If Wi-Fi packet is encapsulated in an UDP payload (IPIP tunneling),
then we can use this functionality to decode it as 802.11.
This is intended primarily for [1].
[1] - https://docs.zephyrproject.org/latest/samples/net/capture/README.html
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Build on !13975 to add human-readable descriptions for all heuristic
dissector tables in Wireshark.
Chosen names are meant to give some info on when a heuristic dissector
lookup will be made. Terms like 'fallback' are used when the heuristic
is only consulted if other checks do not result in dissection, for
example.
People with more intimate knowledge of the protocols and dissectors
involved are encouraged to suggest or implement better descriptions.
Fix slot definition subfield format to give an 8 bit slot duration if set to 0, update the 11 bit mask to be 11 bits,
and add a custom formatter to print the slot duration in uS
As requested [here][1], help with removing calls to
`wmem_packet_scope()` in favour of references to `pinfo->pool`.
* Plugins chosen semi-alphabetically.
* When a calling function already has a `pinfo` argument, use that.
* Remove `_U_` from its signature if it was there.
* If a function seems narrowly focused on getting and (possibly)
returning memory, change the function signature to take a
`wmem_allocator_t *`.
* If it seems more focused on packet-based operations, pass in a
`packet_info *` instead and use `pinfo->pool` within.
* Some of the files in this MR still have references to
`wmem_packet_scope()` where it would take significant work to remove.
These will need revisiting later.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
Remove init of proto, header field, expert info and subtree variables.
This will reduces the binary size by approximate 1266320 bytes due to
using .bss to zero-initialize the fields.
The conversion is done using the tools/convert-proto-init.py script.
Initially taken from the Wiki page (including images, compressed
with tools/compress-pngs.py), and expanded to cover lastest additions.
Link the Help button from the 802.11 Decryption Keys UAT to the page.
Fix#11273
Have parse_key_string take a pointer to char* (such as
the one from a uat_update_cb_t) and set the failure reason
when returning NULL. This should be more user friendly than
just "Invalid key format".
Related to #11273
dot11decrypt and packet-ieee80211 don't need to do the same
conversion from string to byte array, and they don't need to
uselessly copy the strings around
parse_key_string does all the validity checking; it doesn't return
a decryption_key_t with a valid type otherwise, so the 802.11
dissector shouldn't waste time checking that.
Just have parse_key_string store the key as a GByteArray.
For WPA with password, that means we store the length instead of
using a null-terminated string, but that's a bonus anyway since
it allows us to handle opaque byte strings with internal NULs, which
802.11 does technically allow.
Also clean up the API a bit by passing a struct to a static
function, making it easier to change later.
Create a public function in `epan/proto.c` to dissect a single MAC-48
address. Encapsulates the name and OUI resolution, and the LG and IG
bit parsing.
Created after observing that `packet-ieee80211.c` does not resolve the
OUI or IG/LG bits for WLAN fields (`wlan.ra`, `wlan.da`, `wlan.sa`,
`wlan.bssid`) the way that `packet-eth.c` does.
This change modifies `packet-eth.c` and `packet-ieee80211.c`
to use the new function.
Add IG/LG bits
Instead of adding a TFS(&tfs_true_false) to every boolean
field, make it the default if "strings" is NULL.
This seems to match the already existing documentation:
If the Boolean field is to be displayed as "False" or "True", the
'strings' field would be set to NULL.
These are all very obvious what was intended, and should be
tvb_new_subset_length() or tvb_new_subset_remaining() instead.
A few of them could throw exceptions (and sometimes the wrong
exception) on packets where the captured length was not the full
reported length, but for most of these this change has no effect
(especially after commit 0c4dcc164b)
This makes it easier to find the calls that need fixing.
packet-ieee80211.c hf_ieee80211_gann_flags_reserved filter= wlan.gann.flags.reserved - mask is all set - this is confusing - set 0 instead! : 0xFF
packet-ieee80211.c hf_ieee80211_he_trigger_bar_info_blk_ack_seq_ctrl filter= wlan.trigger.he.common_info.bar_info.blk_ack_starting_seq_ctrl - mask is all set - this is confusing - set 0 instead! : 0xFFFF
Warning: epan/dissectors/packet-ieee80211.c:24227 proto_tree_add_uint called for hf_ieee80211_he_om_rx_nss - item type is FT_UINT16 but call has len 4
Warning: epan/dissectors/packet-ieee80211.c:24229 proto_tree_add_uint called for hf_ieee80211_he_om_channel_width - item type is FT_UINT16 but call has len 4
Warning: epan/dissectors/packet-ieee80211.c:24233 proto_tree_add_uint called for hf_ieee80211_he_om_tx_nsts - item type is FT_UINT16 but call has len 4
Warning: epan/dissectors/packet-ieee80211.c:24326 proto_tree_add_uint called for hf_ieee80211_he_uph_ul_power_headroom - item type is FT_UINT8 but call has len 4
Warning: epan/dissectors/packet-ieee80211.c:24330 proto_tree_add_uint called for hf_ieee80211_he_uph_reserved - item type is FT_UINT8 but call has len 4
Warning: epan/dissectors/packet-ieee80211.c:24348 proto_tree_add_uint called for hf_ieee80211_he_btc_avail_chan - item type is FT_UINT16 but call has len 4
Warning: epan/dissectors/packet-ieee80211.c:24350 proto_tree_add_uint called for hf_ieee80211_he_btc_reserved - item type is FT_UINT16 but call has len 4
Convert GLib types to their C99 equivalents. Convert the Windows types
in dot11decrypt_interop.h as well and get rid of that file.
Fix a couple of encoding issues.
Ping #19116.
Martin Mathieson