Add a dissector table "btcommon.eir_ad.entry.uuid_16", which behaves the same
way as the hard-coded GAEN (Google/Apple Exposure Notification) dissector does
today -- the table key is the 16-bit UUID
(https://www.bluetooth.com/specifications/assigned-numbers/), and the dissector
is given the corresponding service data.
A few of them just needed scratch memory, so allocate and free it
manually after doing any exception-raising checks.
A few others were returning memory, and needed conversion to accept a
wmem scope argument.
New HCI commands/event dissected:
- LE Set Data Related Changes Command
- LE Set Default Subrate Command
- LE Subrate Request Command
- LE Subrate Change Event
5.3 version number added, LE event mask, supported commands and
LE feature bitmaps updated.
These appear to be copy/paste errors detected by running
./tools/check_typed_item_calls.py --consecutive
Quite a few issues still remain after this batch.
These were detected by running check_typed_item_calls.py
with --consecutive, which flags items that have different
labels but the same filter string. Usually this is because
of copy/paste.
Quite a few similar bugs still exist, will address in a future commit.
Correct endianess for Max PDU field in LE Set CIG Parameters and LE
Create BIG Test Command. Correct endianes for BIS handle and remove
PHY field from LE Create BIG Sync Established Event.
Add SDU interval field to LE BIGInfo Advertising Report Event.
Change-Id: Ic276aceb5a2e1cd6e1c08ae20303bfbe6bdc1286
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/38157
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Google/Apple Exposure Notification protocol is designed to aid
contact tracing efforts by allowing users to broadcast changing
identifiers, derived from longer-term (24 hour) keys; in the event that
a user receives a positive diagnosis, they upload their longer-term keys
to a key server, and all other users can use those long-term keys to
generate all the potential changing identifiers, and compare those to
their logs to determine if they were in contact with the infected user.
This protocol was developed in response to SARS-CoV-2, but is not
inherently limited to it.
This patch adds a "bluetooth.gaen" filter, with two data fields in the
periodic (changing identifier) broadcast:
- bluetooth.gaen.rpi: The Rolling Proximity Identifier
- bluetooth.gaen.aemd: The Associated Encrypted Metadata
Links to Protocol Documents:
- Google: https://www.google.com/covid19/exposurenotifications/
- Apple: https://www.apple.com/covid19/contacttracing
This change also adds the Bluetooth SIG-assigned 16-bit UUID for GAEN,
0xFD6F, to the list of Wireshark-recognizable 16-bit UUIDs.
These changes are licensed under the same license as Wireshark itself.
Change-Id: I3af14b225a35d0670433a9a89901d4d37895b3bd
Reviewed-on: https://code.wireshark.org/review/38064
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I haven't been able to find the appropriate spec, but either there is a
limit to the number of features bytes to add and this patch is needed,
or the (i < 8) part should be dropped. As it is the other data and
expert info for 'unknown' fields will never be reached.
Detected by cppcheck:
epan/dissectors/packet-bthci_cmd.c:9183:72: warning: Condition 'i<8' is always true [knownConditionTrueFalse]
while (tvb_captured_length_remaining(tvb, offset) > 0 && i < 8) {
^
epan/dissectors/packet-bthci_cmd.c:9181:25: note: Assignment 'i=0', assigned value is 0
guint8 i = 0;
^
epan/dissectors/packet-bthci_cmd.c:9183:72: note: Condition 'i<8' is always true
while (tvb_captured_length_remaining(tvb, offset) > 0 && i < 8) {
Change-Id: Icfef0e9142a58aa1c525df9b7daf0aa820039167
Reviewed-on: https://code.wireshark.org/review/38049
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bluetooth Low Energy Advertising Extensions Host Advertising Data reassembly.
Bug: 16666
Change-Id: I78fea77a75f07ff7ef8a661e81ac3c729980de0e
Reviewed-on: https://code.wireshark.org/review/38016
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Handle the reserved bits in the LE channel map. The bits do not
represent the advertising channels, but are simply reserved.
Allow the dissector to set these bits as non-channel map related, which
is the case for Extended Advertising Sync Info.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345314
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36779
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The existing dissector does not extract the "Flow Direction" field,
leading to incorrect decoding of all subsequent fields and incorrect
warnings about additional data being present at the end of the packet.
This patch extracts the one byte field and provides human-readable
representations of the legal field values.
Change-Id: Iba69eb7265e0589744721eaff07143b638b71168
Reviewed-on: https://code.wireshark.org/review/36275
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissection of all new HCI commands and events added in
the newly released Bluetooth specification version 5.2.
Bluetooth Device Dialog updated to also show ISO buffer
size and amount.
Change-Id: I3a459760cbe5f6c4f985621cee40dbbe5e473d39
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/35957
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove the "title" parameter from the register_decode_as_next_proto()
function. This parameter is no longer required since decode_as_t does
not have a title any more.
Change-Id: I300c755bd465453aa91703b53ce9adc954e38c00
Reviewed-on: https://code.wireshark.org/review/33579
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The title of a decode_as_t was used by the GTK UI. It's no
longer required for Qt.
Change-Id: Ibd9d4acbe9cad2c1af520340d04e550326a97ebe
Reviewed-on: https://code.wireshark.org/review/33557
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The command name was changed between core spec 4.2 and 5.0,
it is now: LE Read Remote Features
Bug: 14582
Change-Id: Ia64db822e680263d9e4fef9d6c466e128597a13f
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/32540
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissection added for HCI commands/events:
Read Local Simple Pairing Options
LE Receiver Test [v3]
LE Transmitter Test [v3]
LE Set Connectionless CTE Transmit Parameters
LE Set Connectionless CTE Transmit Enable
LE Set Connectionless IQ Sampling Enable
LE Set Connection CTE Receive Parameters
LE Set Connection CTE Transmit Parameters
LE Connection CTE Request Enable
LE Connection CTE Response Enable
LE Read Antenna Information
LE Set Periodic Advertising Receive Enable
LE Periodic Advertising Sync Transfer
LE Periodic Advertising Set Info Transfer
LE Set Periodic Advertising Sync Transfer Parameters
LE Set Default Periodic Advertising Sync Transfer Parameters
LE Generate DHKey [v2]
LE Modify Sleep Clock Accuracy
LE Connectionless IQ Report
LE Connection IQ Report
LE CTE Request Failed
LE Periodic Advertising Sync Transfer Received
The following HCI commands have been renamed:
LE Receiver Test -> LE Receiver Test [v1]
LE Transmitter Test -> LE Transmitter Test [v1]
LE Enhanced Receiver Test -> LE Receiver Test [v2]
LE Enhanced Transmitter Test -> LE Transmitter Test [v2]
LE Generate DHKey -> LE Generate DHKey [v1]
LE Periodic Advertising Create Sync command added CTE type field.
Version, feature bits and event mask fields updated.
Change-Id: I9ecf2749c718023e7f9a762ebfc0263da78e5c0d
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/32492
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added support for Bluetooth Mesh beacons
Added support for Bluetooth Mesh Provisioning protocol
Added support for Bluetooth Mesh Proxy protocol
Added support for Bluetooth Mesh PB-ADV provisioning bearer
Added support for Bluetooth Mesh PB-GATT provisioning bearer
Link to Bluetooth Mesh Profile specification
https://www.bluetooth.org/docman/handlers/downloaddoc.ashx?doc_id=457092
Bug: 15523
Change-Id: I408726c0bc7e1d81077539d451c2047f540dd865
Reviewed-on: https://code.wireshark.org/review/32076
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bluetooth specification says that some bits mean that packet type MAY BE used,
but some other bits meaning is "may NOT be used" what is suprising.
Follow specification by improving description of these fields.
Bug: 15156
Change-Id: Ie3cf11db420fff07b4833878d1131d56575ccc22
Reviewed-on: https://code.wireshark.org/review/30459
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add dissection of commands:
- LE Periodic Advertising Create Sync
- LE Periodic Advertising Terminate Sync
- LE Add Device To Periodic Advertiser List
- LE Remove Device From Periodic Advertiser List
- LE Write RF Path Compensation
- LE Set Privacy Mode
Add dissection of command complete events:
- LE Read Periodic Advertiser List Size
- LE Read Transmit Power
- LE Read RF Path Compensation
Misc:
- Corrected identity address type decoding in privacy
related commands
- Corrected PHY decoding in LE Set Ext Scan Parameter
and LE Ext Create Connection commands
- Added decoding of missing LE scan filter policy values
- Units added for time parameters where missing
Change-Id: I8d3fa4571f511df2e128877078609c8d112821dd
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/28302
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
They are in little endian, not big endian.
Bug: 14843
Change-Id: I1680e84bfce9a03eaeeda9e38c84b471fda2bd8e
Reviewed-on: https://code.wireshark.org/review/28116
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add missing BT5 bit fields to HCI LE Set Event Mask
command. Correct displayed field name.
Change-Id: Iacaba69226663e884b60ac5a75470de77317ea92
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/27177
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Devices names from Extended Inquiry Response should be displayed
for BD_ADDRs provided by EIR/AD attribute BD_ADDR, but also HCI layer.
Change-Id: I042960661c29f6a8df13b2dda87e5f9533f4da09
Reviewed-on: https://code.wireshark.org/review/26697
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
build_label_func is a pointer type, pointing to a function that can be
used to generate a label for a "Decode As" entry. There's no need to
have pointers to those pointers; have register_decode_as_next_proto()
take a build_label_func, not a build_label_func *, as its last argument,
assign that value rather than dereferencing it, get rid of unnecessary
casts, and fix the comment in epan/decode_as.h for that argument.
Change-Id: Idc3cf18204c543a2191b122c8129b362562c0ecd
Reviewed-on: https://code.wireshark.org/review/25773
Reviewed-by: Guy Harris <guy@alum.mit.edu>