date:20200213

[Wireshark-bugs] [Bug 16379] Support dissecting the encrypted (phase 2) EAP packets of EAP-TEAP

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16379

--- Comment #3 from Gerrit Code Review  ---
Change 36056 merged by Anders Broman:
EAP: Add TEAP (Tunnel EAP)

https://code.wireshark.org/review/36056

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16389] HTML anchors not working in Chrome (www.wireshark.org)

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16389

Alexis La Goutte  changed:

   What|Removed |Added

 CC||alexis.lagou...@gmail.com,
   ||ger...@wireshark.org

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16391] breakage of wireshark decryption support for QUIC IETF version faceb000 in 3.2.1

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16391

Alexis La Goutte  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |NOTOURBUG
 CC||alexis.lagou...@gmail.com

--- Comment #1 from Alexis La Goutte  ---
Hi,

version faceb use a old draft(-18) and it is not longer supported on
wireshark 3.2 and master

you can look https://github.com/quicwg/base-drafts/wiki/Tools for more info

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16390] The 802.11 dissector claims that the Fixed Portion of SAE authentication frames is 6 bytes when it is not

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16390

Alexis La Goutte  changed:

   What|Removed |Added

 Status|CONFIRMED   |IN_PROGRESS
 CC||alexis.lagou...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #277 from Gerrit Code Review  ---
Change 36103 had a related patch set uploaded by Alexis La Goutte:
QUIC: ignore invalid short header packet to fix decryption

https://code.wireshark.org/review/36103

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #276 from Gerrit Code Review  ---
Change 36102 had a related patch set uploaded by Alexis La Goutte:
QUIC: recognize Connection ID between 1 and 3 bytes

https://code.wireshark.org/review/36102

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #275 from Gerrit Code Review  ---
Change 36101 had a related patch set uploaded by Alexis La Goutte:
QUIC: Need to remove Retry Integry Tag to Retry Token Length

https://code.wireshark.org/review/36101

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #273 from Gerrit Code Review  ---
Change 36099 had a related patch set uploaded by Alexis La Goutte:
QUIC: add new frame type and transport code (draft -25)

https://code.wireshark.org/review/36099

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 13881] Add (IETF) QUIC Dissector

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13881

--- Comment #274 from Gerrit Code Review  ---
Change 36100 had a related patch set uploaded by Alexis La Goutte:
QUIC: update Retry Packet and comments, rename idle_timeout (draft -25)

https://code.wireshark.org/review/36100

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16391] breakage of wireshark decryption support for QUIC IETF version faceb000 in 3.2.1

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16391

vaishnavi  changed:

   What|Removed |Added

 CC||rajasekar.13...@yahoo.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16391] New: breakage of wireshark decryption support for QUIC IETF version faceb000 in 3.2.1

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16391

Bug ID: 16391
   Summary: breakage of wireshark decryption support for QUIC IETF
version faceb000 in 3.2.1
   Product: Wireshark
   Version: 3.2.1
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dumpcap
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: vaishujeeva...@gmail.com
  Target Milestone: ---

Created attachment 17626
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17626=edit
this attachment contains a pcap with single flow of a live traffic from my
mobile

Build Information:
tested in 3.0.8 - it is working fine
tested in 3.2.1 - failed
tested in latest nightly build - failed
--
We are trying to analyze some live traffic from my mobile, using wireshark.
Seems it is QUIC IETF traffic, but for most of the flows, wireshark throws an
error- malformed packet. A single flow is attached for reference. Please let us
know if this issue can be fixed, to we could analyze the traffic.

a similar issue was raised for faceb001 bug 16378, as reference, this is
working fine now in the latest version but the previous draft version faceb000
is breaking. we wanted both the versions to be supported.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16378] need wireshark decryption support for QUIC IETF version faceb001

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16378

vaishnavi  changed:

   What|Removed |Added

   See Also||https://bugs.wireshark.org/
   ||bugzilla/show_bug.cgi?id=16
   ||391

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16390] The 802.11 dissector claims that the Fixed Portion of SAE authentication frames is 6 bytes when it is not

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16390

Richard Sharpe  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |CONFIRMED

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16390] New: The 802.11 dissector claims that the Fixed Portion of SAE authentication frames is 6 bytes when it is not

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16390

Bug ID: 16390
   Summary: The 802.11 dissector claims that the Fixed Portion of
SAE authentication frames is 6 bytes when it is not
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: Windows 10
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Common utilities (libwsutil)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: realrichardsha...@gmail.com
  Target Milestone: ---

Created attachment 17625
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17625=edit
Screen shot showing the fixed field said to be 6 bytes but is much longer.

Build Information:
Standard build on Linux (Fedora 29)
--
The Fixed Parameters in an Authentication frame when SAE or others are used
says 6 bytes despite the fact that it clearly is not 6 bytes.

See attached screen shot.

The fix is relatively easy and I should be able to upload a review soon.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16275] Support ACDR protocol

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16275

--- Comment #3 from Gerrit Code Review  ---
Change 35417 merged by Peter Wu:
Introduce AudioCodes Debug Recording (ACDR) dissector

https://code.wireshark.org/review/35417

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16387] lldp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16387

--- Comment #2 from Jason Cohen  ---
Now the same frame properly renders the ethernet trailer:

$ ./tshark -r d1.pcap -Y "frame.number eq 58" -xO lldp,f5ethtrailer
Frame 58: 476 bytes on wire (3808 bits), 476 bytes captured (3808 bits)
Ethernet II, Src: Cisco_11:90:ba (8c:60:4f:11:90:ba), Dst: LLDP_Multicast
(01:80:c2:00:00:0e)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 4094
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 8c:60:4f:11:90:ba
 001.   = TLV Type: Chassis Id (1)
 ...0  0111 = TLV Length: 7
Chassis Id Subtype: MAC address (4)
Chassis Id: Cisco_11:90:ba (8c:60:4f:11:90:ba)
Port Subtype = Locally assigned, Id: Eth2/3
 010.   = TLV Type: Port Id (2)
 ...0  0111 = TLV Length: 7
Port Id Subtype: Locally assigned (7)
Port Id: Eth2/3
Time To Live = 120 sec
 011.   = TLV Type: Time to Live (3)
 ...0  0010 = TLV Length: 2
Seconds: 120
Port Description = Ethernet2/3
 100.   = TLV Type: Port Description (4)
 ...0  1011 = TLV Length: 11
Port Description: Ethernet2/3
System Name = cisco-n5k-sr2
 101.   = TLV Type: System Name (5)
 ...0  1101 = TLV Length: 13
System Name: cisco-n5k-sr2
System Description = Cisco Nexus Operating System (NX-OS) Software
7.0(5)N1(1a)\nTAC support: http://www.cisco.com/tac\nCopyright (c) 2002-2014,
Cisco Systems, Inc. All rights reserved.
 110.   = TLV Type: System Description (6)
 ...0 1010 0010 = TLV Length: 162
System Description: Cisco Nexus Operating System (NX-OS) Software
7.0(5)N1(1a)\nTAC support: http://www.cisco.com/tac\nCopyright (c) 2002-2014,
Cisco Systems, Inc. All rights reserved.
Capabilities
 111.   = TLV Type: System Capabilities (7)
 ...0  0100 = TLV Length: 4
Capabilities: 0x0004
   ...0 = Other: Not capable
   ..0. = Repeater: Not capable
   .1.. = Bridge: Capable
   0... = WLAN access point: Not capable
  ...0  = Router: Not capable
  ..0.  = Telephone: Not capable
  .0..  = DOCSIS cable device: Not capable
  0...  = Station only: Not capable
Enabled Capabilities: 0x0004
   ...0 = Other: Not capable
   ..0. = Repeater: Not capable
   .1.. = Bridge: Capable
   0... = WLAN access point: Not capable
  ...0  = Router: Not capable
  ..0.  = Telephone: Not capable
  .0..  = DOCSIS cable device: Not capable
  0...  = Station only: Not capable
Management Address
0001 000.   = TLV Type: Management Address (8)
 ...0  1100 = TLV Length: 12
Address String Length: 5
Address Subtype: IPv4 (1)
Management Address: 10.154.18.106
Interface Subtype: ifIndex (2)
Interface Number: 83886080
OID String Length: 0
Intel Corporate - 1.01 CEE
 111.   = TLV Type: Organization Specific (127)
 ...0 0010  = TLV Length: 47
Organization Unique Code: 00:1b:21 (Intel Corporate)
DCBx Protocol: 1.01 CEE (0x02)
DCBx Control TLV
 001.   = DCBx TLV Type: DCBx Control (1)
 ...0  1010 = DCBx TLV Length: 10
Operating Version: Unknown (0x00)
Max Version: Unknown (0x00)
Sequence No: 1
Ack No: 0
Application Protocol TLV
 100.   = DCBx TLV Type: Application Protocol (4)
 ...0  1010 = DCBx TLV Length: 10
Operating Version: Unknown (0x00)
Max Version: Unknown (0x00)
1...  = Feature: Enabled
.0..  = Willing: No
..0.  = Error: Not set
Subtype: 0x00
FCoE Application
Application Protocol Id: 0x8906
 00.. 0001 1011 0010 0001 = Application OUI:
0x1b21
 ..00     = Selector Field: EtherType (0)
Application Priority: 3
Priority Groups TLV
 010.   = DCBx TLV Type: Priority Groups (2)
 ...0 0001 0001 = DCBx TLV Length: 17
Operating Version: Unknown (0x00)
Max Version: Unknown (0x00)
1...  = Feature: Enabled
.0..  = Willing: No
..0.  = Error: Not set
Subtype: 0x00
    = PGID for Prio

[Wireshark-bugs] [Bug 16387] lldp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16387

--- Comment #1 from Gerrit Code Review  ---
Change 36097 had a related patch set uploaded by Jason Cohen:
packet-lldp: Report only the consumed octets

https://code.wireshark.org/review/36097

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16389] New: HTML anchors not working in Chrome (www.wireshark.org)

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16389

Bug ID: 16389
   Summary: HTML anchors not working in Chrome (www.wireshark.org)
   Product: Web sites
   Version: N/A
  Hardware: x86
OS: Windows 7
Status: UNCONFIRMED
  Severity: Minor
  Priority: Low
 Component: Main site - www.wireshark.org
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: bubbas...@gmail.com
  Target Milestone: ---

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
The About and Download links under Get Acquainted on www.wireshark.org don't go
anywhere. Removing the index.html allows the links to work but not sure where
else this might not be supported.


   About

   Download

Old Google link describing issue. I'm running Chrome 80."something". 
Works properly in Firefox.

https://support.google.com/chrome/thread/11993079?hl=en

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16388] lacp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16388

--- Comment #2 from Jason Cohen  ---
Now the same frame properly renders the ethernet trailer:

$ .tshark -r d1.pcap -Y "frame.number eq 151" -xO slow,lacp,f5ethtrailer
Frame 151: 254 bytes on wire (2032 bits), 254 bytes captured (2032 bits)
Ethernet II, Src: Cisco_11:71:da (8c:60:4f:11:71:da), Dst: Slow-Protocols
(01:80:c2:00:00:02)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 4094
Slow Protocols
Slow Protocols subtype: LACP (0x01)
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 1
Actor System ID: Cisco_ee:be:1a (00:23:04:ee:be:1a)
Actor Key: 32798
Actor Port Priority: 32768
Actor Port: 515
Actor State: 0x3d, LACP Activity, Aggregation, Synchronization, Collecting,
Distributing
 ...1 = LACP Activity: Active
 ..0. = LACP Timeout: Long Timeout
 .1.. = Aggregation: Aggregatable
 1... = Synchronization: In Sync
...1  = Collecting: Enabled
..1.  = Distributing: Enabled
.0..  = Defaulted: No
0...  = Expired: No
[Actor State Flags: **DCSG*A]
Reserved: 00
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 3200
Partner System: F5Networ_50:0c:80 (f4:15:63:50:0c:80)
Partner Key: 2
Partner Port Priority: 10240
Partner Port: 10240
Partner State: 0x3c, Aggregation, Synchronization, Collecting, Distributing
 ...0 = LACP Activity: Passive
 ..0. = LACP Timeout: Long Timeout
 .1.. = Aggregation: Aggregatable
 1... = Synchronization: In Sync
...1  = Collecting: Enabled
..1.  = Distributing: Enabled
.0..  = Defaulted: No
0...  = Expired: No
[Partner State Flags: **DCSG**]
Reserved: 00
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 0
Reserved: 
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad:
…
F5 Ethernet Trailer Protocol
F5 Trailer Header - Version: 1
Magic: 0xf5deb0f5
Length: 126
Version: 1
Low Details
F5 Trailer Header, Provider: 1, Type: 1
Provider: 1
Type: 1
Trailer length: 31
Version: 2
Ingress: True (IN)
Slot (1-based): 1
TMM (0-based): 2
VIP name length: 19
VIP: :5.0:external_trunk
Medium Details
F5 Trailer Header, Provider: 1, Type: 2
Provider: 1
Type: 2
Trailer length: 40
Version: 4
Flow ID: 0x
Peer ID: 0x
Connflow Flags High Bits: 0x
Connflow Flags: 0x
Flow Type: 0x00
HA Unit: 0x00
Ingress Slot: 2
Ingress Port: 0
Priority: 0
High Details
F5 Trailer Header, Provider: 1, Type: 3
Provider: 1
Type: 3
Trailer length: 47
Version: 1
No peer connection information

  01 80 c2 00 00 02 8c 60 4f 11 71 da 81 00 0f fe   ...`O.q.
0010  88 09 01 01 01 14 00 01 00 23 04 ee be 1a 80 1e   .#..
0020  80 00 02 03 3d 00 00 00 02 14 0c 80 f4 15 63 50   =.cP
0030  0c 80 00 02 28 00 28 00 3c 00 00 00 03 10 00 00   (.(.<...
0040  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0050  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0070  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0080  f5 de b0 f5 00 7e 00 01 00 01 00 01 00 1f 00 02   .~..
0090  01 00 02 13 3a 35 2e 30 3a 65 78 74 65 72 6e 61   :5.0:externa
00a0  6c 5f 74 72 75 6e 6b 00 01 00 02 00 28 00 04 00   l_trunk.(...
00b0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
00c0  00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00   
00d0  01 00 03 00 2f 00 01 00 00 00 00 00 00 00 00 00   /...
00e0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
00f0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 ..

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16388] lacp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16388

--- Comment #1 from Gerrit Code Review  ---
Change 36096 had a related patch set uploaded by Jason Cohen:
packet-lacp: Report only the consumed octets

https://code.wireshark.org/review/36096

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16388] lacp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16388

Jason Cohen  changed:

   What|Removed |Added

   Assignee|bugzilla-ad...@wireshark.or |kryojen...@gmail.com
   |g   |

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16388] New: lacp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16388

Bug ID: 16388
   Summary: lacp dissector consumes all octets to the end of the
TVB and eth trailer dissector does not get called
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: macOS 10.14
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: kryojen...@gmail.com
  Target Milestone: ---

Build Information:
$ ./run/Wireshark.app/Contents/MacOS/tshark -v
TShark (Wireshark) 3.3.0 (v3.3.0rc0-542-gc867d271386d)

Copyright 1998-2020 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, with GLib 2.62.4,
with zlib 1.2.11, without SMI, with c-ares 1.15.0, without Lua, without GnuTLS,
with Gcrypt 1.8.5, with MIT Kerberos, without MaxMind DB resolver, without
nghttp2, without brotli, without LZ4, without Zstandard, without Snappy, with
libxml2 2.9.4.

Running on Mac OS X 10.14.6, build 18G3020 (Darwin 18.7.0), with Intel(R)
Core(TM) i7-7920HQ CPU @ 3.10GHz (with SSE4.2), with 16384 MB of physical
memory, with locale en_US.UTF-8, with libpcap version 1.9.1, with Gcrypt 1.8.5,
with zlib 1.2.11, binary plugins supported (0 loaded).

Built using clang 4.2.1 Compatible Apple LLVM 10.0.1 (clang-1001.0.46.4).
--
The LACP dissector will report that it consumed all octets of the TVB passed to
it.  It should stop consuming octets after the Terminator TLV and any Padding. 
Of course HP has some non-compliant data after this, but they are well defined.
 The HP data should be consumed, but generic unknown octets should not.  In the
case that diagnostic capture tools or tap append an ethernet trailer, that
trailer is consumed by the LACP dissector.

In the following frame, an f5ethtrailer starts at offset 0x0080.

$ .tshark -r d1.pcap -Y "frame.number eq 151" -xO slow,lacp,f5ethtrailer
Frame 151: 254 bytes on wire (2032 bits), 254 bytes captured (2032 bits)
Ethernet II, Src: Cisco_11:71:da (8c:60:4f:11:71:da), Dst: Slow-Protocols
(01:80:c2:00:00:02)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 4094
Slow Protocols
Slow Protocols subtype: LACP (0x01)
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 1
Actor System ID: Cisco_ee:be:1a (00:23:04:ee:be:1a)
Actor Key: 32798
Actor Port Priority: 32768
Actor Port: 515
Actor State: 0x3d, LACP Activity, Aggregation, Synchronization, Collecting,
Distributing
 ...1 = LACP Activity: Active
 ..0. = LACP Timeout: Long Timeout
 .1.. = Aggregation: Aggregatable
 1... = Synchronization: In Sync
...1  = Collecting: Enabled
..1.  = Distributing: Enabled
.0..  = Defaulted: No
0...  = Expired: No
[Actor State Flags: **DCSG*A]
Reserved: 00
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 3200
Partner System: F5Networ_50:0c:80 (f4:15:63:50:0c:80)
Partner Key: 2
Partner Port Priority: 10240
Partner Port: 10240
Partner State: 0x3c, Aggregation, Synchronization, Collecting, Distributing
 ...0 = LACP Activity: Passive
 ..0. = LACP Timeout: Long Timeout
 .1.. = Aggregation: Aggregatable
 1... = Synchronization: In Sync
...1  = Collecting: Enabled
..1.  = Distributing: Enabled
.0..  = Defaulted: No
0...  = Expired: No
[Partner State Flags: **DCSG**]
Reserved: 00
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 0
Reserved: 
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad:
…
Unknown vendor:
f5deb0f5007e000100010001001f0002010002133a352e303a65787465726e616c5f7472…

  01 80 c2 00 00 02 8c 60 4f 11 71 da 81 00 0f fe   ...`O.q.
0010  88 09 01 01 01 14 00 01 00 23 04 ee be 1a 80 1e   .#..
0020  80 00 02 03 3d 00 00 00 02 14 0c 80 f4 15 63 50   =.cP
0030  0c 80 00 02 28 00 28 00 3c 00 00 00 03 10 00 00   (.(.<...
0040  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0050  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0070  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   
0080  f5 de b0 f5 00 7e 00 01 00 01 00 01 00 1f 00 02   .~..

[Wireshark-bugs] [Bug 16387] lldp dissector consumes all octets to the end of the TVB and eth trailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16387

Jason Cohen  changed:

   What|Removed |Added

Summary|lldp dissector consumes all |lldp dissector consumes all
   |octets to the end of the|octets to the end of the
   |TVB and ethtrailer  |TVB and eth trailer
   |dissector does not get  |dissector does not get
   |called  |called

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16387] lldp dissector consumes all octets to the end of the TVB and ethtrailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16387

Jason Cohen  changed:

   What|Removed |Added

   Assignee|bugzilla-ad...@wireshark.or |kryojen...@gmail.com
   |g   |

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16387] New: lldp dissector consumes all octets to the end of the TVB and ethtrailer dissector does not get called

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16387

Bug ID: 16387
   Summary: lldp dissector consumes all octets to the end of the
TVB and ethtrailer dissector does not get called
   Product: Wireshark
   Version: Git
  Hardware: x86
OS: macOS 10.14
Status: UNCONFIRMED
  Severity: Major
  Priority: Low
 Component: Dissection engine (libwireshark)
  Assignee: bugzilla-ad...@wireshark.org
  Reporter: kryojen...@gmail.com
  Target Milestone: ---

Build Information:
$ ./run/Wireshark.app/Contents/MacOS/tshark -v
TShark (Wireshark) 3.3.0 (v3.3.0rc0-542-gc867d271386d)

Copyright 1998-2020 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, with GLib 2.62.4,
with zlib 1.2.11, without SMI, with c-ares 1.15.0, without Lua, without GnuTLS,
with Gcrypt 1.8.5, with MIT Kerberos, without MaxMind DB resolver, without
nghttp2, without brotli, without LZ4, without Zstandard, without Snappy, with
libxml2 2.9.4.

Running on Mac OS X 10.14.6, build 18G3020 (Darwin 18.7.0), with Intel(R)
Core(TM) i7-7920HQ CPU @ 3.10GHz (with SSE4.2), with 16384 MB of physical
memory, with locale en_US.UTF-8, with libpcap version 1.9.1, with Gcrypt 1.8.5,
with zlib 1.2.11, binary plugins supported (0 loaded).

Built using clang 4.2.1 Compatible Apple LLVM 10.0.1 (clang-1001.0.46.4).
--
The LLDP dissector will report that it consumed all octets of the TVB passed to
it.  It should stop consuming octets after END_OF_LLDPDU.  In the case that
diagnostic capture tools or tap append an ethernet trailer, that trailer is
consumed by the LLDP dissector.

In the following frame, an f5ethtrailer starts at offset 0x015e.  


$ ./run/Wireshark.app/Contents/MacOS/tshark -r ~/Downloads/d1.pcap -Y
"frame.number eq 58" -xO lldp,f5ethtrailer
Frame 58: 476 bytes on wire (3808 bits), 476 bytes captured (3808 bits)
Ethernet II, Src: Cisco_11:90:ba (8c:60:4f:11:90:ba), Dst: LLDP_Multicast
(01:80:c2:00:00:0e)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 4094
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 8c:60:4f:11:90:ba
 001.   = TLV Type: Chassis Id (1)
 ...0  0111 = TLV Length: 7
Chassis Id Subtype: MAC address (4)
Chassis Id: Cisco_11:90:ba (8c:60:4f:11:90:ba)
Port Subtype = Locally assigned, Id: Eth2/3
 010.   = TLV Type: Port Id (2)
 ...0  0111 = TLV Length: 7
Port Id Subtype: Locally assigned (7)
Port Id: Eth2/3
Time To Live = 120 sec
 011.   = TLV Type: Time to Live (3)
 ...0  0010 = TLV Length: 2
Seconds: 120
Port Description = Ethernet2/3
 100.   = TLV Type: Port Description (4)
 ...0  1011 = TLV Length: 11
Port Description: Ethernet2/3
System Name = cisco-n5k-sr2
 101.   = TLV Type: System Name (5)
 ...0  1101 = TLV Length: 13
System Name: cisco-n5k-sr2
System Description = Cisco Nexus Operating System (NX-OS) Software
7.0(5)N1(1a)\nTAC support: http://www.cisco.com/tac\nCopyright (c) 2002-2014,
Cisco Systems, Inc. All rights reserved.
 110.   = TLV Type: System Description (6)
 ...0 1010 0010 = TLV Length: 162
System Description: Cisco Nexus Operating System (NX-OS) Software
7.0(5)N1(1a)\nTAC support: http://www.cisco.com/tac\nCopyright (c) 2002-2014,
Cisco Systems, Inc. All rights reserved.
Capabilities
 111.   = TLV Type: System Capabilities (7)
 ...0  0100 = TLV Length: 4
Capabilities: 0x0004
   ...0 = Other: Not capable
   ..0. = Repeater: Not capable
   .1.. = Bridge: Capable
   0... = WLAN access point: Not capable
  ...0  = Router: Not capable
  ..0.  = Telephone: Not capable
  .0..  = DOCSIS cable device: Not capable
  0...  = Station only: Not capable
Enabled Capabilities: 0x0004
   ...0 = Other: Not capable
   ..0. = Repeater: Not capable
   .1.. = Bridge: Capable
   0... = WLAN access point: Not capable
  ...0  = Router: Not capable
  ..0.  = Telephone: Not capable
  .0..  = DOCSIS cable device: Not capable
  0...  = Station only: Not capable
Management Address
0001 000.

[Wireshark-bugs] [Bug 16323] Copy>Description does not work properly for all tree items.

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16323

--- Comment #3 from Stig Bjørlykke  ---
Roland, any news?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16323] Copy>Description does not work properly for all tree items.

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16323

--- Comment #2 from Haxthausen  ---
I see that there was no update on this issue and the problem remains...
Is there any chance to please fix this? Thanks!

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #8 from Gerrit Code Review  ---
Change 36094 merged by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36094

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #6 from Gerrit Code Review  ---
Change 36092 merged by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36092

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #7 from Gerrit Code Review  ---
Change 36093 merged by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36093

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #5 from Gerrit Code Review  ---
Change 36094 had a related patch set uploaded by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36094

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16368] Buildbot crash output: randpkt-2020-02-05-7402.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368

--- Comment #11 from Gerrit Code Review  ---
Change 36094 had a related patch set uploaded by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36094

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #3 from Gerrit Code Review  ---
Change 36092 had a related patch set uploaded by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36092

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #4 from Gerrit Code Review  ---
Change 36093 had a related patch set uploaded by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36093

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16368] Buildbot crash output: randpkt-2020-02-05-7402.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368

--- Comment #10 from Gerrit Code Review  ---
Change 36093 had a related patch set uploaded by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36093

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16368] Buildbot crash output: randpkt-2020-02-05-7402.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368

--- Comment #9 from Gerrit Code Review  ---
Change 36092 had a related patch set uploaded by Gerald Combs:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36092

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16383] Buildbot crash output: fuzz-2020-02-11-31730.pcap

2020-02-13 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383

--- Comment #2 from Gerrit Code Review  ---
Change 36085 merged by Anders Broman:
WiMax DLMAP: Fix a large loop.

https://code.wireshark.org/review/36085

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

37 matches

Mail list logo