Age | Commit message (Collapse) | Author | Files | Lines |
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40775 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
This bug was introduced in
http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=40748
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40756 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
option ssl_ignore_mac_failed.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6748
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40752 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Enhance SSL Key Exchange dissection.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6716
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40748 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
#includes aren't needed.
also: Add #include <epan/packet.h> (altho included by one of the other includes).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40329 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Enable decryption of TLS 1.2.
Add some cipher suites from RFC5246 and RFC5289.
Fixed a bug in the handling of stream cipher.
(The explicit IV field in the application record doesn't exist when stream ciphers are used. But the original code handles it as if one-byte IV exists.)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6688
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40273 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Also: remove unneeded #includes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40221 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
After changing the ssl_keys UAT, reparse the list and reload the keys.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40200 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Some whitespace cleanup.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39507 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Also: remove trailing whitespace for a number of files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39503 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
(previously missed).
57 FT_BOOLEAN: FALSE-->ENC_BIG_ENDIAN
31 FT_BOOLEAN: TRUE-->ENC_LITTLE_ENDIAN
10 FT_BYTES: ENC_BIG_ENDIAN-->ENC_NA
1 FT_BYTES: ENC_LITTLE_ENDIAN-->ENC_NA
21 FT_BYTES: FALSE-->ENC_NA
2 FT_BYTES: TRUE-->ENC_NA
2 FT_IPXNET: ENC_BIG_ENDIAN-->ENC_NA
6 FT_IPv6: ENC_BIG_ENDIAN-->ENC_NA
1 FT_IPv6: FALSE-->ENC_NA
6 FT_NONE: ENC_BIG_ENDIAN-->ENC_NA
19 FT_NONE: FALSE-->ENC_NA
3 FT_NONE: TRUE-->ENC_NA
1 FT_STRING: ENC_BIG_ENDIAN-->ENC_ASCII|ENC_NA
1 FT_STRING: ENC_LITTLE_ENDIAN-->ENC_ASCII|ENC_NA
5 FT_STRING: FALSE-->ENC_ASCII|ENC_NA
1 FT_STRING: TRUE-->ENC_ASCII|ENC_NA
4 FT_STRINGZ: ENC_NA-->ENC_ASCII|ENC_NA
8 FT_STRINGZ: FALSE-->ENC_ASCII|ENC_NA
1 FT_INT32: FALSE-->ENC_BIG_ENDIAN
1 FT_INT32: TRUE-->ENC_LITTLE_ENDIAN
11 FT_UINT8: 0-->ENC_BIG_ENDIAN
111 FT_UINT8: FALSE-->ENC_BIG_ENDIAN
17 FT_UINT8: TRUE-->ENC_LITTLE_ENDIAN
1 FT_UINT16: 0-->ENC_BIG_ENDIAN
68 FT_UINT16: FALSE-->ENC_BIG_ENDIAN
18 FT_UINT16: TRUE-->ENC_LITTLE_ENDIAN
4 FT_UINT24: FALSE-->ENC_BIG_ENDIAN
70 FT_UINT32: FALSE-->ENC_BIG_ENDIAN
1 FT_UINT32: TRUE-->ENC_LITTLE_ENDIAN
4 FT_UINT64: FALSE-->ENC_BIG_ENDIAN
1 FT_UINT64: TRUE-->ENC_LITTLE_ENDIAN
1 FT_UINT_STRING: FALSE-->ENC_ASCII|ENC_BIG_ENDIAN
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39442 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
benign bugs (Replaces SVN #39348).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39359 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39348 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
non-autogenerated epan/dissectors:
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39288 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
reference an hf item with types in hf[] of:
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39261 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
reference an hf item (in hf[] with types:
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39260 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Used by direct approach RDP for NTLMSSP authentication under SSL.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39196 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39084 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5748
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39074 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Use File/Directory Dialog as a field type for UAT preferences.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@39059 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38859 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
TLS Diffie-Hellman key exchange dissection support.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6277
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38858 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
info for each session in the trace file. This makes it possible to give someone the trace and the exported keys so that they can decrypt the traffic in the trace, but not new sessions to the same server.
(See also: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3444)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37446 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Convert TVB_RAW_OFFSET() and TVB_GET_DS_TVB() into functions.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37422 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
RSA Session-ID:xxxx Master-Key:xxxx
This makes it easy to use the "openssl s_client" output for decryption
(see: http://ask.wireshark.org/questions/4229/follow-ssl-stream-using-master-key-and-session-id)
It also paves the way for exporting SSL keyring material. See also the enhancement request in:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3444
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@37401 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
only if HAVE_LIBGNUTLS is defined.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36878 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
This patch adds support for getting the pre-master secret of a TLS
connection from a log file. Currently Wireshark can decrypt and TLS
connection only if it has the server's private key.
I commonly have a use case where I control the TLS client, but not the
server. In order to decrypt in this case, I've added support to NSS
(used by Chrome and Firefox) to log the keys to a file on disk:
https://bugzilla.mozilla.org/show_bug.cgi?id=536474
Given this file, Wireshark can then decrypt the resulting TLS connections.
The format is such that Wireshark opens and linearly scans the file each
time it sees a ClientKeyExchange. If the key log grows too large, this
is pretty inefficient. However, it's simple and the number of
interesting TLS connections when debugging is usually very small.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36876 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- Support for DTLS and SSL RSA keys list using User Accessible Table
- Support for IPv6 SSL as posted by bug#3343 comment#1
- 'any' and 'anyipv4' for IPv4 wildcard
- 'anyipv6' for IPv6 wildcard
- UAT fields validation.
From me:
- Update paramaters to match UAT API changes.
- Change the UAT filename.
- Fix buffer overflow for IPv6 addresses.
- Allow the use of hostnames along with numeric addresses.
- Don't convert strings to addresses twice.
- Don't use the same variable name for different data types.
- Make "any" mean "any IPv4 or any IPv6".
- Bend the concept of obsolete preferences slightly so that we can convert
and old-style key list to a UAT.
- Clean up whitespace.
- Don't point to a User's Guide section for now; it may make more sense to
keep using the wiki page.
SSL dissector changes have been tested. DTLS dissector changes have not.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36875 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Apply rev 25869 to most of the rest of the TCP-desegmenting dissectors.
(The SSL dissector was already updated in one of two spots with bug 4535/rev
32456.)
A couple of the patches had to be manually applied.
From me: Fix the comments to match the change (including in the TCP and SSL
dissectors.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36332 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
a retransmission), don't add it to the list (tree) of multi-segment pdus.
Otherwise, if we'd already seen the rest of the pdu and the other segments
were not retransmitted, the retransmission would break dissection of the pdu
because lookups for the segment would find the retransmission (to which the
other segments were not attached).
Since we know this segment is a retransmission, don't bother handing it off
to the subdissector either.
Use PINFO_FD_VISITED().
Add some white space in the desegmentation routine to improve readability.
Apply the same changes to the SSL dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@36304 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
so that if the start_ptr is NULL the bytes are extracted from the given TVB
using the given offset and length.
Replace a bunch of:
proto_tree_add_bytes_format*(tree, hf, tvb, offset, length, tvb_get_ptr(tvb, offset, length), [...])
with:
proto_tree_add_bytes_format*(tree, hf, tvb, offset, length, NULL, [...])
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35896 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35705 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
SSL/TLS dissector: add support for "Certificate Status" messages (aka OCSP stapling)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5503
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35655 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string() or
tvb_get_const_stringz().
Use tvb_memeql() & tvb_memcmp().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35558 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
(see: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5485 )
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35216 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
protocol reference URLs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35186 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- Initialize a few static global variables;
- Remove two unnecessary calls to g_hash_table_foreach_remove;
- Do whitespace cleanup and use consistent indentation;
- Fix a few typos and fix up several comments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35183 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Reorder value-string arrays slightly so they are in ascending order.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@34699 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@34227 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33310 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Support for RFC4279 Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4853
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33309 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33012 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
list when using "starttls" SSL decryption preference
- make sure the SSL dissector knows how to reach the original dissector for the decrypted data
- make sure the SMTP dissector does not call the SSL dissector again with the decrypted data
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32921 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
http://www.wireshark.org/lists/wireshark-dev/200809/msg00075.html
(as referenced in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2907 ) and
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3411 :
Write a new convenience routine for finding a conversation and, if it is not
found, create it. The frame number and addresses are taken from pinfo (as is
the common case).
Use this function in a bunch of dissectors.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32790 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
some consts.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32760 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
when the record header is spit between packets
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32456 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
And some minor formatting updates.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31921 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31776 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
reassembly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31767 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Just a small patch to add information about elliptic curves for SSL-connections.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@31744 f5534014-38df-0310-8fa8-9805f1628bb7
|