I don't know why, but sometimes it fails - the most recent failure was
due to it having already been unmounted! Maybe the CMake installer
unmounts it some times but not others. Just drive on if it fails.
Change-Id: I1b31356f08695b8d3b9e425f8475a422e1da0783
Reviewed-on: https://code.wireshark.org/review/3220
Reviewed-by: Guy Harris <guy@alum.mit.edu>
You have to run macosx-support-lib-patches/qt-fix-pc-files manually,
telling it where Qt was installed, but so it goes....
Change-Id: I8668a1fc4254cc002aee068749edb3cf3bdb854f
Reviewed-on: https://code.wireshark.org/review/3215
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet as far as possible, called from both dissect_dnp3_tcp and dissect_dnp3_udp.
Bug: 10287
Change-Id: Iaa988258b3614cb1b408dec41a987fbd61c9727c
Reviewed-on: https://code.wireshark.org/review/3096
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
I thought I'd found all of these but I guess I hadn't; good thing the fuzz-bot
kept looking.
Bug:10314
Change-Id: I2cc209a6c87781d10cae28f2cb91400d759f5091
Reviewed-on: https://code.wireshark.org/review/3205
Reviewed-by: Evan Huus <eapache@gmail.com>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
UAT was the easiest way to do this and I like the "file format" of the data, but the presentation doesn't seem that great.
Bug:10180
Change-Id: I7e6bc9e148bc47585a0a7eb8f96900a5c374e673
Reviewed-on: https://code.wireshark.org/review/3082
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I899dafbdf0f1aa94b71ca1dcb93d1ef1b2039386
Reviewed-on: https://code.wireshark.org/review/3200
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead, if we have no interfaces in global_capture_opts.all_ifaces, use
the refreshLocalInterfaces() method of the main WiresharkApplication to
try to fetch them; that way, if we do find interfaces, a signal will be
emitted to cause the rest of the UI to reflect their arrival.
Change-Id: I59077ef855127fd6bddaa40126c1835a659ffc30
Reviewed-on: https://code.wireshark.org/review/3202
Reviewed-by: Guy Harris <guy@alum.mit.edu>
lseek returns an off_t type which is system-dependent. Use ws_lseek64 in
favor of lseek as that supports 64-bit quanities.
Use ws_fstat64 instead of stat to support 64-bit file sizes on Windows.
For the majority of the changes, this makes no difference as they do not
apply to Windows ("ifndef _WIN32"; availability of st_blksize).
There are no other users of "struct stat" besides the portability code
in wsutil. Forbid the use of fstat and lseek in checkAPIs.
Change-Id: I17b930ab9543f21a9d3100f3795d250c9b9ae459
Reviewed-on: https://code.wireshark.org/review/3198
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a "refresh the local interfaces" method to WiresharkApplication,
which reloads the interface list and emits the "interface list changed"
signal, and invoke it from the Capture -> Refresh Interfaces menu item.
Change-Id: I9641e4b341eb44d773c556691d8bb9dac776ea9d
Reviewed-on: https://code.wireshark.org/review/3195
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't assume that a change to the interface list is from a non-empty
interface list to a different non-empty interface list.
Change-Id: I94054ca0cf2661704aff1869385aa2155c19677d
Reviewed-on: https://code.wireshark.org/review/3193
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The fuzzbot has been upgraded, so hopefully this is no longer necessary.
Change-Id: Ia2d8ae03180c6e0b81a4f7b69b72610d047307ff
Reviewed-on: https://code.wireshark.org/review/3194
Reviewed-by: Evan Huus <eapache@gmail.com>
Nmake 12 seems to be more strict about spaces in commands. Add the
hhc.exe path to PATH and use a bare command instead.
Change-Id: I9fbd9abdabf7f51ac7bac2cbe8d938ae7bb0640e
Reviewed-on: https://code.wireshark.org/review/3192
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I6e0109bc1d1acf200fd0c1a9f8ddd3a3d98f5908
Reviewed-on: https://code.wireshark.org/review/3189
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I589a6ced098d1d224e86386f028c92fc0797164e
Reviewed-on: https://code.wireshark.org/review/3188
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ibeaf5ba5d104e7f9bc9291e83923f8675abf0099
Reviewed-on: https://code.wireshark.org/review/3187
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I342f283bbab3052337e00502769150cf3f4a8800
Reviewed-on: https://code.wireshark.org/review/3186
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I467bfae2db7d3a119b58505b43b3d9bb59615ee9
Reviewed-on: https://code.wireshark.org/review/3185
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
- compute_offset_and_remaining(...) is a little bit faster than
check_offset_length(.., .length_val = -1);
- tvb_find_guint8(), tvb_pbrk_guint8() - both function are limiting data to
MIN((unsigned) maxlength, tvb_len) - do the same with less count of ifs.
Change-Id: I7761d77b6282d800eea94852d5c6543aef4bc7ca
Reviewed-on: https://code.wireshark.org/review/2829
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It was not clear whether the data_len member of StringInfo refers to
the allocated memory (as was done for session_ticket) or the length
of the actual data. This is clarified in a comment. To keep the
invariant "data_len refers to the length of meaningful data", some
code has been moved just in case some intermediate code fails:
- Setting session_ticket.data_len vs tvb_memcpy to session_ticket.data.
- PRF functions would expect the data length as input to a paramter
named "out". This is highly confusing, so another parameter has been
added to signify the requested length, "out_len". This also helps
holding up the invariant.
- For prf() calls, out.data_len does not need to be initialized but
passed as parameter.
Other PRF-related changes:
- Change the PRF functions to return a boolean instead of an int.
- tls_hash: return void as it cannot fail and remove related error
handling from callers. Fix a memleak of label_seed if tls_hash was
successful.
- tls_hash: add comments to clarify its functionality, whitespace.
- ssl3_generate_export_iv could not fail, so make it void. Also added
an out_len param to pass the target length.
- In prf(), replaced if-conditions for SSL version by a switch.
- In ssl_generate_keyring_material, the scope of some variable has been
tightened.
- ssl_session_init: explicitly set data_len to 0. This is strictly not
necessary as the callers have already zeroed out the memory, but that
has not been documented.
Other changes related to master_secret (ssl_save_session[_ticket]):
- Initialize master_secret.data_len to 0 in ssl_session_init as the
master_secret is unusable at that point.
- Remove the hack that tests whether master_secret.data is non-empty.
- Replace hardcoded master_secret length (48) from wmem_alloc0().
- Introduce macro for master secret length, use this in
SslDecryptSession, for parsing from keyfile and converting pre-master
secret to master secret (prf).
- Use (master_secret + 1) to refer to the part after the struct rather
than adding the size manually to a gchar-casted master_secret.
Change-Id: Ie1ea448db54e828b904568224486147a3d962522
Reviewed-on: https://code.wireshark.org/review/3030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Changes:
- dtls: also support saving session tickets.
- Drop the length check and let proto_tree_add_item throw exceptions
on length errors.
- Use proto_tree_add_item instead of proto_tree_add_uint.
- Drop "TLS" from header field descriptions, the RFC does not name it
as such and DTLS can also use it (a draft is in progress that extends
DTLS with Session Tickets,
draft-hummen-dtls-extended-session-resumption-01).
Change-Id: I11195217368b7200821d11289b1c5870a1ffe637
Reviewed-on: https://code.wireshark.org/review/3029
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I2d2bbc211e98ad24a27c855031f670b7bdbd530e
Reviewed-on: https://code.wireshark.org/review/3162
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
I really don't understand why MSVC would make the result of this computation an
int64 then complain about down-casting to an int16 when *all* of the
participating variables are int16 or smaller...
Change-Id: I2d9c27ac22b51b10e4872a6640881c8d0ec566e7
Reviewed-on: https://code.wireshark.org/review/3180
Reviewed-by: Evan Huus <eapache@gmail.com>
Client/Server hello and Hello extensions are now dissected inside
ssl-utils, no need to export them for the SSL or DTLS dissectors.
Change-Id: I8f2405199f21616743fe74959f07cfa839565527
Reviewed-on: https://code.wireshark.org/review/3022
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Changes to ClientHello dissection:
- Move ssl_find_private_key (and its pre-req, ssl_set_server) outside
ssl_dissect_hnd_cli_hello. It has not really something to do with
dissection, but state tracking and decoder param feeding.
- dtls: add expert info for bad cipher suites len.
- ssl: remove bad cipher suites len text label which is also
available as expert info. Attach expert info to a the length proto
item (which is converted to use add_item instead of add_uint).
- Remove `if (tree || ssl)` since expert info seems not to apply
otherwise (this also needs changes in common and handshake
dissection).
- ssl: remove tvb_ensure_bytes_exist so we can dissect more
compression methods and cipher suites.
- Since DTLS has an additional Cookie field which TLS does not have,
pass these additional header fields through a struct whose type is
defined in ssl-utils.
Change-Id: I41bef04c1c3353e582e30f561d1d246a744e1d60
Reviewed-on: https://code.wireshark.org/review/3021
Reviewed-by: Evan Huus <eapache@gmail.com>
Changes to ServerHello:
- Get rid of session parameter as the SslDecryptSession already
provides a reference to SslSession. Done for the new
ssl_dissect_hnd_srv_hello and ssl_dissect_hnd_hello_ext functions.
- No need to generate the keyring here, decryption is only needed after
ChangeCipherSpec and the keyring will be generated there provided
that there are enough params (cipher, version, master-secret, etc.)
- Get rid of labels and goto in favor of if/else.
- DTLS: SSL_HAVE_SESSION_KEY is implicitly set when
ssl_generate_keyring_material succeeds, no need to set it. Remove it.
- Remove `if (tree || ssl)` since expert info seems not to apply
otherwise (this also needs changes in common and handshake
dissection). (Expert info from the TLS extensions, not the
ServerHello itself.)
Other changes:
- ClientHello: renamed some fields shared with ServerHello.
Change-Id: I466b905d990489e03250bac97bf9d862ff82ce6c
Reviewed-on: https://code.wireshark.org/review/3020
Reviewed-by: Evan Huus <eapache@gmail.com>
Exported PDU may contains (Binary) Logcat, so it is possible to
"export" logcat binary from it.
Change-Id: Ic6607126e739ea3972b46c2bf19f064597d4e970
Reviewed-on: https://code.wireshark.org/review/3001
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>