Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
PAA is a variable length IE, but it is not extendable (see Table 8.1-1 in
3GPP TS 29.274). For a give type the length therefore has to match and
can not exceed the defined length.
Change-Id: Id65842a7f25018fd3864efd73f74ae583102a681
Reviewed-on: https://code.wireshark.org/review/37984
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These are the final issues currently seen by check_typed_item_calls.py
Error: proto_tree_add_none_format(.., hf_authentication_parameter, ...) called at epan/dissectors/packet-obex.c:1840 with type FT_UINT8
(allowed types are {'FT_NONE'} )
Error: proto_tree_add_none_format(.., hf_authentication_parameter, ...) called at epan/dissectors/packet-obex.c:1887 with type FT_UINT8
(allowed types are {'FT_NONE'} )
Error: proto_tree_add_none_format(.., hf_session_parameter, ...) called at epan/dissectors/packet-obex.c:2058 with type FT_UINT8
(allowed types are {'FT_NONE'} )
Change-Id: If6772a72e01c7afd774a7b673d5775fd598bace3
Reviewed-on: https://code.wireshark.org/review/38095
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
This patches adds support to parse the TX flags of the radiotap header,
including a new DONT_ORDER Tx flag.
Bug: 16732
Change-Id: Ia57c079e020a32219a3e3fcfb7da5ef260360b7e
Reviewed-on: https://code.wireshark.org/review/37944
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Removed WLAN from the EAP identity fields because
it is additional and unnecessary. Added fields for
the full identity string and the identity type.
Removed the pseudo and reauth identity types by
collapsing all identity values into one field
(eap.identity) so the values may be filtered easier
by users in tshark and the GUI. Omitting
encrypted IMSI code until this patch and Change
37250 get merged since the encrypted IMSI logic
depends on these two patches.
Bug: 16537
Change-Id: If359756c1949aff2510b822b70e0e79df85213d0
Reviewed-on: https://code.wireshark.org/review/37257
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Routine "dhcpv6_domain()" of packet-dhcpv6.c has the following
issues:
a. It is unaware of partial (relative) domain names which unlike
FQDNs must *not* be root terminated(0); otherwise, the resolver
interprets them as top-level domains (TLDs) such as "com." and
"org.".
b. Malformed errors are not thrown when they should be and when
thrown, it does so for the wrong reason.
c. No detail is provided as to the nature of a malformation.
d. The routine does not know the difference between an "empty"
and "root-only" domain name.
Routine "dhcpv6_option():
The meanings of flags octet of the in the OPTION_CLIENT_FQDN
option sent by the client are different that those of the server.
These differences are not reflected in the display. In addition,
the description of the 'N' bit is incorrect in either case. The
sender type must be determined in order to label them correctly
and to detect conflicts among them.
These changes fully address the above issues. Six types of
domain name errors are now detected. I believe the unusually
large amount of detailed comments with RFC references and
explanations were needed in this case due to the introduction
of concepts such as partial domain names that were not
recognized as such and thus improperly handled and labelled.
The subtree option headers have been converted from "Text only"
to named fields (dhcpv6.option.type_str). Example captures are
attached to the bug report.
Bug: 16627
Change-Id: I5ef3ee4261b9ab1f331ae2b9b0aa9e3d5e4a5566
Reviewed-on: https://code.wireshark.org/review/37678
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Code to fetch the field (metadata length) was correct, but the item
displayed would be wrong. Fix mask, and use _ret_uint() variant
to avoid fetching the value separately.
Described in RFC 8300, section 2.5.1.
Change-Id: I87cdca489392e1baa6c51bbab303c77a803d204e
Reviewed-on: https://code.wireshark.org/review/38099
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have the message indicate the problem and the name of the offending field.
Change-Id: I661125814c9ad5585a3e71d14f8407948e2e6d76
Reviewed-on: https://code.wireshark.org/review/38090
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Very rough support for dissecting the framing on unidirectional and
bidirectional streams. Support for dissecting QPACK contents will be
added later.
Thanks to Omer Shapira for identifying an important issue that broke
reassembly and blocked proper HTTP/3 support.
Bug: 16761
Change-Id: Ib7f87c824f1dca70967b82943e18d5afee39fa0b
Reviewed-on: https://code.wireshark.org/review/38084
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Load private key exchange keys (curve25519-sha256) provided by the user
Find matching public keys in the dissected data
Compute symmetric keys for decrypting encrypted Transport Layer Protocol
data
Bug: 16054
Change-Id: I83481bff6b1206ce222b0120ad9021e1607f7f97
Reviewed-on: https://code.wireshark.org/review/37936
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Error: proto_tree_add_string(.., hf_ansi_a_lai_mcc, ...) called at epan/dissectors/packet-ansi_a.c:3656 with type FT_UINT8
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_string(.., hf_ansi_a_lai_mnc, ...) called at epan/dissectors/packet-ansi_a.c:3666 with type FT_UINT8
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_none_format(.., hf_bthci_evt_vendor_codecs_item, ...) called at epan/dissectors/packet-bthci_evt.c:4712 with type FT_UINT32
(allowed types are {'FT_NONE'} )
Error: proto_tree_add_string(.., hf_kademlia_tag_hash, ...) called at epan/dissectors/packet-edonkey.c:1100 with type FT_BYTES
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_string(.., hf_msmms_data_timing_pair, ...) called at epan/dissectors/packet-ms-mms.c:680 with type FT_NONE
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_float_format_value(.., hf_fp_tpc_po, ...) called at epan/dissectors/packet-umts_fp.c:2405 with type FT_UINT8
(allowed types are {'FT_FLOAT'} )
Change-Id: I1ed0276ad9c810ca6b1b01d581c3d73ae28fb9ad
Reviewed-on: https://code.wireshark.org/review/38081
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
It is send from DCAgent to FSSO collector using UDP 8002 packet
It is based on analysis of protocol (and log)
Bug: 16657
Change-Id: I2e23a403a103c25820d714446d4e3245af04e876
Reviewed-on: https://code.wireshark.org/review/37547
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit replaces instances of
(myobj *)wmem_alloc(wmem_X_scope(), sizeof(myobj))
and replaces them with:
wmem_new(wmem_X_scope(), myobj)
to improve the readability of Wireshark's code.
Replacements were made with the following Python script:
import os
import re
import sys
pattern = r'\(([^\s\n]+) ?\*\) ?wmem_alloc(0?)\((wmem_[a-z]+_scope\(\)), sizeof\(\1\)\)'
replacewith = r'wmem_new\2(\3, \1)'
startdir = sys.argv[1]
for root, dirs, files in os.walk(startdir):
for fname in files:
fpath = os.path.join(root, fname)
if not fpath.endswith('.c'):
continue
with open(fpath, 'r') as fh:
fdata = fh.read()
output = re.sub(pattern, replacewith, fdata)
if fdata != output:
print(fpath)
with open(fpath, 'w') as fh:
fh.write(output)
Change-Id: I223cb2fcce336bc99ca21c4a74e4cf758fd00572
Reviewed-on: https://code.wireshark.org/review/38088
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Graham reported a shadowed variable issue with the variable index.
Changed the variable name so it no longer shadows index. That seems
to be an issue on Macs.
Change-Id: I2a6e9b6d70811aaf7b9f910ddc87ab926b3a0cec
Reviewed-on: https://code.wireshark.org/review/38058
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Prepare for adding HTTP/3 support which depends on QUIC to provide an
stream of data. Reassembly code is mostly lifted from the TCP dissector
which shares similar characteristics.
Bug: 13881
Ping-Bug: 16761
Change-Id: Iba07dade111b740418b8b315d0485e200cdfe9f0
Reviewed-on: https://code.wireshark.org/review/38083
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found using tools/check_tfs.py, included in this commit.
Here are the reports that were fixed here:
Examining:
All dissector modules
epan/dissectors/packet-assa_r3.c tfs_mortisepins_flags - could have used tfs_high_low from tfs.c instead: {High,Low}
epan/dissectors/packet-btle.c tfs_present_bit - could have used tfs_present_not_present from tfs.c instead: {Present,Not Present}
epan/dissectors/packet-dhcp.c tfs_fqdn_s - could have used tfs_server_client from tfs.c instead: {Server,Client}
epan/dissectors/packet-docsis-macmgmt.c mdd_tfs_on_off - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-docsis-macmgmt.c mdd_tfs_en_dis - could have used tfs_enabled_disabled from tfs.c instead: {Enabled,Disabled}
epan/dissectors/packet-docsis-macmgmt.c req_not_req_tfs - could have used tfs_requested_not_requested from tfs.c instead: {Requested,Not Requested}
epan/dissectors/packet-docsis-tlv.c on_off_tfs - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-docsis-tlv.c activation_tfs - could have used tfs_active_inactive from tfs.c instead: {Active,Inactive}
epan/dissectors/packet-docsis.c ena_dis_tfs - could have used tfs_enabled_disabled from tfs.c instead: {Enabled,Disabled}
epan/dissectors/packet-ecmp.c tfs_not_expected_expected - could have used tfs_odd_even from tfs.c instead: {Odd,Even}
epan/dissectors/packet-erf.c erf_link_status_tfs - could have used tfs_up_down from tfs.c instead: {Up,Down}
epan/dissectors/packet-h263.c on_off_flg - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-h263.c cpm_flg - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-interlink.c flags_set_notset - could have used tfs_set_notset from tfs.c instead: {Set,Not set}
epan/dissectors/packet-ip.c tos_set_low - could have used tfs_low_normal from tfs.c instead: {Low,Normal}
epan/dissectors/packet-ip.c tos_set_high - could have used tfs_high_normal from tfs.c instead: {High,Normal}
epan/dissectors/packet-isakmp.c flag_r - could have used tfs_response_request from tfs.c instead: {Response,Request}
epan/dissectors/packet-isis-lsp.c tfs_metric_supported_not_supported - could have used tfs_no_yes from tfs.c instead: {No,Yes}
epan/dissectors/packet-kerberos.c supported_tfs - could have used tfs_supported_not_supported from tfs.c instead: {Supported,Not supported}
epan/dissectors/packet-kerberos.c set_tfs - could have used tfs_set_notset from tfs.c instead: {Set,Not set}
epan/dissectors/packet-mac-lte.c mac_lte_scell_status_vals - could have used tfs_activated_deactivated from tfs.c instead: {Activated,Deactivated}
epan/dissectors/packet-p_mul.c no_yes - could have used tfs_no_yes from tfs.c instead: {No,Yes}
epan/dissectors/packet-pgm.c opts_present - could have used tfs_present_not_present from tfs.c instead: {Present,Not Present}
epan/dissectors/packet-rsl.c rsl_ms_fpc_epc_mode_vals - could have used tfs_inuse_not_inuse from tfs.c instead: {In use,Not in use}
epan/dissectors/packet-sita.c tfs_sita_on_off - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-vines.c tfs_vine_rtp_no_yes - could have used tfs_no_yes from tfs.c instead: {No,Yes}
epan/dissectors/packet-vnc.c button_mask_tfs - could have used tfs_pressed_not_pressed from tfs.c instead: {Pressed,Not pressed}
27 issues found
Change-Id: I7e53b491f20289955c9e9caa8357197d9010a5aa
Reviewed-on: https://code.wireshark.org/review/38087
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Microsoft Network Monitor lets you capture on an 802.11 adapter either
in monitor mode or in non-monitor mode; frames captured in non-monitor
mode may have the Protected bit set in the 802.11 header, but are
decrypted and don't incclude encryption information, and may have the
A-MSDU Present flag set in the QoS Control field, but have just a
regular frame payload, not a sequence of A-MSDUs, in the payload field.
Dissect those frames correctly.
Bug: 16758
Change-Id: I42b7e9ce52faa80222692403fa7276c039644343
Reviewed-on: https://code.wireshark.org/review/38082
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
In dcm_export_create_object(), don't assume that assoc->ae_calling and
assoc->ae_called are non-null; if we don't have an A-ASSOCIATE request
earlier in the capture, which we are not guaranteed to have, the called
and called AE titles won't be set.
Bug: 16748
Change-Id: I7d6d22d1c23e28b1f0967a803d0d89609a421712
Reviewed-on: https://code.wireshark.org/review/38077
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
The "monitor mode" flag was called "netmon_802_11.op_mode.on", not
"netmon_802_11.op_mode.mon". Fix that.
Change-Id: I4a712c1d5fa7c7e43335d83c0f40ace4358a881c
Reviewed-on: https://code.wireshark.org/review/38069
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
I haven't been able to find the appropriate spec, but either there is a
limit to the number of features bytes to add and this patch is needed,
or the (i < 8) part should be dropped. As it is the other data and
expert info for 'unknown' fields will never be reached.
Detected by cppcheck:
epan/dissectors/packet-bthci_cmd.c:9183:72: warning: Condition 'i<8' is always true [knownConditionTrueFalse]
while (tvb_captured_length_remaining(tvb, offset) > 0 && i < 8) {
^
epan/dissectors/packet-bthci_cmd.c:9181:25: note: Assignment 'i=0', assigned value is 0
guint8 i = 0;
^
epan/dissectors/packet-bthci_cmd.c:9183:72: note: Condition 'i<8' is always true
while (tvb_captured_length_remaining(tvb, offset) > 0 && i < 8) {
Change-Id: Icfef0e9142a58aa1c525df9b7daf0aa820039167
Reviewed-on: https://code.wireshark.org/review/38049
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also, take into account length of GUID before
adding expert info for not-decoded data afterwards.
Change-Id: I3e3ee2fc014bc7ace477015b21b2d6ca9127a6be
Reviewed-on: https://code.wireshark.org/review/38062
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This matches the description at
https://www.museek-plus.org/wiki/SoulseekProtocol,
where some fields are uint32 but many are just 'int'.
Change-Id: I192aaf9ca84ccee7b52d266083bbbd8baef28685
Reviewed-on: https://code.wireshark.org/review/38060
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some heuristic functions (example: dtls over stun) perform exact checks on
paylaod length, so we need to skip any padding added by TURN layer
(RFC 5766, 11.5).
Bug: 16756
Change-Id: Iaaf3dc83fbc5f5f8d0af1cabfe94861480fe7c98
Reviewed-on: https://code.wireshark.org/review/38042
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Change-Id: Ibaa5b074a1d98a5be17e5f1514c5666a64fefafb
Reviewed-on: https://code.wireshark.org/review/38050
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
code to dissect PASSWORD-ALGORITHMS and PASSWORD-ALGORITHM attributes is
ready to go.
Change-Id: I6fcfb1da49c596a11b3c5b0e3dce51e47f1f7c1c
Reviewed-on: https://code.wireshark.org/review/38047
Reviewed-by: Guy Harris <gharris@sonic.net>
The current TECMP code shows embedded CAN or FlexRay frames but
does not allow other dissectors to further dissect them. This
patch adds this feature.
Bug: 16738
Change-Id: I7f886c8d42a52c4bd55bdb14aed7459eed1af42d
Reviewed-on: https://code.wireshark.org/review/37972
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Autokey was not properly supported, the v2 version check looked at the
wrong field (Code instead of Field Type). Since nobody noticed it, let's
remove it to simplify the code.
Improve the Extension Field (EF) heuristics to ensure that larger digest
sizes such as SHA-512 are recognized, and to support messages without
MAC. Previously only MD5 and SHA-1 were supported as these are the only
ones that are defined by the RFCs.
The ntp_ext_field_types array was generated by:
curl -s https://www.iana.org/assignments/ntp-parameters/ntp-parameters-3.csv |
awk -F, 'NR>=2{printf "{ %s, \"%s\" },\n", $1, $2}' | sort -n
Tested with md5_dgrams.pcapng and sha1_dgrams.pcapng (Bug 11580) and
NTP-with-mac.pcap (Bug 16640). Also checked against the NTS capture
(go_embeded.pcapng, bug 16222), but TCP reassembly is not supported so
the last part of the first segment is wrongly dissected as MAC.
Bug: 16640
Change-Id: I07fc46c6d8995e6c791952dd7cd84d798cddd21a
Reviewed-on: https://code.wireshark.org/review/38037
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bellcore (now Telcordia) GR-317 and GR-394 are used in the U.S. and are
more similar to ANSI ISUP than ITU Standard ISUP. This fixes decoding
the Jurisdiction (aka JIP) optional parameter.
"gr317" is listed in RFC 3204, Table 1 on Page 2. Telcordia's name for
this standard is "LSSGR: Switching System Generic Requirements for Call
Control Using the Integrated Services Digital Network User Part
(ISDNUP)".
"gr394" is the value used by our Ribbon (formerly Genband) C15 switch.
Telcordia's name for GR-394 is "LSSGR: Switching System Generic
Requirements for Interexchange Carrier Interconnection (ICI) Using The
Integrated Services Digital Network User Part (ISDNUP)". The difference
from GR-317 is "Call Control" vs "Interexchange Carrier Interconnection
(ICI)". These calls are indeed interexchange calls.
Given that only "gr317" is listed in RFC 3204, arguably our Ribbon C15
should be sending this as "version=gr394; base=gr317" or just as
"version=gr317", but I have no control over that and would like to
decode the traffic as seen in the wild.
Bug: 16752
Change-Id: I24c7b2e175606e1c91bcb2e96a3372f62055e293
Reviewed-on: https://code.wireshark.org/review/38038
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the DCE/RPC heuristics a bit more discriminating by checking
a few more header fields for illegal values. Reduces false positives.
Change-Id: Ic3d6c7ce62b64b2042922adb104294600b0db673
Reviewed-on: https://code.wireshark.org/review/38028
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Include stdlib.h for bsearch(). This is needed when building on RPi.
Change-Id: Ia0969d7785b59b4adfd10a332a20beb26a99fcb7
Reviewed-on: https://code.wireshark.org/review/38036
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Bluetooth Low Energy Advertising Extensions Host Advertising Data reassembly.
Bug: 16666
Change-Id: I78fea77a75f07ff7ef8a661e81ac3c729980de0e
Reviewed-on: https://code.wireshark.org/review/38016
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to 3GPP TS 44.014, section 8.1, type of the TCH loop is
edcoded in bits 2..6, so we should exclude bits 1, 7, and 8.
Before the patch:
DTAP Tests Procedures Message Type: Close TCH Loop Cmd (0x00)
Close TCH Loop Cmd Sub-channel
..00 0100 = Test Loop: C
.... ...0 = Subchannel: Sub-channel 1 of two half rate channels is to be looped
after:
DTAP Tests Procedures Message Type: Close TCH Loop Cmd (0x00)
Close TCH Loop Cmd Sub-channel
..00 010. = Test Loop: C
.... ...0 = Subchannel: Sub-channel 1 of two half rate channels is to be looped
Change-Id: Ie8ee23c6ce0a487d6a96b27324537372449946cb
Reviewed-on: https://code.wireshark.org/review/37981
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>