AndersBroman [Tue, 20 Sep 2016 12:31:05 +0000 (14:31 +0200)]
[Diameter 3GPP] hf_diameter_3gpp_feature_list1_sh_flags_spare_bits missing
bitmask.
Change-Id: I999fb71a26e90a46e11bd2907c3fcb8566e92562
Reviewed-on: https://code.wireshark.org/review/17817
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Thu, 15 Sep 2016 06:04:14 +0000 (08:04 +0200)]
selfm: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Change-Id: I758ff81bdfcb9c18810baad12554d7f7f0e7705f
Reviewed-on: https://code.wireshark.org/review/17707
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Tue, 20 Sep 2016 11:43:37 +0000 (13:43 +0200)]
Add define for vendor dacom
Change-Id: Ie7411d4d41e3f0a0ea98ed4a14d40c5715535c8a
Reviewed-on: https://code.wireshark.org/review/17815
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 26 Aug 2016 08:33:43 +0000 (10:33 +0200)]
TLS(1.3): Add Pre-Shared Key (41) Hello extension
Bug: 12779
Change-Id: I64ef80db0a8b51ee569fed3b87099144e57eedc2
Reviewed-on: https://code.wireshark.org/review/17320
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Hauke Mehrtens [Wed, 31 Aug 2016 18:06:49 +0000 (20:06 +0200)]
netlink: make dissect_netlink_attributes() endianness aware
Always give the netlink data struct to dissect_netlink_attributes() so
we can extract which endianness we should use. This fixes the netlink
dissector on big endian.
Change-Id: Ia485a29035c947908c29a9e30d0aba8d4fc94093
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-on: https://code.wireshark.org/review/17636
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Hauke Mehrtens [Wed, 31 Aug 2016 17:44:25 +0000 (19:44 +0200)]
netlink: try to detect endianness
There is no field which indicates which endianness is used for netlink
data, try to guess it by checking if the length in little or big endian
fits better.
Change-Id: I02884763931f3f3589b7ac5bff2781797c1d0f87
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-on: https://code.wireshark.org/review/17635
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Chris Bontje [Wed, 14 Sep 2016 17:58:47 +0000 (11:58 -0600)]
[SELFM] - Further additions to re-assembly efforts (Multiple PDUs spanning additional TCP packets)
Change-Id: I35db77ee05c3c873577b4f40c41f283e5666a4e2
Reviewed-on: https://code.wireshark.org/review/17701
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Mon, 19 Sep 2016 22:05:18 +0000 (15:05 -0700)]
Move the rest of README.qt to the WSDG.
Change-Id: I8ba0dc0170141db0b96cac996e5ad5f0bd3253ea
Reviewed-on: https://code.wireshark.org/review/17806
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stefan Metzmacher [Tue, 20 Sep 2016 00:41:46 +0000 (02:41 +0200)]
packet-dcerpc: dissect the auth verifier of PDU_CO_CANCEL, PDU_ORPHANED and PDU_FAULT
Change-Id: I28325d655ccd5d363aac89e49e5333b3d75f68a2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/17810
Reviewed-by: Michael Mann <mmann78@netscape.net>
Stefan Metzmacher [Sun, 18 Sep 2016 18:25:52 +0000 (20:25 +0200)]
packet-dcerpc: The opnum field is generated for PDU_RESP and PDU_FAULT
Change-Id: Ieeb9de0f54a22afc3adcd52d8af2c45e8b82b0ab
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/17808
Reviewed-by: Michael Mann <mmann78@netscape.net>
Stefan Metzmacher [Tue, 20 Sep 2016 00:29:16 +0000 (02:29 +0200)]
packet-dcerpc: nca_s_fault_sec_pkg_error
Change-Id: I951a317da795c94ac6518be73cb2c836e7afb836
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/17807
Reviewed-by: Michael Mann <mmann78@netscape.net>
Stig Bjørlykke [Mon, 19 Sep 2016 19:12:34 +0000 (21:12 +0200)]
Qt: Added option to Remove from recent files list
Change-Id: If87e1bf4796d45582bc2490720683e4072971f56
Reviewed-on: https://code.wireshark.org/review/17804
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Peter Wu [Sun, 18 Sep 2016 23:15:21 +0000 (01:15 +0200)]
http: add spdy Upgrade support
Not found in any specification, but it appears to be implemented by
kubernetes (using "SPDY/3.1" value).
Ping-Bug: 12874
Change-Id: I9fc7ad2f657a739b415f6801fe0f43f6ef75ca70
Reviewed-on: https://code.wireshark.org/review/17786
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Binh Trinh [Sun, 18 Sep 2016 19:33:44 +0000 (15:33 -0400)]
Qt: Fix bug in capture file dialog introduced by HideNameFilterDetails
Restore File->Save As and File->Export Specified Packets functionalities broken by commit
c711bc64573e20e343f343a53ad4d1d50add433d.
Change-Id: I5d246d296979b5e509a90569094d672083b06b9b
Reviewed-on: https://code.wireshark.org/review/17783
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Mon, 19 Sep 2016 07:37:27 +0000 (09:37 +0200)]
Qt: reenable export packet bytes menu while capturing
Change-Id: I2a3e35ec7c3233e6b32c53a2124b00bbfff8a2e1
Reviewed-on: https://code.wireshark.org/review/17793
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Sun, 18 Sep 2016 19:54:50 +0000 (21:54 +0200)]
Qt: fix file set menus when stopping a capture or opening a capture after startup
Create file_set_dialog_ window at program start so that file set menu entries
are properly populated
Bug: 12904
Change-Id: I597067da51808000683b15a19df646857082a867
Reviewed-on: https://code.wireshark.org/review/17785
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Pascal Quantin [Sun, 18 Sep 2016 21:00:07 +0000 (23:00 +0200)]
Qt: fix some menus activation when stopping a capture
Call MainWindow::setMenusForCaptureFile() once the capture is finished
While we are at it, let's deactivate Export PDU and Export Packet Bytes menus while capturing
Bug: 12071
Bug: 12898
Change-Id: I8ab9d531135790b51cd630d3f548d0c47a4a60a5
Reviewed-on: https://code.wireshark.org/review/17784
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Guy Harris [Mon, 19 Sep 2016 04:15:59 +0000 (21:15 -0700)]
Support bitfields for FT_CHAR.
Change-Id: I3ad1ad27107c9e2c0d9da6d05f0a06609369271f
Reviewed-on: https://code.wireshark.org/review/17789
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pascal Quantin [Fri, 16 Sep 2016 19:05:39 +0000 (21:05 +0200)]
WiX: add SSHdump, Ciscodump and UDPdump to installer
Change-Id: Iae2a222db8e9359fd8440b59f43ec90c3b7f8243
Reviewed-on: https://code.wireshark.org/review/17747
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Mon, 19 Sep 2016 01:48:50 +0000 (18:48 -0700)]
Improve support for single-character fields and filter expressions.
Add an FT_CHAR type, which is like FT_UINT8 except that the value is
displayed as a C-style character constant.
Allow use of C-style character constants in filter expressions; they can
be used in comparisons with all integral types, and in "contains"
operators.
Use that type for some fields that appear (based on the way they're
displayed, or on the use of C-style character constants in their
value_string tables) to be 1-byte characters rather than 8-bit numbers.
Change-Id: I39a9f0dda0bd7f4fa02a9ca8373216206f4d7135
Reviewed-on: https://code.wireshark.org/review/17787
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Wed, 14 Sep 2016 00:07:15 +0000 (17:07 -0700)]
WiX: Add NSIS installer checks.
Look for an existing NSIS installation and cancel the installation if
we find one. Add a note about making this process more friendly.
Change-Id: Id6ea4d511bc813a38fa834931f5e677d3d6a4319
Reviewed-on: https://code.wireshark.org/review/17702
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gilbert Ramirez <gram@alumni.rice.edu>
Guy Harris [Mon, 19 Sep 2016 02:38:03 +0000 (19:38 -0700)]
Add new functions.
Change-Id: I2ae30ae84cc7c65b847f8db93828affc50a40ce1
Reviewed-on: https://code.wireshark.org/review/17788
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kaiser [Sun, 18 Sep 2016 11:41:47 +0000 (13:41 +0200)]
bootp: dissect option 82, sub-option 12 (Relay Agent Identifier)
as defined in RFC6925
Bug: 12907
Change-Id: I546d243f4b188025d8c96a1eaa0798b70a847a25
Reviewed-on: https://code.wireshark.org/review/17775
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Niels de Vos [Sun, 18 Sep 2016 13:41:17 +0000 (15:41 +0200)]
glusterfs: decode upcall flags for cache-invalidation
Add decoding of the upcall->flags value. This mask currently used do
give hints about the cache-invalidation structures.
Change-Id: I4a3ab03bec6e2a2c9f8c7bbf17babb2bc93c9d7b
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: https://code.wireshark.org/review/17776
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Joerg Mayer [Wed, 14 Sep 2016 04:08:00 +0000 (06:08 +0200)]
UDLD has been an informational RFC for a while
Fix some whitespace
Change-Id: I7438b6b394078a23eda6d77fbda789d5413e0417
Reviewed-on: https://code.wireshark.org/review/17782
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Dirk Jagdmann [Sat, 17 Sep 2016 09:07:52 +0000 (02:07 -0700)]
add link to Wireshark wiki to pdml2html.xsl
Change-Id: Id756cc51d2f30f48994ec9ee07941b2680aa0ba9
Reviewed-on: https://code.wireshark.org/review/17772
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Gerald Combs [Sun, 18 Sep 2016 15:12:43 +0000 (08:12 -0700)]
[Automatic update for 2016-09-18]
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I1fb3ac4b7bd4f44dfcf7b40b28b0b2aa89ca4d3e
Reviewed-on: https://code.wireshark.org/review/17778
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Mirko Parthey [Thu, 8 Sep 2016 21:00:34 +0000 (23:00 +0200)]
ISAKMP: Reduce code duplication
Equalize attribute dissecting functions:
* Convert all attribute type names to range_string.
Add "Unassigned" and "Private use" ranges while we are at it.
* Swap the order of format and type fields for config attributes.
Move common code into the new function dissect_attribute_header().
Try to keep the parameter list short:
* Group the hfindex values for attribute details into a struct.
* Merge attribute subtree types.
Add a colon in the main attribute item label for visual separation.
Skip dissection of config attributes for unknown IKE versions.
Change-Id: I6e6286f3d4cf16f3cd16a23aca540c4af72f3442
Reviewed-on: https://code.wireshark.org/review/17663
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Fri, 16 Sep 2016 15:37:44 +0000 (17:37 +0200)]
Qt: allow file dialogs to mark an UAT as dirty
Otherwise changes to just the the key file path in the SSL keys list
dialog are not saved to disk.
Bug: 12640
Change-Id: I12c66efab04a19d662b8090629b8e67aefc01984
Reviewed-on: https://code.wireshark.org/review/17738
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Graham Bloice [Sat, 17 Sep 2016 17:54:41 +0000 (18:54 +0100)]
Make Winflex\bison the preferred option
Cygwin flex\bison generate shortening warnings due to size_t on
Win 64. The win flex\bison versions don't so find them first.
Change-Id: Ib68c84435f859325612410b72b6cf21cf106ecc2
Reviewed-on: https://code.wireshark.org/review/17763
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Pascal Quantin [Sun, 18 Sep 2016 07:31:01 +0000 (09:31 +0200)]
extcap: fix management of multicheck and saved non boolean arguments
Launching USBPcap without going in the interface options menu exhibits 2 bugs:
- we should restore a value only if it is not an empty string (otherwise USBPcap with an ampty --devices multicheck argument)
- when building the argument list for a non boolean argument not using the default value, do not call g_strconcat. It will
build a string concatenating the option and value (for example "--devices 1" that will be treated as a single argument).
Instead option and value must be given separately to argument list.
Bug: 12846
Change-Id: I5628cb264a7632089e6579e9ae7400e2c0e500e2
Reviewed-on: https://code.wireshark.org/review/17773
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
BACdaBASpert [Fri, 16 Sep 2016 23:57:50 +0000 (16:57 -0700)]
update bacapp vendor id to name mapping from BACnet
Change-Id: Ibd09e3d8ec167a9270545e37365a2370ac6c2c28
Reviewed-on: https://code.wireshark.org/review/17753
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Sat, 17 Sep 2016 15:48:41 +0000 (10:48 -0500)]
Fix up coding style in ByteViewText.
As WSDG 12.2.2.1 says, use trailing_underscore_ convention for member
variables.
Change-Id: I7d6dbcce3908aefc167cdc6ee1d054a2f5f5a072
Reviewed-on: https://code.wireshark.org/review/17756
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Sat, 17 Sep 2016 20:44:45 +0000 (13:44 -0700)]
The full identity string was added above.
Change-Id: I0945cb9cb6a9d5ccf3756b887654d73a28035a49
Reviewed-on: https://code.wireshark.org/review/17768
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sat, 17 Sep 2016 20:25:44 +0000 (13:25 -0700)]
Update a comment.
In one of the two cases where we treat the first byte of an identity as
a prefix, we know it's EAP-AKA. (In the other, we do *not* know that!)
Change-Id: I16625f7193eb3ab0840739ec37dbd64e2a5a0fb5
Reviewed-on: https://code.wireshark.org/review/17767
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stig Bjørlykke [Sat, 17 Sep 2016 10:37:11 +0000 (12:37 +0200)]
Qt: Hide columns after setting widths
In columnsChanged() the visibility must be set after setting
the width to avoid that setting width overwrites visibility.
This should fix hidden columns displayed during first capture.
Bug: 12377
Change-Id: Idbbf36b014724970775c34b0c08803de9b006742
Reviewed-on: https://code.wireshark.org/review/17755
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Guy Harris [Sat, 17 Sep 2016 20:14:04 +0000 (13:14 -0700)]
Fix handling of EAP identity.
There's no guarantee that the identity is a string whose first character
is a prefix indicating the type of identity; only display it as a prefix
if it's one of the known types. We really may need some other mechanism
to determine how to parse the identity, perhaps based on what the
protocol layers below it are.
Put back the display of the full string in one case where that was
inadvertently removed.
Change-Id: I2e3324f964fa25ebd7065ddb0de82ffae6597509
Reviewed-on: https://code.wireshark.org/review/17764
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kaiser [Sat, 17 Sep 2016 16:46:26 +0000 (18:46 +0200)]
eap: make eap_identity_prefix a numeric item
This used to be string item, its value was not 0-terminated. This
resulted in out-of-bounds mem acceess when eap_identity_prefix was used
by proto_tree_add_string_format().
==14744== Conditional jump or move depends on uninitialised value(s)
==14744== at 0x4C294F8: strlen (mc_replace_strmem.c:390)
==14744== by 0xC19C97F: g_strdup (gstrfuncs.c:355)
==14744== by 0x739CA75: string_fvalue_set_string (ftype-string.c:51)
==14744== by 0x67136A9: proto_tree_add_string (proto.c:3515)
==14744== by 0x6713870: proto_tree_add_string_format (proto.c:3547)
==14744== by 0x69BB494: dissect_eap (packet-eap.c:838)
==14744== by 0x66FD0B4: call_dissector_work (packet.c:649)
As the content is a number anyway, the simplest solution is to make
eap_identity_prefix a numeric item and use
proto_tree_add_uint_format_value().
Bug: 12913
Change-Id: I907b1d3555a96e9662b1d8253d17d35adfdada48
Reviewed-on: https://code.wireshark.org/review/17760
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kaiser [Sat, 17 Sep 2016 17:10:35 +0000 (19:10 +0200)]
eap: (trivial) reformat a comment
Change-Id: I2c8a8066f1591004ace6362e24be57b6cec747d1
Reviewed-on: https://code.wireshark.org/review/17762
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Martin Kaiser [Sat, 17 Sep 2016 17:03:26 +0000 (19:03 +0200)]
eap: remove unnecessary if (tree) checks
Change-Id: If42a5d610eea7c7818a0d37dd5878c84ba7f7d81
Reviewed-on: https://code.wireshark.org/review/17761
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Pascal Quantin [Sat, 17 Sep 2016 16:36:32 +0000 (18:36 +0200)]
ISUP: do not display Called Party Number twice
Bug: 12911
Change-Id: I3632ffbeb85a96d9268eca6ddc0f8b38587688c4
Reviewed-on: https://code.wireshark.org/review/17758
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 16 Sep 2016 20:15:57 +0000 (22:15 +0200)]
p_XXX_proto_data: only allow the use of pinfo and file scopes
Those are the only ones meaningful. Let's convert the buggy dissectors
and add an assert to avoid the misuse of the pool parameter in the future
Change-Id: I65f470b757f163f11a25cd352ffe168d1f8a86d3
Reviewed-on: https://code.wireshark.org/review/17748
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 16 Sep 2016 18:59:06 +0000 (20:59 +0200)]
NSIS: add UDPdump to installer
Change-Id: Ic340d7de5de2573bf1e4ee97c8f7ef9af822d225
Reviewed-on: https://code.wireshark.org/review/17746
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Wu [Fri, 16 Sep 2016 15:05:55 +0000 (17:05 +0200)]
extcap: fix heap-use-after free after saving prefs
All strings passed to prefs must be valid for the lifetime of the
program (before prefs_cleanup is called). Use wmem for this purpose.
Fixes
v2.3.0rc0-660-g26bf66f
Change-Id: I94f3bbb8ac6e18ae59d6462525f6bbc46fdb0f1f
Reviewed-on: https://code.wireshark.org/review/17737
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Fri, 16 Sep 2016 11:56:47 +0000 (13:56 +0200)]
Remove -Wdeclaration-after-statement
This is a C99 feature which we can use now.
Change-Id: I84a63d6bf282b79c9f0da0543b3b4f5a0cf0c81a
Reviewed-on: https://code.wireshark.org/review/17733
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Tue, 23 Aug 2016 16:14:03 +0000 (18:14 +0200)]
TLS(1.3): Add Share Key (40) Hello extension
Bug: 12779
Change-Id: I5cbc911f2c7818558c5182d2e3ccf9235be9281b
Reviewed-on: https://code.wireshark.org/review/17301
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Wed, 7 Sep 2016 21:15:44 +0000 (23:15 +0200)]
TLS: Pass directly the handshake_type to dissect_hnd_hello_ext
with TLS 1.3, there is a new 'Hello' type (Hello Retry Request)
Change-Id: If7a11b70a5b0a69044126c50e1d6ab4e1d443f77
Reviewed-on: https://code.wireshark.org/review/17573
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Mon, 22 Aug 2016 15:55:10 +0000 (17:55 +0200)]
TLS(1.3): Add new Hello extension list
* Key share (40)
* Pre-Shared Key (41)
* Early Data (42)
* Cookie (44)
Bug: 12779
Change-Id: I16e3cf691ae66e244608db233db180e24538a68d
Reviewed-on: https://code.wireshark.org/review/17239
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Mon, 22 Aug 2016 09:01:59 +0000 (11:01 +0200)]
TLS(1.3): Add (experimental) extension 'Draft version TLS 1.3'
Coming from https://github.com/tlswg/tls13-spec/wiki/Implementations#version-negotiation
Bug: 12779
Change-Id: Ieca74eac737b5ba6c101b719e2e5e3aecf931279
Reviewed-on: https://code.wireshark.org/review/17226
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Mon, 22 Aug 2016 08:08:00 +0000 (10:08 +0200)]
TLS(1.3): Fix Server Hello
There is no session_id and compression method with TLS 1.3 Server Hello
Also no time on first bytes of random field
Bug: 12779
Change-Id: Id79221c2ad50695cf6d46cd5c9255deab99e2d2c
Reviewed-on: https://code.wireshark.org/review/17225
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Sun, 21 Aug 2016 07:33:39 +0000 (09:33 +0200)]
TLS(1.3): Add TLS 1.3 value for version Handshake
Bug: 12779
Change-Id: I298ecf4a0537df2e88354aed6912d4298a094216
Reviewed-on: https://code.wireshark.org/review/17224
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Stig Bjørlykke [Fri, 16 Sep 2016 18:32:04 +0000 (20:32 +0200)]
Qt: Reset expert info icon when start capture failed
When starting capture fails the expert info icon must be removed
and the file status must be cleared. This happens more frequently
when using sshdump with configuration errors.
Change-Id: I9b2215c71bd16406a0978256018b1664f06c19f1
Reviewed-on: https://code.wireshark.org/review/17741
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Guy Harris [Fri, 16 Sep 2016 18:40:31 +0000 (11:40 -0700)]
Type and size cleanups.
Use size_t for sizes. Do checks to make sure we don't overflow ints.
Change-Id: Id0846cc5c6348d67a23064517ad1c432cf1cb61a
Reviewed-on: https://code.wireshark.org/review/17742
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pascal Quantin [Fri, 16 Sep 2016 18:55:31 +0000 (20:55 +0200)]
M3AP: remove Procedure Code from info column
Change-Id: I69aebed5000f6544eede69e7435fb49e4e0ce179
Reviewed-on: https://code.wireshark.org/review/17744
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 16 Sep 2016 18:54:23 +0000 (20:54 +0200)]
M2AP: remove Procedure Code from info column
Change-Id: I965cc0455f5f3ac8a676cc0e3453e8a449d76109
Reviewed-on: https://code.wireshark.org/review/17743
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Guy Harris [Fri, 16 Sep 2016 17:41:11 +0000 (10:41 -0700)]
Add ws_hexstrtou{bits} and use ws_hexstrtou32 in androiddump.
Make the reply length unsigned - there's no reason for it to be signed.
Change-Id: I5f4d1f027eeddee939547c052220efb89800f4b1
Reviewed-on: https://code.wireshark.org/review/17740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dario Lombardo [Fri, 16 Sep 2016 14:59:51 +0000 (16:59 +0200)]
udpdump: use socket_handle_t instead of int for portability.
Change-Id: Ic31302046e95d1678073a8a77812316be367e9a5
Reviewed-on: https://code.wireshark.org/review/17736
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Gerald Combs [Fri, 16 Sep 2016 01:20:05 +0000 (18:20 -0700)]
Qt: Argument vector fixups.
In wireshark-qt.cpp we have two "argv" variables, one that we pass to
QCoreApplication (which it then corrupts irreversibly on Windows if you
pass it multibyte characters), and one that we convert to UTF-8 and use
normally.
Name the throwaway argument vector "qt_argv". Name ours "argv", which is
the traditional and less error-prone name.
Bug: 12900
Change-Id: Idd80b9f779f36ffe977465afd623d320212f92b1
Reviewed-on: https://code.wireshark.org/review/17723
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Dario Lombardo [Fri, 16 Sep 2016 12:07:38 +0000 (14:07 +0200)]
eap: add identity details.
Change-Id: I60e017ac48d9daf52b8a40809625dc1ae09c9d8e
Reviewed-on: https://code.wireshark.org/review/17735
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann [Sun, 4 Sep 2016 02:22:50 +0000 (22:22 -0400)]
Have TPKT support a TCP port range preference instead of having "subdissectors?" register their own.
There are a number of dissectors who are subdissectors of TPKT (and OSITP) that are
not called by TCP dissector directly, yet can possibly register a TCP port "on the
behalf" of TPKT. Just allow TPKT to support a range of ports to possibly include
these protocols.
Remove the preferences from these dissectors, but add backwards compatibility for
the preferences by hooking into set_prefs and have the preferences just hook into
Decode As functionality directly.
Change-Id: Ic1b4959d39607f2b6b20fa6508da8d87d04cf098
Reviewed-on: https://code.wireshark.org/review/17476
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Wed, 31 Aug 2016 08:14:33 +0000 (10:14 +0200)]
extcap: make extcap use the ws_strtoi/u functions.
Change-Id: Id75c72eba869c8a0f413ce8b5d6329ce172aed1f
Reviewed-on: https://code.wireshark.org/review/17415
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Alexis La Goutte [Fri, 16 Sep 2016 08:14:00 +0000 (10:14 +0200)]
VTP: Always display reserved/unsed fields
Change-Id: Ib0b065c20e599567224c05068dad5bd24a711609
Reviewed-on: https://code.wireshark.org/review/17728
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Kenneth Soerensen [Thu, 15 Sep 2016 18:46:37 +0000 (20:46 +0200)]
ZigBee: Fix reassembly of APS fragments.
The unsigned variable num_blocks was initialized to -1. Which caused the
dissector to set the total length to
4294967295 fragments when the second
fragment was processed. This made the dissector unable to reassemble data
made of more than two fragments.
Change-Id: I120af090ed29ac73a1fa699bea2bfc91798ef92b
Reviewed-on: https://code.wireshark.org/review/17712
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Fri, 16 Sep 2016 08:03:12 +0000 (10:03 +0200)]
ssl-utils: fix -Wshorten-64-to-32 and other warnings
Fixes -Wshorten-64-to-32 from
v2.3.0rc0-697-gb1d36fe ("ssl-utils: remove
block and key sizes from cipher suites table"), -Wpointer-sign,
-Wunreachable-code-break.
Change-Id: I37ca5e9effe5d6560d49ccef53e9feb096cd2ad6
Reviewed-on: https://code.wireshark.org/review/17727
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Guy Harris [Fri, 16 Sep 2016 10:01:49 +0000 (03:01 -0700)]
ws_strou16() now takes three arguments.
Change-Id: I94a3a8707de724b1b4c2fafaa4c96d2a52b418c6
Reviewed-on: https://code.wireshark.org/review/17732
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 16 Sep 2016 09:59:40 +0000 (02:59 -0700)]
Squelch some compiler warnings.
gcry_cipher_get_algo_keylen() returns a size_t, which is bigger than a
guint on most if not all 64-bit platforms; however, if the key is bigger
than 2^32 bytes, we have bigger problems, so just cast it down.
Change-Id: Ia7c97d2742686daf2e42f634c6e349cb580fa9df
Reviewed-on: https://code.wireshark.org/review/17731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dario Lombardo [Wed, 10 Feb 2016 14:45:45 +0000 (15:45 +0100)]
extcap: add udpdump.
Udpdump is a generic UDP receiver that exports datagram in PCAP format.
Change-Id: I52620a92b12530b6f9b5449c43e692663acdfc14
Reviewed-on: https://code.wireshark.org/review/17195
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Peter Wu [Thu, 15 Sep 2016 22:49:15 +0000 (00:49 +0200)]
ssl-utils: fix runtime memory leak
Ensure that Libgcrypt and zlib memory are freed when closing a pcap.
Change-Id: I420f9950911d95d59ff046fee57900ca6f7e9621
Reviewed-on: https://code.wireshark.org/review/17718
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Thu, 15 Sep 2016 21:57:15 +0000 (23:57 +0200)]
ssl-utils: remove block and key sizes from cipher suites table
There was an implicit dependency between the block size in the cipher
suites table and the size expected by Libgcrypt. Just remove the block
size from the table and rely on the value from Libgcrypt to avoid the
risk of mismatching values (which could lead to a buffer overflow).
While at it, remove the size of the key ("bits") and the size of key
material ("eff_bits") too. Move the key material sizes for export
ciphers away from the table and use byte quantities instead of bits.
Additionally, this fixes an issue where 8 bytes of uninitialized stack
memory is written to the SSL debug log for stream ciphers like RC4.
The size of the Write Key is also corrected for export ciphers, now it
prints the actual (restricted) number of bytes that are used.
Change-Id: I71d3c83ece0f02b2e11e45455dc08c41740836be
Reviewed-on: https://code.wireshark.org/review/17714
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Wed, 14 Sep 2016 23:41:20 +0000 (01:41 +0200)]
ssl-utils: fix buffer overrun (read) with AEAD cipher suites
ssl_cipher_init should only set the IV for CBC cipher suites. NULL
cipher suites will not invoke gcry_cipher_setiv and AEAD ciphers will
set the nonce in a different place anyway.
Fixes a buffer overrun (read) by 12 bytes for any AES-CCM and AES-GCM
cipher suite because the "block size" is set to 4 bytes while the
reported block size for AES is 16 bytes (128 bit). (The four bytes are
the "salt" part of the nonce that is extracted from the "client/server
write IV" part of the key block.)
Observed with the DTLS packet capture from
https://ask.wireshark.org/questions/55487/decrypt-application-data-pending-dtls-abbreviated-handshake-using-psk
Change-Id: I4cc7216f2d77cbd1eac9a40dca3fdfde7e7b3680
Reviewed-on: https://code.wireshark.org/review/17713
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Mikael Kanstrup [Wed, 14 Sep 2016 12:21:10 +0000 (14:21 +0200)]
Use valid channel parameters from wireless toolbar
Both the QT and GTK wireless toolbar used "-1" to indicate unused
channel parameters. This was an undocumented feature that recently
stopped working. Use the now documented way (NULL) to specify that
some parameters are not used.
Bug: 12896
Change-Id: I4a93a15ba1d880592b355b7eca155632a4b92ea0
Reviewed-on: https://code.wireshark.org/review/17700
Reviewed-by: Gilbert Ramirez <gram@alumni.rice.edu>
Petri-Dish: Gilbert Ramirez <gram@alumni.rice.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke [Thu, 15 Sep 2016 07:08:18 +0000 (09:08 +0200)]
Qt: Avoid crashes in IAX2 Stream Analysis
Avoid crash when opening IAX2 Stream Analysis without having any
packets and when not having a selected packet. Also disable the
Save Audio options if not having any IAX2 packets.
Also set Close as default button.
Change-Id: I1da04e3f907d9d562fa227ab9f0428aa6097131e
Reviewed-on: https://code.wireshark.org/review/17708
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Fri, 16 Sep 2016 01:32:21 +0000 (18:32 -0700)]
Don't pick up junk from an unset error-number variable.
Keep the actual error code and pointer-to-error-string in the scanner
state, rather than pointers to the variables passed in to us.
Initialize them to 0 and NULL, respectively.
That way, when the actual scanner routine returns, we don't check for an
error by looking at the error variable pointed to by our argument, which
might not have been set by the scanner and might have stack junk in it,
we look at a structure member we set to 0 before the scan.
Change-Id: I81a4fd6d5cf5e56f5638fae1253c48dc50c9c36d
Reviewed-on: https://code.wireshark.org/review/17721
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Thu, 15 Sep 2016 22:20:26 +0000 (15:20 -0700)]
Don't pick up junk from an unset error-number variable.
Keep the actual error code and pointer-to-error-string in the scanner
state, rather than pointers to the variables passed in to us.
Initialize them to 0 and NULL, respectively.
That way, when the actual scanner routine returns, we don't check for an
error by looking at the error variable pointed to by our argument, which
might not have been set by the scanner and might have stack junk in it,
we look at a structure member we set to 0 before the scan.
Bug: 12903
Change-Id: I5a382da569a226e60c3c2a47f3a1515b0490c31d
Reviewed-on: https://code.wireshark.org/review/17716
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dario Lombardo [Fri, 9 Sep 2016 14:41:15 +0000 (16:41 +0200)]
cli: use ws_strtou function.
Change-Id: Ic358c50aa21dac485348ee5f7af8947f75e4f952
Reviewed-on: https://code.wireshark.org/review/17611
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
AndersBroman [Thu, 15 Sep 2016 14:43:35 +0000 (16:43 +0200)]
[SIP] Make it possible to call a subdisector for the VIA branch parameter.
Change-Id: I7d91780f130105f04648489d6ed0bf2a320edce9
Reviewed-on: https://code.wireshark.org/review/17711
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Thu, 15 Sep 2016 09:37:07 +0000 (11:37 +0200)]
S1AP: add dissection of NB-IoT transparent containers
To do so, memorize whether a given eNB UE S1AP ID belongs to a NB-IoT
TAI or not.
Also add a preference allowing to force dissection as legacy LTE or
NB-IoT if automatic mode fails.
While we are at it, let's remove the global variables and introduce
a S1AP private data info stored in pinfo.
Change-Id: I7e30b3d59d909684e5cfe13510293ed38ad52574
Reviewed-on: https://code.wireshark.org/review/17709
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Wu [Wed, 14 Sep 2016 17:45:50 +0000 (19:45 +0200)]
eap: fix EAPOL conversation tracking, fixes TLS decryption
Use new heuristics based on the EAP Code field to determine whether a
field originates from the client or server. This is more reliable than
using "pinfo->match_uint" for two reasons: (1) the heuristics dissector
does not set "match_uint" (resulting in an arbitrary match on the
previous value) and (2) with EAP over EAPOL, there is no matching port
number (resulting in two conversations with different addresses and port
number zero).
To fix TLS decryption, make sure to create a single conversation for
both direction and allow the port type to be PT_NONE (to avoid reporting
all packets as originating from the server).
Bug: 12879
Change-Id: I7b4267a27ffcf68bf9d3f6a90d6e6e2093733f51
Reviewed-on: https://code.wireshark.org/review/17703
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gilbert Ramirez [Wed, 14 Sep 2016 03:33:54 +0000 (22:33 -0500)]
Qt: Option to copy bytes to clipboard as Escaped String
Some users need to copy the bytes to a Python script for
sending out through a raw socket. While they can modify a
plain hex dump, having Wireshark copy directly as a Python
string makes their work easier. This format also works
with Bash, so it is called "Escaped String". E.g.:
"\x55\xb5\xd4\x67\x03"
Change-Id: I0b6a5eb2e348f686397afda76095aaa2fb85c18d
Reviewed-on: https://code.wireshark.org/review/17696
Petri-Dish: Gilbert Ramirez <gram@alumni.rice.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Tue, 13 Sep 2016 19:47:22 +0000 (12:47 -0700)]
Qt: Shorten capture file dialog name filters.
In the capture file dialog's "Files of type" combobox separate out the
wildcards we display from the ones that are applied. Set the
HideNameFilterDetails option and for "All Files" and "All Capture Files"
leave the option hidden.
For other options print the wildcard list twice so that it's both
displayed and applied. Go even further and filter out ".gz" wildcards in
the displayed list since they're effectively duplicates of their
uncompressed counterparts.
Based on Dario's work in change 17605.
Bug: 12837
Change-Id: I35de8f31492657e37b12ca4c8de5ed9e79d2e2f8
Reviewed-on: https://code.wireshark.org/review/17689
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Wed, 7 Sep 2016 13:15:57 +0000 (15:15 +0200)]
iseries: rework the read routine.
Change the way a line is read in iseries. Instead of reading a string
then convert it with atoi, parse it as an integer and convert it to
nsecs.
Change-Id: Id8e8e9866dbcef3b1612a608f9647bc490263dae
Reviewed-on: https://code.wireshark.org/review/17558
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Thu, 15 Sep 2016 00:05:26 +0000 (17:05 -0700)]
Fix a test to work with Xcode 8.
(Hopefully it still does what it's supposed to; I don't have any
machine, real or virtual, that has the command-line tools installed
without Xcode being installed on which to test it.)
Change-Id: I0ce8ce4f8532fcc6ab121641dde238180dfa69ce
Reviewed-on: https://code.wireshark.org/review/17704
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stig Bjørlykke [Tue, 13 Sep 2016 11:37:11 +0000 (13:37 +0200)]
Qt: Set Close as default button
Set Close as default button in some statistics dialogs.
Change-Id: I82e17d27de256aabaec1633bb973c554eec907c3
Reviewed-on: https://code.wireshark.org/review/17685
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Gerald Combs [Tue, 13 Sep 2016 22:27:23 +0000 (15:27 -0700)]
NSIS: Disable a debugging MessageBox.
Disable a MessageBox added in gec5f578.
Change-Id: I4a1ad044836a9363b2e4d9f80df419e7c81f73dd
Reviewed-on: https://code.wireshark.org/review/17694
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Tue, 13 Sep 2016 20:38:32 +0000 (22:38 +0200)]
X2AP: remove Procedure Code from info column
Change-Id: I8d4632ef3b338063e96f4a417f0e3280489968a4
Reviewed-on: https://code.wireshark.org/review/17692
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Tue, 13 Sep 2016 20:36:30 +0000 (22:36 +0200)]
S1AP: remove Procedure Code from info column
Change-Id: I53ece74627adc038ee6ff2af2959f2dae76ab879
Reviewed-on: https://code.wireshark.org/review/17691
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Tue, 13 Sep 2016 20:23:15 +0000 (22:23 +0200)]
NAS EPS: add an option to dissect User Data Container as IP packet
Change-Id: I7d1196b79c22df5abe7d399bd9bea5c3d60bff7f
Reviewed-on: https://code.wireshark.org/review/17690
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Gerald Combs [Fri, 9 Sep 2016 16:30:54 +0000 (09:30 -0700)]
NSIS: Look for an installed WiX package.
Dig through the registry and look for a WiX / Windows Installer package.
Offer to uninstall it if we find one.
Change-Id: I513ce4184880571c484461483a3d25e6d90a85e0
Reviewed-on: https://code.wireshark.org/review/17613
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 8 Sep 2016 18:24:34 +0000 (11:24 -0700)]
NSIS: Disable GTK+ by default.
Disable the legacy UI by default. Associate our Programs and Features icon
with Wireshark.exe. Move some GTK+-specific code to SecWiresharkGtk. Make
sure the /desktopicon and /quicklaunchicon apply to Wireshark.exe. Remove
unneeded parentheses in the display name.
Change-Id: Ia7662d003d15afd809d81631e059e249a93d0999
Reviewed-on: https://code.wireshark.org/review/17593
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Tue, 13 Sep 2016 18:29:25 +0000 (11:29 -0700)]
WSUG: Fixup PDF images.
Pass relative image directory paths to xsltproc. The DocBook documentation
says you can use a URI, but trying to get that to work with CMake
and Windows appears to be a path to tears and undignified wails of
frustration.
Add attributes for our different types of images and use them so that
the PDFs don't scale our screenshots to an unusable size.
Change-Id: I786d09d9ef9be3d423b2af426a8867739ae12c1a
Reviewed-on: https://code.wireshark.org/review/17688
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tom Haynes [Tue, 13 Sep 2016 16:24:53 +0000 (09:24 -0700)]
nfs: Primary Data's NFSv4 DataSphere filehandle decoder
Change-Id: I0d339f69f37fd3b6a2f7b37b1c239edb2a4cf7a5
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/17676
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke [Tue, 13 Sep 2016 10:49:23 +0000 (12:49 +0200)]
Qt: Fix open Flow Graph in full screen
Check if initialized in SequenceDialog::resizeEvent because loadGeometry()
may call resizeEvent (from showFullScreen()) before init_ is initialized.
Change-Id: I1a514454f1521f68df71c3113077c68acb2f3218
Reviewed-on: https://code.wireshark.org/review/17684
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dario Lombardo [Tue, 13 Sep 2016 09:14:01 +0000 (11:14 +0200)]
sshdump: remove -P.
This option is incompatible with other capture binaries (like tcpdump).
Change-Id: If93fca69f93b7833e7f8bb28b70311373f42f3f5
Reviewed-on: https://code.wireshark.org/review/17682
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Peter Wu [Mon, 12 Sep 2016 19:30:26 +0000 (21:30 +0200)]
qt: fix default action in Time Shift dialog
Use "Apply" as default action, not "Open Help".
Change-Id: Ida9b878732e444bbc450f8e63cc8e30a76f29bdc
Reviewed-on: https://code.wireshark.org/review/17672
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Dario Lombardo [Fri, 9 Sep 2016 15:16:10 +0000 (17:16 +0200)]
addr_resolv: use ws_strtou8 function.
This change prevents to accept netmasks as /24x. The
mask must be an clean integer.
Change-Id: I46aeb089dd6538b5cc4bde7efd4dc317621a5245
Reviewed-on: https://code.wireshark.org/review/17612
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Guy Harris [Tue, 13 Sep 2016 08:51:07 +0000 (01:51 -0700)]
Fix indentation.
Change-Id: I2b2d1cd584eb1ec56ec5cdcd33fb789843c8192c
Reviewed-on: https://code.wireshark.org/review/17680
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michal Labedzki [Mon, 2 Nov 2015 18:41:12 +0000 (19:41 +0100)]
Bluetooth: HCI vendor: Add support for some Intel commands/events
This change based on BlueZ code on the same license that Wireshark is.
It seems that a lot of commands/events are incomplete or unknown,
however better to have them.
Also rename variables (etc.) of the first dissector to contain
vendor name like new one, to distinguish them.
Change-Id: I2db3ed73d477699032a44bac2d3c88a9230b0095
Reviewed-on: https://code.wireshark.org/review/17657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Michal Labedzki [Tue, 3 May 2016 20:45:05 +0000 (22:45 +0200)]
Qt/Bluetooth: Implement hover for rows
This improves readability, especially while presenting results
to the other people.
Change-Id: I1a6fc93c1b858078e171729971561321a4ddd956
Reviewed-on: https://code.wireshark.org/review/16469
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Gerald Combs [Mon, 12 Sep 2016 22:44:16 +0000 (15:44 -0700)]
WSDG: Updates for Qt 5.6.
Refer to Qt 5.6 for Windows builds. Update the download URL.
Change-Id: Id4de0d55679a6ac1b7aac82ddd5eb80d6b54568a
Reviewed-on: https://code.wireshark.org/review/17674
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Mon, 12 Sep 2016 10:41:48 +0000 (12:41 +0200)]
telnet: get rid of atoi().
Change-Id: Id445aef1af21fcf176611122a757482c0b22f4bd
Reviewed-on: https://code.wireshark.org/review/17662
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>