packet-bitcoin.c:1735:6: error: 'hfi_msg_getheaders_version' undeclared (first use in this function)
&hfi_msg_getheaders_version,
caused by previous commit. Weird that the compiler on my system didn't catch that.
Change-Id: I73cb06553bdf3a37f7c3d61d85f425d7c92d5b99
Reviewed-on: https://code.wireshark.org/review/7888
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
git/epan/dissectors/packet-bitcoin.c:270:26: error: ‘hfi_msg_getheaders_version’ defined but not used [-Werror=unused-variable]
Change-Id: Ifcbc8be775e5f435497f5391755356caee48a7d9
Reviewed-on: https://code.wireshark.org/review/7887
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
the EAPOL Key Exchange descriptions show key packets 2 and 4 as "Key (Message 4 of 4)"
Reason of issue :
In the IEEE 802.11 specification the value for the counter is defined as following:
Message #2 - counter = n
Message #4 - counter = n+1
So the only way to distinguish between message #2 and message #4 using the counter value would be for Wireshark to "look ahead" and compare the counter values (e.g., if counter1 < counter2, then message 2, else message 4).
Fix :
However, there is a much easier way to distinguish between message #2 and message #4. Instead of using the counter field, Wireshark could parse the "WPA Key Nonce" field (display filter = wlan_rsna_eapol.keydes.nonce).
According to the IEEE specification, sections 11.6.6.3 and 11.6.6.5 define the value for the WPA Key Nonce as following:
Message #2, Key Nonce = SNonce (Supplicant Nonce)
Message #4, Key Nonce = 0
So, the logic would be:
1. Use the Wireshark parser to determine the WPA Key Nonce value. The Key nonce field is 32 octets.
2. If !(keynonce), then message #2
Else message #4
(Only check the first 4 octets of nonce if equal to zero)
Issue reported by Murray Pickard
Reason of issue (and proposed fix) by Amato Carbonara
Bug: 10557
Change-Id: I66086ac27a4d7d3ac0356be295d23001e2af71c8
Reviewed-on: https://code.wireshark.org/review/7868
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Ib1c2bb355c7757b1aca4b59953ca6ab94aa30593
Reviewed-on: https://code.wireshark.org/review/7873
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I72a7c1a44bda7755d8b1376dd5e57c46f137ff31
Reviewed-on: https://code.wireshark.org/review/7870
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
for two uint16 fields and three fields were merged into one as an unknown.
There was also an unnecessary unknown field on the end that caused a
malformed packet exception to occur.
Tested with a capture of a rename.
Bug: 10858
Change-Id: Ibcf22270d2c34605bb47e3a9804b53746597572d
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/7837
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
is based around a GUID. Also add some more FileFs Info strings and one more
FSCTL code.
Change-Id: Ib9e5d5a4ee64cd9b94eb9a54ec7a04a82e4ad00f
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/7817
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Comment was, although accurate on the subject, not very well formulated
Change-Id: I4e6a4bdbc40f75b6bca72de4e71451c441d70d08
Reviewed-on: https://code.wireshark.org/review/7863
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add User-To-User (UUS) dissector table to be able further data processing.
Change-Id: I44cc32441072c643d19af53849cf5b53909b4889
Reviewed-on: https://code.wireshark.org/review/7857
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Unlike autoconf, which can generate config.h.in based on the contents of
the configure script, CMake requires that cmakeconfig.h.in be updated
separately.
Change-Id: I78ead3bae41667bd7c452329485a819ac34bce5e
Reviewed-on: https://code.wireshark.org/review/7859
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The bonding driver does not properly handle unknown ioctls; it returns
ENODEV rather than ENOTSUP, EOPNOTSUPP, ENOTTY, or a "not supported"
error of that type. This causes problems detailed in bug 11058.
On Linux, check for bonding devices before checking for monitor-mode
support.
While we're at it, get rid of a commented-out include of
CheckCSourceCompiles (it's presumably already been implicitly included
by other functions that use it).
Bug: 11058
Change-Id: I13035de0650634c51a52f262829b2b6fb86b39e9
Reviewed-on: https://code.wireshark.org/review/7856
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I1e046988ed0e21e4824a3021e43fb429ed5211b4
Reviewed-on: https://code.wireshark.org/review/7854
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also do a bunch of proto_tree_add_bitmask conversions and other small cleanup.
Change-Id: I0b42098e1db1457f80b839edbc260c0a72e177d6
Reviewed-on: https://code.wireshark.org/review/7853
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Various other cleanup while in the neighborhood.
Change-Id: I9d8322fd8fb867ad5569db9f781a33825ca34d1b
Reviewed-on: https://code.wireshark.org/review/7834
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
g8204578 was not the right way to do things: if_type is used to identify an extcap interface
Change-Id: Iead6c5e63f6874012c27ed7c1bf7152a5891ad65
Reviewed-on: https://code.wireshark.org/review/7849
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I20a098eb1fdcfd34eb03b685d6936a6cf5868c0d
Reviewed-on: https://code.wireshark.org/review/7848
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Icf1d71f0aa90ed418264cd4f349e2a514f1ae2f9
Reviewed-on: https://code.wireshark.org/review/7847
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia442cbf7a30c1f1054a3fa8e814d595867e2c034
Reviewed-on: https://code.wireshark.org/review/7846
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Changes made:
Updated dissectors:
-> ping: ping packets now have a nonce.
-> version: If version >= 70002, version messages have a relay flag.
-> Messages with no payload: Added mempool and filterclear messages.
Added dissectors:
-> pong message
-> notfound message
-> reject message
-> filterload message
-> filteradd message
-> merkleblock message
-> headers message
Change-Id: I9eb0dba971b2f612f95211847a7f283a037341e6
Reviewed-on: https://code.wireshark.org/review/7831
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
I76f7515889727dc7fad27ac90ca96750384a46f3 made the format strings static using
macros, but missed the fact that sprintf("%s foo", bar) should become
(bar " foo") and not ("%s foo" bar). This caused a malformed value string
fallback.
Bug: 11092
Change-Id: Idba3c87a32a6b3c852e661a62e8cd9be6cad0904
Reviewed-on: https://code.wireshark.org/review/7836
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I811933345a5c62624af08db39ee79c1431c89aa5
Reviewed-on: https://code.wireshark.org/review/7833
Reviewed-by: Michael Mann <mmann78@netscape.net>
Removed the redundant setpath batch file and associated macro
and updated docs.
Change-Id: I5ddab6bad2d14ed3443194d7269f1890e4aa608e
Reviewed-on: https://code.wireshark.org/review/7826
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
When capturing two consecutive DTLS session to the same server,
fragments for the second session report a error:
> [Reassembly error, protocol DTLS: New fragment overlaps old data (retransmission?)]
It turns out that the DTLS dissector uses the addresses_reassembly_table_functions
which takes only the IP addresses into account and not the ports.
Changing that to the addresses_ports_reassembly_table_functions
fixes the bogus error message.
Change-Id: If317314dca4b1d46e802bac54c07c89c7a73e24e
Reviewed-on: https://code.wireshark.org/review/7824
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add FOLDER properties to targets to tidy up the VS solution
Change-Id: Ia42e0e89fb490cd3dcd33b7c5f59eb0a27b74c7a
Reviewed-on: https://code.wireshark.org/review/7822
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Add support for Python 2.5 (remove unicode_literals import which does
not seem to be necessary), check before using break_on_hyphens (without
this option in Python 2.5, the output is uglier though) and avoid the
'with' keyword.
While at it, fix reading Unicode text from file in Python 2 (tested
with: echo € | tools/html2text.py) and support reading from stdin using
the '-' filename.
Tested against Python 2.5.6, 2.6.6, 2.7.9, 3.2.6, 3.4.3 with the
commands from the previous html2text.py commit message, and additionally
with the Unicode character € as input (instead of the faq.py output).
Change-Id: I3de3f7a4e7cf7d702463c3a59758803843338a54
Reviewed-on: https://code.wireshark.org/review/7823
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
IOA of information object is shown only for first object in sequence, corrected byte count for information object.
Change-Id: Id428ce3b9d98da0be0315f2a880e5c025e076183
Reviewed-on: https://code.wireshark.org/review/7821
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
docbook/Makefile.am uses --stylesheet=ws.css too, without this change
the generated HTML will point to the source directory...
Change-Id: I351cb658c404a08655201933158f91765f8d9c35
Reviewed-on: https://code.wireshark.org/review/7503
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>