Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Ie56d3796bf8cc17d995f66159ef8f85d2485e34a
Reviewed-on: https://code.wireshark.org/review/34699
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Change-Id: I514fd1625d2d6f01c8175d7b61caa7ea3e5f216b
Reviewed-on: https://code.wireshark.org/review/34678
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Wake-up frames in 802.15.4e have a specific structure that is not
consistent with the fields present in a single-byte FCF.
As a special case when 802154e_compatibility is enabled, detect
multi-purpose frames that are exactly 12 bytes long and contain
a Rendezvous Time IE and parse them as an 802.15.4e wake-up frame.
Bug: 16102
Change-Id: I87c6317fffb0670dae0d5bdd499271fe02a40b22
Reviewed-on: https://code.wireshark.org/review/34684
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for IEEE802.15.4-2015 multipurpose frames, which are
similar to data frames with the following exceptions:
- The Frame Control Field can be either 1 or 2 octets, with different
bit offsets for all fields except for Frame Type.
- The Frame Version field, when present, must always be set to 00.
- The source PAN ID is always absent
- Instead of a PAN ID Compression field, there is a PAN ID Present
field for the destination PAN ID only.
See Section 7.3.5 of IEEE802.15.4-2015 (esp Figure 7-19) for details.
Bug: 16101
Change-Id: I1e64d90694b567573ca10395b823adb9015f8917
Reviewed-on: https://code.wireshark.org/review/34682
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add a new 802154e_compatibility preference.
When enabled, it will attempt to handle certain PAN ID compression schemes
that are permitted in 802.15.4e-2012 but not in 802.15.4-2015.
Specifically, when either the source or destination address are present
in short form and the PAN ID Compression bit is cleared, 802.15.4-2015 expects
the source PAN ID to be present, whereas 802.15.4e-2012 does not.
Bug: 16102
Change-Id: I7fea7bd6d0a78c859360a1130b242e90eac8feec
Reviewed-on: https://code.wireshark.org/review/34683
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The TLS stream of IBM WebSphere doesn't get detected since the TLS
record is sent in two packets: First the five bytes of the TLS record
header, then the TLS record data.
Bug: 16085
Change-Id: Ide8758dc7f6a14e4a5aeb01abc7fcaa42374f675
Reviewed-on: https://code.wireshark.org/review/34634
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
'iso14443.write_block.number' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT16
Change-Id: I1e92e470acf1bda89b894dd8603309f7168bb069
Reviewed-on: https://code.wireshark.org/review/34681
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
'homeplug_av.st_iotecha.mfct.length' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT16
Change-Id: I77c2ae0568ecca9246e62fcca95aba28433d1b35
Reviewed-on: https://code.wireshark.org/review/34680
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Use signaling channel and command identifier to match CoC request
and response, and then use scid and dcid later to match SDUs.
Change-Id: If599d216aa9eb4c81db6eebdc4087afa696840a2
Reviewed-on: https://code.wireshark.org/review/34675
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7ff9ca683ba085f05b948c069eaeab9dffaf6605
Reviewed-on: https://code.wireshark.org/review/34676
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 16098
Change-Id: I194612102149ddf4e026b9a588ad80257bfb1d7d
Reviewed-on: https://code.wireshark.org/review/34673
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I156585f196918426786297309047598bb3a7fe82
Reviewed-on: https://code.wireshark.org/review/34667
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 16099
Change-Id: I2b0b1a5578e384d5d71aa1aa4c417a7e86cb2616
Reviewed-on: https://code.wireshark.org/review/34668
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
For a GRE protocol type of 0x008E, check the "sequence number present"
bit in the GRE header, if it's available, to see if the packet has an
ERSPAN header or not, rather than checking the entire header to see if
it's zero. (If the GRE header isn't available, assume no ERSPAN
header.)
For a GRE protocol type of 0x22EB, always treat the packet as having an
ERSPAN header.
That matches more closely what the most recent I-D for ERSPAN said.
Bug: 16089
Change-Id: I21119411e8485854fca85fa701b994bfa4e73941
Reviewed-on: https://code.wireshark.org/review/34664
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6d455f93405718b26abfcda6bac756b0874450f0
Reviewed-on: https://code.wireshark.org/review/34658
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Change-Id: Icf3df4f82f43df51b6ce416f3a159229cbe80351
Reviewed-on: https://code.wireshark.org/review/34656
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Bug: 16086
Change-Id: I9904a75dd4c8e14f848f7977d5cb17aa0cc5fd4e
Reviewed-on: https://code.wireshark.org/review/34655
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ib6a4020eac5cc148823534bdd1260de4ade5db35
Reviewed-on: https://code.wireshark.org/review/34654
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Bug: 16012
Dissector call-back function was initially added only for L2 LSP while it's
needed for both.
Change-Id: I9191da6c3ee6ac27daa698bddf0a2d2d99ea8f08
Reviewed-on: https://code.wireshark.org/review/34648
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Use a correct right value_string table.
Change-Id: I75ca54dc040b123a460d67fc1b6d49d9e062a49e
Reviewed-on: https://code.wireshark.org/review/34651
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Show the value symbolically, and don't dissect the payload as an
Ethernet packet if the value isn't 0, meaning "Ethernet".
This gets rid of the mis-dissection of the payload in the capture
atttached to bug 16089, although it doesn't dissect it any further, as
we don't know how to dissect it.
Change-Id: I97fce0f7a4f4336339bc90271aa7b19c97831abe
Ping-Bug: 16089
Reviewed-on: https://code.wireshark.org/review/34649
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
5/5 developers of QUIC implementations favor decimal over hex, so change
it. This matches the display of the quic.stream.stream_id field.
Change-Id: I67bfe481f3066f9b99c13b24e413d41f3f59dc1f
Reviewed-on: https://code.wireshark.org/review/34647
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
RFC8205 specifies the BGPsec extension. The extended Wireshark dissector
consists of:
- BGPsec Capability
a capability that holds the BGPsec version, a direction and reserved
bits.
- BGPsec_PATH
a BGP path attribute. Such a path contains Secure Path Segments and
Signature Segments.
Change-Id: Iba5e17b9139bcac378adf2bcc2dfb369064f7a08
Reviewed-on: https://code.wireshark.org/review/34639
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I0957a8ce104c5ff81680e722c564337eff052c2f
Reviewed-on: https://code.wireshark.org/review/34642
Reviewed-by: João Valverde <j@v6e.pt>
|
|
QUIC needs to read the ALPN to select the dissector for STREAM
dissection.
Change-Id: I3c3a2d5a6fe2f8f127b31287ed4ad3e3b4b0e56c
Reviewed-on: https://code.wireshark.org/review/34633
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change the STREAM frame to include more details:
- STREAM Stream ID: 11
+ STREAM id=0xb fin=0 off=0 len=1 uni=1
The output is roughly inspired by the ngtcp2 debug logs.
Change-Id: If0d3aaa3f3731da1ea032b162aa5b9c5b4b34247
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34632
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Use G_GUINT64_FORMAT for uint64.
Change-Id: Id5f686f0fcfcd2f1ee31b7e76b0a8028919e1a63
Reviewed-on: https://code.wireshark.org/review/34628
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The Scalable service-Oriented MiddlewarE over IP (SOME/IP) is the
standard communication middleware for IP and Ethernet based
communication. It supports Service Discovery, RPC, Pub/Sub, and more.
Bug: 16014
Change-Id: Ifd6549818ccc87f376a5fb9ba1d6c335818c6e00
Signed-off-by: Dr. Lars Völker <lars.voelker@bmw.de>
Reviewed-on: https://code.wireshark.org/review/34497
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iedcc6480e1cd0cf2dc0461affd41fffb29daac08
Reviewed-on: https://code.wireshark.org/review/34616
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
S-NSSAI was not dissected correctly.
Change-Id: I715f3c4af6a92dfec3e2a3a7ad4b45bb7227aa68
Reviewed-on: https://code.wireshark.org/review/34617
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If5b7992c245db5e936ed1478640e11399b69fc04
Reviewed-on: https://code.wireshark.org/review/34610
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
There's no extra benefit in having FILE pointer (over file descriptor)
passed to file_needs_reopen().
Change-Id: Id49eb2f02b776c2f1ccd9d67fedd7eac38432f52
Reviewed-on: https://code.wireshark.org/review/34600
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 16075
Change-Id: Idcbd4fafa94cc8044ee1c0dfdf49916a4cc964c8
Reviewed-on: https://code.wireshark.org/review/34611
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Bug: 16073
Change-Id: I78caf82103e1a3e2027cd5f5c6f862fde4f2c898
Reviewed-on: https://code.wireshark.org/review/34603
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Change-Id: Ica224c7e766ed7174f13719886442e56ad4aa8ee
Reviewed-on: https://code.wireshark.org/review/34609
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I134d4f2380ea9105a9aa73f986e33be454e224fb
Reviewed-on: https://code.wireshark.org/review/34602
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Support detection and dissection of 'complete sib
short' payloads which include the entire SIB in a
single RRC message.
Change-Id: Ie216a394e8f858edad5f3b4b4a0f818986216085
Reviewed-on: https://code.wireshark.org/review/34585
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Change-Id: Ie13934080edb70e0373c97e24b52f55724e122cd
Reviewed-on: https://code.wireshark.org/review/34596
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
On Windows, fstat() and stat() sets st_dev to different value depending
on whether it was called with file handle or file path. If file handle
was used, the st_dev is simply the file handle casted to unsigned.
If file path was used, then st_dev corresponds to drive letter
(A=0, B=1, C=2, ...).
Compare the files using the file index information retrieved by
GetFileInformationByHandle(). When compiled in configuration that
supports FILE_ID_INFO, the code first tries to obtain 128-bit FILE_ID_INFO
and if that fails, fallback to GetFileInformationByHandle().
Bug: 16059
Change-Id: I5f8d8d8127337891ef9907c291e550b1d17aabbb
Reviewed-on: https://code.wireshark.org/review/34573
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
HTTP/2 header decompression requires nghttp2, be more helpful to users
who did not build Wireshark with appropriate support.
Change-Id: I52f79e320cf04bd943e1e8224a613e70ac263579
Reviewed-on: https://code.wireshark.org/review/34584
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Most of the Short Header fields are not interesting during frame
analysis. Move these under a new tree that can be collapsed. Example:
QUIC IETF
[Packet Length: 142]
QUIC Short Header DCID=dc65691dc735aa73 PKN=3
0... .... = Header Form: Short Header (0)
.1.. .... = Fixed Bit: True
..0. .... = Spin Bit: False
...0 0... = Reserved: 0
.... .0.. = Key Phase Bit: False
.... ..01 = Packet Number Length: 2 bytes (1)
Destination Connection ID: dc65691dc735aa73
Packet Number: 3
Protected Payload: 0720f67fc1fad0b14a14d8a9ff41b3119ce077e6088c21c2…
TLSv1.3 Record Layer: Handshake Protocol: New Session Ticket
STREAM Stream ID: 3
STREAM Stream ID: 7
STREAM Stream ID: 11
Use proto_tree_add_item + proto_item_add_subtree instead of
proto_tree_add_subtree to ensure a usable `tshark -Tjson` output using
"quic.short" as key instead of "QUIC Short Header DCID=...".
Change-Id: Ic5ae177c7d573005259224b0155cf2d802f7fc21
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34586
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 16067
Change-Id: Id67445d1769ff60560ac52ba03736055892fd029
Reviewed-on: https://code.wireshark.org/review/34590
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Update manuf, services enterprise numbers, translations, and other items.
Change-Id: I2ba49d0fa95284a37676e1aae58711afbe207a94
Reviewed-on: https://code.wireshark.org/review/34587
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
The spelling error for "Desription" in the context menu was very
obvious. The others were found by scanning the output of:
grep -Po '<source>\K.*(?=</source>)' wireshark_en.ts
Change-Id: I4b95236c82f76828a115d59d7c8e0b853eae1d26
Reviewed-on: https://code.wireshark.org/review/34582
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
RM Report channel number and duration share the same abbreviation.
Rename duration to wlan.measure.re[qp].duration.
Change-Id: I0a24ffb69e1b0f1c81626ccaeaa7ce1675158465
Reviewed-on: https://code.wireshark.org/review/34562
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
If GTK cannot be found inside a successfully decrypted wireless frame
the dot11crypt engine returns incorrect decrypted data length of 0
bytes. As the IEEE802.11 dissector does not check the length of the
decrypted frame the number of bytes allocated and copied to wmem ends
up being a negative number (i.e. a huge unsigned number). This results
in a SIGSEGV crash while copying data.
Fix this both by returning a correct length from dot11crypt engine
and add extra an protection to the IEEE802.11 dissector if the length
for any (other) reason still would end up being a negative number.
Bug: 16058
Change-Id: I9d0d1cf50498dece2e008222eebbb3edc8f10159
Reviewed-on: https://code.wireshark.org/review/34558
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
In this patch when a 'PLMN-IdentityWithOptionalMCC'
field is found where MCC is missing but a MCC was seen previously
in the packet, the last MCC will be used for E.212 dissection.
Change-Id: I6bda9540f63acc693751606c1f99d6aa9539bd98
Reviewed-on: https://code.wireshark.org/review/33925
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Previously extras in any mutation (e.g. ADD, SET) response would
be marked as illegal, as these used to return no extras.
More recently, extras can be returned in mutations if the
connection has negotiated the MUTATION_SEQNO feature.
The extras can contain the mutation's sequence number and the
vBucket UUID.
This commit adds a new field (couchbase.extras.mutation_seqno) to
achieve this, as the existing field couchbase.extras.seqno is used
for a different purpose and is only a UINT32, whereas a UINT64 is
returned as part of the extras; the existing
couchbase.extras.vbucket_uuid is used for the vBucket UUID.
Change-Id: If8a5148f2115fce7a777b96ad22ba92d95c9ff71
Reviewed-on: https://code.wireshark.org/review/34540
Reviewed-by: Dave Rigby <daver@couchbase.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added missed bits
Updated Release digits
Change-Id: I04eae315165137c8b04ed1c4d2e31fa1e3e57e91
Reviewed-on: https://code.wireshark.org/review/34541
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|