null source argument and a zero count will work; in practice, they
probably will (with a zero count, there's nothing to fetch from the
source), but the Clang static analyzer still warns about it.
svn path=/trunk/; revision=42305
from makefiles (and thus from the buildbot).
The intention is to be able to tell when a human is running the tool so we
can provide more code-review guidance.
As a starter, enable the "too many proto_tree_add_text() calls" check when
a human is running the tool.
svn path=/trunk/; revision=41943
The ANSI C12.22 protocol is a smart grid protocol for utility meters, including
gas, water and electric. The dissector implemented in the patch file includes
full support for all EPSEM (Extended Protocol Specification for Electricity
Metering) services and includes a full implementation of the C12.22 security
modes.
[...]
To decrypt the attached sample file, you need to set up the key table in the
preferences to include key 0 with a value of 6624C7E23034E4036FE5CB3A8B5DAB44.
Me: Fixes for:
[ 64%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-c1222.c.o
../../asn1/c1222/packet-c1222-template.c: In function ‘dissect_epsem’:
../../asn1/c1222/packet-c1222-template.c:860:15: error: variable ‘ft’ set but not used [-Werror=unused-but-set-variable]
[ 5%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-c1222.c.o
../../asn1/c1222/packet-c1222-template.c:103:19: error: ‘c1222_flags’ defined but not used [-Werror=unused-variable]
svn path=/trunk/; revision=40500
In order to compile the whole project with -DG_DISABLE_DEPRECATED
the mate plugin needs to replace its usage of GMemChunk.
All other places should be clean.
svn path=/trunk/; revision=38392
Removed "key prefix" need within GUI so it's a little more intuitive (because
that's what this bug is complaining about). Slight backwards compatibility
issue with UAT (because key prefix was in previous keys), but all development
(including fix for BUG 1123 that created UAT) has just been on SVN and not
released.
Also adjusted AirPCap (airpcap_loader.c) to account for the lack of "key
prefix".
Addressed some memory leaks/excess string creation.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5985
svn path=/trunk/; revision=37888
routines that don't return. (This requires that some files include
config.h to get WS_MSVC_NORETURN declared properly.)
svn path=/trunk/; revision=35989
- Define macros for certain CFLAGS in config.nmake iso of having defs in each makefile;
a. -DHAVE_CONFIG_H and -D_U_="" are now part of a macro named STANDARD_CFLAGS;
b. -WX has been replaced by WARNINGS_ARE_ERRORS (defined as -WX in config.nmake)
(This allows disabling "Warnings as Errors" by just changing config.nmake)
c. CVARSDLL definitions (not usage) have been removed from the various makefiles.
XXX: It appears the usage of CVARSDLL can also be removed (not yet done) since:
-DWIN32 and -DNULL=0 do not appear to be needed (any more);
-D_MT and _D_DLL are not needed since /MP causes these definitions.
d. Define a macro WARNINGS_CFLAGS with additional specific compiler (level4) warnings to be enabled.
E.G., 4295: array is too small to include a terminating null character
- config.nmake: reformat some long lines for readability;
- plugins\Makefile.nmake: clean-deps does nothing: remove it (and usage in top-level makefile);
- dissectors/Makefile.nmake: test to enable packet-rrc.obj target needs to include MSVC2010 ...
svn path=/trunk/; revision=35747
I'm reasonably sure that I introduced this bug and I apologize for the problems
with my previous patch. The problem is that I did not use all of the seen
keys, I used all except the first key, which in a case of one key is none.
The attached patch fixes the error.
svn path=/trunk/; revision=29843
its own crypt-aes.
change the integer types to glib style integers
this may/will be helpful if/when we implement our own version of
kerberos
aes decryption of dcerpc since the existing libraries can not (yet)
handle when header signing is used.
we should implement our own decryption of this for cfx+aes just as we
did for classic+arcfour
svn path=/trunk/; revision=29228
Airpdcap does not allow for more than one key to be stored for a pair of nodes.
This means that when a device associates more than once the previous keys are
lost. This is ok for the first pass as the newest key is all that is needed
but when the user tries to click on a packet, to get the tree, which used a
previous key all that is seen is the encrypted data. The attached patch stores
previous associations in a linked list and will try all known keys before
decided the packet can't be decrypted. The list of keys is garbage collected
when a new capture is started.
svn path=/trunk/; revision=28449
Although this patch successfully recognizes group keys and decrypts packets
properly using the group key, there is a limitation. If an AP is using key
rotation, clicking on individual packets in a trace may not properly decrypt a
packet encrypted with a group key. This is because the current structure used
in Wireshark only supports one active unicast and one active group key. If a
new key has been seen, but you are looking at a packet encrypted with an older
key, it will not decrypt. The summary lines, however, do show the packets
properly decrypted.
I've written up a much longer and more detailed explanation in a comment in the
code, along with a proposed idea for a solution, plus a clunky work-around in
the GUI when using the current code.
I also suspect there might still be a problem with decrypting TKIP groups keys
that are sent using WPA2 authentication. In the most common operation, if you
are using WPA2, you'll also be using AES keys. It's not a common AP
configuration to use WPA2 with TKIP. In fact, most APs don't seem to support
it. Since it is an uncommon setup, I haven't put aside the time to test this
patch against such an AP. I do have access to an AP that supports this, so
when I have the time I'll test it and if needed, will submit another patch to
handle that odd-ball condition.
From me:
Remove the decrypt element of s_rijndael_ctx (which was unused, as indicated
in the comments).
Preserve the GPL licensing text in several files (which the patch shouldn't
have removed).
Remove changes that added whitespace.
Convert C++-style comments to C-style.
Update to include recent SVN changes (e.g. renaming variables named "index").
Remove extraneous printf's.
Define DEBUG_DUMP in airpdcap_debug.h.
Comment out some instances of DEBUG_DUMP.
Change malloc/free to g_malloc/g_free.
Use g_memdup instead of allocating and copying.
Use gint16 instead of INT16 in airpdcap_rijndael.c.
Add Brian to AUTHORS.
svn path=/trunk/; revision=25879
still declared by <string.h> on some platforms (at least the way we
compile, with all sorts of non-ANSI C/non-POSIX stuff added).
svn path=/trunk/; revision=25551
- Change ugly GLIB version checking statements to GLIB_CHECK_VERSION
- Remove ws_strsplit files because we no longer need to borrow GLIB2's
g_strsplit code for the no longer supported GLIB1 builds
svn path=/trunk/; revision=24829
and call AirPDcapInitContext() where we were previously calling
AirPDcapCleanKeys(). If we're resetting our keys, we should reset our
SA list and other associated data as well.
svn path=/trunk/; revision=24562
est. Use g_ascii_strcasecmp() and g_ascii_strncasecmp(), and supply our
own versions if they're missing from GLib (as is the case with GLib
1.x).
In the code to build the list of named fields for Diameter, don't use
g_strdown(); do our own g_ascii_-style upper-case to lower-case mapping
in the hash function and use g_ascii_strcasecmp() in the compare
function.
We do this because there is no guarantee that toupper(), tolower(), and
functions that use them will, for example, map between "I" and "i" in
all locales; in Turkish locales, for example, there are, in both
upper case and lower case, versions of "i" with and without a dot, and
the upper-case version of "i" is "I"-with-a-dot and the lower-case
version of "I" is "i"-without-a-dot. This causes strings that should
match not to match.
This finishes fixing bug 2010 - an earlier checkin prevented the crash
(as there are other ways to produce the same crash, e.g. a bogus
dictionary.xml file), but didn't fix the case-insensitive string matching.
svn path=/trunk/; revision=23623
process WEP keys. Allow the "wep:" prefix for WEP keys even when
HAVE_AIRPDCAP isn't defined. Add a NULL pointer check to
hex_str_to_bytes(). Fixes bug 1584.
Fixup indentation.
svn path=/trunk/; revision=22151
the WEP/WPA decryption code instead of re-calculating it. Fixes bug
1639.
Remove fcsPresent, radiotapPresent, and associated code from airpdcap.c
since they were always FALSE. Glib-ize some data types. Fixup white
space.
Update the release notes.
svn path=/trunk/; revision=22104
boundary; make it an array of 16 guint32's rather than 64 guint8's, to
ensure that, and add now-necessary casts and remove now-unnecessary
casts.
(Missed on the previous checkin.)
svn path=/trunk/; revision=21541
boundary; make it an array of 16 guint32's rather than 64 guint8's, to
ensure that, and add now-necessary casts and remove now-unnecessary
casts.
svn path=/trunk/; revision=21540
Use the "pnto" macros to fetch 16-bit quantities from a buffer - not
only do they have the right casts to avoid const warnings, they also
work even on platforms (such as SPARC) where you can't dereference
unaligned pointers without a trap.
Similarly, compare a possibly-unaligned (we make no alignment guarantees
in Wireshark) 16-bit quantity against 0 a byte at a time.
svn path=/trunk/; revision=21507
care about, and this code doesn't use GTK+, so it doesn't include any
GTK+ headers and therefore doesn't get the GTK+ version number defined.
svn path=/trunk/; revision=21506
(Temporarily disable the warnings as errors default on Unix to get
to get the buildbots and people with gcc40 going again until those
additional warnings gcc40 generates can be fixed-I'm working on it
ASAP)
Patch for configure.in which disables by default the treatment of
warnings as errors.
It can be enabled with './configure --with-warnings-as-errors'.
The macro will test first if GCC is present. If it's the case,
HAVE_WARNINGS_AS_ERRORS is defined. All the USING_GCC have been replaced
by HAVE_WARNINGS_AS_ERRORS.
With this switch, people won't suffer from unexpected warnings when
downloading svn sources during the transition time ;)
svn path=/trunk/; revision=21153
problems, and there's no guarantee that _SIZE_T is defined on all ANSI C
platforms, so you might end up with a redefinition and a compile failure.
svn path=/trunk/; revision=20931
Create two new files (ws_strsplit.[ch]) that use GTK2 code to override
the buggy g_strsplit() function when compiling for GTK1. Include this
work-around function (ws_strsplit) in libwireshark.def. Add notes on usage
to README.developer. Include epan/ws_strsplit.h in all files that use
g_strsplit().
svn path=/trunk/; revision=20804
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1289
Rename 'svnversion' to 'wireshark_svnversion' to resolve a symbol conflict with
GTK 2.10.6 (hmm, shouldn't GTK not be exporting that symbol or at least naming
it so as to prevent such collisions? Well, so should we, so...)
From Andreas Fink: change #ifdef for size_t in airdcap_interop.h to fix
compile on MacOS X.
svn path=/trunk/; revision=20726
the lack of SSID). Wildcarding combines the passphrase with the last
seen SSID and attempts decryption. The last-seen stack is only one
element tall, which means it may get clobbered on busy and diverse
networks. We can expand it if needed.
Make internal functions static in airpdcap.c. Rearrange the
AIRPDCAP_KEY_ITEM struct so that the passphrase and SSID don't get
clobbered when we set our PSK.
svn path=/trunk/; revision=20572
to GByteArrays. Add format_uri() to strutil, which formats a byte string
with percent-escapes. Fixup whitespace and indentation.
svn path=/trunk/; revision=20397
functions to strutil. Use GByteArrays to store SSIDs for decryption,
and let the user specify arbitrary byte strings using percent-encoded
strings. We should probably add percent encoding for pass phrases as
well, so you can escape the ":" character.
Move the key struct key conversion utilities to airpdcap.c, and remove
duplicate code from packet-ieee80211.c. Fix a lot of indentation.
svn path=/trunk/; revision=20388
maybe the definitions from Makefile.common should better be used - the current Makefile.nmake looks a bit strange compared to others ;-)
svn path=/trunk/; revision=20281
Here are some patches needed to build using HAVE_AIRPCAP
on MingW:
* airpcap.h needs 'WEP_KEY_MAX_SIZE' from <epan/crypt/wep-wpadefs.h>.
* airpcap_loader.h needs <epan/crypt/airpdcap_user.h> and definition of
'decryption_key_t'.
* epan/crypt/airpdcap_interop.h defines 'ntohs()' before <winsock2.h>
gets included. Thus creating a parse error later on.
svn path=/trunk/; revision=20274
#ifdef, and add a link to a -dev mailing list thread pointing out that
it may not be necessary. Fixup whitespace and comments.
svn path=/trunk/; revision=20256
are made, so that if libwireshark is shared, the crypt library is built
appropriately. (This squelches a build warning, at least in OS X, that
linking a shared library with a static library is non-portable; it
should also arrange that the crypt library is built as
position-independent code if necessary.)
DISTCLEANFILES subsumes CLEANFILES, so it doesn't need to list files
already in CLEANFILES.
svn path=/trunk/; revision=20237
distcheck failure. Move the nmake build targets for airpdcap from
epan/dissectors to epan. This will probably break the Windows build.
svn path=/trunk/; revision=20231