In the IEEE 802.11 dissector the conversations concept is (re)used
for tracking associations. The conversations are then used to keep
data that's unique for a certain association, like negotiated AKMS.
Though currently associations are unique per (re)association
whereas conversations are unique based only on src/dest address.
This is problematic for captures with multiple associations with
same STA/BSSI pair.
For example:
Assoc req frame (assoc #1, conversation #1)
Reassoc frame (assoc #2, conversation #1)
Assoc req frame (assoc #3, conversation #1)
To make a one to one mapping between conversations and associations
store an association counter with each frame and use it with the pinfo
srcport/destport fields to build a conversation key:
(src, dest, association_counter).
Bug: 15616
Change-Id: Ie020bdffbcdab4739ee07f73025ef1157c1fc329
Reviewed-on: https://code.wireshark.org/review/32737
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also the MIC inside FT IE is variable length in coming IEEE 802.11
spec. According to IEEE 802.11 spec the MIC length is based on AKMS
negotiated during (re)association phase. This is good as long as
the capture file contains needed assoc frames.
Though if association frames are missing the MIC length is unknown.
As a backup try to use the AKMS found in current frame to
determine MIC length. Handle this logic in a new function like this:
MIC length is detemined by:
1. User overridden MIC length setting
2. AKMS negotiated during association phase (conversation)
3. AKMS from current frame
4. Default 16 bytes length.
Also changes had to be done to the ieee80211_packet_data_t handling.
This structure appears to be used as a temporary storage for data
related to current frame. However data was stored in file scope making
it impossible to know whether data was from current or another frame.
This is fixed by changing to the pinfo pool.
Bug: 15616
Change-Id: I521d440b47d71cbc94cd6c56714d21274c8dd23e
Reviewed-on: https://code.wireshark.org/review/32693
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Formation Information: Connect to Mesh Gate / AS
Reserved bit Capability
Issue reported by Helge Magnus Keck
Change-Id: Icf5337ab45bbf7ce1660b560b5fbc22d11785ec0
Reviewed-on: https://code.wireshark.org/review/32797
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the zero-length array usage to fix warnings reported about
using this extended feature.
Fixes: v2.9.0rc0-2520-g61ccf52107 ("ieee80211: Decrypt and dissect EAPOL
keydata")
Change-Id: I62eceb543e3398db2eee22e12609959e27d684f7
Reviewed-on: https://code.wireshark.org/review/32781
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Issue reported by Helge Magnus Keck
Change-Id: Ide5c4d78f536e55a2eb318506633a4b6273f8014
Reviewed-on: https://code.wireshark.org/review/32789
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reported by Helge Magnus Keck
Change-Id: If0aae0879d52a2516642d162395795c05c28b9b9
Reviewed-on: https://code.wireshark.org/review/32736
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reported by Helge Magnus Keck
Change-Id: Ia96521920b3108f2d5867c9392fd93210ac99d37
Reviewed-on: https://code.wireshark.org/review/32735
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add defines for AKMS and use instead of magic values in code.
Change-Id: Ib40b88836d58b0e16dae9a2eacfdee67344bc6d8
Reviewed-on: https://code.wireshark.org/review/32712
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
FT over IEEE 802.1X (SHA384) is also an FT AKMS so treat it
as such when dissecting the RSN IE. While at it replace the big
if statement with a function.
Bug: 15616
Change-Id: I9abe45a5c70bc062a9d6d8fb97226a3d0cde42b3
Reviewed-on: https://code.wireshark.org/review/32692
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In dissect_compressed_beamforming_and_cqi, break out of a loop if our
bit offset doesn't advance.
Bug: 15553
Change-Id: I6212be4c08c42ef1969c1302e85a8e08f1d7547f
Reviewed-on: https://code.wireshark.org/review/32677
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If the offset for src or dst address is set to 0 it should not be used.
Change-Id: I7ea4da49d5fe33e118bbf4cdf9a241083a0d950f
Reviewed-on: https://code.wireshark.org/review/32600
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for decrypting IEEE 802.11 WPA3-Personal / SAE traffic.
SAE uses AES encryption but a different key derivation function (KDF)
making Wireshark fail to decrypt such captures. Also both KDF and
decryption method is determined based only on EAPOL key description
version. This is not enough to figure out that SAE is being used.
Implement the alternative KDF needed to derive valid PTK. Also
implement a function to parse pairwise + group cipher suites and
auth key management type from RSNE tag. Using this new function
together with a number of new cipher and AKM lookup functions
correct KDF for SAE can be selected.
Bug: 15621
Change-Id: I8f6c917af1c9642c276a244943dd35f850ee3757
Reviewed-on: https://code.wireshark.org/review/32485
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If we go over 31, we get an invalid shift. It's due to malformed
packets. Add an expert info and exit the loop.
Bug: 14770
Change-Id: Icc17831ee23395ed2b0d414af09d86d1d1a6444c
Reviewed-on: https://code.wireshark.org/review/32316
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add dissection of MESH specific bits in QoS control field (bit 8-10).
Use presence of Mesh Control field to determine if this is a MESH
frame.
Bug: 15522
Change-Id: I23ccf0f2ba4f6ae649b2932183c69e886cb4d22a
Reviewed-on: https://code.wireshark.org/review/32084
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Fix regression introduced by '802.11: Dissect locally originated mesh
frames' that prevent to include dissection for Mesh Control field when
QoS Control field is present in the frame.
Bug: 15521
Change-Id: Idb6b0591c245fc5976f03df6e163fc9072dae193
Reviewed-on: https://code.wireshark.org/review/32083
Reviewed-by: cedric izoard <cedric.izoard@ceva-dsp.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissector supports only type 1: AP Name.
Bug: 15415
Change-Id: I64b248137fd2b895b8a0e7c88e48096aad0448d8
Reviewed-on: https://code.wireshark.org/review/31476
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Content of Mesh Peering Management element depends of the type of
self-protected action frame it is included in.
This type was currently wrongly read from the element itself.
To know the type of self-protected action frame when parsing Mesh
Peering Management element it is saved in a new field of the
association_sanity_check_t structure: ampe_frame (AMPE stands for
Authenticated mesh peering exchange).
This field is updated when parsing a self-protected action frame that
is part of the AMPE (i.e. Mesh Peering OPEN, CONFIRM or CLOSE)
Bug: 15499
Change-Id: Ibad4fd77d43542ef867ac2a8ad9f186a1dd6c0f0
Reviewed-on: https://code.wireshark.org/review/32025
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
MIC element is used in Authenticated Mesh Peering Exchange (AMPE)
frames.
The content of the frame after the MIC element is encrypted and
authenticated so don't try to parse it as normal 802.11 element.
Bug: 15499
Change-Id: Iaede048e1c30c5f980e98afb87b099bca531d3d0
Depends-On: I20e7f1e5779934e19464ad86666bfec8ded939e0
Reviewed-on: https://code.wireshark.org/review/32027
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Although the element is simply called MIC it is only used during a
mesh peering exchange (at least as of 802.11-2016) that's why I
associated it to field wlan.mesh.mic
Bug: 15499
Change-Id: I20e7f1e5779934e19464ad86666bfec8ded939e0
Depens-On: Ibad4fd77d43542ef867ac2a8ad9f186a1dd6c0f0
Reviewed-on: https://code.wireshark.org/review/32026
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
It can be annoying to have to manually calculate the number
of tones based on the global bandwidth and the RU allocation.
Do that in the dissector.
Change-Id: I42eb403a91ebacc4fcfaa3e8c3e793a055d2b9f8
Reviewed-on: https://code.wireshark.org/review/31559
Reviewed-by: Emmanuel Grumbach <egrumbach@gmail.com>
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
The TSF values are "normal" numbers, not a bitmap
or anything like that.
Moreover, we often need to add or substract values
from the TSF of a beacon. Change it to be printed in
decimal to make people's life easier.
Change-Id: I01505395fb10538b204a87dd864ac04e29b821e0
Reviewed-on: https://code.wireshark.org/review/31544
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The RU Allocation is really a decimal number and the
standard uses it as a decimal number. It is not a bitmap.
Print it in decimal.
Change-Id: I2f8ff9798aa1af855ad3c8b0a26704282fe18189
Reviewed-on: https://code.wireshark.org/review/31315
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This fix prevents that a BoundsError is thrown in function try_decrypt for
packets with captured length less than packet length. Otherwise, some data
is not dissected.
Change-Id: I0dcd89b85b959f5712ff58b184bfa2e064746d0b
Reviewed-on: https://code.wireshark.org/review/31026
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Type of field wlan.ext_tag.ess_report.ess_info.thresh
must be FT_INT8 instead of FT_UINT8.
Change-Id: Icd1a121832d6a660550023a91d0b732385f68b60
Reviewed-on: https://code.wireshark.org/review/31016
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Correctly print out the AP Tx Power level.
2. The A-Control UL MU Response field was renamed to the TR Response field.
3. Handle padding correctly in the A-Control field.
Change-Id: I33000aa28b9e00ab97ca30d53907685e302c49c2
Reviewed-on: https://code.wireshark.org/review/30918
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Encrypted packets were decrypted two times. One time to scan for
new keys. If no keys were found the decrypted data was simply
discarded. Then later on the packet was decrypted again for
dissection.
Avoid decrypting packets two times by storing the result from first
decryption if no key was found. Skip the second attempt.
Note though that in the special case where a key was actually found
inside an encrypted packet the decryption will still be performed
twice. First time decrypt, discover the key, and return the EAPOL
keydata. Second time decrypt and return the decrypted frame.
Change-Id: I1acd0060d4e1f351fb15070f8d7aa78c0035ce39
Reviewed-on: https://code.wireshark.org/review/30568
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Decrypt EAPOL keydata information and have it dissected with the
ieee80211 dissector.
This is achieved by letting the Dot11Decrypt engine retrieve the EAPOL
keydata decrypted while extracting the GTK during 4-way handshake.
The ieee80211 dissector then stores the decrypted data in packet proto
data so that the wlan_rsna_eapol subdissector can retrieve it for
dissection.
Change-Id: I2145f47396cf3261b40e623fddc9ed06b3d7e72b
Reviewed-on: https://code.wireshark.org/review/30530
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is only the new IEs and one new Extension Frame type
Change-Id: If55fbf205735f657352c8f21b22fa0858ae183f0
Reviewed-on: https://code.wireshark.org/review/30519
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix up some comments while we're at it.
Bug: 15203
Change-Id: I1d8ab71f618a74bbf0625eb89eb836c48200b5dd
Reviewed-on: https://code.wireshark.org/review/30401
Reviewed-by: Guy Harris <guy@alum.mit.edu>
MIC length is determined automatically for OWE and multiple MIC lengths per session are supported.
Bug: 15215
Change-Id: Ie655fbd3fdc8555df430d4dc8a0081e169150c28
Reviewed-on: https://code.wireshark.org/review/30246
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Include some new tags from 802.11ai
- Support authentication messages using FILS authentication
- Determine MIC length automatically
Bug: 15210
Change-Id: I21a6c8df0a4f0429f8d900f32f0e95ace126d4e6
Reviewed-on: https://code.wireshark.org/review/30232
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Groups in the SAE exchange are named
- The SAE message type is included explicitly (Commit or Confirm)
Bug: 15197
Change-Id: I8d95dd1603bbb8f46675ec66d60fd0b187787803
Reviewed-on: https://code.wireshark.org/review/30127
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add new value (used by WPA3)
Issue reported by Philipp Ebbecke
Bug: 15168
Change-Id: Iff4a7332dfc57226b191ec34319f0b7a78e30ede
Reviewed-on: https://code.wireshark.org/review/30040
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Unregistered etts will lead to an assertion/abort when used.
Change-Id: I0322559358b1e286666322fef093e5b5123253a1
Reviewed-on: https://code.wireshark.org/review/30018
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
and following packet order for field
Change-Id: I724f3d87e02d182021e53eb9f78644420843e593
Reviewed-on: https://code.wireshark.org/review/29936
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For Data frames with ToDs=1|FromDS=1 and a Frame body containing A-MSDU,
the Addr3 and Addr4 fields are not Destination/Source addresses (DA/SA),
but BSSID/BSSID. Use the RA/TA fields for the Hw Dest/Src columns and
add another BSSID field for Addr4 (should match Addr3, but in theory the
wire format could have different values).
While at it, fix the A-MSDU case for other cases to match 802.11-2016
Table 9-26 Address field contents. The "Short A-MSDU" case as used by
DNG STAs are not handled here though.
Tested against a capture with MSDU frames (all but ToDS=1|FromDS=1) and
the test case from the linked bug.
Bug: 15144
Change-Id: Ic832d7cd7b8e05a1408353cb79c07efed0fb19cc
Reviewed-on: https://code.wireshark.org/review/29935
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the new elements introduced for OWE:
- OWE DH Parameter in the association request/response as specified in RFC 8110
- OWE Transition Mode element as specified in "Opportunistic Wireless Encryption Specification version 1.0" by the WiFi Alliance
Bug: 15146
Change-Id: I9b6c6de459899ce28c909bf79bdde431e50679c9
Reviewed-on: https://code.wireshark.org/review/29850
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Mixing 32-bit and 64-bit value_strings could lead to a crash.
Change-Id: Iedfae66103046a478ce5198416247d256dc1840e
Fixes: v2.9.0rc0-1769-gad6eb33684 ("WIP:ieee80211.c: Add support for D3.0 of 802.11ax")
Reviewed-on: https://code.wireshark.org/review/29749
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Some of the bits were parsed as a bit of a WORD, and others as
a bit of BYTE leading to a bug in the display.
Bug: 15133
Change-Id: Ie6877c4a4a79fcc802afec49436370cf22a6bfae
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Reviewed-on: https://code.wireshark.org/review/29633
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The ieee80211ax D3.0 support got merged accidentally with some issues.
This fixes the remainder of those issues.
Change-Id: I2a3a427e04cb1dca076fd761458de92d4d5e0df2
Reviewed-on: https://code.wireshark.org/review/29602
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This changeset merges in the changes that have been tested in a resent
test event at the WFA. It will not dissect older D2.x packet captures.
Change-Id: Id38a27a61a6a2a083575448e5c59a8e190827e6d
Reviewed-on: https://code.wireshark.org/review/29512
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Srsly, you're fetching a *two-byte* value, might as well say "2" -
either sizeof(guint16) is guaranteed to be 2, in which case you might as
well just use 2, or it's *not* guaranteed to be 2, in which case you
*have* to use 2, because a value other than 2 is invalid.
Change-Id: I9da8dc66d3a77e98cb0a0a5501655594c509eb87
Reviewed-on: https://code.wireshark.org/review/29585
Reviewed-by: Guy Harris <guy@alum.mit.edu>
... Use of an unregistered ett leads to an abort.
Inspired by I3ee2f557ace1643dfba5a978add66c3c7ba7d895. Some day I should get
the ett_ registration checking code in checkAPIs ready for prime time...
Change-Id: I69162d4bcec571e6a517a107ac365aa78bfe8d25
Reviewed-on: https://code.wireshark.org/review/29474
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In some cases we are including the FCS in the next TVB which can screw
up dissection.
Change-Id: Ie721a9ca169828f99d2aef4bd1e1762d06a14070
Reviewed-on: https://code.wireshark.org/review/28848
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These elements were folded into 802.11-2012 and thus are also in
802.11-2016.
The code was contributed by George Baltatanu with some minor changes
by me.
Change-Id: Ieea61dea9d333a43dded16d7634c7fc325374e8e
Reviewed-on: https://code.wireshark.org/review/29283
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is still not very clear how to parse the element, so
focus only on the Unicast TWT for now.
This should be useful for the short term.
Ping-Bug: 15009
Change-Id: Ia589b170966e329ce051845553841a9fb80fcd5f
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Reviewed-on: https://code.wireshark.org/review/28857
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Target Wake Time has been added 11ah but is enhanced in 11ax.
Start to implement the parsing of TWT elements based on
ieee80211ax/D3.0
Since TWT is defined in 11ah, it uses the S1G (sub 1 Giga Hertz)
Action Frame Category. Add the boiler plate code to parse those.
An S1G Action frame can have different actions, add them all,
but only parse TWT teardown for now, the other TWT actions will
come later.
Ping-Bug: 15009
Change-Id: Id645a666d06658dbdc6cb460c79b38a65ad2ae81
Reviewed-on: https://code.wireshark.org/review/28829
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The channel and the mode are easier to read as a decimal
number.
Change-Id: Ia34901cb7e799ab1fbee3bd754b488f84c20274a
Reviewed-on: https://code.wireshark.org/review/28876
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The MIKROTIK OUI is actually allocated to Routerboard and should be considered
as such. The IE is utilized by Routerboard, Ubiquiti, Mikrotik, and other
Routerboard derivative device types. Added subtype1 dissection which contains
data element carrying descriptive info no the network, device, or model info.
Bug: 14925
Change-Id: Ic7c091877d5c5eb12a51b17dbd8761efdf242f9c
Reviewed-on: https://code.wireshark.org/review/28510
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
As, fields are hidden items the discrepencies go unnoticed in the Wireshark
tree, however when printin in tshark the displayed fields are inccorect as the
wrong tvb is passed during dissection.
Bug: 14908
Change-Id: If06618b67040b631f153d3e2609583fecc56b5b2
Reviewed-on: https://code.wireshark.org/review/28445
Reviewed-by: Jeremy Martin <boardermartin@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Mesh frames that are originated at the host where traffic is captured
may have no QoS header, as it is typically added by the wlan firmware.
The dissector was using a bit on that header to indicate the presence of
a Mesh Control Header, and so locally originated mesh frames were
incorrectly dissected.
When QoS header is missing, look ahead into the next header to determine
if a mesh control header is present.
Tested on mesh traffic captured on a monitor interface on ath10k.
Bug: 14629
Change-Id: I64169f9dea79518c8af802f045168180861e9081
Reviewed-on: https://code.wireshark.org/review/27156
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
If you're reporting an error, use an expert info item.
If you're putting a structure into the protocol tree, use FT_NONE for
the structure as a whole.
Change-Id: Ie89b552576b15195acb0a9108d33430115d99f00
Reviewed-on: https://code.wireshark.org/review/28024
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use proto_tree_add_boolean(), not proto_tree_add_uint(), for FT_BOOLEAN
fields.
Change-Id: I00c8da977dcb2d232d6837bd58137e7aebe0ca7f
Reviewed-on: https://code.wireshark.org/review/27837
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix a bunch of copy-and-pasteos, incorrectly using
proto_tree_add_bits_item().
Fix bitmaps to reflect the bit counts.
Show the top-level fields with appropriate zero padding.
Use the appropriate field widths and fix the bit masks.
Change-Id: I8fa34246710dc835f2b30a1af94b997f4ffb10bf
Reviewed-on: https://code.wireshark.org/review/27827
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a heuristics dissector list for 802.11 data frames. With this
a heuristics dissector can be registered with "wlan_data" to
retrieve the raw data portion of 802.11 data frames.
Subdissectors can then either perform heuristics directly on
the frame data content or (via parent wlan fields) on frame
header to determine whether it's the protocol of interest.
Change-Id: I8466236835a2d524ccab5c6ebfafefad08ea2d0e
Reviewed-on: https://code.wireshark.org/review/27641
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The recent changes to support the current 22-byte DMC Capabilities IE
defined in IEEE802.11-2012 prevents Wireshark from handling frames
in the earlier format.
This change allows Wireshark to dissect both the earlier and current
formats but gives an error if the IE does not have a length of 22.
The error could perhaps be demoted to a warning.
Also made a minor correction to the header fields to conform with
other uses.
Bug: 14727
Change-Id: I3dc333b273f915fa5f5f4cc5c13c1b84863b6713
Reviewed-on: https://code.wireshark.org/review/27782
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissector supports only type 33: Host Name.
Change-Id: I90fe19494ce8e1ea209af56162b31711f3f7619c
Reviewed-on: https://code.wireshark.org/review/27757
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
People still want to search on the non-broken out fields.
Change-Id: Ibb68d9d335abc5b409ed99044ac2e895d672a174
Reviewed-on: https://code.wireshark.org/review/27760
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
extend DMG capabilities element as per IEEE 802.11-2016 spec.
Change-Id: I087c6811399d64e19a2ff0d52b62499a5641940c
Reviewed-on: https://code.wireshark.org/review/27716
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
as per IEEE 80211-2016: table 9-236, the encoding for
allocation type is (bits 6, 5, 4)
0 - SP allocation
1 - CBAP allocation
Change-Id: Ibe396aee7bd40f573f8e39769aebfe1a610a1c16
Reviewed-on: https://code.wireshark.org/review/27700
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Feedback from the recent test event showed that the code for Multi-STA
block acks did not exist, searching for indovidual MCS set produced
confusing results and A-Control was not correctly handled.
This contains fixes for each of those.
Bug: 13207
Change-Id: I4b18497d9e7642e370d0b6bb34e2180bacea8b8e
Reviewed-on: https://code.wireshark.org/review/27655
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
fix a few typos related to 802.11ad
1. 802.11-2016 changed the acronym from ECPAC to ECAPC
2. dmp_params to dmg_params
Change-Id: I4e3bc02cdceff826ab334bc93ebfb008c5041f74
Reviewed-on: https://code.wireshark.org/review/27643
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There were a few undissected fields in the VHT MCS Set and some of the fields
were not being placed under the correct sub tree.
Change-Id: I0dc4be1b69d371f59cc74fa06205a3cba2a65c54
Reviewed-on: https://code.wireshark.org/review/27385
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fix compilation error:
.../wireshark/epan/dissectors/packet-ieee80211.c:2641:27:
error: ‘ht_info_service_interval_granularity_flags’ defined but not used
[-Werror=unused-const-variable=]
Change-Id: I0e6e8a46b2bd58923847220f675fe6e4d6a34aef
Reviewed-on: https://code.wireshark.org/review/27498
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The HT Information element has changed since IEEE802.11n. This updates
that element to bring it in conformance with IEEE802.11-2016.
Change-Id: Ifa380b9a4dee00e0b2f07f5aabb6a18579aa8f71
Reviewed-on: https://code.wireshark.org/review/27371
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If a variable is a count of items, and we're looping while the count is
non-zero, we need to decrement it after every item we process.
Fixes Coverity CID 1435501.
Change-Id: Iabb0cb6276d4bcf4b1bdea9ec3ba943dac1b9938
Reviewed-on: https://code.wireshark.org/review/27402
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A number of mistakes have been found now that captures are available.
Change-Id: I883d71439f407ab9d90be878c9f52a5a300b9c8c
Reviewed-on: https://code.wireshark.org/review/27192
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add 8-bit, 16-bit, 24-bit, and 32-bit "fetch signed value" routines, and
use them rather than casting the result of the 8/16/24/32-bit "fetch
unsigned value" routines to a signed type (which, BTW, isn't sufficient
for 24-bit values, so this appears to fix a bug
in epan/dissectors/packet-zbee-zcl.c).
Use numbers rather than sizeof()s in various tvb_get_ routines.
Change-Id: I0e48a57fac9f70fe42de815c3fa915f1592548bd
Reviewed-on: https://code.wireshark.org/review/26844
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This change further extends the fix for bug 14593 by making sure the
values min, max values shown in the item's info text match the
item's children values.
Change-Id: Ibac39e1f21a892a02753c3cf1604ed3b14eadc52
Reviewed-on: https://code.wireshark.org/review/26832
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix some formats to print unsigned values with %u while we're at it.
Change-Id: If4a8793c77d4fbff0dd19f17e31cd18107db02ba
Reviewed-on: https://code.wireshark.org/review/26810
Reviewed-by: Guy Harris <guy@alum.mit.edu>
To quote IEEE Std 802.11-2016, section 9.4.2.15 "Power Capability
element":
The Minimum Transmit Power Capability field is set to the nominal
minimum transmit power with which the STA is capable of transmitting in
the current channel, with a tolerance B1 5 dB. The field is coded as a
signed integer in units of decibels relative to 1 mW. Further
interpretation of this field is defined in 11.8.4.
The Maximum Transmit Power Capability field is set to the nominal
maximum transmit power with which the STA is capable of transmitting in
the current channel, with a tolerance B1 5 dB. The field is coded as a
signed integer in units of decibels relative to 1 mW. Further
interpretation of this field is defined in 11.8.4.
Bug: 14593
Change-Id: Ibc4e4a11d71ac1894d03d33f5762a7b0d1d70085
Reviewed-on: https://code.wireshark.org/review/26804
Reviewed-by: Guy Harris <guy@alum.mit.edu>
QoS Queue Size is only applicable when To DS is true and for QoS Data,
QoS Null and QoS Data+CF-Ack frames.
Based on a reasonably careful reading of IEEE802.11-2016.
Change-Id: I16e7e7f4d0f3336e7d05c5f4f9c80179d514ec19
Reviewed-on: https://code.wireshark.org/review/26212
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
In previous versions of Wirkshark it was possible to filter on the PLMN
value in total because the sub-fields were not broken out. This restores
that capability for those who depended on it (WFA, I'm looking at you.)
That is, a filter like:
wlan.fixed.anqp.3gpp_cellular_info.plmn_info == 0x206013
would work but it does not currently work. This restores that filter.
Change-Id: I2eb6eb7f47fb0246effaea0412a3d6ffcbcd61aa
Reviewed-on: https://code.wireshark.org/review/26645
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using a 32bit value string triggers the assertion in
hf_try_val64_to_str().
Bug: 14560
Change-Id: Ief3f46ee60355f43d2fb5f210608fde21be8d41d
Reviewed-on: https://code.wireshark.org/review/26633
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That dissector expects to be handed an 802.11 pseudoheader; the GRE
dissector passes the flags and version from the GRE header to
subdissectors registered in the gre.proto table, so they'd better either
expect the flags-and-version structure or ignore the pseudoheader. (For
802.11, the pseudoheader has radio information, but that's not available
from GRE.)
Use the no-FCS 802.11 frame dissector instead.
Bug: 14544
Change-Id: I6515901dc3674eb36ec768fa4f9a7a4040a78365
Reviewed-on: https://code.wireshark.org/review/26560
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it clear than the two entites, the MCC and the MNC are related
to each other and mirrors an earlier way of displaying the info. At a later
time we could print out the operator name as well. Eg, USA Verizon or
whatever next to the PLMN as well.
Change-Id: I6fef38a4e502514fdd78f69ffe650b6337f84cc9
Reviewed-on: https://code.wireshark.org/review/26491
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This bring the IEEE802.11 dissector further into conformance with the
HS2.0 spec.
I have concerns at how complex the handling of
dissect_advertisement_protocol_common has become.
I also have some bugs reported by the WFA to deal with.
Change-Id: I69caca7d568562b752a70e5f73a7fa395364bc23
Reviewed-on: https://code.wireshark.org/review/26279
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
George Baltatanu noticed some issues, including subtrees in the wrong
place, some spelling errors, bit display order, etc.
Change-Id: I7e30e0e27e302bdd2b870a2bb01e7926336b413e
Reviewed-on: https://code.wireshark.org/review/26188
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Thomas Derham pointed out that there was a problem with my changes
and supplied a fix. The pronblem was that I was fetching important info
after offset had moved on. This change is slightly different but works for
Thomas.
Change-Id: I45862b87f3d9626285111dab83a0067d3d529ab2
Reviewed-on: https://code.wireshark.org/review/26162
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Our 802.11 decryption code isn't tied to any specific product. Change
the file and API names to dot11decrypt.
Change-Id: I14fd951be3ae9b656a4e1959067fc0bdcc681ee2
Reviewed-on: https://code.wireshark.org/review/26058
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove an unused hf entry.
Remove an unused true_false value string.
Fix an indentation so that the compiler does not think backets are missing.
Change-Id: Id6c0597b68674fd17f750379f941698d72b0cbba
Reviewed-on: https://code.wireshark.org/review/25986
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Here we have dissected much of the Common Info and the user info but there
are still things to fix.
This set also refactors the block ack handling code so I can use it from
the HE Trigger dissection code. We have enough to use in Trigger requests
I think but there are still new block ack requests to be dealt with.
Also refactored the VHT NDP Announcements so we can handle HE NDP
annoucements and added some custom handling of Target RSSI fields.
Many thanks to George Baltatanu who has found many issues along the
way with his testing.
Change-Id: Ia41e1153d7331d24b8ae0b6871935f4fa806d188
Reviewed-on: https://code.wireshark.org/review/25685
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That makes it much clearer what's being done here; it matches what the
802.11ac spec actually says (we have an array of bits and an array of
2-bit items).
Clean up indentation while we're at it.
Change-Id: I8a4640662c54d6a2621990df778fd2d2c2695b78
Reviewed-on: https://code.wireshark.org/review/25914
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The reserved bit positions should match the bit positions of the fields
that are reserved. Also, the hf_he_srg_information_present bit was nibble
reversed.
Errors found by George Baltatanu.
Change-Id: I218ff9aa7bdabc4ec6e470c3ef1be230ce341b34
Reviewed-on: https://code.wireshark.org/review/25760
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These were initially coded incorrectly. The problem was found by
George Baltatanu and a fix supplied by him.
Change-Id: I1de86ca7c5428efbcdd0fb39244a1cafbbcd32ab
Reviewed-on: https://code.wireshark.org/review/25724
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes/improves a few filter identifiers, typos, consistent
use of MHz (as opposed to Mhz), and fixes to the MCS map trees
in the HE Capabilities tag.
Change-Id: I5c761990237ccc241d95fb0b9b2d3f8f1263b460
Reviewed-on: https://code.wireshark.org/review/25530
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Handle the Estimated Service Parameters tagged element and the Future
channel guidance one. The second may need more work in future.
These are defined in IEEE STD 802.11-2016 but may have been defined earlier.
Change-Id: I1c67a0ea6df9c1cc89bb3a34da921f3938e0a012
Reviewed-on: https://code.wireshark.org/review/25407
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
offset was not used after increment/assignment, just return it to relax clang.
Found by clang scan.
Change-Id: I21dece4e31075ca2da8d3ba942336fb4858636b6
Reviewed-on: https://code.wireshark.org/review/25419
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
This is based on Draft 2 of the standard. Draft 2 did not get approved, but
is close to what the final version will be and support is needed now by the
teams working on this.
Change-Id: I837df05a288b815e1e455883f4f165721104d51f
Reviewed-on: https://code.wireshark.org/review/24861
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows the user to override the EAPOL Key MIC length for those
crypto suites where the Key MIC length is greater than 16 bytes.
This works in the DPP case where the Key MIC length is supposed to be the
same as the Nonce length.
Change-Id: I8ef6bc978e0a44ece0e95d76b231a02c7f15c89b
Reviewed-on: https://code.wireshark.org/review/25332
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since the message number isn't explicitly encoded in the protocol there
is no field to filter on. It is however derived from the message
contents and added in the info column.
Adding this as a generated field allows searching for and filtering of
these messages.
As requested before, last at SF'17 EU.
Change-Id: Id77612f0178710d30ea815335b0a54339d5d7b2c
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25257
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some compilers are more picky than others and I eliminated the use of a
value_string array that I should not have in reorganizing the Extended
Capabilities info.
Change-Id: I1dcb09bf9f8df69445ebde8b88897482ddd1fa82
Reviewed-on: https://code.wireshark.org/review/24984
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
packet-ieee80211.c:2326:27: error: ‘vht_max_mpdu_in_amsdu’ defined but not used [-Werror=unused-const-variable=]
static const value_string vht_max_mpdu_in_amsdu[] = {
Change-Id: If4cc416b7fe92dc7915e26d2d89abaa17b081c09
Reviewed-on: https://code.wireshark.org/review/24977
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
This change handles both 8-byte and 9-byte extended capabilities fields
by handling them as an 8-bit field if there are only 8 bytes, but handling
them as a 16-bit field if there are 9 bytes. This is because one field
straddles the bytes, but I have seen captures where only 8 bytes are
present.
Change-Id: I624fe34dd9c8ba7f25a451a172048897d867fcb5
Reviewed-on: https://code.wireshark.org/review/24971
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A number of the bits have become reserved and what were reserved fields now
have meaning.
I will have to deal with bytes 8 and 9 differently because there is a 2-bit
field that spans those two bytes now, but it is clear some STAs don't include
byte 9. If not included those two bits probably have no meaning.
Change-Id: I5ea17d7d6710a693f9153a3370813dbb3ae01fa1
Reviewed-on: https://code.wireshark.org/review/24887
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These items are now in 802.11 2016 so they are no longer draft items.
Change-Id: I89b694f30700e08d9edc2e3707f36f8cf30dd0f2
Reviewed-on: https://code.wireshark.org/review/24877
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
IEEE802.11-2016 standardized those bits, so it's no longer a draft standard.
I am slowly getting these things correct as I prepare for support for
IEEE802.11ax D2.0.
Change-Id: I3fc4497f2b85bae78043b9fd997379a44898f3db
Reviewed-on: https://code.wireshark.org/review/24860
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I857cdcc3a15cd01c3b5cc7e31be043048ef5f1ed
Reviewed-on: https://code.wireshark.org/review/24784
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissect the Venue URL element. More to come.
Change-Id: I64330b3f90f9f6222df0fb00d3ea277f59424e98
Reviewed-on: https://code.wireshark.org/review/24776
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
SAE authentication (used for mesh-point) introduced new non IE
fields (aka fixed size fields) that require explicit parsing.
The tricky part is that some of those fields don't have a fixed size...
- 'scalar' and 'finite field element' size depend of the group used.
Retrieve size of all groups supported by wpa_supplicant.
- 'anti-clogging token' size is not specified.
Bug: 14222
Change-Id: Id0aa8790c55b21b2797ba131de9e46c32519e2cc
Reviewed-on: https://code.wireshark.org/review/24446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Presumably the element length is unsigned, otherwise it can be negative
and reincrement tag length.
Bug: 14231
Change-Id: I26d339aea7588a489b4252b67c212810029bff0e
Reviewed-on: https://code.wireshark.org/review/24472
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The DTPC value is in dBm, so make it so.
There is a second byte that we are looking for a spec on.
Bug: 14193
Change-Id: I69f0af295954958fde38b74e965f6fb66063513b
Reviewed-on: https://code.wireshark.org/review/24322
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Introduce a dissector table and fix a bug so that it now works
by calling through a dissector table.
Change-Id: Ifa3f01b3f306101b3144604a51806eaccc436373
Reviewed-on: https://code.wireshark.org/review/24319
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ie4785376eae278713e998e23c96d8435e4dc07f2
Reviewed-on: https://code.wireshark.org/review/23526
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
fix dissection of the actual measurement pilot interval. It is an
8-bit field according to IEEE802.11 2016.
Change-Id: I44c9a732ae3074e865f7ad63b554f7a031542e5a
Reviewed-on: https://code.wireshark.org/review/24257
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Follow up to having conversions use endpoint_type instead of
port_type.
Change-Id: Ifd59a33bd8b9a013c242bce5fcceb09533f02c17
Reviewed-on: https://code.wireshark.org/review/24172
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
commands not being searchable.
Change-Id: I28cf212b3eacb16572ce9d1ff2dbf45040046b00
Reviewed-on: https://code.wireshark.org/review/24069
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modeled after BASE_PT_XXX, this will format a FT_UINT24 to look a OUI, in the form of:
XX:XX:XX (Manufacturer Name) for display.
For display filtering, it will treat the value as hexadecimal.
It requires that FT_UINT24 be the field type.
Change-Id: I8716ae4dfcd4e854764a2425e2ff13c50f571d52
Reviewed-on: https://code.wireshark.org/review/23869
Reviewed-by: Richard Sharpe
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I4f3af7e06169461a15507ed8ecce8f15075b9667
Reviewed-on: https://code.wireshark.org/review/23835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The IEEE Std 802.11ai-2016 and 802.11-2016 defines Element ID Extensions.
This patch add the dissector framework of it.
Change-Id: I47b21959cc115743d6b2f0c691bc41f3059d45cd
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Reviewed-on: https://code.wireshark.org/review/23577
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The IEEE Std 802.11ai-2016 defines new algorithm number for FILS(IEEE 802.11ai)
at "9.4.1.1 Authentication Algorithm Number field" section.
Change-Id: I4351682d38efab2727e3a36741fe2f49508bba14
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Reviewed-on: https://code.wireshark.org/review/23576
Reviewed-by: Michael Mann <mmann78@netscape.net>
Using GCC version 7.1.1.
Change-Id: I7447a48fc97efb1eb15a016a29165f69d37f40a6
Reviewed-on: https://code.wireshark.org/review/23399
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Mikael Kanstrup