With the addition of the Token field, the authenticated header could
grow larger than the previous limit and trigger an assertion failure.
Change-Id: I28a89b348492e211a544e01d9b829c0101fc8468
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Since draft -13, the Initial Packet following a Retry Packet no longer
continues the handshake, but is instead treated as a new "first Initial
Packet" which results in a new cryptographic state. See
https://tools.ietf.org/html/draft-ietf-quic-transport-13#section-4.4.1
Tested with ngtcp2-14.pcap (draft -14).
Change-Id: I534d7d77717bc08ba615e5dea936e623deb63e00
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29691
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The Retry Packet is not encrypted at all since draft -13 so instead of
complicating dissect_quic_long_header, let's create a separate routine
that also prepares for draft -14 support. No pcap available, spec link:
https://tools.ietf.org/html/draft-ietf-quic-transport-13#section-4.4.2
Change-Id: I32f03d723213b857a6140d0f1348baf51df4385e
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29687
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
QUIC draft -12 and before used the TLS Exporter to derive the protected
payload secrets. Starting with draft -13, the handshake and 1-RTT
protected payloads use keys derived during the TLS 1.3 handshake (but
with the "quic " label for HKDF-Expand-Label instead of "tls13 ").
That unfortunately means that previous CLIENT_HANDSHAKE_TRAFFIC_SECRET,
SERVER_TRAFFIC_SECRET_0, etc. are unusable. As a quick workaround,
extend the key log format with new labels similar to the old one (but
with "QUIC_" prepended to it).
To match draft -13, rename the original "handshake cipher/secret" to
"initial cipher/secret" and add a new "handshake cipher".
Potential limitation: if the client/server addresses/ports change since
the Initial Packet, then a new TLS session is created in the TLS
dissector. Attempting to retrieve secrets after the change will fail
since the Client Random is empty and the secret cannot be linked.
Another more common limitation: (Certificate) handshake messages that
span multiple CRYPTO frames are not correctly recognized.
Change-Id: I2932c3cc851fae51e8becf859db53ccc5f4beeda
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29677
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The "CB Command Type" IE is described in 3GPP TS 48.058 Section 9.3.41,
and consists of three fields. Prior to this patch, the dissector would
decode none of them and instead produce a non-applicable "channel type"
dissection.
Change-Id: Ibb97432871df1276524fe96512ac1b67d5c5d3f0
Reviewed-on: https://code.wireshark.org/review/29683
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If found in NBAP, use the RLC Mode indicated and spare guessing by the MAC-d Flow ID.
Change-Id: Ie46922d53863667db630957a771092bc5ad00912
Reviewed-on: https://code.wireshark.org/review/29686
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The old key update mechanism was never tested and was probably broken
(using "pp_state->cipher[1 - key_phase]" does not seem correct). To
prepare for the handshake cipher (draft -13), refactor it a bit and
remove the PKN parameter.
Change-Id: I481cc00e2e1d44024a709f8b4115ffe5924988e7
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29676
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Until draft -12 all payloads were the same. To prepare for draft -13
where different ciphers are used, combine them for now to make
refactoring easier.
Change-Id: I2df57ea48b8f5fda4b1d96f0fa35d64a32ccebf8
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29675
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This recognizes the Client/Server Hello message in the Initial Packets.
Full (handshake) decryption remains a task for later.
Prevent STREAM 0 from being treated as TLS while at it.
Change-Id: I27193a15be777c568b6b009141cbc59bcf3e8ad6
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29646
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
add new Transport Parameter disable_migration(9) from draft-13
Ping-Bug: 13881
Change-Id: Ie80cc16c8548264875311f4a66e43bd7bfcb883e
Reviewed-on: https://code.wireshark.org/review/29674
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add new TP preferred_address and also update comment
Ping-Bug: 13881
Change-Id: I94d015769165933ef76123a338982b3a4238fb59
Reviewed-on: https://code.wireshark.org/review/29671
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
There is a conflict with some other extensions (compressed_certificate...)
with draft-13, QUIC use 0xffa5 (65445) for Transport Parameters extensions
Ping-Bug: 13881
Change-Id: Iaeeb21dd68038fbb8865d91c89f3216bd4a97af5
Reviewed-on: https://code.wireshark.org/review/29673
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The value has to be reduced by one as the comment already describes.
Change-Id: Ib33465e0450f05779856f23800fc3bb1703cbff6
Reviewed-on: https://code.wireshark.org/review/29678
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
LCHID value of 15 indicates 'BCCH or PCCH' over
HSDSCH and hence the MAC Content shouldn't
be resolve by the ID.
Also, make separate 'c/t' and 'lchid' concepts
in the dch conversation info parsing.
Bug: 14889
Change-Id: I7a3a8556108caf60c527e4cb5241dfad4ea9a331
Reviewed-on: https://code.wireshark.org/review/29657
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This protocol was superseded by SSLv3 and has been disabled in MS
products long time ago.
Change-Id: If29bcfad394ba55c7d6605626762c29055a02ae9
Reviewed-on: https://code.wireshark.org/review/29667
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Draft -11 was more or less complete, but complicates PKN handling. Drop
it and update references to draft -13 (not the latest (-14) as we are
trying to get -12 and -13 ready before moving on).
Drop the "Short Packet Type" field and add a new field for three
reserved bits. The Third, Fourth and Google QUIC Demultiplexing bits are
not shown now for simplicity reasons.
Change-Id: Ibf4e281a54488aab14f5c9ca48ecc532e9701b12
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29668
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I27512d19264309472be61ebc4ca2db40d2f79d32
Fixes: v2.9.0rc0-1828-g5dbc202063 ("Add support for aliases to dissector tables.")
Reviewed-on: https://code.wireshark.org/review/29669
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
1, update frame fields and offset
2, shift heartbeat frame from data frame which is a special data frame
3, support rtt frame supported by aeron in java
4, revise data/pad frame length alignment to 32 bytes but not 8 bytes
5, remove frame length alignment from setup,nak,err,and rtt frame
6, fix rtt frame length
Bug: 15111
Change-Id: Ic627a9773850fa6bceacd313ddeba521487815e2
Reviewed-on: https://code.wireshark.org/review/29407
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Avoids malformed packet warnings. Actual TLS handshake/alert protocol
support will be done later.
Change-Id: I87e783ab12a10afad7c0372a0b3a900a5e37f6e1
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29642
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the PyICU module is available, use it to truncate manufacturer
names by grapheme clusters.
Change-Id: Ib7dcbb126809df496a534f44a47871a1b28dc539
Reviewed-on: https://code.wireshark.org/review/29660
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Packet coalescing requires separate state for every QUIC packet. Split
the state as each UDP datagram can contain multiple QUIC packets.
Most datagrams will have only one packet, so to avoid multiple
allocations, just embed the first packet into the datagram info and use
a linked list for simplicity.
Change-Id: Ib921e68a7312c6eccb5601b8951ff64cc9ea49cd
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29647
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.
Fix the test_tls_master_secret test while we're here.
Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Recognize the Token field in the Initial Packet. Accept Initial Packet
from server and adjust connection tracking logic to take this into
account.
Tested with ngtcp2-13.pcap, now the Initial packets can be decrypted
(even if the containing frames are not correctly handled).
Change-Id: I5937fb85172a2f93d1b4a4ed7667474ec04f95fc
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29641
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Prepare for draft -13 support. A comment references draft -14 since the
draft -13 text is wrong (it lacks the context argument).
Change-Id: I3f2c59d2640693959372ebe0de3b58f67b5588b9
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/29640
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Packet number encryption (draft -12 + PR 1389) is implemented. The
payload protection has been updated to use the decrypted PKN as well.
Caveats: since the packet number is initially unavailable, the previous
approach on detecting legitimate key updates no longer works. This
change breaks Key Update support which needs to be revisited later. Due
to how PKN lengths and decrypted results are stored (one per datagram),
packet coalesing is also not fully supported.
Bug: 13881
Change-Id: I13c63578cec7f7f74a404b1a7a8fc85026a14252
Reviewed-on: https://code.wireshark.org/review/29637
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a check to set_pref for aliased protocols alongside the checks for
protocols we've renamed in the past.
Change-Id: I62ad2ddb17d66bd7385635bfa6ca1dd58fad6ad5
Reviewed-on: https://code.wireshark.org/review/29651
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Some of the bits were parsed as a bit of a WORD, and others as
a bit of BYTE leading to a bug in the display.
Bug: 15133
Change-Id: Ie6877c4a4a79fcc802afec49436370cf22a6bfae
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Reviewed-on: https://code.wireshark.org/review/29633
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Column appended never happen on IPv4/IPv6 since latest refactor
Change-Id: Icc85cfa8136386a440b226959f9df4a980a2658e
Reviewed-on: https://code.wireshark.org/review/29644
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It looks like "skip" hasn't been required since 2011.
Change-Id: Idaf53943519fa76e362aaecc6999f9971a359348
Reviewed-on: https://code.wireshark.org/review/29643
Reviewed-by: Anders Broman <a.broman58@gmail.com>
'ospf.mpls.pri' exists multiple times with NOT compatible types: FT_FLOAT and FT_UINT8
Change-Id: Iea0b662d0a9ff4a7ea7363ef4ef049d11d5a5dca
Reviewed-on: https://code.wireshark.org/review/29608
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>