This commit will finally allow the decryption of DCERPC
traffic with AES-keys and header signing.
Change-Id: I3a76541493976c9f4d3d228757e8fe0e08a0f02c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35711
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use G_GUINT64_FORMAT and remove the format character when printing
unsigned value. Use G_GINT64_MODIFIER when also giving the format
character ('x').
Change-Id: I7c02ec3ebd058c392f8fb21a0e20e242a06e8888
Reviewed-on: https://code.wireshark.org/review/35896
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There are some deltas between the UN*X epoch and other epochs that are
used in a number of places; put them into a header.
Change-Id: Ia2d9d69b9d91352d730d97d9e4897518635b4861
Reviewed-on: https://code.wireshark.org/review/35895
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Certificates used in TLS typically have a serial number larger than 64
bits which do not fit in FT_UINT64 and results in use of the synthetic
ber.64bit_uint_as_bytes field name. To enable use of ocsp.serialNumber
and x509af.serialNumber field names, define these as bytes instead.
Update the BER dissector to allow INTEGER types to use FT_BYTES.
Bug: 16339
Change-Id: Id58075b450d86aff6b616c359900ae83a3ec2f51
Reviewed-on: https://code.wireshark.org/review/35868
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Do not assume that having a TCP port means that CoAP is running directly
over TCP: this is not the case with MQTT for example (see bug 14591 for
a capture). Instead explicitly check that the parent dissector is TCP or
TLS.
Bug: 15910
Change-Id: Ib4880623b8525fe6be52a685397005eac86da135
Reviewed-on: https://code.wireshark.org/review/35879
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The S/370-and-later TOD clock counts in microseconds, not seconds.
Change-Id: I0b11586df073ed589d69ffc014e6f8661dff3d31
Reviewed-on: https://code.wireshark.org/review/35891
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Those times are in seconds since January 1, 1904, 00:00:00 (proleptic?)
UTC.
MPEG-4 Part 14 (MP4) is based on QuickTime, so it uses classic Mac OS
time stamps, in seconds.
Change-Id: Ibcd7faf1b119d8acbb294c95b66ca0d1fb70cbb3
Reviewed-on: https://code.wireshark.org/review/35886
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- The AVP should be an OctetString
- Orientation of major axis should not be multiplied by 2 according to
the latest standard.
Change-Id: I68532108cc36f4699c10b35ffdbcfaef0c29d9fe
Reviewed-on: https://code.wireshark.org/review/35890
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For PortMap replies, don't include port number twice in root item.
For rpc.xid, add long text description.
Change-Id: If6d809b4869762b5e564fab68495ab14df7622e3
Reviewed-on: https://code.wireshark.org/review/35874
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
A preference allows the user to decide whether the user data container
payload should be dissected as IP, non IP or not dissected. For non IP,
another preference allows to specify the name of the sub dissector to be
called.
Bug: 16332
Change-Id: I1bfd24eb734d57bff54d99362a90f563751270c6
Reviewed-on: https://code.wireshark.org/review/35857
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The use of LAPD SAPI 10/11/12 for TFP + P-GSL is of course not
any official standard, but it's a decade-old defacto usage of said
SAPIs when using an A-bis Superchannel either over TDM/E1 or over
L2TP/IP.
As there never were any official/specified users of LAPD SAPI 10/11/12,
and it's virtually impossible for anyone add them due to the historic
nature of GSM, I believe it's safe to add them simply as default.
Change-Id: I0622e486013c7287f967e6b3ab09c9f211edbd71
Reviewed-on: https://code.wireshark.org/review/35836
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This makes the address representation in ieee802154_transaction_t and
ieee802154_packet consistent.
Change-Id: I6ae66b48c3b2afe5843e6a82fe5adf1c6be5a7cd
Reviewed-on: https://code.wireshark.org/review/35780
Reviewed-by: Martin Boye Petersen <martinboyepetersen@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This is a managed object that we see e.g. in the OM2000 spoken to
a DUG20 of the RBS6000 series.
Change-Id: I12bb1df1ea4581178f73b7d31de8628711d42ed9
Reviewed-on: https://code.wireshark.org/review/35835
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In netlink the general format of attributes includes a network byte order
indication flag in the header. When set this has to be passed to the
attribute value dissector function as the byte ordering fo the attribute
value. Otherwise the heuristically determined capture host byte order has
to be passed to the attribute value dissector function.
With the removal of all copies of 'encoding' this can now be achieved
through setting of the encoding in nl_data.
Change-Id: Iec0c1b2c2958734a469ff6f75db4626846cb30c9
Reviewed-on: https://code.wireshark.org/review/35831
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Service Data Block: Decode the following services:
Set Cyclic Write List
Set Cyclic Read List
Set Attribute List
2. Axis Status 2 - Add more bit definitions
3. Add a preference to display raw attribute bytes. This is useful
because not all attributes have parsing, and this allows automated
tools to consistent pull a common format for all attributes.
Change-Id: Ic7a29f3adddcced8cba958e545436b89c0f7ef6d
Reviewed-on: https://code.wireshark.org/review/35799
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissect all kinds of ID types also for GDOI SA TEK payload.
Bug: 16233
Change-Id: I4583fed5d9b01ec13f971fbbf79b3053d3355951
Reviewed-on: https://code.wireshark.org/review/35811
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
dissector_add_uint_with_preference should not be called more than once for
the same dissector and same name.
Change-Id: I82331ec61c36690d28f541dedc974cd6e7c465e7
Reviewed-on: https://code.wireshark.org/review/35810
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Allows opening MP4 (ISO/IEC 14496-12) media files in Wireshark and
viewing their structure.
Change-Id: Ie20b8b89dc69bb52d6faa890e547d90317adecf6
Reviewed-on: https://code.wireshark.org/review/35804
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
ex HTTP2/JSON
Change-Id: I1947a0d4739e41e03096a5b032656ebe858d2768
Reviewed-on: https://code.wireshark.org/review/35749
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissect SetBitMode based on the libftdi implementation.
Pass MPSSE data to FTDI MPSSE dissector stub. The FTDI MPSSE stub
currently only marks the data as undecoded.
Add Olimex ARM USB JTAG adapters VID/PID information to FTDI FT.
Ping-Bug: 11743
Change-Id: I1cfc6371a0b1c8f8aae81bf024056fb99ffd443c
Reviewed-on: https://code.wireshark.org/review/35734
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I86a0aae9409ab5f81a70560997c637f8f16718fa
Reviewed-on: https://code.wireshark.org/review/35754
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>