In case of successfull delivery, TP-Status IE looks as follows:
TP-Status
0... .... = Definition of bits 0-6: as follows
.00. .... = Error: Short message transaction completed (0)
...0 0000 = Reason: Short message received by the SME (0)
in particular, "Error: Short message transaction completed" looks
confusing. Let's make it a bit cleaner:
TP-Status
0... .... = Definition of bits 0-6: as follows
.00. .... = Error: No error, short message transaction completed (0)
...0 0000 = Reason: Short message received by the SME (0)
Change-Id: I95830877c1ff2f45e3c68a40febcf357abda597d
Reviewed-on: https://code.wireshark.org/review/36829
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
According to 3GPP TS 23.040, section 9.2.3.15, the TP-Status IE
indicates the status of a previously submitted SMS-SUBMIT and
certain SMS COMMANDS for which a Status-Report has been requested.
Currently Wireshark dissects this IE as follows:
TP-Status
0... .... = Definition of bits 0-6: as follows
.000 0000 = Error: Short message transaction completed (0)
.000 0000 = Reason: Short message received by the SME (0)
so it's not clear how exactly both Error and Reason are derived
from 7 less-significant bits of the first (and the last) octet.
As can be seen from the section 9.2.3.15, two less-significant
bits of those 7 define the Error, while the remaining 5 bits
define the Reason.
With this change applied, dissected TP-Status IE looks as follows:
TP-Status
0... .... = Definition of bits 0-6: as follows
.00. .... = Error: Short message transaction completed (0)
...0 0000 = Reason: Short message received by the SME (0)
To achieve this, type of the 'dis_field_st_error_rvals' was changed
from 'range_string' to 'value_string', and the range / string array
'dis_field_st_reason_rvals' was split into 4 arrays corresponding
to 4 possible Error values.
Change-Id: I8418ae3532c5e4b0ad2c956c5cd8cd90767d2fd6
Reviewed-on: https://code.wireshark.org/review/36828
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Add protocol for the nRF Sniffer for BLE version 3 of the UART protocol.
These changes provides support for giving different packet IDs for advertising
physical channel and data physical channel.
The flags for advertising physical changes are intepreted differently,
the direction, encryption and MIC valid flags are always zero and are therefore
marked as reserved for future use instead.
The time_delta field is changed to be a firmware timestamp instead. This is to
allow better timestamping of the packets as the timestamp earlies was provided
by the extcap python code, which does not provide accurate timestamps.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531c
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36786
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Provide a mechanism for the capture context to provide the auxiliary PDU type
name since this value cannot be inferred from the bytestream and must be taken
from context instead.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345319
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36783
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The length field of a struct can be configured to 0, 8, 16, or 32 bits.
Independent of the config, it will always be ignored as set to 0 bits.
This patch repairs this.
Bug: 16490
Change-Id: Idde3616ec06067363e767bd52bb5f443439c9aca
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-on: https://code.wireshark.org/review/36770
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Prefer:
- html (rather than txt)
- https
Also includes the script check_dissector_urls.py,
that can be used to find links in code and test them.
Change-Id: Iafd8bb8948674a38ad5232bf5b5432ffb2b1251b
Reviewed-on: https://code.wireshark.org/review/36821
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Added support for RFC 8770 Host Router Support.
As LSA flags are independent of set options fix flags handling also.
Change-Id: Ib74cae55fb9a3b26f27084168d0e15e4f3d2d6b8
Reviewed-on: https://code.wireshark.org/review/36824
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
FieldInformation::parentField() allocated a new FieldInformation,
so ensure to delete this when done.
Change-Id: Id0f538cc696551ec47169103be823eb1e55d1777
Reviewed-on: https://code.wireshark.org/review/36823
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Document that the payload of the BLE_EVENT packet is excluding the preamble
that is sent on air.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531b
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36785
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add BTLE physical channel pdu type from capture context. The dissector uses
the access address to determine if the packet is either an Advertising physical
channel PDU or a Data physical channel PDU.
This assupmtion is not valid for Periodic Advertising where the AUX_SYNC_IND
advertising packet will be sent with a non-advertising access address.
There is also the new Isochronous physical channel PDU which can be both
broadcasted or connection-oriented.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345318
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36782
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Document the RSSI sample result in the nordic_ble dissector. This value is
directly from the RSSISAMPLE register which is a positive number. It must
be converted to negative value.
Change to using INT8 because the RSSISAMPLE is only 7 bits value, and will
always be a positive number.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531a
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36784
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dissect the common extendend advertising payload header which is common for
the following advertising PDUs:
- ADV_EXT_IND
- AUX_ADV_IND
- AUX_SYNC_IND
- AUX_CHAIN_IND
- AUX_SCAN_RSP
- AUX_CONNECT_RSP
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345317
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36781
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add handling of ADV_EXT_IND and setting valid adv header flags.
Advertising Extension assumes channel selection #2, and both TX and RX address
type bits must be checked if present in the extended advertising header by
reading the extended advertising header flags.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345315
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36780
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Like in markFrame, the integer list of selected rows is not used in
ignoreFrame. Remove it.
Change-Id: Ic2bf4b1d2d330767370a2e831e321e285cb00e91
Reviewed-on: https://code.wireshark.org/review/36805
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "rows" variable is populated with the indices of all selected rows.
It seems that rows is never read and can be removed.
(In parallel, there's QModelIndexList frames. This list is used
when it comes to actually marking the selected packets.)
Change-Id: If2b97a2f5d87fe24717b9ad56444e2a779e0b3fc
Reviewed-on: https://code.wireshark.org/review/36804
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure the summary record is large enough; if not, report it as a bad
file.
If it's *too* large, skip the added data.
Clean up the length check for the header records - use sizeof, as we
later use sizeof when subtracting the fixed length portion's length.
Change-Id: I70697804eaa0cbbb1fb074eadf6457d237f26876
Reviewed-on: https://code.wireshark.org/review/36814
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Get rid of leftover duplicate code setting up the wtap structure and
private data before we've found a summary record.
If we find no data records, break out of the loop, so we fall into the
code that sets up the wtap structure and private data.
Change-Id: I00652bb7f3cb52b6c7c2088c6dd5fe5ec9a012a7
Reviewed-on: https://code.wireshark.org/review/36806
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
A generated item is not derived from the bytes in the packet.
The components of the length field and the timestamp are fields in the
packet. They should not be marked as generated.
Change-Id: Ic2e74f7db50b2ea65bc0e48883e6562992114296
Reviewed-on: https://code.wireshark.org/review/36766
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use proto_tree_add_item() for the timestamp, there's no need to extract
the time manually.
Remove the unnecessary if (tree) check.
Call proto_tree_add_item_ret_uint() to read the value and add it to the
tree in one go.
Change-Id: Ibce3a5c83c260e46c4bd6ebf957e300fd345ed8a
Reviewed-on: https://code.wireshark.org/review/36765
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use content-type property to decode message.
Lookup Topic using topic-alias property mapping from the first Publish
message if this is used by the sender. Add an expert info note when
a lookup fails.
MQTT-4.7.3-1 defines that all Topic Names and Topic Filters MUST be
at least one character long. Add an expert info warning for this.
Change-Id: I5b27a72462a7c80b200ec065e5aed167cf36a3a8
Reviewed-on: https://code.wireshark.org/review/36748
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Currently every URI that carries display information has that presented
as the same field. This makes specific filtering difficult.
This change introduces seperate fields for every URI type, while
preserving the common display info field as hidden item.
A display field has been introduced for every URI handled, whether or
not the field is described in an RFC. Practice learns that it may be
done anyway.
Bug: 16488
Change-Id: I15bf10e3fbdcce581a62182c205976a751c98c69
Reviewed-on: https://code.wireshark.org/review/36773
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Handle the reserved bits in the LE channel map. The bits do not
represent the advertising channels, but are simply reserved.
Allow the dissector to set these bits as non-channel map related, which
is the case for Extended Advertising Sync Info.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345314
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36779
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
check_dissector_urls.py was written and used to
find URLs within epan/dissectors/*.c and try to
fetch them using 'requests'. Will be commmitted
separately.
Most of the changes were to adapt to reorganisation
of IETF or 3gpp2 links, but many of the broken links
are for websites or companies that no longer exist.
Change-Id: Ie9afdb95099218402a61626a0cd5193c6f781b96
Reviewed-on: https://code.wireshark.org/review/36769
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
The initiator address field of the directed advertising PDU has been renamed
to target address in newer versions of the Bluetooth specification.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345313
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36778
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add channel index to the bluetooth dissector context.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345312
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36777
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
wtap_read_bytes() returns TRUE on *success*, so if we're in the loop,
the last read succeeded, and no error code was supplied. When we *exit*
the loop, the read didn't succeed; check for the status then. If we got
a short read, we ran out of file data, so check the heuristics (even if
it's not an integral number of 2-byte blocks, treat it as a CAM
Inspector file - it might have gotten cut short); if we got a real read
error, report that to our caller.
Bug: 16458
Change-Id: Ia1e838006744dadbc2883459aec16d0d11b732e1
Reviewed-on: https://code.wireshark.org/review/36795
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
If it has none, we don't know what link-layer header type it has, nor do
we have a start time to use for time stamps.
If it has more than one, we don't know which one to believe.
Bug: 16459
Change-Id: I306ec45171f9de4643699a53a4d837f4f7750c69
Reviewed-on: https://code.wireshark.org/review/36791
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Rename packets names that has changed in the bluetooth core specification.
Requests have responses, indications have no response.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345310
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36775
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
pytest and `pycodestyle test/suite_*.py --select=W605` warned about it.
Change-Id: I015351d1c00d17aa9f04ab17abed00586ee09e89
Reviewed-on: https://code.wireshark.org/review/36771
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Don't give the first argument to CATCH7() a space after its comma; none
of the other CATCHn() arguments do.
Change-Id: I752d3329080b3bfba362adfff0cb2b0e2034be8b
Reviewed-on: https://code.wireshark.org/review/36768
Reviewed-by: Guy Harris <gharris@sonic.net>
Remove nested example tags from the dissection chapter, including and
unbalanced one. Mark our source blocks with [source,c].
Enable syntax highlighting in the Developer's and User's guides. This
isn't supported in the DocBook backend (which we use to generate the
HTML guides), but it is in the PDF backend.
Add a comment about failing on warnings when we generate our guides.
Change-Id: Ieee29fe75364ca23769aa997f90126e31b72cc8b
Reviewed-on: https://code.wireshark.org/review/36767
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
wtap_cleanup() clears options which are still in use by the time
cf_close calls wtap_close. Be sure to close the capture file first.
Bug: 16487
Change-Id: Id9ef1c0321865e9574b69439870a842efb2b209b
Fixes: v3.3.0rc0-853-g3662a69036 ("Maintain cf->state, because file cleanup depends on it.")
Reviewed-on: https://code.wireshark.org/review/36755
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Guy Harris <gharris@sonic.net>
This workflow will test the several options available in cmake,
by not using the default value.
The workflow runs once a day, instead on push, to spot problems
that unlikely happen.
The compilation without pcap has been removed from other CIs,
since it is included in this one and that will spare CI cycles.
Change-Id: I796a1ac1879fe85c66d9518207c7053531204c11
Reviewed-on: https://code.wireshark.org/review/36608
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add checks for bad block lengths - either too short or not a multiple of
4. (Yes, the pcapng spec requires it to be a multiple of 4. And there
is at least one implementation that requires it.)
For various structures with a length field, create the top-level tree
field for the item with a "run to the end of the packet" length and,
once we're finished dissecting it, set the length to its actual value.
Fetch various field values using proto_tree_item_add_uint. Fix some
incorrect field types based on errors reported by that.
If an end-of-options option has a non-zero length, 1) don't treat it as
not an end-of-options option and 2) report an error on its length.
Change-Id: I72b2c065f3e3c76d5b71a1cd2ef3c1f497623266
Reviewed-on: https://code.wireshark.org/review/36746
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
In LwM2M TLV format a Float can be a 4 or 8 bytes floating point value.
Allocate a separate FT_DOUBLE header field to handle this.
Refactor common code between OMA and UAT defined resources.
Bug: 16485
Change-Id: I45fe782a32444215959951f0b202de360a3b24b8
Reviewed-on: https://code.wireshark.org/review/36724
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
There were a bunch of 4-space tab characters in the file, which is 1)
not the way UN*Xes work and 2) not what the modelines say; replace them
with 4 spaces, and further adjust some indentation.
Change the modelines to turn tab-to-space expansion on.
Change-Id: I7e22294e928ef95ab9f5d61f5d0e8abfe18cfb4e
Reviewed-on: https://code.wireshark.org/review/36738
Reviewed-by: Guy Harris <gharris@sonic.net>
The IEEE 802.3br dissector does good work figuring out when a frame is
preempted by another, in the same direction, and reassemble the continuation
into a proper Ethernet frame. But when, at the same time, a frame appears in
the other direction, not unheard of in a full duplex link, the reassembly is
thrown in turmoil.
This change makes the reassembly directionally aware, so that preemptions,
either way and even simultanious, can be distinguised as long as the
direction of the frame is known.
Bug: 16470
Change-Id: Ic99353c1b95238e0d63c4cd14cd454d09e3675cc
Reviewed-on: https://code.wireshark.org/review/36731
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Vadim Yanitskiy