This can also be used by packet-dcerpc-netlogon later.
in order to verify authentications.
Change-Id: I2f145ee1197fc83c77efabc180bac52ebbb0cd60
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36400
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I7c5baa7dfcc158919de125743dc890756fb95de1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36399
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is no longer required to be global.
Change-Id: I38c308888ede32780722e68d2bab691bd659d143
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36411
Reviewed-by: Anders Broman <a.broman58@gmail.com>
gcc-7 is included with build-essential on Ubuntu 18.04, not installing
an additional gcc-8 saves 110M on disk. The coverage should more or less
be the same, even very old compilers will catch typical build failures.
Change-Id: I03c95dcd1c83b02390489a47de7e2a8d2d757232
Reviewed-on: https://code.wireshark.org/review/36415
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Id9752da61cca8a00e98049d7cf3f990e9199a684
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36395
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Change-Id: Ide0dd6464a72640c03ad00a9a5a00c5f73d13299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36402
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We only need that logic once.
Change-Id: Ibc3e28c70dd6e52de3cbc8d5dca0316816f70e5d
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36398
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Instead use it directly where needed.
I follow up patch will rename gbl_nt_password to
ntlmssp_option_nt_password and make that static to packet-ntlmssp.c
Change-Id: Iceb75ebbdb70814cb4a235ad3e8ed5e9ec2be10c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36397
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I4e6b5bada1247fda34f4380027756f6ebb7482e4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36401
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We try to provide as much useful information as we can in the top level
item without it being too much. The approach on how to handle theese
items was copied from hid-tools.
Change-Id: I1c6b24c6fcd989b5188391cad8e7a629c58beebb
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36391
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Change-Id: Ib3db8854cc05c716ae4951b03caf452683c2e917
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36393
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Change-Id: I2c2b89e6f7d2bce6af3043365d3f4c771044420b
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36392
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Change-Id: Icf1b1b591ad76e2082b14344db19f1c0e8601455
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36389
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
This also used gbl_nt_password directly without passing it by the
callers.
Change-Id: Id5af0609b78a80827bfd1cb2f3568474db87ecbf
Reviewed-on: https://code.wireshark.org/review/36396
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The function to construct AAD is same for both CCMP and GCMP so move
it to a new internal utility c file for later use by both
implementations.
Change-Id: I8c8ffe0f492d5860e2bcd266b4d936383598b47e
Reviewed-on: https://code.wireshark.org/review/36358
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Simplify the CCMP decryption implementation by letting libgcrypt
handle decryption, authentication and integrity check. This aims
to simplify the implementation in preparation for CCMP-256
decryption support where changes to the CCMP decryption implementation
is anyway needed.
Even though performance optimization was not the target for this
change it appears decryption speed is improved as well.
Change-Id: I6c36315291672f6313c9303ab8e50afb87aea9ce
Reviewed-on: https://code.wireshark.org/review/36343
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is extremly useful together with a keytab and makes it possible
to check which password was used by the client.
Change-Id: I254f472d1d069094bd1eb908370f56d90ab2e5f2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/36380
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add missing output directory for Debian (obj-x86_64-linux-gnu). Restore
a working LD_LIBRARY_PATH setting for OpenSUSE, this has never worked
since v3.1.0rc0-590-gc77ee0008d.
Change-Id: I4f2c2e4636e7dd0233e7f08a88ba3789b021f274
Reviewed-on: https://code.wireshark.org/review/36378
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Currently, the top dissection tree looks like this:
Global item (Usage Page)
Local item (Usage)
Main item (Collection)
This approach is not great: it provides little relevant information. The
item type (Main,Global,Local) is most of the time not relevant, it is
used to differentiate items within the spec and is not useful to the end
user. The item name (Usage Page, Usage, Collection, etc.) and its value
is much more relevant to the end user. We show the name, which is great,
but we don't show the value, forcing the user to open the subtree to
access it.
The report descriptors described in the spec are annotated like this:
Usage Page (Generic Desktop)
Usage (Mouse)
Collection (Application)
This patch makes the dissection tree look like that. All the information
is still present in the tree but we put the information most people are
actually interested in in the top level item.
Change-Id: Idbfb0f137bc82b5e69787ee524585d18eb697340
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36374
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Update the I/O Graphs section of the User's Guide. Use the name "I/O
Graphs" consistently.
Update the image thanks to Chuck Craft.
Ping-Bug: 16359
Change-Id: I6b60fd1b79a849e4467c7ca7927279e16dd6e671
Reviewed-on: https://code.wireshark.org/review/35762
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set setAutoFillBackground(true) for a bunch of our editors where
appropriate, similar to g4a2cd15aa5.
Change-Id: Ic87275e3be90af55b8352eb4742559d526dec2b6
Reviewed-on: https://code.wireshark.org/review/36386
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2004 called, they want their libpcap/WinPcap back.
RHEL 6 initially shipped with libpcap 1.0; even old Enterprise(TM)
versions of OSes ship with something shinier than 0.7.x these days.
This lets us get rid of a bunch of #ifdefs and workaround code for
missing APIs.
Change-Id: I862cb027418b0a0c0f45a26979acea82f93f833b
Reviewed-on: https://code.wireshark.org/review/36383
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Mostly comments, but a few messages.
Change-Id: Iff7380eb15f064bf6a3078e131c70987e36bca44
Reviewed-on: https://code.wireshark.org/review/36381
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The GSMTAP Um interface type has so far only been used for transporting
signaling messages. Osmocom has recently introduced support for
encapsulating user-plane data (voice codec frames) in virtphy and
osmo-bts-virtual. Let's catch up with this capability here.
For the Osmcoom side, see:
* https://gerrit.osmocom.org/c/osmocom-bb/+/17415
* https://gerrit.osmocom.org/c/osmo-bts/+/17377
Change-Id: Icceb524f0f47bab206ead8345d405ffea06ac109
Reviewed-on: https://code.wireshark.org/review/36359
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vadim Yanitskiy <axilirator@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Speeds up the asn1 build from 133 seconds to 39 seconds, and guide
builds from 40s to 33s (-j6). Extraction of parallel=x from
DEB_BUILD_OPTIONS was borrowed from the debhelper Makefile.
Switching to Ninja has even more potential speed ups and prevents
interleaving build output, but requires debhelper 11.2 (Ubuntu
bionic-backports, Debian stretch-backports).
Change-Id: I2d403863adf5bfd692300642aad7df4b1cdb6e46
Reviewed-on: https://code.wireshark.org/review/36377
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
As previously in commit 6bb691189c ("gitlab-ci: remove unnecessary jobs,
upgrade versions"), GCC 5 support would only catch two issues. From the
respective commits:
epan/dissectors/packet-synphasor.c:782:7: error: ‘ai’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
ui/qt/wireless_frame.h:63:25: error: in-class initialization of non-static data member is a C++11 extension [-Werror,-Wc++11-extensions]
These are normally just false positive warnings in old compilers, fixed
in newer GCC. It fails only because it was built from git master as
opposed to a release branch where -Werror is disabled by default.
Save some resources, and remove GCC 5. The CentOS-7 job still tests the
old GCC 4.8.5 compiler. Newer GCC versions are handled by other jobs.
Change-Id: I9f49d59e6476ea8bcd9e135dba1c94b37a2f047f
Reviewed-on: https://code.wireshark.org/review/36366
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It's mostly identation but we also fix an incorrect spec name: Usage
Pages. Usage Pages and Usages are different things, but the we currently
call them both "Usages", which is wrong and confusing.
Change-Id: I7e83fbe7dbd4c22a713ecbba136a2caf5d61e2fd
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36365
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
The current approach to identify the the usage page and usage page usages
is not great. It joins both the usage pages and the usages which are
supposed to be individual values. The HID usage tables declarations also
become harder to read as they hold the constructed value, not the value
from the spec.
This patch changes the HID usage table declartions from range_string to
value_string, making them less bulky and easier to read, and splits out
the usage page from the usages.
Change-Id: I018406267fae43683d68c1349049e2c7c26f8ad6
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36362
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Running `ninja asn1` (or `ninja generate_dissector-t38`) resulted
in loss of some code. It turns out that the autogenerated file was
modified directly instead of the source.
Change-Id: I64bc7dfee8153867c2618deca08ab69dad4b46f4
Fixes: v3.3.0rc0-543-g32679c14be ("Introduce AudioCodes Debug Recording (ACDR) dissector")
Reviewed-on: https://code.wireshark.org/review/36367
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Orgad Shaneh <orgads@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a link to DSTO-TN-1257, which was referenced in the original commit
message.
Change-Id: Id554f59a7fe2b4575c9153ddc1000b1fcaac1228
Reviewed-on: https://code.wireshark.org/review/36361
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A lot of auto-generated ASN.1 dissectors have broken identation and
Clang 10 started warning about them for the first time. Fix these by
using 2 spaces as indentation instead of 2, none, or tabs.
Change-Id: Ia91668596c2f5000954d2265c39cc5dba18e44a7
Reviewed-on: https://code.wireshark.org/review/36368
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add links to the command prompt documentation and mention that you can
set up a VC++ environment in an existing command prompt.
Change-Id: I74a2e1450ad1113ef94896fc2c6dbd06d96e3d40
Reviewed-on: https://code.wireshark.org/review/36352
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is required to call asciidoctor.
Change-Id: Iff47a9d6b92f68d0b5ec611570cd2bbc2c56c926
Reviewed-on: https://code.wireshark.org/review/36340
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Emit the fieldSelected signal when the currently selected dissection
tree item is clicked. This causes the corresponding bytes in the
packet bytes tab to be re-selected.
Change-Id: I9168163f6734ef05ed3196c291a813125d8e86c6
Reviewed-on: https://code.wireshark.org/review/36303
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Roland Knall <rknall@gmail.com>
The AFS dissector was erroneously attempting to dissect the RPCs for the
Backup Tape Controller (BUTC) on the BACKUP port 7021. A different set
of RPCs for the Backup Database Server are served on the backup port
7021.
To address this confusion:
- Rename the existing "backup" RPC table to "butc", and dissect it on
the correct port. This port may be in a range from 7025 up to the
maximum 65535.
- Create a new "backup" RPC table with the correct RPC names for those
exported on the 7021 port.
- Make other adjustments as needed to properly distinguish and handle
both "backup" and "butc" requests and replies.
With these changes, the BKUP operations in the Wireshark afs.cap sample
capture are now dissected correctly.
Change-Id: I906787889e10cad307d9a6fa610c3e35f2b69184
Reviewed-on: https://code.wireshark.org/review/36300
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>