Age | Commit message (Collapse) | Author | Files | Lines |
|
The whole point of using mktemp is to get a temporary directory outside
the source tree. Commit v2.1.0rc0-1027-ge01f8fb tried to fix the
invocation for *BSD (including OS X), but by adding a template it
dropped the implicit --tmpdir option for GNU mktemp on Linux..
Use the GNU mktemp invocation and if it fails (for example, because a
template is expected for BSD/OS X), provide a template.
Change-Id: I77bbc7dc2045e4fa756e102afa080860b0857713
Reviewed-on: https://code.wireshark.org/review/16178
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: I3bd474f3cda9667dec66426b5729449953df3e61
Reviewed-on: https://code.wireshark.org/review/15777
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
|
|
Revert "Test: Make capture_step_stdin more verbose." and "Test: more
suite-capture debugging." Tests on the Windows 8.1 builder have been
passing since recommended OS updates were installed on the 24th.
This reverts commits 7f710ef2b54d9eeb06c35ab1bd834f2df0696024 and
f52c3c468a508e1e770c32d479cdd761cb412af8.
Change-Id: I7cf10a38ba001426baea5fc76a34610c3a26ced2
Reviewed-on: https://code.wireshark.org/review/15590
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
In capture_step_stdin, print information about our test capture if we
fail.
Change-Id: I046f9d22b1bb2d52d96926f50379ab51e6279eb3
Reviewed-on: https://code.wireshark.org/review/15125
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I94967aeabdf2786868c3f7fce9e95633332d4948
Reviewed-on: https://code.wireshark.org/review/15123
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Add some verbosity to the stdin capture test. Hopefully this will shed
some light on the Windows 8 builder failures.
Change-Id: Ife2bbbaeed7a1e4a7ddd1c1f86322ba25d154f4c
Reviewed-on: https://code.wireshark.org/review/15122
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
The "http" dissector is what's used for protocols other than TCP, SCTP,
and SSL/TLS.
Change-Id: Ib5138d3a082f1017b7ef190e5128a21eb9a49e92
Reviewed-on: https://code.wireshark.org/review/14947
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
pcap files and snoop files have different headers, so there's no
IP_OVER_IB encapsulation type, there are separate types for pcap and
snoop.
Change-Id: I00146e478d05bb11c634df0c386329db8de5635d
Reviewed-on: https://code.wireshark.org/review/14774
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Error out if it can't be created.
Change-Id: I1a087f0e0cc064be7a417b9a2e66cf3c940e02fa
Reviewed-on: https://code.wireshark.org/review/14565
Reviewed-by: João Valverde <j@v6e.pt>
|
|
When the tests are run in the buildbot, messages such as
Error during test execution: see {pathname}
aren't very useful.
Change-Id: I4509ea58c162c264c316358019a1cbc01cd93e31
Reviewed-on: https://code.wireshark.org/review/14135
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(There's also work needed in libpcap; that's also in progress.)
Change-Id: Iff5a34c139a000865e2d78cc17a4af5ff24fb44b
Reviewed-on: https://code.wireshark.org/review/14025
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We cannot easily predict what will happen, given the configuration of
the OS, the permissions on files, the availability of extcap devices,
the version of libpcap/WinPcap/NPcap (present or future), etc., etc.,
etc.. Allow those tests to succeed (as would be the case if you have
the necessary permissions) or fail with a non-command-line-syntax error
(as would be the case if you don't have the necessary permissions), but
not to fail with a command-line syntax error.
Change-Id: I76af898d5f146fcf3507c06f101acb578085e6fa
Reviewed-on: https://code.wireshark.org/review/13957
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I4ff1ef28aba353fd7548cb5c0603fc29479aa854
Reviewed-on: https://code.wireshark.org/review/13294
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- When scanning for keys, check for TDLS action frames
(need to have TLDS response or confirm to derive the key)
- When deriving PTK, also check MIC to ensure the key has been correctly
computed.
- As SA is between two STAs (and not STA and AP), store highest MAC
address in sa.bssid, and the other one in sa.sta
=> Add new function (AirPDcapGetSaAddress) that will check for TDLS
case.
- Add test in decryption suite
Bug: 11312
Change-Id: Ieccb6a23a0ffbf3b705dac9b67c856ae2d3eeca9
Reviewed-on: https://code.wireshark.org/review/13664
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I80f2afb6e0cc44af6466fa255e91a40b29c4ca13
Reviewed-on: https://code.wireshark.org/review/13685
Reviewed-by: cedric izoard <cedric.izoard@ceva-dsp.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9b3fb7d09d8dc90366167b1072dcdd4efc6f0516
Reviewed-on: https://code.wireshark.org/review/13684
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
c-basic-offset -> sh-basic-offset
Change-Id: I16b19b608fbdb7f0408f7c31871fae746c8c4f50
Reviewed-on: https://code.wireshark.org/review/13683
Reviewed-by: cedric izoard <cedric.izoard@ceva-dsp.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3e9849afc8df9d81d0d9e0a4eaa9800d9c1ce8ec
Reviewed-on: https://code.wireshark.org/review/13517
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
- Add a test to check decryption of management frames
Bug: 11995
Change-Id: I588d0f17b9e5efc841266b9dae4764e5e931be3f
Reviewed-on: https://code.wireshark.org/review/13259
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Not all versions of mktemp support omitting the template; in particular,
the one provided by some BSD-flavored OSes don't.
Change-Id: I657e002559dce165c677a473aa10bb17cc506037
Reviewed-on: https://code.wireshark.org/review/12592
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The default prefix policy on modern versions of Windows prefers IPv6.
This in combination with the fact that our ping target (www.wireshark.org)
currently has both A and AAAA records might result in ICMPv6 traffic
instead of ICMPv4. Update the capture test suite accordingly.
Change-Id: I5c88f24fb9458526ffd44c5003f09247b6999ce7
Reviewed-on: https://code.wireshark.org/review/12553
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
WTAP_ENCAP_IEEE_802_11_AIROPEEK.
The old global tests don't work; get rid of them. Fix the values of the
Lua globals in the new test, and get rid of IEEE_802_11_AIROPEEK.
(Yes, if you have a Lua script that depends on IEEE_802_11_AIROPEEK
being defined, or that depends on the values of the Wiretap
encapsulations not changing, it breaks. Fix it.)
Change-Id: I245c1c0c3ba1c450f7950c754624c51b5564848a
Reviewed-on: https://code.wireshark.org/review/12210
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
- Updated AirPDcapPacketProcess function description
- Try to return better error codes
- Remove broken/useless return of keys from AirPDcapRsna4WHandshake
Change-Id: I1e4e0a76f6d1307e11c0466f17935dd7030561e1
Reviewed-on: https://code.wireshark.org/review/12033
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
If we ever change the way file writers work, in a fashion incompatible
with the existing way they work, we'll also rename this member - and get
rid of checks for earlier versions of the Lua interface.
Change-Id: I64065944fa31371f5249cafd930c18f180ad7299
Reviewed-on: https://code.wireshark.org/review/11879
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I7288cd3660dfd14be95dc42910faed47eca8226b
Reviewed-on: https://code.wireshark.org/review/11661
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
- start decoding when we have eapol1+2 packets
Do not insist on a complete captured handshake, decode what we can.
- more robust way to detect eapol #2 packets
At least Win 10 is violating the spec on rekey by setting the secure
bit in #2. Unpatched version shows and handles #2 as #4, breaking
decoding after rekey.
- fixed eapol rekey key handling
Inital patch (see https://code.wireshark.org/review/8268)
is adding redundant keys, since it scans all the time
and not only once.
- ignore tailing garbage after eapol sections in frame
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9065#c8
Included testcase to test decode for incomplete handshakes and eapol2
packets with secure bit set on rekey.
Ping-Bug: 9065
Change-Id: Id775088db9b5aaa80da9efdeed6902d024b5c0cd
Reviewed-on: https://code.wireshark.org/review/11484
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Use the pcap captures from test/captures/ and
- Get information for the input pcap file with capinfos
- Generate an ASCII hexdump with text2pcap
- Convert the ASCII hexdump back to pcap using text2pcap
- Get information for the output pcap file with capinfs
- Check that file type, encapsulation type, number of packets and data size
in the output file are the same as in the input file
Change-Id: I659204fb0a46e9cd99d03eb666f55fac95ae053e
Reviewed-on: https://code.wireshark.org/review/11042
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The tests only allowed a single character suite selection, which
prevented suite 10 from being run on its own.
Modified test.sh to now require a newline in addition to the input
so that a 2 digit number can be entered.
Also fixed test display to remove illusion that an individual step
could be run. Only whole suites can be run.
Change-Id: I4dee0ec6a8e1f34fa443a6a0a3f2d52a73146e54
Reviewed-on: https://code.wireshark.org/review/10676
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
This way we'll know as soon as we drop below the pre-allocated limit. As
suggested by Graham on https://code.wireshark.org/review/10601
Change-Id: Ieeb14bdcf991d7a67c30787c97ca24ebb35d1763
Reviewed-on: https://code.wireshark.org/review/10627
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ic9351b9bb8df85086eee3ab21908a2f9a04db767
Reviewed-on: https://code.wireshark.org/review/10141
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
This change will be undone once the problem is found.
Change-Id: Ica9cfe31b4e30fad2bb9de508af61baa1c455cc1
Reviewed-on: https://code.wireshark.org/review/10136
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Add a test suite for mergecap (and indirectly capinfos I guess).
This is not exhaustive, but it's a start.
Change-Id: I9442b4c32e31a74b1673961ad6ab50821441de3e
Reviewed-on: https://code.wireshark.org/review/10082
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I698fc75dc915ea007b2f7762f0041dbb6dd1d8d3
Reviewed-on: https://code.wireshark.org/review/9764
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: I6a9252d2841fc44c6fdb6bd27517d60570afbae0
Reviewed-on: https://code.wireshark.org/review/9695
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I7d82d34369d192e7da7d554f44f448e1613f850f
Reviewed-on: https://code.wireshark.org/review/9694
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
See what it prints on Windows.
Change-Id: Id35d87595543eca3e5b5d80dbe9a7639e0a85994
Reviewed-on: https://code.wireshark.org/review/9693
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I957a0c1beeae4bbd8c32ed05f30525becaf37e95
Reviewed-on: https://code.wireshark.org/review/9682
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Too bad DEC used / as an option character and Bell Labs chose it as a
pathname separator.
Change-Id: Ie58ba79476e0f24e408fae55f6c5eaff3ffb11fa
Reviewed-on: https://code.wireshark.org/review/9680
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
In the decryption_step_ssl_rsa_pq - and the
decryption_step_ssl_master_secret test - duplicate the code used to
generate TEST_KEYS_DIR, so that we construct a UN*X-style path and then,
if we're running on Windows, map the UN*X-style path, which is a Cygwin
path, to the equivalent Windows-style path, and pass that to TShark on
the command line.
Bug: 11372
Change-Id: I442a30c4c954540a05942ed70ec3687941428a96
Reviewed-on: https://code.wireshark.org/review/9675
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Trying to debug the problem.
Change-Id: I26f78e49556cb1d40f0c8ddbfd58f058dceb0e77
Reviewed-on: https://code.wireshark.org/review/9674
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
TEST_KEYS_DIR already contains a trailing slash. Windows does not like
forward slashes, so drop the additional slash to fix tests under
Windows.
Fixes: v1.99.8rc0-417-g85f8a99
Bug: 11372
Change-Id: Ief794977281b70549369c344a193f4d48bcc1776
Reviewed-on: https://code.wireshark.org/review/9668
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Reported at
https://ask.wireshark.org/questions/43788/struggling-to-decrypt-ssl
"u" requirement is documented at
https://www.gnupg.org/documentation/manuals/gcrypt/RSA-key-parameters.html#RSA-key-parameters
Add regression test (key is generated manually with p and q swapped and
qInv recalculated).
Change-Id: I5505ddcdb54bb47d7a58867b8c3e53fcc0f66dde
Reviewed-on: https://code.wireshark.org/review/9573
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Add Lua functions so a plugin can introspect field information, such
as the type of field, flags, tvb, etc. Also add a couple of Tvb and
ByteArray methods. And cleanup the TreeItem code a little.
Change-Id: I7b58ce589ace91cce14b8abccd01ceabb63e2653
Reviewed-on: https://code.wireshark.org/review/6500
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Also, expand a comment.
Change-Id: Icbb8ead02f55087f3ac09747fe518f211d488172
Reviewed-on: https://code.wireshark.org/review/9057
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It's currently crashing in the Solaris buildbot when we do "tshark -v";
hopefully this will give us something more useful than
test.sh: line 144: 21543 Abort (core dumped) $TSHARK -v
"Version information" Failed!
Failed to print version information
Binary file ./core matches
as a diagnostic.
Change-Id: I278c8dd9f6acf5ddfa83bc0a7f3f7a3c48577ac2
Reviewed-on: https://code.wireshark.org/review/9052
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The buildbot printed "expr: syntax error", presumably from this, but
that oh-so-descriptive error message doesn't indicate what the problem
is, and just about any string should be valid as the left-hand operand
of the : operator.
Change-Id: I1140522357b8df07e4183bf0eb8c5fa9fbe275e4
Reviewed-on: https://code.wireshark.org/review/8827
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ib8207d56a7e064855ce1444c927913c9c9258788
Reviewed-on: https://code.wireshark.org/review/8766
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
SSL traffic from tshark with -o ssl.keys_list.
For example, as used in a new test also added in this commit:
-o "ssl.keys_list: 127.0.0.1,9131,http,$TEST_KEYS_DIR/key.p12,WebAS"
Change-Id: Ia6960fa4ae88182277f6d22d84ec9170ea74d54e
Reviewed-on: https://code.wireshark.org/review/8746
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I8fd2b4445707029ea24ad3c02804c0bf8fcedd15
Reviewed-on: https://code.wireshark.org/review/8406
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ibdb899ddcaa88579aa2dc3c842d016a1ac164e2a
Reviewed-on: https://code.wireshark.org/review/8404
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|