Pascal Quantin [Thu, 28 Jun 2018 18:37:20 +0000 (11:37 -0700)]
NGAP: dissect PLMNIdentity IE
Change-Id: I47b16ec0ceb71662b8030c00cff7c58e09f75606
Reviewed-on: https://code.wireshark.org/review/28515
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Darien Spencer <cusneud@mail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Thu, 28 Jun 2018 18:27:33 +0000 (11:27 -0700)]
NGAP: display TAC and EPS TAC as DEC_HEX
Change-Id: I10d1f5b89551be177f6883c2f66334d2fb36ef06
Reviewed-on: https://code.wireshark.org/review/28514
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Thu, 28 Jun 2018 18:25:30 +0000 (11:25 -0700)]
X2AP: display 5GS TAC as DEC_HEX
Change-Id: Ic8d0baf39851a8f0ae260f55ffab1bec218ed79a
Reviewed-on: https://code.wireshark.org/review/28513
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Thu, 28 Jun 2018 18:23:37 +0000 (11:23 -0700)]
S1AP: display 5GS TAC as DEC_HEX
Change-Id: Ib5950cbd587809424c1e3fc3ae8cd2dc7e504348
Reviewed-on: https://code.wireshark.org/review/28512
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Thu, 28 Jun 2018 17:23:21 +0000 (19:23 +0200)]
nas5gs: Dissection updates
- Change the defines a bit.
- Update the way the header is handled.
Change-Id: I47fafcbec526ed4147b9202168e349f9b68bed6d
Reviewed-on: https://code.wireshark.org/review/28511
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Wed, 27 Jun 2018 17:21:58 +0000 (10:21 -0700)]
IEEE 802.11: Disable FCS validation by default.
Disable FCS/checksum validation by default to match Ethernet, IPv4,
IPv6, TCP, UDP, SCTP, etc.
Change-Id: I289b6a05e73da2b020ee65b3298cb054a29c6d42
Reviewed-on: https://code.wireshark.org/review/28485
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Thu, 28 Jun 2018 14:30:29 +0000 (07:30 -0700)]
DICOM: use pinfo pool memory for strings used in columns
Packet scope lifetime is too short for it.
Bug: 14923
Change-Id: I4bd5ef8c7382d5d3d98598b797732ba3d88e44fd
Reviewed-on: https://code.wireshark.org/review/28505
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Adam Goldman [Fri, 29 Jul 2016 19:10:41 +0000 (15:10 -0400)]
opa: Add support for TID RDMA protocol
Change-Id: I04a4333e64a8fc9efc96bd351c55b293986629e2
Signed-off-by: Goldman, Adam <adam.goldman@intel.com>
Reviewed-on: https://code.wireshark.org/review/28504
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris [Thu, 28 Jun 2018 07:31:31 +0000 (00:31 -0700)]
Make white space consistent.
Change-Id: I19053ecc53b7f0d2b4dfb0462f381f7d28bb578a
Reviewed-on: https://code.wireshark.org/review/28502
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Ismael Mendez Matamoros [Mon, 25 Jun 2018 11:44:55 +0000 (13:44 +0200)]
rtps: Fixed multichannel locator fields order
Change-Id: Ib84b659022f9dfb64f5869410c85c64193a3c3f8
Reviewed-on: https://code.wireshark.org/review/28425
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Fri, 1 Jun 2018 13:11:47 +0000 (15:11 +0200)]
tcp: add support for reassembling out-of-order segments
Currently out-of-order segments will result in cutting a stream into
two pieces while the out-of-order segment itself is ignored. For
example, a stream of segments "ABDCE" is interpreted as "AB", "DE" with
"C" ignored. This behavior breaks TLS decryption or prevent application
layer PDUs (such as HTTP requests/responses) from being reconstructed.
To fix this, buffer segments when a gap is detected.
The proposed approach extends the "multi-segment PDU" (MSP) mechanism
which is normally used for linking multiple, sequential TCP segments
into a single PDU. When a gap is detected between segments, it is
assumed that the segments within this gap are out-of-order and will be
received (or retransmitted) later.
The current implementation has a limitation though, if multiple gaps
exist, then the subdissector will only be called when all gaps are
filled (the subdissector will receive segments later than necessary).
For example with "ACEBD", "ABC" can already be processed after "B" is
received (with "E" still buffered), but due to how MSP are extended, it
must receive "D" too before it reassembles "ABCDE". In practice this
could mean that the request/response times between HTTP requests and
responses are slightly off, but at least the stream is correct now.
(These limitations are documented in the User's Guide.)
As the feature fails at least the 802.11 decryption test where packets
are missing (instead of OoO), hide this feature behind a preference.
Tested with captures containing out-of-order TCP segments from the
linked bug reports, comparing the effect of toggling the preference on
the summary output of tshark, the verbose output (-V) and the two-pass
output (-2 or -2V). Captures marked with "ok" just needed "simple"
out-of-order handling. Captures marked with "ok2" additionally required
the reassembly API change to set the correct reassembled length.
This change does "regress" on bug 10289 though when the preference is
enabled as retransmitted single-segment PDUs are now passed to
subdissectors. I added a TODO comment for this unrelated cosmetic issue.
Bug: 3389 # capture 2907 (HTTP) ok
Bug: 4727 # capture 4590 (HTTP) ok
Bug: 9461 # capture 12130 (TLS/HTTP/RPC-over-HTTP +key 12131) ok
Bug: 12006 # capture 14236 (HTTP) ok2; capture 15261 (HTTP) ok
Bug: 13517 # capture 15370 (HTTP) ok; capture 16059 (MQ) ok
Bug: 13754 # capture 15593 (MySQL) ok2
Bug: 14649 # capture 16305 (WebSocket) ok
Change-Id: If3938c5c1c96db8f7f50e39ea779f623ce657d56
Reviewed-on: https://code.wireshark.org/review/27943
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Wed, 27 Jun 2018 23:14:18 +0000 (16:14 -0700)]
docbook: add info about using symbolic links for git hooks.
Change-Id: I4b448c1a12946479638d04819570f5a0dd1227dd
Reviewed-on: https://code.wireshark.org/review/28497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris [Thu, 28 Jun 2018 03:39:15 +0000 (20:39 -0700)]
Add macros to initialize nstime_t values and use them.
This allows code to initialize them without having to know the details
of the structure; the initializes should, and will, be changed if the
members of the structure are changed.
Change-Id: I93e6ebfcde9ceca17df696fcba4e8410c5afb175
Reviewed-on: https://code.wireshark.org/review/28501
Reviewed-by: Guy Harris <guy@alum.mit.edu>
jmartin-usna [Wed, 27 Jun 2018 07:51:05 +0000 (00:51 -0700)]
packet-mdp.c: New dissector for Cisco Meraki Discovery Protocol
Bug: 14912
Change-Id: I2f99931abde331d087a994a22c74cf8d4dd8d53a
Reviewed-on: https://code.wireshark.org/review/28478
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
jmartin-usna [Tue, 26 Jun 2018 21:21:45 +0000 (14:21 -0700)]
packet-updp.c: New dissector for Ubiquiti Discovery Protocol
Bug: 14911
Change-Id: Ie567a85e869707269ea66d4cd73577f926b16232
Reviewed-on: https://code.wireshark.org/review/28467
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Thu, 28 Jun 2018 00:33:15 +0000 (17:33 -0700)]
NAS EPS: add subtrees for extended emergency numbers and ciphered data sets
Change-Id: I8c1fcf960ad058f25b24b796fecf1ff08eb78f7a
Reviewed-on: https://code.wireshark.org/review/28499
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Jiri Novak [Sun, 24 Jun 2018 22:19:29 +0000 (00:19 +0200)]
RTP: If multiple codecs are used in RTP stream flow, all are shown in codecs column
Change-Id: Ica8b3bc2b6b59790805764ec88c6f4e3f8689a85
Reviewed-on: https://code.wireshark.org/review/28435
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Dario Lombardo [Wed, 27 Jun 2018 23:21:34 +0000 (16:21 -0700)]
macosx-setup: fix indentation.
Change-Id: Ifece9846cb6e94d2cdb1f29fc28db2700f269495
Reviewed-on: https://code.wireshark.org/review/28498
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dylan Ulis [Wed, 27 Jun 2018 22:56:17 +0000 (18:56 -0400)]
CIP: Improve Class 2/3 connection handling
1. Add new dissector table that allows for registration of CIP Class 2/3 Data
against CIP Class that was used in the Forward Open. This is similar to the
Class 0/1 I/O dissector table. The new logic is this:
a. If there is connection info and a table entry: Call the registered dissector
handle (cip_connection_message_router.pcap).
b. If there is connection info and no table entry, use the CIP implicit
dissector (cip_connection_implicit.pcap)
c. If there is no connection info: Assume Message Router (Class 0x2)
format (cip_no_connection_message_router.pcap)
2. Remove old dissector table for "enip.sud.iface". The specification states that
the Interface Handle "shall be zero" for SendUnitData, so there isn't a need
to have custom handling for different Interface Handle values. SendRRData
does not have the same restriction, so that dissector table (enip.srrd.iface)
will stay.
3. Pull out Class 2/3 data processing into separate function: dissect_cip_class23_data()
4. Remove extra unnecessary tree layer in implicit data dissector.
Bug: 14916
Change-Id: Id53a2031a6064551b3915d8954527a7b3261d222
Reviewed-on: https://code.wireshark.org/review/28496
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Wed, 27 Jun 2018 21:10:27 +0000 (14:10 -0700)]
Sort our column descriptions.
Convert our column descriptions to a value_string and sort it by
description. This ensures that they are properly sorted in the UI.
Change-Id: I7d699a1c45906b9c42e443fcdcdcb4d8d49deb77
Reviewed-on: https://code.wireshark.org/review/28492
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Graham Bloice [Wed, 27 Jun 2018 18:28:49 +0000 (19:28 +0100)]
packet export: Add default file extension
Adds a default file extension when exporting packet dissection
in various formats:
text -> txt
postscript -> ps
csv -> csv
pdml -> pdml
psml -> psml
c arrays -> c
json -> json
Change-Id: Ie5d942a3c694abd8edf9df184f6e219d4b870a1b
Reviewed-on: https://code.wireshark.org/review/28490
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Gerald Combs [Wed, 27 Jun 2018 18:36:15 +0000 (11:36 -0700)]
Remove IPX from our default filters.
Remove IPX items from the default capture, color, and display filter
files. Suggested by Laura Chappell at SharkFest 2018.
Change-Id: I5e14caaa69efc638a5da7c795bf8a9e5e890b3fd
Reviewed-on: https://code.wireshark.org/review/28489
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Wed, 27 Jun 2018 17:42:12 +0000 (19:42 +0200)]
NAS5GS: Dissect 5GS network feature support IE-
Change-Id: Iee5f2f71229c6ea9a66707cd4f13f79a244ffdb2
Reviewed-on: https://code.wireshark.org/review/28486
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Wed, 27 Jun 2018 17:07:28 +0000 (17:07 +0000)]
Revert "docbook: remove equivalent case."
We still need the "length == 2" behavior.
This reverts commit
622b17a475a81aa3af5cc743b831d01233b99c31.
Change-Id: Id3b7ed9231f3fefeeac5fb910b792139c4844ec8
Reviewed-on: https://code.wireshark.org/review/28484
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Dario Lombardo [Sat, 23 Jun 2018 12:03:49 +0000 (14:03 +0200)]
docbook: reduce ruby code duplication by introducing utils module.
Change-Id: I7e436db3cb86f5ebd0f5827c6da630303bc3f538
Reviewed-on: https://code.wireshark.org/review/28400
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Mon, 25 Jun 2018 05:08:24 +0000 (07:08 +0200)]
docbook: remove equivalent case.
The output for this case is achieved by the following one.
Change-Id: I585aba39ebb67d65a8f5159217ea8a85ad13e49c
Reviewed-on: https://code.wireshark.org/review/28421
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Sat, 23 Jun 2018 10:54:01 +0000 (12:54 +0200)]
docbook: rewrite some ruby code according to RuboCop suggestions.
Change-Id: I2d1ea982c1622dbc29f927ee168b552b46e39faa
Reviewed-on: https://code.wireshark.org/review/28399
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Wed, 27 Jun 2018 16:43:49 +0000 (09:43 -0700)]
Release note updates.
Change-Id: Idbcea0e67e53665ea7b9e5e10962af3e4fd34eda
Reviewed-on: https://code.wireshark.org/review/28483
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Peter Wu [Tue, 26 Jun 2018 22:52:11 +0000 (15:52 -0700)]
prefs: fix crash when importing old filter expression preference
When the filter label was missing, it would result in a crash
(use-after-free) while reading the next expression. For example:
gui.filter_expressions.label: Not-Junk
gui.filter_expressions.expr: tcp.flags.reset==1
# note: missing label preference
gui.filter_expressions.expr: dns
While at it, do not duplicate the filter expression,
"filter_expression_new" has always been copying it.
Change-Id: I980fd720c9a04b679a71dd2e7e8bf5e53c72ac43
Fixes: 1a046d693b ("Added Filter Toolbar Save functionality.")
Bug: 11648
Reviewed-on: https://code.wireshark.org/review/28471
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Mon, 25 Jun 2018 17:47:56 +0000 (19:47 +0200)]
git hooks: prevent first commit message line to exceed 80 chars.
Change-Id: Ic3b2d93e7da7cdf671f97977b4d0501ba4b84122
Reviewed-on: https://code.wireshark.org/review/28431
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Tue, 26 Jun 2018 23:09:41 +0000 (16:09 -0700)]
editcap: move -I and -a options description to packet manipulation section
Change-Id: I090c214eeb636ec8f769ee133e2f12825802335e
Reviewed-on: https://code.wireshark.org/review/28472
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Wu [Tue, 26 Jun 2018 23:12:37 +0000 (16:12 -0700)]
TRANSUM: fix crash when switching profiles
"output_rrpd" is NULL when the TRANSUM dissector is disabled (which is
the default behavior). When switching to a profile where the dissector
is enabled, redissection happens, but without invoking the init routine.
This leads to a crash when dissect_transum tries to query "output_rrpd".
Fix this by creating the map unconditionally. Use wmem_map_new_autoreset
since its contents should be erased for new capture files.
Bug: 13697
Change-Id: Iea897da8faf8042dffdc74327d9d1221e5fb155f
Fixes: v2.3.0rc0-1887-g78d56e5dd7 ("Cleanup transum post-dissector.")
Reviewed-on: https://code.wireshark.org/review/28474
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Wed, 27 Jun 2018 00:54:01 +0000 (17:54 -0700)]
Ethernet: Disable FCS validation by default.
Ethernet checksum offloading seems to be common nowadays, similar to
IPv4, IPv6, TCP, and UDP. Disable FCS validation by default. Suggested
by Laura Chappell at SharkFest US '18.
Change-Id: Icf0e262c65ad328a58da9bd78f3aefbefa2f9394
Reviewed-on: https://code.wireshark.org/review/28477
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Graham Bloice [Tue, 26 Jun 2018 23:37:13 +0000 (00:37 +0100)]
Add Windows 10 Release ID to About info
Adds the Windows 10 (and Server 2016) Release ID to the info in the
About Wireshark blurb.
The ID displayed in parentheses, e.g.
Running on 64-bit Windows 10 (1803), build 17134
Change-Id: I1bbce27e149dbf6da6da7847ad1f7dd861176ece
Reviewed-on: https://code.wireshark.org/review/28475
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Vadim Fedorenko [Mon, 25 Jun 2018 22:34:29 +0000 (01:34 +0300)]
BGP-MP NLRI can have Path ID for IPv4 Unicast/Multicast and Labeled Unicast
Change-Id: Ieb46c9d5dbafbf33bfd1ddda0b0397509fdada4f
Reviewed-on: https://code.wireshark.org/review/28436
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Wu [Tue, 26 Jun 2018 22:15:44 +0000 (15:15 -0700)]
Exported PDU: adjust protocol and tag tree lengths
Change the exported_pdu size from two to the full size of the tag
(including type and length fields) and limit the protocol length to just
the tags (without the PDU data).
Change-Id: I1c20740627ebd74c117bb1735ff4c189d2d750d6
Reviewed-on: https://code.wireshark.org/review/28470
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Roland Knall [Tue, 26 Jun 2018 21:55:27 +0000 (14:55 -0700)]
epan: Fix session null-pointer check
Fix rare null-pointer when switching profiles
Change-Id: I2a57ef22b4567f936f3a87e133db6132864a83ac
Reviewed-on: https://code.wireshark.org/review/28468
Reviewed-by: Roland Knall <rknall@gmail.com>
Gerald Combs [Fri, 15 Jun 2018 17:52:53 +0000 (10:52 -0700)]
Remove code specific to older versions of Visual Studio.
Remove -DBUILD_WINDOWS and sections of code that we no longer use.
Bug: 14715
Change-Id: Iae1a950e2f52f4ce45fcf0ae5dea06c1172c3a28
Reviewed-on: https://code.wireshark.org/review/28466
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Tue, 26 Jun 2018 22:00:54 +0000 (15:00 -0700)]
WSDG: Fix a couple of links.
Change-Id: I6f96ac45cd3cd4f992c11dea0f0aff6df2a2bff8
Reviewed-on: https://code.wireshark.org/review/28469
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Tue, 26 Jun 2018 20:34:55 +0000 (13:34 -0700)]
GTK+: Remove the last original bit of GTK+ code.
Change-Id: If1eedf278336494d6989515aa573ae1682851d44
Reviewed-on: https://code.wireshark.org/review/28464
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
jmartin-usna [Mon, 25 Jun 2018 23:54:25 +0000 (16:54 -0700)]
print.c: Handles special chars when using -T fields
Tshark poorly handles printing when using -T options where a field
contains newline, carriage return, or other special characters such as tab.
Bug: 14907
Change-Id: I94a797bb98b94aac254bcd2e6911b37192e9c91f
Reviewed-on: https://code.wireshark.org/review/28442
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Gerald Combs [Tue, 26 Jun 2018 00:38:19 +0000 (17:38 -0700)]
Windows: Fetch our version using RtlGetVersion.
GetVersionEx is deprecated. Use RtlGetVersion instead. Remove
get_windows_major_version since it's no longer needed.
Change-Id: I02f6458608c2328a96a0ac71c6b1f9187babd049
Reviewed-on: https://code.wireshark.org/review/28443
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Roland Knall [Tue, 26 Jun 2018 17:57:50 +0000 (10:57 -0700)]
Qt: Fix crash when starting to drag on the wrong position
When dragging on the wrong position in the toolbar, wireshark
crashes
Change-Id: I756e9caebc844d32e99e9fd3e338a872986b9e96
Reviewed-on: https://code.wireshark.org/review/28458
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Gerald Combs [Tue, 26 Jun 2018 17:39:24 +0000 (10:39 -0700)]
CMake: Make the pdb_zip_package target passive.
Remove the pdb_zip_package target's dependency on epan, otherwise we
might end up triggering a build which creates a mismatch.
Change-Id: I1e077e5f119273ee80a89c30f54e29fdb242e082
Reviewed-on: https://code.wireshark.org/review/28457
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Tue, 26 Jun 2018 16:24:57 +0000 (09:24 -0700)]
RRC: upgrade dissector to v15.3.0
Change-Id: I4fb62d5d3210f767e2db75da4a8185c249b4b4ec
Reviewed-on: https://code.wireshark.org/review/28456
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Martin Mathieson [Mon, 25 Jun 2018 15:30:40 +0000 (16:30 +0100)]
PER: Also report if open type length is less than dissected length.
Change-Id: I3111038e0dbdfacdfdf7c01614f631b4b64cdee5
Reviewed-on: https://code.wireshark.org/review/28428
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
David Aggeler [Sun, 6 May 2018 15:33:51 +0000 (17:33 +0200)]
packet-dcm.c: heuristic dissection rework
- Fixed initial COL_INFO for associations. It used to 'append' instead of 'set'.
- Changed initial length check from tvb_reported_length() to tvb_captured_length()
- Heuristic Dissection:
o Modified registration, so it can be clearly identified in the Enable/Disable Protocols dialog
o Enabled by default
o Return proper data type
Tested heuristic vs. static on many DICOM captures
Change-Id: I0aa42b91e4f55a6d9fc834657710a6a92c8dadef
Reviewed-on: https://code.wireshark.org/review/27518
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Tue, 26 Jun 2018 14:09:58 +0000 (07:09 -0700)]
Q931: do not tap packet if no packet info is present
Follow-up of gd08a53a7b9
Change-Id: Ice15c7cf97c2d84e80e39944012c54947517232f
Reviewed-on: https://code.wireshark.org/review/28452
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Tomáš Kukosa <tomas.kukosa@ixperta.com>
Tested-by: Petri Dish Buildbot
Tigran Mkrtchyan [Tue, 26 Jun 2018 09:07:00 +0000 (11:07 +0200)]
nfs: fix displaying of operation CLONE
due to missing mapping from operation number to a string representation
wireshark displays '71' instead of 'CLONE'
Change-Id: Ic5da0a110d5475b2467d6110ea2896332f93288c
Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
Reviewed-on: https://code.wireshark.org/review/28447
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Gerald Combs [Mon, 25 Jun 2018 22:39:30 +0000 (15:39 -0700)]
Fix shellcheck issues in debian-setup.sh.
Change-Id: I54956ea4de5e07f1d2a705f9b77624d6c25511a6
Reviewed-on: https://code.wireshark.org/review/28438
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Joerg Mayer [Tue, 26 Jun 2018 03:58:48 +0000 (05:58 +0200)]
Shorten the text of System Name and System Description in the info column
Change-Id: I77056fe7baadc6cec0662d513d2e18c9e80d2726
Reviewed-on: https://code.wireshark.org/review/28446
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
jmartin-usna [Tue, 26 Jun 2018 02:50:39 +0000 (19:50 -0700)]
packet-ieee802211.c: Corrects A-MSDU addr_resolve dissection
As, fields are hidden items the discrepencies go unnoticed in the Wireshark
tree, however when printin in tshark the displayed fields are inccorect as the
wrong tvb is passed during dissection.
Bug: 14908
Change-Id: If06618b67040b631f153d3e2609583fecc56b5b2
Reviewed-on: https://code.wireshark.org/review/28445
Reviewed-by: Jeremy Martin <boardermartin@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Guy Harris [Tue, 26 Jun 2018 02:23:22 +0000 (19:23 -0700)]
Disable coloring rules with invalid packet-testing expressions.
If the packet-testing expression for a coloring rule is set to an
invalid expression, disable the filter; this should provide at least
*some* indication to the user that it's not valid, although we should
really pop up a dialog or something - the little small-type notice below
the list of filters is *really* not all that obvious.
Ping-Bug: 14906
Change-Id: I3c036c3509520913db0a64c30bc1c57c0c7667bc
Reviewed-on: https://code.wireshark.org/review/28444
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Mon, 25 Jun 2018 23:01:51 +0000 (16:01 -0700)]
Try to fix the macOS builder.
Change-Id: I04cd70f43d86c6c8d59c7b5c843357f56490ef00
Reviewed-on: https://code.wireshark.org/review/28441
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Roland Knall [Mon, 25 Jun 2018 22:58:47 +0000 (15:58 -0700)]
Qt: Fix Filterexpression Toolbar
Fix the prepare possibility of applying a display filter button
Change-Id: I85364b40272139f0d0c69a2735a876a3a5f5db7a
Reviewed-on: https://code.wireshark.org/review/28440
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Pascal Quantin [Mon, 25 Jun 2018 22:53:32 +0000 (15:53 -0700)]
F1AP: dissect more OCTET STRING from X2AP ASN.1 description
Change-Id: If438ebe1053ed5f64763f079c17e293589944dde
Reviewed-on: https://code.wireshark.org/review/28439
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Mon, 25 Jun 2018 22:34:41 +0000 (15:34 -0700)]
X2AP: upgrade dissector to v15.2.0
Change-Id: Ic85c1124456b841fefe54c92166add81599e4d85
Reviewed-on: https://code.wireshark.org/review/28437
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Roland Knall [Mon, 25 Jun 2018 18:01:37 +0000 (11:01 -0700)]
Qt: Move FilterToolBar to a separate class
Remove all filter toolbar related stuff into a separate class
and away from MainWindow
Change-Id: I36d937be6c2686b16a8d494213dc740d8d28efcb
Reviewed-on: https://code.wireshark.org/review/28432
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Dario Lombardo [Mon, 25 Jun 2018 17:21:13 +0000 (19:21 +0200)]
drb/rbm: fix indentation issues.
Change-Id: I88833aa443534b54af7890afa257fd9a0f12ca9e
Reviewed-on: https://code.wireshark.org/review/28430
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Martin Mathieson [Mon, 25 Jun 2018 16:08:43 +0000 (17:08 +0100)]
DT2000: Call RRC dissector from newer primitives.
Change-Id: I7293771e96b029e2710a98e955bc40a16df2627a
Reviewed-on: https://code.wireshark.org/review/28429
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Sat, 23 Jun 2018 10:28:04 +0000 (12:28 +0200)]
docbook: replace ASCIIDOCTOR_EXECUTABLE with ASCIIDOCTOR_PDF_EXECUTABLE.
This fixes the guides compilation error:
ninja: error: '../docbook/developer-guide.pdf', needed by 'docbook/CMakeFiles/developer_guide_pdf', missing and no known rule to make it
Change-Id: I58c45da34e60b950f5560716372377962a84e42e
Reviewed-on: https://code.wireshark.org/review/28393
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Lars Christensen [Sun, 24 Jun 2018 11:08:12 +0000 (11:08 +0000)]
USB: Fall back to transfer type from descriptor
When dissecting USBIP packets, the transfer type is not known for every
packet like when dissecting usbmon captures. This patch lifs the
transfer type for the endpoint in the device descriptor and stores it in
the conversation. If the per-packet transfer type is unknown for a
transfer, it tries the one from the descriptor instead. This enables
bulk/iso payload dissectors to work on USBIP packets too.
Change-Id: If0a3e4f3b9598f586fa460d0d07032d22e203122
Reviewed-on: https://code.wireshark.org/review/28412
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 15 Jun 2018 11:20:48 +0000 (11:20 +0000)]
.mailmap: update of June (2018)
Change-Id: I5dbebce0dd27c6f6867db61e6b0b0aa6b0d3e36f
Reviewed-on: https://code.wireshark.org/review/28285
Reviewed-by: Disha <ddaniel@empirix.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Jiri Novak [Thu, 21 Jun 2018 13:16:03 +0000 (15:16 +0200)]
RTP: Common functions for allocation/deallocation of rtpstream_info_t
Change-Id: I9a0a11d238473a7c57d85547dca0713ed421a500
Reviewed-on: https://code.wireshark.org/review/28417
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ivan Nardi [Sun, 24 Jun 2018 13:29:25 +0000 (15:29 +0200)]
gtpv2: extend msgs supported in request/reply matching algorithm
Change-Id: Iff01f427738faccbf02401760b608dfdd4729f25
Reviewed-on: https://code.wireshark.org/review/28413
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ivan Nardi [Sun, 24 Jun 2018 13:55:12 +0000 (15:55 +0200)]
gtpv2: all teid header fields should have the same type (like in gtp)
Change-Id: Ia793d66c00ee8fdfe2d51da5b569658fd5966e8e
Reviewed-on: https://code.wireshark.org/review/28414
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Lars Christensen [Sun, 24 Jun 2018 11:00:33 +0000 (11:00 +0000)]
USB: Dissect URB transfer flags
Change-Id: I52cbafe519bbdb46961748a84db4f2db0bbe3c2d
Reviewed-on: https://code.wireshark.org/review/28411
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Joerg Mayer [Fri, 22 Jun 2018 21:56:07 +0000 (23:56 +0200)]
Add support for Cisco ACI
Experiment with a generic way of adding values to the parent tree
Change-Id: I50dc44da3cafac79a0ac100121c83f8d0ff28457
Reviewed-on: https://code.wireshark.org/review/28395
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Gerald Combs [Sun, 24 Jun 2018 08:15:47 +0000 (08:15 +0000)]
[Automatic update for 2018-06-24]
Update manuf, services enterprise numbers, translations, and other items.
Change-Id: I72dd2309fb948662e58b0c5373aa1abd27f3b146
Reviewed-on: https://code.wireshark.org/review/28406
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Sun, 24 Jun 2018 03:58:21 +0000 (05:58 +0200)]
F1AP: upgrade dissector to v15.2.0
Change-Id: Ic2aaf834f702a8d754909d3eff376b71df721093
Reviewed-on: https://code.wireshark.org/review/28405
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Guy Harris [Sat, 23 Jun 2018 23:09:51 +0000 (16:09 -0700)]
Don't pass an un-initialized dummy structure to dissect_cip_io_generic().
If we know the information that belongs there, we should fill it in.
Otherwise, we should just pass a null pointer, meaning "we don't know
what this information is", and we should check for the null pointer and
not check the information in question.
Bug: 14894
Change-Id: I4f5249855330db65242d8b6eb6b5bda3af3a1925
Reviewed-on: https://code.wireshark.org/review/28404
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Jiri Novak [Thu, 21 Jun 2018 12:24:17 +0000 (14:24 +0200)]
RTP: code cleanup 3
*rtp_stream* -> rtpstream to follow common name
Change-Id: I381bc1cdb8206c5cfe67e94dd7fb1a5cb25f9c16
Reviewed-on: https://code.wireshark.org/review/28394
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 22 Jun 2018 11:48:58 +0000 (11:48 +0000)]
enip: fix no previous prototype for ‘dissect_item_sequenced_address/dissect_item_connected_address’ [-Wmissing-prototypes]
Change-Id: Ie0b46e49122197a51a916cc70324c1d80936cac9
Reviewed-on: https://code.wireshark.org/review/28384
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Pascal Quantin [Fri, 22 Jun 2018 18:02:58 +0000 (20:02 +0200)]
NR RRC: register dissectors for UE-NR-Capability and UE-MRDC-Capability IEs
Change-Id: I99864ac7aae5e868d8827eb2ac851b22f7c516a6
Reviewed-on: https://code.wireshark.org/review/28392
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Dario Lombardo [Fri, 22 Jun 2018 17:28:31 +0000 (19:28 +0200)]
NAS EPS: fix wrong operator.
Change-Id: I50f9c1762338f081ff75b2981e8f49010948580c
Reviewed-on: https://code.wireshark.org/review/28391
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Alexis La Goutte [Fri, 22 Jun 2018 11:50:40 +0000 (11:50 +0000)]
drb: fix no previous prototype for ‘proto_register_drb/proto_reg_handoff_drb’ [-Wmissing-prototypes]
Change-Id: Ib42c8cc9fa04bace49905c7f6cbc49b673376bdf
Reviewed-on: https://code.wireshark.org/review/28385
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Pascal Quantin [Fri, 22 Jun 2018 14:54:01 +0000 (16:54 +0200)]
NAS EPS: upgrade dissector to v15.3.0
Change-Id: I85c3defb81eb65622e0bd124fc4aef4bdbc89822
Reviewed-on: https://code.wireshark.org/review/28390
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 22 Jun 2018 12:08:13 +0000 (14:08 +0200)]
NGAP: add dissection of DataCodingScheme and WarningMessageContents IEs
Change-Id: I68346ef9988f5fe2dfe0961debf1c359269e7d32
Reviewed-on: https://code.wireshark.org/review/28387
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 22 Jun 2018 12:01:25 +0000 (14:01 +0200)]
S1AP: fix a copy/paste error in a field name
Change-Id: I3c602deaaeffa6738f325df5e4abda7b8214f560
Reviewed-on: https://code.wireshark.org/review/28386
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Joerg Mayer [Fri, 22 Jun 2018 09:33:22 +0000 (11:33 +0200)]
Try to make sure we don't overrun sub-tlvs
Change-Id: Idde2861ecdd1edc8f84488361695dc8d5b38d51d
Reviewed-on: https://code.wireshark.org/review/28383
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Pascal Quantin [Fri, 22 Jun 2018 08:44:45 +0000 (10:44 +0200)]
S1AP: update version info in header
Change-Id: I8bd5021786006e08391d885137e7aa5778c9118f
Reviewed-on: https://code.wireshark.org/review/28382
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 22 Jun 2018 07:52:40 +0000 (09:52 +0200)]
S1AP: upgrade dissector to v15.2.0
Change-Id: I53feb77f91ac72f4e5f18c56453f2974b8b426be
Reviewed-on: https://code.wireshark.org/review/28376
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Guy Harris [Fri, 22 Jun 2018 08:04:27 +0000 (01:04 -0700)]
The fractional part of a secs+nsecs time adjustment must be < 10^9.
One billion nanoseconds is 1 second, so that should just be expressed as
1 second.
Change-Id: I0d49838141fa877168d068a2e27b3dcc104c0cef
Reviewed-on: https://code.wireshark.org/review/28380
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Your Name [Fri, 22 Jun 2018 05:15:59 +0000 (14:45 +0930)]
editcap: ifix time shift with useconds carry
time shift to a whole number of seconds need to carry the seconds
Change-Id: I188d915bca8f86a2cc19fc603bf472f461e8beea
Reviewed-on: https://code.wireshark.org/review/28372
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris [Fri, 22 Jun 2018 06:55:00 +0000 (23:55 -0700)]
Declare lead_surrogate only in the block where it's used.
That makes it a bit clearer that we don't need to initialize it to zero
before the loop.
This fixes a Dead Store (Dead assignement/Dead increment) Warning found
by Clang.
Change-Id: Iabfc4b47a3c6300814492c37ccfb321afd0c54ea
Reviewed-on: https://code.wireshark.org/review/28374
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 22 Jun 2018 07:11:50 +0000 (00:11 -0700)]
Include <stdlib.h>, to declare exit().
Move the standard C includes up to the top, while we're at it.
Change-Id: I627536097955d96e7e5dcd48d9c1cc38a221fefb
Reviewed-on: https://code.wireshark.org/review/28375
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pascal Quantin [Thu, 21 Jun 2018 19:54:37 +0000 (21:54 +0200)]
PER: fix decoding of bit strings with an upper bound >= 64K
Change-Id: Ibe10f172a9758afd5d38a78e2613f97b04d9c8ee
Reviewed-on: https://code.wireshark.org/review/28371
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Jiri Novak [Wed, 20 Jun 2018 21:32:56 +0000 (23:32 +0200)]
tshark/RTP: GUI dependency removed from register_tap_listener_rtpstream. As consequence of it a few functions were moved from ui/rtp_stream to ui/tap-rtp-common.
Change-Id: I9dd0603a9742eb374e71e84d1380083d6c861166
Reviewed-on: https://code.wireshark.org/review/28368
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bruno Verstuyft [Thu, 21 Jun 2018 12:10:10 +0000 (14:10 +0200)]
XRA: HCS check for docsis segments
Change-Id: Iff44a3b13c13ba43442f3c3e6b186be6cd9fdcb5
Reviewed-on: https://code.wireshark.org/review/28364
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 21 Jun 2018 17:45:31 +0000 (10:45 -0700)]
WSUG: Update the Follow Stream documentation.
Update the Follow Stream documentation and screenshot.
Change-Id: I55e5e552d23b9676b23959ac07a480e0c7809ac4
Reviewed-on: https://code.wireshark.org/review/28366
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Thu, 21 Jun 2018 18:27:38 +0000 (11:27 -0700)]
Indicate why we ahve to check the address type.
Change-Id: I223eba466680e7ef6003e3412084eb1009d8d38d
Reviewed-on: https://code.wireshark.org/review/28369
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Thu, 21 Jun 2018 18:19:32 +0000 (11:19 -0700)]
Squelch a warning from MSVC.
Cast the result of a floating-point calculation to guint32; presumably
it will have no fractional part or we're deliberately discarding the
fractional part, and will never be greater than 2^32-1, so tell the
compiler we mean to discard the fractional part and have no need to
worry about the integral part being too large.
Change-Id: I432df46b59fe3192cd0a804d3d1db1f95983abe2
Reviewed-on: https://code.wireshark.org/review/28367
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Ismael Mendez Matamoros [Thu, 21 Jun 2018 10:18:37 +0000 (12:18 +0200)]
rtps: Fixed min_length in rtps_data dissection
Change-Id: I46402f714d70466cafbe736baf570149c78c6dbf
Reviewed-on: https://code.wireshark.org/review/28363
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Jiri Novak [Wed, 20 Jun 2018 13:59:33 +0000 (15:59 +0200)]
RTP: Stats calculation unification
Changes:
- rtpstream_info_calc_t created
- rtpstream_info_calculate and rtpstream_info_calc_free functions created
- RTP code updated to use such functions
Change-Id: I1053a46cbd0cdef9d70382135da46e732b5af8b8
Reviewed-on: https://code.wireshark.org/review/28361
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke [Thu, 21 Jun 2018 06:46:32 +0000 (08:46 +0200)]
lwm2mtlv: Show object name in a generated item
Change-Id: I38e044abd3fee94be0903131b9847af27b31c516
Reviewed-on: https://code.wireshark.org/review/28365
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dhiru Kholia [Thu, 21 Jun 2018 06:24:48 +0000 (11:54 +0530)]
DHCPv4: Fix dissection of packets using HMAC-MD5 authentication
See https://tools.ietf.org/html/rfc3118#section-5.2 (Authentication for
DHCP Messages) for more details.
Sample DHCPv4 authentication .pcap file can be found at,
https://wiki.wireshark.org/SampleCaptures
Without this patch, Wireshark shows "Expert Info (Error/Protocol):
length isn't >= 31" error message in the Authentication section of the
packet dissection.
Change-Id: I2af5c7d18f0497a131b1d2dc50ee6e4708c34e28
Signed-off-by: Dhiru Kholia <dhiru.kholia@gmail.com>
Reviewed-on: https://code.wireshark.org/review/28360
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ka-Shu Wong [Tue, 24 Apr 2018 05:08:04 +0000 (15:08 +1000)]
Add dissector for Exablaze timestamping trailers
Change-Id: I2953b7441b5f55f653e93e066f1c23fdcb5be7c5
Reviewed-on: https://code.wireshark.org/review/28265
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Erika Szelleova [Fri, 15 Jun 2018 10:26:43 +0000 (12:26 +0200)]
Fix in CRC checker for FPP
fix in the computation of CRC + little change in the dissector - now it
shows the fields SMD and FRAG_COUNT in the tree correctly
Bug: 14610
Change-Id: I74982ff836f02803843f6b44a0955a4b20f48e43
Reviewed-on: https://code.wireshark.org/review/28286
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dhiru Kholia [Tue, 19 Jun 2018 04:14:49 +0000 (09:44 +0530)]
DHCPv6: Improve dissection of packets using HMAC-MD5 authentication
See https://tools.ietf.org/html/rfc3315#section-21.4.1 (Use of the
Authentication Option in the Delayed Authentication Protocol) for
more details.
Sample DHCPv6 authentication .pcap files can be found at,
https://github.com/kholia/my-pcaps
Change-Id: Ife252c4e3c114c865324df26313c6b7d57988e5a
Signed-off-by: Dhiru Kholia <dhiru.kholia@gmail.com>
Reviewed-on: https://code.wireshark.org/review/28334
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Erika Szelleova [Mon, 18 Jun 2018 17:47:17 +0000 (19:47 +0200)]
OpcUa: fix in function getExtensionObjectType
The function getExtensionObjectType was not reading the corrects bytes,
this sometimes ended in reading outside the buffer and that way
exception was raised even for correct packets.
Bug: 14465
Change-Id: I5d7d9ca5f43f0afbc93f40487a78709c52f0658a
Reviewed-on: https://code.wireshark.org/review/28328
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
git.samba.org / metze / wireshark / wip.git / log