git.samba.org - metze/wireshark/wip.git/log

Device provisioning protocol: Fix a last issue with DPP and Configuration
commands not being searchable.

Change-Id: I28cf212b3eacb16572ce9d1ff2dbf45040046b00
Reviewed-on: https://code.wireshark.org/review/24069
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Clean up a bit.

If we're using Clang, use either _Pragma("clang diagnostic XXX") or
nothing; don't use _Pragma("GCC diagnostic XXX"). If we're using
something other than Clang that is, or claims to be, GCC, use
_Pragma("GCC diagnostic XXX") or nothing.

Explain why we're only using _Pragma("GCC diagnostic XXX") with GCC 4.8
or later, even though it's supported in GCC 4.2 and later, and even
though 4.6 an later support _Pragma("GCC diagnostic {push,pop}").

Change-Id: I7a5f46ec419b945663d473cb4ae435ab7fdcf0ef
Reviewed-on: https://code.wireshark.org/review/24096
Reviewed-by: Guy Harris <guy@alum.mit.edu>

TRANSUM: File loading slow with transum enabled

This change improves performance through better handling of SYN -
SYN/ACK pairs.

Bug: 14094
Change-Id: Ie479f1b69fa48f85a2ed9f8f173533db25582bbd
Reviewed-on: https://code.wireshark.org/review/24090
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix typo.

Change-Id: I27373dd3823d3527ad3ebf272169feb7323b1a83
Reviewed-on: https://code.wireshark.org/review/24094
Reviewed-by: Guy Harris <guy@alum.mit.edu>

proto.c: do not set an item length longer that the remaining tvb length

Ping-Bug: 14128
Change-Id: Iae5cb2f85d5d2fa3f2b6051aa57390a3f73d724a
Reviewed-on: https://code.wireshark.org/review/24087
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

proto.c: protect against buffer overflow in proto_find_undecoded_data()

Bug: 14128
Change-Id: I01aadf2dc9a3f714caaef273a7e012c6f1840726
Reviewed-on: https://code.wireshark.org/review/24088
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Move the compiler version tests to ws_compiler_tests.h and use them elsewhere.

While we're at it, sort some header file lists, and clean up white
space.

Change-Id: If737dda45334fedf1df7295d8719ad9381daf7a1
Reviewed-on: https://code.wireshark.org/review/24089
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Include VLAN ID in key for ICMP request/response tracking

Add global preference to allow for "stricter" conversation tracking

Bug: 13518
Change-Id: I166a084c402374fa76dac7bb54f941e2e9c9325a
Reviewed-on: https://code.wireshark.org/review/22842
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Initial coding of the ieee1905 dissector with Multi-AP support.

Change-Id: I94da228cba6baf20a2cd02bafc9704492f2cfc9f
Reviewed-on: https://code.wireshark.org/review/23956
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

oss-fuzzshark: add missing include to fix implicit declaration of color_filters_init()

/src/wireshark/tools/oss-fuzzshark/fuzzshark.c:218:7: warning: implicit declaration of function 'color_filters_init' is invalid in C99 [-Wimplicit-function-declaration]
if (!color_filters_init(&err_msg, NULL))
^
1 warning generated.

Change-Id: I37dbc4521b6a3cda271e6e33a290ed35911e7dda
Reviewed-on: https://code.wireshark.org/review/24086
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Whitespace cleanups.

Change-Id: Ic19c143fc9143da230f286f1fe4aecc0fe8b08be
Reviewed-on: https://code.wireshark.org/review/24085
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Move a comment to where it belongs, expand another comment.

Change-Id: I04eff374132cbe4b93271c7a43303db406998bcb
Reviewed-on: https://code.wireshark.org/review/24084
Reviewed-by: Guy Harris <guy@alum.mit.edu>

We don't need to define sockaddr_storage.

Winsock2.h will do that for us via packet32.h.

Change-Id: Ie834d49b052c3db6784481bb85d94d4eecff8287
Reviewed-on: https://code.wireshark.org/review/24082
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Use more than just "does it claim to be GCC?" to test for attributes.

Not all versions of GCC or Clang have the returns_nonnull function
attribute, so use the same technique used in current master branch
libpcap - use __has_attribute() if it's available, otherwise use
compiler version tests.

This also lets us use WS_NORETURN on some non-GCC compilers.

Change-Id: I6ca4a81797ebfca9f743e16f83839c49d303da81
Reviewed-on: https://code.wireshark.org/review/24083
Reviewed-by: Guy Harris <guy@alum.mit.edu>

CMake: Set the Windows build target to Vista.

Set NTDDI_VERSION and _WIN32_WINNT to their Vista values so that
ws2tcpip.h will define inet_pton and inet_ntop. Remove the associated
compiler version checks so that everyone is on the same page.

Add breadcrumbs to the various parts of the code where we set a minimum
Windows version.

Change-Id: I83bba5fa1024bfbc02e07b120412807ad259e291
Reviewed-on: https://code.wireshark.org/review/24080
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Fix indentation

Change-Id: I81892f2624920ccf3e2f18734665b9b2e99de5cf
Reviewed-on: https://code.wireshark.org/review/24081
Reviewed-by: João Valverde <j@v6e.pt>

Improve our inet_ntop() wrapper

Also fix buffer length define, as it is not guaranteed to be 46 on
Windows (it never was guaranteed anyway for the libc implementation,
but the likelyhood of being greater was small).

Change-Id: I2db705d86f825765ed32ec70b8d22058b5d629e8
Reviewed-on: https://code.wireshark.org/review/24074
Reviewed-by: João Valverde <j@v6e.pt>

configure: Remove profile-build option

Developers should know how to instrument the code for profiling with a given
toolchain. This particular case is trivially replaced with:

./configure CFLAGS="-pg" LDFLAGS="-pg"

Change-Id: Icc4bca9a8dc5d3ae59a3ff5a8d155f8dc868fcdd
Reviewed-on: https://code.wireshark.org/review/24054
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

DOCSIS: added Energy Management and CM Status Ack modem capabilities

Change-Id: Ieef2cbf34e32f0730af03acc65ebe3499e1fe1f3
Reviewed-on: https://code.wireshark.org/review/24076
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

PFCP: Fix offset after decoding Message Length

Change-Id: I163b4b1dfcad68e392fbddc3327ad081ca304a85
Reviewed-on: https://code.wireshark.org/review/24078
Reviewed-by: Michael Mann <mmann78@netscape.net>

ipv4_get_net_order_addr() is no longer an exported function.

At least not exported from libwireshark - it's now a static inline
function defined in a header.

Change-Id: Ic3eb397226459c7c8fb296f23777cbd0678a0a2f
Reviewed-on: https://code.wireshark.org/review/24077
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Rename some IPv6 address test functions.

They test where the address is XXX, for various values of XXX, so name
them accordingly.

Change-Id: I437175f02b3f97fecee77e8bb9416bb5b71cd0d0
Reviewed-on: https://code.wireshark.org/review/24075
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add a ws_in6_addr typedef for struct e_in6_addr.

That allows a parallel typedef of ws_in4_addr for guint32.

Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix comments, remove a no-longer-needed include.

Change-Id: I58cc8db41b474e937eb806510c277fe1830204fb
Reviewed-on: https://code.wireshark.org/review/24072
Reviewed-by: Guy Harris <guy@alum.mit.edu>

CMake: Remove unused header checks.

Remove the following unused header checks and defines:

HAVE_INTTYPES_H
HAVE_STDINT_H
HAVE_STRINGS_H
HAVE_SYSCONF

Change-Id: I9f1307ead09c6800697004e7f79f5ac637eea3f7
Reviewed-on: https://code.wireshark.org/review/24067
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RANAP: Associate RTP dissector with CS streams

Change-Id: If02b8cc5110c70e50ae04d245c45b1d133ee7fd3
Reviewed-on: https://code.wireshark.org/review/24010
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: Don't check for windows.h or winsock2.h.

If we're building on Windows we're going to have windows.h and
winsock2.h. Don't bother checking for them.

Change-Id: I0004c44d7364ab3f41682f34b8c84cd8617c9603
Reviewed-on: https://code.wireshark.org/review/24068
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Swallow up the stuff from epan/ipv4.c into epan/ftypes/ftype-ipv4.c and epan/ipv4.h.

Most of it doesn't need to be public; pull it into epan/ipv4.c. Pull
the two routines that *are* used outside epan/ftypes/ftype-ipv4.c into
epan/ipv4.h as static inline functions.

This allows some optimization, and makes epan/ipv4.h more like epan/ipv6.h.

Change-Id: I80229acde559d810aecec2acd5c995076440c181
Reviewed-on: https://code.wireshark.org/review/24071
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Clean up white space.

Change-Id: If082be21933ea6e01ea2126d4aafa6c931d4674d
Reviewed-on: https://code.wireshark.org/review/24064
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Use a union for the IPv4/IPv6 address.

That way, the compiler ensures proper alignment. In practice, the
alignment was probably proper anyway, but this makes sure.

Change-Id: I5ddc028c97d6961692a297cac17236206b61169d
Reviewed-on: https://code.wireshark.org/review/24061
Reviewed-by: Guy Harris <guy@alum.mit.edu>

configure: Fix --with-libssh argument name mismatch

Change-Id: I38a55f9354f400ebe7a9acdf28a52a0068d9f745
Reviewed-on: https://code.wireshark.org/review/24058
Reviewed-by: João Valverde <j@v6e.pt>

asn2wrs.py: use 64 bits variant for constrained integers using MIN or MAX keywords

Change-Id: Iffc7c81e9653e8c1cd938de8f4fc26c5912eceec
Reviewed-on: https://code.wireshark.org/review/24049
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Remove replacement inet_pton/inet_ntop

Should be available on every platform we support.

Change-Id: Ib65d78e351d22d581b427e5e93fc8d5e5348b260
Reviewed-on: https://code.wireshark.org/review/24047
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

We're using inet_pton(), so we don't need to worry about non-dotted-quad addresses.

inet_pton(), and thus ws_inet_pton(), won't accept hex or
fewer-than-four-component IPv4 addresses, at least on Single UNIX
Specification-compliant systems - the SUSv4 explicitly says

The inet_pton() function does not accept other formats (such as
the octal numbers, hexadecimal numbers, and fewer than four
numbers that inet_addr() accepts).

so we don't need to check for "inet_atons that accept strings such as -
"130.230" as valid addresses".

That also means that, "if there are any places where this needs to
support the hex-address form for IPv4 addresses, or to support fewer
than 4 components for a network address", those places were hosed even
before we stopped using inet_aton(), so there are presumably no such
places. (Itojun's comment was probably just an expression of general
concern, rather than a note of a known problem.)

Change-Id: Id16b6ebd3550dc3bf5a0fc283898a99b7abc163c
Reviewed-on: https://code.wireshark.org/review/24057
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Get rid of a no-longer-needed variable.

We don't need a temporary IPv4 address variable in get_host_ipaddr(), we
can just use the pointer we've been handed.

Change-Id: Id7cbd0c14b2eeb3efde5a556f3414bd635411908
Reviewed-on: https://code.wireshark.org/review/24056
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Clean up and expand comments.

Note the dropping of support for hex IPv4 addresses and addresses with
fewer than four components, and indicate that, if there are any places
where that support is expected, we should change those places (i.e.,
don't just change get_host_ipaddr() and, if there aren't any such
places, just leave everything as it is).

It's not clear that get_host_ipaddr() is "Used more in the dfilter
parser rather than in packet dissectors"; that may depend on whether
you're counting number of calls executed from those places or the number
of lines of code making those calls. Just drop the claim, which is
absent in the comment for get_host_ipaddr6().

Also ask whether we're using get_host_ipaddr{6}() in any places where it
should *only* support numeric addresses rather than names.

Change-Id: Ib5d8730ca703339342f308081a68309479f842c5
Reviewed-on: https://code.wireshark.org/review/24055
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Remove inet_aton() usage everywhere

Including where it says not to in comments. Use IPv4 dotted-decimal
notation.

Change-Id: Iafe1f6fbd2bd5867c41642dc27411f47dff8ce6a
Reviewed-on: https://code.wireshark.org/review/24044
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

debian: Update symbols

Change-Id: I4360c3f819a3fc3254cecf862e5c084cb5a4162e
Reviewed-on: https://code.wireshark.org/review/24051
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Use "not installed for development" for libgcrypt.

This is similar phrasing to what I used for some other libraries;
hopefully it will keep people from asking "Why am I getting this error?
I installed libgcrypt" questions by making it clear that "installing
libgcrypt" might not be enough.

Also, don't give a package name, because the package might not be called
"libgcrypt-devel" - it might be called "libgcrypt20-dev" of something
such as that.

Change-Id: I486a239e346955666d08cad3b1f8e3a961120e76
Reviewed-on: https://code.wireshark.org/review/24052
Reviewed-by: Guy Harris <guy@alum.mit.edu>

rdm: Support NACK_REASON and fix a PD dissector

- Introduce support for the NACK_REASON response type
- Tweak the PD dissector for DMX_PERSONALITY_DESCRIPTION, which
misinterpreted the "Personality Requested" field and used the wrong
length for the "DMX512 Slots Required" field

Change-Id: If5bc64f82e531e6cfb03a508c335b0468bf6e836
Reviewed-on: https://code.wireshark.org/review/24048
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Add 32x32 png file for UAT "clear list" icon

Change-Id: Ifff401d9014d58c3848e1fcb2f09f09d4391e61e
Reviewed-on: https://code.wireshark.org/review/24043
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Remove leftover #define.

Change-Id: Ic18094a487a941a8c76c722afe8e22194b069993
Reviewed-on: https://code.wireshark.org/review/24046
Reviewed-by: João Valverde <j@v6e.pt>

Test g_printf() thousands grouping flag at runtime

This tests the runtime environment so avoid hard-coding it during the build.

For now we avoid messing with locales for the test, unless it turns out to
be necessary (ISO C printf behaviour with invalid conversion specifier is
undefined).

Change-Id: I341c2ab5e716973689cf9002f13435404a41369f
Reviewed-on: https://code.wireshark.org/review/24038
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

Fix registration of SIP atop SSL/TLS.

See https://ask.wireshark.org/questions/64151/sip-tls-is-only-shown-as-tcp.

Change-Id: Ife182136601007ff6a5713666d9fada5abcd00b9
Reviewed-on: https://code.wireshark.org/review/24041
Reviewed-by: Guy Harris <guy@alum.mit.edu>

mqtt: Use proto_tree_add_bitmask

Change-Id: I8e9cd64edcabf810e70b134ecce7a771babafebc
Reviewed-on: https://code.wireshark.org/review/24017
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Make plugin support a runtime property

Keep the option to disable at compile-time but use AC_ARG_ENABLE instead.

Change-Id: Ie8c3f5ba0db1eb6d9d4ffd742cd3aa049ead5007
Reviewed-on: https://code.wireshark.org/review/24026
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

configure: Remove ancient inet_pton test for brokenness

Change-Id: Idac71883b6a1c6c78ae79e929f1c67a295ed9035
Reviewed-on: https://code.wireshark.org/review/24037
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Get program to the right working directory.
Otherwise patches breaks.

Change-Id: Ief735dc949eaefa3515cc0a5936e0a2735cb0241
Reviewed-on: https://code.wireshark.org/review/24035
Reviewed-by: Guy Harris <guy@alum.mit.edu>

DOCSIS: fixed TLV name

Change-Id: Ibfc8310e1a150fb2e04f7dad9a68d08e8d0364b7
Reviewed-on: https://code.wireshark.org/review/24032
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Improve http object export for URLs with long extensions

This allows the export of objects with extensions that may be longer
than the allowed file name of an export (due to underlying filesystem, etc).
The extension detection mechanism previously preserved everything in the file
name after the final ".", but in some cases (especially with long query strings)
this would exceed the allowed maximum file length, and simply refuse to export
the object. Now, if the length of the extension and duplicate number is longer
than the allowable file length, the extension is ignored, and the entire string
is truncated to allow an acceptable export filename.

Bug: 14130
Change-Id: I6fa0281519d031c07a9ac621002ac328f34f54cc
Reviewed-on: https://code.wireshark.org/review/23960
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssl-utils: Add export tls13_hkdf_expand_label

for reuse on QUIC dissector

Change-Id: Ic1d6b875e1e1944bb2aa6c7a85bfdd984c00948c
Reviewed-on: https://code.wireshark.org/review/24018
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

AirPcap is Windows only, reflect that in about dialog

Change-Id: Iecde2ada76a63da47e80cf0188945dab2a7e5b89
Reviewed-on: https://code.wireshark.org/review/24023
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

Add "Apply as filter" button to Coloring Rules Dialog

Add a button to apply currently selected color as the display filter.

Bug: 14100
Change-Id: Ife3edeb577075f1fe30b649a5655ef5887684d8a
Reviewed-on: https://code.wireshark.org/review/24012
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

QUIC: Add draft-07 value_string

Change-Id: Icc4cfc4ce007eac29d9a502eae76527713e93e05
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/24019
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

mqtt: Fix some mistakes from previous commit

- PUBREL, SUBSCRIBE and UNSUBSCRIBE does use QoS for v3.1
- CONNACK is also different between v3.1 and v3.1.1
- DUP flag is not reserved, it's Retain which is reserved
- Use proto_tree_add_item for reserved fields
- Use uniform layout and fixed indent (2 spaces in this file)

Change-Id: I26337ad63cd67d832db84993349fa3406e305b72
Reviewed-on: https://code.wireshark.org/review/24025
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

[RFC] dissector/mqtt: Fix handling of fixed header flags

According to the MQTT v3.1 and v3.1.1 specifications,
the fixed header flags (DUP, QoS and RETAIN) are only set by
the PUBLISH message.

The DUP flag is also set by the PUBREL, SUBSCRIBE and
UNSUBSCRIBE messages but only when version 3.1 is used.

Currently, the MQTT dissector shows the header flags for
all the v3.1 and v3.1.1 messages.

This patch fixes the issues mentioned above.

To track the protocol version used during the connection handshake
a conversation is used. For subsequent messages, the way the header
flags are displayed is determined by this variable.

Change-Id: Iad808f77a2c379f9786152c26d3aa86e24be1b16
Signed-off-by: Flavio Santes <flavio.santes@1byt3.com>
Reviewed-on: https://code.wireshark.org/review/23939
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix make distcheck

Change-Id: Ie6b49429a5a72a4ed7b76fa74b1a6f33b6811254
Reviewed-on: https://code.wireshark.org/review/24022
Reviewed-by: João Valverde <j@v6e.pt>

[Automatic update for 2017-10-22]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I973703f2a82c96e47ec15512e223766404a6d3a1
Reviewed-on: https://code.wireshark.org/review/24021
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Add IANA arc and first entry (MUDURL) for lldp.

PCAP file: https://github.com/the-tcpdump-group/tcpdump/blob/master/tests/lldp_mudurl.pcap

Change-Id: If1f4946f8a8ade44dbab33a877bf7449f9ea2a6f
Reviewed-on: https://code.wireshark.org/review/23982
Reviewed-by: Michael Mann <mmann78@netscape.net>

NFSv4: Fix for duplicate StateId hashes

In WS v11.4.0 released In May, 2014, "tvb_get_string_enc()" was added to
dissect_nfs4_stateid() which treats the numeric stateid as a string and
converted it to UTF-8. Invalid UTF-8 chars were replaced with the
"REPLACEMENT CHARACTER" which are actually three characters: 0xef, 0xbf,
and 0xbd (0xefbfbd). A hash was made of the first 16 chars of the returned
array although the string was often much larger due to 1 to 16 invalid
chars. This has often caused duplicate hashes for different files and
locks. That routine has been removed. In addition, the size of the hash
has been reduced from 32 to 16 bits which affords a 99.9984% chance of
unique hashes. Finally, hf_nfs4_seqid, used for the stateid hash seqid
has been changed to hf_nfs4_seqid_stateid because in CLOSE requests the
seqid has nothing to do with the stateid seqid.

Change-Id: I3bf7caefc3341887a4c9137500dfeac0115af8cf
Reviewed-on: https://code.wireshark.org/review/23966
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

autotools: Build and install user guide

Installs the WSUG to $docdir, unless the --disable-guides option is given
to the configure script.

This will open the Help->Contents menu action using the locally installed
guide. It will also point to the correct version for this Wireshark release.
The wireshark.org link only provides the guide for the master branch.

Change-Id: I9dd539c737cb3777dc1351707b9e45a3a6764aaa
Reviewed-on: https://code.wireshark.org/review/23906
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>

[Automatic update for 2017-10-22]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I2bc1e987630e05d2942e9405ab45e4c2f7452263
Reviewed-on: https://code.wireshark.org/review/24013
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Add button in Qt UAT dialog/frame to remove all UAT entries at once.

Change-Id: If5a172cd69beeb0b9a22eb7f6b9e7cb25f350b49
Reviewed-on: https://code.wireshark.org/review/23968
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Eliminate #include <epan/oui.h> from dissectors that don't need it.

Correct include patch for packet-lldp.c

Change-Id: I5e2a267943ccd39616ef323848104fdba23c8f38
Reviewed-on: https://code.wireshark.org/review/24009
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Diameter 3GPP: call XML dissector for Civic-Address AVP payload

Bug: 14142
Change-Id: Iccf5c375087cabd08aa551af8e6586e18684252a
Reviewed-on: https://code.wireshark.org/review/24008
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Warn the developer if we're building with GTK+.

Move The Slowest Migration In The History Of Ever a little further
along.

Change-Id: Ib8b49708e7036dd412a7ffc8660ded9f681374c0
Reviewed-on: https://code.wireshark.org/review/24006
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Remove oui_vals value_string and epan/oui.c

oui.c is a very small subset of what comes from http://standards.ieee.org/regauth/oui/oui.txt,
so use the "full" OUI list (and more) out of the manuf file and convert
hf_ fields to just use BASE_OUI.

Change-Id: Ic0c2ff618d8a6212f498e3b7475e0a7856c22b5b
Reviewed-on: https://code.wireshark.org/review/24007
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

nfapi: fix 'nfapi.p7_message_header.m_segment_sequence' exists multiple times with NOT compatible types: FT_UINT8 and FT_BOOLEAN

Change-Id: I221315e6dc28835ce976caf167962847d536edc6
Reviewed-on: https://code.wireshark.org/review/24001
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: fix crash after loading SRT dialog

TapParameterDialog::on_applyFilterButton_clicked first calls fillTree to
populate the table and endRetapPackets to add the results to GUI. The
table data must remain valid until closing the dialog since the user can
still interact with the GUI.

Change-Id: Ie3105be78d39c562af52f2b49081552063afcada
Ping-Bug: 14141
Reviewed-on: https://code.wireshark.org/review/23994
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

file_util.c: do not leak service handle

Follow-up of gd64c30052

Change-Id: I620b3fb44fe3090120f2d29809961623e00d55a4
Reviewed-on: https://code.wireshark.org/review/23999
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

autotools: Improve SUBDIRS usage

Change-Id: Ia40970c37f4b60f8b820c334c3c728a0ac33f228
Reviewed-on: https://code.wireshark.org/review/23996
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

autotools: Sort out how we handle plugin.c

Change-Id: Ie9570a63a1479021753807f76dd5e98fbbec7b86
Reviewed-on: https://code.wireshark.org/review/23995
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

Do not add Npcap path if npf.sys service is found

Otherwise you can end with 2 Packet.dll (the one from WinPcap and the one
from Npcap) being loaded at the same time, which can create incompatibilities.

Bug: 14134
Change-Id: Ia06066fd54b60296e55dbfce6c6f2ddd99367479
Reviewed-on: https://code.wireshark.org/review/23969
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

cmake: fix Qt build with CMake 3.0.0 and 3.0.1

AUTOUIC fails to generate some ui_*.h files because of a bug that was
fixed in CMake 3.0.2: https://cmake.org/Bug/view.php?id=14981

Change-Id: I964d991c7edefcea55ae43b0768a7fd3503f94a9
Fixes: v2.5.0rc0-1366-gdfa893b1cf ("cmake: set CMAKE_AUTOUIC and CMAKE_AUTORCC to avoid CMP0071 warning")
Reviewed-on: https://code.wireshark.org/review/23993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

LCSAP: fix retrieval of XML dissector handle

Bug: 14131
Change-Id: Ie77ade9d54f9d0a5fa0183cedc154e6595a489cf
Reviewed-on: https://code.wireshark.org/review/23991
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Suggest using CMake rather than autotools.

The configure script 1) can't find newer versions of Qt, thanks to the
Qt developers not supplying any .pc files and 2) doesn't look for useful
frameworks, so it's not the best way to build Wireshark on macOS any
more. Discuss CMake instead.

Change-Id: I28befffab010221e2e17e37f5beaf8b732974190
Reviewed-on: https://code.wireshark.org/review/23990
Reviewed-by: Guy Harris <guy@alum.mit.edu>

TCP: Add a documentation note.

Note that changes to tcp_analyze_sequence_number should be synced with
docbook/wsug_src/WSUG_chapter_advanced.asciidoc#ChAdvTCPAnalysis.

Change-Id: Iac72d2cf808d84c17fa5f12012675e0af1895cd1
Reviewed-on: https://code.wireshark.org/review/23989
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Add more notes about Asciidoctor.

Change-Id: I7fd12b9189448a637d1bebac6687168f017d8d8d
Reviewed-on: https://code.wireshark.org/review/23987
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Remove duplicate values in pfcp_pr_time_unit_vals

** (process:8955): WARNING **: Field 'Uplink Time Unit' (pfcp.ul_time_unit) has a conflicting entry in its value_string: 3 is at indices 3 (Day) and 4 (Week))

** (process:8955): WARNING **: Field 'Downlink Time Unit' (pfcp.dl_time_unit) has a conflicting entry in its value_string: 3 is at indices 3 (Day) and 4 (Week))

Change-Id: I870af4a53721e0ffe0f9f778c8287e090f2b2929
Reviewed-on: https://code.wireshark.org/review/23985
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Correct duplicate values for csi_rs_class_vals

** (process:8955): WARNING **: Field 'Class' (nfapi.csi.rs.class) has a conflicting entry in its value_string: 1 is at indices 1 (Class A) and 2 (Class B))

Change-Id: I6063fd5fe0094efe776a3a04556c633a4e495a9a
Reviewed-on: https://code.wireshark.org/review/23986
Reviewed-by: Michael Mann <mmann78@netscape.net>

FP Mux: disable heuristic dissector by default

Without any specific pattern, it is too weak and catch a lot of
unrelated UDP packets.

Change-Id: Iacac5ae65de59da1d46a06184517834edd91eb18
Reviewed-on: https://code.wireshark.org/review/23984
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Update enumerations for SISO-REF-010 v22

Change-Id: Icb326dac7cfe0478df3d892df279ad0f241c7ba6
Reviewed-on: https://code.wireshark.org/review/23981
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

fpmux: Fix error string and comment

Change-Id: If4620a43d706f7067a018eb964e4db3733d65210
Reviewed-on: https://code.wireshark.org/review/23980
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

FP Mux: reject empty tvb

Bug: 14140
Change-Id: I43c635e97f33c190e2a4a7f42e58f4274bd03f2b
Reviewed-on: https://code.wireshark.org/review/23978
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

FP Mux: create conversation if it does not exist

Change-Id: Ib26145c30f6f3ba20e26d52f1e4b90825029809d
Ping-Bug: 14140
Reviewed-on: https://code.wireshark.org/review/23977
Reviewed-by: Anders Broman <a.broman58@gmail.com>

FP Mux: do not register UDP port 44955 by default

It is not registered by IANA

Change-Id: Iff462ee0a2366ae72681b34e4e7e107c8c479822
Reviewed-on: https://code.wireshark.org/review/23976
Reviewed-by: Anders Broman <a.broman58@gmail.com>

FP Mux: fix a typo in preferences

Change-Id: I19ba1bb223a3356b4048448f0bb908f23e7364c0
Reviewed-on: https://code.wireshark.org/review/23975
Reviewed-by: Nikolai Ipatyev <wallprime@yandex.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Update packet-kerberos.c

Change-Id: I86387e4f8ebf7f7cd2f3b9e01e9b4cfe91a7357e
Reviewed-on: https://code.wireshark.org/review/23974
Reviewed-by: João Valverde <j@v6e.pt>

Refresh wsutil/Makefile.am

Change-Id: I6a70a2dc45257826c930f57a59cdd9bf5b4c3c73
Reviewed-on: https://code.wireshark.org/review/23973
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

autotools: Remove abi-compliance-checker code

It's been broken for over a year, needs to be modernized and as
implemented it's a maintenance nightmare. Get rid of it.

Ping-Bug: 13036
Change-Id: I34a6e4c28b6d3b96dd6550dd21e9cbeaf050d58f
Reviewed-on: https://code.wireshark.org/review/23967
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>

DOCSIS: Fixed bug where OCD TLVs are nested

Change-Id: I3b6a7c6dabfe017eb6c223ab2491e0a3cda8c56c
Reviewed-on: https://code.wireshark.org/review/23970
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

autotools: Sort out how we handle register.c

register.c is a built source. It should not be included in the distribution
and should be removed with the distclean target.

Remove XXX comment suggesting adding the cache to the distribution; let's
not do that.

Change-Id: I20f9467a93e2b5ad3ee56a5fa83381095b1d28c6
Reviewed-on: https://code.wireshark.org/review/23971
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

cmake: set CMAKE_AUTOUIC and CMAKE_AUTORCC to avoid CMP0071 warning

CMake 3.10 adds CMP0071 which results in warnings about applying AUTOMOC
and AUTOUIC on generated files. It somehow tries to do this for files
generated by QT5_ADD_RESOURCES and QT5_WRAP_UI.

As a workaround, just convert from the legacy macros to the new method.
Autogenerated ui_*.h and moc_*.h will now also be shown in the "External
Dependencies" tab in Visual Studio

Change-Id: I36df2212bbf0f938fcd4560000031b6137db93ca
Reviewed-on: https://code.wireshark.org/review/23917
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>

Add FP-Mux dissector

Change-Id: I58a9a0cf0364c8ce5f173ed28c054fd05738f690
Reviewed-on: https://code.wireshark.org/review/23868
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

SMB2: accept and save empty filenames on CREATE requests

[MS-SMB2] 2.2.13 CREATE Request, NameOffset:
> A zero length file name indicates a request to open the root of the share.

This also ends up enabling the parsing of missing
fields (InputBufferLength, AdditionalInformation, Flags) in QUERY_INFO
requests, which required a non-NULL saved->extra_info.

Change-Id: I9af3933cc6bb93247bad23c7dd82a52787595f69
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-on: https://code.wireshark.org/review/23959
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Added default for every switch statement

Change-Id: Ie74dec4d854f65835a4e7e68dac609290a84d791
Reviewed-on: https://code.wireshark.org/review/23957
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Protobuf: Fix format error

Fixes error: format '%lu' expects argument of type
'long unsigned int', but argument 4 has type 'guint64'

Change-Id: I431ab2e1920b7856ff686bd79bc881dee494706f
Reviewed-on: https://code.wireshark.org/review/23965
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

autotools: Smaller cleanups

ps.c is already correctly cleaned in epan/Makefile.am. make distclean also
works well with tarballs so I think the other comment can also be removed.

ldconfig may be needed for tshark.

The installation step seems to do all the right things so just drop the
rather verbose description of the XDG Base Directory Spec.

Add the MKDIR_P and INSTALL variables for consistency and to address some
of the portability concerns raised in the comment (INSTALL usage still
needs to follow a standard form common for portable automake).

Remove redundant plugin_ldadd else clause.

Change-Id: Ic2cb04556f28622a8979b057e0abbe64256ed3c9
Reviewed-on: https://code.wireshark.org/review/23964
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

ZCL SE Octet Strings: Dissect zcl se octet strings as length and data

Implemented a function to dissect zcl octet strings in a similar way as attributes
that have a data type of zcl octet string.
Currently the function is used for event data (publish event and publish event log),
as well as top up code (consumer top up and publish top up log).

Bug: 14138
Change-Id: Idae6240312bedeaa12f10777e1009b110d5f834d
Reviewed-on: https://code.wireshark.org/review/23881
Reviewed-by: Michael Mann <mmann78@netscape.net>

Suggest CMake if Qt not found on Darwin; say "not installed for development".

Hopefully this will allow more people to figure out how to compile
Wireshark without 1) e-mailing wireshark-dev, 2) asking in
ask.wireshark.com, or 3) filing a bug, if the underlying problem is that

1) they didn't install the appropriate xyzzy-dev package for
   something Wireshark uses

or

2) they're trying to use autotools on macOS and they've
   installed a recent, and not-very-pkg-config-friendly, version
   of Qt.

Change-Id: I69236558f207ed0bf81d2acdc0230630f6069dec
Reviewed-on: https://code.wireshark.org/review/23963
Reviewed-by: Guy Harris <guy@alum.mit.edu>