Commit Graph

79670 Commits

Author SHA1 Message Date
Enrique Giraldo 506f1c650f tshark: Unconditionally call extcap_register_preferences
extcap_register_preferences is only called with the -G option
(to dump information) and extcap preferences are not loading,
loading it unconditionally avoids this, as it is done in the
GUI startup.
2021-01-24 02:32:22 +00:00
Stijn Last 9ba1053237 packet-vnc: resolve issues reported by check_typed_item_calls.py
./tools/check_typed_item_calls.py --commits 1 | tee item_calls_check.txt
Examining:
epan/dissectors/packet-vnc.c

epan/dissectors/packet-vnc.c:1289 proto_tree_add_item called for hf_vnc_tight_tunnel_type  -  item type is FT_UINT8 but call has len 16
epan/dissectors/packet-vnc.c:1532 proto_tree_add_item called for hf_vnc_vencrypt_auth_type  -  item type is FT_UINT8 but call has len 4
epan/dissectors/packet-vnc.c:1545 proto_tree_add_item called for hf_vnc_vencrypt_auth_type  -  item type is FT_UINT8 but call has len 4
3 issues found

As explained here:
https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#tight-security-type

The capability consists of a code, a 4 byte vendor string and an 8 byte signature string
2021-01-23 16:07:41 +00:00
Alex Nik b523ae8d74 added the description for Bluetooth devices windows 2021-01-23 07:45:00 +00:00
Vadim Yanitskiy 884158fd24 GSM A-bis/RSL: fix SRR bit dissection in L1 Information IE 2021-01-23 02:24:59 +01:00
Alex Nik c8115695fa description for the Bluetooth ATT server attributes menu 2021-01-22 22:25:35 +00:00
Gerald Combs c69553216e dot11decrypt: Try to fix builds with Libgcrypt < 1.6.0.
Try to fix

    run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_derive_pmk_r1'
    run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_kdf'
    run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_prf'
    run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_derive_pmk_r0'
    run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_derive_ft_ptk'
2021-01-22 21:12:14 +00:00
Alex Nik 18013a8968 added the description for Bluetooth HCI Summary 2021-01-22 20:11:34 +00:00
Gerald Combs bb48a9da99 CMake: Fixup rpmbuild verbosity.
546dc0270c made things too quiet. Pass '-v' to rpmbuild if
CMAKE_VERBOSE_MAKEFILE is set. Don't pass '--quiet'.
2021-01-22 18:57:23 +00:00
Dr. Lars Völker c1527c5d22 SOME/IP: Adding support for filtering parameters
This patch allows each configured parameter to be filtered and
therefore to be used in io graphs as well.

Fixes #17122

Be aware that this patch changes the format of:
- SOMEIP_parameter_list
- SOMEIP_parameter_arrays
- SOMEIP_parameter_structs
- SOMEIP_parameter_unions
2021-01-22 15:11:20 +00:00
Alexis La Goutte 229148a168 ieee80211: Update Reduced Neighbor Report with 802.11ax (WiFi 6)
following tbtt length, there is some field (BSSID, Short SSID, BSS Parameters)
2021-01-22 14:50:26 +00:00
Alex Nik 483021004d added the DHCP statistics description
minor fixes
2021-01-22 14:44:37 +01:00
Stijn Last 9913b8647e packet-vnc: added support for VeNCrypt
Specification:
https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#vencrypt

Has been tested with tigervncserver / xtigervncviewer
with several security types and combinations:

/usr/bin/tigervncserver -SecurityTypes VncAuth
/usr/bin/tigervncserver -SecurityTypes TLSVnc
/usr/bin/tigervncserver -SecurityTypes X509Plain
/usr/bin/tigervncserver -SecurityTypes TLSVnc,VncAuth
2021-01-22 10:41:28 +00:00
Pascal Quantin 1b5df467b6 E1AP: use tcp_dissect_pdus() 2021-01-22 09:03:27 +00:00
Jason Cohen b297afee3e f5ethtrailer: fix low, legacy noise / FCS 0 start
This corrects 2 issues with the detection heuristic for f5ethtrailers
causing trailers to be missed.

Fixes #17171
Fixes #17172
2021-01-22 08:47:45 +00:00
Jaap Keuter d2a6ca780f WSDG: Add section on expert items 2021-01-22 07:36:28 +00:00
Jaap Keuter 13e04a2192 FC ELS: Fix address length of FCWWN address in logout message
Closes #17168
2021-01-21 20:23:58 +00:00
Anders Broman 4eb76c8ee8 E1AP: Dissect E1AP over TCP with a 4 byte length indication. 2021-01-21 16:08:10 +01:00
Dr. Lars Völker cb1bc50774 PTP: Adding support for 32bit timestamp
IEEE 1733 uses a 32bit 802.1AS (gPTP) timestamp in RTCP. In order
to correlate these timestamps to the timestamps in 802.1AS the
following translation is needed:
ts_32 = (ts_s * 10^9 + ts_ns ) mod 2^32

This patch adds suport for this 32bit timestamp in order to allow
analysis of AVB with IEEE 1733 (RTP/RTCP).
2021-01-21 08:34:52 +00:00
Dario Lombardo f7b0f9b2d4 tshark: prevent multiple -T.
Subsequent use of -T option infere to each other
creating strange option combinations. Multiple -T
are not supported, then prevent them.

Fix: #17139.
2021-01-21 07:57:37 +00:00
Joakim Andersson 8da6d6d1cc bluetooth: Add event counter and event counter valid to context
Add event counter and event counter valid variables to the btle context.
This information has to come from the capture context, and the information
is useful to provide context information around LL control procedures with
instant.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2021-01-21 07:22:47 +00:00
Guy Harris df53c21cab Move some variables inside the block where they're used.
They're not used outside a block, so move them inside the block.  Also,
they're set before they're used, so don't initialize them when they're
declared.

This should squelch some unreadVariable warnings from cppcheck.
2021-01-20 19:09:51 -08:00
Dr. Lars Völker 150d138a0d dot11crypt: Fixing bug that breaks build on Windows
Fixes: #17167
2021-01-20 22:15:32 +00:00
Guy Harris f9fc064255 Cast __LINE__ to unsigned int and print it with %u.
No version of ISO C I can find (from C90 to C18) says anything more
about __LINE__ than that it's an "integer constant", with no indication
whether it's signed or unsigned (or whether it's int or long or long
long), so we just cast it to "unsigned int" and print it with %u, as it
would make Absolutely No Sense if it were negative.

This should squelch some invalidPrintfArgType_uint warnings from
cppcheck.
2021-01-20 13:48:08 -08:00
Guy Harris d78d50d5a1 Move some variables inside the block where they're used.
They're not used outside a block, so move them inside the block.  Also,
they're set before they're used, so don't initialize them when they're
declared.

This should squelch some unreadVariable warnings from cppcheck.
2021-01-20 12:45:46 -08:00
Mikael Kanstrup 69aa20669c dot11decrypt: Refactor Dot11DecryptRsna4WHandshake function
The Dot11DecryptRsna4WHandshake has grown unreasonably large. Refactor
the function and break out some functionality into smaller utility
functions to make it easier to understand.
2021-01-20 16:10:12 +00:00
Mikael Kanstrup fbb9056d20 dot11decrypt: Add partial FT-EAP decryption support
Add partial support for decrypting captures with connections
established using FT-EAP. To support deriving keys for FT-EAP
the MSK is needed. This change adds MSK as a valid IEEE 802.11
protocol input key type preference as well.

Note that FT-EAP support comes with the following imitations:

- Keys can only be derived from the FT 4-way handshake messages.
- Roaming is not supported.
2021-01-20 16:10:12 +00:00
Mikael Kanstrup 76932c250a ieee80211: Dissect FTE and MDE with flags and subtrees
To increase readability of IEs used with Fast BSS Transition
dissect FTE and MDE fields with flags and subtrees.

- FT element count is part of MIC control element.
- FT over DS is part of FT capability and Policy field.
- Resource Request Protocol Capability is part of FT
  capability and Policy field.
- Dissect FT subelements with a separate subtree.

Change-Id: Id9bea07234c3314991a75781c59321faa600a0f6
2021-01-20 16:10:12 +00:00
Mikael Kanstrup 2306cbddb9 dot11decrypt: Support decrypting FT initial mobility domain
Add partial support for decrypting captures with connections
established using FT BSS Transition (IEEE 802.11r).

FT BSS Transition decryption comes with the following limitations:

- Only FT-PSK is supported.
- Keys can only be derived from the FT 4-way handshake messages.
- Roaming is not supported.
2021-01-20 16:10:12 +00:00
Mikael Kanstrup 75e90aa4e9 dot11decrypt: Create utility PRF and KDF derive functions
Break out the PRF and KDF functionality from the PMK to PTK
derivation functions and make them separate utility functions
implemented as defined in the IEEE 802.11 standard.

This change is done in preparation for supporting additional
AKMS where the key derivation functions can be reused to derive
other type of keys.
2021-01-20 16:10:12 +00:00
Mikael Kanstrup 8f8e87e384 dot11decrypt: Indentation using whitespace in dot11decrypt_util
Change from tab to whitespace in dot11decrypt_util source and header
files. Add modelines.
2021-01-20 16:10:12 +00:00
Pascal Quantin f64eddfd01 NAS 5GS: fix display of IPv6 interface identifier
Do not use FT_IPV6 as an interface identifier could be wrongly identified
as an IPv4-Compatible IPv6 Address format by inet_ntop() and displayed
as such.
2021-01-20 14:41:12 +01:00
Pascal Quantin b794e4798a NAS EPS: fix display of IPv6 interface identifier
Do not use FT_IPV6 as an interface identifier could be wrongly identified
as an IPv4-Compatible IPv6 Address format by inet_ntop() and displayed
as such.
2021-01-20 14:39:09 +01:00
Alexis La Goutte 3aa64fe819 ieee80211: Update Public Action
From 802.11-2016.pdf (Table 9-307)
2021-01-20 11:40:16 +00:00
Alexis La Goutte 476d2e81ff ieee80211: Add Reduced Neighbor Report (201)
From 802.11-2016.pdf

Close: #17096
2021-01-20 11:23:49 +00:00
Martin Mathieson 3019bc4efc MAC-LTE: Make main disection function static 2021-01-20 10:56:18 +00:00
Alexis La Goutte acf713313e ieee80211: Fix Environnement
When it is not outdoor or indoor environnement (only display hex value)

Close #16910
2021-01-20 10:28:07 +00:00
Guy Harris 5c71955270 Move some variables inside the block where they're used.
They're not used outside a block, so move them inside the block.  Also,
they're set before they're used, so don't initialize them when they're
declared.

This should squelch some unreadVariable warnings from cppcheck.
2021-01-20 01:34:17 -08:00
Guy Harris 05b9e53777 Don't dereference a known-to-be-null pointer.
In dump_dfilter_macro_t(), if the dfilter_macro_t pointer is null, just
give up after printing the message that indicates that.

This should squelch several nullPointerRedundantCheck warnings from
cppcheck.
2021-01-20 01:07:18 -08:00
Guy Harris 28d89773fb Move some variables inside the block where they're used.
They're not used outside a block, so move them inside the block.  Also,
they're set before they're used, so don't initialize them when they're
declared.

This should squelch some unreadVariable warnings from cppcheck.

Fix indentation of a line of code while we're at it.
2021-01-20 00:44:31 -08:00
Guy Harris 97a168747f Move some variables inside the block where they're used.
They're not used outside a block, so move them inside the block.  Also,
they're set before they're used, so don't initialize them when they're
declared.

This should squelch some unreadVariable warnings from cppcheck.
2021-01-20 00:14:19 -08:00
Guy Harris 11b500ce1c Remove redundant assertion.
I guess we used to just have a g_assert() here to check that there was a
subdissector table to which to add the capture dissector, but we now
have a test for a null subdissector table pointer that attempts to
produce a more detailed and more useful error (and to fail only if we've
set the "crash on some otherwise-ignored errors" environment variable).

Remove the assertion, as we've already ensured that, at that point, the
subdissector table pointer is not null.

This should squelch a constArgument warning from cppcheck.
2021-01-19 23:40:31 -08:00
Guy Harris 138041b545 Squelch "Clarify calculation precedence" warning from cppcheck.
For

        A & B ? C : D

put "A & B" in parentheses, to clarify the precedence.
2021-01-19 23:12:03 -08:00
Guy Harris 887cacd12c Don't check whether eth_name_lookup() returned a null pointer.
It never returns a null pointer.

(At least some compilers support decorating function declarations with
indications that they never return a null pointer; hopefully at least
some of them attempt to validate that claim, and report at least a
warning, if not an error, if they can't.  We should look at decorating
functions in that fashion.)

This should squelch a nullPointerRedundantCheck warning from cppcheck.
2021-01-19 21:14:10 -08:00
Guy Harris 64f1d09ef3 Make various max packet sizes unsigned, and clean up from that.
Make some packet size variables unsigned.

Leave some others signed, because they're read with sscanf(), and
sscanf() handles string-to-unsigned conversions in the same crazy way
strtouX() routines do, wherein a leading sign is *not* an error.
Instead, cast them to unsigned after we make sure they're not negative.
2021-01-19 19:02:01 -08:00
Guy Harris 6db087ae4b No need to check for both "not null" and "is space".
The latter implies the former.

Squelches a cppcheck redundantCondition warning.
2021-01-19 17:06:45 -08:00
Guy Harris 793333d039 Make some loop indices private to their loops.
This also squelches a cppcheck unreadVariable warning.
2021-01-19 16:42:39 -08:00
Guy Harris c6d1031328 Squelch duplicateCondition warning from cppcheck.
Put three statements, all executed iff cap_snaplen is true, into a
single if statement.
2021-01-19 16:16:00 -08:00
Guy Harris 6b85987e4a Squelch "Clarify calculation precedence" warning from cppcheck.
For

	A & B ? C : D

put "A & B" in parentheses, to clarify the precedence.
2021-01-19 15:46:10 -08:00
po307ax f92206ab51 Add dissector for Asterix Category 240 v1.3. 2021-01-19 13:42:23 +00:00
Guy Harris 165792fb31 dup() can fail; check whether it does.
If, for example, you run out of file descriptors, dup() can fail, and
ws_dup() is a wrapper around it on UN*X.  Don't just pass the result of
ws_dup() to ws_fdopen(); instead, save its result, check against -1 and,
if it's -1, give up, otherwise pass it to ws_fdopen().

This addresses Coverity CID 1471708.

Also, if ws_fdopen() fails, close the descriptor we got from ws_dup();
this closes a possible FD leak.
2021-01-18 23:31:27 -08:00