git.samba.org - metze/wireshark/wip.git/log

Extend enterprises.tsv to accept spaces as separators

We can do so easily because the format is so simple. This makes it
more convenient for a user to hand-edit a dictionary in the personal
config folder. We still use tabs in the system file for a small space
gain.

Also add a brief description of the format as a comment.

Change-Id: If3f741bff16f1f42c8ef07d643dc6463caaad1a5
Reviewed-on: https://code.wireshark.org/review/22678
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ZigBee cleanup minor errors

Alarm Code now correctly displayed as a byte
Missing ZCL status codes from ZCL 6 and ZCL 7 have been added
Input and Output Cluster Lists now displayed in hex as they are everywhere else
The term Device is no longer used, instead Nwk Addr and Address are used as applicable

Change-Id: I552f4b64974bf44088a1c8f90d44e5459a0f81a6
Reviewed-on: https://code.wireshark.org/review/22683
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

LPP: upgrade dissector to v14.2.0

Change-Id: I445c5ef34c1a688310042634eb38bed9b17cadaf
Reviewed-on: https://code.wireshark.org/review/22679
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Do the meta-tag stuff the same way in all three cases.

Undo most of the changes, but turn the return at the end of the default
case into a break.

Change-Id: I022b62a85254ff188f19fd3d7c3fe40b0789b3d2
Reviewed-on: https://code.wireshark.org/review/22695
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Revert "Don't byte-swap an 1-byte value."

This reverts commit 74a2ae4abac3be78d140d9671fa79977de449ed1.

No, that's just Coverity not understanding macros *again*, and thinking a particular expanded instance of a macro is the result of some human being silly rather than of the arguments being such that some computations can be elided at compile time.

Change-Id: I40f2ad8bf018b0df02d90ed0e272505be68dae7e
Reviewed-on: https://code.wireshark.org/review/22693
Reviewed-by: Guy Harris <guy@alum.mit.edu>

CQL: Fixes the dissector so PREPARE Results have the Query ID

Change-Id: I518335dc317ac5fb3c1339686579ff44b73c2546
Reviewed-on: https://code.wireshark.org/review/22675
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: Fix "Filter Button Preferences" shortcut

When Expert preference UAT was promoted to main preference tree
the entry for Filter Buttons was moved and the code for handling
prefs_pane_to_item_ was wrong.

This should be rewritten to a bulletproof solution.

Change-Id: I1d98aa75da7107ac2e50b29ff19c52dc516053a6
Fixes: v2.5.0rc0-386-gd4d30faeb8
Reviewed-on: https://code.wireshark.org/review/22676
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Remove unnecessary test.

The default case ends with return, so the pointer won't be null by the
time out exit the case statement - either a non-default case is
processed and tag_ptr hasn't been set to null, or the default case is
processed and you return before getting there.

That also means we don't need to set tag_ptr to null in that case.

Fixes CIDs 1415436.

Change-Id: I21ada7a308d888b4cbb8557197a2e30bda118f44
Reviewed-on: https://code.wireshark.org/review/22691
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't byte-swap an 1-byte value.

Convert it to a 4-byte value and byte-swap *that*.

Fixes CID 1415438.

Change-Id: I5cf0b5905f5dd2086c5d8ed6b13b1921bdb69a84
Reviewed-on: https://code.wireshark.org/review/22689
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Remove unnecessary test.

The default case ends with return, so the pointer won't be null by the
time out exit the case statement - either a non-default case is
processed and tag_ptr hasn't been set to null, or the default case is
processed and you return before getting there.

That also means we don't need to set tag_ptr to null in that case.

Fixes CID 1415439.

Change-Id: Id2609c0828561c560820f9cb5e6b5a0ae614aead
Reviewed-on: https://code.wireshark.org/review/22686
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Copy no more than MAX_ERF_EHDR - 1 additional extension headers.

The array of headers has MAX_ERF_EHDR entries, and the additional
entries are appended after the first entry, so that leaves room for at
most MAX_ERF_EHDR - 1.

Fixes CID 1415440.

Change-Id: Iaa2c3577bbff429bcc1301e4cfdf1961f067be93
Reviewed-on: https://code.wireshark.org/review/22684
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: Simplify some version checks.

We require Qt5 at configure time on macOS, so we no longer need to
exclude Qt4 + macOS in the code.

Change-Id: I9e233f963526b0051bd846d171105c1d33d1c4cc
Reviewed-on: https://code.wireshark.org/review/22677
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Use time_t for the seconds part of a time stamp.

A packet time stamp is an nstime_t, and the seconds part of an nstime_t
is a time_t.

Change-Id: Id2452ceb2f33f43e4a040436d7b3ea1a5c4a0be3
Reviewed-on: https://code.wireshark.org/review/22673
Reviewed-by: Guy Harris <guy@alum.mit.edu>

.gitignore: Add ignore to moc file on new qt subfolder

See https://www.wireshark.org/lists/wireshark-dev/201706/msg00157.html

and https://code.wireshark.org/review/#/c/22422/ for new folder

Change-Id: If1ed71b844164fdf7a438d47244a0ad0e18b432b
Reviewed-on: https://code.wireshark.org/review/22528
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>

802.11: fix SNR Report for 802.11ad is not decoded correctly

Wrong BITMAP

Bug: 13892
Change-Id: I525c6d7534543f03db023bb43df2484531d43931
Reviewed-on: https://code.wireshark.org/review/22666
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ZigBee: Implemented zigbee zcl prepay dissector

Change-Id: I61feeae7d20ad67ecb86fc53708f04e051fd88c7
Reviewed-on: https://code.wireshark.org/review/22655
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix formatting of AUTHORS list, fix Perl warning

Fixes the following warning in Perl 5.26:

Unescaped left brace in regex is deprecated here (and will be fatal in Perl 5.30), passed through in regex; marked by <-- HERE in m/(.*){ <-- HERE / at doc/make-authors-short.pl line 36.

While at it, fix formatting of the AUTHORS-SHORT file, a newline must be
present after "}" or the file will be mis-parsed.

Change-Id: I76bc1a30714dafd703342d2d430dc1c90cf2bf82
Reviewed-on: https://code.wireshark.org/review/22637
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Expand column preferences text edit fields to column width

When editing a custom column the text edit field should fill the column.

Change-Id: I5505238d13c4dbe26e9dbc4ae60fd602120f9596
Reviewed-on: https://code.wireshark.org/review/22657
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Rename cf_get_comment() to reflect what comment it gets.

Change-Id: Id3b0430a1d462b29833259462536ed4cb0424f77
Reviewed-on: https://code.wireshark.org/review/22662
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Rename section comment get/set routines.

Rename cf_read_shb_comment() to cf_read_section_comment(); an SHB is a
record type in a particular capture file format (pcapng), and not all
files that have per-file or per-file-section comments have something
called a Section Header Block.

Rename cf_update_capture_comment() to cf_update_section_comment();
pcapng, at least, supports multiple sections, although we don't curently
support that.

This also gives them matching names.

Change-Id: Idd8cb0f0fd9125b9626411274aebfb1ec0097665
Reviewed-on: https://code.wireshark.org/review/22659
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ERF_TYPE_META write and comment support

Support per-packet comments in ERF_TYPE_META through a new Anchor ID
extension header with per-Host unique 48-bit Anchor ID which links an
ERF_TYPE_META record with a packet record. There may be more than one
Anchor ID associated with a packet, where they are grouped by Host ID
extension header in the extension header list. Like other ERF_TYPE_META
existing comments should not be overwritten and instead a new record
generated. See erf_write_anchor_meta_update_phdr() for detailed comments
on the extension header stack required.

As Wireshark only supports one comment currently, use the one one with
the latest metadata generation time (gen_time). Do this for capture
comment too.

Write various wtap metadata in periodic per-second ERF_TYPE_META records
if non-WTAP_ENCAP_ERF or we have an updated capture comment.
Refactor erf_dump to create fake ERF header first then follow common
pseudoheadr and payload write code rather than two separate code paths.
Support an ERF_HOST_ID environment variable to define Wireshark's Host
ID when writing. Defaults to 0 for now.

ERF dissector updates to support Anchor ID extension header with basic
frame linking.
Update ERF_TYPE_META naming and descriptions to official name
(Provenance)

Core changes:
Add has_comment_changed to wtap_pkthdr, TRUE when a packet
opt_comment has unsaved changes by the user.
Add needs_reload to wtap_dumper which forces a full reload of the file
on save, otherwise wireshark gets confused by additional packets being
written.

Change-Id: I0bb04411548c7bcd2d6ed82af689fbeed104546c
Ping-Bug: 12303
Reviewed-on: https://code.wireshark.org/review/21873
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stephen Donnelly <stephen.donnelly@endace.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: More Main Welcome interface tweaks.

ge036f4a282 didn't ensure that an interface was selected at app startup.

Change-Id: I0b04020a344aaf8e35766a45287fe263d1227c64
Reviewed-on: https://code.wireshark.org/review/22656
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

GPRSCDR: decoding of GPRS/UMTS QoS-information

Change-Id: Ia912925f689d2912c62d01fcc8230065204b6f15
Reviewed-on: https://code.wireshark.org/review/22633
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: Main Welcome hover text color fix.

Use the default text color for hovered items. This makes the
selected item look the same as non-selected items when hovering.

Change-Id: Ic9e18323326f088202207ac15f844e7849f7ebc9
Ping-Bug: 12636
Reviewed-on: https://code.wireshark.org/review/22632
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: Expand IO Graph text edit fields to column width

When editing a IO Graph the text edit field should fill the column.

Change-Id: Idb5c9a7004d9be1b82e645ae2c1a3430c9c9e5f7
Reviewed-on: https://code.wireshark.org/review/22626
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: Set IO Graph display filter when having Y field

Calling setFilter() between setValueUnits() and setValueUnitField()
will fail when having "Y Field" because check_field_unit() fails
with inconsistent values. The display filter will then be ignored.

Call setFilter() first to ensure filter_ is set before setting
value units. setFilter() does not depend on the value unit when
used to set the display filter.

Change-Id: Ibf2d37fddcce9fcf6febebfefa0b2518ae093737
Fixes: v2.3.0rc0-2930-g0ea51ad822 ("Qt: Fix uninitialized memory access in val_units_")
Reviewed-on: https://code.wireshark.org/review/22619
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

[Automatic update for 2017-07-16]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I01c07ea17d54e5518659abac5cd3c8c9ddfea5e6
Reviewed-on: https://code.wireshark.org/review/22647
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: add initializers (CID 1162824).

Change-Id: I46f56fb99c75eebc6418fa7ac88995f49abedc91
Reviewed-on: https://code.wireshark.org/review/22645
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

bthci-evt: decrement number_of_loops to avoid hang (CID 1399639).

Change-Id: Ib8af835a331582677a391c59d145530cf0590122
Reviewed-on: https://code.wireshark.org/review/22644
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: refactor UatTreeView into something reusable

UatTreeView had two functions:
1. Saner navigation functionality when pressing tab.
2. Start editing when the currently selected item changes.

Since this tab navigation functionality is desired in more places,
extract this functionality. Add more documentation while at it and use
an alternative, declarative style to connect signals.

Move the second functionality to the caller since not all views need it.

Change-Id: Ibe886f2c2763dbe024614203a44b72173fbbce06
Reviewed-on: https://code.wireshark.org/review/22639
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ssl,dtls: make some fields in RSA keys dialog optional

The IP address has been unused since 2.0. The port/protocol fields have
become unnecessary since 2.4 with the introduction of Decode As. Do not
require the user to specify these fields if they just want to set the
RSA key file.

In a future version, these three fields will be completely removed.

Change-Id: Iefc5a8778aa1122b76b707018c00b6ec429dc107
Reviewed-on: https://code.wireshark.org/review/22640
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

.mailmap: fix duplicates and regenerate AUTHORS

Change-Id: I1332c63d59edf5b2a2ac8fe605d6f15cf6afa4ae
Reviewed-on: https://code.wireshark.org/review/22638
Reviewed-by: Yasuyuki Tanaka <yatch1.tanaka@toshiba.co.jp>
Reviewed-by: Jonathan M Munoz S <jonathan.munoz@inria.fr>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: show UAT description for header items

Be sure to display the extended description for UAT fields in the
tooltip for the column header like GTK+ did.

Change-Id: I294d2d3fb7f6d55df239129bea5d780b15deacc6
Reviewed-on: https://code.wireshark.org/review/22641
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Ignore .moc.cpp files in ui/qt/widgets.

Change-Id: Ie709b9a13f1f2a76b355ffebeadbed0e47d90d2a
Reviewed-on: https://code.wireshark.org/review/22636
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Another enterprises -> enterprises.tsv rename.

Change-Id: I59dcc7fa066d75ba14f5f7bf645a8eb24839db1c
Reviewed-on: https://code.wireshark.org/review/22635
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix for building without libpcap and extcap.

(A further fix should be "don't put the "Capture" section into the
welcome screen if we have neither libpcap nor extcap".)

Change-Id: I83e65e6dc31040292af7fe88ccd73e485613c76f
Reviewed-on: https://code.wireshark.org/review/22634
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: fix build without libpcap and without extcap

global_capture_opts is only defined when libpcap or extcap are enabled.

Change-Id: If692a7ac365b77d9efc52f589fef1aa906d5d14e
Fixes: v2.5.0rc0-425-ge036f4a282 ("Qt: Main Welcome behavior tweaks.")
Reviewed-on: https://code.wireshark.org/review/22629
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: Main Welcome behavior tweaks.

Update the recent item list and interface tree style sheets so that
hovered items have a different background color. This should make it
more obvious that they can be clicked.

Select the default interface (or failing that, the first interface) at
application startup and focus on the interface tree. This should make it
less likely that the user will start typing in a capture filter with the
wrong (or no) interface selected. Note that we should probably track
selected interfaces in the recent file instead of forcing the user to
select one via the preferences.

This should hopefully address some of the issues in bug 12636 and do so
without changing the layout (which we can do in another commit).

Change-Id: I96a417973f4270a70f41d04c40c4947a09613bdc
Ping-Bug: 12636
Reviewed-on: https://code.wireshark.org/review/22627
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Rename enterprises to enterprises.tsv and ship it.

Rename "enterprises" to "enterprises.tsv" so that its format is a bit more
obvious and so that double-clicking the file might do something useful.

Add it to the Windows packages.

Change-Id: I5ef54a04ce1b4926aa4535e756e04b3e2a56d463
Reviewed-on: https://code.wireshark.org/review/22616
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: implement saner tab navigation for coloring rules dialog

The default QTreeView/QTreeWidget behavior for (Shift-)Tab navigation is
to select the previous/next row. For data entries with multiple columns
(such as the UAT dialog or the coloring rules dialog), column
navigation is closer to what a user would expect, so implement that.

Bug: 13856
Change-Id: Ib585030380f894e0be214a95107cb264afac7eee
Reviewed-on: https://code.wireshark.org/review/22561
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add AMT (Automatic Multicast Tunneling) RFC7450 dissector

Change-Id: Ic5e52b76e84e1d02d614b34980f94fd1288c9760
Reviewed-on: https://code.wireshark.org/review/22594
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

MP2T: Add video/mp2t media-type

Add video/mp2t media-type to dissect MP2T inside HTTP

Bug: 13888
Change-Id: I8af9727bd69ab28a21811a807a1f631bde952926
Reviewed-on: https://code.wireshark.org/review/22623
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

vsock: add missing vsockmon header reserved field

The vsockmon packet header is defined in <linux/vsockmon.h> as follows:

struct af_vsockmon_hdr {
__le64 src_cid;
__le64 dst_cid;
__le32 src_port;
__le32 dst_port;
__le16 op; /* enum af_vsockmon_op */
__le16 transport; /* enum af_vsockmon_transport */
__le16 len; /* Transport header length */
__u8 reserved[2];
};

The vsock dissector forgot to include the 2-byte reserved field. This
caused the transport header and payload that follow the vsockmon header
to contain junk data.

Change-Id: I0e7e6f1d9ad96ab339bd070c1becf43bc7e6a6b1
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-on: https://code.wireshark.org/review/22612
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

vsock: add WTAP_ENCAP_VSOCK constant

A linktype was recently assigned to Linux vsock in libpcap commit
cfdded36ddcf5d01e1ed9f5d4db596b744a6cda5 ("added DLT_VSOCK for
http://qemu-project.org/Features/VirtioVsock").

The Wireshark vsock dissector can now be automatically applied when
wtap_encap matches the new WTAP_ENCAP_VSOCK constant.

This patch makes Wireshark dissect vsock packet captures without
manually specifying the dissector.

Change-Id: If252071499a61554f624c9ce0ce45a0ccfa88d7a
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-on: https://code.wireshark.org/review/22611
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

SMB2: add sessionkey table in prefs for decryption

Add table in SMB2 protocol options to store Session ID => Session Key
mappings. If we find a matching session id while dissecting, use session
key from the table to derive crypto keys used for decryption.

Sample from https://wiki.wireshark.org/SampleCaptures#SMB3_encryption
can be loaded as follows:

tshark -ouat:smb2_seskey_list:3d00009400480000,28f2847263c83dc00621f742dd3f2e7b -r smb3-aes-128-ccm.pcap

To obtain the session id and key you can compile your kernel with
CIFS_DEBUG_KEYS enabled and all the info should be printed on the
console when cifs.ko generates keys. The patch that adds this
config option was merged recently and should appear in the
not-yet-released 4.13 kernel.

Alternatively you can read the keys from live memory on a x86_64
system by running a gdb script as root (see email [1] for usage and
source [2]).

[1]: https://lists.samba.org/archive/samba-technical/2017-May/120755.html
[2]: http://lists.samba.org/pipermail/samba-technical/attachments/20170524/2950140e/cifs_dump_keys.py

Change-Id: I2709bb5fb316a4a3614901efe967196c2925609a
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-on: https://code.wireshark.org/review/21711
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

SIP: Add Status Code 607 (Unwanted)

RFC 8197 defines the new status code 607 Unwanted

Change-Id: I61299788b25f5ada460c88949bed3cabddc3908f
Reviewed-on: https://code.wireshark.org/review/22618
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[print.c] g_slist_free_full requires #include <wsutil/glib-compat.h>

Change-Id: Iba3a95d67413d7f1a84436fc51dfdf13251bcece
Reviewed-on: https://code.wireshark.org/review/22620
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Remove some unneeded includes.

Change-Id: I513936a74fe96211153fdf35f1832608b2cd053d
Reviewed-on: https://code.wireshark.org/review/22617
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[GTPv2] Use proto_tree_add_bitmask_with_flags() for ULI Flags.

Change-Id: I7c209eef0114e4453008b8e7d7f8c238578e4433
Reviewed-on: https://code.wireshark.org/review/22606
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GTK: add a comment better suiting GCC 7 parsing

Change-Id: Iab1eb1b86a750f3dedce6b2bd467fb3ba98243df
Reviewed-on: https://code.wireshark.org/review/22613
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

[GTPv2] Make dissect_gtpv2_uli() external and add more info when calling
dissectors for private extensions.

Change-Id: I5762fdff2b25bca8d29520780c55367b636a2871
Reviewed-on: https://code.wireshark.org/review/22604
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

S1AP: upgrade dissector to v14.3.0

Change-Id: Ib28228db70a23d6f73f3c1740abc2e6542818ff9
Reviewed-on: https://code.wireshark.org/review/22609
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

LPPa: upgrade dissector to v14.2.0

Change-Id: I534f6e480e0cd13f4592ff3ca6ecd7f769863927
Reviewed-on: https://code.wireshark.org/review/22608
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

X2AP: upgrade dissector to v14.3.0

Change-Id: Idee26dcdfad15d9fb23e3fb8aeb8ad8afed747d5
Reviewed-on: https://code.wireshark.org/review/22607
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

couchbase: fix decoding last lookup spec

Change-Id: I96ae6225adee6875adad9e45c0543b9664b96e8a
Reviewed-on: https://code.wireshark.org/review/22605
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

M2AP: upgrade dissector to v14.0.0

Change-Id: If564a2cffead403dd3d06c1a031b8985fcde7e4b
Reviewed-on: https://code.wireshark.org/review/22603
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

IEEE 802.15.4: Support the MPX IE defined by IEEE 802.15.9

Still open: Reassembly and support for KMP payload dissection besides EAPOL

Bug: 13883
Change-Id: I48a1e6af5c6fb5594fb4e6a5258db0d8ebaf4a70
Reviewed-on: https://code.wireshark.org/review/22597
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NAS EPS: upgrade dissector to v14.4.0

Change-Id: I8b0ae56889f6a52ba7d8c0c95a6b8e6a31557fa3
Reviewed-on: https://code.wireshark.org/review/22601
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Correct the dissection of zero-length SSIDs to show them as Wildcard SSIDs as
per 802.11 2012 8.4.2.2 SSID Element.

Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Change-Id: I3ee2fc45063bc1ee6cb1244771e6c1452f6704e4
Reviewed-on: https://code.wireshark.org/review/22591
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

GTK: fix compilation with GCC 7

Change-Id: Ifde706f4705af406fd4eee61a312d8eb0976d972
Reviewed-on: https://code.wireshark.org/review/22598
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Qt: Move all utility widgets to widgets subdirectory

Move all utility widgets to the widgets subdirectory and
add separate source_group for their files

Correct some alphabetization in ui/qt/CMakeLists.txt noticed
during compare.

Change-Id: I2d664edc2b32f126438fb673ea53a5ae94cd43d1
Reviewed-on: https://code.wireshark.org/review/22531
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

IndigoCare iCall: Support for padded packets

Fix to dissect packets from certain implementations of this protocol which have
null padding at the end of otherwise valid packets.

Change-Id: Ic7790d9bbcf9467a9de0aa738e65a597802ce494
Reviewed-on: https://code.wireshark.org/review/22593
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Organize Qt source files for Visual Studio

Organize source into 5 categories:
moc Source Files - moc_* files
ui Header Files - Header files generated by .ui files
ui Files - .ui files
qrc Files - graphics? files
Header Files - Header files for Qt source headers

Change-Id: If32b8331592a2c685131ea9592893b7add1124ec
Reviewed-on: https://code.wireshark.org/review/22592
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

QUIC: rename to G(oogle)QUIC

quic => gquic

Change-Id: Ica9ae8cc77e09056507c9c4c5c798b613eb56194
Reviewed-on: https://code.wireshark.org/review/22589
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: like Fbzero dissector check direclty offset_end

and don't subtract tag_len

Change-Id: I4dbae23614ecad0dc30e9c8581acdbf5b38b037f
Reviewed-on: https://code.wireshark.org/review/22588
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: move get length packet number to function

Change-Id: I272866b04aa7833812df9d4baae2f4fe9f47b6e9
Reviewed-on: https://code.wireshark.org/review/22587
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: directly return len

Change-Id: I61fed177c85081e7067ce5245349ef673c31f6e1
Reviewed-on: https://code.wireshark.org/review/22586
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Zbee ZCL se: fix typo found by conflict hf

'zbee_zcl_se.met.publish_snapshot.payload_type' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT8

Change-Id: I97bc7cb467508192a3597836b721778341bc756c
Reviewed-on: https://code.wireshark.org/review/22590
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[x509af] Make CertificateSerialNumber an unsigned integer to handle a 9
byte 64 bit BER encoded unsigned number.

Change-Id: I43e4a7f3103fac458a528022e0fdf6f0947804dc
Reviewed-on: https://code.wireshark.org/review/22585
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Ethertype: Add 6LoWPAN Ethertype; register dissector

Change-Id: I3ba09b8ebc696b83531b998fcc3a0f521d86df41
Reviewed-on: https://code.wireshark.org/review/22581
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-rsl.c: Adds dissection of Physical Context field.

Added as option with the default value set to TRUE. Dissection is based on
file generated from Tektronix Monitoring Solution for Mobile Networks.

Change-Id: Iedb2e742d1d406bc68e41334cac4a15da443cf3f
Reviewed-on: https://code.wireshark.org/review/22507
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GSMTAP: add LTE RRC message support

This code is borrowed from a patch proposed by altaf329@gmail.com in june 2015
(Ice136a9cb950bb97a11bee4486071b6883a0cad7) and adapted to fit current wireshark code (and minus the LTE MAC frame dissector).

Change-Id: Iaa1ea8b2d7a3e618f8aa14203449f2c77b4727f5
Reviewed-on: https://code.wireshark.org/review/22515
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

etypes(.h): fix typo

found by Robert Sauter

Change-Id: I8099797ae52bdee512c7dff0423717a5acb2d36f
Reviewed-on: https://code.wireshark.org/review/22582
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: Add new error code (98) about decompression failure

Change-Id: I6a29e89eb18c737c257953f3dbe98727ad9815e9
Reviewed-on: https://code.wireshark.org/review/22556
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

IEEE 802.15.4: Revise Payload IE dissection

Isolate dissection of individual IEs to capture out-of-bound errors
and to continue with next IE on error.

More consistent display. Use dedicated HFs and ETTs.

More consistent code with fewer casts.

Add warning if IE dissection consumes less content than the
indicated length.

Change-Id: I1481145b9248eaa9f3d3ddf6c0e32d39b4a63861
Reviewed-on: https://code.wireshark.org/review/22577
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Expand register_decode_as_next_proto to include prompt string.

Many dissectors don't have an identifier to pass to a dissector table.
When using Decode As they all have a "value" function that returns 0
just so something is returned.

A first step to a cleaner refactor of the functionality is to allow
dissectors to provide a "prompt" function when registering Decode As
with register_decode_as_next_proto() so that the text exposed in
the GUI can vary, but the function that returns 0 (nothing) can be
consolidated under decode as registration functionality. This casts
a wider net for register_decode_as_next_proto() use.

Change-Id: I2995b3c251dae70f5f529b672473d25c6288ed5c
Reviewed-on: https://code.wireshark.org/review/22562
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Promote Expert preference UAT to main preference tree.

"Expert" has been treated as a protocol "internally", but I
doubt users would consider it one. Since the only preference
is a UAT, just make it its own leaf off of the main preference
tree (similar to Filter Expressions UAT) and not have it buried
with all of the protocols.

Change-Id: I385314d8791440e6ced3dbd71305ee75bc373e52
Reviewed-on: https://code.wireshark.org/review/22580
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: fix Coverity CID 1414728

Change-Id: Ib64334f1fa8d7ff92dbfdf9bb805049f687836b7
Reviewed-on: https://code.wireshark.org/review/22579
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

UMTS FP: Fix access violation in PCH heuristic dissector

The dissector was accessing NULL if the first frame in the PCH stream was a control FP.

Change-Id: Icdf2fae57436fe59e16ebe0a5233675e7599f5f4
Reviewed-on: https://code.wireshark.org/review/22578
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: Moved all global variables together

Hopefully if they are in one place replacing them with a non-static alternative will be easier

Change-Id: I91dd47ea51a1435cea4e68d88d6afe240153fe69
Reviewed-on: https://code.wireshark.org/review/22539
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix missing geninfo in PDML export.

Change-Id: I02b6ff7f57f81f0ac6b54806a9325ebb16b40476
Reviewed-on: https://code.wireshark.org/review/22553
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

3GPP NAS: upgrade dissector to v14.4.0

Change-Id: Iae5627a53683de0b359a95c21866513461b5d559
Reviewed-on: https://code.wireshark.org/review/22572
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

filter_expressions_preferences_frame -> uat_frame

There isn't anything "filter expression" specific about it and
there are a few other things that could take advantage of a
UatFrame.

Change-Id: I0d04d176caebf0c2d8043c3bf89a81668580eae8
Reviewed-on: https://code.wireshark.org/review/22570
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Filter expressions: Rename UAT field to make it more obvious what it does

"Enabling" a filter expression means putting it in the toolbar, so state
that.

Change-Id: Ifa4ef053cf741a5aa269031e6983c7989ca1e64c
Reviewed-on: https://code.wireshark.org/review/22569
Reviewed-by: Michael Mann <mmann78@netscape.net>

Don't use uint_to_str_back when you need guint32_to_str_buf.

It will end up eventually crashing column buffers because memory
behind the address is trounced.

Change-Id: Id6b5a42effc503e4b8bf5e1deb2135241e2893f3
Reviewed-on: https://code.wireshark.org/review/22563
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add support for dissecting UDT over DTLS

Includes adding per-conversation data to store whether we are over
DTLS or UDP and registering as a heuristic sub-dissector for DTLS.
Future changes will add more use of the conversation structure.

Also included is a capture of UDT over DTLS in test/captures/udt-dtls.pcapng.gz,
the associated private key for the session in test/keys/udt-dtls.key and a
new test in the decryption suite to check this works.

Change-Id: I76826d3b35768d0b58f5335063884616968e5784
Reviewed-on: https://code.wireshark.org/review/22533
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ZigBee: fix ZCL configure reporting response parsing

If configure reporting succeeds for all attributes, then the response
contains only a success status byte but if any attribute fails, then
every record contains a direction byte and attribute identifier.

By handling the "all successful" case specially, add an expert info
message to indicate a problem if the message length indicates that we
have hit this special case but the status is not "success".

Change-Id: I3facae8ac07f1a249cc6ae1b2454f8381151355b
Reviewed-on: https://code.wireshark.org/review/22557
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

packet-dcerpc: move auth information into a subtree

Change-Id: I0e5d3967a26b79c899b0d219317e2963969cba6b
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/17809
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TLS13: Add draft 21 support

Release July 03, 2017

Bug: 12779
Change-Id: I527e83ccff6901688030dbcaf639878513a2ace2
Reviewed-on: https://code.wireshark.org/review/22564
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TLS13: Add Ticket nonce

Add Ticket nonce added on Draft 21

Bug: 12779
Change-Id: I2891e1ffe700d85f703b29feacccdc6dd7ff376d
Reviewed-on: https://code.wireshark.org/review/22565
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

tfs: Add up down

Change-Id: Ifb7354bbbc639b4191f611c7840094f16e1f6819
Reviewed-on: https://code.wireshark.org/review/22566
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

packet-dcerpc: improve the dissection of DCERPC Fault pdus

Change-Id: I70786cc561d248529167445e12190159d818ebcb
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/17811
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

6LoWPAN: added dissection for 6LoRH. (RFC8138, RFC8025)

Change-Id: I13396077ec7f3ec4fe9cfea9b3bd03305a5ee332
Reviewed-on: https://code.wireshark.org/review/22484
Reviewed-by: Michael Mann <mmann78@netscape.net>

QUIC: fix comment (use /* */ like other)

Change-Id: I874e2ab296d4b95146205ca30372ac1327817371
Reviewed-on: https://code.wireshark.org/review/22555
Reviewed-by: Michael Mann <mmann78@netscape.net>

QUIC: fix indent

Change-Id: I24d2586252d1bed5a02808e9ef0ba508e6a23ad8
Reviewed-on: https://code.wireshark.org/review/22554
Reviewed-by: Michael Mann <mmann78@netscape.net>

ieee80211: disable wireless timeline by default

As the wireless timeline is not fully finished and undocumented, disable
this GUI feature for now. This should avoid some user confusion when
opening an 802.11 trace.

For experimental and development purposes, the feature can be enabled
via the preferences (right-click on the "802.11 radio information"
layer, Protocol Preferences, Enable Wireless Timeline (experimental)").

Change-Id: Ieb529ccc0f23a051bcaba21ad18ac3c1d63b850e
Ping-Bug: 13769
Reviewed-on: https://code.wireshark.org/review/22558
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Simon Barber <simon.barber@meraki.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

BGP: fix incorrect decoding COMMUNITIES whose length is larger than 255

Issue reported by Kura

Bug: 13872
Change-Id: I054839a9e141fa4a882114b150842366c090d012
Reviewed-on: https://code.wireshark.org/review/22537
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

(G)QUIC: Add Heuristic to detect Google QUIC flow

Only support Q02x and Q03x version
and need to have the CHLO (Client Hello) to detect

Ping-Bug: 13529
Change-Id: I1ca7faa503aea2be4d39cb345070d901be0ebbaa
Reviewed-on: https://code.wireshark.org/review/22461
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: replace zoom buttons by wheel zoom in Wireless Timeline

There are already "zoom" buttons on the main toolbar, remove the
additional, confusing wireless timeline zoom buttons.

Implement zoom functionality by the mouse wheel instead and center at
the cursor position rather than the current packet. Properly bound the
maximum zoom level too to avoid incorrect calculations.

Change-Id: Icafe84b6985138b0223abb69c975dfc94df2817a
Ping-Bug: 13769
Reviewed-on: https://code.wireshark.org/review/22496
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

androiddump: Reduce code duplication

Some more repeated code patterns identified. Reduce code duplication
by adding some helper functions.

Change-Id: I0fecd511fd56049e9eae111cdad08252dffff6cb
Reviewed-on: https://code.wireshark.org/review/22480
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>