Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
fix Ubuntu build
|
|
|
|
Closes #17562
|
|
Still to do: fix the corresponding HID data parsing.
|
|
|
|
Handle multiple PDUs per TCP segment or UDP datagram. Add
preference for handling PDUs that span multiple TCP segments.
Fix nested depth handling so as not to clear COL_INFO in the
second PDU of a segment (and also make dissect_knxip have the
standard signature.) Fix #17545.
|
|
On the first packet of the conversation, the MPA layer is
dissected correctly followed by the DDP, RDMAP, RPC-over-RDMA,
RPC and NFS layers. The MPA layer sets the TCP conversation as
MPA protocol but when it dissects the RPC layer it also sets
the TCP conversation as RPC protocol thus overwriting the previous
protocol.
Added new port type PT_IWARP_MPA so that when the RPC layer
is dissected it does not overwrite the default protocol for
the TCP conversation which has already been set to MPA.
Fixes #15869.
|
|
This patch adds support for the ISO 10681-2 protocol, which is similar
to the ISO 15765-2 protocol (see packet-iso15765.c).
This patch also add support for registering combined FlexRay IDs to
register the new dissector.
|
|
This patch adds support to DoIP and ISO15765 to pass the diagnostic
address or addresses to UDS. UDS takes the relevant address into account
for the data identifier and routine identifier name resolution.
|
|
Use correct offset for P1 and P2 when showing channel operation
and channel number.
According to TS 102 221 V14.2.0 the Open channel operation is using
P2 for channel, and let UICC assign when this is 0. Show P3 as Le.
Make P3 optional because it's not present in at least Close channel
operation.
Change text in Info column to avoid "Channel Channel: x".
|
|
Add git dissection test cases to existing testing suite for: finding git
packets, finding the Git Protocol version, finding the right amount of
Flush and Delimiter packets, not finding Malformed packets.
Part of #17093
|
|
This attempts to fix an error encountered when building Wireshark on aarch64:
[254/2488] Building C object epan/dissectors/CMakeFiles/dissectors.dir/file-pcapng.c.o
FAILED: epan/dissectors/CMakeFiles/dissectors.dir/file-pcapng.c.o
/usr/bin/cc -DG_DISABLE_DEPRECATED -DG_DISABLE_SINGLE_INCLUDES -DWS_BUILD_DLL -I. -isystem /usr/include/glib-2.0 -isystem /usr/lib/aarch64-linux-gnu/glib-2.0/include -isystem /usr/include/libxml2 -isystem epan/dissectors -isystem epan -fvisibility=hidden -fexcess-precision=fast -Wall -Wextra -Wendif-labels -Wpointer-arith -Wformat-security -fwrapv -fno-strict-overflow -Wvla -Waddress -Wattributes -Wdiv-by-zero -Wignored-qualifiers -Wpragmas -Wno-overlength-strings -Wno-long-long -Wredundant-decls -Wframe-larger-than=32768 -fdiagnostics-color=always -Wunused-const-variable -Wshadow -Wold-style-definition -Wstrict-prototypes -Wlogical-op -Wjump-misses-init -Werror=implicit -Wno-pointer-sign -std=gnu99 -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -fasynchronous-unwind-tables -fstack-clash-protection -fmacro-prefix-map=/run/build/wireshark/= -fmacro-prefix-map=/run/build/wireshark/= -O2 -g -DNDEBUG -fPIC -Werror -MD -MT epan/dissectors/CMakeFiles/dissectors.dir/file-pcapng.c.o -MF epan/dissectors/CMakeFiles/dissectors.dir/file-pcapng.c.o.d -o epan/dissectors/CMakeFiles/dissectors.dir/file-pcapng.c.o -c epan/dissectors/file-pcapng.c
epan/dissectors/file-pcapng.c: In function ‘dissect_spb_data’:
epan/dissectors/file-pcapng.c:1599:9: error: variable ‘offset’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
1599 | int offset = 0;
| ^~~~~~
epan/dissectors/file-pcapng.c: In function ‘dissect_epb_data’:
epan/dissectors/file-pcapng.c:1791:9: error: variable ‘offset’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
1791 | int offset = 0;
| ^~~~~~
epan/dissectors/file-pcapng.c: In function ‘dissect_pb_data’:
epan/dissectors/file-pcapng.c:1541:9: error: variable ‘offset’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
1541 | int offset = 0;
| ^~~~~~
cc1: all warnings being treated as errors
[255/2488] Building C object epan/dissectors/CMakeFiles/dissectors.dir/packet-autosar-nm.c.o
[256/2488] Building C object epan/dissectors/CMakeFiles/dissectors.dir/packet-bblog.c.o
Fixes: https://gitlab.com/wireshark/wireshark/-/issues/17554
|
|
|
|
Without that, you could add a comment to a record in a file format the
reading code for which doesn't allocate blocks, but the comment doesn't
get saved, as there's no block in which to save the comment option.
This simplifies some code paths, as we're either using the record's
modified block or we're using the block as read from the file, there's
no third possibility.
If we attempt to read a record, and we get an error, and a block was
allocated for the record, unreference it, so the individual file readers
don't have to worry about it.
|
|
Fix typo preventing 'Usage Maximum' values from being parsed.
Values were were reported as 'Usage:'.
|
|
Add camera control page (0x90). Usages are up to date with HID Usage
Tables for USB version 1.22.
|
|
|
|
|
|
Update channel to include index to clear up possible confusion if this
is RF channel, or channel index.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
|
|
Update channel to include index to clear up possible confusion if this
is RF channel, or channel index.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
|
|
New HCI commands/event dissected:
- LE Set Data Related Changes Command
- LE Set Default Subrate Command
- LE Subrate Request Command
- LE Subrate Change Event
5.3 version number added, LE event mask, supported commands and
LE feature bitmaps updated.
|
|
A packet that has been received by the sniffer with CRC errors will not
decrypted properly by the sniffer. Mark the decrypt failure reason as
CRC error instead of MIC error.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
|
|
|
|
Use "flags" for the OPT_PKT_FLAGS option value, as we do elsewhere. Use
"lapd_flags" for the variable holding the LAPD flags.
We don't need to initialize flags, as we extract the OPT_PKT_FLAGS
option into it immediately after initializing it (if the attempt to get
that option fails, it's not set, but it's not used, either).
|
|
Remove unnecessary initializations.
Rename the variable for the packet ID option to match the name of the
option (it's epb_packetid in the pcapng spec, with no underscore between
"packet" and "id").
|
|
Closing #17209
|
|
|
|
AMQP calls a subdissector table before tcp_dissect_pdus() is used to
desegment PDUs (see commit 27c10ed72ea2451bfbb6c0eb50af4280e65a3fcf),
so pinfo->can_desegment needs to be restored before it is decremented
a second time. Fixes #14217.
|
|
Windows can allow Unicode in filenames now, and export_object.c
has its own eo_massage_str function that the GUI and CLI already
call to create safe filenames when they are saved. There's no need
for an individual dissector like SMB to have its own (worse)
implementation of the same functionality, and to call it before
filenames are displayed. Fix #17530
|
|
Show if message indicates that auxiliary input was enabled or disabled
|
|
Used my work email previously, but have not been working for them for a long
time already.
|
|
- Make sure reassembly requests & errors are properly propagated from
any point in the PDU, no matter how many sub-structure levels.
- Handle the sub-dissection methods as well:
- Ensure the sub-dissection methods handle errors from previous calls.
- Reduce the error handling needed in sub-dissector implementations.
- Add missing sub-dissection methods for list, set, and map.
- Add the handling of sub-structure.
- Handle Compact protocol in addition to the existing binary protocol.
- Include and improve MR !3171
- Handle reassembly the same way as for binary protocol.
- Handle sub-dissection with the same functions.
=> Sub-dissectors only depend on .thrift files.
Additional changes:
- Use of constants instead of hard-coded values.
- Removed U64 support (never supported by thrift code generator, only
referenced in the C++ thrift library header but not supported in reality.
- Removed references to UTF-8 and UTF-16 string for the same reason.
- Replaced references to UTF-7 string with just string (same reason).
- Replaced references to byte with i8 as the documentation explicitly
states that byte is a compatibility name.
Documentation reference:
- https://thrift.apache.org/developers
- https://thrift.apache.org/docs/idl.html
- https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md
- https://erikvanoosten.github.io/thrift-missing-specification/
- https://diwakergupta.github.io/thrift-missing-guide/
Closes #16244
Additional changes:
- Add authors and improve consistency
- Fix typo and clarify documentation
|
|
|
|
|
|
Create pseudo URB and pass the reassembled data to USB URB dissector.
Reassembly for control transfers is not problematic as the transfer
length is known. For bulk transfers assume the transfer can span across
multiple transactions, however for periodic (interrupt and isochronous)
assume the transfer never spans across multiple transactions.
Rely on USB dissector to provide endpoint maximum packet size. Actual
interface/configuration handling in USB dissector needs to be reworked
as the code assumes that there is only one configuration and alternate
interface configurations have matching endpoints.
While the reassembly bulk transfers and never reassemble periodic
transfers result in pretty good dissection, the USB class dissectors
need a mechanism to provide transfer size hints to USBLL dissector.
Such hint is not needed for software USB capture as software sniffers
essentially capture URBs and every transfer is associated with one URB.
The problem can be seen for example in Mass Storage Class where it is
common for data transfers length to be multiple of endpoint maximum
packet size. Because USBLL dissector doesn't know expected transfer
size, it combines together data and status transport.
Related to #15908
|
|
Add support for decoding instruction byte 78 (GET IDENTITY) from
TS 102 221 v15.11.0 and instruction byte CA (GET DATA) which is used to
retrieve the EID for eSIMs according to GSMA SGP.02 v4.2 available from
https://www.gsma.com/esim/esim-m2m-specifications/.
Closes #17548.
|
|
All fields with GSN address were decodes as common hf_gsn_addr. But if
ETSI order is used, it's possible to specify alternative decoder
depending on message type and field position.
Alternative decoder for GSN address was added for mandatary fields and
optional/conditional field in the case there is single GSN address in
message.
Added new function as common dissector for all addr types.
|
|
correction of the length-calculation of SDO 'read by index' payload data
|
|
This patch speeds up the dissection of signal pdus, if not filtering.
With an example trace file full of signal PDUs, I gained about a 4x
speed up in opening the trace.
|
|
Fix a signed vs. unsigned warning while at it.
Whitespace fixes
|
|
Fix #17539
|
|
See https://www.ietf.org/archive/id/draft-ietf-dprive-dnsoquic-03.txt
|
|
Define dissect_http3_settings only if HAVE_LIBGCRYPT_AEAD is defined.
This should hopefully fix
```
epan/dissectors/packet-http3.c: In function 'dissect_http3_settings':
epan/dissectors/packet-http3.c:212:9: error: implicit declaration of function 'http3_is_reserved_code' [-Werror=implicit-function-declaration]
if (http3_is_reserved_code(settingsid)) {
^
epan/dissectors/packet-http3.c: At top level:
epan/dissectors/packet-http3.c:200:1: warning: 'dissect_http3_settings' defined but not used [-Wunused-function]
dissect_http3_settings(tvbuff_t* tvb, packet_info* pinfo _U_, proto_tree* http3_tree, guint offset)
^
cc1: some warnings being treated as errors
```
on the CentOS 7 builds.
|
|
- Fix "Priority" field name in FAD TLV (draft-ietf-lsr-flex-algo-16)
- Fix SABM/UDABM length in ASLA TLV (rfc8919)
|
|
|
|
If a "NT Password" value is provided by the user, the NTLMSSP decryption
should take place, whether or not Kerberos decryption option is enabled
(disabled by default).
|
|
NT Accounts may have empty passwords; this allows the dissector to try
decrypting the NTLMSSP session using an empty password (when "NT
Password" preference is left blank).
|
|
Rewrite storage and retrieval of `endpoint_guid`s to use private proto
data instead of `pinfo->private_table` which was meant solely for Lua
use.
Closes #17156
|
|
Signed-off-by: Arkady Gilinsky <8351139-ark-g@users.noreply.gitlab.com>
|