Change-Id: I4f3af7e06169461a15507ed8ecce8f15075b9667
Reviewed-on: https://code.wireshark.org/review/23835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The IEEE Std 802.11ai-2016 and 802.11-2016 defines Element ID Extensions.
This patch add the dissector framework of it.
Change-Id: I47b21959cc115743d6b2f0c691bc41f3059d45cd
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Reviewed-on: https://code.wireshark.org/review/23577
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The IEEE Std 802.11ai-2016 defines new algorithm number for FILS(IEEE 802.11ai)
at "9.4.1.1 Authentication Algorithm Number field" section.
Change-Id: I4351682d38efab2727e3a36741fe2f49508bba14
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Reviewed-on: https://code.wireshark.org/review/23576
Reviewed-by: Michael Mann <mmann78@netscape.net>
Using GCC version 7.1.1.
Change-Id: I7447a48fc97efb1eb15a016a29165f69d37f40a6
Reviewed-on: https://code.wireshark.org/review/23399
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Issue reported by Spice Boy
Bug: 14004
Change-Id: If49ec807ee54b8991653b7a3584baade59069894
Reviewed-on: https://code.wireshark.org/review/23197
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some places (like MAC resolution) want to keep a fixed length, but for places
that want to display "full organization name", save the long name that is
treated as a comment in the manuf file.
Have make-manuf convert companies with all caps to mixed case so we're not
screaming the company name at the user.
Convert the manuf.tmpl to be tab delimited without a comment for the "long name"
so it can match the format now created by make-manuf.
Remove uint_get_manuf_name as it was unnecessary.
Bug: 3666
Change-Id: If2af5a1ce64e2784fe3941eeae8d8093d4f1467b
Reviewed-on: https://code.wireshark.org/review/23150
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is a list of Neighbor report (for request and response)
Missing dissection of Neighbor Sublelement 0x03 (BSS Transition Candidate Preference)
Issue reported by Mark Williams
Bug: 13985
Change-Id: Ic3871866ba4779ee69e91d6d57b46926466b340c
Reviewed-on: https://code.wireshark.org/review/23107
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Table 8-216—GAS Initial Request frame body format (page 752 of the
2012 version) suggests that the only thing that comes after the length
is the actual request and since the default just inserts the bytes for
req_len, it looks like the fall-through should not be there and it
should be a break.
Change-Id: I8e5afb24fedffea869829dc9f5bf3d42b20121eb
Reviewed-on: https://code.wireshark.org/review/23075
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
and also with conflict check: 'dpp' exists multiple times with NOT compatible types: FT_PROTOCOL and FT_UINT8
Change-Id: I98e2f7e8abbee5423e2bfa7b71b5259edd4711e4
Reviewed-on: https://code.wireshark.org/review/23071
Reviewed-by: Michael Mann <mmann78@netscape.net>
Including attributes in Public Action frames and those that can appear in GAS
frames.
Change-Id: I8d2a717984295592952b8fff82879197ace2a4b2
Reviewed-on: https://code.wireshark.org/review/22615
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
This allows vendors to more easily expand functionality.
Change-Id: Iaa6a0626f3ab3c80a3ea90ca09c90284705d0221
Reviewed-on: https://code.wireshark.org/review/23066
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
It's not a requirement, but some dissectors didn't provide a static
summary because expert "format" was used.
While at it, fix a misleading expert info description, rename expert
info variables to ei_... and remove an unused hf entry.
Change-Id: Ib81a0d0a3950b3c90954d0053b8dae49dbb0cd51
Reviewed-on: https://code.wireshark.org/review/20567
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
checkAPIs.pl doesn't like tvb_get_* parameters because it thinks
proto_tree_add_item should be used. This is just to pacify the check.
Change-Id: If40728bcdf5558c351999057321ffba5d802c7c7
Reviewed-on: https://code.wireshark.org/review/21694
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13341
Change-Id: Ide9c9a08b73e97ddb716fd307800f58efb9bcb0e
Reviewed-on: https://code.wireshark.org/review/19739
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WARNING **: Field 'Rx STBC' (wlan.vht.capabilities.rxstbc) has a conflicting entry in its value_string: 2 is at indices 2 (1 to 2 Spatial Stream Supported) and 5 (160MHz and 80+80 Supported))
Change-Id: I7b94a88d8b12b3c0e485d0cade0e9918668a7342
Reviewed-on: https://code.wireshark.org/review/21380
Reviewed-by: Michael Mann <mmann78@netscape.net>
Problem: the "Apply as filter" option in the Endpoints dialog creates
the "INVALID==11:22:33:44:55:66" filter for IEEE 802.11 packets.
Since dissect_ieee80211_common initialises the address "whdr->src" and
"whdr->dst" fields using the "wlan_address_type" type, we have to do the
same in "wlan_host_get_filter_type". While at it, remove the check for
AT_ETHER since these will never match.
Change-Id: I43f9298adfa406ea37a383187137e3e0c1f8733d
Reviewed-on: https://code.wireshark.org/review/21015
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This seems to be working for clang, but with gcc bssid_broadcast.data
don't have FFs, and is_broadcast_bssid() fails.
Change-Id: I69bdd91fe1838ab1f2a22a082a460c6cb3e34616
Reviewed-on: https://code.wireshark.org/review/20989
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix parsing of Supported Operating Classes information element
- Fix min tag length check message (min length is 2 not 3)
- Fix max tag length check (no max defined)
- Fix malformed packet exception on frames with min tag length
- Handle OneHundredAndThirty and Zero field delimiters
- Use same base (dec) for both current and alternate op classes
Bug: 13534
Change-Id: I05b2238eb07f65fde0a33479e9459d2a99911a50
Reviewed-on: https://code.wireshark.org/review/20784
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Makes Windows vscodeanalysis a little happier.
Change-Id: I4e49615bc8b1623f826e0f2b9319d71016454310
Reviewed-on: https://code.wireshark.org/review/20725
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I53bca9bc50d18a88cc6c5c5a7ae93bdd1b772903
Reviewed-on: https://code.wireshark.org/review/20504
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make OSX buildbot happy
Change-Id: I1a376fba3d7f4b24741839697ed0f6c55c9ac77d
Reviewed-on: https://code.wireshark.org/review/20503
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If46ccea1c58448d2dacad07fb3171e423babe59f
Reviewed-on: https://code.wireshark.org/review/19562
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13343
Change-Id: Ia69b2c074adb1c269c93db40ad5004a261560c88
Reviewed-on: https://code.wireshark.org/review/20224
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TCLAS IE contains a set of parameters to identify incoming
frames with a TS.
During verification with various types of classifier types
Wireshark prints Error/Malformed message for type 2 (IEEE802.1Q)
IEEE802.11e defines that for classifier type 2 frame length is
5 not 6.
Change-Id: Icf61f7fb65e5b119aedbb664b4adaee1f1e9fde8
Signed-off-by: Marcin Rokicki <marcin.rokicki@gmail.com>
Reviewed-on: https://code.wireshark.org/review/20361
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For some unknown reason between 802.11 protocol fields end and LLC
protocol field start two octets of padding may appear. These octets
(value 0x00) were observed on the OLPC laptop, heuristically detected
and marked as OLPC mysterious stuff.
It seems that Atheros chipset drivers also show this behaviour,
although the padding is not 0x0000, but seem to be a duplicate of the
sequence control field. This is now also heuristically detected and
marked more generically as payload padding.
Bug: 13411
Change-Id: I1e817e07dc19be8b3917ff302ede3328ca6a4938
Reviewed-on: https://code.wireshark.org/review/20284
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Was still using tag type + length when doing offset calculations.
Change-Id: I778f56f28fa1ccec57c5192df4f8e4aa99e45e45
Reviewed-on: https://code.wireshark.org/review/20174
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
One GIANT switch statement is a little difficult to maintain, so convert each
case into its own function and add them to a dissector table. Many of the
case statements were already their own function, but signatures needed to
be converted into dissector_handle_t
-1 was uses as the protocol for the dissector handles because there isn't
a need to be associated with a protocol. This also allows third-parties
and plugins to add tagged fields outside of Wireshark using the new
dissector table.
Change-Id: I5e4c705dd6a7d99549a27ae684dbde4c47774123
Reviewed-on: https://code.wireshark.org/review/19670
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
All cases of the "original" format_text have been handled to add the
proper wmem allocator scope. Remove the "original" format_text
and replace it with one that has a wmem allocator as a parameter.
Change-Id: I278b93bcb4a17ff396413b75cd332f5fc2666719
Reviewed-on: https://code.wireshark.org/review/19884
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows for a wmem_allocator for users of format_text who want
it (dissectors for wmem_packet_scope()). This lessens the role of
current format_text functionality in hopes that it will eventually
be replaced.
Change-Id: I970557a65e32aa79634a3fcc654ab641b871178e
Reviewed-on: https://code.wireshark.org/review/19855
Reviewed-by: Michael Mann <mmann78@netscape.net>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ahmad Fatoum