Use "ssl_add_vector" for length validation and expert info.
Change-Id: Ib38d36dfd82b78580035415d0924f1fae6cbe96d
Reviewed-on: https://code.wireshark.org/review/20008
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Update references, rename the old "elliptic_curves" name to
"supported_groups". Fix a wrong field name (EC Point Format now has its
own hf). Add length validation for "elliptic_curve_list".
Change-Id: I554ebb259ba7561b48dfe1cc9162a0b3b3bcdba4
Reviewed-on: https://code.wireshark.org/review/20007
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Also add reference to specification.
Change-Id: I5619ce175711f6768949f8b7eec789320100573c
Reviewed-on: https://code.wireshark.org/review/20002
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change "length" to "offset_end" parameter for consistency. Clarify
applicable TLS version in comments. Remove unnecessary check for length.
Change-Id: Icdc7edff9c8fdaf4c7d7349f65fed42f5344f2c3
Reviewed-on: https://code.wireshark.org/review/20001
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Simplifies cleanup because wmem can handle the memory cleanup.
Change-Id: Idc6a9bfe5f23c83b59a5278a64b9fb706862342d
Reviewed-on: https://code.wireshark.org/review/20042
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix some errors in the parsing of the CAggregSpec structure, see
2.2.1.24 in the MS-WSP specification.
Change-Id: Ib281c10ab897e5c0282aa1b0d304df97a2fd14a3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/20036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Fix display of CTableColumn.StatusUsed & CTableColumn.LengthUsed
Both StatusUsed and LenghtUsed members were displayed as 2 byte length
values instead of single byte values.
2. Fix minor spelling mistake
3. display correct address(s) for array of address values
4. Use correct minimum CTableColumn size
This is followup patch for patch already provided for bug 13299.
The previous minimum value neglated to take into account the
CFullPropSpec structure (which is on the wire) but is represtented
as a string in the internal CTableColumn structure. Note: this doesn't
make any difference to the effectiveness of the previous patch but should
avoid confusion if someone later actually investigates the correct minimum
size.
5. Fix CPMCREATEQUERY message parsing
Following a query and subsequent clarification from dochelp@microsoft.com
the MS-WSP specification document was found to be incorrect.
CPMCreateQueryIn
|
---> CSortSet
should instead eventually point to CSortSet via the following msg structure
CPMCreateQueryIn
|
---> CInGroupSortAggregSets
|
---> CInGroupSortAggregSet
|
---> CSortSet
Change-Id: I7da6c7db817113f5542f25f078626030ad30d737
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/20031
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mimic functionality of g_hash_table_get_keys
Change-Id: I7702854ed771a5b3bf7ea5295a67c42f0f477cdf
Reviewed-on: https://code.wireshark.org/review/20039
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mimic functionality of g_hash_table_steal
Change-Id: Iaf4aeef951b60934569143b2d119f782aeefe380
Reviewed-on: https://code.wireshark.org/review/20038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Note that although some of the controls have been removed from the
protocol in upstream CTDB versions they are still present here in order
to dissect older protocol variants.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Change-Id: I67d8f69a7e920f4b1eeed21caab4d2b0b104d669
Reviewed-on: https://code.wireshark.org/review/20023
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13387
Change-Id: I7dfae550f814cdc15924357996e2086eea58ecf4
Reviewed-on: https://code.wireshark.org/review/20026
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch introduces the frame.interface_description field.
While testing this new functionality it became obvious that we have
a non-optimal interaction between the existing cfile.c's
cap_file_get_interface_name(), the recently added frame.interface_name
field and this new frame.interface_description field.
The string returned from cap_file_get_interface_name() may in fact
come from one of three different sources: the idb's interface name
(if it exists) or the idb's interface description (if that exists)
or a default text of "unknown". The string ultimately becomes the
rame.interface_name whether or not the idb had an interface name
option to begin with. This behavior does not allow one to test for
the simple presence of frame.interface_name. The new peer function
cap_file_get_interface_description() added by this patch returns
NULL instead of "unknown" if the idb does not have an interface
description. Should cap_file_get_interface_name() be similarly
modified to return NULL if the idb does not have an interface name?
Bug: 9781
Change-Id: Ie479f373c5080c004dd22bd88919838feca71e95
Reviewed-on: https://code.wireshark.org/review/19861
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib9d8f23faa7a9f83a975396a1be8f85078223feb
Reviewed-on: https://code.wireshark.org/review/20024
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
With option -I one can ignore the first number of bytes from the frame
while doing duplicate frame removal. This doesn't handle shorter frames
correctly. Add safeguards for this, and update the help text.
Bug: 13378
Change-Id: Ia6b65d0797f4069f0b89fa134114d88d80988211
Reviewed-on: https://code.wireshark.org/review/20004
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I91bc792302f61fd8f20fa41ec067534316e26074
Reviewed-on: https://code.wireshark.org/review/19742
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
The clean_exit block allows deallocation of memory on exit.
Change-Id: I52078f0e4e851b6aa5f34cbbd15eba0a4f37cae0
Reviewed-on: https://code.wireshark.org/review/19940
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I172167eb20793113562b69d1e0e93a4882200404
Reviewed-on: https://code.wireshark.org/review/20019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This mimics the function g_list_insert_sorted.
Change-Id: I6f7ac01155588006662c8c0c138d88cea753868c
Reviewed-on: https://code.wireshark.org/review/19978
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Added META_OPERATION_START (Resize, ConvertToVHDSet)
Added META_OPERATION_QUERY_PROGRESS
Added QUERY_SAFE_SIZE
Minor fixes:
Using GUID data type for LinkageID, VirtualDiskId and InitiatorId, not binary blob
Fixed length for SVHDX_TUNNEL_OPERATION_HEADER
Cosmetic: unused var, code makeup
Ping-Bug: 11232
Change-Id: I4ea598367a1c12586501555f4a23d6249057484a
Reviewed-on: https://code.wireshark.org/review/19979
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Add check for a valid profile name in the Profile dialog and disable
the Ok button and mark the invalid profile if error.
The GTK dialog does not close on errors but the Qt dialog does, so
ensure the user is informed beforehand.
Change-Id: If31ffe75183066cf49e2b5a082112bfe62d6c06e
Reviewed-on: https://code.wireshark.org/review/19995
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: I62d3e966928eba75dc26c2c3b6993175fe0f133e
Reviewed-on: https://code.wireshark.org/review/19994
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use ssl_add_vector to process DTLS Cookie, cipher_suites,
compression_methods, client_hello_extension_list. Removed some checks
(like cipher_suite_length > 0) since (per specification) these must be
non-empty (if this is not the case, then at worst an empty tree is
visible).
Change-Id: I7ab2ef12e210d5878769478c7dfba33a799fb567
Reviewed-on: https://code.wireshark.org/review/19993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Just as we include <windows.h> on Windows to get HANDLE defined, include
<sys/types.h> on UN*X to get pid_t defined.
We don't seem to need this (yet) on the master and 2.2 branches, but it
looks as if it might be necessary on the 2.0 branch. Do it everywhere.
Change-Id: I9535fa9944265746d332f8dc337e42a020b503d3
Reviewed-on: https://code.wireshark.org/review/19998
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Write the recent file for the current profile before copying or renaming
the profile to ensure the latest changes are not lost.
Change-Id: Ib07881925b398314da0a9b2ec875da7650b84712
Reviewed-on: https://code.wireshark.org/review/19984
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Update "early_data" extension to draft 18 (context field is gone).
Add support for "client_early_traffic_secret" to the keylog.
Support decryption of 0-RTT data (required handling cipher in Client
Hello and handling of "end_of_early_data" alert).
Tested with tls13-18-picotls-earlydata.pcap, early data decrypts
correctly. (The server data is messed up, but that is possibly the
result of broken NewSessionTicket handling which throws a dissector
exception and thus breaks the record sequence number.)
Ping-Bug: 12779
Change-Id: I9e6aeeb08111d5d977f2c0ab855f14d6d86ca87d
Reviewed-on: https://code.wireshark.org/review/19989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Server Hello can contain an empty extension, so restore the check.
Change-Id: I7d1ccfa113cd8a568def6915a80fd2791fd361df
Fixes: v2.3.0rc0-2284-g420b9e061e ("ssl-utils: add length validation for SNI extension")
Reviewed-on: https://code.wireshark.org/review/19983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>