Add EVPN to the set of SAFI's of the L2VPN AFI to dissect the
Net hop network address for.
Bug: 16644
Change-Id: Ib335e765907d72945a5e58e6e992f84b92f9f261
Reviewed-on: https://code.wireshark.org/review/37536
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"int * const a[]" means "array of const pointers to (non-const) int". so
the array elements are all const; "const int *a[]" means "array of
(non-const) pointrs to const int".
Change-Id: I0571fde7704570b60c9cbd5d94826365ff35abe0
Reviewed-on: https://code.wireshark.org/review/37546
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Also, remove a comment leftover from an earlier uncommitted version of
these changes.
Change-Id: I0990a186bc280e11a6d0fda05748f5871fb227f1
Reviewed-on: https://code.wireshark.org/review/37542
Reviewed-by: Guy Harris <gharris@sonic.net>
Add to the GUID type a bitmask that indicates which fields have been
filled in; start it out as 0, and then set bits in it as fields get
filled in.
Do not add a type mapping object to the hash table unless the GUID is
completely filled in, and don't look for a type mapping object in the
hash table with a GUID that hasn't been completely filled in as a key.
Bug: 16642
Change-Id: I31db92238adcb2ec2d70b2650e41b14d99001908
Reviewed-on: https://code.wireshark.org/review/37537
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Update the text in the Code Requirements section. Switch to a
description list. Add a list of allowed licenses.
Change-Id: Ic9bf88bee7122684f5e3b80185be37a7e4e7b011
Reviewed-on: https://code.wireshark.org/review/37417
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix dead store (Dead assignement/Dead increment) Warning found by Clang
Change-Id: Ieda68cc1518325c64c8862a77f16cee5de7def8b
Reviewed-on: https://code.wireshark.org/review/37519
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support to read/write the new EPB options, epb_packetid,
epb_queue and epb_verdict, from/to pcap files.
In addition, it updates the packet-frame dissector to dissect
these new fields.
More details on the options can be found in the PcapNG
specification: https://github.com/pcapng/pcapng
An application using these new fields can be found here:
https://github.com/chaudron/xdp-tools/tree/dev/pcapngII/xdp-dump
Change-Id: I761b8114b437fe573dd2c750e35586ad88494938
Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
Reviewed-on: https://code.wireshark.org/review/37412
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Call exit_msg(), not just print().
Change-Id: I3ca59b262285222e5f54045244b6eeaa31fa363e
Reviewed-on: https://code.wireshark.org/review/37530
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Catch particular exceptions and print a more detailed error.
Change-Id: Ied98c6d0bc0410eb8b9cb2a98f7264e980c2bb28
Reviewed-on: https://code.wireshark.org/review/37529
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
"int * const a[]" means "array of const pointers to (non-const) int". so
the array elements are all const; "const int *a[]" means "array of
(non-const) pointrs to const int".
Change-Id: I790f6ecb2d9616ff1ae9ca47364e1d5443e36ace
Reviewed-on: https://code.wireshark.org/review/37528
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
"int * const a[]" means "array of const pointers to (non-const) int". so
the array elements are all const; "const int *a[]" means "array of
(non-const) pointrs to const int".
Change-Id: I2089ca390308da50d182f6bdad5be530f7e7cc71
Reviewed-on: https://code.wireshark.org/review/37527
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Don't take the address of an hf_ field and then, in the called routine,
dereference the pointer; just pass the hf_ field value. In the cases
where we're passing a member of an array of pointers, dereference the
pointer at the call site.
Change-Id: I022ce46c196621088e093f9a43d57b4653c957f7
Reviewed-on: https://code.wireshark.org/review/37526
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Robin Marx reported an issue where decryption failed and "Unable to
retrieve cipher information" was displayed. It turns out that his Ubuntu
16.04 installation was too old to support ChaCha20-Poly1305 decryption.
Be sure to report a more helpful error.
Change-Id: Id61471b68e0a52a54ed5573437126f784371c2b7
Reviewed-on: https://code.wireshark.org/review/37525
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check the return value of dissect_pim_addr()
Change-Id: I783afeb6302b15fbaa7af4df5aadfdf64639acbc
Reviewed-on: https://code.wireshark.org/review/37496
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The current xcbproto has some more files.
Not everybody builds with Make; say "build the x11-dissector target", to
make it more generic in the CMake era, and give both Make and Ninja
examples.
Change-Id: I5a3c9b4dd3112cdc3054b37e4ead3abfe278df93
Reviewed-on: https://code.wireshark.org/review/37516
Reviewed-by: Guy Harris <gharris@sonic.net>
mvfst 0xfaceb002 is compatible with draft-27, see
d1a3652a4c
This is necessary to support 0xfaceb002 decryption since draft-29
changed the salt again.
Bug: 16378
Change-Id: Ib186effdb5e85bc6d48fffbfbb1f3498bf89860d
Reviewed-on: https://code.wireshark.org/review/37493
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Set the options of rtps_add_zlib_compressed_typeobject used or unused
according to the presence of zlib.
Change-Id: I73d995fce9ec5a65b0d6ebce6c2510b6d25ad347
Reviewed-on: https://code.wireshark.org/review/37495
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Another instance of this problem that showed up when working on the fix
to the data types of those tables (fixing the data types mean that these
errors cause the conpile to fail; as indicated, that's one reason to fix
them).
Change-Id: Ia1953b95968101f27fedd98a5fc2854101779deb
Reviewed-on: https://code.wireshark.org/review/37509
Reviewed-by: Guy Harris <gharris@sonic.net>
The arrays of pointers to header field hf_ values were getting
overwritten if the fields in question are unknown; that meant that, in
all future dissections, they would be dissected as unknown *even for
packets where they are known*.
Make them auto arrays, instead, so that each call to the dissector has
its own copy, properly initialized at run time, that it can scribble
over as it chooses without damaging the array for the next call.
This involves a cast to work around the type of the array argument being
"const int **", which means "pointer to pointer to const int",
not "pointer to const pointer to (non-const) int". That meant that the
scribbling on the static array was *not* detected at compile time.
Fixing the type is a *lot* of work, but may catch other instances of
this problem, and may prevent future instances of it. That's a project
for a separate commit, however.
Bug: 16636
Change-Id: I985157063488739bb59f87780c017e94e2380343
Reviewed-on: https://code.wireshark.org/review/37502
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Prof. Doppler's name is spelled with two "p"s.
Change-Id: Ia25d45b0a890be8c954a67b1ce5860753c1de25d
Reviewed-on: https://code.wireshark.org/review/37498
Reviewed-by: Guy Harris <gharris@sonic.net>
Replacing FT_STRING with FT_UINT_STRING and removing length field where
it existed.
Change-Id: I5dc8b8ba472f161d604e4c157a9b0230694ea87a
Reviewed-on: https://code.wireshark.org/review/37463
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preprocessor statements in the function get_compiler_info were
indented with a mixed approach: indented, but not following the style
of the rest of the file. The indented approach has been followed to
increase the readability, but with tabs, as in the rest of the file.
Other indentation issues fixed.
Change-Id: I6486c2cfa640f87c90a7fe4b7d95848d02249d23
Reviewed-on: https://code.wireshark.org/review/37481
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't rely on the item having the name "Real-Time Transport Protocol",
as that's fragile. We could check for the abbreviation or filter name
being "rtp", but we can avoid string comparisons entirely by getting the
ID for the protocol "rtp" and comparing the item's ID with that.
Change-Id: I2a859f0b346f15a797fb5de75e0cf5c0b5abcfe9
Reviewed-on: https://code.wireshark.org/review/37490
Petri-Dish: Guy Harris <gharris@sonic.net>
Reviewed-by: Orgad Shaneh <orgads@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Say "attempt to XXX", as the attempt might not succeed.
Fix a copied-and-pasted comment to reflect what
proto_is_frame_protocol() does.
Change-Id: Ia16a98064b87001f019fda43f2db2970a89e355e
Reviewed-on: https://code.wireshark.org/review/37486
Reviewed-by: Guy Harris <gharris@sonic.net>
This patch allows to parse authentication-only MACsec messages
and show the payload.
Bug: 16624
Change-Id: I7fd071e6c7f5522f302255d65560f0848a262bfb
Reviewed-on: https://code.wireshark.org/review/37445
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since draft 27 the minimum transport parameter size can be smaller than
4 due to variable-length encoding. With ngtcp2-29-dsb.pcapng, the
active_connection_id_limit at the end covers only three bytes for
example. Even though the correct length is normally set later, the early
attempt to read four bytes resulted in an Malformed Packet exception.
Change-Id: I9ec6ec6c66ce7a993f2fcfdc987e35966dc809ac
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/37483
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
We pass an acdr_dissector_data_t * to dissectors for the
"acdr.media_type" dissector table, but the JSON dissector expects an
http_message_info_t *.
Hilarity ensues.
Instead, have our own dissector for VoiceAI, that calls the JSON
dissector and passes it *no* data.
Bug: 16622
Change-Id: Icb5b216ed63ab02680372836885b27de9541684c
Reviewed-on: https://code.wireshark.org/review/37484
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Add a dissector for Asphodel (https://bitbucket.org/suprocktech/asphodel).
Asphodel is a protocol for streaming real-time data from sensors in industrial
environments. This protocol dissector supports complete dissection of the UDP
advertisment packets, and simple dissection of the TCP command and stream data.
Sample Capture:
https://wiki.wireshark.org/SampleCaptures#Asphodel_Protocol
Change-Id: I6a7f730a4ce5349ac48b4fd86e61429983af5bf9
Reviewed-on: https://code.wireshark.org/review/37318
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
rawshark.c:1347:21: note: opposite inner condition: pos>=len
if (pos >= len) { /* There should always be a following character */
Change-Id: I2e1c6b3d031db4f658bb579e0c8aba8cac7c5cb5
Reviewed-on: https://code.wireshark.org/review/37475
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Clang's __VERSION__ shows a trailing space. This ends up in a useless
space before the period, that shows a different output from other
compilers. Example:
Built using clang Clang 10.0.0 .
Built using gcc 7.5.0.
Fixed by stripping it in clang only.
Change-Id: I98dfce46b189fc6b2b58950dbb27f69d271bd729
Reviewed-on: https://code.wireshark.org/review/37480
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change the separator from && to // due to popular support for
that separator instead.
Bug: 16498
Change-Id: I0ee934f3f8a7b9ff1c062b533046980e3feb3d99
Reviewed-on: https://code.wireshark.org/review/37465
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit extends decoding of source/group/unicast addresses as
defined in RFC4601 while preserving the existing fields.
Furthermore Joint Attributes TLVs as defined in RFC5384 are added for
encoded source addresses.
Initial decoding of Vector Attribute TLV Format as defined in RFC5496.
Bug: 16613
Change-Id: Ie2f142ef2ed48254c8483180eb4b310674d3437b
Reviewed-on: https://code.wireshark.org/review/37468
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since the original introduction of sshdump, ssh_userauth_publickey_auto
was already in use which would try the ssh-agent on non-Windows
platforms. There is no need to explicitly call ssh_userauth_agent which
is dead code anyway due to a typo in the macro name.
Change-Id: I976ec3da9e35ade63983ba5ca01163714d466912
Reviewed-on: https://code.wireshark.org/review/37476
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>