Age | Commit message (Collapse) | Author | Files | Lines |
|
explicit, and frees up the "generic" names (like tvb_memdup) for new signatures
that take the appropriate wmem pool.
Majority of the conversion done with sed.
svn path=/trunk/; revision=52164
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6898
svn path=/trunk/; revision=52163
|
|
svn path=/trunk/; revision=52162
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9159 :
ESIS dissector exception due to incorrect length parameter to 'proto_tree_add_uint'
svn path=/trunk/; revision=52160
|
|
Add dissector_try_uint_new() to the list of exported symbols
svn path=/trunk/; revision=52159
|
|
1. Correct Interface Flag enumeration
2. Dissect ARP data without making it look like its an ARP packet by disabling column writing.
svn path=/trunk/; revision=52157
|
|
null-check *before* calling strlen (if it's even necessary?)
Fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9166
svn path=/trunk/; revision=52156
|
|
svn path=/trunk/; revision=52155
|
|
svn path=/trunk/; revision=52154
|
|
svn path=/trunk/; revision=52153
|
|
Ability to Decode the Number of Mesh Peerings
Decode the mesh formation information fields related to the number of mesh peerings
Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@cozybit.com>
svn path=/trunk/; revision=52152
|
|
[PATCH] Update TLS Ciphers
Really add support for AEAD ciphers (GCM)
GCM uses counter mode with authentication tags (the latter is currently
not supported). As for the key material, there is no MAC (because the
auth tag is supposed to verify the authenticity).
Finally, correct the GCM cipher suite definitions: IV block size of
4 bytes and GCM instead of CBC mode.
svn path=/trunk/; revision=52150
|
|
[PATCH] Update TLS Ciphers
Use IV from record for CBC mode, add padding/IV length check
Add summary of RFCs to make it more obvious why certain parts (IV, MAC,
padding) are used. Merge DTLS and TLS blocks for extracting IV. This
saves an unnecessary memmove() because the input pointer is, well, just
a local variable and can therefore be incremented.
Validate padding and IV lengths before using it. A crash could occur
if the explicit IV is missing (this would make memmove write before its
buffer). The missing padding check had as implication that a misleading
error is returning with a negative length (not exploitable).
Use IV from record for CBC mode, previously it decrypted the first block
incorrectly and then threw this "decrypted" IV away. Now it extracts the
IV and uses this for decrypting the first fragment block. (remember that
CBC xor's the output of the block cipher with the previous ciphertext
(or IV for the first block)).
This is a preparation for GCM which does not have a MAC. The skip_mac
branch is necessary to make the compiler happy in this patch, 'mac'
could otherwise be uninitialised.
svn path=/trunk/; revision=52149
|
|
[PATCH] Update TLS Ciphers
Correct cipher suites list, add TLS_ annotations
Add official TLS_ names as comment and correct:
- 6: RC2 is a block cipher using MD5, not stream+SHA.
- 25,26,27: should be SHA instead of MD5
- 98: DES export is a block cipher using 56-bits[1], not stream.
- 99: DES export should be using 56-bits[1].
- 138: removed commented RC4 cipher because it is not a block cipher
Besides these comments and corrections, there are no further changes.
[1]: http://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-00
svn path=/trunk/; revision=52148
|
|
[PATCH] Update TLS Ciphers
Drop export_cipher and dig_len, cleaner digest access
Removed dig_len as this magic number is dependent on dig. The digests
variable is converted from a string to a structure holding the digest
name and length because of its close dependency.
Introduce another struct+function to get rid of the magic number 0x40
(DIG_MD5).
Removed export_cipher bit as this is dependent on eff_bits < bits.
Verified with:
grep ,KEX_ packet-ssl-utils.c | awk -F, '{bits=$6!=$7;ex=$9;
if ((bits && !ex) || (!bits && ex))print $6, $7, $8, "###", $0}'.
Removed space before SIG_RSA for cipher 51 for consistency with others.
svn path=/trunk/; revision=52147
|
|
the tvb_memcpy on the next line should be taking more data, but I don't know
enough about the protocol to be sure. This is the least disruptive way to fix
the last valgrind error from
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8941
svn path=/trunk/; revision=52145
|
|
collision.
svn path=/trunk/; revision=52144
|
|
Decode AFS RXAFSCB_GetCapabilities RPC requests with their replies.
svn path=/trunk/; revision=52143
|
|
system.
svn path=/trunk/; revision=52142
|
|
packet) having to do with Wireshark assuming that all remaining bytes in the packet are part of the "cc_node_list", rather than stopping dissection according to the hdr_len field in the NORM Common Message Header.
Ref: http://tools.ietf.org/html/rfc3940#section-4.2.3.4
#BACKPORT(1.10, 1.8)
svn path=/trunk/; revision=52139
|
|
BSSGP: Fix dissection of Trace Type IE in SGSN-INVOKE-TRACE message
svn path=/trunk/; revision=52131
|
|
svn path=/trunk/; revision=52128
|
|
svn path=/trunk/; revision=52126
|
|
svn path=/trunk/; revision=52125
|
|
an extended value string.
svn path=/trunk/; revision=52124
|
|
This should hopefully fix linking with Solaris Studio, which doesn't
remove unused inline functions by default. Fix a copy+paste error.
svn path=/trunk/; revision=52122
|
|
implementation of BASE_VAL64_STRING value_strings.
Fixes 'tshark -G values' crash.
svn path=/trunk/; revision=52121
|
|
BACnet vendor ID list dated September 16, 2013.
http://www.bacnet.org/VendorID/BACnet%20Vendor%20IDs.htm
svn path=/trunk/; revision=52119
|
|
svn path=/trunk/; revision=52116
|
|
for that.
svn path=/trunk/; revision=52115
|
|
Fix decoding of AFS Volume Name.
svn path=/trunk/; revision=52114
|
|
Add reassembly support for AFS.
From me: minor tweaks to conform to other reassemblable protocols; indentation
fixes; modelines
svn path=/trunk/; revision=52113
|
|
svn path=/trunk/; revision=52111
|
|
in the Qt code.
svn path=/trunk/; revision=52108
|
|
Ensure that codec_str string is always initialized
svn path=/trunk/; revision=52107
|
|
Document each function. Note that we now call tvb_get_ptr() before
modifying the address in tvb_set_address() and tvb_set_address_hf(). The
caller doesn't have to worry about doing that any more. Add
add_address_to_hash64().
svn path=/trunk/; revision=52106
|
|
svn path=/trunk/; revision=52104
|
|
We should read the services file in initialize_services instead.
svn path=/trunk/; revision=52103
|
|
svn path=/trunk/; revision=52100
|
|
svn path=/trunk/; revision=52099
|
|
hf_ field name is the first part of the formatted string. This was all manual inspection and most cases were either:
1. Case sensitivity differences between hf_ field name and formatted string.
2. Unnecessary whitespace between hf_ field name and colon in formatted string
There are cases where the hf_ field name doesn't quite match the proto_tree_add_uint_format, but it's close enough that one of them should be "right", I'm just not sure which is, I just know the string in proto_tree_add_uint_format is the one displayed.
svn path=/trunk/; revision=52098
|
|
Update TLS Ciphers
The attached trivial patch corrects the digest (SHA) length for TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
svn path=/trunk/; revision=52096
|
|
svn path=/trunk/; revision=52090
|
|
(like a #define) at the beginning of a line before a value_string no longer
matches so a #define that includes the beginning of a value_string doesn't
confuse the script.
svn path=/trunk/; revision=52089
|
|
svn path=/trunk/; revision=52087
|
|
svn path=/trunk/; revision=52086
|
|
Substantial enhancements to MQ protocol: all Structure, MSG_REQUEST/ASYNC_RESP,
MQ Multi Segment are decoded until version 7.1/7.5
svn path=/trunk/; revision=52085
|
|
no longer get to check both conversation directions at once "for free" because
the two orderings actually result in different hashes. Do them one at a time.
Sorry Anders, this may or may not cancel out some of the performance gain you
were looking for. Either way, the new hash function is still an improvement.
Fixes bidirectional conversation lookup, which was conveniently showing up as
a DTLS decryption failure in the test suite. Go figure.
svn path=/trunk/; revision=52084
|
|
strdup the string built in a strbuf if the scope is the same. Remove the
thoroughly unnecessary temporary variable as well.
svn path=/trunk/; revision=52082
|
|
temporary address structure for the port-numbers so we can use the same macro,
reducing duplication further.
Add modelines.
svn path=/trunk/; revision=52081
|