Change-Id: Ife44b225337e5c583c722ac62f711ed3ec9cf808
Reviewed-on: https://code.wireshark.org/review/30535
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In preparation for decrypting and dissecting EAPOL keydata in
ieee80211 dissector move the RC4 decryption and key copy into
separate helper functions.
Change-Id: I13f3e981038f48526032e263b6eb3c9e3496abbe
Reviewed-on: https://code.wireshark.org/review/30546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove unused variables found by shellcheck. Remove a dead check for
10.5 (which we no longer support) which enables 32-bit builds (which we
no longer support).
Change-Id: I8f987f31025c74d27e46c7f74f514857ec8cdd3b
Reviewed-on: https://code.wireshark.org/review/30549
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Currently all binaries must be available or no tests will be executed.
This is inconvenient if you just want to test a single binary (e.g.
text2pcap) without having to build epan. The problem is essentially that
tests lack dependency annotations.
To solve this problem, add the required dependencies as parameters to
each test (so-called 'fixtures' in pytest). Skip a test if a binary
(such as tshark) is unavailable. As a demonstration, suite_dissection.py
is converted. Over time, tests should no longer depend on config.py due
to explicit dependencies fixtures (listed in fixtures_ws.py).
Since the unittest module does not support such dependency injections,
create a small glue for use with pytest and an (incomplete) emulation
layer for use with test.py.
Tested with pytest 3.8.2 + Python 3.7.0 and pytest 3.0.3 + Python 3.4.3.
Python 2.7 is not supported and will fail. Test commands:
~/wireshark/test/test.py -p ~/build/run
WS_BIN_PATH=~/build/run pytest ~/wireshark/test -ra
Change-Id: I6dc8c28f5c8b7bbc8f4c04838e9bf085cd22eb0b
Ping-Bug: 14949
Reviewed-on: https://code.wireshark.org/review/30220
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reduces maintenance costs and makes it possible to simplify code.
pytest supports Python 2.7 and Python 3.4 (or newer), so that is more or
less the minimum target for now.
Change-Id: I0347b6c334bf2fc6c9480ff56e9ccfcd48886dde
Reviewed-on: https://code.wireshark.org/review/30193
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Python 3 is widely available. All major Linux distributions support it.
RHEL is covered via EPEL (which is already required for cmake3). Drop
support for Python 2 in order to reduce maintenance costs. The main
motivation is being able to simplify the tests.
CMake is updated to search for Python >= 3.4 and will fail if
unavailable (generating dissectors.c requires Python, so it is quite an
important piece to have).
The documentation is updated to reflect the Python 3.7 paths used by
Chocolatey. Tested the git-review installation instructions in Windows 7
x64 without a previous Chocolatey installation.
macOS brew now installs Python 3 (its dependencies are already installed
by python@2 for libxml2). The macOS (non-brew variant) is updated to use
the official 64-bit installer to install Python 3.
Change-Id: I80b1e36957f338e0dad1bfcc173b6418682cddba
Reviewed-on: https://code.wireshark.org/review/30192
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
SSNs 145 and 148-150 are all used by MAP so register for them.
This allows Wireshark to decode messages between, for example, an SGSN and
GMLC without having to touch the dissector preferences.
Change-Id: Iaaad668bcde074a2a89d3de605659849856dc396
Reviewed-on: https://code.wireshark.org/review/30531
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Replace all calls of tvb_ensure_captured_length_remaining with
tvb_ensure_length_remaining as they are only used to ensure that already
read data is present and it is not always required that at least 1 more
byte follows.
Change-Id: I71b1142c0d8f8fe3ddb09b80b6ca8ed10e0b67b6
Reviewed-on: https://code.wireshark.org/review/30517
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Based on ntp_request.h header file:
- authentication parameters are only present in request messages, not
resonse ones
- the authentication timestamp is at a fixed position with an offset
of 184 bytes in the packet, followed by the encryption keyid and
optionally the mac
- do not display the authentication timestamp (even if present in the
packet) if the authentication bit is not set (as the value 0 translates
into a date in 2036)
Bug: 15258
Change-Id: Id2e49beeef4a0fdc3082d9b7b09a214fd531a6bb
Reviewed-on: https://code.wireshark.org/review/30527
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This is only the new IEs and one new Extension Frame type
Change-Id: If55fbf205735f657352c8f21b22fa0858ae183f0
Reviewed-on: https://code.wireshark.org/review/30519
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- fix byte used for A and Sequence fields
- added missing unused field in MON_GETLIST_1 strcuture
- added dissection of MON_GETLIST structure
- added dissection of Encryption Keyid and MAC fields
Bug: 15258
Change-Id: I7525fcd8daeeeef449294c0d79c2853a852328ed
Reviewed-on: https://code.wireshark.org/review/30514
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Proxy DHCP (proxyDHCP) is described in the PXE specification ver 2.1 (section
2.2.3) as a mechanism to allow a PXE client to query a separate service,
listening on port 4011, to obtain boot file information. Other than the UDP
port number used, the protocol is identical to regular DHCP.
This change implements support for dissecting proxyDHCP packets.
The change expands the default pref value for the DHCP/BOOTP UDP ports list to
include port 4011, and if the dissector receives a packet for port 4011 which
passes a rough heuristic (the DHCP magic number is mandatory for proxyDHCP --
there is no such thing as BOOTP-only proxyDHCP), the packet passes through to
the regular DHCP dissector.
There's currently no separate preference to allow configuration of the expected
proxyDHCP port number... This seems reasonable, since the port number 4011 is
stipulated in the PXE specification, and variations would seem unlikely.
Testing Done: Opened a capture file containing a DHCP conversation using
proxyDHCP, and saw the traffic on UDP port 4011 was now decoded as DHCP and
reported as "proxyDHCP", instead of being generic UDP. Regular DHCP traffic
in the same capture file is still decoded as it was before. Produced some
deliberately malformed requests (bad magic number) and tweaked the
DHCP/BOOTP port list in prefs, and saw the expected behavior in each case.
20,000 iterations of fuzz-test.sh with a small corpus of captures from
PXE-booting systems.
Change-Id: Ifd485cd75834a51bdfd6f3ba3fe517c4a892d9d0
Reviewed-on: https://code.wireshark.org/review/30498
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
sshdump and ciscodump have been updated to use it.
Change-Id: I4e1e0d35f086d76c13264939bc4f14308cc88cfb
Reviewed-on: https://code.wireshark.org/review/30496
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We need to split good options' from bad options' return value.
Change-Id: I836e58c0f05716484664f354e7332a74d6a08c20
Reviewed-on: https://code.wireshark.org/review/30503
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
brew installs lua 5.3 by default, that is not Wireshark compatible.
lua@5.1 is installed instead since lua@5.2 is not available, see
https://github.com/Homebrew/homebrew-core/issues/24409
Change-Id: I82c98bc3314e367dbdb71109887c37372f6293d2
Reviewed-on: https://code.wireshark.org/review/30494
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>