Age | Commit message (Collapse) | Author | Files | Lines |
|
svn path=/trunk/; revision=39084
|
|
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5748
svn path=/trunk/; revision=39074
|
|
Use File/Directory Dialog as a field type for UAT preferences.
svn path=/trunk/; revision=39059
|
|
svn path=/trunk/; revision=38859
|
|
TLS Diffie-Hellman key exchange dissection support.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6277
svn path=/trunk/; revision=38858
|
|
info for each session in the trace file. This makes it possible to give someone the trace and the exported keys so that they can decrypt the traffic in the trace, but not new sessions to the same server.
(See also: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3444)
svn path=/trunk/; revision=37446
|
|
Convert TVB_RAW_OFFSET() and TVB_GET_DS_TVB() into functions.
svn path=/trunk/; revision=37422
|
|
RSA Session-ID:xxxx Master-Key:xxxx
This makes it easy to use the "openssl s_client" output for decryption
(see: http://ask.wireshark.org/questions/4229/follow-ssl-stream-using-master-key-and-session-id)
It also paves the way for exporting SSL keyring material. See also the enhancement request in:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3444
svn path=/trunk/; revision=37401
|
|
only if HAVE_LIBGNUTLS is defined.
svn path=/trunk/; revision=36878
|
|
This patch adds support for getting the pre-master secret of a TLS
connection from a log file. Currently Wireshark can decrypt and TLS
connection only if it has the server's private key.
I commonly have a use case where I control the TLS client, but not the
server. In order to decrypt in this case, I've added support to NSS
(used by Chrome and Firefox) to log the keys to a file on disk:
https://bugzilla.mozilla.org/show_bug.cgi?id=536474
Given this file, Wireshark can then decrypt the resulting TLS connections.
The format is such that Wireshark opens and linearly scans the file each
time it sees a ClientKeyExchange. If the key log grows too large, this
is pretty inefficient. However, it's simple and the number of
interesting TLS connections when debugging is usually very small.
svn path=/trunk/; revision=36876
|
|
- Support for DTLS and SSL RSA keys list using User Accessible Table
- Support for IPv6 SSL as posted by bug#3343 comment#1
- 'any' and 'anyipv4' for IPv4 wildcard
- 'anyipv6' for IPv6 wildcard
- UAT fields validation.
From me:
- Update paramaters to match UAT API changes.
- Change the UAT filename.
- Fix buffer overflow for IPv6 addresses.
- Allow the use of hostnames along with numeric addresses.
- Don't convert strings to addresses twice.
- Don't use the same variable name for different data types.
- Make "any" mean "any IPv4 or any IPv6".
- Bend the concept of obsolete preferences slightly so that we can convert
and old-style key list to a UAT.
- Clean up whitespace.
- Don't point to a User's Guide section for now; it may make more sense to
keep using the wiki page.
SSL dissector changes have been tested. DTLS dissector changes have not.
svn path=/trunk/; revision=36875
|
|
Apply rev 25869 to most of the rest of the TCP-desegmenting dissectors.
(The SSL dissector was already updated in one of two spots with bug 4535/rev
32456.)
A couple of the patches had to be manually applied.
From me: Fix the comments to match the change (including in the TCP and SSL
dissectors.)
svn path=/trunk/; revision=36332
|
|
a retransmission), don't add it to the list (tree) of multi-segment pdus.
Otherwise, if we'd already seen the rest of the pdu and the other segments
were not retransmitted, the retransmission would break dissection of the pdu
because lookups for the segment would find the retransmission (to which the
other segments were not attached).
Since we know this segment is a retransmission, don't bother handing it off
to the subdissector either.
Use PINFO_FD_VISITED().
Add some white space in the desegmentation routine to improve readability.
Apply the same changes to the SSL dissector.
svn path=/trunk/; revision=36304
|
|
so that if the start_ptr is NULL the bytes are extracted from the given TVB
using the given offset and length.
Replace a bunch of:
proto_tree_add_bytes_format*(tree, hf, tvb, offset, length, tvb_get_ptr(tvb, offset, length), [...])
with:
proto_tree_add_bytes_format*(tree, hf, tvb, offset, length, NULL, [...])
svn path=/trunk/; revision=35896
|
|
svn path=/trunk/; revision=35705
|
|
SSL/TLS dissector: add support for "Certificate Status" messages (aka OCSP stapling)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5503
svn path=/trunk/; revision=35655
|
|
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string() or
tvb_get_const_stringz().
Use tvb_memeql() & tvb_memcmp().
svn path=/trunk/; revision=35558
|
|
(see: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5485 )
svn path=/trunk/; revision=35216
|
|
protocol reference URLs.
svn path=/trunk/; revision=35186
|
|
- Initialize a few static global variables;
- Remove two unnecessary calls to g_hash_table_foreach_remove;
- Do whitespace cleanup and use consistent indentation;
- Fix a few typos and fix up several comments.
svn path=/trunk/; revision=35183
|
|
Reorder value-string arrays slightly so they are in ascending order.
svn path=/trunk/; revision=34699
|
|
svn path=/trunk/; revision=34227
|
|
svn path=/trunk/; revision=33310
|
|
Support for RFC4279 Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4853
svn path=/trunk/; revision=33309
|
|
svn path=/trunk/; revision=33012
|
|
list when using "starttls" SSL decryption preference
- make sure the SSL dissector knows how to reach the original dissector for the decrypted data
- make sure the SMTP dissector does not call the SSL dissector again with the decrypted data
svn path=/trunk/; revision=32921
|
|
http://www.wireshark.org/lists/wireshark-dev/200809/msg00075.html
(as referenced in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2907 ) and
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3411 :
Write a new convenience routine for finding a conversation and, if it is not
found, create it. The frame number and addresses are taken from pinfo (as is
the common case).
Use this function in a bunch of dissectors.
svn path=/trunk/; revision=32790
|
|
some consts.
svn path=/trunk/; revision=32760
|
|
when the record header is spit between packets
svn path=/trunk/; revision=32456
|
|
And some minor formatting updates.
svn path=/trunk/; revision=31921
|
|
svn path=/trunk/; revision=31776
|
|
reassembly.
svn path=/trunk/; revision=31767
|
|
Just a small patch to add information about elliptic curves for SSL-connections.
svn path=/trunk/; revision=31744
|
|
(remaining data can be TCP segment data)
Removed calls to col_check().
svn path=/trunk/; revision=31332
|
|
ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319
|
|
svn path=/trunk/; revision=31053
|
|
* Remove check_col guards
svn path=/trunk/; revision=30127
|
|
Crash on TLSv1.2 packets, caused by ssl_short_name array overrun.
svn path=/trunk/; revision=29906
|
|
svn path=/trunk/; revision=29446
|
|
svn path=/trunk/; revision=29400
|
|
svn path=/trunk/; revision=29345
|
|
svn path=/trunk/; revision=29344
|
|
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
|
|
http://wiki.wireshark.org/Development/Optimization
svn path=/trunk/; revision=28356
|
|
up (99 44/100% of which were assignments of double-precision
floating-point constants to floats). Hopefully this will catch at least
some P64 issues on UN*X.
svn path=/trunk/; revision=28108
|
|
protocol tree would show two "Secure Socket Layer" branches and the INFO
column would fail to show the content type of the second PDU. Don't give
control back to TCP for the second PDU by just fetching the remaining bytes
of the first PDU, but ask for a whole new segment so that all processing
will be done within the SSL dissector itself.
svn path=/trunk/; revision=28088
|
|
- ciphersuite list updated
- list of alerts and extensions updated
svn path=/trunk/; revision=27421
|
|
svn path=/trunk/; revision=27065
|
|
svn path=/trunk/; revision=27062
|
|
svn path=/trunk/; revision=27053
|