Add support for loading RSA private key files from PKCS #11 tokens,
identified by PKCS #11 URIs. Add a new 'pkcs11_libs' UAT which can
dynamically load PKCS #11 provider libraries that are not found by
p11-kit.
The configuration GUI will need additional code to discover available
PKCS #11 tokens and will be added later.
This feature requires GnuTLS 3.4 with PKCS #11 support, so Windows,
macOS via Homebrew, Ubuntu 16.04, Debian Stretch. Not supported: RHEL7.
Currently macOS via official packages disables PKCS #11 support, so that
will also not work.
Change-Id: I20646bfd69c6bd13c8c2d27cb65c164a4b0b7a66
Reviewed-on: https://code.wireshark.org/review/30855
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reloading Lua plugins did not actually remove registered FileHandler
instances which resulted in a use-after-free of lua_State. Fix this by
tracking instances and release them in wslua_deregister_filehandlers.
Other required fixes to allow reregistration after reloading:
- Fix END_FILEHANDLER_ROUTINE not to block all new registrations.
- wtap file subtypes are apparently persistent, even after
"unregistering". Fix this by looking up the previous subtype that
matches the FileHandler short name. Add a small sanity check to
wtap_register_file_type_subtypes to prevent internal handlers from
being overwritten.
This patch creates a potential memleak of registered_file_handlers as
wslua_deregister_filehandlers is not called on program exit (yet?).
Bug: 13264
Change-Id: I4f5935cde6ff8dc4de333359bad3efca96d4fb9b
Reviewed-on: https://code.wireshark.org/review/31068
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Check for potential Unicode-related problems on Windows.
Change-Id: I147c07749c5073a9ae00f07914dd80347d17c40f
Ping-Bug: 15118
Reviewed-on: https://code.wireshark.org/review/31154
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Lua internally uses ANSI C APIs (such as fopen). On many systems (macOS
and Linux for example) these work fine with UTF-8. Windows however
requires special Unicode APIs (such as _wfopen), so patch the Lua
library to interpret paths are UTF-8 and call appropriate Unicode APIs.
Changes compared to the previous LuaBinaries zip archive:
- Patched with UTF-8 support for loadfile, os.execute, etc.
- Built with VS 2015 (VCRUNTIME140.dll) instead of MinGW (MSVCRT.dll).
- Includes PDB file for lua52.dll
- Includes lua52.exe and luac52.exe with UTF-8 argv support (wmain).
- Includes build scripts, source files and README.md.
- Extra subdirectory named after the zip file.
These zip files are taken from https://github.com/Lekensteyn/lua-unicode
(the "prepared" source zips can be found here as well.)
Bug: 15118
Change-Id: I219f046d6e0fd5093287b5d6503a48ba7d1fc6a4
Reviewed-on: https://code.wireshark.org/review/31165
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add interface name (colon delimited) to SP_DROPS ('D') message so when dropped
packets are outputted, they include the interface name for clarity.
Bug: 13498
Change-Id: I68cdde4f20a574580f089dc5096d815cde5d3357
Reviewed-on: https://code.wireshark.org/review/31218
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Get rid of an extra blank line in a comment.
Change another comment to refer to "error packets", as we do elsewhere.
Fix indentation.
Change-Id: I4d81b8856ea876f20914352f962b1df0e115404c
Reviewed-on: https://code.wireshark.org/review/31241
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The callsign was being truncated to 7 letters.
This affects the following fields:
- I004/100#01.AN
- I004/170#08.MS1
- I004/170#08.MS2
- I025/020.SD
- asterix.AI, which is included in:
-- I021/170
-- I048/240
-- I062/245
-- I062/380#02
-- I062/380#03_v0_17
Change-Id: Idbbb3891d96e906053fc1f0c447e37bae87d207a
Reviewed-on: https://code.wireshark.org/review/31230
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Get rid of length determinant in the value returned for psid. Length
determinant is not part of the value.
This helps comparison with other protocols possibly containing a psid
also.
Change-Id: I2bd93bd6849f8bfa686f0574f05b0a65f587e4ad
Reviewed-on: https://code.wireshark.org/review/31235
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This keeps it in the same resolution as the dns.time field.
Ping-Bug: 15382
Change-Id: Ibacf8761819c0fac2e87fa147f7381336ce5cb39
Reviewed-on: https://code.wireshark.org/review/31223
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 4234
Change-Id: Ibd59809b2dd9890a7851eb57ef7af384e280a74b
Reviewed-on: https://code.wireshark.org/review/31222
Reviewed-by: Michael Mann <mmann78@netscape.net>
The total maximum length of the APN with Network Identifier and Operator
Identifier is 100 bytes.
Bug: 15383
Change-Id: Ib74eac1f18f2235c2788e58370f50eeb9a678357
Reviewed-on: https://code.wireshark.org/review/31225
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
NISO Z39.50 is a protocol used by libraries and library vendors for information retrieval and catalog manipulation. It is defined using ASN.1 using BER encoding. It has an assigned TCP port of 210. This is an initial implementation.
Features:
- The Z39.50 standard OIDs are defined.
- The bib-1 attribute set is decoded.
- The bib-1 diagnostics are decoded.
- Some OCTET STRINGs which are nearly always printable ASCII are special-cased.
- The MARC (MAchine Readable Cataloging) format is decoded. Only the MARC21 variant is
currently handled, but this is one of the most common variants. The most common tags
are decoded. The MARC dissector is included in the Z39.50 dissector, but the code is
structured in such away that it could be pulled out.
Todo:
- Add information to the Wiki about Z39.50.
As part of this work, the definition of isdigit_string() was fixed to avoid const complaints.
Change-Id: I29a7db53375ef8be83738a1ab98707761d878717
Reviewed-on: https://code.wireshark.org/review/31209
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap utilities can be Python scripts. Show the files as URLs and
allow double click to open.
Change-Id: I214caa2683896b89fbe6243562eee9b12d4ae217
Reviewed-on: https://code.wireshark.org/review/31221
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The stat tree API only supports 32-bit integers and if nanosecond resolution
is used correctly it's easy to hit integer overflow issues on even a fairly
small capture file trying to sum up response times.
Bug: 15382
Change-Id: I15d2cfbdbec7b0bef2bcfe1afe4f6eb6fc1d2456
Reviewed-on: https://code.wireshark.org/review/31217
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie5ab56f1ee80d14032969cbe7f31e086fb2b4b91
Reviewed-on: https://code.wireshark.org/review/31159
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't try to (re)set parameters in a struct when its pointer
points to NULL.
Bug: 15374
Change-Id: I953e82795990fde5fce2ad6d955781b372a9e405
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31189
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The F5 trailer dissector is called before the taps are called, so there
is no reason why the taps should attach information to the frame if
there isn't any information attached - if there's an F5 trailer, there
will be information attached to the frame, so there's no need to attach
one, and if there's no F5 trailer, there's no analysis to be done, so
there's no need to attach one.
That way, we don't waste memory that we aren't going to use (about 100MB
for a large capture I have that has almost 3 million packets).
Change-Id: I471b6c9b0fc6eb36f3aff35d6fba2f73c3a0eb90
Ping-Bug: 15385
Reviewed-on: https://code.wireshark.org/review/31210
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I5b5a627f9d75c2b9aa1ceb3a43c7991833dce751
Reviewed-on: https://code.wireshark.org/review/31195
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I96f937ac7f0b085cd1db80b67f490193b02f9aca
Reviewed-on: https://code.wireshark.org/review/31203
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This suite uses different output formats to check against fixed
samples.
Change-Id: I8adccfefea35a6d3cfacf3da61e8a72d830ed3a0
Reviewed-on: https://code.wireshark.org/review/31056
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
This patch extends the test suite with:
* a way for tests to check if a given byte sequence dissects into an expected dissection result.
Unit tests included:
* ASTERIX I019
* ASTERIX I063
* ASTERIX I065
Change-Id: Ib168382ec15b0b610ff5913806120ba1bf1d1503
Reviewed-on: https://code.wireshark.org/review/31083
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Instead of using the current date (that can differ from packets)
take if from the current frame. That will put the frame in an index
related to its capture date instead of its loading date.
Small indentation fixes.
Change-Id: If9f9dad1399c2b1bf145e8bcc45a6936e4599cd7
Reviewed-on: https://code.wireshark.org/review/31204
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This squelches -Wmissing-prototypes warnings.
Change-Id: I49feace8796c9786e09183e8dcf82d08e06996a2
Reviewed-on: https://code.wireshark.org/review/31193
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's not used outside this file.
Change-Id: I1eead997dbd4d3b58498192a0aec73094a49a067
Reviewed-on: https://code.wireshark.org/review/31202
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Nothing else uses it.
Change-Id: I1de8ced2ceeaf02f2c9eeeef9b6680d5ad7f4794
Reviewed-on: https://code.wireshark.org/review/31201
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's not used outside this file, and isn't declared in any header file.
Change-Id: I5b2e7600188bd25333fb85eed21ac41737794988
Reviewed-on: https://code.wireshark.org/review/31200
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preferences file includes an optional comma-separated string of
hidden interface type integer values (gui.interfaces_hidden_types).
Augment the interface_type enum and the preferences file to better
document what these interface type integer values stand for.
Change-Id: Idd268ed7f252cfa56dd046d24ff7ff597018f5d3
Reviewed-on: https://code.wireshark.org/review/31191
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the request URI to the response to allow filtering of
responses by request URI in a single pass.
Bug: 15344
Change-Id: I89bf675dccaed37f54a4d13956223cbdde601e7d
Reviewed-on: https://code.wireshark.org/review/31184
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Fix compilation on OSX:
../epan/dissectors/packet-geonw.c:1248:164: error: format specifies type 'unsigned long' but the argument has type 'guint64' (aka 'unsigned long long') [-Werror,-Wformat]
proto_tree_add_uint64_bits_format_value(subtree, hf, tvb, (start << 3) + (*offset) - start, (((*offset) - start) << 3) - ((*offset) - start),tmp_val,"%lu",tmp_val);
~~~ ^~~~~~~
%llu
While here, minor indentation issues have been fixed.
Change-Id: I5fc37d337fc302a16210c784e75cf39085ef622e
Reviewed-on: https://code.wireshark.org/review/31186
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It has been added to the debian-setup script, then it is
pointless to force it.
Change-Id: I5c9f047c7e5826ff06f483d5a2f0c2e808c17853
Reviewed-on: https://code.wireshark.org/review/31180
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>