Compiler - gcc 8.3.0
These are mostly errors 'may be used uninitialized in this function'
Change-Id: I6a8f7172c99024fd449570937b030e37c0ea5c3d
Reviewed-on: https://code.wireshark.org/review/35746
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Because:
- the 2-digit year can only be in the range 1950..2049 according to
https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1
- to avoid confusion, interpreting the year/month/day in a different order may
still represent a valid date.
- now both utcTime and GeneralizedTime are displayed in exactly the same way.
- some tools, like Perl, apply a different date range when converting 2-digit years.
In packet-ber.c two parameters are added to the function dissect_ber_UTCTime:
datestrptr: if not NULL return datetime string instead of adding to tree
or NULL when packet is malformed
tvblen: if not NULL return consumed packet bytes
Also the memory allocation for outstr is now done using the recommended method
as described in the README.developer document.
The calling function in x509af/x509sat uses this to prepend the century.
Added generated files.
Change-Id: I714c2e8e7f899211caaa1f4136ca0d27cb1aba4a
Reviewed-on: https://code.wireshark.org/review/35414
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
The new proto tree API uses mapping macros to map calls to the
proto_tree_add_* functions. These were defined for the up til then
in use functions. In the mean time functions have been added and
workarounds for non mapped functions were used.
This change adds the missing mapping macros so that now all
proto_tree_add_* functions taking a hfi address are mapped properly.
Also fix two dissectors that failed the mapping.
Change-Id: I91d800439fe2c4487ca53c00c44d7aa46ce70e1d
Reviewed-on: https://code.wireshark.org/review/35743
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
In doip_versions is a trivial typo "identifcation", which
is fixed by this patch.
Bug: 16325
Change-Id: Ia432d505fdf57606cd72ac63c80fca5066c37ff3
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-on: https://code.wireshark.org/review/35736
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
The current implementation of DLT will only dissect the first message
and skips all other messages in an UDP packet. Wireshark will mark
all bytes in the UDP payload belonging to the first message. This is
wrong and being fixed in this patch.
Bug: 16321
Change-Id: I7929caaf415e59220c29a8481d8671e71b00db0c
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-on: https://code.wireshark.org/review/35731
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Dissect MPLS label fields for EVPN Extented Community.
RFC7432 section-8.2.1 defines only a SHOULD for ESI label set to a MPLS
label when Single-Active redundancy mode is desired.
Therefore and not break current implemntation we only add the additional
dissection of the MPLS label bits.
Bug: 16313
Change-Id: Iad2561b90aeace212f79a874efb59af917aca3f1
Reviewed-on: https://code.wireshark.org/review/35692
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The size of the stack triggers an error on clang:
../epan/dissectors/packet-tpncp.c:410:1: error: stack frame size of 26152 bytes
in function 'init_tpncp_data_fields_info' [-Werror,-Wframe-larger-than=]
init_tpncp_data_fields_info(tpncp_data_field_info *data_fields_info, FILE *file)
^
1 error generated.
Change-Id: Ia7d1d609b339eff6ffa023d9c0bf47caf6bd9851
Reviewed-on: https://code.wireshark.org/review/35715
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The netlink attribute type is a 16 bit field, of which the two top most
bits are booleans. Interpret them as such.
The remaining 14 bits form the attribute type value. Due to the flexible
way the interpretation is setup, through the use of family specific code,
the header field for the attribute type value has to have a proper mask.
Otherwise the two top bits are taken (incorrectly) as part of the value.
Since this may not be obvious to the netlink family dissector creator
better enforce it by adding the masked value in the underlying netlink
dissector, using whatever header field is given for this.
Change-Id: I791f9b1de01505d4a4793abbcf62e596b864e2f0
Reviewed-on: https://code.wireshark.org/review/35725
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
/usr/lib/libkrb5.dylib doesn't have krb5_pac_verify().
This hopefully fixes the build problem introduced by commit
d9aab840a7
Change-Id: Ib354a59cbc20c6bf97ddc029d8b042d4aea6dae9
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35713
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Due to changes in #35206, if you have a lot of columns the display
of all columns may be hindered depending on your screen resolution.
With this change, displaying the column information can be disabled
via a Preferences->Layout checkbox element. Additionaly, the column
information will always be displayed as a tooltip element
Bug: 16317
Change-Id: Ib8c0fc0a84deaca96631270b320f3a530ba87d89
Reviewed-on: https://code.wireshark.org/review/35706
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
* Support little-endian systems
* Improve error reporting
* Implement some new features in the protocol
Change-Id: I73e07a588c4a028fd0c22e1570adb7957ba2d52f
Reviewed-on: https://code.wireshark.org/review/35467
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
For dissectors that expect reassembly at FIN (for example, the WHOIS
dissector), the expected end of the reassembly is not known until the
FIN packet is received. We cannot rely on 'nxtseq' being valid, and
certainly not use it to set the end of the reassembly using
fragment_reset_tot_len.
Since (1) OoO segments before FIN are already properly handled without
extra care, and (2) OoO FIN is already broken, just disable OoO handling
when DESEGMENT_UNTIL_FIN is requested. This ensures that reassembly at
FIN is not skipped due to lack of data.
Explicitly calculate 'nxtpdu' for the FIN case. Previously it happened
to work because streams were often smaller than DESEGMENT_UNTIL_FIN
(0x0ffffffe, 256MiB), but that was not obvious.
Bug: 16289
Change-Id: I9b9468925d49765e21e58136c8a2366da082eeba
Fixes: v2.9.0rc0-1097-gca42331437 ("tcp: add support for reassembling out-of-order segments")
Reviewed-on: https://code.wireshark.org/review/35543
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Unlike IMSI, both MSISDN and SMSC Address in SM-RP-OA/DA not only
contain the BCD encoded digits, but also a little header with
NPI (Numbering Plan Identification), ToN (Type of Number), and
Extension fields.
IE: SM-RP-DA (Destination Address)
Information Element Identifier: SM-RP-DA (Destination Address) (65)
Information Element Length: 8
Address Type: SMSC Address (3)
1... .... = Extension: No Extension
.001 .... = Nature of number: International Number (0x1)
.... 0001 = Number plan: ISDN/Telephony Numbering (Rec ITU-T E.164) (0x1)
E.164 number (MSISDN): 447785016005
Country Code: United Kingdom of Great Britain and Northern Ireland (44)
Let's dissect that header and following address bytes using the
public API from MAP dissector - dissect_gsm_map_msisdn().
Change-Id: Idc8a098926d38770002ba689efcf2c794c6b18d9
Reviewed-on: https://code.wireshark.org/review/35664
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes it much easier to analyze how PAC signing is supposed to
work with trusted domains.
Change-Id: I9993e5d92b7efee5aa91cd0e2005787f7d384444
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35704
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes it much easier to understand which key is used were.
Change-Id: I6f4bb1e46abb30212a87be2b574dc2679d8b7aed
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35695
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We autodetect the length a 12 bytes and the 0 (4 bytes) and 1 (4 bytes)
values after the 4 bytes NTSTATUS field.
See [MS-KILE] 2.2.1 KERB-EXT-ERROR.
Change-Id: I19345cb3f9c863e54a8f16002987912487f7d76a
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35694
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The underlying netlink dissector sets up a data structure to help maintain
information about the netlink packet. This contains the encoding information
as determined for this packet. Use this value in place of the copy that
every netlink dissector makes in its private data structure.
As a consequence the encoding field can be removed from these private data
structures. Since the encoding field is now directly available from the
data structure setup by the underlying netlink dissector, the private data
structures also do not need to keep a pointer to this underlying netlink
dissector data structure.
This change replaces the use of the local copy of encoding with the
original one. This change, by extension, also removes the encoding field and
the pointer to the underlying netlink dissector data structure as these are
no longer needed. The exception is the generic netlink dissector, which
implements the dynamic netlink famiily subdissector table.
Change-Id: Ida0065379c19ae68caf6d87860828b48766c1998
Reviewed-on: https://code.wireshark.org/review/35698
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a change into the correct direction and allows decryption
even if DCERPC security context multiplexing is not used.
The final design is added as comment, which would make it possible
to do decryption in all cases allowed by the protocol.
Change-Id: Ided40e0028967f2a047bf2722e627800ca77054d
Reviewed-on: https://code.wireshark.org/review/35680
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The underlying netlink dissector sets up a data structure to help maintain
information about this netlink packet. It gets passed through the familiy
specific netlink dissectors private data structures to reappear when
support funtions of the underlying netlink dissector are needed. In the
mean time a copy of data (the value 'encoding' to be precise) in this
structure is also maintained in these familiy specific netlink dissectors,
adding to the confusion.
This change is to make the underlying netlink dissector data structure
a normal part of the function interfaces, so that it is present without
being dependant on another private data structure.
This change is a first step towards removing the unnessesary copy of the
encoding value.
Change-Id: I69e78a2b15e58e149e82e89c19e519ef041ee6b1
Reviewed-on: https://code.wireshark.org/review/35688
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I70d66bb49384f2eac865a81ffc23b76362c37191
Reviewed-on: https://code.wireshark.org/review/35578
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Netlink 80211 dissector has a global variable to pass the pinfo pointer
to dissection routines that need it. Replace this by properly passing it to
the functions via a new private data structure, akin other netlink dissectors.
Change-Id: Ie08e370b65f7068c01cc93100657e3b8baa5fd63
Reviewed-on: https://code.wireshark.org/review/35657
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This won't be needed for NETLOGON_FLAG_AES.
Change-Id: I668bca15ed13e5a2767fa3e39c5cad0d510a8f5d
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35592
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
See [MS-NRPC] 3.1.4.2 Netlogon Negotiable Options, it's
flag W: Supports Advanced Encryption Standard (AES) encryption (128 bit in
8-bit CFB mode) and SHA2 hashing ...
Change-Id: I4b677e1ca1c3b3b9bc47ccc412380cc18659fd5d
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35589
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A filter for payload makes it easier to exoprt it.
Change-Id: I0732c60c7fac37283fcbe6508d5e27bcd3c603fd
Reviewed-on: https://code.wireshark.org/review/35519
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If somebody wants to debug the parser, they can add it if necessary in
their version.
Bug: 16306
Change-Id: I00e5924058d9401176e3fab40833932dc5757e6a
Reviewed-on: https://code.wireshark.org/review/35665
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Properly calculate the number of logical channels in the cluster.
Report expert info if number of channels does not turn into integer.
Bug: 16305
Change-Id: I028f3f00912629351641ef9297864ea832629cf0
Reviewed-on: https://code.wireshark.org/review/35656
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Gerald Combs