git.samba.org - metze/wireshark/wip.git/log

[filesystem.c] Add a cast to aviod a warning with VisualStudio 2017.

Change-Id: I95186bd54ae487e112fcb533c62bb8f9b210dc24
Reviewed-on: https://code.wireshark.org/review/22309
Reviewed-by: Anders Broman <a.broman58@gmail.com>

wsutil: Free files in reset_default_profile

This plugs a memory leak.

Change-Id: Ic989a89353d10de6f8f07df6a734d2b912facb7e
Reviewed-on: https://code.wireshark.org/review/22305
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Write a list of profile files at startup

This file will contain all personal config files which will be
fetched from a profile.

Change-Id: I430ca84ccefc17f0e21c8efb93a92602ab8d5661
Reviewed-on: https://code.wireshark.org/review/22303
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

http: fix handling of HTTP responses followed by proxy responses

Reused TCP connections with multiple HTTP requests/responses (in
particular: HTTP request/response and HTTP proxy request/response)
exhibit the following problem: the first response sets "startframe" such
that the proxy response accidentally assumes that the proxy response
starts in that first response.

Fix this by only setting startframe if there is actually a transport
upgrade. Tested with original capture and the Websocket dissection still
works while Christian's capture has no longer the reported problem.

Change-Id: I8a7878b9a2a98878a9e5be4f680d4f109fd8ab55
Fixes: 94ae27661e80 ("WebSocket dissector improvements")
Reported-by: Christian Landström
Reviewed-on: https://code.wireshark.org/review/22294
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ISIS LSP: fix wrong bitmask for SPVID

Issue reported by Bo-Han Liao

Bug: 13821
Change-Id: I74641bef723e747bfe5fa87e946b7f4f74b94bf6
Reviewed-on: https://code.wireshark.org/review/22299
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

GSM SIM: define a dissector for both request and response

Define a dissector that can handle both requests and responses.
Look at pino->p2p_dir to detect if we have a request or repsonse.

(At the moment, there's a dissector for request+response in one packet
and two other dissectors for request and response messages.)

Use the new mechanism for USB CCID.

Change-Id: I7eb9861802b4244f92770602179f39642eb28641
Reviewed-on: https://code.wireshark.org/review/22289
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

tcp: Change the wording to include (s)

More than one packet could be meant by that

Change-Id: Ie751a282c927608414673c2cd48b11dc5e6d5ea6
Reviewed-on: https://code.wireshark.org/review/22283
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

cmake: allow building from a UNC source directory

Make two minor adjustments to allow building on Windows when the source
directory is specified in UNC notation (\\server\volume\directory)
instead of mapping such a directory to a drive letter.

Cmake's add_custom_command() calls "cd <work_dir>" if a working
directory is define as part of the rule. However,
cd \\server\volume\directory
is not allowed.

Modify the two occassions where the working directory is derived from
CMAKE_SOURCE_DIR.

For copying some install files, we can get away with using the absolute
path for each source file to be copied.

The perl script that creates the tap listing for lua does not depend on
a working directory at all. We can simply remove the WORKING_DIRECTORY
parameter.

Change-Id: Iac8e0addc44650692c1263fdca11f68315f50c63
Reviewed-on: https://code.wireshark.org/review/22236
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

USB CCID: unify the code to call subdissectors

Prepare the USB CCID code for replacing the "next protocol" preference
with Decode As.

USB CCID has a length field for the payload data. Use this field to
create the next_tvb. There's no need for different payload lengths
depending on the next protocol.

Use call_data_dissector() instead of referencing data_handle.

Set pinfo->p2p_dir regardless of the next protocol.

Change-Id: I042ecc9bd75245ee1d4d8a94532c9fd1de83e859
Reviewed-on: https://code.wireshark.org/review/22288
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Fix filter for "Next Packet in Conversation"

The "Previous/Next Packet in Conversation" actions accidentally
overwrites more specific filters (like TCP port matching) by less
specific ones (like IP addresses). This resulted in strange behavior
where packets from different TCP streams were selected.

Change-Id: Ifa93064e1db3777fa3c12e2220bbb0b36b9478fe
Reported-by: Christian Landström
Reviewed-on: https://code.wireshark.org/review/22274
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

IP: ensure that fragment contains payload before adding it for reassembly

Solves a UBSan runtime error null pointer passed as argument 1, which is
declared to never be null.
It can be reproduced with the pcap from bug 13603

Change-Id: I0d6fdddcccc892b3141855d59be372887afcaca5
Reviewed-on: https://code.wireshark.org/review/22272
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-xml: Add 3GPP, ETSI, GSMA and OMA media types

Not all media types are IANA registered
https://www.iana.org/assignments/media-types/media-types.xhtml
http://www.gsma.com/newsroom/wp-content/uploads/IR.95-v2.0-3.docx
http://www.openmobilealliance.org/release/XDM/V2_2_1-20170124-A/OMA-ERELD-XDM-V2_2_1-20170124-A.pdf

Change-Id: I7e2e1ef5ddcff91f04655d84836e10b9bf20d765
Reviewed-on: https://code.wireshark.org/review/22273
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix Toggle indicator for search

Removing the toggle indicator. Search behaves now the same as it
does for e.g. in SublimeText

Change-Id: I4523001b536caa116bcb989f0850aa769c6220f8
Reviewed-on: https://code.wireshark.org/review/22280
Reviewed-by: Roland Knall <rknall@gmail.com>

Qt: Rename "Filter Expressions" to "Filter Buttons"

Change-Id: I7adcb1d28d239bbc25d8a7a5969b34c6db84e022
Reviewed-on: https://code.wireshark.org/review/22277
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: Create the user profiles dir at startup

Ensure the user profiles directory is created at startup so that
users can put downloaded profiles without creating the directory.

Change-Id: Ib06bb3055daef8fd9e78d7887ce56f8fe50e48bf
Reviewed-on: https://code.wireshark.org/review/22275
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Manuf: Konica Minolta updates.

Correct a couple of entries related to Konica Minolta.

Change-Id: I3acea1cf7ab1ad9be5d1b367a1015f5205b9e80b
Reviewed-on: https://code.wireshark.org/review/22268
Reviewed-by: Anders Broman <a.broman58@gmail.com>

IPv4/IPv6 display filter fixes and testing

Removed 'len' from IPv4, not needed
Added more test coverage for IPv6 in dftestlib

Change-Id: I1ca80e2525f32f6095ad73352baba733f4694ced
Reviewed-on: https://code.wireshark.org/review/22260
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

IEEE 802.11: Use correct mask for 'SMK message'

Change-Id: I2def75c999faec0cbb16fd87133f09544bff78c4
Reviewed-on: https://code.wireshark.org/review/22264
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: make Wireless Timeline a separate item

Do not put the wireless timeline in the main view with splitters, it has
a fixed size anyway and is not taken into account for layout and size
calculations for the panes.

Bug: 13776
Change-Id: I71da962950c3f1b215908674f4852afa76744343
Reviewed-on: https://code.wireshark.org/review/22242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Simon Barber <simon.barber@meraki.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ieee80211-radio: allow 0 duration and handle missing phy type

Allows duration to be calculated to 0
Handles generators where PHY type is not reported, but it can be
determined from the rate.

Change-Id: Ic0b9e1b0e3e51f4d5b670d25fea064daf250a55f
Reviewed-on: https://code.wireshark.org/review/22261
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

GTPv2: put dissection under GTPv2 protocol item

Bug: 13813
Change-Id: Ic1582406896b2d4d3505ae1d3bb79cdbafa481da
Reviewed-on: https://code.wireshark.org/review/22247
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

mq: start removing some if (tree) checks

There are lots of if (tree) checks. Start removing some which
are obviously unnecessary.

Change-Id: I3f8e4b82cd84d8e92ae79492d705438e2df739bb
Reviewed-on: https://code.wireshark.org/review/22238
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Turn off auto scroll when going to a packet

When going to a packet (first, last, next, prev and specific) during
capture we must turn off auto scroll to let the packet be shown
in the packet list.

Change-Id: If1c615eb4d422c3b4c0418114064f7a4a0b75b35
Reviewed-on: https://code.wireshark.org/review/22244
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Don't scroll back to the selected frame when we get name resolution updates.

With live or large capture files and asynchronous name resolution this can
cause serious scrolling issues as the name resolutions come in.

Bug: 12074
Change-Id: I1a5cca410c0608927b32e9e7107885370caf14d7
Reviewed-on: https://code.wireshark.org/review/22245
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

AMQP: workaround some proto_tree_add_none_format() asserts

Previously proto_tree_add_none_format() could be called with any type
of field type, not FT_NONE only.

Change-Id: I78976a168fc1bf606b72ad38d284bb0bd1794b03
Ping-Bug: 13780
Reviewed-on: https://code.wireshark.org/review/22243
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

mq: don't THROW() an exception from a dissector

We can simply stop the dissection and exit.

Change-Id: Ida8895513a1949fe5826ab89ffec2168642a9e89
Reviewed-on: https://code.wireshark.org/review/22237
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

RLC: Renamed U-RNTI to UE ID

The 'U-RNTI' field in RLC Info struct is both used in the code and shown in the UI as a generic unique 'UE ID' (not specificly U-RNTI, although sometimes it is)
This commit renames the field to fit it's usage.

Change-Id: Ib42b8ed5192fe60c9a164d6d225634be53708c66
Reviewed-on: https://code.wireshark.org/review/22225
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Update the capture file load time each time we update the progress bar.

The Qt UI doesn't have a popup that tells you how long your file has been
loading. So let's set the load time each time we update the packets bar.

(Obviously this is only useful when you're waiting a long time for a file to
load...)

Change-Id: I9da372800a12454888439e2baf3d2a848c611501
Reviewed-on: https://code.wireshark.org/review/22234
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

AMQP: fix a stack overflow when offset goes back and forth

Previous code assumed that list decoding was successful and that some
bytes were consumed. Let's explicitly check this.

Bug: 13780
Change-Id: I3546b093f309f2b8096f01bc9987ac5ad9e029eb
Reviewed-on: https://code.wireshark.org/review/22235
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

MQ: check fragment length before trying to perform reassembly

Bug: 13792
Change-Id: Id0c116655288c5a3347911281a932ae80250c24f
Reviewed-on: https://code.wireshark.org/review/22233
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

X11: more sanity checks for BIG-REQUESTS messages

Check that we do not have any overflow when converting words to bytes

Bug: 13810
Change-Id: I43604f7bab427fc542c281e386ab9b994338366d
Reviewed-on: https://code.wireshark.org/review/22227
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

PROFINET IO: define an arbitrary recursion depth limit

Bug: 13811
Change-Id: I52bffd4a79dcdad9da23f33e1fc6a868472390bf
Reviewed-on: https://code.wireshark.org/review/22232
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Register for SFLOW_245_HEADER_FDDI.

In 609ea4baa62a523434cdd8ff350d56d135d588ae
(I459249b98741cc069495c84ad4c47c0aa6768096) I unintentionally removed
the registration. Put it back.

Change-Id: I4769fc10d74fe7358f9794b9697591c61324e883
Reviewed-on: https://code.wireshark.org/review/22239
Reviewed-by: Guy Harris <guy@alum.mit.edu>

DAAP: define an arbitrary recursion depth limit

Bug: 13799
Change-Id: I611e3e888f91f78262e0d685e613a2bc221687c5
Reviewed-on: https://code.wireshark.org/review/22210
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Qt: Flush signals when disable protocols

When opening the enabled protocols dialog from a protocol preferences
menu we must flush app signals to ensure a redissect is done.

Change-Id: I512b8f6959aabcc15ccffc67615583ee9c60ceec
Reviewed-on: https://code.wireshark.org/review/22224
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

SearchBar - Focus on shortcut instead of closing

If the searchbar is already open focus on the bar and highlight
existing test, instead of closing an already open bar

Change-Id: I4f8ae2e903cb65c0ebca238f3bcc1c62b63b5c3b
Reviewed-on: https://code.wireshark.org/review/22223
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Attempt to clean up addr_resolv flags by removing DUMMY_ADDRESS_ENTRY

Replace with easier to understand and already present NAME_RESOLVED given dummy address is always filled.

Change-Id: If8464f89e88722aac70689749fe0d4a31c119db2
Bug: 13798
Reviewed-on: https://code.wireshark.org/review/22110
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Remove unnecessary volatile qualifiers

Change-Id: Ieebb199e181251fd0730dbabb4b8e71d6ad46a6d
Reviewed-on: https://code.wireshark.org/review/21973
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

FP: Fix out of bounds error in heuristic PCH dissector

Heuristic PCH dissector was trying to access the packet's header (4 bytes) without asserting these bytes exist

Change-Id: Id2747e00ed353b1962293b3cd3ea6fbe9449a81d
Reviewed-on: https://code.wireshark.org/review/22220
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

[UMTS RLC] Rename proto variable

To match the recently renamed file name.

Change-Id: Id784b955ec96a52a5f380d415094dce81e1774d5
Reviewed-on: https://code.wireshark.org/review/22222
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

zbee-zcl-se: Implemented zigbee zcl se metering dissector

Implemented dissector to parse zigbee commands within SE metering cluster

Change-Id: Iffb179c3e6db88b91b9ec96ed4d4b12bbeac682e
Reviewed-on: https://code.wireshark.org/review/22221
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Misc snort fixes.

- search for content fields taking into account length of last match
- handle absolute path to file file inclusion not using $RULE_PATH
- parse longer tokens (saw emerging-threats rule with enormous pcre)
- content offset is relative to start of frame, *not* previous content match
- show content modifiers 'rawbytes' and 'http_user_agent'

Change-Id: I0a4e0b857c8049380ed6aa47e4a3d3649e84d4ad
Reviewed-on: https://code.wireshark.org/review/22211
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Added IPv4 byte slicing

Change-Id: I3bdca418801305d71b33fa07396497d82ad06e33
Reviewed-on: https://code.wireshark.org/review/22212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Put the definition of BIT_SWAPPED_MAC_ADDRS in the file where it's used.

In change 18a3b0659c209a2e0121eacd640b75e6c1c3b87d, I moved the table
that uses it, but not the actual definition, from libpcap.c to
pcap-common.c; they both should have been moved. Make it so.

Change-Id: I266fce455df3848b873cdfadb12cecdbf9c8d4d3
Reviewed-on: https://code.wireshark.org/review/22216
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Register for WTAP_ENCAP_FDDI.

In 609ea4baa62a523434cdd8ff350d56d135d588ae
(I459249b98741cc069495c84ad4c47c0aa6768096) I unintentionally removed
the registration. Put it back.

Change-Id: I7cf216378e1610350949910091ee187ce150ca05
Reviewed-on: https://code.wireshark.org/review/22213
Reviewed-by: Guy Harris <guy@alum.mit.edu>

OpenSafety: sanity check calculated length.

Original sanity check was missed for fragmentation

Bug: 13755
Change-Id: If9e24e01a119c869b02f198456776c8e6c6f2ad0
Reviewed-on: https://code.wireshark.org/review/22193
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>

[Automatic update for 2017-06-18]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I9a55ca147bd4e42b9caded98294597acfad99909
Reviewed-on: https://code.wireshark.org/review/22203
Reviewed-by: Gerald Combs <gerald@wireshark.org>

And use RVALS for connection_abort_reasons, as it's a range_string.

Change-Id: Id59aafdca242ef25bab5bde0e3adf5e8324c6e2d
Reviewed-on: https://code.wireshark.org/review/22202
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Flag field using a range_string with BASE_RANGE_STRING.

Change-Id: I6c6ac2f54adb0b4610e2f475312801bfae6715ed
Reviewed-on: https://code.wireshark.org/review/22201
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Revert "Temporary debugging hack, the sequel - fewer printouts, flush before crash."

This reverts commit fa3aa6781797dc8d838d1a1311555a3d5c342ed1.

Change-Id: I974606b2c7963d92832b74e05681431442542202
Reviewed-on: https://code.wireshark.org/review/22200
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Temporary debugging hack, the sequel - fewer printouts, flush before crash.

Change-Id: I867c1f78554fc6fabd2579107fe679a6f6033c0c
Reviewed-on: https://code.wireshark.org/review/22199
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Revert "Temporary hack to try to debug tshark -G values crash on 32-bit Windows."

This reverts commit 573a4c9cd59d7a14e4ab305284a287c705d6b945.

Change-Id: Ia967e1e7ae617556cb2d0247fa45026f610bafa8
Reviewed-on: https://code.wireshark.org/review/22198
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Temporary hack to try to debug tshark -G values crash on 32-bit Windows.

Change-Id: I837a1e724f58f3e85ae4d7c77715e185a4b1ebeb
Reviewed-on: https://code.wireshark.org/review/22197
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Clean up whitespace.

Change-Id: I67616d3ea6d325000c22c550c4d20c320b1c51db
Reviewed-on: https://code.wireshark.org/review/22195
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Expose RTPS dissector for Lua.

See https://ask.wireshark.org/questions/61824/how-to-get-a-reference-to-an-existing-heuristic-dissector-in-lua-in-order-to-wrap-rtps

Change-Id: I926b974da8e2de35c64cc46cba7b38e71368fcdd
Reviewed-on: https://code.wireshark.org/review/22137
Reviewed-by: Michael Mann <mmann78@netscape.net>

WiX: Fixup merge module configuration.

Set the merge module path based on our platform and version of Visual
Studio.

Change-Id: Ic866447f36d5264d61fc988f3f9d8b4d2e5c0827
Reviewed-on: https://code.wireshark.org/review/22192
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

[UMTS RLC] Renaming dissector files to fit FP/MAC

Currently the UMTS FP & MAC dissector's are named packet-umts_X.
This commit renames the UMTS RLC's files to show their relation.

Change-Id: I9e37be95f7c7d08278075a49b8abc2b480a13d64
Reviewed-on: https://code.wireshark.org/review/22188
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Do not process UI events while reading from live capture

For at least Qt, the main_window_update callback is not necessary to
make the stop button work. When restarting a live capture during a
flood (via Ctrl-R), this callback actually results in an infinite loop
in MainWindow::captureStop since the capture state never changes from
FILE_READ_IN_PROGRESS.

Remove this callback to ensure that the problematic
pipeActivated / sync_pipe_input_cb / capture_input_new_packets /
main_window_update / ... / on_actionCaptureRestart_triggered /
testCaptureFileClose / captureStop sequence is avoided.

Even though captureStop invokes capture_stop, I guess that this does not
change the state because the pipeActivated callback is already active.

Bug: 10917
Change-Id: I6ca4fa946963928b7bc8a53ca14f9a9a3a35eaa7
Reviewed-on: https://code.wireshark.org/review/22097
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Qt: fix hang on exiting Qt while loading capture file

testCaptureFileClose can also be invoked while reading an existing
capture file (the original comment only applied to GTK+, not Qt). When
the user quits Wireshark while reading an offline pcap, this could
result in a confusing "Unsaved packets" dialog. Fix this by checking the
actual capture session state.

After fixing this, the next issue is that cf_close trips on an assertion
("cf->state != FILE_READ_IN_PROGRESS"). To address this problem, do not
close the capture file immediately, but signal to the reader (cf_read)
that this should be done (similar to the quit logic in GTK+).

Bug: 13563
Change-Id: I12d4b813557bf354199320df2ed8609070fdc58a
Reviewed-on: https://code.wireshark.org/review/22096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

smpp: don't THROW() an exception from a dissector

If the pdu length is too short, we can simply stop dissection and return
the number of bytes we processed.

Change-Id: I11581daa3fdb80b3d5a07754039ec1b640945b2e
Reviewed-on: https://code.wireshark.org/review/22187
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

PIM: Add identification of Hello option 65004

Cisco uses propietary option 65004 to transmit RPF Proxy Vector
information. Add the name of the option to the option identification.

Change-Id: I5ee9e4d44d6326d8a457a8a4bbb24896e17216e8
Reviewed-on: https://code.wireshark.org/review/22186
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Note that we should probably support most if not all Ethertypes.

Change-Id: Ic4ea02540b04d589d46f487adc40f49a7fecad37
Reviewed-on: https://code.wireshark.org/review/22185
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Handle CMD over GRE.

Bug: 13804
Change-Id: I0d96122a0c7f39315316e4da32c29977e147d3d6
Reviewed-on: https://code.wireshark.org/review/22183
Reviewed-by: Guy Harris <guy@alum.mit.edu>

MTP2: Add expert_info warning for incorrect length indicator

ITU-T Q.703 2.3.3 specifies that the length indicator MUST be set
to its correct value. Adding a expert_info warning makes it easier
to determine if a capture uses the optional extended sequence number
format found in Appendix A, for which a preference already exists.

Change-Id: I7c99c7f2801a6d44d1bc693b59f38a76e08cfe4a
Reviewed-on: https://code.wireshark.org/review/22135
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

gsm_sms: decode UCS2 as UTF-16

Some phones (Android and iOS smartphones) encode emoji characters as
UTF-16 big endian and although the UTF-16 is not specified in the 3GPP
23.038 (GSM 03.38) it seems to be widely supported

Bug: 13808
Change-Id: Ic4a600e42fb4b471223aaef1a661bd002835b519
Reviewed-on: https://code.wireshark.org/review/22181
Reviewed-by: Guy Harris <guy@alum.mit.edu>

IEEE 802.15.4: Enable decryption and decode new aux header fields for v2015

Change guard that prevents decryption of v2015 to only check if frame counter
suppression is not used.

Add new aux header fields.

Cleanups.

Bug: 13805
Change-Id: Ib025e724415d7d7b85d63e2f44a37c7c691e9de6
Reviewed-on: https://code.wireshark.org/review/22165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix JSON UTF-8 character validation and dissection

In abda30e9e validation of JSON UTF-8 characters was implemented but it
doesn't handle well the valid characters

Bug: 13806
Change-Id: Id8777065cfff9deae94f457dee08017d03b50f20
Reviewed-on: https://code.wireshark.org/review/22169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Have two separate routines for wlantap dissection - OCTO and pre-OCTO.

The two code paths don't share any code, so they might as well be in
separate routines.

That makes it even easier to read.

Change-Id: I8ee335f4cac2aedc42216db7f9674e1a609d9347
Reviewed-on: https://code.wireshark.org/review/22179
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Further cleanup.

Move some commented-out code where it belonged, and #if 0 it out
instead.

Have only *one* test for OCTO.

Change-Id: I6e8803f936ebd88f1705b2185f034ec0b2bddb77
Reviewed-on: https://code.wireshark.org/review/22177
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Clean up the 802.11 payload handling a bit.

Two separate checks for OCTO, one right after the other, is a bit
confusing.

Change-Id: I702aa1809dc7271b69b5419dc850228fac516ed6
Reviewed-on: https://code.wireshark.org/review/22175
Reviewed-by: Guy Harris <guy@alum.mit.edu>

GSM A DTAP: update UE test loop modes

Change-Id: If05423a765c461a1e6df4856afae4e290bd684db
Reviewed-on: https://code.wireshark.org/review/22168
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Fix SURROGATE_VALUE() to match what RFC 2781 says.

While we're at it, note in the comment for get_utf_16_string() the
"decoding UTF-16" algorithm in RFC 2781.

Change-Id: I5d7dc5c09af0474c055796e49e0c7b94fa87d2ad
Reviewed-on: https://code.wireshark.org/review/22171
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Rename FindOS_X_FRAMEWORKS.cmake for the new OS name.

It's now FindMACOS_FRAMEWORKS.cmake.

(But is it actually *used*? CMakeLists.txt does the check itself.)

Change-Id: I6e972869b94da959dc7c9a3fccacfbd35e0e992c
Reviewed-on: https://code.wireshark.org/review/22163
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Change some names to reflect Apple's new UNIX-for-Macs name.

{OS_X,os_x} -> {MACOS,macos}.

Change-Id: Icebea6ab566c65996ee97bacb88fac7e84ec32de
Reviewed-on: https://code.wireshark.org/review/22161
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Rename a routine to match the OS name.

It's now "macOS".

While we're at it, note that the property list from which it fetches
version information still calls it "Mac OS X".

Change-Id: I438ef9dc65c2619d7378b0deb5efc84734a2ac6d
Reviewed-on: https://code.wireshark.org/review/22159
Reviewed-by: Guy Harris <guy@alum.mit.edu>

RADIUS: Add dictionary support for format= with BEGIN-VENDOR

Bug: 13745
Change-Id: Ibd00ea4818eb4b47a2c46324c1bfc878fef03d1e
Reviewed-on: https://code.wireshark.org/review/22155
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Refactor JSON output functions

Refactors the print.c json output functions to be more intuitive and
to allow easy switching to single json keys with a json array of values
instead of duplicate json keys. With this commit the json output does
not change at all.

These changes have been tested on multiple decrypted http2 traces with
the following testing method:
- Save the pcap file as json with a build of the current master branch.
- Save the pcap file as json with a build of the master branch + this
commit.
- Compare the files for changes with the "cmp" utility.

No differences were found between files for multiple different decrypted
http2 traces. Printing with the "-x" or "-j" options also does not
produce any changes either.

Bug: 12958
Change-Id: Ibd3d39119c3a08906389aa8bbf4e2a2b21dd824e
Reviewed-on: https://code.wireshark.org/review/22064
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Put the {un}install_XXX() definitions in the right order.

Put them in the same order as the order in which the _VERSION values are
defined and in which they're invoked.

Similarly, do the "make sure we have the requested version installed"
tests in the same order as the un-installation order (which is the
reverse of the installation order).

Change-Id: I0e2bd1d249832090c3d81bacfe010de19de54cdf
Reviewed-on: https://code.wireshark.org/review/22158
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Move libgcrypt and libgpg-error to the set of required libraries.

We now require libgcrypt, and libgcrypt requires libgpg-error.

Change-Id: Ifdf40acb11fef84485310321523500b1396736b6
Reviewed-on: https://code.wireshark.org/review/22157
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Update to newer versions of libgcrypt and GnuTLS.

We want a newer version of libgcrypt to get additional crypto functions.
Update to the current release, 1.7.7.

Update to the current release of libgpg-error, 1.27, while we're at it.

Update to the current "stable" version of GnuTLS, 3.4.17; 2.12.19
doesn't work with libgcrypt 1.7.7. 3.4.17 requires Nettle, and Nettle
requires GMP, so, if we're building with GnuTLS, download and install
the current versions of Nettle and GMP.

GMP requires lzip, so download and install it as well.

Clean up some "version >= x.y.z" checks to check the major version
number in all cases.

Change-Id: I39cccd34e0d7f49ac35b0bbacdab03251d42a1de
Reviewed-on: https://code.wireshark.org/review/22156
Reviewed-by: Guy Harris <guy@alum.mit.edu>

gsm-a, nas-eps: enhance handling of missing mandatory i.e.

When a mandatory information element is missing, try to report an expert info,
instead of throwing a fatal malformed exception (or of reporting nothing at all).

According to TS 24.007 11.2.3, a mandatory i.e. may be part of the imperative part
of the message, so that expert info should be at PI_ERROR level

Change-Id: Id399c236f2923db36540bbda0d29d666548f7cbd
Reviewed-on: https://code.wireshark.org/review/22134
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add a comment indicating what releasw we're testring for.

This makes those tests more like other such tests.

Change-Id: Ide920d4083f6092ce5892adf4fc178236c49729f
Reviewed-on: https://code.wireshark.org/review/22150
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Make the short names for USB encspsulation types more regular.

Have them all be "usb-XXX", where XXX indicates the type of header.

Change-Id: I7f1bfea7e264b17c57f94c484d64d1cce91b9b78
Reviewed-on: https://code.wireshark.org/review/22147
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Better names for various USB headers.

Change-Id: Iec2126fa1b71d9923ef0fb9ca2a027f7752d71f3
Reviewed-on: https://code.wireshark.org/review/22144
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Miscellaneous texual corrections and addition

Correct some symbolic references in source file comments
and add a note about the CMake configuration options.

Change-Id: Idb670a2c798c2a52cdce142340ce8fc5a2022508
Reviewed-on: https://code.wireshark.org/review/22138
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

udpdump.c: Don't include epan headers.

udpdump has local copies of the tag values from exported_pdu.h, so the
dependency isn't needed. exported_pdu.h required tv_buff.h and packet_info.h,
whose inclusion caused link errors on SPARC.

Bug: 13801
Change-Id: Icbf7b59b8af0d3a0fc73599baad6932e76dc3462
Reviewed-on: https://code.wireshark.org/review/22131
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-btrfcomm.c: Prevent over bit shift in get_le_multi_byte_value.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2163
Bug: 13783
Change-Id: I92cefec86f9545345d00cf28e32ef7c05064417c
Reviewed-on: https://code.wireshark.org/review/22141
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-x11.c: Sanity check BIG-REQUEST length

Bug: 13793
Change-Id: I8863da14f889c68d161f4e53aa6a4e0d2636ba48
Reviewed-on: https://code.wireshark.org/review/22140
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

TCP Analysis: Update the spurious retransmission check.

The spurious retransmission check operates on the last-seen
acknowledgment in the reverse direction. Adjust the analysis logic so
that it is checked independently of the forward sequence number.

Update the documentation accordingly.

Change-Id: I3714f44398501a581f967c61e119fe95f90209b1
Reviewed-on: https://code.wireshark.org/review/21769
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

infiniband: add RETH remote key to infinibandinfo struct

RETH remote key might be needed in protocol's dissectors.

Remote access key is shared out of band usually via RDMA
send operation. This key sharing is upper layer protocol specific
and protocol dissector knows about the key.
infiniband layer do not know about which rkey is shared.

For protocol dissectors to associate data packets with past
command packets, infiniband needs to provide the rkey.

Change-Id: I927116d649ed2b01c388afbcdb924cb7e5128e12
Signed-off-by: Nitzan Carmi <nitzanc@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Tested-by: Nitzan Carmi <nitzanc@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/22123
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RADIUS: Fix dissection for non-default VSA lengths

Ping-Bug: 13745
Change-Id: I1c9f69d0015ba9bea16d8300fbfd85abe110f829
Reviewed-on: https://code.wireshark.org/review/22136
Reviewed-by: João Valverde <j@v6e.pt>

IEEE 802.15.4: Fix IE/MIC handling of secured packets without payload

Change-Id: Icdcb770723e3783013f525524c3fe745d5dd862d
Reviewed-on: https://code.wireshark.org/review/22122
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-lorawan.c: get_encryption_keys_app_eui must be included in GCRYPT_VERSION_NUMBER check

Change-Id: I35d4ab99690839c3999e3fb5b471027271a81042
Reviewed-on: https://code.wireshark.org/review/22132
Reviewed-by: Michael Mann <mmann78@netscape.net>

[tap-rtp-common] Add EVS to mimetype_and_clock_map

Change-Id: I21b3d023c8644421059d84b0905ff264e991c8a8
Reviewed-on: https://code.wireshark.org/review/22127
Reviewed-by: Anders Broman <a.broman58@gmail.com>

LoRaWAN: Use proto_tree_add_checksum for MIC verification

Change-Id: Iaf705172496e26f571f77902bcc1a95f3b817c80
Reviewed-on: https://code.wireshark.org/review/22098
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

DOCSIS: Prevent infinite loop from unknown FCParm.

concatlen was not updated if FCParm was unknown, leading to an infinite loop.

Bug: 13797
Change-Id: I1b64d757a369183a711f01b0b5cd1ba7aa0787bc
Reviewed-on: https://code.wireshark.org/review/22120
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

WBXML: Fix some more potential infinite loops.

tvb_get_guintvar can generate some unrealistic values so do some
sanity checking on them.

Bug: 13796
Change-Id: I2d5f7a48c2e982a419ea6ab3ac0000be3b6bcbc7
Reviewed-on: https://code.wireshark.org/review/22121
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

SMB2: Improve FILE_ALL_INFORMATION query response.

Add support for the fields Position Information, Mode Information
and Alignment Information in the FILE_ALL_INFORMATION query response.

Bug: 13800
Change-Id: I838fba1df26fe0f65394f0fe31b83645a707c166
Reviewed-on: https://code.wireshark.org/review/22117
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>

RADIUS: Add comment explaining WiMAX non-standard VSA format

Change-Id: I5b3417c94ab10d4ed22258bdb2ef0f670dd2b995
Reviewed-on: https://code.wireshark.org/review/22118
Reviewed-by: João Valverde <j@v6e.pt>

Don't use frame_length at all if we don't have libgcrypt >= 1.6.0 and encryption keys.

Change-Id: Ia82fa67bbb9056204ed70b150f3d1e6db9ceed25
Reviewed-on: https://code.wireshark.org/review/22116
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>