Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I86a0aae9409ab5f81a70560997c637f8f16718fa
Reviewed-on: https://code.wireshark.org/review/35754
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Wake-up frames in 802.15.4e have a specific structure that is not
consistent with the fields present in a single-byte FCF.
As a special case when 802154e_compatibility is enabled, detect
multi-purpose frames that are exactly 12 bytes long and contain
a Rendezvous Time IE and parse them as an 802.15.4e wake-up frame.
Bug: 16102
Change-Id: I87c6317fffb0670dae0d5bdd499271fe02a40b22
Reviewed-on: https://code.wireshark.org/review/34684
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for IEEE802.15.4-2015 multipurpose frames, which are
similar to data frames with the following exceptions:
- The Frame Control Field can be either 1 or 2 octets, with different
bit offsets for all fields except for Frame Type.
- The Frame Version field, when present, must always be set to 00.
- The source PAN ID is always absent
- Instead of a PAN ID Compression field, there is a PAN ID Present
field for the destination PAN ID only.
See Section 7.3.5 of IEEE802.15.4-2015 (esp Figure 7-19) for details.
Bug: 16101
Change-Id: I1e64d90694b567573ca10395b823adb9015f8917
Reviewed-on: https://code.wireshark.org/review/34682
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Enable decryption in TSCH mode which requires ASN in nonce.
Change-Id: Iae24add3a15cef00ef0037acd99f30b684e97ae2
Reviewed-on: https://code.wireshark.org/review/32142
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
New link type for IEEE 802.15.4 with pseudo-header and optional
meta-data TLVs, PHY payload exactly as it appears in the spec (no
padding, no nothing), and FCS if specified by FCS Type TLV.
Specification at https://github.com/jkcko/ieee802.15.4-tap
Bug: 15429
Change-Id: I67bd154891ad5818be9a1630aa5cbb863b55509a
Reviewed-on: https://code.wireshark.org/review/32141
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Don't call it an "FCS" in the CC24xx case. It's not an FCS; it's not
even just an "FCS OK" bit.
Display the metadata in question in bit order, from the "CRC OK" bit
downwards.
Change-Id: I8da29bbb1f8b5ef3905af75dd34c1563b904a4d8
Reviewed-on: https://code.wireshark.org/review/32228
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make FCS length a variable.
Modify protocol configuration to include FCS type option.
Change-Id: I1e08f5b6b43907833464c20d798163343ce67a76
Reviewed-on: https://code.wireshark.org/review/32139
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Refactor ieee802154_set_mac_key to return the number of keys set and
only try to decrypt with the alt_key if actually provided
Bug: 14522
Change-Id: I40802dff8c08f7f82b792fb16f5f91aa3b9e20cc
Reviewed-on: https://code.wireshark.org/review/26677
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- remove GEN field, that is obsoleted
- add SIGNAL command
- update return codes following the draft
Bug: 14542
Change-Id: I7eeb6f832d23688d5dc50f68224da9a7612429ff
Reviewed-on: https://code.wireshark.org/review/26553
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
While based on IEEE 802.15.4, the protocol breaks the standard by
having frames where the FCF Security Enabled flag is set but no
Auxiliary Security Header is present. Add handling of this special case
to the IEEE 802.15.4 dissector.
Change-Id: I0e678d5fc999ead740c0c27f51a699559c6cb21a
Reviewed-on: https://code.wireshark.org/review/26336
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- support vendor specific commands with a dissector table
- add missing command IDs
- add expert warnings for unsupported and unknown command IDs
- fix indentation
- correct spelling issues
- small consistency changes
Change-Id: Ifbe4a8aab1e5c953c1d3d264ab4f0913e6936e7f
Reviewed-on: https://code.wireshark.org/review/26341
Reviewed-by: Ed Beroset <beroset@ieee.org>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- reduce scope of special handling for ZBOSS and 'options'
- move -2015 command byte handling to corresponding function
- fix data handling for unimplemented command types
Rationale: this allows reusing the individual functions for protocols
that are based on IEEE 802.15.4 but require additional transformation
of the payload without adding special cases within the functions.
Change-Id: I5447620f6779031c4f9b280b16de9678b255b06f
Reviewed-on: https://code.wireshark.org/review/26262
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Ed Beroset <beroset@ieee.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I6b4644f7ad8061e8f9fc11238e17e6d01596cb39
Reviewed-on: https://code.wireshark.org/review/26095
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- Rename to better reflect functionality
- Add some comments
Change-Id: Ia3bf5655323a3d6fab18fd68dd3d048bd97f8c44
Reviewed-on: https://code.wireshark.org/review/26053
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
CCM* algorithm implemented as part of ieee802154 dissector can be
leveraged for higher layer protocols, e.g. OSCORE. This change adds an
additional parameter to the CCM* API in order to allow passing a generic
13-byte nonce.
Bug: 14367
Change-Id: Ib2da1146659f67ffb3a4767ec093f8b7f09461ce
Reviewed-on: https://code.wireshark.org/review/25455
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch adds dissection for the Wi-SUN Field Area Network standard. Wi-SUN
packets are encoded as a collection of IEEE 802.15.4 information elements. This
required a bit of refactoring in how the IE dissector table is handled so that
external protocols could supply their own dissectors.
While I was working with the IEs, I also added support for the TSCH Timeslot and
Global Time IEs from the IEEE 802.15.4 standard in addition to some general
cleanup.
Change-Id: I2858e4ab577756568e33b86adfe282967899abd5
Reviewed-on: https://code.wireshark.org/review/24331
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Rationale: The IEs are a generic mechanism that allows higher level protocols to
transport additional data in the header and some IDs have already been assigned
to external organisations. Using dissector tables enable looser coupling.
Refactor existing internal IE dissectors to be called via the table as well
based on a suggestion by Michael Mann.
More consistent display and code for Header IEs and Payload IEs.
Change-Id: Ib9c225245fc8dd989200d6ff6aeae8ca5c0f792c
Reviewed-on: https://code.wireshark.org/review/22600
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Still open: Reassembly and support for KMP payload dissection besides EAPOL
Bug: 13883
Change-Id: I48a1e6af5c6fb5594fb4e6a5258db0d8ebaf4a70
Reviewed-on: https://code.wireshark.org/review/22597
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Isolate dissection of individual IEs to capture out-of-bound errors
and to continue with next IE on error.
More consistent display. Use dedicated HFs and ETTs.
More consistent code with fewer casts.
Add warning if IE dissection consumes less content than the
indicated length.
Change-Id: I1481145b9248eaa9f3d3ddf6c0e32d39b4a63861
Reviewed-on: https://code.wireshark.org/review/22577
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- support draft-ietf-6tisch-6top-protocol-07
- replace proto_tree_add_subtree_format() to make manageable JSON output
- use constant values defined for the 1st F-Interop 6TiSCH Interop Event
Bug: 13868
Change-Id: Ifa1a20aa2e8d2c75bb0660f595de71768a20d082
Reviewed-on: https://code.wireshark.org/review/22500
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Isolate dissection of individual IEs to capture out-of-bound errors
and to continue with next IE on error.
Create subtree for each IE containing the TLV header. Reduce
information in overall Header IEs item.
Differentiate unknown and unsupported IE. Show more information.
Add warning if IE dissection consumes less content than the
indicated length.
Simplify Time Correction IE dissection and make more consistent.
Naming changes for consistency with standard.
Change-Id: I80f15edb646a15c0ed43d6571200a5d89cdeb7b5
Reviewed-on: https://code.wireshark.org/review/22381
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change guard that prevents decryption of v2015 to only check if frame counter
suppression is not used.
Add new aux header fields.
Cleanups.
Bug: 13805
Change-Id: Ib025e724415d7d7b85d63e2f44a37c7c691e9de6
Reviewed-on: https://code.wireshark.org/review/22165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Enhancements to security processing add support for Thread, MLE and ZigBee
IP. Thread and ZigBee IP use a hash for key derivation for MAC and MLE
security processing. Thread additionally uses a sequence counter.
Ping-Bug: 13495
Change-Id: Ib8351b21e5615cd44880f5126f59fd0dc0a11742
Reviewed-on: https://code.wireshark.org/review/20585
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
- support draft-ietf-6tisch-6top-protocol-03
- rename variables and constants to reflect the protocol hierarchy
- show 6P specific information in the "Protocol" and "Info" column
- cleanup
Bug: 13136
Change-Id: I83ca8a55d59225e0cce64f3463100b3750a58b8f
Reviewed-on: https://code.wireshark.org/review/18824
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch adds one more Payload Information Element called 6P or sixtop
defined by the IETF 6TiSCH Working Group. Here it is shown the following
6P-sixtop information:
-The 6P-sixtop version.
-The 6P-sixtop code.
-The 6P-sixtop Scheduling Function ID.
Then, depending of the 6P-sixtop code, a specific information is shown.
The supported codes -commands- for this patch are:
-Add.
-Delete.
-Count.
-List.
-Clear.
-Return Code Success.
For more information about the 6P-sixtop protocol, go to:
https://tools.ietf.org/html/draft-ietf-6tisch-6top-protocol-02
Bug 13005
Change-Id: I46b015dd8acd1515bff4090c5b39ad3897606f67
Reviewed-on: https://code.wireshark.org/review/18151
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch shows the Information Elements (IE) defined by the
IEEE802.15.4. It dissects the information of those IE which are used
by the IETF WG 6tisch and announces the others. Here the list of the
fully dissected ones:
- For the header IEs:
- Time Correction.
- Header Termination 1.
- Header Termination 2.
- For the payload IEs:
- MLME:
- Nested Shorts:
- TSCH Synchronization IE.
- TSCH Timeslot IE.
- TSCH Slotframe and Link IE.
- Nested Longs:
- Channel Hopping IE.
- Payload Termination IE.
For the rest of the IEs defined in the standart, this patch shows them
but does not analyze their inner fields.
References:
https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal/
IEEE Standard for Low-Rate Wireless Personal Area Networks (WPANs).
Change-Id: I45292315fa532f08be6a218eb5756284a22eeee4
Reviewed-on: https://code.wireshark.org/review/16671
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This is an update to change 14547. The processing of the ZigBee IEs
have been removed from the IEEE dissector and a new dissector added
to the ZigBee NWK module. In addition dissection has been simplified
and enhanced.
Change-Id: I1a2ee2d125b49443b90633163171e2712a8fdcdd
Reviewed-on: https://code.wireshark.org/review/14898
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
ZigBee has added new 802.15.4 Information Elements, defined in
Annex D.8 of ZigBee Specification R22. Specifically this is the
Enhanced Beacon Payload IE, TX Power, and Rejoin IEs.
Change-Id: Ic54b92c6d1f6437dc7888d10e9ae63453eb60e1d
Reviewed-on: https://code.wireshark.org/review/14547
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Minimal support has been added for the MLME Payload IE and the Enhanced Beacon
Filter Sub-IE. Dissection of Payload IEs and Sub-IEs is supported making it
easy to add dissection for specific applications once this is known.
Change-Id: I3a4f237e17413ec3e7bbfd32ded0625fc97da11b
Reviewed-on: https://code.wireshark.org/review/13999
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
IEEE has run out of Payload IE IDs so ZigBee and
future IEs must use Vendor OUIs.
Change-Id: I6eed4382d099364605649eb7577a5e2691e97dd3
Reviewed-on: https://code.wireshark.org/review/13971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id3cf113a8ef9b756cb9241b81f12e28dd3b8d232
Reviewed-on: https://code.wireshark.org/review/12815
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
802.15.4-2006 and laterChange-Id: I99e66919c86712533cd37fef9d4c464b75444d93
Change-Id: I9ec2b1a6d457d887a7202f7fe0894c3894cb1ecb
Reviewed-on: https://code.wireshark.org/review/12514
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
PANID for when we still get it wrong.
Change-Id: Icc2b274d2478a9426da881998bbbbfb3bf34ec4a
Reviewed-on: https://code.wireshark.org/review/1167
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
6LoWPAN: Automatic context detection and draft-ietf-6lowpan-nd-19 updates.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7521
svn path=/trunk/; revision=44723
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4912
svn path=/trunk/; revision=40004
|
|
The IEEE 802.15.4 GTS descriptor count is a 3-bit field (see page 144
of attached spec).
The mask for this field is incorrectly defined as a 2-bit field in
epan/dissectors/packet-ieee802154.h line 74:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6055
svn path=/trunk/; revision=37771
|
|
* Remove proto_tree_add_eui64 function from 802.15.4 Dissector
* Replace print_eui64/print_eui64 by eui64_to_str/get_eui64_name
* Update Documentation (README.dev)
* Add new function in libwireshark.def
* Support of encoding for tvb_eui64_to_str
* Use FT_EUI64 for ICMPv6, CAPWAP, Zbee ... dissector
svn path=/trunk/; revision=37015
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5395 :
The ZigBee security dissector was not recording the short to long address
mappings in Security Headers, preventing the decryption of some payloads. This
patch eliminates the Undecoded warnings in packets 1 and 19 in this test
capture: https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5457
The keys to decrypt these packets are listed in the bug.
svn path=/trunk/; revision=34886
|
|
You may not use g_int64_hash() or g_int64_equal(), as they are not present in the minimum version of GLib that we support. Create a ieee802154_long_addr structure for long addresses, create hash routines for those addresses, and use them.
Export and use those routines.
svn path=/trunk/; revision=34653
|
|
present in the minimum version of GLib that we support. Create a
ieee802154_long_addr structure for long addresses, create hash
routines for those addresses, and use them.
svn path=/trunk/; revision=34651
|
|
Multi-key Support and Extended Address Mapping for ZigBee Dissectors
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5331
svn path=/trunk/; revision=34647
|
|
svn path=/trunk/; revision=34633
|
|
never defined
error: ‘ieee802154_long_addr_invalidate’ declared ‘static’ but never defined
svn path=/trunk/; revision=34629
|
|
Multi-key Support and Extended Address Mapping for ZigBee Dissectors
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5331
svn path=/trunk/; revision=34627
|
|
Packet decryption for IEEE 802.15.4.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4457
svn path=/trunk/; revision=31820
|
|
Implementation of the IEEE 802.15.4 dissector ignores the Auxiliary Security
Header of the MHR (see IEEE 802.15.4-2006 specs p.138).
The attached patch, add two things :
1) Support for dissecting the Auxiliary Security Header
2) Add a preference option to force the dissection of
the FCS field as being in the TI CC24xx format
svn path=/trunk/; revision=29849
|
|
This patch fixes a bug in the dissection of the TI CC24xx FCS where the
endianness of the bitmasks used was wrong.
svn path=/trunk/; revision=29847
|