git.samba.org - metze/wireshark/wip.git/log

ncp2222: Use BASE_CUSTOM for date and time fields.

This simplifies some of the logic required for field formatting.

Change-Id: I2f9a612b18e3e4ca01311683d9cf61cbad9950f4
Reviewed-on: https://code.wireshark.org/review/10649
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Convert dissect_nds_request and dissect_nds_reply to use proto_tree_add_xxx directly instead of the homegrown nds_val.

Change-Id: Ie67892caec2cddee591631045233f8a3f1cc0bc6
Reviewed-on: https://code.wireshark.org/review/10648
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

CMake: Add a hardening-check target.

On Windows, add a hardening-check target which checks for DYNAMICBASE
and NXCOMPAT using the PowerShell script Get-HardenFlags.ps1.
For a Visual Studio solution, run the check by calling:

msbuild /m /p:Configuration=RelWithDebInfo hardening-check.vcxproj

using the config as appropriate for your build.

Otherwise if we find the Debian/Fedora hardening-check script add a
target which runs it for each of our executables.

Change-Id: I62263e81d155c66e8c8edc751ffab535bf9f3b96
Reviewed-on: https://code.wireshark.org/review/10641
Reviewed-by: Gerald Combs <gerald@wireshark.org>

airpdcap: fix WEP decryption

Using memcpy with overlapping buffers is not safe; use memmove instead

Bug: 11549
Change-Id: I8e15eb0af38d325a5e67e8748008126ac5994588
Reviewed-on: https://code.wireshark.org/review/10652
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Multiple SSL content in one packet fix

When SSL packet contains multiple encrypted contents the WS shows only the
last record due the wrong indexing of the structure where the decrypted
contents are stored. Should use tvb_raw_offset(tvb)+offset instead of
offset as I think was intended.

Added the same fix for DTLS.

Bug: 11523
Change-Id: I0a977a0e6ebe7c45e526fa5152b8614463abd4fa
Reviewed-on: https://code.wireshark.org/review/10528
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>

cmake: Enable PIE when it is available by default

Change-Id: I88930b8a9de596f93677052b2046c1b85cc34c6b
Reviewed-on: https://code.wireshark.org/review/10635
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

Export all hardening options in .deb packages

Change-Id: I0448e564305ce78dee4ec364007e0162c6f74c09
Reviewed-on: https://code.wireshark.org/review/10644
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

ISAKMP(ikev2): Type Hash and URL of X.509 certificate is not decoded

Reported by Marius

Bug:11543
Change-Id: Ic9d3b6b26a917601356eb957fd8270f2482f6aee
Reviewed-on: https://code.wireshark.org/review/10645
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Refactor NCP Python data so that INFO column can be generated on the fly (TAKE 2)

The "old" method of populating the INFO column was to dissect all fields of a function/subfunction, then do a search in the tree to find the hf_ values of interest to then format into something for the INFO column. This is very expensive and requires "low level" APIs (for tree manipulation) which really shouldn't be used in a dissector.

The "new" method populates the INFO column at the same time a field is parsed, so nothing has to be revisited (and allows for more fields to be displayed on some malformed packets).

There are still expert infos (and possibly column APIs) under if (tree)s, but I'm not sure how FAKE_TREE_IS_VISIBLE factors into that. Removing the FAKE_TREE_IS_VISIBLE seems to negatively affect dissection.

Change-Id: Ie487e851c2f6558dd12f0c7010757b4a5f36226b
Reviewed-on: https://code.wireshark.org/review/10631
Reviewed-by: Michael Mann <mmann78@netscape.net>

UI QT: fix unused variable 'show_delay_' error

Change-Id: I966d839c755090679bb3fc79d2ba36645e561c19
Reviewed-on: https://code.wireshark.org/review/10633
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Comments based on MSDN Native 802.11 documentation.

Change-Id: Ica8ab4416f7ffd11bd71d3bd1e15098a9788c84e
Reviewed-on: https://code.wireshark.org/review/10640
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Additional Windows PHY types, from the NDIS documentation.

The PHY types in the NDIS documentation, not surprisingly, match the
ones for Network Monitor. Add support for the ones that didn't have it
already.

Change-Id: Ie135b7ea5634f0eb7950380d12473ac4b12c7a6d
Reviewed-on: https://code.wireshark.org/review/10639
Reviewed-by: Guy Harris <guy@alum.mit.edu>

NGHTTP2: Fix warning this decimal constant is unsigned only in ISO C90

Backport patch from 1.3.4 (Available soon)

Change-Id: I32565835a3be78a9eeea2cf4f4d7d4825de9aa40
Signed-off-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-on: https://code.wireshark.org/review/10638

Qt: Show keyboard shortcuts in the about box.

Add a "Keyboard Shortcuts" tab to the about box for lack of a better
place. Show every action in the main window which has an associated
shortcut except for recent items.

We might want to add a command-line option to dump the shortcuts in
addition to or instead of showing them here.

Change-Id: I875043048a44930391fefcbbaf17c5b10a7bb8c6
Reviewed-on: https://code.wireshark.org/review/10634
Reviewed-by: Gerald Combs <gerald@wireshark.org>

QUIC: Fix some issue (Malformed frame) with handshake heuristics

Need to check if there is data before get a value...

Change-Id: I45592e9a2c55a5bce57a40f7e3153e8f540ca316
Reviewed-on: https://code.wireshark.org/review/10636
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

NGHTTP2: Update to 1.3.3

Change-Id: Id52d04859d61ffc720791cf90294cac4b1915a28
Reviewed-on: https://code.wireshark.org/review/10629
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

QUIC: Add Regular Frame Type...

Add also heuristic to check if it is handstake

Ping-Bug: 11494
Change-Id: I833d294a3a6fdc89cc6d6a5d72d388a3328bf802
Reviewed-on: https://code.wireshark.org/review/10566
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: Always make the packet list row heights uniform.

In tests here using GTK+ 2.24 and 3.10, GtkTreeView handles multi-line
items by adjusting the height for all rows, but only after the number of
multi-line items exceeds some sort of threshold. For a packet capture
which contains a few DNS packets and a lot of TCP packets, if I change
"Standard query" to "Standard\nquery" in packet-dns.c I get
single-height packet list items. If I change "[TCP segment of a
reassembled PDU]" to "[TCP segment of a\nreassembled PDU]" in
packet-tcp.c (which results in more multi-line column strings) I get
double-height packet list items.

The current Qt code initially sets the uniformRowHeights property then
falls back to variable row heights if we run across a multi-line column
string. This adds a lot of logic which can impact other functionality
(e.g. column widths) and recalculating row heights is painfully slow for
large numbers of packets.

Instead of trying to manage variable row heights, always enable
uniformRowHeights. Track the maximum newline count and trigger a row
height adjustment when it changes. This mimics the GTK+ UI behavior,
although it should be more reliable.

Note that we need to adjust some numbers in RelatedPacketDelegate.

Change-Id: I289e963b6f00338c4374e602fa3fc83d04554519
Ping-Bug: 11515
Ping-Bug: 10924
Reviewed-on: https://code.wireshark.org/review/10628
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Add a test to verify we pre-allocated enough hf entries.

This way we'll know as soon as we drop below the pre-allocated limit. As
suggested by Graham on https://code.wireshark.org/review/10601

Change-Id: Ieeb14bdcf991d7a67c30787c97ca24ebb35d1763
Reviewed-on: https://code.wireshark.org/review/10627
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Use the Qt-provided media icons.

Use Qt's standard pixmaps to build our media playback, stop, and pause
icons. Note that we probably don't want to do this for all of the
available standard pixmaps.

Change-Id: I78541a46a65583d7365cd601c578ebe8f197c060
Reviewed-on: https://code.wireshark.org/review/10609
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

LTE MAC Statistics Dialog

Change-Id: I2463fdc0ac209e92d2f2c1abf9da22866d6e22e8
Reviewed-on: https://code.wireshark.org/review/10578
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>

androiddump: add memset in adb_connect() (CID 1293396)

Change-Id: If9d281cd95cf12351d6da5e75c6de149ec7adc06
Reviewed-on: https://code.wireshark.org/review/10598
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Bluetooth: ATT: Missing break in switch (CID 1324756)

Change-Id: Ibe49a59e8825397e776ab236fb59196d293a76c3
Reviewed-on: https://code.wireshark.org/review/10623
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>

QUIC: Missing break in switch (CID 1324757)

Change-Id: Ia05f5f5679873ee4e063ea74c33c321628747623
Reviewed-on: https://code.wireshark.org/review/10622
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

$, not %, is used to introduce a variable reference in CMake.

Change-Id: Ib4af3c5cee9bd2e1adb5758b9389611165e62b62
Reviewed-on: https://code.wireshark.org/review/10619
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ETSI CAT: always initialize gsm_sms_data_t structure

Otherwise a 8-bit SMS-PP Data Download could be interpreted as requiring SMS packing

Change-Id: I50b5e59194acc3d69d0e247fc909d3f96207094a
Reviewed-on: https://code.wireshark.org/review/10610
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GSM RLC/MAC: fix dissection of variable length bitmaps

Bug: 11534
Change-Id: I857134f21ab6a8a135eba6e784807f3f3734bf6c
Reviewed-on: https://code.wireshark.org/review/10607
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add a "fieldcount" report to tshark -G to let us easily see how many fields
are registered.

Change-Id: I06f10d96916640cb9a782cae87898a5dd6c9c6e3
Reviewed-on: https://code.wireshark.org/review/10601
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Increase the number of pre-allocated hfs (from 144k to 170k).

169756 header fields are currently registered. Including the 5k expert info
field pre-allocation this gives us about 5k unused entries (until we should
increase this number again).

Change-Id: Id8ea979cbe9e80756c12b5b73e816bbe3e9856ad
Reviewed-on: https://code.wireshark.org/review/10599
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RLC: fix invalid RLC AM control type expert info

Change-Id: I43512e24a0f506b65521b7bc53acf00be58d6c2b
Reviewed-on: https://code.wireshark.org/review/10608
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

openSAFETY: Handle SPDO message types differently

SPDOs code the 0x04 bit differently, as it is not part
of the message type, but rather a flag for connection validation

I do not want to introduce a second message type, as this would break
compatibility with existing stored filters, also adding the bitmask
to the hf field, would alter the byte value, as it would shift
the value to the right.

Change-Id: I6b70bec29a55dfb556652d9dc940a896b864943b
Reviewed-on: https://code.wireshark.org/review/10595
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Revert "Refactor NCP Python data so that INFO column can be generated on the fly."

This reverts commit 38b6f306a70905be8b29ffaeb75288d315ff9b04.

Change-Id: I6ec83b94811be7699880e9a741c68faaac175bd0
Reviewed-on: https://code.wireshark.org/review/10613
Reviewed-by: Michael Mann <mmann78@netscape.net>

Make it possible to disable PercentBarDelegate.

Add a check to PercentBarDelegate to see if the caller set text for this
item or did not set a valid double value. If either case is true, just
draw the item normally and return.

Change-Id: I028ee15d54f06f2cb16c6e5f1ef73c47b2886ccd
Reviewed-on: https://code.wireshark.org/review/10600
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

IPv4: fix 'Decode As' when used with IPv4-in-IPv4 packets

Issue reported by João Valverde

Change-Id: I38c3148e87f85486efa2720833a7559c6eec964a
Reviewed-on: https://code.wireshark.org/review/10596
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Qt: Add idle dissection.

Features such as sorting and scroll bar colorization require
fully-dissected packets. We currently do dissection at the wrong time --
*after* the user clicks on a packet list column header or moves the
scrollbar.

Add a timer + slot that dissects packets when the UI is idle so that our
packets are at least partially dissected when we need them.

Change-Id: I024c590af2250d67404a520f118e46ec0c49cd71
Reviewed-on: https://code.wireshark.org/review/10593
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Revert "Report an error if we fail to open the keylog file."

This reverts commit d1fcb7dd3482decd70bc3da6fbdef81800f0320f.

Warning the user multiple times about an invalid ssl.keylog_file every
time a SSL stream is encountered is an annoyance (in tshark), but
crashing in GTK+/Qt during live captures is even worse.

Disable the warning for now. Maybe detect it once at startup? That would
not cover removed files though.

Bug: 11488
Change-Id: I56b2eba1df0cff2309584a745b55ada238999fc4
Reviewed-on: https://code.wireshark.org/review/9687
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

ssl: determine DTLS by positively checking for UDP

TLS can be tunnelled over other protocols (e.g. TLS over EAP
over 802.1x), which are neither TCP nor UDP. In this case,
we would assume DTLS, which is typically wrong. Assume TLS
instead.

Change-Id: I45d70789f7fa793861297fc2e7a5f2be311bbbb1
Reviewed-on: https://code.wireshark.org/review/10416
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>

Remove proto_tree_add_text API.

Its time has finally come.

Technically I just renamed it to proto_tree_add_text_internal and removed the WS_DLL_PUBLIC (so it shouldn't link outside of epan). It's still (legitimately) used by expert.c otherwise I would have made it static within proto.c (and the rename wouldn't have been necessary).

Change-Id: I9bdf888d5e92bc7b70a3f5461b9297a66d994b80
Reviewed-on: https://code.wireshark.org/review/10594
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>

nfs: Register CB program statically and not whilst parsing it

The existing code parsed the callback program number from
a packet and then registered the callback program number.
But since the RPC dissector checks for valid and known
program numbers, it never parses it out.

Anyway, NFS4_CALLBACK is a well known number - use it!

Change-Id: Ia812359102bf6620e3b83109eb918032155cd8d3
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10558
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Arguably, some sort of assert belongs there.

Passing a null pointer probably means there's really something else
wrong at a higher level. If we could arrange that the DISSECTOR_ASSERT
macros do something useful when *not* executed during a dissection, that
would work.

Change-Id: I2605d1e1f97d35370736852aaf29eeaf2c560279
Reviewed-on: https://code.wireshark.org/review/10592
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Return NULL from routines that return pointers, for stylistic consistency.

Change-Id: Idfc236f712e288662bab618e72cd68263950fff4
Reviewed-on: https://code.wireshark.org/review/10591
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't hand zero-length UUIDs to print_numeric_uuid().

It returns a null pointer if you do.

Change-Id: I3bc934a576dba261d1e71767978e3789a892e728
Reviewed-on: https://code.wireshark.org/review/10590
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Make CSN.1 dissectors more filterable.

The intent here is to remove proto_tree_add_text from packet-csn1.c, but the macros setup means A LOT more hf fields needs to be created.

Many of those new hf fields were created with a perl script

Bug: 11504
Change-Id: If12c7677185f18a7f684fd3746397be92b56b36d
Reviewed-on: https://code.wireshark.org/review/10391
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

[Automatic update for 2015-09-20]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Ifcdb1c02406189085bda58bc7db10829e3fae2c0
Reviewed-on: https://code.wireshark.org/review/10580
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Call cf_cb_file_rescan_* callbacks in rescan_packets.

We call cf_cb_file_rescan_{started,finished} in rescan_file. Do the same
in rescan_packets. In the Qt UI this ensures that flushVisibleRows gets
called so that packet_list_select_row_from_data works as expected.

Change-Id: I425b7beb0f97a7d5b84c979fca65b877673b4722
Reviewed-on: https://code.wireshark.org/review/10569
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Start moving RTP decoding routines to the ui directory.

Move decode_rtp_packet to ui/rtp_media.[ch].

Change-Id: Ib138781c37ac17b807bf75f9d772351aadf72071
Reviewed-on: https://code.wireshark.org/review/10575
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

TCPROS - Initial implementation for the Robot Operating System TCP protocol

TCPROS is a transport layer for ROS Messages and Services.
It uses standard TCP/IP sockets for transporting message data.
Inbound connections are received via a TCP Server Socket with a header containing message data type and routing information.
For more information, see: http://wiki.ros.org/ROS/TCPROS

Bug: 11404
Change-Id: If8810dbb2cb6d6522eb035fd0fa1cf49933bad3d
Reviewed-on: https://code.wireshark.org/review/9807
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

MIPv6: Added support for RFC 7148

- Added support for Delegated Mobile Network Prefix as
  defined in RFC 7148.
- Corrected the issue where GRE Key option with no key
  was not displayed properly.
- Also added append-text for the HNP option to also
  display the HNP value.

Change-Id: I42a4bc1627e9e764f10d96aa3988c1f430f00ceb
Reviewed-on: https://code.wireshark.org/review/10565
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix 'Decode As' when used with IPv6-in-IPv6 packets

Add the ability to identify an instance of the dissector table to be modified by 'Decode As' thanks to pinfo->curr_layer_num
For now only IPv6 makes use of it but it could be extended to any other protocol
Also get rid of ipv6.nxt protocol: it is not required for 'Decode As' functionality and was colliding with ipv6.nxt field

Change-Id: I3c7403c77328ad7170e13af028d178f962a2b508
Reviewed-on: https://code.wireshark.org/review/10552
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Fix more signal+slot mismatches.

Change-Id: I347509d3a7765387c48e5aaeaab417617320cf13
Reviewed-on: https://code.wireshark.org/review/10576
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

AMQP 0-9-1: More expert information

A little usability improvement: Warn user on connection and channel
errors and when a message is undeliverable.

Change-Id: I6106a63472b1fb5cbbabcf82a90af0f489030458
Reviewed-on: https://code.wireshark.org/review/10573
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Refactor NCP Python data so that INFO column can be generated on the fly.

The "old" method of populating the INFO column was to dissect all fields of a function/subfunction, then do a search in the tree to find the hf_ values of interest to then format into something for the INFO column. This is very expensive and requires "low level" APIs (for tree manipulation) which really shouldn't be used in a dissector.

The "new" method populates the INFO column at the same time a field is parsed, so nothing has to be revisited.

There are still expert infos (and possibly column APIs) under if (tree)s, but with the FAKE_TREE_IS_VISIBLE "hacks" removed, there should be less fear in removing the tree checks.

Change-Id: I847827395fc28704f468df8bc8b47b297dde8479
Reviewed-on: https://code.wireshark.org/review/10572
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Some more ncp2222 improvements

Including:
1. Using ENC_BIG_ENDIAN and ENC_LITTLE_ENDIAN instead of self made macros

2. Creating an "expert info hook" so that fields can be parsed "in real time" and added as expert info instead of searching by field name and manually getting values. Most of the expert info is still under if (tree)s, but this is another step closer to removing all of the "manual labor" done that requires "special handling" of all tree functionality. Once the "manual labor" is removed, this dissector can behave like every other dissector and the if (tree)s can be removed with more abandon.

Change-Id: If2c6a4c723e12e070e68d6df2d492d4b5ac35123
Reviewed-on: https://code.wireshark.org/review/10555
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix a VoipCallsDialog signal+slot mismatch.

Change-Id: I9c16cc138b55572aa19b6e02ca059ebde294bdbd
Reviewed-on: https://code.wireshark.org/review/10574
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: set default current protocol in 'Decode As' window to none instead of HTTP

It makes more sense (not trying to decode UDP/TCP ports as HTTP) and is consistent across dissectors tables (while currently we have an empty field for tables other than UDP/TCP)

Change-Id: I794529f0f46b4197437a1d258f808991ae2338ad
Reviewed-on: https://code.wireshark.org/review/10571
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix WLAN statistics header behavior.

Connect itemSelectionChanged to header label updates instead of
currentItemChanged, which seems to be more reliable.

Change-Id: I29f8f2144ad6584e0612d43ec3aac5b258f08ebd
Reviewed-on: https://code.wireshark.org/review/10570
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Sync GTK+ and Qt progress timer logic.

The GTK+ update_progress_dlg() initially forces a UI update. Do so in
the Qt version as well.

Change-Id: I05d9e61a0d0e4e05af448039bbb81785ac00908c
Reviewed-on: https://code.wireshark.org/review/10568
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: flush visible rows before trying to select one

Otherwise you end up with a 'End of capture exceeded' popup when calling rescan_packets() with only a few packets in the capture

Change-Id: Idb387ce95f1d22b934e735c350ea0c117763d89a
Reviewed-on: https://code.wireshark.org/review/10567
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

spdy: do not overwrite HTTPS registration

Setting a zero port still allows it for selection in the UAT dialog
while not breaking HTTPS dissection.

(In theory the UAT setting would work. In practice it would still call
ssl_dissector_add and take over the SSL registration for all tcp/443
traffic. On removal with ssl_dissector_remove, the HTTPS port is not
added back again until a restart (or until the HTTPS ports list is
changed from the default) because the spdy registration overwrites the
HTTP one...)

Also note that NPN detection for SPDY is not implemented, only ALPN
detection is supported.

Bug: 10984
Change-Id: I6e84aa6408abf40bb860abee4845731ce55ce254
Reviewed-on: https://code.wireshark.org/review/10517
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

NAS EPS: do not try to decode Message Elements when the end of the message is reached

Change-Id: Iaa05c3b4268c5c618134810c49f65d63995eccfb
Reviewed-on: https://code.wireshark.org/review/10564
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

QUIC: Fix Num Timestamp dissection

Change-Id: I75ba3807daadf95d135bc73083b6ff37528b2068
Reviewed-on: https://code.wireshark.org/review/10561
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

main_toolbar (GTK): Fix no previous prototype for ‘plugin_if_maintoolbar_goto_frame’ [-Wmissing-prototypes]

Change-Id: Ibb58694e730389b1e8ef3790595ed16d8699d37c
Reviewed-on: https://code.wireshark.org/review/10563
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DHCP (bootp): Fix Dead Store (Dead assignement/Dead increment) warning found by Clang

Change-Id: Ie67b4fd7a3d8655f0b33c3a37b0cf08e7f248a76
Reviewed-on: https://code.wireshark.org/review/10562
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RTP: handle payload reassembly for multiple fragments

If an RTP payload spans more than two packets, the dissector needs to
save the previous fragment info.

Bug: 11413
Change-Id: I62558f40136881d70bf2a9597eabd3697966ac4a
Reviewed-on: https://code.wireshark.org/review/9875
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: Add Client/Server handshake (CHLO / SHLO / REJ)

Support decode of tag/value

Only try to decode handshake when sequence number = 1

(Working on function to check if the packet is handshake..)
There is sometimes issue for decode ACK Special Frame Type...

Bug: 11494
Change-Id: If1f4051fc9c11d343acb7f15f94a325d4243a070
Reviewed-on: https://code.wireshark.org/review/8171
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Make IPv4/IPv6 DiffServ fields uniform

Replace DSCP/ECT/CE with DSCP/ECN for IPv6.

Introduce short descriptions for DSCP/ECN values.

Formating changes:

- Make IPv4 and IPv6 as similar as possible.

- Display short abbreviations only for "Differentiated Services Field".

- Display DiffServ field as hex for IPv4.

- Elide leading zeros from hex representation from DiffServ field for IPv6.

- Display DSCP/ECN as decimal in subtree (same as "IP DSCP" column format).

Change-Id: Ia69d11dc9c1d752eb2e269314287c885506b5353
Reviewed-on: https://code.wireshark.org/review/10360
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

pkcs1: remove unused RSAPrivateKey definition

RSA private keys are typically not found in network captures, so let's
just remove it. This removal avoids overloading the pkcs1.modulus
field with the same meaning from two different contexts (RSAPrivateKey
and RSAPublicKey).

Change-Id: I65239718e6fc801fc53fa46c467dc86620aa3b29
Reviewed-on: https://code.wireshark.org/review/10546
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

When we're updating the progress bar, ask that it be updated (redrawn) too.

At least on Linux/X11 with Qt5 this appears to be necessary so the progress
bar updates more than once every 2 seconds or so (when loading a large file).

Change-Id: I7eea9c0d97d24bc14ad75f082a3531dcf1a3b6ae
Reviewed-on: https://code.wireshark.org/review/10559
Reviewed-by: Gerald Combs <gerald@wireshark.org>

do not clobber user CFLAGS

Bug: 10791
Change-Id: I58c35c757039e69111a39100f5ccb306e098d591
Reviewed-on: https://code.wireshark.org/review/10519
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix some signal → slot mismatches.

Update some signal definitions to match gb4e972b.

Bug: 11524
Change-Id: I0d98a4e83c791221962943c3dec8f0d4296d3027
Reviewed-on: https://code.wireshark.org/review/10557
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: Add an event processing timer.

When updating the progress dialog (which happens each time we read a
packet) the GTK+ UI processes application events every 100ms. Do the
same in the Qt UI.

Ping-Bug: 11515
Change-Id: Ic53eade05c0b82bf436c08618f28506c5fcdbc94
Reviewed-on: https://code.wireshark.org/review/10554
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Packet list speedups.

beginInsertRows + endInsertRows is expensive. Instead of calling them
each time we add a packet to the list, queue up a list of visible packets
and flush it during the next UI update.

Assume that none of our column data has newlines. Enable
uniformRowHeights and only disable it when we need to. Note that this
requires further work.

Ping-Bug: 11515
Ping-Bug: 10924

Change-Id: Ifbdd2964b174247a4745d4889ebda5bf3b886ba4
Reviewed-on: https://code.wireshark.org/review/10553
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

IAX2: Initialize a variable.

Change-Id: I0981fd93969e2f0168c83688b691f51407f4119e
Reviewed-on: https://code.wireshark.org/review/10556
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ncp2222 - Convert process_bitfield -> proto_tree_add_bitmask and other cleanup.

The dissector is doing a lot of unnecessary "manual" operations. Start the process of simplifying that to encourage use of general APIs and put control of the "field name" in the hands of the hf_ entry it belongs with.

Change-Id: I5b048c04858ac4a846a276ba12d61c665deb66f8
Reviewed-on: https://code.wireshark.org/review/10547
Reviewed-by: Michael Mann <mmann78@netscape.net>

[iax2] don't THROW() an exception from a dissector

in this case, it's enough to exit the switch block and try to continue
with the next element

we might now end up with ie_item==NULL after the switch, so replace the
assertion with a check

Change-Id: Id54346077eb8aa12b22575f3ab6fa80087f240ce
Reviewed-on: https://code.wireshark.org/review/10549
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

change the representation of an empty byte array in a display filter

by default, an empty byte array (FT_BYTES) is represented as an empty string

thus, using "Apply as Filter / Selected" on such an item creates an
invalid display filter expression, e.g. dvb-ci.mmi.char_tbl==

represent an empty byte array as "" if we're compiling a display filter
expression

Bug: 11526

Change-Id: Ie94507a24a496e0c25bcdadfab72fdf9fb35958a
Reviewed-on: https://code.wireshark.org/review/10540
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

[iax2] minor cleanup

replace switch-case with if
remove an initial value that's overwritten immediately

Change-Id: I98487ed08f91416179fcbbbaf80bf1b126a8d1c2
Reviewed-on: https://code.wireshark.org/review/10548
Reviewed-by: Anders Broman <a.broman58@gmail.com>

As far as I can tell the name is "Git" and not "GIT".

Update the Git protocol dissector strings accordingly.

Change-Id: If9a8f04dcd31e9ad930d328654b1c6479472e48c
Reviewed-on: https://code.wireshark.org/review/10550
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Don't force Lua support in RPMs (some distros don't ship a compatible Lua
anymore).

Also make the RPM follow configure's qt4-vs-qt5 choice.

Change-Id: I832af99e055d42b92f3a7c8e4378c7a9d5d628b9
Reviewed-on: https://code.wireshark.org/review/10532
Reviewed-by: Jeffrey Smith <whydoubt@gmail.com>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>

IPv6: Make "ip.version" field hidden

Change-Id: Ib9a29205c36b3a50989ffeddb28e349ede16efd3
Reviewed-on: https://code.wireshark.org/review/10474
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

http: preserve desegmentation functionality for http2

When the HTTP dissector passes data to a subdissector, it should also
propagate the desegmentation ability. Otherwise subdissectors (such as
HTTP2) will not be able to handle large DATA frames.

Reported by Alexis, verified with his capture.

Change-Id: I831a78e8d1ad08536e3d0d870012e427ce289b1b
Reviewed-on: https://code.wireshark.org/review/10544
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

NFS: add a missing return when the IO hints bitmap is too large

Bug: 11528
Change-Id: I9f92a2b38e9c094609b960eb1e105cc57ea66de3
Reviewed-on: https://code.wireshark.org/review/10543
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

http2: fix dissection when using Upgrade

The fix for bug 11331 has as side-effect that the HTTP part of a
conversation is not dissected on the second pass.

Fix it by calling the HTTP2 dissector only when it was detected via
heuristics, and not via Upgrade (since that would be handled by the
http loop).

While at it, remove the use of tvb_new_subset_remaining since the
original tvb is not touched and move the comment about the proxy to the
right place.

Tested with the capture from Alexis (plain HTTP2 via Upgrade), the one
from bug 11331 (plain HTTP2 via heuristics) and a HTTP2 in SSL capture
(via heuristics).

Change-Id: Iead7682aa8d5114e4edcfd54eabcd0d659056cc1
Reviewed-on: https://code.wireshark.org/review/10541
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

[tcp] Fix case of incorrect "[TCP ACKed unseen segment]"

The invalid message occurred for an ack of a TCP segment
which included both retransmitted data and additional new data.

Bug: 11506
Change-Id: Id981d04c91b9e69b6ee1e0dea85aed142bf32594
Reviewed-on: https://code.wireshark.org/review/10395
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Bill Meier <wmeier@newsguy.com>

x509,ber: fix header field of large integers

In the past large integers would be displayed as text, later on this
was changed into a "proper" header field. In most cases you do not want
to see "ber.64bit_uint_as_bytes" though, but the original field name.

This patch allows fields that are marked as FT_BYTES to be displayed
with their original header field details (name, description, etc.).

Change-Id: I4ab1a4cce649a225c73298fbf4dcf1692c693a03
Reviewed-on: https://code.wireshark.org/review/10539
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

mate.released_time is added as a float so register it as such.

As noted in:
https://ask.wireshark.org/questions/45835/wireshark-mate-correlation-multiple-gops

Realistically all MATE's times should probably be converted to
FT_RELATIVE_TIMEs but that's a project for another day.

Change-Id: I11f640be769d16ccfd787ae2d7f3837fa03ad379
Reviewed-on: https://code.wireshark.org/review/10537
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

asni_tcap: actually regenerate dissector after cleanup

Rane make -C asn1 and found this missing change.

Somehow the unnecessary initialization was not included with the
dissector regeneration in 3243b6f964c96f0137fc3fffd66a74dd9f7910fd
("asn1: split off cleanup routines").

Change-Id: I26d6f0ca4e7fa0b791108f016c684556da5d06e8
Reviewed-on: https://code.wireshark.org/review/10538
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

MTP3 Summary: fix no previous prototype for ‘register_tap_listener_gtk_mtp3_summary’ [-Wmissing-prototypes]

Change-Id: Iee26ba47802f3091f7e7264d2d7ce4b5e22db53c
Reviewed-on: https://code.wireshark.org/review/10536
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Apply fix-encoding-args.pl "manually" and other cleanup.

I'm guessing fix-encoding-args.pl doesn't work on packet-ncp2222.inc because the hf_ declarations/definitions aren't in the file itself, so it can't figure out endianness or field type. So to bring the file up to modern coding standards, I did it "manually". In general I think this file has escaped critique because of the "generated" nature of the dissector.

Also removed tvb_ensure_bytes_exist and tvb_get_ptr use as both were superfluous.

Change-Id: I224f0ce15f8eb93c48ecb8eea66d161d98468f23
Reviewed-on: https://code.wireshark.org/review/10502
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ncp2222 Updates

Modifications to ncp2222.py

Add absolute time values eptime for file/volume info
Add support for 64 bit File Transfer NCP's (22/54, 22/55, 22/56, 22/57, 22/58, 87/70, 87/71, 87/72, 87/73, 89/41, 123/35)
Fix numerous dissection errors in NWInfo and ExtNWInfo structures
Fix some indention (white space) in source

Modifications to packet-ncp2222.inc
Change seq count rollover value to 16 instead of 255 to make it more robust
Add ncp 87,72 reply
Add ncp 8x20 request
Fix ncp 8x20 reply

Change-Id: I80bdcc5854c02edd4ea51c74aa0bbc9c0e062bc1
Reviewed-on: https://code.wireshark.org/review/10017
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>

Make fchdr "packet" scoped.

Broken in ge450b9b, when it stopped being static (which fixed other bugs). Conversations still need the fchdr "address" data to remain in scope.

Bug:11457
Change-Id: I17a3814bf76d2940124a2700fb6b12c6d7d834c1
Reviewed-on: https://code.wireshark.org/review/10518
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Eliminate proto_tree_add_text from odds and ends.

A few calls in the epan directory and comments in the ui directory

Change-Id: Ia8f8830ac6909ab94d3a03283bfd173456bc9718
Reviewed-on: https://code.wireshark.org/review/10492
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

IAP: Enhance Aruba IAP dissector

After some analysis, update the dissector
Display only VC IP when type = 3, 4, 5 or 7

Change-Id: I53214125eebe978f67f6503072638ce3521cd155
Reviewed-on: https://code.wireshark.org/review/10441
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

MPEG-PES: tell the user (in COL_INFO) when the stream or frame type is unknown.

Inspired by: https://www.wireshark.org/lists/wireshark-users/201508/msg00023.html

Change-Id: Ib632b79aef5cbb4c83965a276ec955be43493455
Reviewed-on: https://code.wireshark.org/review/10472
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>

SCSI: Fix typo on modelines

Change-Id: Id3613adbb69a4d02e752504a93bf13aa233ad00c
Reviewed-on: https://code.wireshark.org/review/10530
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: align display of packets statistics in status bar with GTK UI

Bug: 11517
Change-Id: Ie47b7eebe58e8a9ac485ddd04fe074c94a0c6741
Reviewed-on: https://code.wireshark.org/review/10531
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Christopher Maynard <Christopher.Maynard@gtech.com>

Begin support for Qt5 in RPM packaging

The spec file for building RPM's is not currently set up to handle
using Qt5 rather than Qt4.

This change adds Qt5 support to the spec file.

Change-Id: Ie726603377953bec41692a21148325829a26ba9a
Reviewed-on: https://code.wireshark.org/review/10276
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>

Bluetooth: ATT: Add remaining attributes

Add 34 attributes.
All attributes for this day should be supported now.
Expect 3:
    0x2906 - Valid Range
    0x2A2A - IEEE 11073-20601 Regulatory Certification Data List
    0x2A4D - Report
The first is hard to implement now, the second needs to buy
specification, the last one will be implemented later - when USB HID
implementation will be full.
Please note that FLOAT/SFLOAT types are now supported right now.

Change-Id: I0499e17257aa8cb831fbd0cf1524d8e59c98cac7
Reviewed-on: https://code.wireshark.org/review/10526
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>

Use FT_UINT40 in two places

Finally we have FT_UINT40, so used it in Bluetooth ATT and
HDP dissectors.

Change-Id: Iab0e71345f031bca972b1eee20d7e95e193b2aef
Reviewed-on: https://code.wireshark.org/review/10527
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>