Added META_OPERATION_START (Resize, ConvertToVHDSet)
Added META_OPERATION_QUERY_PROGRESS
Added QUERY_SAFE_SIZE
Minor fixes:
Using GUID data type for LinkageID, VirtualDiskId and InitiatorId, not binary blob
Fixed length for SVHDX_TUNNEL_OPERATION_HEADER
Cosmetic: unused var, code makeup
Ping-Bug: 11232
Change-Id: I4ea598367a1c12586501555f4a23d6249057484a
Reviewed-on: https://code.wireshark.org/review/19979
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I62d3e966928eba75dc26c2c3b6993175fe0f133e
Reviewed-on: https://code.wireshark.org/review/19994
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use ssl_add_vector to process DTLS Cookie, cipher_suites,
compression_methods, client_hello_extension_list. Removed some checks
(like cipher_suite_length > 0) since (per specification) these must be
non-empty (if this is not the case, then at worst an empty tree is
visible).
Change-Id: I7ab2ef12e210d5878769478c7dfba33a799fb567
Reviewed-on: https://code.wireshark.org/review/19993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Update "early_data" extension to draft 18 (context field is gone).
Add support for "client_early_traffic_secret" to the keylog.
Support decryption of 0-RTT data (required handling cipher in Client
Hello and handling of "end_of_early_data" alert).
Tested with tls13-18-picotls-earlydata.pcap, early data decrypts
correctly. (The server data is messed up, but that is possibly the
result of broken NewSessionTicket handling which throws a dissector
exception and thus breaks the record sequence number.)
Ping-Bug: 12779
Change-Id: I9e6aeeb08111d5d977f2c0ab855f14d6d86ca87d
Reviewed-on: https://code.wireshark.org/review/19989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Server Hello can contain an empty extension, so restore the check.
Change-Id: I7d1ccfa113cd8a568def6915a80fd2791fd361df
Fixes: v2.3.0rc0-2284-g420b9e061e ("ssl-utils: add length validation for SNI extension")
Reviewed-on: https://code.wireshark.org/review/19983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added the following batch of HCI commands:
LE Read Maximum Advertising Data Length
LE Read Number of Supported Advertising Sets
LE Remove Advertising Set
LE Set Periodic Advertising Data
LE Set Periodic Advertising Enable
LE Set Extended Scan Parameters
LE Set Extended Scan Enable
LE Extended Create Connection
Corrected min/max interval field sizes of LE Set Extended
Advertising Parameters command and updated LE Set Extended
Advertising Enable command to use subtree for each set.
Change-Id: Id9c08189a76a0a4adc89b669b50d832f68a929aa
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Based on CSS7 specification.
Change-Id: Ibf00e3add7fcb1a2b3a22574bb63b0fddaf4adcb
Reviewed-on: https://code.wireshark.org/review/19972
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Another format of beacon in advertising packet.
Based on: https://github.com/AltBeacon/spec
User needs to use DecodeAs to use this dissector - any manufacturer's
company id may be valid.
Change-Id: I5656d9dbb70b648b2fadba7f3b525d38a2fe8e57
Reviewed-on: https://code.wireshark.org/review/19971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In the GTK+ prefrences dialog, enable wrapping and set a maximum width.
This should keep labels from making the dialog unusably wide.
Make a couple of enum preferences drop-downs instead of radio buttons.
Note that we might want to make the drop-down vs radio button behavior
automatic.
Change-Id: Ib72a2c8d5cfb99324be86f2218b6d57a395fa22c
Reviewed-on: https://code.wireshark.org/review/19980
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add copy of the definition in a comment, remove check for empty
extension such that export info can be added if the extension is empty.
Remove check for empty HostName, this cannot happen (and is caught by
ssl_add_vector).
Change-Id: Ie63b97e89dc7254f159abb338b52f5f894a8564d
Reviewed-on: https://code.wireshark.org/review/19939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also adds the definition from TLS 1.3 draft 18 spec.
Change-Id: Ic7910874507e76dcbe7ae15aff99c91496a2b590
Reviewed-on: https://code.wireshark.org/review/19938
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add description from spec, remove zero-length extension check since it
is not allowed by specification.
Change-Id: I4bf85b36d933db3658f7788768fd794b6199187e
Reviewed-on: https://code.wireshark.org/review/19937
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add the definition from draft 4 as well (which describes the structure
in text). Remove the check for zero length name since this is normally
not the case (according to draft specification).
Change-Id: I72c3f04a5146d4c4fa291383258246d9ba2b14be
Reviewed-on: https://code.wireshark.org/review/19936
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use ssl_add_vector to ensure that the lengths are checked for validity
and that expert info is added when invalid data is encountered.
Change-Id: I5d03dce988f695cdc305f1bfff9d19ae90c5f6e2
Reviewed-on: https://code.wireshark.org/review/19935
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Merge the length parsing into the SignatureAndHashAlgorithm vector
parsing. Remove extra expert info which are replaced by the generic
ones.
Tested with a mutated pcap where the signature length field is off by
one (too large = expert error, too small = expert warning, as expected).
Change-Id: I43350352ae00eb42bbe5c2ee81289fb592b88f86
Reviewed-on: https://code.wireshark.org/review/19933
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change all Hello extension dissector functions to accept the end of the
extension rather than the extension length. The changes are quite
mechanical: change "ext_len" to "ext_len = offset_end - offset".
Remove some "offset += ext_len" to ensure that additional unparsed data
is warned for.
The intent is that (extension) dissectors can easier check for overflow
(offset + 2 < offset_end). Later changes should remove "guint ext_len"
with appropriate changes (like replacing by ssl_add_vector).
Change-Id: Ic4846e6fd6164685c4704984136f701bec3afa58
Reviewed-on: https://code.wireshark.org/review/19932
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Currently variable length vectors are mostly unchecked with issues
ignored (see various "XXX - expert info"). In order to detect possible
attacks (and catch dissector issues), add helpers that extract the
vector length and that validate that a vector is correctly terminated.
Further dissection of a vector stops when not enough data is available.
The KeyShare extension and Extension itself are modified as a start,
more should follow. Future work should also ensure that the return value
represents the length after dissection (which should not exceed the
length). Also, the length field needs to be converted to an "offset_end"
value to ease overflow checking (length = offset_end - offset).
Change-Id: I6d757da2eb028f08a7b18661660313a6afd417e0
Reviewed-on: https://code.wireshark.org/review/19926
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Updated on 5th February 2017:
- UUIDs
- Company Ids
Change-Id: I9868891ee2bdcdaa687bd45c76429f2b476889cc
Reviewed-on: https://code.wireshark.org/review/19973
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
"Resolvable Private Address" comes in Core 5.
Also fix expert infos (usage) for all GAP characteristics are
described in Core 5.
Change-Id: I8386f5908b64cb758e2a973fb6f92fabcb30885a
Reviewed-on: https://code.wireshark.org/review/19974
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I7d84e67723196d9b39f6007950ec8fb95fe9a50e
Reviewed-on: https://code.wireshark.org/review/19934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
DataIn field should be three-state enum (not boolean)
See https://msdn.microsoft.com/en-us/library/dn393496.aspx
Fixed HandleStateShared value of QUERY_SHARED_VIRTUAL_DISK_SUPPORT reply
See https://msdn.microsoft.com/en-us/library/dn409282.aspx
Added VHDSET disk format (used by RSVD v2).
Change-Id: I7a9528e680dd4fede7e982d98316af5ef40cff3b
Reviewed-on: https://code.wireshark.org/review/19964
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rework Application Layer fragment reassembly to handle
out of order fragments (seen over UDP).
Change-Id: Ifd2bffba30f0a419a5f82ea6b9d2d221f7d6d276
Reviewed-on: https://code.wireshark.org/review/19947
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Change-Id: I85535dfdb7b064ba81f44ed08c3b1e84e7204e9e
Reviewed-on: https://code.wireshark.org/review/19954
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Decodes the options and meta length fields added with LWW for
{set,del}_with_meta request commands.
Decodes get_meta responses extra field.
Please see https://issues.couchbase.com/browse/MB-22003
Change-Id: Ie5205e8188a32d59145c4f9c499b16c7a7997274
Reviewed-on: https://code.wireshark.org/review/19928
Reviewed-by: Dave Rigby <daver@couchbase.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
* It must be multiple of 4 Octets otherwise NULL padding should be there
Change-Id: I7563b0407bd70d1f0b7aac8597ce3a757a08925e
Reviewed-on: https://code.wireshark.org/review/19893
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add support for the NFSV4.2 mode_umask attribute which will be initially
supported by Linux v4.10.
Change-Id: Id98e20cd0ed93bf7ad9b2246e9e05299f3d7a9fc
Reviewed-on: https://code.wireshark.org/review/19921
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Being able to override (set) the application data dissector without
hacks (RSA keys dialog) would be nice. Modelled after
v2.3.0rc0-481-gafa2605e43 ("Support Decode As for {SSL,TLS}-over-TCP.")
Change-Id: Ic4c5ca55e8f20ad599c41c1df58b24f3bced2281
Reviewed-on: https://code.wireshark.org/review/19869
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I0de1c332a6052c20f6afbe1e51dfb14e18485891
Reviewed-on: https://code.wireshark.org/review/19899
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>