git.samba.org - metze/wireshark/wip.git/log

Docbook: Update our CSS.

Use the CSS generated from the "wireshark" theme at
https://github.com/geraldcombs/asciidoctor-stylesheet-factory

Make sure the release notes use an external CSS file instead of
inlining.

Change-Id: I13daa41f4a9e6f76b323bd9f483af98e20d6c1f2
Reviewed-on: https://code.wireshark.org/review/26106
Reviewed-by: Gerald Combs <gerald@wireshark.org>

wisun: wisun remove unused ei_wisun_wsie_short_format

Change-Id: I8dfee4f222236892585295e6b1d1e53bb2237238
Reviewed-on: https://code.wireshark.org/review/26103
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

mq: fix duplicate entry

Field 'ParmID...' (mqpcf.parm.id) has a conflicting entry in its value_string: 1008 is at indices 385 (MQIACF_MODE) and 386 (MQIACF_QUIESCE))

Field 'ParmID...' (mqpcf.parm.id) has a conflicting entry in its value_string: 1532 is at indices 762 (MQIACH_CURRENT_SEQ_NUMBER) and 763 (MQIACH_CURRENT_SEQUENCE_NUMBER))

Field 'ParmID...' (mqpcf.parm.id) has a conflicting entry in its value_string: 1536 is at indices 767 (MQIACH_BYTES_RCVD) and 768 (MQIACH_BYTES_RECEIVED))

Field 'ParmID...' (mqpcf.parm.id) has a conflicting entry in its value_string: 1539 is at indices 771 (MQIACH_BUFFERS_RCVD) and 772 (MQIACH_BUFFERS_RECEIVED))

Change-Id: Ieca064b54c7e25e9a78f037c7b46382dfe159df0
Reviewed-on: https://code.wireshark.org/review/26099
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

kerberos: fix duplicate entry

Field 'padata-type' (kerberos.padata_type) has a conflicting entry in its value_string: 1 is at indices 1 (kRB5-PADATA-TGS-REQ) and 2 (kRB5-PADATA-AP-REQ))

Field 'padata-type' (kerberos.padata_type) has a conflicting entry in its value_string: 132 is at indices 40 (kRB5-PADATA-AS-CHECKSUM) and 41 (kRB5-PADATA-PK-AS-09-BINDING))

Change-Id: I1069dec9cb59f753f2a9a2c4fd901f836f689a87
Reviewed-on: https://code.wireshark.org/review/26101
Reviewed-by: Anders Broman <a.broman58@gmail.com>

proto(.c): remove extra bracket

Change-Id: Iccf76c35be36e0e806d8878b93902d6984a815da
Reviewed-on: https://code.wireshark.org/review/26102
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

isup fix duplicate entry

Field 'Mandatory Parameter' (isup.parameter_type) has a conflicting entry in its value_string: 168 is at indices 133 (IEPS call information) and 134 (VED information))

Field 'Upgraded parameter' (isup.upgraded_parameter) has a conflicting entry in its value_string: 168 is at indices 133 (IEPS call information) and 134 (VED information))

Change-Id: I8bf3421ed21e50e4b607ac70faa568112e7c46ae
Reviewed-on: https://code.wireshark.org/review/26100
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[Automatic update for 2018-02-25]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I543fa77cb9f26353fe3ea64f5e236d540d971a90
Reviewed-on: https://code.wireshark.org/review/26091
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Bootp: Adding some DHCP options

Used Ref:
* https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml
* RFC 6225: Dynamic Host Configuration Protocol Options for Coordinate-Based Location Configuration Information
* RFC 6704: Forcerenew Nonce Authentication
* RFC 6731: Improved Recursive DNS Server Selection for Multi-Interfaced Nodes
* RFC 6926: DHCPv4 Bulk Leasequery
* RFC 7291: DHCP Options for the Port Control Protocol (PCP)
* RFC 7618: Dynamic Allocation of Shared IPv4 Addresses

Change-Id: Ied53f88b2018f1d054a8ba22f1a1d6f7c075621a
Reviewed-on: https://code.wireshark.org/review/26063
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

TDS: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Iac95d4d588670b75fbb9e99095e5c0a562460000
Reviewed-on: https://code.wireshark.org/review/26085
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

802.11: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Ie0c4a4703c1ae035dc1051569927b72f075823d7
Reviewed-on: https://code.wireshark.org/review/26084
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add undefined ZigBee ZCL Basic cluster attribute.

Change-Id: I3ed2750f13b9cd29654c693ff31796c56d57106a
Reviewed-on: https://code.wireshark.org/review/26081
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

I don't see a need to treat ipmap.html specially.

It's in the INSTALL_FILES list, and all of those end up being dropped
into the run directory, so there's no need to copy it individually; all
the data files, as enumerated in INSTALL_FILES, are expected to be in
the same directory, whatever it is, and that's what happens to those
files.

Change-Id: I58df330c7d6886c87d91c0e0df73000c028fc312
Reviewed-on: https://code.wireshark.org/review/26088
Reviewed-by: Guy Harris <guy@alum.mit.edu>

The parser is at the bottom, so the shadow warning must be turned off there.

The parser is what declares the local yylval, and that's generated below
all the user-specified code, so we have to turn diagnostics off at the
bottom.

Change-Id: I33d5f53c1fd67014ae7fe2b851d45d0c5e80becd
Reviewed-on: https://code.wireshark.org/review/26086
Reviewed-by: Guy Harris <guy@alum.mit.edu>

IEEE 802.15.4: Rename ieee802154_payload_* to ieee802154_decrypt_*

- Rename to better reflect functionality
- Add some comments

Change-Id: Ia3bf5655323a3d6fab18fd68dd3d048bd97f8c44
Reviewed-on: https://code.wireshark.org/review/26053
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

TDS: Minor updates to TDS 5 Response token handling

Fix a couple of cases where endianness was not handled properly when using FT_UINT_STRING. Use FT_UINT_STRING to streamline some of the decodes which were previously merged.

Change-Id: I72196d2146fe1884f2d0af01bd1185a662923226
Reviewed-on: https://code.wireshark.org/review/26056
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Suppress some warnings caused by a Berkeley YACC bug/misfeature.

Berkeley YACC generates a global declaration of yylval, or the
appropriately prefixed version of yylval, in the .h file, *even though
it's been told to generate a pure parser, meaning it doesn't have any
global variables*. Bison doesn't do this.

That causes a warning due to the local declaration in the parser
shadowing the global declaration.

So, if this is Berkeley YACC, and we have _Pragma, and have pragmas to
suppress diagnostics, we use it to turn off -Wshadow warnings.

Change-Id: Ia3fecd99fa18ca9b85f6b25f53ed36c60730fad9
Reviewed-on: https://code.wireshark.org/review/26080
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

TLS1.3: Add support of draft-24

Only add version (no frame change)

Change-Id: I437f7f9e1962f5fff35d187b559ec3943b683fd0
Reviewed-on: https://code.wireshark.org/review/26044
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Rename airpdcap to dot11decrypt.

Our 802.11 decryption code isn't tied to any specific product. Change
the file and API names to dot11decrypt.

Change-Id: I14fd951be3ae9b656a4e1959067fc0bdcc681ee2
Reviewed-on: https://code.wireshark.org/review/26058
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

User Guide: add additional use category

Add "QA engineers use it to verify network applications",
as suggested by Alexander Sashnov.

Change-Id: Ia9c83fd2f2610db747043f861931470e3f4e4c53
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/26057
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix capitalization and white space.

Change-Id: I3b93716421169b2c9ce51da6116223e62fa6a241
Reviewed-on: https://code.wireshark.org/review/26077
Reviewed-by: Guy Harris <guy@alum.mit.edu>

radiotap: Fix bug 14455.

Use an int instead of a uint so that sign extension does not occur and
fix the field labels and make them all use the correct units.

They conform closer to the spec now.

Bug 14455

Change-Id: Ic57207d10565690a6e2ed66693dcdf294d421b22
Reviewed-on: https://code.wireshark.org/review/26046
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>

Get rid of the ipmap.html that got dropped into Contents/MacOS.

Change-Id: Ieb94ca78a92fc5369fe3b396373c2f7a31d8894a
Reviewed-on: https://code.wireshark.org/review/26072
Reviewed-by: Guy Harris <guy@alum.mit.edu>

The DOCSIS dissector isn't a plugin any more, either.

Change-Id: Ibd4b775af335a34ec27efe7454a460cd47720954
Reviewed-on: https://code.wireshark.org/review/26071
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Clean up description of power and attenuation fields.

Change-Id: I36433f37e4e33260b41a2b35ca49e844fe76baf3
Reviewed-on: https://code.wireshark.org/review/26068
Reviewed-by: Guy Harris <guy@alum.mit.edu>

I don't think ipmap.html belongs in the same directory as the binaries.

Change-Id: I1a15ec77786f6a141e78c62885343f8cc51c73bf
Reviewed-on: https://code.wireshark.org/review/26059
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Work around a duplicate dest mac that appears in *some* frames captured on a FEX

Change-Id: I6604c764d4b354653280891c8bf50a73954370b3
Reviewed-on: https://code.wireshark.org/review/25994
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

[PFCP] fixed Timer IE

* If stopped there is no time to show
* Default shall be multiple of 1 min

Change-Id: Ib42c19f536ee0af5d8f83cceb8f84ad3b3a2f36c
Reviewed-on: https://code.wireshark.org/review/26047
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC (TLS): Remove support of draft < 08

negotiated_version is encrypted_extensions now

No longer supported by QUIC dissector ( >= draft-08)

Bug:13881
Change-Id: Id1fca0b5b6ce59c854b50d7091cce1079213db68
Reviewed-on: https://code.wireshark.org/review/26043
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RTSP: Dissector should create RTP conversation if only server port was negotiated

RTSP dissector now creates RTP conversation for UDP stream if
only server_port in RTP response is sent (which is legal option).

Bug: 14451
Change-Id: Id0ff0047a5708f45795440ae965c1ab67841b613
Reviewed-on: https://code.wireshark.org/review/26045
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

mate: change strcmp in g_strcmp0 that supports NULL (found by clang).

Change-Id: I66e6183a4f356adfdfd9c55b7b39245a9913857e
Reviewed-on: https://code.wireshark.org/review/25988
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

wiretap: zero memory on allocation.

Change-Id: I0801725e2f6b17a5a3d3985b5039fa362694c7c7
Reviewed-on: https://code.wireshark.org/review/25989
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

[PFCP] fixed DL Buffering Duration

* If stopped there is no time to show
* Default shall be multiple of 1 min

Change-Id: Id9c489688abc30f28a6fb4efbde263409ae92873
Reviewed-on: https://code.wireshark.org/review/26022
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Just use tvb_memeql() to check the signature.

That's one of the things it's intended to do - check the values of parts
of the packet that might not actually be there. The comparison fails if
either 1) it's all there and doesn't match or 2) it's not all there.

Change-Id: I0f97ea5f75c2cada511e254ec096d294ea710f45
Reviewed-on: https://code.wireshark.org/review/26040
Reviewed-by: Guy Harris <guy@alum.mit.edu>

LTE MAC: check direction and lcid before looking up msg3 table

Change-Id: I26238e96510e9ccb73ebc4b6c4e8e9e5bc724a91
Reviewed-on: https://code.wireshark.org/review/25991
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ans: remove unnecessary if (tree) checks

Change-Id: I381fbb7d5654c4061ed35db94269f50d49fbeafe
Reviewed-on: https://code.wireshark.org/review/26014
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[PFCP] fixed Unsigned32 in Time Threshold

Change-Id: Ie60038d76faee04585e2b1100afb13301b1d1769
Reviewed-on: https://code.wireshark.org/review/26017
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[PFCP] Improve Traffic class field

Change-Id: I6e6197f476fce591972e90f9943d7156bfe06921
Reviewed-on: https://code.wireshark.org/review/26016
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[PFCP] fix UL Gate bits in Gates Status

Change-Id: Ief03ead2a85233d1b61905d5c39d8fbcf9ab1cb2
Reviewed-on: https://code.wireshark.org/review/26015
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[PFCP] Improve SDF filter - part2

Adding subtrees

Change-Id: I5a9d49af0bc00f26d8d0576c84ae2d4b33b5736f
Reviewed-on: https://code.wireshark.org/review/26013
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[PFCP] Improve SDF filter

Change-Id: Icd045464ab38a33104713e2b99344faed9bd5f5e
Reviewed-on: https://code.wireshark.org/review/26012
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Remove more cruft.

There's no Wireshark.app/Contents/Resources/bin directory; remove the
variable containing its path, and the part of an error message that
refers to it.

Change-Id: Id41cc00a2671925c50b2075dd3e9d0f84d5bd921
Reviewed-on: https://code.wireshark.org/review/26039
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Get rid of the -sdkroot option; it doesn't affect anything.

Change-Id: I9797eea30594f5e48b21f1c2daede18777e690b1
Reviewed-on: https://code.wireshark.org/review/26036
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix stripping of binaries.

Instead of using the never-defined $binpath (undefined going back to at
least Wireshark 1.0.0 - is it a leftover from the Inkscape version?),
use $bundle_binary_list, to strip all the executables with strip -ur.

(Not that we want to strip anything - we don't even want the debugging
symbols stripped! - but for cleanliness.)

Change-Id: I9c3520ffb418bf9dc206d3ccb55d347c208f3be2
Reviewed-on: https://code.wireshark.org/review/26033
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Remove a bunch of obsolete code.

We no longer have the code to create a bundle, as we rely on CMake
having done so, at least to the extent of populating the bundle with all
the files we've generated. Get rid of the code that used to support it,
and the command-line options that are no longer necessary now that we no
longer build code bundles.

Don't have explicit lists of CLI or extcap binaries; instead, just look
for all plain files in Wireshark.app/Contents/MacOS that have read and
execute permissions for owner/group/user. That way, we don't have to
update the script if we add new binaries or new directories of binaries.

Change-Id: I047296a7889bea71165eebde10f34bec6ea96cc5
Reviewed-on: https://code.wireshark.org/review/26032
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't use find to find files to check for dependencies.

It may find files that aren't Mach-O binary files. Instead, rename
cs_binary_list to bundle_binary_list, and use it when checking for
dependencies as well as when code-signing binaries.

Change-Id: I9d17a4ba137e494fbd38db1b62f5cc7e4b620fc9
Reviewed-on: https://code.wireshark.org/review/26028
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Code-sign extcap binaries.

Change-Id: Icfca94774b929767560a06f873fbf90c3d0bebef
Reviewed-on: https://code.wireshark.org/review/26024
Reviewed-by: Guy Harris <guy@alum.mit.edu>

IPMI: Disable bus command dissection.

This dissector has had multiple, severe issues over the years. Disable
bus command dissection by default. Add a warning about re-enabling it.

Change-Id: I9f71fafe2961f349825e6eda1f351025e00be182
Reviewed-on: https://code.wireshark.org/review/26008
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

dmp: Allow multiple SecurityCategories again

A Security Classification in DMP may have multiple Security Categories
so don't restrict this to only one. Add a arbitrary limit of 255 to
avoid a long dissector loop in malformed packets.

This fixes a bug introduced in g85bbda51.

Bug: 14408
Change-Id: I48e7a61a097c58dfcf21e9c9ed3147cf1573dae6
Reviewed-on: https://code.wireshark.org/review/26011
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

TWAMP: Reassemble only the Server-Greeting message

Recursion fix forces all the messages to reassemble into 64 byte
chunks breaking the dissector for later (smaller) messages.

Change-Id: I4ab8ab4259aac5d5fc5a19ce10c6cab2db5ae3e0
Reviewed-on: https://code.wireshark.org/review/25985
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

csn1: fix indentation.

Change-Id: I7832cea4d1073df854852aa598c04bcab68bf94c
Reviewed-on: https://code.wireshark.org/review/25992
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Check for dependencies in all subdirectories of $pkglib and $pkgexec.

Just use "find" to find plain files under $pkglib and $pkgexec; this
avoids trying to run otool on directories, which can cause it to stop
looking in $pkgexec/* past the extcap directory, and does try to run it
on the Qt frameworks in subdirectories under $pkglib.

Add a comment giving more details about the big command to find
dependencies.

Change-Id: Ife3c3a8493ca0b6ea28f1bb108f63714366abeed
Reviewed-on: https://code.wireshark.org/review/26003
Reviewed-by: Guy Harris <guy@alum.mit.edu>

SIGCOMP: Disable UDVM dissection and decompression.

This dissector has had multiple, severe issues over the years. Set the
display.udvm.code and decomp.msg preferences to FALSE by default. Add
warnings about re-enabling them.

Change-Id: Ib23ab1b2cd23b35f2377416c7d197730dedbd9e2
Reviewed-on: https://code.wireshark.org/review/26002
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Update comments to reflect current reality.

Change-Id: Ie0fcc197ed8841b5f7098a5129b774507646f2de
Reviewed-on: https://code.wireshark.org/review/26001
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix endianness.

Make the 1-byte fields little-endian (it doesn't matter, but it's more
consistent that way), and make the transmission attenuation fields
little-endian (where it *does* matter - making them big-endian was
probably a copy-and-pasteo).

Note that the OUI field being "big-endian" is correct, however.
(Radiotap specifies it as an array of 3 octets containing an OUI, and we
display OUIs as big-endian 24-bit quantities.)

Change-Id: I42d19f7ec0d066ce89dbef78d11dff900c0a6b60
Reviewed-on: https://code.wireshark.org/review/25998
Reviewed-by: Guy Harris <guy@alum.mit.edu>

nettrace: remove wrong frees (found by clang).

Change-Id: I5d8c81a4ebb89dfc6b6e9103a407cf24f1aa34d0
Reviewed-on: https://code.wireshark.org/review/25995
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Catapult DCT2000: Update sscanf patterns, and avoid calling if possible

Change-Id: Iafb7d62ab4a0431a00eaa284d421ea38b568533f
Reviewed-on: https://code.wireshark.org/review/25990
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>

TWAMP: Fix packets changing type in wireshark GUI

Since the type detection runs with every click, depending on the order
packets are selected their type can change. With this change the type
detection is run only once during the first pass through the packet list
and the results are saved for later use.

Change-Id: Ie0b16c4b6e3372fcf72a246987fe7f23bc33fa14
Reviewed-on: https://code.wireshark.org/review/25987
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

IEEE 802.11: fix build with gcc7

Remove an unused hf entry.
Remove an unused true_false value string.
Fix an indentation so that the compiler does not think backets are missing.

Change-Id: Id6c0597b68674fd17f750379f941698d72b0cbba
Reviewed-on: https://code.wireshark.org/review/25986
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Reenable ieee 802.3 encapsulation and small cleanups/updates

Change-Id: I6674140b79bb21121edbd3caa371b7d0f179811a
Reviewed-on: https://code.wireshark.org/review/25982
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

TDS: Improve dissection of TDS5 responses.

Add dissection of the TDS5 packets for transmitting column information
(ROWFMT, ROWFMT2) and extended error messages.

Change-Id: Ib85c91b7ea007ce8bdc602bf6b607ab7a5cf1be5
Reviewed-on: https://code.wireshark.org/review/25855
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

rawshark(.c): fix parameter 'phdr' not found in the function declaration [-Wdocumentation]

Change-Id: If5c8fbb77acdf75ba273a6b77d7f338381c229f6
Reviewed-on: https://code.wireshark.org/review/25983
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DIS: move modulation parameters to correct place in tree

Move the modulation parameters record in the Transmitter PDU to its
correct place in the tree, i.e. under the Transmitter PDU element
instead of under the Encryption Key field.

Change-Id: I77b379823d5a43bd943ffabac2d9fa050b19abcd
Reviewed-on: https://code.wireshark.org/review/25972
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-rsl: Add RLL UNITDATA INDICATION

I'm not quite sure why this message is missing from the wireshark
dissector. It's not particularly new, at least I don't recall ever
having seen a spec document in the past decade or so that was missing
this message type. Perhaps a simple oversight.

Change-Id: Idb6c53ff6dc6d65f6ca7ce30a89499d8383d01f6
Reviewed-on: https://code.wireshark.org/review/25974
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

radiotap: Fixes because the meaning of some fields changed.

Two sets of reserved bits now have a meaning:

1. The pri/sec 80 MHz fields in D2
2. The RU allocation offset fields, also in D2.

Change-Id: I9acfce4e3dc61579a686fd53c570c9aceebad10b
Reviewed-on: https://code.wireshark.org/review/25927
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt+Windows: Adjust our DBAR check logic.

Don't bother fetching a file's version if its name doesn't match any of
the DBAR DLL list entries. Otherwise we try to open a bunch of DLLs we
don't care about.

Change-Id: Icab11450839195c1259bb307ae88988f52917487
Reviewed-on: https://code.wireshark.org/review/25973
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: Start to dissect 80211ax trigger frames and other fields.

Here we have dissected much of the Common Info and the user info but there
are still things to fix.

This set also refactors the block ack handling code so I can use it from
the HE Trigger dissection code. We have enough to use in Trigger requests
I think but there are still new block ack requests to be dealt with.

Also refactored the VHT NDP Announcements so we can handle HE NDP
annoucements and added some custom handling of Target RSSI fields.

Many thanks to George Baltatanu who has found many issues along the
way with his testing.

Change-Id: Ia41e1153d7331d24b8ae0b6871935f4fa806d188
Reviewed-on: https://code.wireshark.org/review/25685
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

FP: Fix U-RNTI issue in E-DCH

When configured a E-DCH, the first packet in the channel used the CRNCC instead of U-RNTI (if found)

Change-Id: I31b50af8a44c6f637ac2eefd4caf319bec44c3c6
Reviewed-on: https://code.wireshark.org/review/25929
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Improve our capture filter completions.

Use libpcap's pcap-filter.manmisc to create our capture filter
completion list instead of scanner.l.

Bug: 14430
Change-Id: I11f6eb5679dc93561dce62f28149e103ac9b4a2b
Reviewed-on: https://code.wireshark.org/review/25971
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

WCCP: Make sure our offset increases.

Make sure we advance our offset in various places. Clarify a macro name.

Bug: 14412
Change-Id: I9b2af4bb57d039febe16f0c6d74ebb12fa34693c
Reviewed-on: https://code.wireshark.org/review/25965
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DMP: Recurse only once.

Make sure we call dissect_dmp_security_category from itself only once.

Bug: 14408
Change-Id: Ia03fb32ca414e78ede572d3093b84f9d53ceb0b9
Reviewed-on: https://code.wireshark.org/review/25964
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

And systemd weighs in on how to find out the distribution you're on....

Change-Id: I84e957617b81b6cfad815dc84439e166c0f936b6
Reviewed-on: https://code.wireshark.org/review/25980
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't strip debugging symbols from the binaries in the macOS image.

Unstripped binaries should allow better stack traces in the
CrashReporter files.

Change-Id: Idb2f11cd664dc62331f3394dee09abcd4e88f897
Reviewed-on: https://code.wireshark.org/review/25977
Reviewed-by: Guy Harris <guy@alum.mit.edu>

dof: use g_malloc0 to prevent uninitialized memory (found by clang).

Change-Id: Iac8b077e7223668b58158a29628748aae85ed73e
Reviewed-on: https://code.wireshark.org/review/25885
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>

TWAMP: Avoid triggering an infinite recursion

Restore the original dissect_twamp_control and introduce a small
dissect_twamp_server_greeting to reassemble the TCP packets before
calling dissect_twamp_control.

Change-Id: I9927bc24bc5e5640bd021a12ba7fd98235fefbfb
Link: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14448
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6481
Reviewed-on: https://code.wireshark.org/review/25951
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ftp: calculate bitrate of ft-data session

Change-Id: I54beaa799db07c2cd1a1814c0851a45fd23386cc
Reviewed-on: https://code.wireshark.org/review/25963
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix detection of file type.

Some versions of otool print the file name as the first line when you
run it with -hv, so that the line containing the file type is the fourth
line; others don't print it, so that it's the third line. Instead, look
for the line that has MH_MAGIC.

Change-Id: Ib14f6b24f14069532263332e53a1e9895663641a
Reviewed-on: https://code.wireshark.org/review/25968
Reviewed-by: Guy Harris <guy@alum.mit.edu>

[GSM A RR] RXLEV-SUB-SERVING-CELL displayed with wrong bitmask.

https://ask.wireshark.org/question/1757/gsm-measurement-report-decoding-problem/?answer=1759#post-id-1759

Change-Id: I67f0aaffb1c7b7f4307d5017a2f3858528e3ace6
Reviewed-on: https://code.wireshark.org/review/25962
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

dfilter: use g_malloc0 to prevent uninitialized memory to be used.

Found by clang.

Change-Id: I89497bd0f32c79f82218c6d254a214364c930eb3
Reviewed-on: https://code.wireshark.org/review/25884
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: Use new labels for decryption (draft-09).

Support for draft-08 is still maintained.

Bug: 13881
Change-Id: I6cb4b716772e43223b7da4400ef32c56b0191864
Reviewed-on: https://code.wireshark.org/review/25689
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

TLS: allow QUIC dissector to pass HKDF label for ciphers

To support decryption of future drafts of QUIC, the HKDF label must be
configurable by the QUIC dissector. Currently it can only select between
"tls13 " and "TLS 1.3, " which is not sufficient (it needs "QUIC ").

Change "tls13_hkdf_expand_label" and "tls13_cipher_create" to accept the
label prefix directly instead of just a TLS 1.3 draft version number.

Change-Id: I466a6e1a8f4b051f5775e7d8d6658641a1ae7fb1
Reviewed-on: https://code.wireshark.org/review/25961
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Squelch some cating-away-constness warnings.

Change-Id: I1ebe9b42957e0db5cc04f44e31f291cb40ba14e1
Reviewed-on: https://code.wireshark.org/review/25960
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Bluetooth: HCI_EVT: implement LE Extended Advertising Report

Change-Id: I2d316e671a8342b040899e4e3674cca055e4d1a6
Reviewed-on: https://code.wireshark.org/review/25930
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Don't unnecessarily cast away constness.

Change-Id: Ia7e6f55d4398ec2d1d35f3dc4ef5ff0c51b9746d
Reviewed-on: https://code.wireshark.org/review/25959
Reviewed-by: Guy Harris <guy@alum.mit.edu>

wisun: Small comment fix

Change-Id: I6d30cbd602aba4677e9205759f2f416ecaf4c157
Reviewed-on: https://code.wireshark.org/review/25958
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Updated Wi-SUN dissector to latest specification.

Change-Id: Iaa3dc73fecf0a5e323fe6306b049514bfd09399d
Reviewed-on: https://code.wireshark.org/review/25956
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

tools: add git to optional pkgs in debian-setup script.

Change-Id: I2931ee2bee9a719596318615d2cba7973e30e082
Reviewed-on: https://code.wireshark.org/review/25921
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Make some arguments const, and remove casting-away of constness.

Change-Id: Iaa43b4b355179a265975f67952feac819e79f7a6
Reviewed-on: https://code.wireshark.org/review/25957
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Eliminate another casting-away-constness warning.

Don't fill in a structure if you're not going to use it. Fixing that
means you don't have to free something you've allocated for the
structure.

Change-Id: I6b151b2df43a6444c25583a100f142a51d922c2f
Reviewed-on: https://code.wireshark.org/review/25955
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Remove a casting-away-constness warning.

Keep the pointer to the allocated data in a non-const pointer, and free
it using *that* pointer.

Change-Id: I7d29b6768be58ed0181cd64c68ac0b7d03ec5611
Reviewed-on: https://code.wireshark.org/review/25954
Reviewed-by: Guy Harris <guy@alum.mit.edu>

RPCoRDMA: Set an upper bound for our chunk size.

Make sure our write chunk size doesn't exceed our tvbuff. Adjust a few
length checks.

Bug: 14449
Change-Id: If9dd8a6094830c5b47adfff0acb3ff726168e801
Reviewed-on: https://code.wireshark.org/review/25943
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

BER: Add a length check.

Add a common large length reporting function. Add a length check to
dissect_ber_set.

Bug: 14444.
Change-Id: I6093b5342439cd0ee08f060b8d74b3ae54b3b8f8
Reviewed-on: https://code.wireshark.org/review/25931
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Airpdcap: Add length checks.

Make sure we don't underflow length values.

Bug: 14442
Change-Id: I71baac428ba3b07fe4cd5a7f60fbe2a957ac460e
Reviewed-on: https://code.wireshark.org/review/25937
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add a CheckPoint specific mac address

Change-Id: Id9a30ed4d301c4c2d81fdf626d1134e9585c2f79
Reviewed-on: https://code.wireshark.org/review/25953
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

fuzzshark: don't fuzz udplite.

Don't fuzz IP->udplite protocol. It's using most of UDP code,
but cause udplite calls also udp dissectors it duplicates
work of UDP fuzzer.

This should also decrease IP corpus size, cause in IP corpus
~7.6% (9 165 out of 119 780) is udplite ip.proto

Change-Id: I1d3bde6dd34f76696a34b1c728ce36f3c802e6c9
Link: https://github.com/google/oss-fuzz/issues/1087
Reviewed-on: https://code.wireshark.org/review/25950
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>

Squelch some casting-away-constness warnings.

If we're constructing the string, assign the pointer to it to a
non-const pointer variable, set the stat_tap_ui cli_string member to
that variable, and then use the variable to free it when we're done.

Don't cast away constness if we don't have to.

Change-Id: If3b24dbf1c910e1e6eceb76f2f6a7ae3898315f9
Reviewed-on: https://code.wireshark.org/review/25952
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't cast away constness.

Change-Id: I04cb49a5fe52bc6de66575228b81db1288bd1959
Reviewed-on: https://code.wireshark.org/review/25948
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't cast away constness.

Change-Id: Ib69274a8bc6092129a7754c8d21aa2e6f160e242
Reviewed-on: https://code.wireshark.org/review/25942
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Constify an argument, remove no-longer-necessary removal of constness.

Change-Id: Ic0a70b28bfdb57c4c2ddf07cf071a85042672c9e
Reviewed-on: https://code.wireshark.org/review/25941
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Constify some method arguments, and don't cast away constness.

Change-Id: I266a724ff672026b3fdf07ac2eb2260f37c04247
Reviewed-on: https://code.wireshark.org/review/25940
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Cast away constness at the point where it can't be avoided.

The only reason why we have to cast it away is that C doesn't have a
good framework for creating collections of objects of arbitrary type
(where type includes constness) and we're using a datatype (GHashTable)
implemented and declared in C here. Do it in the g_hash_table_insert()
call.

Change-Id: Ibd7706255519a97b77e4e4a52fada43e050f2bf0
Reviewed-on: https://code.wireshark.org/review/25938
Reviewed-by: Guy Harris <guy@alum.mit.edu>