewed-on: https://code.wireshark.org/review/26940
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ifdd6f1e96a01f040375639f6d09e56241798b346
Reviewed-on: https://code.wireshark.org/review/26949
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ie87615c664e3fec70356f86675b219c7a6462417
Reviewed-on: https://code.wireshark.org/review/26948
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
For the "802.15.4 with FCS" link-layer type, strip what FCS we find, if
any, off and use that new tvbuff for all dissection except for
checking and dissection of the FCS itself.
For the "802.15.4 without FCS" link-layer type, don't fake an uncaptured
FCS by increasing the reported length, just use the tvbuff as is.
This means we handle 802.15.4 the same way we handle other link-layer
types where the FCS might, or might not, appear as part of the captured
data.
Change-Id: Ia91b7fb0aad495876be00bf813c6b6517e5e11d7
Reviewed-on: https://code.wireshark.org/review/26947
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I0d4458e02c9e1f747659fb116906ca44515a9033
Reviewed-on: https://code.wireshark.org/review/26941
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. Use explicit cast from gint16 to gint then to gdouble
- I can understand my compiler - implicit cast is not explicit cast
2. Fix const cast by remove "const" from one field but add it whenever
possible in other places
Change-Id: Iab7401f972c40bca2df58f91b89e29cf2d7cf11b
Reviewed-on: https://code.wireshark.org/review/26917
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
|
|
Change-Id: I13e32d7f333c3e50085c0008d7677f4c6d0611d4
Reviewed-on: https://code.wireshark.org/review/26928
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie234abdad7be9fd6f68d6676bae37286ee5dca2f
Reviewed-on: https://code.wireshark.org/review/26938
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I3fbd95cbdbf958d4b6b93f0b7511be9ee772608c
Reviewed-on: https://code.wireshark.org/review/26932
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I0f0022ec1d04b466e9725684708088486d5f181c
Reviewed-on: https://code.wireshark.org/review/26931
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I2e6c9067b8c4d8b318f79c6ad9e924af234a6b78
Reviewed-on: https://code.wireshark.org/review/26930
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ief847244d8f989e2639a0dbcf96e2c7a7b1fb69a
Reviewed-on: https://code.wireshark.org/review/26933
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Change-Id: If5f8cf73eb878fa3feb31ba32d576d75a293e314
Reviewed-on: https://code.wireshark.org/review/26927
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
According to RFC 5280 (Section 4.2.1.6. Subject Alternative Name), an
iPAddress can be either four (IPv4) or sixteen octets (IPv6).
Bug: 14603
Change-Id: I6894f78c8e3f2a1b10940379397c87bbf981d4d6
Reviewed-on: https://code.wireshark.org/review/26891
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Change-Id: I1b71d30e5e6d5a63e14fc6daf8e2cca2b9b6f7f6
Reviewed-on: https://code.wireshark.org/review/26915
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I8a103840b3c795ce76c8a1af04a5751d6901e62f
Reviewed-on: https://code.wireshark.org/review/26914
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I03013e02856508179d1d75ece5d5c215b947eeb4
Reviewed-on: https://code.wireshark.org/review/26913
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Iafeb49b529da4f62149124193326a4ff6c3960b9
Reviewed-on: https://code.wireshark.org/review/26912
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I252c63f7104ce92de5d72e5e3ea40e3e45d76add
Reviewed-on: https://code.wireshark.org/review/26911
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I505e1df17d468c84f363c3be0ac5e2c29c85ca23
Reviewed-on: https://code.wireshark.org/review/26910
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I29dbeaf0d90bab4c10b4674bfa983f7f5f26027b
Reviewed-on: https://code.wireshark.org/review/26909
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I25619260572163872915c56bcf242e8ff8190b47
Reviewed-on: https://code.wireshark.org/review/26890
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Bring up an expert info if the file contains a record whose captured
length is larger than the reported length. Abort the dissection in this
case since we rely on those lengths to find the next record.
Change-Id: If249d0fe670373417bbfef6759edc0b020a9f5cb
Reviewed-on: https://code.wireshark.org/review/26885
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The length field's value doesn't include the length of the length field
itself.
Change-Id: Icd0cc2721a32212296929d248b9305b0f4a051e6
Reviewed-on: https://code.wireshark.org/review/26920
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I533b9d3ef37af9aa13a20c9af82a8a75cd73e9ad
Reviewed-on: https://code.wireshark.org/review/26895
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I49d215e65e424e605179747d350d4f36ccbc0d92
Reviewed-on: https://code.wireshark.org/review/26894
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I6f4a17ed91d4cb6ea39b5938add6ee882b033687
Reviewed-on: https://code.wireshark.org/review/26893
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
We don't just reassemble DOCSIS MAC frames, we reassemble other forms of
higher-level packet atop an MPEG Transport Stream as well.
Change-Id: If6e709a8d2d3e574fbaedb1fcac74797c5664aa5
Reviewed-on: https://code.wireshark.org/review/26905
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The exception mechanism is setjmp/longjmp-based, so we need to mark
offset as volatile, otherwise the longjmp might not restore its value.
Change-Id: Ib63070bbbbe1f16a93cb58aa7ee5ef2a5488df8a
Reviewed-on: https://code.wireshark.org/review/26901
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That way, some exception thrown higher in the protocol stack doesn't
stop us from dissecting the next TSP.
Change-Id: Ib756e5d62806caf0edd4e4ded18bb94000653d39
Reviewed-on: https://code.wireshark.org/review/26897
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This allows a better check of the required version.
Change-Id: I6c4aab67c73434aff4ad744caa2d0add9ec6225c
Reviewed-on: https://code.wireshark.org/review/26889
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch adds dissecting of several attributes in RTM_NEWLINK and
RTM_NEWADDR.
Change-Id: Iab476e7439a9bcbc25e70cded67bc371788baec4
Reviewed-on: https://code.wireshark.org/review/26830
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Id3189b5617aff853d85029624d7e160d48dd1f36
Reviewed-on: https://code.wireshark.org/review/26896
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
According to 3GPP TS 29.244 v15.1.0
Change-Id: Idcaad3eccf0bd5c9cc57eca5038313fd14916963
Reviewed-on: https://code.wireshark.org/review/26859
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The dissector handle is already known so it's no need to fetch
this again using find_dissector().
Change-Id: Id48066ab881f2b80ec9e3a6e86bc1e41f32cd1ec
Reviewed-on: https://code.wireshark.org/review/26873
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Added a dissector for the mgmt_nwk_unsolicited_enhanced_update_notify
from the R22 spec (clusterID = 0x003b)
Change-Id: I5d60ef0a762f932a7f814743d1c219428c8f9e73
Reviewed-on: https://code.wireshark.org/review/26865
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This dissector defines a bunch of ett arrays, most of which contain a
constant list of ett entries. Fill those arrays directly when they're
declared, this is what the vast majority of other dissectors do.
Fix some whitspace things while at it.
Change-Id: Iae85e2449024ef04b2a44bd847c45515f8efc903
Reviewed-on: https://code.wireshark.org/review/26869
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|