The MQTT specification says "The Will Message defines the Application
Message that is to be published to the Will Topic", Application
Messages are defined as being application specific.
Change-Id: I3fad1cb5f676b0232ba9e29af0d213b536ce4ef6
Reviewed-on: https://code.wireshark.org/review/34749
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make a configurable preference to show the publish message as text
to bring back the old behavior.
Ping-Bug: 15738
Change-Id: I90ff4ab4c8fe857fa7ea585f67aef516d84c22c1
Reviewed-on: https://code.wireshark.org/review/33284
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The MQTT documentation states "The Payload contains the Application
Message that is being published. The content and format of the data
is application specific."
Bug: 15738
Change-Id: Ie9d603049821fd7fe73add675a95245d5f27e0b0
Reviewed-on: https://code.wireshark.org/review/33020
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
If someone changes this in the future and the data is no longer valid
UTF-8, then crashes can occur.
Change-Id: I2b153d48ee1ef7093a5141001a391dd440c30e58
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31942
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
PUBACK, PUBREC, PUBREL, and PUBCOMP can all have abbreviated packets
which are not currently handled, leading to those forms being marked as
malformed.
Bug: 15428
Change-Id: I1e6e5dbbca29e7e731683d5c166f9abf978f62b2
Reviewed-on: https://code.wireshark.org/review/31580
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Neither of the following situations were reading MQTT v5 properties from
the packet, leading to valid MQTT 5 packets being marked as malformed.
CONNECT packet with a Will
UNSUBSCRIBE packet
Bug: 15257
Change-Id: Iedb68e7285832fc5692f793b4354a6402ca8ac8d
Reviewed-on: https://code.wireshark.org/review/30464
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename packet-ssl{,-utils}.[ch] to packet-tls{,-utils}.[ch].
Change-Id: I4732162ec131ddf0734b3dd191ccc9e48a76ce06
Reviewed-on: https://code.wireshark.org/review/29659
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for uncompressing message data before dissecting
based on topic.
Bug: 14591
Change-Id: Ibaead205a4df791d8e903935dfd29b9b8c13ddc5
Reviewed-on: https://code.wireshark.org/review/26794
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Christopher Maynard <Christopher.Maynard@gtech.com>
Tested-by: Petri Dish Buildbot
Used to support variable length in QUIC protocol
Bug: 13881
Change-Id: Ia274b1530152376c5fb4e364fc4cf5ab246be1b3
Reviewed-on: https://code.wireshark.org/review/24990
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check if mqtt_msg_type is within boundaries of hf_rcode and gives
a valid hfindex.
Change-Id: Ib8ea710d7cd6c61ec493e218d64b50f6faa720c4
Reviewed-on: https://code.wireshark.org/review/24509
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
RCs and their text descriptions are added by this
patch. We use defines for the values and descriptions
because they are shared by many Control Packets, so
in this patch we parameterize them to avoid writing
the descriptions multiple times.
Change-Id: I0afc2cbe69e8cfffa4f65df0b72f09045bb9b3a1
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This allows for the removal of epan/dwarf.[ch]
Functionality could probably be handled by an encoding (like dissect_uleb128),
but for now keep it in file-elf.c as that's the only functionality
currently using it.
Change-Id: I84cf6af02abb3d53ea7d9b774e3313d77a1ff497
Reviewed-on: https://code.wireshark.org/review/24486
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also update ENC_VARINT_PROTOBUF documentation while we're at it
Change-Id: I72e1f9175adc0c6a8bb03ceddba04ffd4844a12e
Reviewed-on: https://code.wireshark.org/review/24485
Reviewed-by: Michael Mann <mmann78@netscape.net>
MQTT v5.0/UNSUBACK includes a payload conformed
by a list of reason codes. There is no length
field for this payload, so it must be computed
as the difference between the full message size
and the current offset.
Change-Id: Ibf7ef4131408e26e2389c3ab89107c22c16412a1
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24337
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch modifies how the payload length is
computed. With this patch we want to simplify
and reduce the number of operations.
Change-Id: Ie1c9a3f26c689e92fbbd57c34e4f68abd3ea7d02
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24336
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I51d5dfdcbf13cca79ca354d0a63bf7dc328e5dc9
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24312
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
- FIX: subtract the property length from the message length
- Replace the 'for' loop by a 'while' loop, now that the
arithmetic is done before.
TODO: It's a protocol error (v5.0)/violation (v3.1.1) not to
include the payload in the SUBSCRIBE control packet. It would
be nice to display a "malformed packet legend" in such that
case.
Change-Id: I99ef3862aa19b3a31ea03d1c194e54f489674115
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24313
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This will clarify that it's a type. Also remove unneeded init values.
Change-Id: If61b32a264ff60a26e775dc99f1c06d0aa555a4d
Reviewed-on: https://code.wireshark.org/review/24307
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
From the spec:
3.14.2.2.1 Property Length: The length of Properties in the DISCONNECT
packet Variable Header encoded as a Variable Byte Integer. If the
Remaining Length is less than 2, a value of 0 is used
In this commit we also assume that AUTH may not include the Property
field, given that DISCONNECT and AUTH share the same structure.
Change-Id: I5f55151df6b2066d924b2c16fb08a63b0903ef46
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24288
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add routines to dissect the following MQTT v5.0 Two Byte
Property fields:
- Server Keep Alive
- Receive Maximum
- Topic Alias Maximum
- Topic Alias
Change-Id: I90b43cd315f31a34b10bf6065ea51549307e95f3
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24265
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add routines to dissect the following MQTT v5.0 Byte
Property fields:
- Payload Format Indicator
- Request Problem Information
- Request Response Information
- Maximum QoS
- Retain Available
- Wildcard Subscription Available
- Subscription Identifier Available
- Shared Subscription Available
Change-Id: I28b95174ce811a92d8f22bf51c331169b5e4b925
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24264
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Apply 'Disconnect' (3.14.2) and 'Auth' (3.15.2-1) notes to simplify
and fix the variable header :).
Change-Id: I169a69a0da5b2d5ee338c0f45af978217986f37a
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24274
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch adds partial support for the MQTT v5.0 protocol.
The relevant changes are:
- A new MQTT control packet: AUTH (15)
- The Variable Header is extended with a new section: 'Properties'
Currently, the 'Properties' section is not dissected although
its length is parsed.
Change-Id: I059b91304e953d69e4781b170e61057cb38dde19
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/24261
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for configuring message decoding based on topic.
Matching criteria is equal-to, contains, starts-with, ends-with
or regular expression.
Change-Id: I677d869716eb1d2798974e2c65605a454421a66c
Reviewed-on: https://code.wireshark.org/review/24196
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: I8e9cd64edcabf810e70b134ecce7a771babafebc
Reviewed-on: https://code.wireshark.org/review/24017
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
- PUBREL, SUBSCRIBE and UNSUBSCRIBE does use QoS for v3.1
- CONNACK is also different between v3.1 and v3.1.1
- DUP flag is not reserved, it's Retain which is reserved
- Use proto_tree_add_item for reserved fields
- Use uniform layout and fixed indent (2 spaces in this file)
Change-Id: I26337ad63cd67d832db84993349fa3406e305b72
Reviewed-on: https://code.wireshark.org/review/24025
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to the MQTT v3.1 and v3.1.1 specifications,
the fixed header flags (DUP, QoS and RETAIN) are only set by
the PUBLISH message.
The DUP flag is also set by the PUBREL, SUBSCRIBE and
UNSUBSCRIBE messages but only when version 3.1 is used.
Currently, the MQTT dissector shows the header flags for
all the v3.1 and v3.1.1 messages.
This patch fixes the issues mentioned above.
To track the protocol version used during the connection handshake
a conversation is used. For subsequent messages, the way the header
flags are displayed is determined by this variable.
Change-Id: Iad808f77a2c379f9786152c26d3aa86e24be1b16
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/23939
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are some issues with the inline comments. Rephrase those
comments. Furthermore, use the MQTT v3.1 and v3.1.1 specification
language to fix some inline comments.
Change-Id: Ia3864e1b66ef1eb4bbd8cb90aed674c7d9c4b7be
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/23937
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The packet-PROTOABBREV.c template recommends to provide a short
description of the protocol below the license header. Currently,
this information is not present in the packet-mqtt.c dissector.
This patch adds the protocol description taken from the official
specification. Links to the v3.1 and v3.1.1 specifications are
also provided by this patch.
Change-Id: I9bb85aa3b78c8804c923f77c163904a7949f6899
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/23936
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ali Sabil