osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
wireshark/test
History
Aurelien Aptel 95a37ff2fe SMB2: allow users to give decryption keys directly 
Previously users could only give a session key via

    uat:smb2_seskey_list:<id>,<seskey>

which was used to generate the decryption keys, as long as the trace
contained the session establishement.

Users have often asked about how to decrypt traffic captured in the
middle of an existing session but this wasn't possible.

This commit extends uat:smb2_seskey_list with 2 extra columns to store
decryption keys so that traffic can be decrypted at any point of the
session.

This has the side effect of changing the current syntax from:

    ... -o uat:smb2_seskey_list:<id>,<seskey>

To:

    ... -o 'uat:smb2_seskey_list:<id>,<seskey>,"",""'

(make sure the quoting is right)

Change-Id: I810d464b6f3e749de39b4428d73e0d6be29f3152
Reviewed-on: https://code.wireshark.org/review/36135
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
 		2020-02-23 06:12:32 +00:00
..
baseline IPv4: Use FT_UINT8 for the 3 bits flags field 2020-01-24 18:56:09 +00:00
captures test/suite_decryption: Add WPA3 SuiteB-192 bit test 2019-11-14 08:28:00 +00:00
config test/suite_decryption: Add WPA3 SuiteB-192 bit test 2019-11-14 08:28:00 +00:00
keys Add support for RSA decryption using PKCS #11 tokens 2018-12-29 10:40:16 +00:00
lua wslua: Fix memleak of unregistered ProtoField strings 2019-10-28 15:05:54 +00:00
suite_dfilter dfilter: fix memory leaks on dfilter compile errors involving a set 2019-01-28 11:09:35 +00:00
suite_dissectors Unit tests for ASTERIX I048 2019-01-11 18:35:29 +00:00
README.test eth: add dst and src specific local/group fields 2019-08-01 07:33:17 +00:00
conftest.py Test: enable capture tests by default using the Loopback interface 2019-01-24 00:26:17 +00:00
fixtures.py test: add support for pytest 5.2.0 2019-10-02 09:59:39 +00:00
fixtures_ws.py Test: Bump the WireGuard Gcrypt version requirement. 2020-02-18 23:33:29 +00:00
hosts.custom Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
hosts.global Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
hosts.personal Continue to remove $Id$ from top of file 2014-03-31 18:48:06 +00:00
matchers.py test: extend sharkd tests to cover all requests 2018-11-21 04:36:20 +00:00
sampleif.py test: fix sampleif.py on weird systems using Python 3.6 and older 2019-04-16 03:28:43 +00:00
subprocesstest.py test: add suite_extcaps. 2019-12-17 13:59:17 +00:00
suite_capture.py test: skip some tests on big endian machines. 2019-08-03 20:45:51 +00:00
suite_clopts.py elastic: make fields all the same. 2019-05-14 16:16:57 +00:00
suite_decryption.py SMB2: allow users to give decryption keys directly 2020-02-23 06:12:32 +00:00
suite_dissection.py Qt, http2: Add Follow HTTP/2 Stream functionality 2019-09-22 05:29:30 +00:00
suite_extcaps.py test: fix extcap_name fixture and skip test. 2019-12-20 22:25:31 +00:00
suite_fileformats.py editcap: warn when --inject-secrets is given a RSA private key 2019-02-05 15:36:40 +00:00
suite_follow.py test: use assertRun instead of runProcess where possible 2018-11-30 06:11:06 +00:00
suite_io.py test: use assertRun instead of runProcess where possible 2018-11-30 06:11:06 +00:00
suite_mergecap.py test: use assertRun instead of runProcess where possible 2018-11-30 06:11:06 +00:00
suite_nameres.py test: use assertRun instead of runProcess where possible 2018-11-30 06:11:06 +00:00
suite_outputformats.py test: fix comment. 2019-12-14 18:15:19 +00:00
suite_release.py Test+Qt: Add an automatic update check. 2020-02-15 11:13:25 +00:00
suite_sharkd.py epan/to_str: change MAX_BYTE_STR_LEN from 48 to 72 2020-01-26 19:31:34 +00:00
suite_text2pcap.py text2pcap: allow to set interface name 2018-12-13 23:33:32 +00:00
suite_unittests.py test: convert capture tests to use fixtures, fix tests without dumpcap 2018-11-16 13:55:28 +00:00
suite_wslua.py tests: Skip Lua related tests when Lua is not present 2019-01-28 21:03:04 +00:00
test.py Test+Qt: Add an automatic update check. 2020-02-15 11:13:25 +00:00
travis-upload-artifacts.sh test,travis: dump a screenshot for hanging GUI tests 2019-01-24 00:26:22 +00:00
util_dump_dhcp_pcap.py Dumpcap+Qt: Add support for `-a packets:NUM` and `-b packets:NUM`. 2018-11-09 05:55:11 +00:00

README.test 

Wireshark Tests

The recommended steps to prepare for and to run tests:

* Install two Python packages, pytest: `pip install pytest pytest-xdist`
* Build programs (“wireshark”, “tshark”, etc.): `ninja`
* Build additional programs for the “unittests” suite: `ninja test-programs`
* Run tests in the build directory: `pytest`

Replace `ninja test-programs` by `make test-programs` as needed.

See the “Wireshark Tests” chapter of the Developer's Guide for details:
https://www.wireshark.org/docs/wsdg_html_chunked/ChapterTests.html

If you need to update the baseline files use the following commands (on a Linux system)
mkdir ~/.config/wireshark/profiles/ctest
TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap > test/baseline/dhcp.ek
TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T json -r test/captures/dhcp.pcap > test/baseline/dhcp.json
TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T jsonraw -r test/captures/dhcp.pcap > test/baseline/dhcp.jsonraw