metze/wireshark/wip.git
4 years agowsgcrypt.h checks internally if we HAVE_LIBGCRYPT
Martin Kaiser [Fri, 30 Oct 2015 16:45:53 +0000 (17:45 +0100)]
wsgcrypt.h checks internally if we HAVE_LIBGCRYPT

we can #include <wsutils/wsgcrypt.h> without doing the check ourselves

Change-Id: I248431bdb6cfa1bd85b794ec04ce1e4fcd3a7d2d
Reviewed-on: https://code.wireshark.org/review/11483
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agosrt_table(.h): fix api reference
Alexis La Goutte [Mon, 2 Nov 2015 08:48:13 +0000 (09:48 +0100)]
srt_table(.h): fix api reference

The following parameters of register_srt_table(const int proto_id, const char *tap_listener, int max_tables, tap_packet_cb srt_packet_func, srt_init_cb init_cb, srt_param_handler_cb param_cb) are not documented:
  parameter 'max_tables'

The following parameters of init_srt_table(const char *name, const char *short_name, GArray *srt_array, int num_procs, const char *proc_column_name, const char *filter_string, srt_gui_init_cb gui_callback, void *gui_data, void *table_specific_data) are not documented:
  parameter 'table_specific_data'

Change-Id: I7c14a46c89c58985a5000b1760ba088d9f0da293
Reviewed-on: https://code.wireshark.org/review/11491
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agortd_table(.h): fix api reference
Alexis La Goutte [Mon, 2 Nov 2015 08:42:49 +0000 (09:42 +0100)]
rtd_table(.h): fix api reference

The following parameters of register_rtd_table(const int proto_id, const char *tap_listener, guint num_tables, guint num_timestats, const value_string *vs_type, tap_packet_cb rtd_packet_func, rtd_filter_check_cb filter_check_cb) are not documented:
  parameter 'num_tables'

Change-Id: I93e9297d0755077ad619839c44d2feb7b2a0c18d
Reviewed-on: https://code.wireshark.org/review/11490
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agoRTPS: added new encoding to proto.c and used it in the rtps dissector
Juanjo Martin [Tue, 20 Oct 2015 15:05:42 +0000 (17:05 +0200)]
RTPS: added new encoding to proto.c and used it in the rtps dissector

RTPS uses NTP encoding with a BASETIME equal to 0.

Also, changed "magic" by "Magic"

Change-Id: I2512176f2018396edaa6b2a1478facd26118cb13
Reviewed-on: https://code.wireshark.org/review/11184
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoUpdate some WSUG screenshots and markup.
Gerald Combs [Sun, 1 Nov 2015 23:58:33 +0000 (15:58 -0800)]
Update some WSUG screenshots and markup.

Updated the main window and main menu screenshots. Update the markup for
the File and Edit menus.

Change-Id: I31282e3913692895a35e749c54c77c8069c7167a
Reviewed-on: https://code.wireshark.org/review/11487
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoudp_dissect_pdus follow-up
Michael Mann [Wed, 19 Aug 2015 03:14:09 +0000 (23:14 -0400)]
udp_dissect_pdus follow-up

Add heuristic support
Better documentation

Change-Id: I236c1f4d3613aa58d608aee0e5edc40c3b158d25
Reviewed-on: https://code.wireshark.org/review/10120
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years ago[bitcoin] don't THROW() an exception from a dissector
Martin Kaiser [Fri, 30 Oct 2015 17:50:41 +0000 (18:50 +0100)]
[bitcoin] don't THROW() an exception from a dissector

Change-Id: Ibdc7fec48cef53041c1791fb4f6decb0a4df0c89
Reviewed-on: https://code.wireshark.org/review/11458
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years ago[bitcoin] Convert commands into a dissector table
Martin Kaiser [Fri, 30 Oct 2015 16:15:35 +0000 (17:15 +0100)]
[bitcoin] Convert commands into a dissector table

Change-Id: I30095150ea639d773b887f191e0028c765beba12
Reviewed-on: https://code.wireshark.org/review/11457
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years ago[iso7816] remove unnecessary initial values
Martin Kaiser [Sun, 1 Nov 2015 17:18:07 +0000 (18:18 +0100)]
[iso7816] remove unnecessary initial values

Change-Id: Ibc370cf99b1f62745174709a35155aa25bc1b3b2
Reviewed-on: https://code.wireshark.org/review/11481
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
4 years agoDisable RTP player debug logs that were presumably left activated by mistake
Pascal Quantin [Sun, 1 Nov 2015 16:58:23 +0000 (17:58 +0100)]
Disable RTP player debug logs that were presumably left activated by mistake

Change-Id: Ieeca052bba14735447cdd6e53de8ed7cda69a27f
Reviewed-on: https://code.wireshark.org/review/11480
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years ago[Automatic update for 2015-11-01]
Gerald Combs [Sun, 1 Nov 2015 16:11:51 +0000 (08:11 -0800)]
[Automatic update for 2015-11-01]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I2ed2f09a178a8c4a455d0ad8be90cf79d235e621
Reviewed-on: https://code.wireshark.org/review/11477
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agopacket-dcerpc: improve dissection of bind time feature negotiation
Stefan Metzmacher [Tue, 6 Oct 2015 13:35:37 +0000 (15:35 +0200)]
packet-dcerpc: improve dissection of bind time feature negotiation

Change-Id: I6bcc5538149e36eed31933897a95fa7592baa84a
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11363
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoTDS: Register each login param in a separate field
Nathan Cole [Sat, 31 Oct 2015 09:19:56 +0000 (09:19 +0000)]
TDS: Register each login param in a separate field

Addition of several fields to cover all login parameters.

Bug: 11661
Change-Id: I1cb1620b0e1a8c40b311f4dd4b6eb91e6e55a74d
Reviewed-on: https://code.wireshark.org/review/11455
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoAdd GUID dissector table support.
Michael Mann [Thu, 16 Oct 2014 03:39:23 +0000 (23:39 -0400)]
Add GUID dissector table support.

It seems like DCE/RPC could benefit from a GUID dissector table, where a dissector can register it's GUID with a dissector handle.   So here is a basic start.

Change-Id: Id407117687a1a648d87f6f99c2ecbf858d8c0911
Reviewed-on: https://code.wireshark.org/review/4718
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agotools/pidl: avoid trailing tabs
Stefan Metzmacher [Thu, 29 Oct 2015 07:32:52 +0000 (08:32 +0100)]
tools/pidl: avoid trailing tabs

Change-Id: I293dd6f2d7ff3b0e27bc3cc49e69977604f12260
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11433
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agoISIS Hello: Restore correct dissection of SPB BVID
Jim Young [Sun, 1 Nov 2015 06:40:41 +0000 (01:40 -0500)]
ISIS Hello: Restore correct dissection of SPB BVID

Commit 301a5b7ceac60d0569ce1717e839241d1072400 introduced a small
regression with the dissection of the BVID.  BVID should be extracted
from the 12 most significant bits not the 12 least significant bits.
Make it so.

Change-Id: Idcf0492eea1f6cb7282641ae243aa7092e5a1418
Reviewed-on: https://code.wireshark.org/review/11472
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agoQt: do not draw sequence analysis items with a display status set to false
Pascal Quantin [Sat, 31 Oct 2015 23:08:39 +0000 (00:08 +0100)]
Qt: do not draw sequence analysis items with a display status set to false

Change-Id: Ieff9d6838fcf5329c16df8b7d6367a4c6c3a5ee5
Reviewed-on: https://code.wireshark.org/review/11467
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agoVoIP Calls: fix SIP calls state
Pascal Quantin [Sat, 31 Oct 2015 22:40:53 +0000 (23:40 +0100)]
VoIP Calls: fix SIP calls state

A request other than INVITE (like ACK for example) is not a call setup

Change-Id: I2e78ed0163822a278b82e250e78aa91e673404cf
Reviewed-on: https://code.wireshark.org/review/11466
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agovoip_calls.c: add missing tap_draw callback to taps asking for a redraw
Pascal Quantin [Sat, 31 Oct 2015 22:36:13 +0000 (23:36 +0100)]
voip_calls.c: add missing tap_draw callback to taps asking for a redraw

Otherwise the GUI does not get populated properly

Change-Id: I5e24ac5ab2909f3200c588405dbdc9c6bbb82a73
Reviewed-on: https://code.wireshark.org/review/11465
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agobluetooth: Fix uninitialized value warning
João Valverde [Sat, 31 Oct 2015 00:20:35 +0000 (00:20 +0000)]
bluetooth: Fix uninitialized value warning

Change-Id: Iee1d1cf3e24dacca3c1a353001a8af71e074a96b
Reviewed-on: https://code.wireshark.org/review/11454
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoTCP: replace some dissector asserts by a return
Pascal Quantin [Sat, 31 Oct 2015 21:05:45 +0000 (22:05 +0100)]
TCP: replace some dissector asserts by a return

It prevents an assert in case of malformed packet

Bug: 11662
Change-Id: If5d7196c7e6ecd0ffe8ed97213dbd64bc1f69cbb
Reviewed-on: https://code.wireshark.org/review/11464
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years ago[ssh] don't THROW() an exception from a dissector
Martin Kaiser [Fri, 30 Oct 2015 18:53:21 +0000 (19:53 +0100)]
[ssh] don't THROW() an exception from a dissector

Change-Id: Ibdbdcf59d7d7d28a812e31c7d7b2123b035f80fa
Reviewed-on: https://code.wireshark.org/review/11461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
4 years ago[ssh] remove some unnecessary if(tree) checks
Martin Kaiser [Fri, 30 Oct 2015 18:40:41 +0000 (19:40 +0100)]
[ssh] remove some unnecessary if(tree) checks

Change-Id: Id335830e70a944dd5c26e66d7515d168725acf3f
Reviewed-on: https://code.wireshark.org/review/11460
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
4 years ago[lmp] don't THROW() an exception from a dissector
Martin Kaiser [Fri, 30 Oct 2015 18:33:17 +0000 (19:33 +0100)]
[lmp] don't THROW() an exception from a dissector

do the bounds check for obj_length before we use it

Change-Id: I9e15fae6de05c5833c6959239fcdc0a7d2ca59cb
Reviewed-on: https://code.wireshark.org/review/11459
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
4 years ago[bitcoin] remove two unnecessary return; statements
Martin Kaiser [Fri, 30 Oct 2015 16:10:46 +0000 (17:10 +0100)]
[bitcoin] remove two unnecessary return; statements

Change-Id: I97e9ac50b096c798c255227df5760523f623d4bd
Reviewed-on: https://code.wireshark.org/review/11456
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
4 years agopacket-dcerpc: add dissect_ndr_ucarray_block()
Stefan Metzmacher [Sun, 27 Sep 2015 02:15:54 +0000 (04:15 +0200)]
packet-dcerpc: add dissect_ndr_ucarray_block()

Change-Id: Ibfb49738ea35d1d02220d69187a6083d5ebbae25
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11365
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agopacket-dcerpc: pass dcerpc_info to dcerpc_dissect_fnct_blk_t
Stefan Metzmacher [Sun, 27 Sep 2015 01:06:32 +0000 (03:06 +0200)]
packet-dcerpc: pass dcerpc_info to dcerpc_dissect_fnct_blk_t

Change-Id: I92711ee39850f6710eaebf5c678496e7cd9b5f59
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11364
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoAdd some "protocol placeholders" to remove confusion with Decode As.
Michael Mann [Fri, 30 Oct 2015 12:37:09 +0000 (08:37 -0400)]
Add some "protocol placeholders" to remove confusion with Decode As.

Change-Id: Icc4bf0149af81c35bc6b615add473168600468fb
Reviewed-on: https://code.wireshark.org/review/11429
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoRemove build-qt-sdk.bat.
Gerald Combs [Fri, 30 Oct 2015 18:26:26 +0000 (11:26 -0700)]
Remove build-qt-sdk.bat.

The buildbots have been using pre-built packages from The Qt Company for
a while now and it's unlikely we'll have to compile our own in the future.

Change-Id: Iee93ab05af46f40585256f991b176392f018727a
Reviewed-on: https://code.wireshark.org/review/11449
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoExplain why Get-HardenFlags currently fails.
Gerald Combs [Fri, 30 Oct 2015 18:18:45 +0000 (11:18 -0700)]
Explain why Get-HardenFlags currently fails.

Change-Id: I4a956b2479a482a9262e6e67f6c7611fad9dde84
Reviewed-on: https://code.wireshark.org/review/11448
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoAdd a comment giving details on the Centrino stuff.
Guy Harris [Fri, 30 Oct 2015 18:11:32 +0000 (11:11 -0700)]
Add a comment giving details on the Centrino stuff.

Change-Id: Ie65c106f62c8d783c1c53d7a9c3f213f49ae0c1b
Reviewed-on: https://code.wireshark.org/review/11445
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoSTUN: register a new conversation dissector after receiving a ConnectionBind Success...
Pascal Quantin [Wed, 28 Oct 2015 21:32:17 +0000 (22:32 +0100)]
STUN: register a new conversation dissector after receiving a ConnectionBind Success Response message

According to RFC 6062, once the connection is established, data is sent as-is
To stop the STUN dissector from interfering, add the ability to specify a starting
frame for a conversation dissector and use it

Bug: 11641
Change-Id: I65ca96bddacf70444009c0642ea22173fa68992e
Reviewed-on: https://code.wireshark.org/review/11372
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agoThe item argument is used.
Guy Harris [Fri, 30 Oct 2015 17:18:17 +0000 (10:18 -0700)]
The item argument is used.

Change-Id: I066c8364bcd12d78b41c336b42f235bdfe112515
Reviewed-on: https://code.wireshark.org/review/11441
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoGTPv2: Mark a parameter unused.
Gerald Combs [Fri, 30 Oct 2015 17:06:46 +0000 (10:06 -0700)]
GTPv2: Mark a parameter unused.

Change-Id: I0dde941a1d1c9b776363d61cc3e849189b2ea0e7
Reviewed-on: https://code.wireshark.org/review/11439
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoNLM: fix double memory free when using "Match MSG/RES packets for async NLM" option
Pascal Quantin [Fri, 30 Oct 2015 13:42:47 +0000 (14:42 +0100)]
NLM: fix double memory free when using "Match MSG/RES packets for async NLM" option

Change-Id: Ie4f5f8e1ccf9d7b6c7fbee6126697c65f2cc17df
Reviewed-on: https://code.wireshark.org/review/11431
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years ago[GTPv2] Dissect Load Control Information IE
AndersBroman [Fri, 30 Oct 2015 13:46:09 +0000 (14:46 +0100)]
[GTPv2] Dissect Load Control Information IE

Bug: 11655
Change-Id: I9d50d53ce6b98d7a3e06e90450607f6d5b6be1bc
Reviewed-on: https://code.wireshark.org/review/11430
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agoRPC: fix crash when calling NLMv4 SRT statistics
Pascal Quantin [Fri, 30 Oct 2015 11:31:04 +0000 (12:31 +0100)]
RPC: fix crash when calling NLMv4 SRT statistics

packet scope is not valid when called from GUI.
To keep API constant, introduce a rpc_proc_name_internal() function allowing to
define the memory scope used for string allocation.

Bug: 11654
Change-Id: Iff36c090650939c9f2bebfd9c3fd25c51fd97dc0
Reviewed-on: https://code.wireshark.org/review/11425
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agopacket-smb2: Add dissector for SMB2_FSCTL_OFFLOAD_READ
Michael Adam [Thu, 23 Jan 2014 13:09:02 +0000 (14:09 +0100)]
packet-smb2: Add dissector for SMB2_FSCTL_OFFLOAD_READ

Change-Id: I0bbbe3f92cf88c3d3d051ad613e237411b828e43
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11360
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoopenSAFETY: Remove need for SIII dissector register
Roland Knall [Fri, 30 Oct 2015 08:56:10 +0000 (09:56 +0100)]
openSAFETY: Remove need for SIII dissector register

 Remove the need for the registration of a dedicated SIII dissector,
 as this might interfere with "Decode As" handling, as well as being
 redundant and no longer needed.

 The udpdata dissector can handle both and gate to the correct
 sub-dissector if necessary.

Change-Id: I756cd845e7e8d64848d9928ad9ff04d571434835
Reviewed-on: https://code.wireshark.org/review/11421
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agocouchbase: implement comand 0x48 to get vbucket seqnos
Sergey Avseyev [Fri, 30 Oct 2015 07:39:01 +0000 (10:39 +0300)]
couchbase: implement comand 0x48 to get vbucket seqnos

Also add missing extras definition for DCP buffer acknowledgement

Change-Id: I29cd1e4751b92f119627e42329b2dcfdd7c378df
Reviewed-on: https://code.wireshark.org/review/11419
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years ago[OpenFlow] Use correct name for flag OFPMPF_REPLY_MORE.
Pavlos Antoniou [Thu, 29 Oct 2015 14:20:09 +0000 (16:20 +0200)]
[OpenFlow] Use correct name for flag OFPMPF_REPLY_MORE.

Change-Id: Id190d1a1e24df0c79026bb8dbf62ccd154c1e90d
Reviewed-on: https://code.wireshark.org/review/11399
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agoDCERPC: Regenerate PIDL dissector
Alexis La Goutte [Fri, 30 Oct 2015 10:10:18 +0000 (11:10 +0100)]
DCERPC: Regenerate PIDL dissector

Fix some not updated link to wiki...

Change-Id: Iafaa743c4adda36e6dffe2ec2a3a25b8228b9778
Reviewed-on: https://code.wireshark.org/review/11424
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoAdd a few new negative dfilter tests.
Jeff Morriss [Tue, 27 Oct 2015 22:44:35 +0000 (18:44 -0400)]
Add a few new negative dfilter tests.

For example, to ensure that "field = value" is not a valid dfilter (as was
recently a problem).

As suggested by Alexis.

Change-Id: Ibf498c30325579e3d5474bb2d397f1bbb9ffc07f
Reviewed-on: https://code.wireshark.org/review/11339
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agoCMake: Fix compatibility with CMake 3
Ryan Doyle [Thu, 29 Oct 2015 09:01:49 +0000 (20:01 +1100)]
CMake: Fix compatibility with CMake 3

The version of CMake I use (3.2.2) failed to parse the
CMakeLists.txt

Change-Id: I146c5a5ba8cd6fa6236b53039a31cc085bf5b460
Reviewed-on: https://code.wireshark.org/review/11392
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoUpdate the taskbar icon when we start a capture.
Gerald Combs [Thu, 29 Oct 2015 18:47:41 +0000 (11:47 -0700)]
Update the taskbar icon when we start a capture.

Call both QMainWindow::setWindowIcon and QGuiApplication::setWindowIcon
when we switch between normal and capture icons. The former sets the
window title bar icon and the latter (depending on your OS and Qt version)
sets the taskbar or dock icon.

Change-Id: Ida523d423bef4df44696f6cd75208986c8787d0f
Reviewed-on: https://code.wireshark.org/review/11414
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoQt: Allow Expert Information retapping.
Gerald Combs [Thu, 29 Oct 2015 17:53:37 +0000 (10:53 -0700)]
Qt: Allow Expert Information retapping.

The Expert Information dialog is open-ended. It adds a tap listener but
doesn't remove it, which is useful during live captures. Make sure we
add our second-level tree items each time taps are drawn and when
tapping is finished.

Change-Id: Ie06d60512644e540172f1b330b631db4e4e86897
Bug: 11644
Reviewed-on: https://code.wireshark.org/review/11407
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoQt: Add the ability to add filter expressions.
Gerald Combs [Wed, 28 Oct 2015 21:41:59 +0000 (14:41 -0700)]
Qt: Add the ability to add filter expressions.

Add a "+" icon to the display filter toolbar which allows the addition
of a new filter expression button. (Hopefully this will be the last main
window UI change before 2.0.)

Change-Id: I52bf56bf699dddb7b387b9f4de1bf8b35eb3c4ce
Reviewed-on: https://code.wireshark.org/review/11375
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoFix typoes.
Guy Harris [Thu, 29 Oct 2015 18:49:06 +0000 (11:49 -0700)]
Fix typoes.

Change-Id: Icb0f25dbe7a7f9b6b863831a8610e7e1f82fd983
Reviewed-on: https://code.wireshark.org/review/11412
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agossl-utils: add versions to ssl debug log
Peter Wu [Thu, 29 Oct 2015 15:09:17 +0000 (16:09 +0100)]
ssl-utils: add versions to ssl debug log

Add Wireshark/GnuTLS/Libgcrypt versions to the debug log file. Remove
ssl_lib_init since it didn't do anything useful (the debug file was not
open yet so it would write... nothing).

Match more (EC)DH(E) cipher suites and try to improve the message.

Add the human-readable name besides numeric cipher suite IDs.

Change-Id: I84a33d270f91e90efc55371475b231b483fd24c9
Reviewed-on: https://code.wireshark.org/review/11403
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoIt's "GTP Prime" ("GTP'"), not "GTP Prim".
Guy Harris [Thu, 29 Oct 2015 18:44:41 +0000 (11:44 -0700)]
It's "GTP Prime" ("GTP'"), not "GTP Prim".

Change-Id: I3b9e321483f21848f884bd301689c43fd625e747
Reviewed-on: https://code.wireshark.org/review/11410
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoDistinguish mDNS from Boring Old DNS.
Guy Harris [Thu, 29 Oct 2015 18:39:17 +0000 (11:39 -0700)]
Distinguish mDNS from Boring Old DNS.

Oh, and the "S" in "DNS" stands for "System", not "Service"; see RFC
1034 and 1035.

Change-Id: Iff1904dbe245db68880b3336d744460f21fb8fd8
Reviewed-on: https://code.wireshark.org/review/11408
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoepl: Put OD information into own subtree
Christoph Schlosser [Wed, 28 Oct 2015 09:56:58 +0000 (10:56 +0100)]
epl: Put OD information into own subtree

 Instead of displaying a long list of OD index, subindex and padding, group
 the information by parameters.

Change-Id: I03ea83f187b4bd4956361d33be674ec62e35bea1
Reviewed-on: https://code.wireshark.org/review/11398
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Christoph Schlosser <christoph.schlosser@yahoo.de>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years ago[SMB2] Fix compile error.
Michael Mann [Thu, 29 Oct 2015 15:43:25 +0000 (11:43 -0400)]
[SMB2] Fix compile error.

At least MSVC2010 doesn't like individual initialization of structure members by name.
It did pass Patri-Dish.

Change-Id: I8770a465faf455e2733c7c8015b449871f2acfb0
Reviewed-on: https://code.wireshark.org/review/11406
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoEtherCAT: wrong display name
Alexis La Goutte [Thu, 29 Oct 2015 12:53:26 +0000 (13:53 +0100)]
EtherCAT: wrong display name

Wireshark is showing 2 consecutive bytes named "SubIdx" in a SDO info request (OpCode = 0x5) and response (OpCode = 0x6). But the second byte should be the "ValueInfo" instead in both request and response.

Issue reported by ThoKu

Bug:11652
Change-Id: I7f6395208d38e714071de5dbb40e3ddb9829f210
Reviewed-on: https://code.wireshark.org/review/11397
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agotools/checkAPIs.pl: improve the hf_ error messages
Stefan Metzmacher [Thu, 29 Oct 2015 06:19:54 +0000 (07:19 +0100)]
tools/checkAPIs.pl: improve the hf_ error messages

Change-Id: Ie8132f317f2d1c27af83218c48874941bd3cc5d0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11390
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoEPAN: fix indent (use tab)
Alexis La Goutte [Wed, 28 Oct 2015 14:38:39 +0000 (15:38 +0100)]
EPAN: fix indent (use tab)

Change-Id: I0545cf70decf923a3a042fa8c9dec3e60a861268
Reviewed-on: https://code.wireshark.org/review/11391
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agopcp: fix reporting of error status in info column
Ryan Doyle [Thu, 29 Oct 2015 10:28:46 +0000 (21:28 +1100)]
pcp: fix reporting of error status in info column

Typo when the dissector was first written. It should have always been
the offset.

Change-Id: Ica7e88571d3746811b574834cbfa0f91218d573c
Reviewed-on: https://code.wireshark.org/review/11393
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
4 years agopacket-smb2: display SMB2_FLAGS_PRIORITY_MASK in the header
Stefan Metzmacher [Wed, 23 Sep 2015 05:40:21 +0000 (07:40 +0200)]
packet-smb2: display SMB2_FLAGS_PRIORITY_MASK in the header

Change-Id: I6bae88395f46de0bc4c790ca41914c75e6c98793
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11359
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agopacket-smb2: maintain a smb2_fid_info per open file
Stefan Metzmacher [Sat, 26 Sep 2015 19:59:02 +0000 (21:59 +0200)]
packet-smb2: maintain a smb2_fid_info per open file

This can we used as salt for dcerpc connections over smb2.

The key is that we identify an open by the combination
of session_id, tree_id, persistent file_id and volative file_id.
As some broken implementations make the file_ids only unique
per tree connect.

Change-Id: I85cab68503560840a98d2d8d6c21b447b4242e3c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11358
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoUse "2.0.0" for symbols that are in 2.0.
Guy Harris [Thu, 29 Oct 2015 05:10:44 +0000 (22:10 -0700)]
Use "2.0.0" for symbols that are in 2.0.

Change-Id: Ie8c6206f0761310a6bb101d10b981b9f917116b2
Reviewed-on: https://code.wireshark.org/review/11389
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoUpdate symbol list.
Guy Harris [Thu, 29 Oct 2015 05:04:30 +0000 (22:04 -0700)]
Update symbol list.

Change-Id: Id3c275c2c3e15bb54f8b30423c990ca78fc94d32
Reviewed-on: https://code.wireshark.org/review/11387
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoMove the definition of MAX_NUM_COLOR_CONVERSATION_COLORS.
Guy Harris [Thu, 29 Oct 2015 04:30:27 +0000 (21:30 -0700)]
Move the definition of MAX_NUM_COLOR_CONVERSATION_COLORS.

It's only used by the GTK+ main menubar code, so put it there.  I guess
the Qt UI either doesn't have such a limit or defines it itself.

Change-Id: I221be506ac40eee33514301db737ef7e22deb7a6
Reviewed-on: https://code.wireshark.org/review/11385
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoTweak some names to better reflect what the named items are.
Guy Harris [Thu, 29 Oct 2015 04:21:36 +0000 (21:21 -0700)]
Tweak some names to better reflect what the named items are.

The old "dissector filter" code used "_filter_" in some names; the new
code used "_conv_", but they're not checking whether a *conversation* is
valid and building a *conversation* string, they're checking whether a
*filter* can be generated and building that *filter* string.

Change-Id: Iea6b1cbeb0fedefdb1fff6c23d7dee9d6e684c15
Reviewed-on: https://code.wireshark.org/review/11383
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoBetter explain what these are all about.
Guy Harris [Thu, 29 Oct 2015 03:57:37 +0000 (20:57 -0700)]
Better explain what these are all about.

Change-Id: I52cf53ec5d32da85ad62b2b75066dc6255f6095f
Reviewed-on: https://code.wireshark.org/review/11381
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years ago"Color dissector filters" are just filters.
Guy Harris [Thu, 29 Oct 2015 03:30:55 +0000 (20:30 -0700)]
"Color dissector filters" are just filters.

Rename the color_dissector_filters.[ch] files to just
dissector_filters.[ch], and rename the routines not to include the
string "color_", as those filters can be used as color filters *or*
display filters.

Remove "color_" from other places where we're not doing colorization.

In the GTK+ code, combine the two loops that add menu items for filters
in the dissector-provided filters list into one.

Change-Id: I08ecccc6b1b1be675e4129a0589f36c9f240407c
Reviewed-on: https://code.wireshark.org/review/11379
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoHSRP(v2): Always display all fields (Like Padding...)
Alexis La Goutte [Wed, 28 Oct 2015 18:01:23 +0000 (19:01 +0100)]
HSRP(v2): Always display all fields (Like Padding...)

Change-Id: I98df3481154e096a34c24f1a65a02ba54f6f5877
Reviewed-on: https://code.wireshark.org/review/11367
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agopacket-dcerpc: Move Auth padding to the right tree
Gregor Beck [Fri, 30 Aug 2013 12:00:56 +0000 (14:00 +0200)]
packet-dcerpc: Move Auth padding to the right tree

Change-Id: Id986a74df7cc934117a6e64422e9a10e9cd740b2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11361
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoRADIUS: remove space before ;
Alexis La Goutte [Wed, 28 Oct 2015 19:47:38 +0000 (20:47 +0100)]
RADIUS: remove space before ;

Change-Id: I60e4c917465a083ad76fa0cde80afce52371d1c8
Reviewed-on: https://code.wireshark.org/review/11371
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoCMake: Use CMAKE_CL_64.
Gerald Combs [Wed, 28 Oct 2015 23:52:41 +0000 (16:52 -0700)]
CMake: Use CMAKE_CL_64.

CMake sets CMAKE_CL_64 if we're using a 64-bit version of Visual Studio.
Use it.

Change-Id: I04595a0e703e39e428d853a506472f3881672a35
Reviewed-on: https://code.wireshark.org/review/11376
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoJust use g_mkdir_with_parents() to make the .config directory on UN*X.
Guy Harris [Wed, 28 Oct 2015 23:06:18 +0000 (16:06 -0700)]
Just use g_mkdir_with_parents() to make the .config directory on UN*X.

It will create all the relevant directories (if it can), using
g_mkdir(), which is a wrapper for mkdir() on UN*X - just as ws_mkdir()
is, so we don't need to make our own copy that uses ws_mkdir.

Bug: 11645
Change-Id: I68affc6fabccf58dace75af078d9bfd67a1b47b2
Reviewed-on: https://code.wireshark.org/review/11373
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoDo the "create parent of config file directory" stuff on UN*X as well.
Guy Harris [Wed, 28 Oct 2015 19:44:53 +0000 (12:44 -0700)]
Do the "create parent of config file directory" stuff on UN*X as well.

~ obviously exists, but ~/.config might not, making it impossible to
create ~/.config/wireshark.

Bug: 11645
Change-Id: Ia267b168eb7b1438d4c35a6bb89df9d7bfcbd3f3
Reviewed-on: https://code.wireshark.org/review/11368
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoQt: initialize all UAT fields when creating a new line
Pascal Quantin [Tue, 27 Oct 2015 22:55:13 +0000 (23:55 +0100)]
Qt: initialize all UAT fields when creating a new line

Otherwise it can trigger a crash when calling the callback while some fields have a NULL pointer (SSL post_update_cb for example)

Change-Id: I25ac97d8e0bbf47e737f74029715358cb29cfb3d
Reviewed-on: https://code.wireshark.org/review/11334
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agoframe_data: Reset subnum if visited is resetted
Roland Knall [Wed, 28 Oct 2015 05:59:35 +0000 (06:59 +0100)]
frame_data: Reset subnum if visited is resetted

 subnum get's resetted when the file is reloaded. But subnum
 does not get resetted, if for instance a preference has been
 set directly via (Protocol Name)->Protocol Preferences-> ...
 in the Protocol list. But flags.visited get's resetted.

 This leads to the scenario, where reloading a trace starts subnum
 with 0 and applying a preference starts subnum with the highest
 value it had before.

 This patch ensures, that all methods for reloading the frame
 lead to the same init value

Change-Id: I167d1e03f7e2e6c60492f501ee5cb9555ac12ac9
Reviewed-on: https://code.wireshark.org/review/11341
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agoepan_init(): make 'status' volatile (to avoid might-be-clobbered warnings).
Jeff Morriss [Wed, 28 Oct 2015 12:42:23 +0000 (08:42 -0400)]
epan_init(): make 'status' volatile (to avoid might-be-clobbered warnings).

Change-Id: Ic0f1c99a530089f21b08337379a5a0bc7f566b9c
Reviewed-on: https://code.wireshark.org/review/11352
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
4 years agoAUTHORS: Small layout fixes
Stig Bjørlykke [Wed, 28 Oct 2015 08:46:23 +0000 (09:46 +0100)]
AUTHORS: Small layout fixes

The presentation in GUI should be improved to not depend on the
number of TAB's used in the source AUTHORS file.

Change-Id: I3db1f80112e01613c57be25ad866afbb717fc92f
Reviewed-on: https://code.wireshark.org/review/11345
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
4 years agoSTUN: identify new TCP specific methods as being TURN
Pascal Quantin [Wed, 28 Oct 2015 07:53:45 +0000 (08:53 +0100)]
STUN: identify new TCP specific methods as being TURN

Bug: 11641
Change-Id: I4d0e0949c13b5fb66e644312d73a189f16d592be
Reviewed-on: https://code.wireshark.org/review/11343
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
4 years agoImprove dissection of HSRPv1 packets using MD5 authentication
Dhiru Kholia [Mon, 26 Oct 2015 14:37:31 +0000 (15:37 +0100)]
Improve dissection of HSRPv1 packets using MD5 authentication

HSRP (Version: 0) can use MD5 Authentication TLV sequence for
authentication, and such packets are now dissected properly.

Sample HSRP (Version: 0), and HSRPv2 .pcap files can be found at,
https://github.com/kholia/my-pcaps

Change-Id: Ib84d344c6977065b1948231503d13c675de34ea4
Reviewed-on: https://code.wireshark.org/review/11285
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
4 years agoGet rid of a couple of UAT macros.
Gerald Combs [Tue, 27 Oct 2015 23:24:01 +0000 (16:24 -0700)]
Get rid of a couple of UAT macros.

Declare and fill in some functions normally instead of using macros.

Change-Id: I06323ecf53e0fe8ce7299168984838c87209acc5
Reviewed-on: https://code.wireshark.org/review/11336
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoCatch REPORT_DISSECTOR_BUG() calls in dissector registration routines.
Guy Harris [Wed, 28 Oct 2015 00:41:23 +0000 (17:41 -0700)]
Catch REPORT_DISSECTOR_BUG() calls in dissector registration routines.

Have epan_init() return a success/failure Boolean indication.  Catch
exceptions when calling the dissector registration routines and, if we
get one, report the error and return a failure indication.

If epan_init() fails, quit, but first make sure the reported error is
displayed.

Change-Id: I0300cbb1f66a5644f857a205235124909d684c50
Reviewed-on: https://code.wireshark.org/review/11340
Reviewed-by: Guy Harris <guy@alum.mit.edu>
4 years agoUpdate Travis to Trusty
Alexis La Goutte [Sat, 17 Oct 2015 09:09:57 +0000 (11:09 +0200)]
Update Travis to Trusty

It is now possible to have Trusty Ubuntu image when using Travis (Github)
http://blog.travis-ci.com/2015-10-14-opening-up-ubuntu-trusty-beta/

Move to Trusty (and GTK3/Qt5)

Change-Id: I54cbd4936dd9d8fbd8fe9fb1538290045ec0d5af
Reviewed-on: https://code.wireshark.org/review/11115
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoRADIUS: Add IPv6 support to Ascend Data Filter
Alexis La Goutte [Tue, 27 Oct 2015 12:32:40 +0000 (13:32 +0100)]
RADIUS: Add IPv6 support to Ascend Data Filter

Bug:11630
Change-Id: Ibf7a38ffa4bb2c7fbcdab80c30213b9bb4aaff20
Reviewed-on: https://code.wireshark.org/review/11321
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoAdd preferences for related packets and the scroll bar minimap.
Gerald Combs [Tue, 27 Oct 2015 22:04:44 +0000 (15:04 -0700)]
Add preferences for related packets and the scroll bar minimap.

Add gui.packet_list_show_related and gui.packet_list_show_minimap.
Show_related enables and disables the related packet delegate.
Show_minimap enables and disables the minimap. Start calling it the
"intelligent scroll bar" since that's the best suggestion for a name
I've seen so far.

Leave them out of the Appearance preference pane for now.

Change-Id: I5869c446fda5c8e62d6b1e49a74d63ba3b117b0f
Reviewed-on: https://code.wireshark.org/review/11332
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoSTUN: add TCP specific methods and attribute
Pascal Quantin [Tue, 27 Oct 2015 21:18:49 +0000 (22:18 +0100)]
STUN: add TCP specific methods and attribute

Bug: 11641
Change-Id: I2990a327e80d57463ab908fc9660b98253d7c9d0
Reviewed-on: https://code.wireshark.org/review/11323
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years ago[ssl] dissect handshake messages even if we have no tree
Martin Kaiser [Tue, 20 Oct 2015 16:41:46 +0000 (18:41 +0200)]
[ssl] dissect handshake messages even if we have no tree

this is to make sure that all expert info we see in the
main window will also appear in the expert info window

the sample capture from bug 11561 shows this problem:
without this patch, the expert info with severity 'error'
don't show up in the expert info window

Change-Id: Ia71ae7e248f57bf1344cf722ac57e74c517828d5
Reviewed-on: https://code.wireshark.org/review/11246
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoRADIUS: Use directly tvb_ip*_to_str
Alexis La Goutte [Tue, 27 Oct 2015 12:44:44 +0000 (13:44 +0100)]
RADIUS: Use directly tvb_ip*_to_str

Change-Id: I4b9452e49351d7bf627457f433d11d18c19d985b
Reviewed-on: https://code.wireshark.org/review/11306
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoPPCAP: don't pass by local variable for display address
Alexis La Goutte [Tue, 27 Oct 2015 12:51:39 +0000 (13:51 +0100)]
PPCAP: don't pass by local variable for display address

Change-Id: I9ac7ba2dfd8c8f3b084e8e95a893830828b28a46
Reviewed-on: https://code.wireshark.org/review/11308
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoQt: Add a filter expression item to the display filter edit menu.
Gerald Combs [Tue, 27 Oct 2015 16:52:51 +0000 (09:52 -0700)]
Qt: Add a filter expression item to the display filter edit menu.

Add an item to the display filter bookmark menu which opens the filter
expression preferences. We also need an expression editor frame similar
to the column editor frame, but hopefully this will suffice until that
exists.

Change-Id: If4c159bb769f0f8e7f89db55f1c6fd7c0bf65c87
Reviewed-on: https://code.wireshark.org/review/11315
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoAdd jitter logic to RtpAudioStream.
Gerald Combs [Mon, 26 Oct 2015 15:34:58 +0000 (08:34 -0700)]
Add jitter logic to RtpAudioStream.

Copy the jitter logic from rtp_player.c to rtp_audio_stream.cpp. This
still isn't correct but the RTP player should now be complete enough to
start looking at the bug list at the top of rtp_player_dialog.cpp.

Disable timing and jitter controls while we're playing while we're here.
Fixes bug 11635.

Bug: 11635
Change-Id: Ie583ade522702cbe1bbcea4475a535caa1d74fa2
Reviewed-on: https://code.wireshark.org/review/11295
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoAdd Decode As capabilities to MoldUDP64 dissector.
Michael Mann [Sat, 24 Oct 2015 00:26:59 +0000 (20:26 -0400)]
Add Decode As capabilities to MoldUDP64 dissector.

This is used by the NASDAQ-ITCH dissector to dissect a MoldUDP64 payload.

From: https://ask.wireshark.org/questions/46882/help-decoding-moldudp64-payload-as-nasdaq-itch
Change-Id: I78c706e12685604e2fc2176b5c4a89de73bd7e56
Reviewed-on: https://code.wireshark.org/review/11235
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoIt is RADIUS Protocol
Alexis La Goutte [Tue, 27 Oct 2015 12:45:43 +0000 (13:45 +0100)]
It is RADIUS Protocol

Like Remote Authentication Dial In User Service (RADIUS) and not radius...

Change-Id: Id28cc12a4b33c7095115315f1a9e2e350574215a
Reviewed-on: https://code.wireshark.org/review/11307
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoopcua: display string representation of AttributeId and DeadbandType
Hannes Mezger [Tue, 27 Oct 2015 13:36:10 +0000 (14:36 +0100)]
opcua: display string representation of AttributeId and DeadbandType

Change-Id: I41f100ddab544054f8fab89f3f5da61866db7a2d
Reviewed-on: https://code.wireshark.org/review/11309
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoDfilter: Mark an error in %syntax_error
Stig Bjørlykke [Tue, 27 Oct 2015 07:53:44 +0000 (08:53 +0100)]
Dfilter: Mark an error in %syntax_error

Because of a change in lemon the %parse_failure is not always called.

Bug: 11637
Change-Id: Iea218aeee10e20f29461169829a10345bbdac903
Reviewed-on: https://code.wireshark.org/review/11302
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
4 years agoGVCP: do not try to append register value to info column when READREG_ACK has an...
Pascal Quantin [Tue, 27 Oct 2015 14:42:45 +0000 (15:42 +0100)]
GVCP: do not try to append register value to info column when READREG_ACK has an error status

Bug: 11639
Change-Id: I1389b74092138e3b28cf4f0dd2d2c8967ec8ba12
Reviewed-on: https://code.wireshark.org/review/11310
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
4 years agoQt: Protect against unintentional "no capture file" window status
Michal Labedzki [Fri, 25 Sep 2015 09:05:45 +0000 (11:05 +0200)]
Qt: Protect against unintentional "no capture file" window status

If capture file was closed and we have some WiresharkDialogs opened,
then we still need to know filename of capture file
related to specific dialog.

Change-Id: I15f0e5176b87713bf747eead64021619d0bdf039
Reviewed-on: https://code.wireshark.org/review/11025
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
4 years agoConvert SIP statistics to the stat tap API.
Gerald Combs [Sun, 25 Oct 2015 00:45:51 +0000 (17:45 -0700)]
Convert SIP statistics to the stat tap API.

It looks like this one fell through the cracks because it dynamically
registered itself via register_tap_listener_gtksipstat and wasn't listed
in the "/Telephony/" path in main_menubar.c.

Ping-Bug: 11638
Change-Id: I4c82b36d204207c81e82a19efce98b6a091351ca
Reviewed-on: https://code.wireshark.org/review/11293
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
4 years agoReplace all "dissector filter" registrations with "dissector color filter" registration.
Michael Mann [Sun, 25 Oct 2015 14:32:29 +0000 (10:32 -0400)]
Replace all "dissector filter" registrations with "dissector color filter" registration.

In the GTK, there was "colorize" (via context menu using color_dissector_filter.{c,h}) or "not colorize" (via main menu using dissector_filters.{c,h}).  In Qt, you have the option to colorize (via context menu using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).

Combine all into "colorize" and convert GTK to use color_dissector_filter.{c,h} in the "not colorize" main menu like Qt.

Change-Id: Ib3ca1c822f5f66ab5b812632d808f7905b328483
Reviewed-on: https://code.wireshark.org/review/11263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoList the disappearance of the ADDRESS macros as an API change.
Jeff Morriss [Mon, 26 Oct 2015 14:55:21 +0000 (10:55 -0400)]
List the disappearance of the ADDRESS macros as an API change.

Also reword the "reload of the current capture file as MIME or capture file"
item a bit.

Lastly, these release notes are a preview of 2.2 now (not 2.0).

Change-Id: Ie0ad7573b0df56534d02b8942b7a6376546bedc5
Reviewed-on: https://code.wireshark.org/review/11287
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoShow the Experimental-Result-Code if we don't know have a subdissector for that
Jeff Morriss [Mon, 26 Oct 2015 20:44:18 +0000 (16:44 -0400)]
Show the Experimental-Result-Code if we don't know have a subdissector for that
vendor ID.

Otherwise the value is simply not shown to the user.

Adding support for a vendor ID's Experimental Result Codes isn't as easy as
modifying the XML so don't add an expert info about it.

Change-Id: I65f2cb13853cc7141fb242fa03c6e474a6c02cb9
Reviewed-on: https://code.wireshark.org/review/11294
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
4 years agonfs: Add FF_FLAGS_NO_IO_THRU_MDS for layout flags
Tom Haynes [Mon, 26 Oct 2015 18:29:24 +0000 (11:29 -0700)]
nfs: Add FF_FLAGS_NO_IO_THRU_MDS for layout flags

Change-Id: I6f90aba1d804b1da666d471b9470acac63df4845
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/11291
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4 years agoOnly store frame number and not a pointer to frame_data structure in seq_analysis_item_t
Pascal Quantin [Sun, 25 Oct 2015 21:52:30 +0000 (22:52 +0100)]
Only store frame number and not a pointer to frame_data structure in seq_analysis_item_t

Qt GUI allows to keep windows open after closing the capture file. Let's not access to freed memory.

Bug: 11573
Change-Id: I9e70d818a4b228af319961ec512b6b9725792477
Reviewed-on: https://code.wireshark.org/review/11270
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>