Age | Commit message (Collapse) | Author | Files | Lines |
|
Ping #19116
|
|
|
|
Ping #19116
|
|
Remove init of proto, header field, expert info and subtree variables.
This will reduces the binary size by approximate 1266320 bytes due to
using .bss to zero-initialize the fields.
The conversion is done using the tools/convert-proto-init.py script.
|
|
Add the FT_FRAMENUM reassembled in field that points to where
a reassembly was completed.
|
|
In EAP, we create conversations with some different addresses and
ports to take care of some tunneling situations. Only set the
conversation address for the packet once, simplifying the logic,
and make sure that if we don't find a matching conversation that
we create a matching one, instead of using the packet's existing
address and ports.
Fix #19071
|
|
|
|
|
|
Looks like conversation_set_conv_addr_port_endpoints() from 66b441f3d is
designed with this use case in mind.
This should resolve issue #18622
|
|
A conversation in Wireshark might have two endpoints or might have no
endpoints; few if any have one endpoint. Distinguish between
conversations and endpoints.
|
|
Added complete CertificateSerialNumber string match
logic to prevent malformed strings. Added ASCII compliance
check prior to identity parsing and expert info warning. Added
3GPP realm string matching logic to optional Realm token in Encr.
IMSI identities.
Closes #18129.
|
|
Must identity strings in EAP be dissected differently over different
protocols?
|
|
Using a similar strategy to ce087027ef87679ca934f392d37b0bf4d1334860 we
group conversation and pdata use by the layer depth we are decoding.
This now decodes EAP-TLS within TEAP (and should work for TTLS and PEAP)
|
|
Caught and flagged in https://gitlab.com/wireshark/wireshark/-/merge_requests/6838#note_932484809
|
|
|
|
|
|
The existing PEAP support does not decode the inner attributes, this
commit adds that support by introducing packet-peap.c which recreates
a 'pseudo' EAP header before looping the TVB back into the EAP dissector.
|
|
Later for packet-peap.c, need to use pdata to pick into the parent
dissector so here we set up packet-eap.c to use enum.
|
|
|
|
Decode TEAP's O-flag.
We also update the diagram and references as PEAPv0 has a different view
of how the flags are used compared to the RFCs and drafts.
|
|
Fix memory leak in packet-eap.
Coverity ID 1496856.
|
|
Do not require a useless ENC_NA parameter for string encodings.
FT_STRING and FT_STRINGZ types don't have any ndianness.
Follow-up to 6ec429622c9258eefd388caf21ce92ab5b9f54b4.
|
|
|
|
This patch adds basic EAP-IKEv2 support.
This does not include EAP-IKEv2 fragmentation support.
|
|
|
|
|
|
4.1.1 Authority ID Data https://datatracker.ietf.org/doc/html/rfc4851#section-4.1.1
|
|
Automated find/replace of wmem_packet_scope() with pinfo->pool in all
files where it didn't cause a build failure.
|
|
|
|
|
|
|
|
For consistency with other functions in this dissector let
dissect_eap_psk_pchannel also return offset instead of "number of
bytes dissected".
|
|
The function to dissect CSuite Sel returns offset not number of
dissected bytes so calling function must assign new offset rather
than incrementing. For consistency also update the CSuite List
function to return offset.
|
|
Fix issues found by running ./tools/check_typed_item_calls.py
epan/dissectors/packet-eap.c:1475 proto_tree_add_item called for hf_eap_gpsk_failure_code - item type is FT_UINT16 but call has len 4
epan/dissectors/packet-eap.c:1479 proto_tree_add_item called for hf_eap_gpsk_failure_code - item type is FT_UINT16 but call has len 4
|
|
|
|
Fix dead store (Dead assignement/Dead increment) Warning found by Clang
|
|
|
|
|
|
tokens[] contains two tokens - the part of the identity before @ and the
part of the identity after @.
realm_tokens[] contain five tokens - the "."-separated parts of the part
of the identity after @.
The latter include "mncNNN" and "mncNNN".
This fixes a crash.
Change-Id: I4b13dd90977a626a823cb53958412301abf8addb
Reviewed-on: https://code.wireshark.org/review/38158
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Removed WLAN from the EAP identity fields because
it is additional and unnecessary. Added fields for
the full identity string and the identity type.
Removed the pseudo and reauth identity types by
collapsing all identity values into one field
(eap.identity) so the values may be filtered easier
by users in tshark and the GUI. Omitting
encrypted IMSI code until this patch and Change
37250 get merged since the encrypted IMSI logic
depends on these two patches.
Bug: 16537
Change-Id: If359756c1949aff2510b822b70e0e79df85213d0
Reviewed-on: https://code.wireshark.org/review/37257
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fixing EAP WLAN identity dissection to account for
identities that contain periods. Also fixed an issue
with the identity unknown data field where it would
incorrectly calculate the number of remaining bytes
in identity messages. In that same vein, renamed the
field from hf_eap_identity_unknown_data to
hf_eap_identity_padding as it is only null bytes appended
to the end of identity strings. Lastly, I corrected
the EAP WLAN identity MCC and MNC lookup logic. It
wrongly assumed that NAI Realm MCC and MNCs should only
exist or dissect with permanent EAP identities which
is not the case. The algorithm used to perform lookups
would also not resolve all MCC/MNC pairs for the MNC value.
Bug: 16524
Change-Id: I1d9955618dab0c70de9fcd88088a4390989653c7
Reviewed-on: https://code.wireshark.org/review/37250
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added two fields for EAP-SIM/AKA Notification Type.
Added value_string array for AT_NOTIFICATION types & external ref.
Updated else if statements to a switch for EAP-SIM and EAP-AKA
Updated eap_sim_aka_attribute_vals[] and added Client Error Codes
Bug: 16539
Change-Id: Iaf9949d713d700330536e805d9ceb9328d183744
Reviewed-on: https://code.wireshark.org/review/36999
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added unknown data field at end of EAP Identity
dissection to ensure clean offsets to CRC/Checksum.
Bug: 16529
Change-Id: I09bc945bb89a91231bb82ced011ca3d1075a7788
Reviewed-on: https://code.wireshark.org/review/37094
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
check_dissector_urls.py was written and used to
find URLs within epan/dissectors/*.c and try to
fetch them using 'requests'. Will be commmitted
separately.
Most of the changes were to adapt to reorganisation
of IETF or 3gpp2 links, but many of the broken links
are for websites or companies that no longer exist.
Change-Id: Ie9afdb95099218402a61626a0cd5193c6f781b96
Reviewed-on: https://code.wireshark.org/review/36769
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Initial support for TEAP (Tunnel Extensible Authentication Protocol)
defined in RFC7170.
Only partial support implemented. Mainly the parts needed to discover
the carried EAP payload when establishing IEEE802.11 EAP-TEAP
connections.
Bug: 16379
Change-Id: Ic2b31d0b871b430792a371cd09926811e350c32b
Reviewed-on: https://code.wireshark.org/review/36104
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Don't assume our MNC and MCC string lengths are > 3.
Bug: 16397
Change-Id: I0759dcb9d0c5f078cf3a98e9323d9cb741e15dd4
Reviewed-on: https://code.wireshark.org/review/36146
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
From RFC7170
Bug: 16379
Change-Id: I1698e87c78ce3cdc3e322cfb112fd99e8d23e3ec
Reviewed-on: https://code.wireshark.org/review/36056
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Passing the appdata dissector via the data parameter caused crashes due
to type confusion, use an alternative, indirect method instead.
Change-Id: I1de3de4e7daf4504c176a6ad8947037606aa20bb
Depends-On: I4770d03f912dd75f92878dd74ad830ebb7eb1431
Reviewed-on: https://code.wireshark.org/review/34312
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Tested with the three captures from the linked bug: eap-peap-gtc.pcapng,
eap-peap-md5.pcapng, eap-peap-mschapv2.pcapng.
Bug: 15597
Change-Id: Idb1fb2809d05648a3b961af8dbdd9b35c3284c13
Reviewed-on: https://code.wireshark.org/review/34294
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for dissecting the decrypted TLS payload as Diameter.
Add support for dissecting the EAP-Message attribute as EAP.
Disable retransmission detection when EAP-Message is detected (EAP in
TLS in EAP) since this results in false positives.
Tested with captures from Bug 15603:
* eap-ttls-pap.pcapng - ok, User-Name and User-Password AVPs.
* eap-ttls-eap-gtc.pcapng, eap-ttls-eap-md5.pcapng - EAP-Message AVP.
* eap-ttls-mschapv2.pcapng - partially supported, does not conform to
Diameter AVP requirements as it is not padded. Microsoft vendor types
are also not yet supported. To be fixed later.
* eapttls-diameter-avp.pcapng (Bug 12880) - EAP-Message AVP.
Bug: 12880
Bug: 15603
Change-Id: Ie7ea282d05c1d3ff8463c34bf259107562714440
Reviewed-on: https://code.wireshark.org/review/34281
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|