Fix some errors in the parsing of the CAggregSpec structure, see
2.2.1.24 in the MS-WSP specification.
Change-Id: Ib281c10ab897e5c0282aa1b0d304df97a2fd14a3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/20036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Fix display of CTableColumn.StatusUsed & CTableColumn.LengthUsed
Both StatusUsed and LenghtUsed members were displayed as 2 byte length
values instead of single byte values.
2. Fix minor spelling mistake
3. display correct address(s) for array of address values
4. Use correct minimum CTableColumn size
This is followup patch for patch already provided for bug 13299.
The previous minimum value neglated to take into account the
CFullPropSpec structure (which is on the wire) but is represtented
as a string in the internal CTableColumn structure. Note: this doesn't
make any difference to the effectiveness of the previous patch but should
avoid confusion if someone later actually investigates the correct minimum
size.
5. Fix CPMCREATEQUERY message parsing
Following a query and subsequent clarification from dochelp@microsoft.com
the MS-WSP specification document was found to be incorrect.
CPMCreateQueryIn
|
---> CSortSet
should instead eventually point to CSortSet via the following msg structure
CPMCreateQueryIn
|
---> CInGroupSortAggregSets
|
---> CInGroupSortAggregSet
|
---> CSortSet
Change-Id: I7da6c7db817113f5542f25f078626030ad30d737
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/20031
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mimic functionality of g_hash_table_get_keys
Change-Id: I7702854ed771a5b3bf7ea5295a67c42f0f477cdf
Reviewed-on: https://code.wireshark.org/review/20039
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mimic functionality of g_hash_table_steal
Change-Id: Iaf4aeef951b60934569143b2d119f782aeefe380
Reviewed-on: https://code.wireshark.org/review/20038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Note that although some of the controls have been removed from the
protocol in upstream CTDB versions they are still present here in order
to dissect older protocol variants.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Change-Id: I67d8f69a7e920f4b1eeed21caab4d2b0b104d669
Reviewed-on: https://code.wireshark.org/review/20023
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13387
Change-Id: I7dfae550f814cdc15924357996e2086eea58ecf4
Reviewed-on: https://code.wireshark.org/review/20026
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch introduces the frame.interface_description field.
While testing this new functionality it became obvious that we have
a non-optimal interaction between the existing cfile.c's
cap_file_get_interface_name(), the recently added frame.interface_name
field and this new frame.interface_description field.
The string returned from cap_file_get_interface_name() may in fact
come from one of three different sources: the idb's interface name
(if it exists) or the idb's interface description (if that exists)
or a default text of "unknown". The string ultimately becomes the
rame.interface_name whether or not the idb had an interface name
option to begin with. This behavior does not allow one to test for
the simple presence of frame.interface_name. The new peer function
cap_file_get_interface_description() added by this patch returns
NULL instead of "unknown" if the idb does not have an interface
description. Should cap_file_get_interface_name() be similarly
modified to return NULL if the idb does not have an interface name?
Bug: 9781
Change-Id: Ie479f373c5080c004dd22bd88919838feca71e95
Reviewed-on: https://code.wireshark.org/review/19861
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib9d8f23faa7a9f83a975396a1be8f85078223feb
Reviewed-on: https://code.wireshark.org/review/20024
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
With option -I one can ignore the first number of bytes from the frame
while doing duplicate frame removal. This doesn't handle shorter frames
correctly. Add safeguards for this, and update the help text.
Bug: 13378
Change-Id: Ia6b65d0797f4069f0b89fa134114d88d80988211
Reviewed-on: https://code.wireshark.org/review/20004
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I91bc792302f61fd8f20fa41ec067534316e26074
Reviewed-on: https://code.wireshark.org/review/19742
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
The clean_exit block allows deallocation of memory on exit.
Change-Id: I52078f0e4e851b6aa5f34cbbd15eba0a4f37cae0
Reviewed-on: https://code.wireshark.org/review/19940
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I172167eb20793113562b69d1e0e93a4882200404
Reviewed-on: https://code.wireshark.org/review/20019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This mimics the function g_list_insert_sorted.
Change-Id: I6f7ac01155588006662c8c0c138d88cea753868c
Reviewed-on: https://code.wireshark.org/review/19978
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Added META_OPERATION_START (Resize, ConvertToVHDSet)
Added META_OPERATION_QUERY_PROGRESS
Added QUERY_SAFE_SIZE
Minor fixes:
Using GUID data type for LinkageID, VirtualDiskId and InitiatorId, not binary blob
Fixed length for SVHDX_TUNNEL_OPERATION_HEADER
Cosmetic: unused var, code makeup
Ping-Bug: 11232
Change-Id: I4ea598367a1c12586501555f4a23d6249057484a
Reviewed-on: https://code.wireshark.org/review/19979
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Add check for a valid profile name in the Profile dialog and disable
the Ok button and mark the invalid profile if error.
The GTK dialog does not close on errors but the Qt dialog does, so
ensure the user is informed beforehand.
Change-Id: If31ffe75183066cf49e2b5a082112bfe62d6c06e
Reviewed-on: https://code.wireshark.org/review/19995
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: I62d3e966928eba75dc26c2c3b6993175fe0f133e
Reviewed-on: https://code.wireshark.org/review/19994
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use ssl_add_vector to process DTLS Cookie, cipher_suites,
compression_methods, client_hello_extension_list. Removed some checks
(like cipher_suite_length > 0) since (per specification) these must be
non-empty (if this is not the case, then at worst an empty tree is
visible).
Change-Id: I7ab2ef12e210d5878769478c7dfba33a799fb567
Reviewed-on: https://code.wireshark.org/review/19993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Just as we include <windows.h> on Windows to get HANDLE defined, include
<sys/types.h> on UN*X to get pid_t defined.
We don't seem to need this (yet) on the master and 2.2 branches, but it
looks as if it might be necessary on the 2.0 branch. Do it everywhere.
Change-Id: I9535fa9944265746d332f8dc337e42a020b503d3
Reviewed-on: https://code.wireshark.org/review/19998
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Write the recent file for the current profile before copying or renaming
the profile to ensure the latest changes are not lost.
Change-Id: Ib07881925b398314da0a9b2ec875da7650b84712
Reviewed-on: https://code.wireshark.org/review/19984
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Update "early_data" extension to draft 18 (context field is gone).
Add support for "client_early_traffic_secret" to the keylog.
Support decryption of 0-RTT data (required handling cipher in Client
Hello and handling of "end_of_early_data" alert).
Tested with tls13-18-picotls-earlydata.pcap, early data decrypts
correctly. (The server data is messed up, but that is possibly the
result of broken NewSessionTicket handling which throws a dissector
exception and thus breaks the record sequence number.)
Ping-Bug: 12779
Change-Id: I9e6aeeb08111d5d977f2c0ab855f14d6d86ca87d
Reviewed-on: https://code.wireshark.org/review/19989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Server Hello can contain an empty extension, so restore the check.
Change-Id: I7d1ccfa113cd8a568def6915a80fd2791fd361df
Fixes: v2.3.0rc0-2284-g420b9e061e ("ssl-utils: add length validation for SNI extension")
Reviewed-on: https://code.wireshark.org/review/19983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added the following batch of HCI commands:
LE Read Maximum Advertising Data Length
LE Read Number of Supported Advertising Sets
LE Remove Advertising Set
LE Set Periodic Advertising Data
LE Set Periodic Advertising Enable
LE Set Extended Scan Parameters
LE Set Extended Scan Enable
LE Extended Create Connection
Corrected min/max interval field sizes of LE Set Extended
Advertising Parameters command and updated LE Set Extended
Advertising Enable command to use subtree for each set.
Change-Id: Id9c08189a76a0a4adc89b669b50d832f68a929aa
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Based on CSS7 specification.
Change-Id: Ibf00e3add7fcb1a2b3a22574bb63b0fddaf4adcb
Reviewed-on: https://code.wireshark.org/review/19972
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Another format of beacon in advertising packet.
Based on: https://github.com/AltBeacon/spec
User needs to use DecodeAs to use this dissector - any manufacturer's
company id may be valid.
Change-Id: I5656d9dbb70b648b2fadba7f3b525d38a2fe8e57
Reviewed-on: https://code.wireshark.org/review/19971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The number of extcap splash items is the number of extcap binaries plus
RA_EXTCAP.
Change-Id: I9702da5a94e244ddd95a845a67da9302ee41c826
Reviewed-on: https://code.wireshark.org/review/19981
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In the GTK+ prefrences dialog, enable wrapping and set a maximum width.
This should keep labels from making the dialog unusably wide.
Make a couple of enum preferences drop-downs instead of radio buttons.
Note that we might want to make the drop-down vs radio button behavior
automatic.
Change-Id: Ib72a2c8d5cfb99324be86f2218b6d57a395fa22c
Reviewed-on: https://code.wireshark.org/review/19980
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add copy of the definition in a comment, remove check for empty
extension such that export info can be added if the extension is empty.
Remove check for empty HostName, this cannot happen (and is caught by
ssl_add_vector).
Change-Id: Ie63b97e89dc7254f159abb338b52f5f894a8564d
Reviewed-on: https://code.wireshark.org/review/19939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also adds the definition from TLS 1.3 draft 18 spec.
Change-Id: Ic7910874507e76dcbe7ae15aff99c91496a2b590
Reviewed-on: https://code.wireshark.org/review/19938
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add description from spec, remove zero-length extension check since it
is not allowed by specification.
Change-Id: I4bf85b36d933db3658f7788768fd794b6199187e
Reviewed-on: https://code.wireshark.org/review/19937
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add the definition from draft 4 as well (which describes the structure
in text). Remove the check for zero length name since this is normally
not the case (according to draft specification).
Change-Id: I72c3f04a5146d4c4fa291383258246d9ba2b14be
Reviewed-on: https://code.wireshark.org/review/19936
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use ssl_add_vector to ensure that the lengths are checked for validity
and that expert info is added when invalid data is encountered.
Change-Id: I5d03dce988f695cdc305f1bfff9d19ae90c5f6e2
Reviewed-on: https://code.wireshark.org/review/19935
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Merge the length parsing into the SignatureAndHashAlgorithm vector
parsing. Remove extra expert info which are replaced by the generic
ones.
Tested with a mutated pcap where the signature length field is off by
one (too large = expert error, too small = expert warning, as expected).
Change-Id: I43350352ae00eb42bbe5c2ee81289fb592b88f86
Reviewed-on: https://code.wireshark.org/review/19933
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>