Age | Commit message (Collapse) | Author | Files | Lines |
|
These aren't "true" shadow issues, but the script doesn't completely understand C syntax (for things like struct member names "time" and "index"). But fixing them creates less noise.
Change-Id: I5a2db1549095824530428529e86cab453c031a04
Reviewed-on: https://code.wireshark.org/review/10368
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It is so fragile that it triggers too many false positives and it was not
activated by default prior to g21e5a95.
If required, a user can still use 'Decode As' functionality.
Change-Id: I0236609665c57c6f3961cb9596c47b54da777641
Reviewed-on: https://code.wireshark.org/review/9842
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0b19d4576b652dc9dd94346c75945e0bdc554a0e
RFC7540: Hypertext Transfer Protocol Version 2 (HTTP/2)
RFC7541: HPACK: Header Compression for HTTP/2
Reviewed-on: https://code.wireshark.org/review/8478
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Previously, the http2 heuristics dissector sets a conversation dissector
which overrides the SSL dissector, breaking SSL decryption before http2.
This patch fixes that by checking for an active http2 session in the
http2 heuristics dissector.
Change-Id: Ibacbcde3e29bbb746ad2e394f1c10ca571b07bf5
Reviewed-on: https://code.wireshark.org/review/7782
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Enable the reliable Magic Hello heuristics by default and dissect
further packets as HTTP2 as well. The weak frame heuristics is still
disabled by default.
Change-Id: I783d036fb6c6d867daedf251a5264fdf3b475447
Reviewed-on: https://code.wireshark.org/review/7615
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ib13d9391b64dad19321a4399c95b95d7fb791284
Reviewed-on: https://code.wireshark.org/review/6421
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
With >= draft-14, length is encoded in 3 octets (2 octets before)
Bug: 10908
Change-Id: I061570186206548fafcc39a8df0ba6bafe8576a0
Reviewed-on: https://code.wireshark.org/review/6883
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Do not make any assumption on the endianness: not all hosts running Wireshark are little endian
Change-Id: I8792904f7000b4f2b9e44ffe41f350ba8b4932d4
Reviewed-on: https://code.wireshark.org/review/6693
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Second batch (packet-eth.c -> packet-icmpv6.d).
Will look at cleaning up and committing script afterwards.
Change-Id: I14295758b81a59115d8c88899f166cc3d5d17594
Reviewed-on: https://code.wireshark.org/review/6013
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Also update HTTP Header Compression (to draft-10)
No framing change on HTTP2 draft-16
Change-Id: I7f8ffd7ab37bc22fd6fbe156b0bf52543025e3a8
Reviewed-on: https://code.wireshark.org/review/5782
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
(for some dissectors which fetch all other integral fields using
ENC_BIG_ENDIAN).
Change-Id: Ic18e3172aad76af12b12d6732c88497be22aed56
Reviewed-on: https://code.wireshark.org/review/5748
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
* Add new error code (HTTP_1_1_REQUIRED)
* Use hexa value for error code (like the spec)
* Add reference to Alt-SVC spec
Change-Id: Ifbcb32e97168440cb34f59740871b6c896e90461
Reviewed-on: https://code.wireshark.org/review/4992
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Change-Id: I0885f7d110014cb8a7eba1c1892ed8d0852d076a
Reviewed-on: https://code.wireshark.org/review/4187
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
- incorrect fetch/display of hf_http2_push_promise_r field
Change-Id: Iddf2db4807713017519b5abcbff3ba824b3624c6
Reviewed-on: https://code.wireshark.org/review/4186
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I88d048e4012109957a0b5e7a2480faed9fbe9cc4
Reviewed-on: https://code.wireshark.org/review/3565
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
This patch adds additional header decoding information, such as header
encoding representation, including header table size update (HPACK
draft-09, section 7).
Previously when user clicks the decoded header info, it highlights
wrong byte sequence in compressed pane. This patch fixes this and now
clicking header will highlight the byte sequence it was decoded from.
Change-Id: I611a34edef31640c59a1f8bbc26db1c42eb16ce2
Reviewed-on: https://code.wireshark.org/review/3407
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
* Expand frame length field to 24 bits
* Add new SETTINGS:
- SETTINGS_MAX_FRAME_SIZE
- SETTINGS_MAX_HEADER_LIST_SIZE
* Update libnghttp2 HPACK
* Remove END_SEGMENT flag
Change-Id: I5906322ad5a4d61c963ed95fada9415e66e146da
Reviewed-on: https://code.wireshark.org/review/3357
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
By default, the heuristic is disabled
Change-Id: I26ef23e8b153576a4fabd2e3324e830756e64bb7
Ping-Bug:10335
Ping-Bug:10310
Reviewed-on: https://code.wireshark.org/review/3350
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
bug: 10279
Change-Id: Ibf88b1622318692ccf3904aede5d964e6028bdc7
Reviewed-on: https://code.wireshark.org/review/3087
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Cleaned up nghttp2 build
Change-Id: I9f7adc12936155e0ffc01ec825b5aff95279f97d
Reviewed-on: https://code.wireshark.org/review/2937
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Previously we just call HPACK decompressor when dessecting packets.
This is fine for the first linear scan. But later same packet may be
dissected more than once and their header block data will be fed into
decompressor again. This makes header compression context out-of-sync
because HPACK decompressor only works when data is fed linearly. This
change fixes this issue by caching decompressed headers in the first
linear scan. On random packet dissecting, they are just looked up.
This change adds support of changing header table size by inspecting
SETTINGS frame and tracking its SETTINGS ACK.
Change-Id: I9c75c67f8677063e443f9b131740f3ee94ff8a63
Reviewed-on: https://code.wireshark.org/review/2616
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Summary of changes since draft-12:
* Pad High and Pad Low wereare replaced with single Pad Length field.
* Padding was removed from CONTINUATION frame.
* ALTSVC and BLOCKED frames were removed.
* Per-frame compression and its associated SETTINGS flag were removed.
* HPACK Huffman code table and static header table were updated.
Change-Id: I9c4f05f8cd937bfadbb1b912f2b9ffb31e9c18d5
Reviewed-on: https://code.wireshark.org/review/2615
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8de7b63ca90803f8fc6333bbe43aeb94459e6363
Reviewed-on: https://code.wireshark.org/review/1918
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I79e7a619b5dadb68b70f8b057494cc970a655cc7
Reviewed-on: https://code.wireshark.org/review/1903
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Decode the HTTP/2 header block using nghttp2 HPACK decoder
In this patch, We use nghttp2 HPACK decoder to decompress HTTP/2 header
block. To make HPACK decompressor work, we need to track down HTTP/2
connection from the beginning. If we see the HTTP/2 magic (connection
preface), we initialize HPACK decompressor objects. We actually use 2
HPACK decompressor for both client and server. HPACK decompressor
objects are stored in hash tables using TCP stream index as a key.
Most code by: Tatsuhiro Tsujikawa
Signed-off-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Signed-off-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: Idb4dd4b0a200924820cb0b34db664cc37518168d
Reviewed-on: https://code.wireshark.org/review/1527
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
* Add bitmask and fix length for exclusive flag
* Add missing bitmask for stream dependency
* Add fielder with calcultated weight value (weight+1, see spec for more information)
Change-Id: I7a6e97be068a80caa7355f593d9497c431c681ed
Reviewed-on: https://code.wireshark.org/review/1625
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
* Add missing padding for CONTINUATION frame
* Add filter for generated padding length
* add unused flags
Change-Id: I98ff759595d3018f11b6d3ec9ea298e92e032d73
Reviewed-on: https://code.wireshark.org/review/1604
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
not size_t, which was giving 64/32 conversion errors on some platforms
Change-Id: Idf81dc98f8921a92840731d742d6e46a40e1387f
Reviewed-on: https://code.wireshark.org/review/1405
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
From Alexis La Goutte
Fix warning found by pre-commit
Partial-Bug: 10054
Change-Id: I976884a240a55bb2287a802d72668a2c845179c0
Reviewed-on: https://code.wireshark.org/review/1295
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
check the input tvb's length before doing tvb_get_guint8(tvb,2)
reject a short packet, don't throw an exception
svn path=/trunk/; revision=54376
|
|
svn path=/trunk/; revision=54135
|
|
Add HTTP2 to Decode as
svn path=/trunk/; revision=54131
|
|
svn path=/trunk/; revision=53781
|
|
the heuristic may be leak (only check if type > 10...)
svn path=/trunk/; revision=53638
|
|
"new" style dissectors.
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9042 Add HTTP2 Dissector Based on draft-ietf-httpbis-http2-06
TODO :
* Support HTTP Header Compression (draft-ietf-httpbis-header-compression)
* Enhance display of Data
* Reassembling of continuation frame (and other frame)
* Add same tap and ping/pong time response
svn path=/trunk/; revision=51591
|