Mirko Parthey [Thu, 8 Sep 2016 21:00:34 +0000 (23:00 +0200)]
ISAKMP: Reduce code duplication
Equalize attribute dissecting functions:
* Convert all attribute type names to range_string.
Add "Unassigned" and "Private use" ranges while we are at it.
* Swap the order of format and type fields for config attributes.
Move common code into the new function dissect_attribute_header().
Try to keep the parameter list short:
* Group the hfindex values for attribute details into a struct.
* Merge attribute subtree types.
Add a colon in the main attribute item label for visual separation.
Skip dissection of config attributes for unknown IKE versions.
Change-Id: I6e6286f3d4cf16f3cd16a23aca540c4af72f3442
Reviewed-on: https://code.wireshark.org/review/17663
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Fri, 16 Sep 2016 15:37:44 +0000 (17:37 +0200)]
Qt: allow file dialogs to mark an UAT as dirty
Otherwise changes to just the the key file path in the SSL keys list
dialog are not saved to disk.
Bug: 12640
Change-Id: I12c66efab04a19d662b8090629b8e67aefc01984
Reviewed-on: https://code.wireshark.org/review/17738
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Graham Bloice [Sat, 17 Sep 2016 17:54:41 +0000 (18:54 +0100)]
Make Winflex\bison the preferred option
Cygwin flex\bison generate shortening warnings due to size_t on
Win 64. The win flex\bison versions don't so find them first.
Change-Id: Ib68c84435f859325612410b72b6cf21cf106ecc2
Reviewed-on: https://code.wireshark.org/review/17763
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Pascal Quantin [Sun, 18 Sep 2016 07:31:01 +0000 (09:31 +0200)]
extcap: fix management of multicheck and saved non boolean arguments
Launching USBPcap without going in the interface options menu exhibits 2 bugs:
- we should restore a value only if it is not an empty string (otherwise USBPcap with an ampty --devices multicheck argument)
- when building the argument list for a non boolean argument not using the default value, do not call g_strconcat. It will
build a string concatenating the option and value (for example "--devices 1" that will be treated as a single argument).
Instead option and value must be given separately to argument list.
Bug: 12846
Change-Id: I5628cb264a7632089e6579e9ae7400e2c0e500e2
Reviewed-on: https://code.wireshark.org/review/17773
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
BACdaBASpert [Fri, 16 Sep 2016 23:57:50 +0000 (16:57 -0700)]
update bacapp vendor id to name mapping from BACnet
Change-Id: Ibd09e3d8ec167a9270545e37365a2370ac6c2c28
Reviewed-on: https://code.wireshark.org/review/17753
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Sat, 17 Sep 2016 15:48:41 +0000 (10:48 -0500)]
Fix up coding style in ByteViewText.
As WSDG 12.2.2.1 says, use trailing_underscore_ convention for member
variables.
Change-Id: I7d6dbcce3908aefc167cdc6ee1d054a2f5f5a072
Reviewed-on: https://code.wireshark.org/review/17756
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Sat, 17 Sep 2016 20:44:45 +0000 (13:44 -0700)]
The full identity string was added above.
Change-Id: I0945cb9cb6a9d5ccf3756b887654d73a28035a49
Reviewed-on: https://code.wireshark.org/review/17768
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sat, 17 Sep 2016 20:25:44 +0000 (13:25 -0700)]
Update a comment.
In one of the two cases where we treat the first byte of an identity as
a prefix, we know it's EAP-AKA. (In the other, we do *not* know that!)
Change-Id: I16625f7193eb3ab0840739ec37dbd64e2a5a0fb5
Reviewed-on: https://code.wireshark.org/review/17767
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stig Bjørlykke [Sat, 17 Sep 2016 10:37:11 +0000 (12:37 +0200)]
Qt: Hide columns after setting widths
In columnsChanged() the visibility must be set after setting
the width to avoid that setting width overwrites visibility.
This should fix hidden columns displayed during first capture.
Bug: 12377
Change-Id: Idbbf36b014724970775c34b0c08803de9b006742
Reviewed-on: https://code.wireshark.org/review/17755
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Guy Harris [Sat, 17 Sep 2016 20:14:04 +0000 (13:14 -0700)]
Fix handling of EAP identity.
There's no guarantee that the identity is a string whose first character
is a prefix indicating the type of identity; only display it as a prefix
if it's one of the known types. We really may need some other mechanism
to determine how to parse the identity, perhaps based on what the
protocol layers below it are.
Put back the display of the full string in one case where that was
inadvertently removed.
Change-Id: I2e3324f964fa25ebd7065ddb0de82ffae6597509
Reviewed-on: https://code.wireshark.org/review/17764
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kaiser [Sat, 17 Sep 2016 16:46:26 +0000 (18:46 +0200)]
eap: make eap_identity_prefix a numeric item
This used to be string item, its value was not 0-terminated. This
resulted in out-of-bounds mem acceess when eap_identity_prefix was used
by proto_tree_add_string_format().
==14744== Conditional jump or move depends on uninitialised value(s)
==14744== at 0x4C294F8: strlen (mc_replace_strmem.c:390)
==14744== by 0xC19C97F: g_strdup (gstrfuncs.c:355)
==14744== by 0x739CA75: string_fvalue_set_string (ftype-string.c:51)
==14744== by 0x67136A9: proto_tree_add_string (proto.c:3515)
==14744== by 0x6713870: proto_tree_add_string_format (proto.c:3547)
==14744== by 0x69BB494: dissect_eap (packet-eap.c:838)
==14744== by 0x66FD0B4: call_dissector_work (packet.c:649)
As the content is a number anyway, the simplest solution is to make
eap_identity_prefix a numeric item and use
proto_tree_add_uint_format_value().
Bug: 12913
Change-Id: I907b1d3555a96e9662b1d8253d17d35adfdada48
Reviewed-on: https://code.wireshark.org/review/17760
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kaiser [Sat, 17 Sep 2016 17:10:35 +0000 (19:10 +0200)]
eap: (trivial) reformat a comment
Change-Id: I2c8a8066f1591004ace6362e24be57b6cec747d1
Reviewed-on: https://code.wireshark.org/review/17762
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Martin Kaiser [Sat, 17 Sep 2016 17:03:26 +0000 (19:03 +0200)]
eap: remove unnecessary if (tree) checks
Change-Id: If42a5d610eea7c7818a0d37dd5878c84ba7f7d81
Reviewed-on: https://code.wireshark.org/review/17761
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Pascal Quantin [Sat, 17 Sep 2016 16:36:32 +0000 (18:36 +0200)]
ISUP: do not display Called Party Number twice
Bug: 12911
Change-Id: I3632ffbeb85a96d9268eca6ddc0f8b38587688c4
Reviewed-on: https://code.wireshark.org/review/17758
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 16 Sep 2016 20:15:57 +0000 (22:15 +0200)]
p_XXX_proto_data: only allow the use of pinfo and file scopes
Those are the only ones meaningful. Let's convert the buggy dissectors
and add an assert to avoid the misuse of the pool parameter in the future
Change-Id: I65f470b757f163f11a25cd352ffe168d1f8a86d3
Reviewed-on: https://code.wireshark.org/review/17748
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 16 Sep 2016 18:59:06 +0000 (20:59 +0200)]
NSIS: add UDPdump to installer
Change-Id: Ic340d7de5de2573bf1e4ee97c8f7ef9af822d225
Reviewed-on: https://code.wireshark.org/review/17746
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Wu [Fri, 16 Sep 2016 15:05:55 +0000 (17:05 +0200)]
extcap: fix heap-use-after free after saving prefs
All strings passed to prefs must be valid for the lifetime of the
program (before prefs_cleanup is called). Use wmem for this purpose.
Fixes
v2.3.0rc0-660-g26bf66f
Change-Id: I94f3bbb8ac6e18ae59d6462525f6bbc46fdb0f1f
Reviewed-on: https://code.wireshark.org/review/17737
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Fri, 16 Sep 2016 11:56:47 +0000 (13:56 +0200)]
Remove -Wdeclaration-after-statement
This is a C99 feature which we can use now.
Change-Id: I84a63d6bf282b79c9f0da0543b3b4f5a0cf0c81a
Reviewed-on: https://code.wireshark.org/review/17733
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Tue, 23 Aug 2016 16:14:03 +0000 (18:14 +0200)]
TLS(1.3): Add Share Key (40) Hello extension
Bug: 12779
Change-Id: I5cbc911f2c7818558c5182d2e3ccf9235be9281b
Reviewed-on: https://code.wireshark.org/review/17301
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Wed, 7 Sep 2016 21:15:44 +0000 (23:15 +0200)]
TLS: Pass directly the handshake_type to dissect_hnd_hello_ext
with TLS 1.3, there is a new 'Hello' type (Hello Retry Request)
Change-Id: If7a11b70a5b0a69044126c50e1d6ab4e1d443f77
Reviewed-on: https://code.wireshark.org/review/17573
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Mon, 22 Aug 2016 15:55:10 +0000 (17:55 +0200)]
TLS(1.3): Add new Hello extension list
* Key share (40)
* Pre-Shared Key (41)
* Early Data (42)
* Cookie (44)
Bug: 12779
Change-Id: I16e3cf691ae66e244608db233db180e24538a68d
Reviewed-on: https://code.wireshark.org/review/17239
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Mon, 22 Aug 2016 09:01:59 +0000 (11:01 +0200)]
TLS(1.3): Add (experimental) extension 'Draft version TLS 1.3'
Coming from https://github.com/tlswg/tls13-spec/wiki/Implementations#version-negotiation
Bug: 12779
Change-Id: Ieca74eac737b5ba6c101b719e2e5e3aecf931279
Reviewed-on: https://code.wireshark.org/review/17226
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Mon, 22 Aug 2016 08:08:00 +0000 (10:08 +0200)]
TLS(1.3): Fix Server Hello
There is no session_id and compression method with TLS 1.3 Server Hello
Also no time on first bytes of random field
Bug: 12779
Change-Id: Id79221c2ad50695cf6d46cd5c9255deab99e2d2c
Reviewed-on: https://code.wireshark.org/review/17225
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Alexis La Goutte [Sun, 21 Aug 2016 07:33:39 +0000 (09:33 +0200)]
TLS(1.3): Add TLS 1.3 value for version Handshake
Bug: 12779
Change-Id: I298ecf4a0537df2e88354aed6912d4298a094216
Reviewed-on: https://code.wireshark.org/review/17224
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Stig Bjørlykke [Fri, 16 Sep 2016 18:32:04 +0000 (20:32 +0200)]
Qt: Reset expert info icon when start capture failed
When starting capture fails the expert info icon must be removed
and the file status must be cleared. This happens more frequently
when using sshdump with configuration errors.
Change-Id: I9b2215c71bd16406a0978256018b1664f06c19f1
Reviewed-on: https://code.wireshark.org/review/17741
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Guy Harris [Fri, 16 Sep 2016 18:40:31 +0000 (11:40 -0700)]
Type and size cleanups.
Use size_t for sizes. Do checks to make sure we don't overflow ints.
Change-Id: Id0846cc5c6348d67a23064517ad1c432cf1cb61a
Reviewed-on: https://code.wireshark.org/review/17742
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pascal Quantin [Fri, 16 Sep 2016 18:55:31 +0000 (20:55 +0200)]
M3AP: remove Procedure Code from info column
Change-Id: I69aebed5000f6544eede69e7435fb49e4e0ce179
Reviewed-on: https://code.wireshark.org/review/17744
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Fri, 16 Sep 2016 18:54:23 +0000 (20:54 +0200)]
M2AP: remove Procedure Code from info column
Change-Id: I965cc0455f5f3ac8a676cc0e3453e8a449d76109
Reviewed-on: https://code.wireshark.org/review/17743
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Guy Harris [Fri, 16 Sep 2016 17:41:11 +0000 (10:41 -0700)]
Add ws_hexstrtou{bits} and use ws_hexstrtou32 in androiddump.
Make the reply length unsigned - there's no reason for it to be signed.
Change-Id: I5f4d1f027eeddee939547c052220efb89800f4b1
Reviewed-on: https://code.wireshark.org/review/17740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dario Lombardo [Fri, 16 Sep 2016 14:59:51 +0000 (16:59 +0200)]
udpdump: use socket_handle_t instead of int for portability.
Change-Id: Ic31302046e95d1678073a8a77812316be367e9a5
Reviewed-on: https://code.wireshark.org/review/17736
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Gerald Combs [Fri, 16 Sep 2016 01:20:05 +0000 (18:20 -0700)]
Qt: Argument vector fixups.
In wireshark-qt.cpp we have two "argv" variables, one that we pass to
QCoreApplication (which it then corrupts irreversibly on Windows if you
pass it multibyte characters), and one that we convert to UTF-8 and use
normally.
Name the throwaway argument vector "qt_argv". Name ours "argv", which is
the traditional and less error-prone name.
Bug: 12900
Change-Id: Idd80b9f779f36ffe977465afd623d320212f92b1
Reviewed-on: https://code.wireshark.org/review/17723
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Dario Lombardo [Fri, 16 Sep 2016 12:07:38 +0000 (14:07 +0200)]
eap: add identity details.
Change-Id: I60e017ac48d9daf52b8a40809625dc1ae09c9d8e
Reviewed-on: https://code.wireshark.org/review/17735
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann [Sun, 4 Sep 2016 02:22:50 +0000 (22:22 -0400)]
Have TPKT support a TCP port range preference instead of having "subdissectors?" register their own.
There are a number of dissectors who are subdissectors of TPKT (and OSITP) that are
not called by TCP dissector directly, yet can possibly register a TCP port "on the
behalf" of TPKT. Just allow TPKT to support a range of ports to possibly include
these protocols.
Remove the preferences from these dissectors, but add backwards compatibility for
the preferences by hooking into set_prefs and have the preferences just hook into
Decode As functionality directly.
Change-Id: Ic1b4959d39607f2b6b20fa6508da8d87d04cf098
Reviewed-on: https://code.wireshark.org/review/17476
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dario Lombardo [Wed, 31 Aug 2016 08:14:33 +0000 (10:14 +0200)]
extcap: make extcap use the ws_strtoi/u functions.
Change-Id: Id75c72eba869c8a0f413ce8b5d6329ce172aed1f
Reviewed-on: https://code.wireshark.org/review/17415
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Alexis La Goutte [Fri, 16 Sep 2016 08:14:00 +0000 (10:14 +0200)]
VTP: Always display reserved/unsed fields
Change-Id: Ib0b065c20e599567224c05068dad5bd24a711609
Reviewed-on: https://code.wireshark.org/review/17728
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Kenneth Soerensen [Thu, 15 Sep 2016 18:46:37 +0000 (20:46 +0200)]
ZigBee: Fix reassembly of APS fragments.
The unsigned variable num_blocks was initialized to -1. Which caused the
dissector to set the total length to
4294967295 fragments when the second
fragment was processed. This made the dissector unable to reassemble data
made of more than two fragments.
Change-Id: I120af090ed29ac73a1fa699bea2bfc91798ef92b
Reviewed-on: https://code.wireshark.org/review/17712
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Fri, 16 Sep 2016 08:03:12 +0000 (10:03 +0200)]
ssl-utils: fix -Wshorten-64-to-32 and other warnings
Fixes -Wshorten-64-to-32 from
v2.3.0rc0-697-gb1d36fe ("ssl-utils: remove
block and key sizes from cipher suites table"), -Wpointer-sign,
-Wunreachable-code-break.
Change-Id: I37ca5e9effe5d6560d49ccef53e9feb096cd2ad6
Reviewed-on: https://code.wireshark.org/review/17727
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Guy Harris [Fri, 16 Sep 2016 10:01:49 +0000 (03:01 -0700)]
ws_strou16() now takes three arguments.
Change-Id: I94a3a8707de724b1b4c2fafaa4c96d2a52b418c6
Reviewed-on: https://code.wireshark.org/review/17732
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 16 Sep 2016 09:59:40 +0000 (02:59 -0700)]
Squelch some compiler warnings.
gcry_cipher_get_algo_keylen() returns a size_t, which is bigger than a
guint on most if not all 64-bit platforms; however, if the key is bigger
than 2^32 bytes, we have bigger problems, so just cast it down.
Change-Id: Ia7c97d2742686daf2e42f634c6e349cb580fa9df
Reviewed-on: https://code.wireshark.org/review/17731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dario Lombardo [Wed, 10 Feb 2016 14:45:45 +0000 (15:45 +0100)]
extcap: add udpdump.
Udpdump is a generic UDP receiver that exports datagram in PCAP format.
Change-Id: I52620a92b12530b6f9b5449c43e692663acdfc14
Reviewed-on: https://code.wireshark.org/review/17195
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Peter Wu [Thu, 15 Sep 2016 22:49:15 +0000 (00:49 +0200)]
ssl-utils: fix runtime memory leak
Ensure that Libgcrypt and zlib memory are freed when closing a pcap.
Change-Id: I420f9950911d95d59ff046fee57900ca6f7e9621
Reviewed-on: https://code.wireshark.org/review/17718
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Thu, 15 Sep 2016 21:57:15 +0000 (23:57 +0200)]
ssl-utils: remove block and key sizes from cipher suites table
There was an implicit dependency between the block size in the cipher
suites table and the size expected by Libgcrypt. Just remove the block
size from the table and rely on the value from Libgcrypt to avoid the
risk of mismatching values (which could lead to a buffer overflow).
While at it, remove the size of the key ("bits") and the size of key
material ("eff_bits") too. Move the key material sizes for export
ciphers away from the table and use byte quantities instead of bits.
Additionally, this fixes an issue where 8 bytes of uninitialized stack
memory is written to the SSL debug log for stream ciphers like RC4.
The size of the Write Key is also corrected for export ciphers, now it
prints the actual (restricted) number of bytes that are used.
Change-Id: I71d3c83ece0f02b2e11e45455dc08c41740836be
Reviewed-on: https://code.wireshark.org/review/17714
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu [Wed, 14 Sep 2016 23:41:20 +0000 (01:41 +0200)]
ssl-utils: fix buffer overrun (read) with AEAD cipher suites
ssl_cipher_init should only set the IV for CBC cipher suites. NULL
cipher suites will not invoke gcry_cipher_setiv and AEAD ciphers will
set the nonce in a different place anyway.
Fixes a buffer overrun (read) by 12 bytes for any AES-CCM and AES-GCM
cipher suite because the "block size" is set to 4 bytes while the
reported block size for AES is 16 bytes (128 bit). (The four bytes are
the "salt" part of the nonce that is extracted from the "client/server
write IV" part of the key block.)
Observed with the DTLS packet capture from
https://ask.wireshark.org/questions/55487/decrypt-application-data-pending-dtls-abbreviated-handshake-using-psk
Change-Id: I4cc7216f2d77cbd1eac9a40dca3fdfde7e7b3680
Reviewed-on: https://code.wireshark.org/review/17713
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Mikael Kanstrup [Wed, 14 Sep 2016 12:21:10 +0000 (14:21 +0200)]
Use valid channel parameters from wireless toolbar
Both the QT and GTK wireless toolbar used "-1" to indicate unused
channel parameters. This was an undocumented feature that recently
stopped working. Use the now documented way (NULL) to specify that
some parameters are not used.
Bug: 12896
Change-Id: I4a93a15ba1d880592b355b7eca155632a4b92ea0
Reviewed-on: https://code.wireshark.org/review/17700
Reviewed-by: Gilbert Ramirez <gram@alumni.rice.edu>
Petri-Dish: Gilbert Ramirez <gram@alumni.rice.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke [Thu, 15 Sep 2016 07:08:18 +0000 (09:08 +0200)]
Qt: Avoid crashes in IAX2 Stream Analysis
Avoid crash when opening IAX2 Stream Analysis without having any
packets and when not having a selected packet. Also disable the
Save Audio options if not having any IAX2 packets.
Also set Close as default button.
Change-Id: I1da04e3f907d9d562fa227ab9f0428aa6097131e
Reviewed-on: https://code.wireshark.org/review/17708
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Fri, 16 Sep 2016 01:32:21 +0000 (18:32 -0700)]
Don't pick up junk from an unset error-number variable.
Keep the actual error code and pointer-to-error-string in the scanner
state, rather than pointers to the variables passed in to us.
Initialize them to 0 and NULL, respectively.
That way, when the actual scanner routine returns, we don't check for an
error by looking at the error variable pointed to by our argument, which
might not have been set by the scanner and might have stack junk in it,
we look at a structure member we set to 0 before the scan.
Change-Id: I81a4fd6d5cf5e56f5638fae1253c48dc50c9c36d
Reviewed-on: https://code.wireshark.org/review/17721
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Thu, 15 Sep 2016 22:20:26 +0000 (15:20 -0700)]
Don't pick up junk from an unset error-number variable.
Keep the actual error code and pointer-to-error-string in the scanner
state, rather than pointers to the variables passed in to us.
Initialize them to 0 and NULL, respectively.
That way, when the actual scanner routine returns, we don't check for an
error by looking at the error variable pointed to by our argument, which
might not have been set by the scanner and might have stack junk in it,
we look at a structure member we set to 0 before the scan.
Bug: 12903
Change-Id: I5a382da569a226e60c3c2a47f3a1515b0490c31d
Reviewed-on: https://code.wireshark.org/review/17716
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dario Lombardo [Fri, 9 Sep 2016 14:41:15 +0000 (16:41 +0200)]
cli: use ws_strtou function.
Change-Id: Ic358c50aa21dac485348ee5f7af8947f75e4f952
Reviewed-on: https://code.wireshark.org/review/17611
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
AndersBroman [Thu, 15 Sep 2016 14:43:35 +0000 (16:43 +0200)]
[SIP] Make it possible to call a subdisector for the VIA branch parameter.
Change-Id: I7d91780f130105f04648489d6ed0bf2a320edce9
Reviewed-on: https://code.wireshark.org/review/17711
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Thu, 15 Sep 2016 09:37:07 +0000 (11:37 +0200)]
S1AP: add dissection of NB-IoT transparent containers
To do so, memorize whether a given eNB UE S1AP ID belongs to a NB-IoT
TAI or not.
Also add a preference allowing to force dissection as legacy LTE or
NB-IoT if automatic mode fails.
While we are at it, let's remove the global variables and introduce
a S1AP private data info stored in pinfo.
Change-Id: I7e30b3d59d909684e5cfe13510293ed38ad52574
Reviewed-on: https://code.wireshark.org/review/17709
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Wu [Wed, 14 Sep 2016 17:45:50 +0000 (19:45 +0200)]
eap: fix EAPOL conversation tracking, fixes TLS decryption
Use new heuristics based on the EAP Code field to determine whether a
field originates from the client or server. This is more reliable than
using "pinfo->match_uint" for two reasons: (1) the heuristics dissector
does not set "match_uint" (resulting in an arbitrary match on the
previous value) and (2) with EAP over EAPOL, there is no matching port
number (resulting in two conversations with different addresses and port
number zero).
To fix TLS decryption, make sure to create a single conversation for
both direction and allow the port type to be PT_NONE (to avoid reporting
all packets as originating from the server).
Bug: 12879
Change-Id: I7b4267a27ffcf68bf9d3f6a90d6e6e2093733f51
Reviewed-on: https://code.wireshark.org/review/17703
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gilbert Ramirez [Wed, 14 Sep 2016 03:33:54 +0000 (22:33 -0500)]
Qt: Option to copy bytes to clipboard as Escaped String
Some users need to copy the bytes to a Python script for
sending out through a raw socket. While they can modify a
plain hex dump, having Wireshark copy directly as a Python
string makes their work easier. This format also works
with Bash, so it is called "Escaped String". E.g.:
"\x55\xb5\xd4\x67\x03"
Change-Id: I0b6a5eb2e348f686397afda76095aaa2fb85c18d
Reviewed-on: https://code.wireshark.org/review/17696
Petri-Dish: Gilbert Ramirez <gram@alumni.rice.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Tue, 13 Sep 2016 19:47:22 +0000 (12:47 -0700)]
Qt: Shorten capture file dialog name filters.
In the capture file dialog's "Files of type" combobox separate out the
wildcards we display from the ones that are applied. Set the
HideNameFilterDetails option and for "All Files" and "All Capture Files"
leave the option hidden.
For other options print the wildcard list twice so that it's both
displayed and applied. Go even further and filter out ".gz" wildcards in
the displayed list since they're effectively duplicates of their
uncompressed counterparts.
Based on Dario's work in change 17605.
Bug: 12837
Change-Id: I35de8f31492657e37b12ca4c8de5ed9e79d2e2f8
Reviewed-on: https://code.wireshark.org/review/17689
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Wed, 7 Sep 2016 13:15:57 +0000 (15:15 +0200)]
iseries: rework the read routine.
Change the way a line is read in iseries. Instead of reading a string
then convert it with atoi, parse it as an integer and convert it to
nsecs.
Change-Id: Id8e8e9866dbcef3b1612a608f9647bc490263dae
Reviewed-on: https://code.wireshark.org/review/17558
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Thu, 15 Sep 2016 00:05:26 +0000 (17:05 -0700)]
Fix a test to work with Xcode 8.
(Hopefully it still does what it's supposed to; I don't have any
machine, real or virtual, that has the command-line tools installed
without Xcode being installed on which to test it.)
Change-Id: I0ce8ce4f8532fcc6ab121641dde238180dfa69ce
Reviewed-on: https://code.wireshark.org/review/17704
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stig Bjørlykke [Tue, 13 Sep 2016 11:37:11 +0000 (13:37 +0200)]
Qt: Set Close as default button
Set Close as default button in some statistics dialogs.
Change-Id: I82e17d27de256aabaec1633bb973c554eec907c3
Reviewed-on: https://code.wireshark.org/review/17685
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Gerald Combs [Tue, 13 Sep 2016 22:27:23 +0000 (15:27 -0700)]
NSIS: Disable a debugging MessageBox.
Disable a MessageBox added in gec5f578.
Change-Id: I4a1ad044836a9363b2e4d9f80df419e7c81f73dd
Reviewed-on: https://code.wireshark.org/review/17694
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Tue, 13 Sep 2016 20:38:32 +0000 (22:38 +0200)]
X2AP: remove Procedure Code from info column
Change-Id: I8d4632ef3b338063e96f4a417f0e3280489968a4
Reviewed-on: https://code.wireshark.org/review/17692
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Tue, 13 Sep 2016 20:36:30 +0000 (22:36 +0200)]
S1AP: remove Procedure Code from info column
Change-Id: I53ece74627adc038ee6ff2af2959f2dae76ab879
Reviewed-on: https://code.wireshark.org/review/17691
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pascal Quantin [Tue, 13 Sep 2016 20:23:15 +0000 (22:23 +0200)]
NAS EPS: add an option to dissect User Data Container as IP packet
Change-Id: I7d1196b79c22df5abe7d399bd9bea5c3d60bff7f
Reviewed-on: https://code.wireshark.org/review/17690
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Gerald Combs [Fri, 9 Sep 2016 16:30:54 +0000 (09:30 -0700)]
NSIS: Look for an installed WiX package.
Dig through the registry and look for a WiX / Windows Installer package.
Offer to uninstall it if we find one.
Change-Id: I513ce4184880571c484461483a3d25e6d90a85e0
Reviewed-on: https://code.wireshark.org/review/17613
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 8 Sep 2016 18:24:34 +0000 (11:24 -0700)]
NSIS: Disable GTK+ by default.
Disable the legacy UI by default. Associate our Programs and Features icon
with Wireshark.exe. Move some GTK+-specific code to SecWiresharkGtk. Make
sure the /desktopicon and /quicklaunchicon apply to Wireshark.exe. Remove
unneeded parentheses in the display name.
Change-Id: Ia7662d003d15afd809d81631e059e249a93d0999
Reviewed-on: https://code.wireshark.org/review/17593
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Tue, 13 Sep 2016 18:29:25 +0000 (11:29 -0700)]
WSUG: Fixup PDF images.
Pass relative image directory paths to xsltproc. The DocBook documentation
says you can use a URI, but trying to get that to work with CMake
and Windows appears to be a path to tears and undignified wails of
frustration.
Add attributes for our different types of images and use them so that
the PDFs don't scale our screenshots to an unusable size.
Change-Id: I786d09d9ef9be3d423b2af426a8867739ae12c1a
Reviewed-on: https://code.wireshark.org/review/17688
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tom Haynes [Tue, 13 Sep 2016 16:24:53 +0000 (09:24 -0700)]
nfs: Primary Data's NFSv4 DataSphere filehandle decoder
Change-Id: I0d339f69f37fd3b6a2f7b37b1c239edb2a4cf7a5
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/17676
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke [Tue, 13 Sep 2016 10:49:23 +0000 (12:49 +0200)]
Qt: Fix open Flow Graph in full screen
Check if initialized in SequenceDialog::resizeEvent because loadGeometry()
may call resizeEvent (from showFullScreen()) before init_ is initialized.
Change-Id: I1a514454f1521f68df71c3113077c68acb2f3218
Reviewed-on: https://code.wireshark.org/review/17684
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dario Lombardo [Tue, 13 Sep 2016 09:14:01 +0000 (11:14 +0200)]
sshdump: remove -P.
This option is incompatible with other capture binaries (like tcpdump).
Change-Id: If93fca69f93b7833e7f8bb28b70311373f42f3f5
Reviewed-on: https://code.wireshark.org/review/17682
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Peter Wu [Mon, 12 Sep 2016 19:30:26 +0000 (21:30 +0200)]
qt: fix default action in Time Shift dialog
Use "Apply" as default action, not "Open Help".
Change-Id: Ida9b878732e444bbc450f8e63cc8e30a76f29bdc
Reviewed-on: https://code.wireshark.org/review/17672
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Dario Lombardo [Fri, 9 Sep 2016 15:16:10 +0000 (17:16 +0200)]
addr_resolv: use ws_strtou8 function.
This change prevents to accept netmasks as /24x. The
mask must be an clean integer.
Change-Id: I46aeb089dd6538b5cc4bde7efd4dc317621a5245
Reviewed-on: https://code.wireshark.org/review/17612
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Guy Harris [Tue, 13 Sep 2016 08:51:07 +0000 (01:51 -0700)]
Fix indentation.
Change-Id: I2b2d1cd584eb1ec56ec5cdcd33fb789843c8192c
Reviewed-on: https://code.wireshark.org/review/17680
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michal Labedzki [Mon, 2 Nov 2015 18:41:12 +0000 (19:41 +0100)]
Bluetooth: HCI vendor: Add support for some Intel commands/events
This change based on BlueZ code on the same license that Wireshark is.
It seems that a lot of commands/events are incomplete or unknown,
however better to have them.
Also rename variables (etc.) of the first dissector to contain
vendor name like new one, to distinguish them.
Change-Id: I2db3ed73d477699032a44bac2d3c88a9230b0095
Reviewed-on: https://code.wireshark.org/review/17657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Michal Labedzki [Tue, 3 May 2016 20:45:05 +0000 (22:45 +0200)]
Qt/Bluetooth: Implement hover for rows
This improves readability, especially while presenting results
to the other people.
Change-Id: I1a6fc93c1b858078e171729971561321a4ddd956
Reviewed-on: https://code.wireshark.org/review/16469
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Gerald Combs [Mon, 12 Sep 2016 22:44:16 +0000 (15:44 -0700)]
WSDG: Updates for Qt 5.6.
Refer to Qt 5.6 for Windows builds. Update the download URL.
Change-Id: Id4de0d55679a6ac1b7aac82ddd5eb80d6b54568a
Reviewed-on: https://code.wireshark.org/review/17674
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dario Lombardo [Mon, 12 Sep 2016 10:41:48 +0000 (12:41 +0200)]
telnet: get rid of atoi().
Change-Id: Id445aef1af21fcf176611122a757482c0b22f4bd
Reviewed-on: https://code.wireshark.org/review/17662
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris [Mon, 12 Sep 2016 16:51:47 +0000 (09:51 -0700)]
Fix file name in comment.
Change-Id: I2a5b6e5c0ba8e729fbfa7e9e218aca1c747d6e45
Reviewed-on: https://code.wireshark.org/review/17667
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Mon, 12 Sep 2016 16:45:12 +0000 (09:45 -0700)]
Remove unnecessary extcap_cleanup() declaration.
That wasn't sufficient to avoid #ifdeffing calls to extcap_cleanup(), as
this header wasn't even being included if HAVE_EXTCAP wasn't defined,
hence change I18c855e13281013a6277c1f38eeac92e74d52b34 was necessary.
It's probably best that this not be included if HAVE_EXTCAP isn't
defined, so as to catch *other* references to functions etc. that aren't
available without extcap.
Change-Id: I5c4ad331b6df93bbbcd28ad3b9815e4cd226039a
Reviewed-on: https://code.wireshark.org/review/17666
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Peter Wu [Mon, 12 Sep 2016 09:22:16 +0000 (11:22 +0200)]
Let strtoi with NULL endptr require no invalid characters
If the caller is not interested in checking its end, then it probably
wants a valid number only if the string contains a valid number. Add a
shortcut for this.
Change-Id: I39701bd445e29fb2606720b18ca3764c74a7255b
Reviewed-on: https://code.wireshark.org/review/17658
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Dario Lombardo [Mon, 12 Sep 2016 13:07:36 +0000 (15:07 +0200)]
fix some compilation issues without extcap.
Change-Id: I18c855e13281013a6277c1f38eeac92e74d52b34
Reviewed-on: https://code.wireshark.org/review/17665
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Sun, 11 Sep 2016 10:00:10 +0000 (12:00 +0200)]
androiddump: fix memleaks
Most of the actions (e.g. `androiddump --extcap-interfaces`) return
immediately without cleaning up. Fix this by adding a common exit path.
Change-Id: If02b18da49d866fb5525306e52fbf4590d98ecd2
Reviewed-on: https://code.wireshark.org/review/17634
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Sun, 11 Sep 2016 12:17:14 +0000 (14:17 +0200)]
extcap: plug more memory leaks
Fix leak of the preference key name which happen for every new extcap
argument. Fix leak of extcap arguments and the interface names in
extcap_register_preferences.
Change-Id: Idd68f924baa000303043cb98b32b23ce34fddb64
Reviewed-on: https://code.wireshark.org/review/17637
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Mikael Kanstrup [Thu, 8 Sep 2016 12:26:58 +0000 (14:26 +0200)]
extcap: Fix misc memory leaks triggered by network interface changes
Valgrind reports plenty of misc memory leaks in extcap after the network
interface list has changed or is refreshed. Errors can be seen by
starting Wireshark with Valgrind's memcheck tool and bringing a network
interface up and down a few times with:
ifconfig eth0 up
ifconfig eth0 down
Change-Id: I90f53847071854b7d02facb39b7a380732de79b4
Reviewed-on: https://code.wireshark.org/review/17606
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Peter Wu [Mon, 12 Sep 2016 08:37:03 +0000 (10:37 +0200)]
cmake: fix breakage with libnl2
I accidentally assumed that libnl2 works fine with just libnl.so, but
apparently the other libraries are also necessary.
Change-Id: I1636710ea3f41ed10a5ccb37106cae9e688abec9
Reviewed-on: https://code.wireshark.org/review/17654
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Stig Bjørlykke [Mon, 7 Mar 2016 20:10:46 +0000 (21:10 +0100)]
dmp: Code cleanup
Change-Id: I06c80ca44e8f727c9dc8ec552117ff60e44a7ef4
Reviewed-on: https://code.wireshark.org/review/17659
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Stig Bjørlykke [Mon, 12 Sep 2016 08:53:16 +0000 (10:53 +0200)]
Qt: Word wrap static text preferences
The preferences static text may be too long for the preferences
dialog width, so set word wrap for this label.
Change-Id: I0828601b39a5e189de707087e317c598576fc3db
Reviewed-on: https://code.wireshark.org/review/17656
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Stig Bjørlykke [Mon, 12 Sep 2016 08:43:16 +0000 (10:43 +0200)]
dmp: Remove obsolete structured id handling
The structured id handling is not in use by anyone.
Change-Id: I643fb03f642a5c1900aaec7d41e2b66dba5a2b05
Reviewed-on: https://code.wireshark.org/review/17655
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
AndersBroman [Wed, 24 Aug 2016 11:14:55 +0000 (13:14 +0200)]
[SELFM] Fix reassembly, tcp_dissect_pdus() can't be used as the real
length of the PDU is not known(length is exluding escape bytes).
Change-Id: I762419f12ca80f6597163e232c4b853819927b65
Reviewed-on: https://code.wireshark.org/review/17302
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Sun, 11 Sep 2016 20:25:24 +0000 (22:25 +0200)]
S1AP: add missing messages in info column
While we are at it, let's reorder them in the .cnf file to match their
definition in S1AP-PDU-Contents.asn and ease review
Change-Id: I4c433fa862d83053d8b01cc951e756379356fa57
Reviewed-on: https://code.wireshark.org/review/17649
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Sun, 11 Sep 2016 20:19:31 +0000 (22:19 +0200)]
Fix memleaks in capture file dialog
Tried to poke various fields (including the capture filter field), this
revealed some memleaks.
Change-Id: I1eca431a09839906a4b3c902ad85e55bffc71ca8
Reviewed-on: https://code.wireshark.org/review/17648
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Peter Wu [Sun, 11 Sep 2016 15:04:13 +0000 (17:04 +0200)]
epl: fix memleaks
Fixes a memleak that occurs on (re)loading a pcap. While at it, remove
some unnecessary variables.
Change-Id: Ibb662e5c608881bc7dfde9d12cdb77f699ff6542
Reviewed-on: https://code.wireshark.org/review/17639
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Pascal Quantin [Sun, 11 Sep 2016 20:57:45 +0000 (22:57 +0200)]
X2AP: add dissection of X2AP-Message information element
Change-Id: I2993e1a9ebad1660573bce8a61b44962af08bbb3
Reviewed-on: https://code.wireshark.org/review/17652
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Sun, 11 Sep 2016 20:48:35 +0000 (13:48 -0700)]
More signed vs. unsigned argument cleanups.
Use the get.*guint32 routines to get unsigned values.
Change-Id: I75e83b2d21bdf08c7c995e36e4deb3b1c6d6959d
Reviewed-on: https://code.wireshark.org/review/17651
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 11 Sep 2016 20:32:02 +0000 (13:32 -0700)]
Use the get.*guint32() routines to get guint32s.
Change-Id: Ie3b451549a29970a5e3204b449f198aa1c82de5b
Reviewed-on: https://code.wireshark.org/review/17650
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 11 Sep 2016 20:23:20 +0000 (13:23 -0700)]
Allow a zero change offset in editcap.
It doesn't have to be non-zero.
Change-Id: If578906855abd9eb9fa07e97ee5508c139b6f61b
Reviewed-on: https://code.wireshark.org/review/17646
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 11 Sep 2016 19:08:45 +0000 (12:08 -0700)]
Add a -a flag to specify running under ASan, and don't set ulimit -v if so.
You can't run ASan-built programs with a ulimit, as ASan allocates a
huge amount of shadow memory.
Change-Id: Ic4d3c2fae77719f65d4594774bc8aa92d2a3a035
Ping-Bug: 12797
Reviewed-on: https://code.wireshark.org/review/17645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stig Bjørlykke [Sun, 11 Sep 2016 18:27:50 +0000 (20:27 +0200)]
mqtt: Only suback has failure in QoS values
Change-Id: Ib308090dfc0911a9bb7580e601cab0bfbfe58efe
Reviewed-on: https://code.wireshark.org/review/17644
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Stig Bjørlykke [Sun, 11 Sep 2016 18:21:10 +0000 (20:21 +0200)]
mqtt: Fix subscribe/suback QoS values
Change-Id: I15424b768e6e0fe2e8268db69b82d81351146155
Reviewed-on: https://code.wireshark.org/review/17643
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Matt Lawrence [Mon, 29 Aug 2016 10:39:04 +0000 (11:39 +0100)]
MySQL: verify connection state before dissecting as greeting/login.
Change-Id: I419fad047c91ff1d8544eb3458534c132ec23821
Bug: 12791
Reviewed-on: https://code.wireshark.org/review/17368
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Stig Bjørlykke [Thu, 8 Sep 2016 19:26:12 +0000 (21:26 +0200)]
mqtt: Added elements from version 3.1.1
Added version 3.1.1 CONNACK session present flag and SUBACK failure
indication. Adjusted SUBSCRIBE and SUBACK QoS values.
Added string length values. Removed the message type subtree as it
had no purpose. Put the message type in the top tree mqtt node instead.
Removed unused code and fixed code layout.
Change-Id: I8a9ae26ac9a2af04dc6f8d08ac46aa305c225c4f
Reviewed-on: https://code.wireshark.org/review/17590
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Wed, 7 Sep 2016 16:07:01 +0000 (18:07 +0200)]
CQL: rename code for don't only support v3
There is a v4 (and v5) with some change (patches coming !)
Change-Id: I3107727e2b86f7f6c0019ba6f2638bb40b41c0fb
Reviewed-on: https://code.wireshark.org/review/17626
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Sun, 11 Sep 2016 14:10:46 +0000 (16:10 +0200)]
qt: fix minor memory leaks on exit
Change-Id: I4856b7ce7eec15abe1278e9ba8314be61845347a
Reviewed-on: https://code.wireshark.org/review/17638
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Gerald Combs [Sun, 11 Sep 2016 15:12:41 +0000 (08:12 -0700)]
[Automatic update for 2016-09-11]
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I29e1c1ae96c686a2c97609e939c2c35845d2d9ee
Reviewed-on: https://code.wireshark.org/review/17640
Reviewed-by: Gerald Combs <gerald@wireshark.org>
git.samba.org / metze / wireshark / wip.git / log