The Negotiation Request and Negotiation Requeset ACK contain IWD (Inter
Working Document) revision numbers for the different A-bis protocols
OML, RSL, GSL (GPRS) and TRA (TRAU). Decode them in a way suitable
for human consumption.
Change-Id: I5b11e64ca252b7349900ba5b700c2faefd568441
Reviewed-on: https://code.wireshark.org/review/18452
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We so far only dumped the XID as raw hex bytes. Now we actually decode
the header and internal data structure of the XID.
Change-Id: I2901486222d84166291e071bc07cb82a2f480974
Reviewed-on: https://code.wireshark.org/review/18461
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We have no idea what those TLVs are, but the message hex-dumps clearly
indicate a 8-bit tag followed by 8-bit length and then 'length' amount
of bytes, so we can at least dissect that high-level structure for now.
They appear in equally unknown message type 0x126, which appears to be
sent in intervals of 300s by the RBS.
Change-Id: I91817eb20de1a4557399235c1fc42b638b9c935b
Reviewed-on: https://code.wireshark.org/review/18460
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The frame type is only a select number of bits in the given byte,
so we must make sure to mask all other bits away using 0x1E.
Change-Id: I6c7a1a256bd93b6e5149f50ed64f033836a26673
Reviewed-on: https://code.wireshark.org/review/18458
Reviewed-by: Michael Mann <mmann78@netscape.net>
Activation of (dynamic) PDCH uses some slight extensions of the
definitions found in 3GPP TS 48.058 when used on Ericsson RBS2000 or
Osmocom OsmoBTS.
The extensions are backwards-compatible, so I don't think it's worth to
introduce a preference for this.
Change-Id: I8e28d75bd8be15044a605ced8825b9b074ffbb22
Reviewed-on: https://code.wireshark.org/review/18457
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Implement Tvb:ipv6()
* Handle FT_IPv6 protofields during insertion in the lua tree
* Implement Address.ipv6(hostname)
Change-Id: I585c392681b3aef02ed8ee956f74051d77fb28d4
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18442
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added these new filters to enhance mcc/mnc filtering in GTP protocol.
Change-Id: I595b5fde4fa358886fbe5c58f6ecab496d9ef08c
Reviewed-on: https://code.wireshark.org/review/18444
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
geo location type 1 represents SAI, but for GTP v1 it is returned as e212, hence not aggregating with GTP v2
the patch also opens up a way to add e212.cgi (Cell Global Identity) which is shared between GTP vesions.
Change-Id: I853cd26037533aac2735b9d965793362c16f3f04
Reviewed-on: https://code.wireshark.org/review/18428
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Remove AMQP_INCREMENT macro. Bounds checking mostly handled already
by proto_tree_add_xxx and tvb_get_xxx. Needed to add a few more
tvb_reported_length_remaining() calls for completeness.
2. Fill in some of the gaps of unaccounted for bytes. Still have way
too many instances where bytes aren't claimed by a field.
3. Some small reordering of functions allowed for massive removal of
formal declarations.
4. Add amqp_0_10_get_32bit_size_new to add a field, check for size and
add expert info if size > 0xFFFF
5. Remove "hf_" from list type items as they are not real hf_ fields
and could cause confusion. Also made items static.
6. Convert some FT_STRING and FT_BYTES fields to FT_UINT_STRING and
FT_UINT_BYTES. Helps account for some "missing" bytes.
Change-Id: I7ed269221d294ce89feacc0642b2070681288172
Reviewed-on: https://code.wireshark.org/review/18423
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
This patch adds support to dissect 36 bytes of private data of Table 560
of spec 1.3.1 whenever CM request message is of IP CM type.
Change-Id: I66b65b066a0034cf95c4c4f38549882c265b7ef5
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/18434
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix the handling of the case of a "matches" operator with a field and a
character constant as operands.
Change-Id: I6451cee907d8486db96937173d0098de91ce7956
Reviewed-on: https://code.wireshark.org/review/18424
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1. Added Extended transport type field instead of reserved as per latest
release 1.3.1 in CM Req msg.
2. Defined reserved bits and bytes for CM messages
3. Minor code refactor to move to smaller functions for CM Req Rsp
parsing instead of 200+ lines function which is hard to read and
is expected to grow for more features
4. Cleanup around primary and alternate fields which were crossing byte
boundary
CM request and response messages are tested.
Reject message reserved fields change is untested but it a minor change
that is expected to work.
Change-Id: I94da62614f854218249b4e14c780f4168f44751c
Reported-by: Alexis La Goutte
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/18340
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
key_record.key is already a pointer on an array
Change-Id: I9bcc715be54817f8daa3928fff72d9ef98d586f9
Reviewed-on: https://code.wireshark.org/review/18417
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Register a post update calback to ensure that the keys are loaded
for all entries and not only the ones last edited
Bug: 13031
Change-Id: Ib670f9e1c702546631df5fe6094b02484806dd00
Reviewed-on: https://code.wireshark.org/review/18416
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Printing ascii value in the same way as AVP 1005
Change-Id: I058be87974bf8197e207fdd61be6354031ed8d35
Reviewed-on: https://code.wireshark.org/review/18409
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure that the newly added expert info will show up in the expert
info window. Expert infos should never be under if (tree).
Change-Id: I55daa693d4dc910eab38028340a934062d351e98
Reviewed-on: https://code.wireshark.org/review/18393
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds the following IEs:
- CSG ID
- CSG Membership Indication (CMI)
- Service Indicator
- Detach Type
- Local Distinguished Name (LDN)
Change-Id: I1e3db7ffd217e3644acf6de0ad5002e65c73a9ea
Reviewed-on: https://code.wireshark.org/review/18396
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Bug: 13037
Change-Id: I935ff68050eb085789d9bd99b5ec833609c6fdca
Reviewed-on: https://code.wireshark.org/review/18336
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
tpncp reads hf entries from a database. There's a boolean preference
defining if the database is actually read. We can't access this
preference until the preferences are initialized. The code as it is now
wil always default to false and never read the database.
Check the preference in the handoff function and initialize the hf
entries if they are not yet initialized.
Change-Id: I545a49a946b78e1a0bc23e9803eb671d8765bba4
Reviewed-on: https://code.wireshark.org/review/18386
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Our minimum supported version of glib is 2.22 at the moment.
SHA512 support was added in glib 2.36.
Bring up an expert info if checksum calculation is not supported
by our glib version.
Change-Id: I116b32f63a4342a7e4198eaae8a35189fcc92edc
Reviewed-on: https://code.wireshark.org/review/18391
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ensure that the signature pointer and length always matches, otherwise a
buffer overrun (read) is possible.
Tested with the original captures from bug 12953, the PDML output is
still the same while the fuzzed capture does not crash anymore.
Bug: 12953
Change-Id: I8843a5daf98a79fb19906e824326cdf619164484
Reviewed-on: https://code.wireshark.org/review/18347
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Bug: 13032
Change-Id: I6bf2cc2c43a6262d899a304df6576d9831115966
Reviewed-on: https://code.wireshark.org/review/18350
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
And some comments in the case where we're converting the result of
time() - if your machine's idea of time predates January 1, 1970,
00:00:00 UTC, it'll crash on Windows, but that's not a case where a
*file* can cause the problem due either to a bad file time stamp or bad
time stamps in the file.
Change-Id: I837a438e4b875dd8c4f3ec2137df7a16ee4e9498
Reviewed-on: https://code.wireshark.org/review/18369
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update IKE authentication methods and config attributes.
Change-Id: I103beaf79eebaa0704424ad89f4d38a2701ae50b
Reviewed-on: https://code.wireshark.org/review/18357
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
ANSI C says it can return NULL - and, at least on Windows with the MSVC
library, it *will* return null for dates prior to the Epoch. Check for
a null return and handle it.
Fixes CID 1374110.
Change-Id: I78bf92cfbb94a86544442269cc3b53338eb19778
Reviewed-on: https://code.wireshark.org/review/18361
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I9775927781a38ff6fd112247c59a60cf1a80ba08
Reviewed-on: https://code.wireshark.org/review/18341
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove NULL check to ensure IKEv2 encrypted payloads are dissected
during first pass, which is required for EAP-TLS fragment reassembly.
Change-Id: I7fd46ee2163188c1a8dd256a43f1457441b1b95a
Reviewed-on: https://code.wireshark.org/review/18348
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a button to the context menu, to allow for easy display of hidden
interfaces, and make that a storable preference
Change-Id: I8df5562b3ce8119b0ed38f9893c1879127f40c47
Reviewed-on: https://code.wireshark.org/review/18005
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I80df7ff3a69998be40db67b538a7af719e29782d
Attributes: gppFunctionality, gppActiveFunctionality, gpsFunctionality, gpsActiveFunctionality, gpsCommissioningExitMode, gpsCommunicationMode and gpsSecurityLevel
Reviewed-on: https://code.wireshark.org/review/18333
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
A lot of work added to pass the pinfo structure around.
Change-Id: Ia550bc48cb03edcac1663eff355f0ba3103ec142
Reviewed-on: https://code.wireshark.org/review/18320
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added support for decoding IP CM Service id for CM Connect requests.
Annex 11.2 defines a specific prefix of serviceid for IP CM based
ULPs.
Corrected typo error which got introduced as part of bad local merge for
hf_cm_drsp_privatedata. Corrected now.
Change-Id: I18235ea86d82a224dcc7110a1c45c08f698fa9a6
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/18284
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
They break the check by not including header files for custom types
and they are not part of the API anyway.
Bug: 13018
Change-Id: Ia0f81f861251b5659af723b9da795daeb7454eb3
Reviewed-on: https://code.wireshark.org/review/18297
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix the casing of the preference while at it (it now matches other name
resolution preferences).
Change-Id: Ibfecbc94f9eccefa7d3b1a50ae2598dfefb707a2
Reviewed-on: https://code.wireshark.org/review/18330
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It was taking any/all TCP packets.
Also clean up a little of the UDP heuristic.
Change-Id: Iae08e79c0d71e4676cfc7821372ab9581c1d1cfc
Ping-Bug: 13029
Reviewed-on: https://code.wireshark.org/review/18322
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I6623a389551a727f933f8600ceba9d3050a51b25
Reviewed-on: https://code.wireshark.org/review/18326
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
also remove item_size variable (replace directly by the value)
Will be also fix some Clang analyzer warning about used variable
Change-Id: I4bf3b118efb2b0846012a92e5bf596ca95043414
Reviewed-on: https://code.wireshark.org/review/18318
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fixed display for Server flags:
a) introduce a flag 'show_ver_flags' to display stack revision only for ZDO Node Desc Resp;
b) fix crash in zdp_parse_node_desc when passed NULL as pinfo. Now never pass NULL there.
Change-Id: Ibdb7fe2da54a902b39e20e07aa2aa5c9c23beeee
Reviewed-on: https://code.wireshark.org/review/18313
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
when mnc was not detected as long, the value was shown as e212.mnc instead of e212.*.mnc (e.g e212.rai.mnc)
Change-Id: Ic0d275f259e1121abb1b7812651fadb9d475053e
Reviewed-on: https://code.wireshark.org/review/18317
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Change-Id: I367495fb11aa09f1c8cb7f1df8812e179d41d9b9
Reviewed-on: https://code.wireshark.org/review/18305
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3a6c43f617f7634ce0007bc75aa6293eb5e1cad6
Reviewed-on: https://code.wireshark.org/review/18302
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
When creating the expert info item definition the copied line wasn't
updated with the correct message text. This change sets the right text.
Change-Id: I9a98126c0b8a650e5ab195f97c53bb32e3053e89
Reviewed-on: https://code.wireshark.org/review/18301
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Add missed expert info for IEEE 11073-20601
Regulatory Certification Data List.
Change-Id: Id9520e1c604ee38bf11ce42248357ca007bffcfd
Reviewed-on: https://code.wireshark.org/review/18233
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. If a deprecated port preference is found, populate the new port preference with the value
2. Mark preferences as changed to trigger preference callback at startup.
Change-Id: Ic271841686617e847d2e0ed8800bbb0fa874df47
Reviewed-on: https://code.wireshark.org/review/18274
Reviewed-by: Michael Mann <mmann78@netscape.net>
No other flags were verified.
Change-Id: I77e35af8accb83595d3046dc804f0c6a7e1d1000
Reviewed-on: https://code.wireshark.org/review/18295
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Previously the metatables for classes were the same for the class and
its instances. This results in issues like calling __gc on the class
table on exit.
Make it possible to declare separate class methods (functions) and
instance methods. Observe that all attributes apply to the instances
only, so make these just available on the instance.
The attribute/methods lookup method (via __index/__newindex) have been
rewritten to use upvalues, removing the technical need for the
properties __getters/__setters/__methods. The "lua globals" test still
checks for these, but it could be removed in the future.
To fix bug 12968, the __gc method is removed from the class method.
Future patches should remove the WSLUA_REGISTER_CLASS,
WSLUA_REGISTER_META and WSLUA_REGISTER_ATTRIBUTES macros completely and
create split class functions/methods (such that __call for an instance
cannot accidentally be invoked on the class).
Removed duplicate "fragmented" property from Pinfo (which triggered an
error) and replaced exit() by g_error() for debugger friendliness.
Remove lua_shiftstring since checkstring always returns non-NULL.
Bug: 12968
Change-Id: I57f8a93d08bb84c79b0e94cf2c82d8402fc16646
Reviewed-on: https://code.wireshark.org/review/18026
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Bug: 13016
Change-Id: I814c901898790045be0e2003ebe5a8000704b8af
Reviewed-on: https://code.wireshark.org/review/18273
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissect fields: number of gpd commands, GPD cmd list, Cluster list
Change-Id: Ifda60987072c3526d5f0ae4687ddf2b6e46bfb93
Reviewed-on: https://code.wireshark.org/review/18259
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The official E.212 list does not contain the latest
MNC codes that are in use for MCC 432. This commit
contains an up to date list according to:
http://mcclist.com/mobile-network-codes-country-codes.asp#Iran
Change-Id: I847d31b1d77825c6f95f4e5879ee1f688834ed88
Reviewed-on: https://code.wireshark.org/review/18258
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Added support for decoding CM Disconnect and CM Disconnect response
packets.
Reusing ATTR macros in CM_Attributes definition.
Change-Id: Ic6065b67d2007fc68848441e0c866e4a637a3657
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/18229
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Internal change, this allows use of negative indices for
lua_rawgetfield/lua_rawsetfield convenience functions and is closer to
lua_getfield/lua_setfield semantics in terms of indices.
Add lua_absindex for compatibility with Lua 5.1 (do not bother exporting
it yet since it is only used in this file, also do not rename it since
it is the same functionality with no Wireshark-specific changes.)
Change-Id: I322954ef461164ec514ed9f034ae2691775e67da
Reviewed-on: https://code.wireshark.org/review/18025
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Improve example with better formatting, clarification comments and more
common variable names.
Extend make-wsluarm.pl to support arguments containing underscores.
Fixes the description of dissect_tcp_pdus.
Change TvbRange.tvb(tvb) into tvbrange:tvb() and ByteArray.tvb(name)
into bytearray:tvb(name), these are really instance methods.
Change-Id: I1e20ef46195dc6c06f9ac790d3432db283d21a5e
Reviewed-on: https://code.wireshark.org/review/18226
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ti->item is NULL for the root item, prevent a NULL-deref by Lua script.
Bug: 13017
Change-Id: I5e7f71d014a01bab615288df76509b3ef97b1bf6
Reviewed-on: https://code.wireshark.org/review/18247
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We do not use the STARTUP negotiation since a stream
can be captured in its middle but try to decompress
if the flag is present and fallback if it fails.
Change-Id: Iecbf49a45220b04be7808869c9884548eb1e7694
Signed-off-by: Benoît Canet <benoit@scylladb.com>
Reviewed-on: https://code.wireshark.org/review/17952
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
In some AT commands field description was "Number", should be "Type".
Change-Id: I33e3c8deb4f1fd0d51c3faae7a7ec45baacd82ca
Reviewed-on: https://code.wireshark.org/review/18232
Reviewed-by: Michael Mann <mmann78@netscape.net>
http://fc00.io/
Bug: 13014
Change-Id: I846d4dc28a8cb03bc877f0b4a392864100019d2d
Reviewed-on: https://code.wireshark.org/review/18117
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I added that information to column description because I always need it when analyzing logs.
For Association request it is joining device type (FFD or RFD), for Node Descriptor Response this is stack version (r21 or legacy).
Change-Id: Ic7ca237b1f4b598f9354b406f105c2befe45140d
Reviewed-on: https://code.wireshark.org/review/17534
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Fix test script to use wlan instead of wlan_mgt
- Remove a now useless test in the dissector
Change-Id: I9a7644947c3002c759a7ae5728a8559682cfd4fd
Reviewed-on: https://code.wireshark.org/review/18215
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
The preferences change in 2eb7b05b had a typo for the old preference name.
Change-Id: Ie4d85160050f5bea01b59a1803011b49a6c4d748
Reviewed-on: https://code.wireshark.org/review/18213
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Have the packet length be a local variable, and pass it to routines.
Yes, that means we fetch it twice - no great loss.
Change-Id: Id9f95b3d8a19bf235d6b19993165e0f73a2e5732
Reviewed-on: https://code.wireshark.org/review/18211
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It was repeatedly overwriting the first character in the buffer, rather
than appending characters.
Change-Id: Ie34d194d69ac3d685416323c93764aa401d78faa
Reviewed-on: https://code.wireshark.org/review/18209
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Parse field frame counter in comm_reply
Fix PAN ID field name in comm_reply
Change-Id: I2f30437fe7eef81af982fb8388ad43341043eb64
Reviewed-on: https://code.wireshark.org/review/18200
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't set `lua_tvb` (or any of the other global variables) to NULL after a
Lua dissector is called: it's possible that the caller is also a Lua dissector
which may want/need that (global) variable to still be set (to the value it
had before the sub-dissector was called).
This fixes the problem reported in:
https://ask.wireshark.org/questions/56110/lua-error-tvbs-can-only-be-created-and-used-in-dissectors
Making these variables not be a globals (as suggested at the top of
init_wslua.c) might be a better solution--for another day.
Change-Id: I14fb8ec35b62abeda3f3471a323b88c80537a06e
Reviewed-on: https://code.wireshark.org/review/18095
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Use proper offsets when getting and presenting option values
for error reports. Limit the use of the error position
highlighting feature to 'field' only.
Bug: 12993
Change-Id: Ie9d6644203cf849dbb8efe15e87249a3aace3b5c
Reviewed-on: https://code.wireshark.org/review/18195
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Integer32 is handled slightly different from other values, but
that doesn't mean its pi_value shouldn't be saved to add to the
varbind later on.
Bug: 13013
Change-Id: I6789a75ffd3bb95b7dd68f9cb356dbd85fc669d4
Reviewed-on: https://code.wireshark.org/review/18189
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Display on hex (like spec)
Add (sub) field for protocol version and direction
Ping-Bug 12818
Change-Id: I6947f82915f54095f86cd0e2125982af42e9bbf9
Reviewed-on: https://code.wireshark.org/review/18188
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add new flag and new option
Bug: 12818
Change-Id: I36a49cef407a5049f45ff3746d809a46c2520164
Reviewed-on: https://code.wireshark.org/review/17628
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Always display unused/reserved field
5th argument of proto_tree_add_bitmask is ett_ value
add a display field for query flags
Ping-Bug: 12818
Change-Id: I9f906f75c5fe8328bba41e560878dafdb6b6608d
Reviewed-on: https://code.wireshark.org/review/18187
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I94ec94dbd6c81cf6a209e26c132557279d3c6ee2
Reviewed-on: https://code.wireshark.org/review/18182
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It has the same value as the DL SC-MCCH/SC-MTCH CE, so take into account direction
Change-Id: I75848f92342cfc67f2e6aee1f8bc42616e662cdc
Reviewed-on: https://code.wireshark.org/review/18183
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This patch adds one more Payload Information Element called 6P or sixtop
defined by the IETF 6TiSCH Working Group. Here it is shown the following
6P-sixtop information:
-The 6P-sixtop version.
-The 6P-sixtop code.
-The 6P-sixtop Scheduling Function ID.
Then, depending of the 6P-sixtop code, a specific information is shown.
The supported codes -commands- for this patch are:
-Add.
-Delete.
-Count.
-List.
-Clear.
-Return Code Success.
For more information about the 6P-sixtop protocol, go to:
https://tools.ietf.org/html/draft-ietf-6tisch-6top-protocol-02
Bug 13005
Change-Id: I46b015dd8acd1515bff4090c5b39ad3897606f67
Reviewed-on: https://code.wireshark.org/review/18151
Reviewed-by: Michael Mann <mmann78@netscape.net>
Handle Put Message Option V3
Add various new defines
Fix a typo
Bug: 13006
Change-Id: I022de9f131558bb8a0144d840a6484944f75cffe
Reviewed-on: https://code.wireshark.org/review/18121
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
and add FHOL forget value_string
Change-Id: I0473ca17fba3c277124a46309c4b7d158d1b9f72
Reviewed-on: https://code.wireshark.org/review/18173
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Similar to the "tcp.port" changes in I99604f95d426ad345f4b494598d94178b886eb67,
convert dissectors that use "udp.port".
More cleanup done on dissectors that use both TCP and UDP dissector
tables, so that less preference callbacks exist.
Change-Id: If07be9b9e850c244336a7069599cd554ce312dd3
Reviewed-on: https://code.wireshark.org/review/18120
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Add support for STRINGI
2. Add File Name attribute that is a STRINGI
3. CCO Get/Set Attr All: Connection Name is STRING2 not ASCII
4. TCP/IP Host Name attribute is not just a STRING. It also needs a pad byte.
5. Minor: Fix byte highlighting for CCO I/O Mapping tree
6. Minor: All back byte highlighting for Get Attr All Rsp individual attributes
Change-Id: Ib10d6f2e86e39e8cd6335dc6b6dbebbd1c4d8e64
Reviewed-on: https://code.wireshark.org/review/18166
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
set server_version to TLS 1.3
Change-Id: Id4d3d5d21ae996f447d826e98c0cf60880e7c0ce
Reviewed-on: https://code.wireshark.org/review/18171
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Current decoding of the COPY operation gets a netloc4 instead
of a stateid from the write_response4 structure.
Change-Id: Icde8adde8613d50e7a03ee779aad4c62f6f195f4
Reviewed-on: https://code.wireshark.org/review/18169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
RAKNET_OFFLINE_MESSAGE_DATA_ID starts with 0x0, which means NULL
character. this give a string of length 0 and RakNet heuristic was
wrongly catching all UDP packets.
Let's do a memcmp instead of a strncmp.
Change-Id: I38e98838b114037bf37a218003bade88261a2dd8
Reviewed-on: https://code.wireshark.org/review/18167
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icb3e924f48b8fa00d7a39fcbdc4400ad2c4c2b89
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/18163
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
packet-raknet.c now correctly dissects the following offline messages:
* ID_UNCONNECTED_PING
* ID_UNCONNECTED_PING_OPEN_CONNECTIONS
* ID_OPEN_CONNECTION_REQUEST_1
* ID_OPEN_CONNECTION_REPLY_1
* ID_OPEN_CONNECTION_REQUEST_2
* ID_OPEN_CONNECTION_REPLY_2
* ID_OUT_OF_BAND_INTERNAL
* ID_CONNECTION_ATTEMPT_FAILED
* ID_ALREADY_CONNECTED
* ID_NO_FREE_INCOMING_CONNECTIONS
* ID_CONNECTION_BANNED
* ID_INCOMPATIBLE_PROTOCOL_VERSION
* ID_IP_RECENTLY_CONNECTED
* ID_UNCONNECTED_PONG
packet-raknet.c now correctly dissects the following system messages:
* ID_CONNECTED_PING
* ID_CONNECTED_PONG
* ID_CONNECTION_REQUEST
* ID_CONNECTION_REQUEST_ACCEPTED
* ID_NEW_INCOMING_CONNECTION
packet-raknet.h exports the following functions:
* raknet_add_udp_dissector()
* raknet_delete_udp_dissector()
* raknet_conversation_set_dissector()
packet-raknet.c now dissects message flags, reliability, reliable message number and so on. It now reassembles fragmented packets, supports heuristics, supports dissecting combined packets, and gives up dissecting messages when they are encrypted.
packet-raknet.c now calls subdissectors with a tvbuff buffer only having a message ID and payload. It first tries to locate a subdissector based on the port, and then tries heuristic dissectors if any.
packet-mcpe.c is updated so that it uses the new raknet interface, and it now correctly dissects the following game packets:
* 0x01 Login
* 0x03 Server to Client Handshake
* 0x06 Batch
packet-mcpe.c now supports heuristics, and gives up dissecting packets in a conversation once it sees a "Server to Client Handshake" packet because everything, including packet ID, are encrypted after that.
Change-Id: I92c0b3ff0f18d22d4513bb014aeb4ea6475fb06c
Reviewed-on: https://code.wireshark.org/review/18044
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Fix bug caught by scan build (module not read)
2. Remove range preference call that should have been part of original patch.
Change-Id: I24b1fb253548bffddc4c8ebfc3ede666d8fd9dcd
Reviewed-on: https://code.wireshark.org/review/18143
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure the paths we pass to "cat" and "abi-compliance-checker
-log-path" match.
Change-Id: Ie68b445b9d92d85c0ed1eb508a78c0bcc960d061
Reviewed-on: https://code.wireshark.org/review/18156
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug: 12985
Change-Id: Iceacd3d122337091380d56bd7fa9875bf7cb4d47
Reviewed-on: https://code.wireshark.org/review/18134
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If18d4797a8ace9f93546cac0d2d6f09bf7086cc3
Reviewed-on: https://code.wireshark.org/review/18145
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12998
Change-Id: I3e9739dd9863e615c2ca0fc91f043c8562e4203e
Reviewed-on: https://code.wireshark.org/review/18142
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12906
Change-Id: I0dafdd74b21b27189d0a532c679e449c536f76f0
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/17725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Harald Welte
Pascal Quantin