Added the following batch of HCI commands:
LE Read Maximum Advertising Data Length
LE Read Number of Supported Advertising Sets
LE Remove Advertising Set
LE Set Periodic Advertising Data
LE Set Periodic Advertising Enable
LE Set Extended Scan Parameters
LE Set Extended Scan Enable
LE Extended Create Connection
Corrected min/max interval field sizes of LE Set Extended
Advertising Parameters command and updated LE Set Extended
Advertising Enable command to use subtree for each set.
Change-Id: Id9c08189a76a0a4adc89b669b50d832f68a929aa
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Based on CSS7 specification.
Change-Id: Ibf00e3add7fcb1a2b3a22574bb63b0fddaf4adcb
Reviewed-on: https://code.wireshark.org/review/19972
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Another format of beacon in advertising packet.
Based on: https://github.com/AltBeacon/spec
User needs to use DecodeAs to use this dissector - any manufacturer's
company id may be valid.
Change-Id: I5656d9dbb70b648b2fadba7f3b525d38a2fe8e57
Reviewed-on: https://code.wireshark.org/review/19971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The number of extcap splash items is the number of extcap binaries plus
RA_EXTCAP.
Change-Id: I9702da5a94e244ddd95a845a67da9302ee41c826
Reviewed-on: https://code.wireshark.org/review/19981
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In the GTK+ prefrences dialog, enable wrapping and set a maximum width.
This should keep labels from making the dialog unusably wide.
Make a couple of enum preferences drop-downs instead of radio buttons.
Note that we might want to make the drop-down vs radio button behavior
automatic.
Change-Id: Ib72a2c8d5cfb99324be86f2218b6d57a395fa22c
Reviewed-on: https://code.wireshark.org/review/19980
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add copy of the definition in a comment, remove check for empty
extension such that export info can be added if the extension is empty.
Remove check for empty HostName, this cannot happen (and is caught by
ssl_add_vector).
Change-Id: Ie63b97e89dc7254f159abb338b52f5f894a8564d
Reviewed-on: https://code.wireshark.org/review/19939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also adds the definition from TLS 1.3 draft 18 spec.
Change-Id: Ic7910874507e76dcbe7ae15aff99c91496a2b590
Reviewed-on: https://code.wireshark.org/review/19938
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add description from spec, remove zero-length extension check since it
is not allowed by specification.
Change-Id: I4bf85b36d933db3658f7788768fd794b6199187e
Reviewed-on: https://code.wireshark.org/review/19937
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add the definition from draft 4 as well (which describes the structure
in text). Remove the check for zero length name since this is normally
not the case (according to draft specification).
Change-Id: I72c3f04a5146d4c4fa291383258246d9ba2b14be
Reviewed-on: https://code.wireshark.org/review/19936
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use ssl_add_vector to ensure that the lengths are checked for validity
and that expert info is added when invalid data is encountered.
Change-Id: I5d03dce988f695cdc305f1bfff9d19ae90c5f6e2
Reviewed-on: https://code.wireshark.org/review/19935
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Merge the length parsing into the SignatureAndHashAlgorithm vector
parsing. Remove extra expert info which are replaced by the generic
ones.
Tested with a mutated pcap where the signature length field is off by
one (too large = expert error, too small = expert warning, as expected).
Change-Id: I43350352ae00eb42bbe5c2ee81289fb592b88f86
Reviewed-on: https://code.wireshark.org/review/19933
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change all Hello extension dissector functions to accept the end of the
extension rather than the extension length. The changes are quite
mechanical: change "ext_len" to "ext_len = offset_end - offset".
Remove some "offset += ext_len" to ensure that additional unparsed data
is warned for.
The intent is that (extension) dissectors can easier check for overflow
(offset + 2 < offset_end). Later changes should remove "guint ext_len"
with appropriate changes (like replacing by ssl_add_vector).
Change-Id: Ic4846e6fd6164685c4704984136f701bec3afa58
Reviewed-on: https://code.wireshark.org/review/19932
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Currently variable length vectors are mostly unchecked with issues
ignored (see various "XXX - expert info"). In order to detect possible
attacks (and catch dissector issues), add helpers that extract the
vector length and that validate that a vector is correctly terminated.
Further dissection of a vector stops when not enough data is available.
The KeyShare extension and Extension itself are modified as a start,
more should follow. Future work should also ensure that the return value
represents the length after dissection (which should not exceed the
length). Also, the length field needs to be converted to an "offset_end"
value to ease overflow checking (length = offset_end - offset).
Change-Id: I6d757da2eb028f08a7b18661660313a6afd417e0
Reviewed-on: https://code.wireshark.org/review/19926
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Updated on 5th February 2017:
- UUIDs
- Company Ids
Change-Id: I9868891ee2bdcdaa687bd45c76429f2b476889cc
Reviewed-on: https://code.wireshark.org/review/19973
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
"Resolvable Private Address" comes in Core 5.
Also fix expert infos (usage) for all GAP characteristics are
described in Core 5.
Change-Id: I8386f5908b64cb758e2a973fb6f92fabcb30885a
Reviewed-on: https://code.wireshark.org/review/19974
Reviewed-by: Michael Mann <mmann78@netscape.net>
"llc.bluetooth_pid" is now placed in bluetooth-file, it seems to be
fine, but there is a need to avoid terrible/horrible scream from
this script.
Change-Id: I0bf3f5b5f6459ab1f13a8c2c6ad12859af608e85
Reviewed-on: https://code.wireshark.org/review/19969
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I7d84e67723196d9b39f6007950ec8fb95fe9a50e
Reviewed-on: https://code.wireshark.org/review/19934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
DataIn field should be three-state enum (not boolean)
See https://msdn.microsoft.com/en-us/library/dn393496.aspx
Fixed HandleStateShared value of QUERY_SHARED_VIRTUAL_DISK_SUPPORT reply
See https://msdn.microsoft.com/en-us/library/dn409282.aspx
Added VHDSET disk format (used by RSVD v2).
Change-Id: I7a9528e680dd4fede7e982d98316af5ef40cff3b
Reviewed-on: https://code.wireshark.org/review/19964
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the 'in' operator to the list of available operators, where 'eq'
operator would be present also. Setup the curly bracket expression in
the filter and allow for multiple enums to be selected.
Bug: 12808
Change-Id: I42b328bcb3328521d193d9cdae56577eb66f8e15
Reviewed-on: https://code.wireshark.org/review/19913
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Rework Application Layer fragment reassembly to handle
out of order fragments (seen over UDP).
Change-Id: Ifd2bffba30f0a419a5f82ea6b9d2d221f7d6d276
Reviewed-on: https://code.wireshark.org/review/19947
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Change-Id: I85535dfdb7b064ba81f44ed08c3b1e84e7204e9e
Reviewed-on: https://code.wireshark.org/review/19954
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icadbf65ad186c775b2a0ca8596d5bf4ba66e4c68
Reviewed-on: https://code.wireshark.org/review/19873
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id96ce391b9957ac37705c503bea35395ee3d358d
Reviewed-on: https://code.wireshark.org/review/19207
Reviewed-by: Paul Williamson <paul@mustbeart.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Decodes the options and meta length fields added with LWW for
{set,del}_with_meta request commands.
Decodes get_meta responses extra field.
Please see https://issues.couchbase.com/browse/MB-22003
Change-Id: Ie5205e8188a32d59145c4f9c499b16c7a7997274
Reviewed-on: https://code.wireshark.org/review/19928
Reviewed-by: Dave Rigby <daver@couchbase.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
* It must be multiple of 4 Octets otherwise NULL padding should be there
Change-Id: I7563b0407bd70d1f0b7aac8597ce3a757a08925e
Reviewed-on: https://code.wireshark.org/review/19893
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
capture_opts_cleanup() doesn't exist if we're building without libpcap,
so don't call it if we're building without libpcap.
Change-Id: I9ae33b0c13af2785b5adb380a5b03e89116f67df
Reviewed-on: https://code.wireshark.org/review/19925
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_opts_cleanup() doesn't exist if we're building without libpcap,
so don't call it if we're building without libpcap.
Change-Id: I6c9defea15fac7df5533269c4945b965d9a67c25
Reviewed-on: https://code.wireshark.org/review/19924
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This required a restyle of the way the different apps exit.
Change-Id: Iedf728488954cc415b620ff0284d2e60f38f87d2
Reviewed-on: https://code.wireshark.org/review/19780
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Add support for the NFSV4.2 mode_umask attribute which will be initially
supported by Linux v4.10.
Change-Id: Id98e20cd0ed93bf7ad9b2246e9e05299f3d7a9fc
Reviewed-on: https://code.wireshark.org/review/19921
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Being able to override (set) the application data dissector without
hacks (RSA keys dialog) would be nice. Modelled after
v2.3.0rc0-481-gafa2605e43 ("Support Decode As for {SSL,TLS}-over-TCP.")
Change-Id: Ic4c5ca55e8f20ad599c41c1df58b24f3bced2281
Reviewed-on: https://code.wireshark.org/review/19869
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Removed unused macros/functions that are apparently imported from
LibTomCrypt, only LOAD32L and STORE32L are needed. Remove code that
tries to distinguish between little/big endian, since WORDS_BIGENDIAN
was never defined, this would never have worked on big endian anyway.
Remove the special ROR "optimization" for GCC on i386, modern compilers
are able to optimize it to exactly the same thing. The generic
LOAD32L/STORE32L macros are less optimized (as can be seen in the
generated code), but this was not noticable in the mean running time.
Tested with the packet capture from bug 3232, the result is the same:
tshark -ocorosync_totemnet.private_keys:example.com -r corosync-totemsrp--key:example.com--2nodes.pcap -Vx
Bug: 13368
Change-Id: I59bf27d7dd990bbcd5ad34a1797f4a6c8a04512d
Reviewed-on: https://code.wireshark.org/review/19894
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
