Add the ability to specify maximum function counts for each group to
checkAPIs. Add maximum counts for the "termoutput" and "abort" groups
where needed. Show summaries in various checkAPI targets.
Switch uses of ws_g_warning back to plain g_warning.
Change-Id: I5cbddc8c671729e424eed8551f69116d16491976
Reviewed-on: https://code.wireshark.org/review/29721
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It's used by dissect_quic_frame_type only, that is defined within
HAVE_LIBGCRYPT_AEAD.
Change-Id: Ib670930fcc0f8334c99884a0d6c45dbd00777e87
Reviewed-on: https://code.wireshark.org/review/29737
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Improve QUIC heuristics to detect Short Header packets that have a DCID
matching with an earlier connection. Tested with "picoquicdemo -f".
Change-Id: I0c28e527ffa29784f8752a695e2d22bdea9797c4
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29728
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Track valid CID lengths, this makes it possible to detect whether any
valid QUIC long packet is present in the capture and allows for skipping
some hash-table lookups.
Change-Id: I20db2ca1d40af2a9b34fffe24b4b636f358d5795
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29727
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Short packets failed to be decrypted because no connection could be
matched after connection migration. Slightly refactor addition of new
connections (keyed by CID) to prepare for further changes.
Tested with "picoquicdemo -f" (5ecdabd9e31d, draft -14). Requires Decode
As QUIC since heuristics does not detect QUIC short header packets).
Change-Id: I0309f077d7d190c51e8998016ed513f8bac8c301
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29726
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add comments containing the resonse headers for the URLs we fetch.
standards-oui.ieee.org currently returns inconsistent results depending
on which host you happen to resolve.
Change-Id: I4adba7e51628d0350ba8e091523807ec85009700
Reviewed-on: https://code.wireshark.org/review/29729
Reviewed-by: Gerald Combs <gerald@wireshark.org>
LUPDATE_FILES is a string, not an array.
Change-Id: Ibeef6fd45805f82eeff8c26f7110779603d9d30a
Reviewed-on: https://code.wireshark.org/review/29724
Reviewed-by: Gerald Combs <gerald@wireshark.org>
ssl filters were renamed to tls.
Also protect against not found fields to avoid a crash in the future.
Change-Id: I181a252557b8261fa134b1331c31096a6205635f
Reviewed-on: https://code.wireshark.org/review/29715
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
block
According to specification, AM_FirmwareOnlyInformation is
extended with AM_Reserved.
Dissection of I&M3 was only for read response. Dissection is
also added for write request.
Change-Id: I281efa2324416b0f98d22ee4e50f2c8f711e2913
Reviewed-on: https://code.wireshark.org/review/29693
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The CONNECTION_CLOSE frame changes in draft -13. Instead of adding
compatibility for draft -12, let's drop it and focus on draft -14.
Change-Id: I535666741bb7ea4b31f5aa259edd341fc641d9c3
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29705
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The packet number prefix was missing.
Change-Id: Ia82e7d2131a364c8448084c77f638495da748213
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29704
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
with draft-14, it is now 0x1a (following order) and not 0x20
Change-Id: I0fe992d1525494e3499a85052621b995164d837a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29702
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
With the addition of the Token field, the authenticated header could
grow larger than the previous limit and trigger an assertion failure.
Change-Id: I28a89b348492e211a544e01d9b829c0101fc8468
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Since draft -13, the Initial Packet following a Retry Packet no longer
continues the handshake, but is instead treated as a new "first Initial
Packet" which results in a new cryptographic state. See
https://tools.ietf.org/html/draft-ietf-quic-transport-13#section-4.4.1
Tested with ngtcp2-14.pcap (draft -14).
Change-Id: I534d7d77717bc08ba615e5dea936e623deb63e00
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29691
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The Retry Packet is not encrypted at all since draft -13 so instead of
complicating dissect_quic_long_header, let's create a separate routine
that also prepares for draft -14 support. No pcap available, spec link:
https://tools.ietf.org/html/draft-ietf-quic-transport-13#section-4.4.2
Change-Id: I32f03d723213b857a6140d0f1348baf51df4385e
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29687
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
QUIC draft -12 and before used the TLS Exporter to derive the protected
payload secrets. Starting with draft -13, the handshake and 1-RTT
protected payloads use keys derived during the TLS 1.3 handshake (but
with the "quic " label for HKDF-Expand-Label instead of "tls13 ").
That unfortunately means that previous CLIENT_HANDSHAKE_TRAFFIC_SECRET,
SERVER_TRAFFIC_SECRET_0, etc. are unusable. As a quick workaround,
extend the key log format with new labels similar to the old one (but
with "QUIC_" prepended to it).
To match draft -13, rename the original "handshake cipher/secret" to
"initial cipher/secret" and add a new "handshake cipher".
Potential limitation: if the client/server addresses/ports change since
the Initial Packet, then a new TLS session is created in the TLS
dissector. Attempting to retrieve secrets after the change will fail
since the Client Random is empty and the secret cannot be linked.
Another more common limitation: (Certificate) handshake messages that
span multiple CRYPTO frames are not correctly recognized.
Change-Id: I2932c3cc851fae51e8becf859db53ccc5f4beeda
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29677
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The "CB Command Type" IE is described in 3GPP TS 48.058 Section 9.3.41,
and consists of three fields. Prior to this patch, the dissector would
decode none of them and instead produce a non-applicable "channel type"
dissection.
Change-Id: Ibb97432871df1276524fe96512ac1b67d5c5d3f0
Reviewed-on: https://code.wireshark.org/review/29683
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If found in NBAP, use the RLC Mode indicated and spare guessing by the MAC-d Flow ID.
Change-Id: Ie46922d53863667db630957a771092bc5ad00912
Reviewed-on: https://code.wireshark.org/review/29686
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The old key update mechanism was never tested and was probably broken
(using "pp_state->cipher[1 - key_phase]" does not seem correct). To
prepare for the handshake cipher (draft -13), refactor it a bit and
remove the PKN parameter.
Change-Id: I481cc00e2e1d44024a709f8b4115ffe5924988e7
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29676
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Until draft -12 all payloads were the same. To prepare for draft -13
where different ciphers are used, combine them for now to make
refactoring easier.
Change-Id: I2df57ea48b8f5fda4b1d96f0fa35d64a32ccebf8
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29675
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This recognizes the Client/Server Hello message in the Initial Packets.
Full (handshake) decryption remains a task for later.
Prevent STREAM 0 from being treated as TLS while at it.
Change-Id: I27193a15be777c568b6b009141cbc59bcf3e8ad6
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29646
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
add new Transport Parameter disable_migration(9) from draft-13
Ping-Bug: 13881
Change-Id: Ie80cc16c8548264875311f4a66e43bd7bfcb883e
Reviewed-on: https://code.wireshark.org/review/29674
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add new TP preferred_address and also update comment
Ping-Bug: 13881
Change-Id: I94d015769165933ef76123a338982b3a4238fb59
Reviewed-on: https://code.wireshark.org/review/29671
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
There is a conflict with some other extensions (compressed_certificate...)
with draft-13, QUIC use 0xffa5 (65445) for Transport Parameters extensions
Ping-Bug: 13881
Change-Id: Iaeeb21dd68038fbb8865d91c89f3216bd4a97af5
Reviewed-on: https://code.wireshark.org/review/29673
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The value has to be reduced by one as the comment already describes.
Change-Id: Ib33465e0450f05779856f23800fc3bb1703cbff6
Reviewed-on: https://code.wireshark.org/review/29678
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>