metze/wireshark/wip.git
3 years agopacket-smb2: maintain a smb2_fid_info per open file
Stefan Metzmacher [Sat, 26 Sep 2015 19:59:02 +0000 (21:59 +0200)]
packet-smb2: maintain a smb2_fid_info per open file

This can we used as salt for dcerpc connections over smb2.

The key is that we identify an open by the combination
of session_id, tree_id, persistent file_id and volative file_id.
As some broken implementations make the file_ids only unique
per tree connect.

Change-Id: I85cab68503560840a98d2d8d6c21b447b4242e3c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11358
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUse "2.0.0" for symbols that are in 2.0.
Guy Harris [Thu, 29 Oct 2015 05:10:44 +0000 (22:10 -0700)]
Use "2.0.0" for symbols that are in 2.0.

Change-Id: Ie8c6206f0761310a6bb101d10b981b9f917116b2
Reviewed-on: https://code.wireshark.org/review/11389
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUpdate symbol list.
Guy Harris [Thu, 29 Oct 2015 05:04:30 +0000 (22:04 -0700)]
Update symbol list.

Change-Id: Id3c275c2c3e15bb54f8b30423c990ca78fc94d32
Reviewed-on: https://code.wireshark.org/review/11387
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMove the definition of MAX_NUM_COLOR_CONVERSATION_COLORS.
Guy Harris [Thu, 29 Oct 2015 04:30:27 +0000 (21:30 -0700)]
Move the definition of MAX_NUM_COLOR_CONVERSATION_COLORS.

It's only used by the GTK+ main menubar code, so put it there.  I guess
the Qt UI either doesn't have such a limit or defines it itself.

Change-Id: I221be506ac40eee33514301db737ef7e22deb7a6
Reviewed-on: https://code.wireshark.org/review/11385
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoTweak some names to better reflect what the named items are.
Guy Harris [Thu, 29 Oct 2015 04:21:36 +0000 (21:21 -0700)]
Tweak some names to better reflect what the named items are.

The old "dissector filter" code used "_filter_" in some names; the new
code used "_conv_", but they're not checking whether a *conversation* is
valid and building a *conversation* string, they're checking whether a
*filter* can be generated and building that *filter* string.

Change-Id: Iea6b1cbeb0fedefdb1fff6c23d7dee9d6e684c15
Reviewed-on: https://code.wireshark.org/review/11383
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoBetter explain what these are all about.
Guy Harris [Thu, 29 Oct 2015 03:57:37 +0000 (20:57 -0700)]
Better explain what these are all about.

Change-Id: I52cf53ec5d32da85ad62b2b75066dc6255f6095f
Reviewed-on: https://code.wireshark.org/review/11381
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years ago"Color dissector filters" are just filters.
Guy Harris [Thu, 29 Oct 2015 03:30:55 +0000 (20:30 -0700)]
"Color dissector filters" are just filters.

Rename the color_dissector_filters.[ch] files to just
dissector_filters.[ch], and rename the routines not to include the
string "color_", as those filters can be used as color filters *or*
display filters.

Remove "color_" from other places where we're not doing colorization.

In the GTK+ code, combine the two loops that add menu items for filters
in the dissector-provided filters list into one.

Change-Id: I08ecccc6b1b1be675e4129a0589f36c9f240407c
Reviewed-on: https://code.wireshark.org/review/11379
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoHSRP(v2): Always display all fields (Like Padding...)
Alexis La Goutte [Wed, 28 Oct 2015 18:01:23 +0000 (19:01 +0100)]
HSRP(v2): Always display all fields (Like Padding...)

Change-Id: I98df3481154e096a34c24f1a65a02ba54f6f5877
Reviewed-on: https://code.wireshark.org/review/11367
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-dcerpc: Move Auth padding to the right tree
Gregor Beck [Fri, 30 Aug 2013 12:00:56 +0000 (14:00 +0200)]
packet-dcerpc: Move Auth padding to the right tree

Change-Id: Id986a74df7cc934117a6e64422e9a10e9cd740b2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/11361
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRADIUS: remove space before ;
Alexis La Goutte [Wed, 28 Oct 2015 19:47:38 +0000 (20:47 +0100)]
RADIUS: remove space before ;

Change-Id: I60e4c917465a083ad76fa0cde80afce52371d1c8
Reviewed-on: https://code.wireshark.org/review/11371
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoCMake: Use CMAKE_CL_64.
Gerald Combs [Wed, 28 Oct 2015 23:52:41 +0000 (16:52 -0700)]
CMake: Use CMAKE_CL_64.

CMake sets CMAKE_CL_64 if we're using a 64-bit version of Visual Studio.
Use it.

Change-Id: I04595a0e703e39e428d853a506472f3881672a35
Reviewed-on: https://code.wireshark.org/review/11376
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoJust use g_mkdir_with_parents() to make the .config directory on UN*X.
Guy Harris [Wed, 28 Oct 2015 23:06:18 +0000 (16:06 -0700)]
Just use g_mkdir_with_parents() to make the .config directory on UN*X.

It will create all the relevant directories (if it can), using
g_mkdir(), which is a wrapper for mkdir() on UN*X - just as ws_mkdir()
is, so we don't need to make our own copy that uses ws_mkdir.

Bug: 11645
Change-Id: I68affc6fabccf58dace75af078d9bfd67a1b47b2
Reviewed-on: https://code.wireshark.org/review/11373
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDo the "create parent of config file directory" stuff on UN*X as well.
Guy Harris [Wed, 28 Oct 2015 19:44:53 +0000 (12:44 -0700)]
Do the "create parent of config file directory" stuff on UN*X as well.

~ obviously exists, but ~/.config might not, making it impossible to
create ~/.config/wireshark.

Bug: 11645
Change-Id: Ia267b168eb7b1438d4c35a6bb89df9d7bfcbd3f3
Reviewed-on: https://code.wireshark.org/review/11368
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: initialize all UAT fields when creating a new line
Pascal Quantin [Tue, 27 Oct 2015 22:55:13 +0000 (23:55 +0100)]
Qt: initialize all UAT fields when creating a new line

Otherwise it can trigger a crash when calling the callback while some fields have a NULL pointer (SSL post_update_cb for example)

Change-Id: I25ac97d8e0bbf47e737f74029715358cb29cfb3d
Reviewed-on: https://code.wireshark.org/review/11334
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoframe_data: Reset subnum if visited is resetted
Roland Knall [Wed, 28 Oct 2015 05:59:35 +0000 (06:59 +0100)]
frame_data: Reset subnum if visited is resetted

 subnum get's resetted when the file is reloaded. But subnum
 does not get resetted, if for instance a preference has been
 set directly via (Protocol Name)->Protocol Preferences-> ...
 in the Protocol list. But flags.visited get's resetted.

 This leads to the scenario, where reloading a trace starts subnum
 with 0 and applying a preference starts subnum with the highest
 value it had before.

 This patch ensures, that all methods for reloading the frame
 lead to the same init value

Change-Id: I167d1e03f7e2e6c60492f501ee5cb9555ac12ac9
Reviewed-on: https://code.wireshark.org/review/11341
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoepan_init(): make 'status' volatile (to avoid might-be-clobbered warnings).
Jeff Morriss [Wed, 28 Oct 2015 12:42:23 +0000 (08:42 -0400)]
epan_init(): make 'status' volatile (to avoid might-be-clobbered warnings).

Change-Id: Ic0f1c99a530089f21b08337379a5a0bc7f566b9c
Reviewed-on: https://code.wireshark.org/review/11352
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoAUTHORS: Small layout fixes
Stig Bjørlykke [Wed, 28 Oct 2015 08:46:23 +0000 (09:46 +0100)]
AUTHORS: Small layout fixes

The presentation in GUI should be improved to not depend on the
number of TAB's used in the source AUTHORS file.

Change-Id: I3db1f80112e01613c57be25ad866afbb717fc92f
Reviewed-on: https://code.wireshark.org/review/11345
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoSTUN: identify new TCP specific methods as being TURN
Pascal Quantin [Wed, 28 Oct 2015 07:53:45 +0000 (08:53 +0100)]
STUN: identify new TCP specific methods as being TURN

Bug: 11641
Change-Id: I4d0e0949c13b5fb66e644312d73a189f16d592be
Reviewed-on: https://code.wireshark.org/review/11343
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoImprove dissection of HSRPv1 packets using MD5 authentication
Dhiru Kholia [Mon, 26 Oct 2015 14:37:31 +0000 (15:37 +0100)]
Improve dissection of HSRPv1 packets using MD5 authentication

HSRP (Version: 0) can use MD5 Authentication TLV sequence for
authentication, and such packets are now dissected properly.

Sample HSRP (Version: 0), and HSRPv2 .pcap files can be found at,
https://github.com/kholia/my-pcaps

Change-Id: Ib84d344c6977065b1948231503d13c675de34ea4
Reviewed-on: https://code.wireshark.org/review/11285
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoGet rid of a couple of UAT macros.
Gerald Combs [Tue, 27 Oct 2015 23:24:01 +0000 (16:24 -0700)]
Get rid of a couple of UAT macros.

Declare and fill in some functions normally instead of using macros.

Change-Id: I06323ecf53e0fe8ce7299168984838c87209acc5
Reviewed-on: https://code.wireshark.org/review/11336
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoCatch REPORT_DISSECTOR_BUG() calls in dissector registration routines.
Guy Harris [Wed, 28 Oct 2015 00:41:23 +0000 (17:41 -0700)]
Catch REPORT_DISSECTOR_BUG() calls in dissector registration routines.

Have epan_init() return a success/failure Boolean indication.  Catch
exceptions when calling the dissector registration routines and, if we
get one, report the error and return a failure indication.

If epan_init() fails, quit, but first make sure the reported error is
displayed.

Change-Id: I0300cbb1f66a5644f857a205235124909d684c50
Reviewed-on: https://code.wireshark.org/review/11340
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUpdate Travis to Trusty
Alexis La Goutte [Sat, 17 Oct 2015 09:09:57 +0000 (11:09 +0200)]
Update Travis to Trusty

It is now possible to have Trusty Ubuntu image when using Travis (Github)
http://blog.travis-ci.com/2015-10-14-opening-up-ubuntu-trusty-beta/

Move to Trusty (and GTK3/Qt5)

Change-Id: I54cbd4936dd9d8fbd8fe9fb1538290045ec0d5af
Reviewed-on: https://code.wireshark.org/review/11115
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRADIUS: Add IPv6 support to Ascend Data Filter
Alexis La Goutte [Tue, 27 Oct 2015 12:32:40 +0000 (13:32 +0100)]
RADIUS: Add IPv6 support to Ascend Data Filter

Bug:11630
Change-Id: Ibf7a38ffa4bb2c7fbcdab80c30213b9bb4aaff20
Reviewed-on: https://code.wireshark.org/review/11321
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoAdd preferences for related packets and the scroll bar minimap.
Gerald Combs [Tue, 27 Oct 2015 22:04:44 +0000 (15:04 -0700)]
Add preferences for related packets and the scroll bar minimap.

Add gui.packet_list_show_related and gui.packet_list_show_minimap.
Show_related enables and disables the related packet delegate.
Show_minimap enables and disables the minimap. Start calling it the
"intelligent scroll bar" since that's the best suggestion for a name
I've seen so far.

Leave them out of the Appearance preference pane for now.

Change-Id: I5869c446fda5c8e62d6b1e49a74d63ba3b117b0f
Reviewed-on: https://code.wireshark.org/review/11332
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoSTUN: add TCP specific methods and attribute
Pascal Quantin [Tue, 27 Oct 2015 21:18:49 +0000 (22:18 +0100)]
STUN: add TCP specific methods and attribute

Bug: 11641
Change-Id: I2990a327e80d57463ab908fc9660b98253d7c9d0
Reviewed-on: https://code.wireshark.org/review/11323
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years ago[ssl] dissect handshake messages even if we have no tree
Martin Kaiser [Tue, 20 Oct 2015 16:41:46 +0000 (18:41 +0200)]
[ssl] dissect handshake messages even if we have no tree

this is to make sure that all expert info we see in the
main window will also appear in the expert info window

the sample capture from bug 11561 shows this problem:
without this patch, the expert info with severity 'error'
don't show up in the expert info window

Change-Id: Ia71ae7e248f57bf1344cf722ac57e74c517828d5
Reviewed-on: https://code.wireshark.org/review/11246
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRADIUS: Use directly tvb_ip*_to_str
Alexis La Goutte [Tue, 27 Oct 2015 12:44:44 +0000 (13:44 +0100)]
RADIUS: Use directly tvb_ip*_to_str

Change-Id: I4b9452e49351d7bf627457f433d11d18c19d985b
Reviewed-on: https://code.wireshark.org/review/11306
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoPPCAP: don't pass by local variable for display address
Alexis La Goutte [Tue, 27 Oct 2015 12:51:39 +0000 (13:51 +0100)]
PPCAP: don't pass by local variable for display address

Change-Id: I9ac7ba2dfd8c8f3b084e8e95a893830828b28a46
Reviewed-on: https://code.wireshark.org/review/11308
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Add a filter expression item to the display filter edit menu.
Gerald Combs [Tue, 27 Oct 2015 16:52:51 +0000 (09:52 -0700)]
Qt: Add a filter expression item to the display filter edit menu.

Add an item to the display filter bookmark menu which opens the filter
expression preferences. We also need an expression editor frame similar
to the column editor frame, but hopefully this will suffice until that
exists.

Change-Id: If4c159bb769f0f8e7f89db55f1c6fd7c0bf65c87
Reviewed-on: https://code.wireshark.org/review/11315
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoAdd jitter logic to RtpAudioStream.
Gerald Combs [Mon, 26 Oct 2015 15:34:58 +0000 (08:34 -0700)]
Add jitter logic to RtpAudioStream.

Copy the jitter logic from rtp_player.c to rtp_audio_stream.cpp. This
still isn't correct but the RTP player should now be complete enough to
start looking at the bug list at the top of rtp_player_dialog.cpp.

Disable timing and jitter controls while we're playing while we're here.
Fixes bug 11635.

Bug: 11635
Change-Id: Ie583ade522702cbe1bbcea4475a535caa1d74fa2
Reviewed-on: https://code.wireshark.org/review/11295
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoAdd Decode As capabilities to MoldUDP64 dissector.
Michael Mann [Sat, 24 Oct 2015 00:26:59 +0000 (20:26 -0400)]
Add Decode As capabilities to MoldUDP64 dissector.

This is used by the NASDAQ-ITCH dissector to dissect a MoldUDP64 payload.

From: https://ask.wireshark.org/questions/46882/help-decoding-moldudp64-payload-as-nasdaq-itch
Change-Id: I78c706e12685604e2fc2176b5c4a89de73bd7e56
Reviewed-on: https://code.wireshark.org/review/11235
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoIt is RADIUS Protocol
Alexis La Goutte [Tue, 27 Oct 2015 12:45:43 +0000 (13:45 +0100)]
It is RADIUS Protocol

Like Remote Authentication Dial In User Service (RADIUS) and not radius...

Change-Id: Id28cc12a4b33c7095115315f1a9e2e350574215a
Reviewed-on: https://code.wireshark.org/review/11307
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoopcua: display string representation of AttributeId and DeadbandType
Hannes Mezger [Tue, 27 Oct 2015 13:36:10 +0000 (14:36 +0100)]
opcua: display string representation of AttributeId and DeadbandType

Change-Id: I41f100ddab544054f8fab89f3f5da61866db7a2d
Reviewed-on: https://code.wireshark.org/review/11309
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoDfilter: Mark an error in %syntax_error
Stig Bjørlykke [Tue, 27 Oct 2015 07:53:44 +0000 (08:53 +0100)]
Dfilter: Mark an error in %syntax_error

Because of a change in lemon the %parse_failure is not always called.

Bug: 11637
Change-Id: Iea218aeee10e20f29461169829a10345bbdac903
Reviewed-on: https://code.wireshark.org/review/11302
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
3 years agoGVCP: do not try to append register value to info column when READREG_ACK has an...
Pascal Quantin [Tue, 27 Oct 2015 14:42:45 +0000 (15:42 +0100)]
GVCP: do not try to append register value to info column when READREG_ACK has an error status

Bug: 11639
Change-Id: I1389b74092138e3b28cf4f0dd2d2c8967ec8ba12
Reviewed-on: https://code.wireshark.org/review/11310
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoQt: Protect against unintentional "no capture file" window status
Michal Labedzki [Fri, 25 Sep 2015 09:05:45 +0000 (11:05 +0200)]
Qt: Protect against unintentional "no capture file" window status

If capture file was closed and we have some WiresharkDialogs opened,
then we still need to know filename of capture file
related to specific dialog.

Change-Id: I15f0e5176b87713bf747eead64021619d0bdf039
Reviewed-on: https://code.wireshark.org/review/11025
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
3 years agoConvert SIP statistics to the stat tap API.
Gerald Combs [Sun, 25 Oct 2015 00:45:51 +0000 (17:45 -0700)]
Convert SIP statistics to the stat tap API.

It looks like this one fell through the cracks because it dynamically
registered itself via register_tap_listener_gtksipstat and wasn't listed
in the "/Telephony/" path in main_menubar.c.

Ping-Bug: 11638
Change-Id: I4c82b36d204207c81e82a19efce98b6a091351ca
Reviewed-on: https://code.wireshark.org/review/11293
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoReplace all "dissector filter" registrations with "dissector color filter" registration.
Michael Mann [Sun, 25 Oct 2015 14:32:29 +0000 (10:32 -0400)]
Replace all "dissector filter" registrations with "dissector color filter" registration.

In the GTK, there was "colorize" (via context menu using color_dissector_filter.{c,h}) or "not colorize" (via main menu using dissector_filters.{c,h}).  In Qt, you have the option to colorize (via context menu using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).

Combine all into "colorize" and convert GTK to use color_dissector_filter.{c,h} in the "not colorize" main menu like Qt.

Change-Id: Ib3ca1c822f5f66ab5b812632d808f7905b328483
Reviewed-on: https://code.wireshark.org/review/11263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoList the disappearance of the ADDRESS macros as an API change.
Jeff Morriss [Mon, 26 Oct 2015 14:55:21 +0000 (10:55 -0400)]
List the disappearance of the ADDRESS macros as an API change.

Also reword the "reload of the current capture file as MIME or capture file"
item a bit.

Lastly, these release notes are a preview of 2.2 now (not 2.0).

Change-Id: Ie0ad7573b0df56534d02b8942b7a6376546bedc5
Reviewed-on: https://code.wireshark.org/review/11287
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoShow the Experimental-Result-Code if we don't know have a subdissector for that
Jeff Morriss [Mon, 26 Oct 2015 20:44:18 +0000 (16:44 -0400)]
Show the Experimental-Result-Code if we don't know have a subdissector for that
vendor ID.

Otherwise the value is simply not shown to the user.

Adding support for a vendor ID's Experimental Result Codes isn't as easy as
modifying the XML so don't add an expert info about it.

Change-Id: I65f2cb13853cc7141fb242fa03c6e474a6c02cb9
Reviewed-on: https://code.wireshark.org/review/11294
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agonfs: Add FF_FLAGS_NO_IO_THRU_MDS for layout flags
Tom Haynes [Mon, 26 Oct 2015 18:29:24 +0000 (11:29 -0700)]
nfs: Add FF_FLAGS_NO_IO_THRU_MDS for layout flags

Change-Id: I6f90aba1d804b1da666d471b9470acac63df4845
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/11291
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoOnly store frame number and not a pointer to frame_data structure in seq_analysis_item_t
Pascal Quantin [Sun, 25 Oct 2015 21:52:30 +0000 (22:52 +0100)]
Only store frame number and not a pointer to frame_data structure in seq_analysis_item_t

Qt GUI allows to keep windows open after closing the capture file. Let's not access to freed memory.

Bug: 11573
Change-Id: I9e70d818a4b228af319961ec512b6b9725792477
Reviewed-on: https://code.wireshark.org/review/11270
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoEPL: fix no previous prototype for epl_[gs]et_sequence_nr [-Wmissing-prototypes]
Alexis La Goutte [Mon, 26 Oct 2015 17:30:46 +0000 (18:30 +0100)]
EPL: fix no previous prototype for epl_[gs]et_sequence_nr [-Wmissing-prototypes]

Change-Id: I794a26bd21494532629035a7d23751235ecec3db
Reviewed-on: https://code.wireshark.org/review/11289
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago[Nettrace] Port can have 5 characters.
AndersBroman [Mon, 26 Oct 2015 17:16:31 +0000 (18:16 +0100)]
[Nettrace] Port can have 5 characters.

Change-Id: Id09967378165b23358b4787e6ab96db42c41d2fd
Reviewed-on: https://code.wireshark.org/review/11288
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoNettrace 3GPP 32.423: Fix Dead Store (Dead assignement/Dead increment) warning found...
Alexis La Goutte [Mon, 26 Oct 2015 11:56:48 +0000 (12:56 +0100)]
Nettrace 3GPP 32.423: Fix Dead Store (Dead assignement/Dead increment) warning found by Clang

Change-Id: I721bb77fd95f02cd6795c09e780622575d031920
Reviewed-on: https://code.wireshark.org/review/11282
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoextcap: add missing types in doc.
Dario Lombardo [Mon, 26 Oct 2015 13:07:49 +0000 (14:07 +0100)]
extcap: add missing types in doc.

Change-Id: Ieefa91df20fc460ae9e64ed94ffe7bca3ead63d1
Reviewed-on: https://code.wireshark.org/review/11284
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoClean up more unnecessary use of the 'volatile' key word.
Jeff Morriss [Mon, 26 Oct 2015 01:03:36 +0000 (21:03 -0400)]
Clean up more unnecessary use of the 'volatile' key word.

Change-Id: I3e72fddc6ed380780d7e2e1c8df87e580138188d
Reviewed-on: https://code.wireshark.org/review/11271
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: fix memory leaks in VoIP calls window
Pascal Quantin [Sun, 25 Oct 2015 18:24:06 +0000 (19:24 +0100)]
Qt: fix memory leaks in VoIP calls window

- Add free of h245_labels to voip_calls_remove_all_tap_listeners() so that memory is not leaked with Qt GUI
- Call voip_calls_reset_all_taps() from VoipCallsDialog destructor so as to free allocated memory

Change-Id: I46945b5d475d8c1267819021a4ed2782c531a0c6
Reviewed-on: https://code.wireshark.org/review/11268
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoEPL: add explicit casts to please OSX 10.5 x86 buildbot
Pascal Quantin [Mon, 26 Oct 2015 08:58:59 +0000 (09:58 +0100)]
EPL: add explicit casts to please OSX 10.5 x86 buildbot

Change-Id: I78b3a750f13c190cad1b6b560bd5104292e77ed5
Reviewed-on: https://code.wireshark.org/review/11276
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoDon't use the non-existent decoded data if decode_rtp_packet() returns 0.
Guy Harris [Mon, 26 Oct 2015 10:13:08 +0000 (03:13 -0700)]
Don't use the non-existent decoded data if decode_rtp_packet() returns 0.

Just skip that packet.  Otherwise, it crashes.

Fix file name in the introductory comment while we're at it.

Change-Id: I286f4303a4ec152c0d00c5135395c1608bf2121a
Reviewed-on: https://code.wireshark.org/review/11279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoAllocate h245_labels when we initialize the h245dg tap.
Guy Harris [Mon, 26 Oct 2015 09:43:26 +0000 (02:43 -0700)]
Allocate h245_labels when we initialize the h245dg tap.

Otherwise, it might not exist at the time we try to use it.  (Yes,
reproducible if you download

https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=h223-over-rtp.pcap.gz

load it into Wireshark and, at least in the Qt UI, select Telephony ->
VoIP Calls - crashes every time on my Mac running Yosemite.)

Change-Id: Iacf5b8ef7fb5749dabeb5fc33d3494b5fc073c03
Reviewed-on: https://code.wireshark.org/review/11277
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoThere's no need to register 32 hf's which are identical except for the name:
Jeff Morriss [Mon, 26 Oct 2015 01:34:05 +0000 (21:34 -0400)]
There's no need to register 32 hf's which are identical except for the name:
one will do.

Also some misc. cleanup.

Change-Id: Ifdb1ef0c14f33f6153c5e3d05eae45bae6bd7abd
Reviewed-on: https://code.wireshark.org/review/11273
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoUpdate URLs for DDS specifications.
Guy Harris [Sun, 25 Oct 2015 18:17:53 +0000 (11:17 -0700)]
Update URLs for DDS specifications.

Change-Id: I740f6612e5c53bf41427ecef3fa576f622b8997c
Reviewed-on: https://code.wireshark.org/review/11267
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years ago[Automatic update for 2015-10-25]
Gerald Combs [Sun, 25 Oct 2015 15:10:43 +0000 (08:10 -0700)]
[Automatic update for 2015-10-25]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I84cf4d6acbcadc10c3d0f404cdcc7024ddee6ec5
Reviewed-on: https://code.wireshark.org/review/11264
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRequire GnuTLS 2.12.0, add cmake version detection
Peter Wu [Wed, 14 Oct 2015 18:23:46 +0000 (20:23 +0200)]
Require GnuTLS 2.12.0, add cmake version detection

Since v2.1.0rc0-17-g877fd03 and v2.0.0rc0-23-g263ff53 ("ssl-utils:
load RSA keys based on their modulus+exponent"), GnuTLS 2.12.0 is
needed.

Add a version check to cmake as well, tested on CentOS6 (with
pkg-config check disabled to verify the code path). Note that RHEL6
has GnuTLS 2.8.5 and thus SSL decryption with a RSA private key is no
longer supported on that version.

Change-Id: I99fdfe6790107f48629dd435794fe8880263063d
Reviewed-on: https://code.wireshark.org/review/11044
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoSDP: protect against out of bounds access
Pascal Quantin [Sat, 24 Oct 2015 09:32:16 +0000 (11:32 +0200)]
SDP: protect against out of bounds access

Change-Id: I4b24441cb26757b639e8113cab18d64c7f07112f
Ping-Bug: 9887
Reviewed-on: https://code.wireshark.org/review/11241
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoThere's no need for all these variables to be volatile.
Jeff Morriss [Sun, 25 Oct 2015 02:22:38 +0000 (22:22 -0400)]
There's no need for all these variables to be volatile.

I suppose there must have been TRYs and CATCHes in here years ago. And/or
there was just too much cutting-and-pasting going on here.

Also reindent some col_ calls: they weren't moved left when check_col() was
taken out.

Change-Id: I0b01e008395be5b638a0470645d247dc706ca93f
Reviewed-on: https://code.wireshark.org/review/11254
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years ago[nfs] don't THROW() an exception from a dissector
Martin Kaiser [Tue, 20 Oct 2015 18:38:54 +0000 (20:38 +0200)]
[nfs] don't THROW() an exception from a dissector

the case where the number of bitmaps is too large was already handled
more cleanly in some places, we can just copy their code

unfortunately, we have to add a pinfo parameter to quite a few functions

Change-Id: I0e0fa9674d6ecd98c3d7e49e065f7121cc275a9b
Reviewed-on: https://code.wireshark.org/review/11247
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoBail out immediately if we can't allocate a buffer for carving up $PATH.
Guy Harris [Sun, 25 Oct 2015 02:01:39 +0000 (19:01 -0700)]
Bail out immediately if we can't allocate a buffer for carving up $PATH.

Quit immediately, don't even bother allocating a buffer for the pathname
of the file we found.

Revert some other cosmetic changes, to reduce the differences between us
and upstream.

Change-Id: I217fecee64c7e6bac9272486d0cc334e192b501e
Reviewed-on: https://code.wireshark.org/review/11253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoepl: Remove usage of subnum
Roland Knall [Fri, 23 Oct 2015 11:40:29 +0000 (13:40 +0200)]
epl: Remove usage of subnum

 pinfo->fd->subnum is not used in a way as it was documented
 in frame_data.h. This uses a more generic approach and also
 frees subnum in this case

Change-Id: I3aee0ffcdf1948c97a2d2f95c868e636362664a1
Reviewed-on: https://code.wireshark.org/review/11225
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agolemon: move free() to avoid mem leak (CID 718529)
Dario Lombardo [Mon, 5 Oct 2015 12:32:15 +0000 (14:32 +0200)]
lemon: move free() to avoid mem leak (CID 718529)

Change-Id: I3b0740f5ccc3b9b87ed351e26f198152bbb1e599
Reviewed-on: https://code.wireshark.org/review/10801
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago[aeron] a new-style dissector should return 0 (not -1) to reject a packet
Martin Kaiser [Tue, 20 Oct 2015 18:59:19 +0000 (20:59 +0200)]
[aeron] a new-style dissector should return 0 (not -1) to reject a packet

we shouldn't throw an exception before we know that the packet
contains our protocol

Change-Id: Ic58cb985775766a18e9086fe52096e3290674515
Reviewed-on: https://code.wireshark.org/review/11248
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoNTP timestamps can't be relative.
Michael Mann [Sat, 24 Oct 2015 21:30:38 +0000 (17:30 -0400)]
NTP timestamps can't be relative.

Bug: 11633
Change-Id: If0d3c8c51ef8179f2e6f25a617cf545db662d32b
Reviewed-on: https://code.wireshark.org/review/11250
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRLC Graph: call replot() with rpQueued to avoid lag caused by trying to draw every...
Martin Mathieson [Sat, 24 Oct 2015 20:42:41 +0000 (13:42 -0700)]
RLC Graph: call replot() with rpQueued to avoid lag caused by trying to draw every mouse position

Change-Id: Ibde38a1168f8d8dafbce5985a4b10ed935d95cba
Reviewed-on: https://code.wireshark.org/review/11249
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
3 years agolemon: add free() to avoid mem leak (CID 1309088)
Dario Lombardo [Mon, 5 Oct 2015 09:55:09 +0000 (11:55 +0200)]
lemon: add free() to avoid mem leak (CID 1309088)

Change-Id: Id32864d324f72ffee9c1033f0f36a79eb2651334
Reviewed-on: https://code.wireshark.org/review/10797
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoPER: fix ASAN runtime error: left shift of negative value -1
Pascal Quantin [Sat, 24 Oct 2015 09:30:31 +0000 (11:30 +0200)]
PER: fix ASAN runtime error: left shift of negative value -1

Change-Id: Ibab619ee96b0389df87021156c4bf35a3d52063c
Ping-Bug: 9887
Reviewed-on: https://code.wireshark.org/review/11240
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoRemove ADDRESS macros and just have their lower-case equivalents.
Michael Mann [Sat, 24 Oct 2015 02:23:41 +0000 (22:23 -0400)]
Remove ADDRESS macros and just have their lower-case equivalents.

Remove calls SET_ADDRESS, CMP_ADDRESS, ADDRESSES_EQUAL, COPY_ADDRESS, COPY_ADDRESS_SHALLOW, and ADD_ADDRESS_TO_HASH since they are no longer used.

Change-Id: I53fa4cfda756d8cef8815ad0324a3b9d9f9cd490
Reviewed-on: https://code.wireshark.org/review/11238
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoTDS: Replace use of val_to_str() with VALS()
Nathan Cole [Sat, 24 Oct 2015 08:35:13 +0000 (09:35 +0100)]
TDS: Replace use of val_to_str() with VALS()

Multiple uses of val_to_str replaced, allowing proto_tree_add_item and
proto_item_append_text to be replaced with just proto_tree_add_item.

While changing this aspect in dissect_tds7_prelogin_packet, I strengthened
the add_item calls so that integer fields could not be passed with invalid
lengths.

Bug: 11631
Change-Id: I556c4d965fd4ee5dffa36b538695d46e422062de
Reviewed-on: https://code.wireshark.org/review/11239
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoT38: fix a dereference of NULL pointer
Pascal Quantin [Sat, 24 Oct 2015 09:35:02 +0000 (11:35 +0200)]
T38: fix a dereference of NULL pointer

Change-Id: I6d0a87e301145f43af0c0ccba44c1dbb2f84adb2
Ping-Bug: 9887
Reviewed-on: https://code.wireshark.org/review/11242
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoNULL terminate some hf_ arrays used in proto_tree_add_bitmask_xxx calls.
Michael Mann [Fri, 23 Oct 2015 20:34:23 +0000 (16:34 -0400)]
NULL terminate some hf_ arrays used in proto_tree_add_bitmask_xxx calls.

I thought this was already caught by one of the check*.pl scripts, but I ran into the one in packet-nfs.c and decided to manually check the dissector directory.

Change-Id: I8df83227255818eabc43763e3cf760cf762797cc
Reviewed-on: https://code.wireshark.org/review/11230
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoMore ADDRESS macro to address function conversions.
Gerald Combs [Fri, 23 Oct 2015 18:14:34 +0000 (11:14 -0700)]
More ADDRESS macro to address function conversions.

Replace remaining calls to SET_ADDRESS, CMP_ADDRESS, ADDRESSES_EQUAL,
COPY_ADDRESS, and COPY_ADDRESS_SHALLOW with their lower-case
equivalents.

Replace all ADD_ADDRESS_TO_HASH calls with add_address_to_hash.

Change-Id: I4cff857d7a84085abe0bccd52d2605d2a468bf6f
Reviewed-on: https://code.wireshark.org/review/11229
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago802.1ah: call subdissectors even when we have no tree.
Jeff Morriss [Fri, 23 Oct 2015 14:58:54 +0000 (10:58 -0400)]
802.1ah: call subdissectors even when we have no tree.

Otherwise none of the subdissectors are called on the first pass which means
none of their analysis (which is generally done on the first pass) is going to
work.

Bug: 11629
Change-Id: I6fe8d0692e5cf6f5b5fa099d31a91d01cc5c7c68
Reviewed-on: https://code.wireshark.org/review/11226
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Explicitly set the byte view painter font.
Gerald Combs [Fri, 23 Oct 2015 22:07:35 +0000 (15:07 -0700)]
Qt: Explicitly set the byte view painter font.

Set the painter font at the beginning of each paintEvent. It looks like
we either aren't calling setFont at the right time or the
QAbstractScrollArea viewport sometimes ignores its parent font.

Bug: 11594
Change-Id: Id4484f6b990be112bbc5728d5ad0e31a74a60201
Reviewed-on: https://code.wireshark.org/review/11231
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoFix some copy+pasted tooltip text.
Gerald Combs [Fri, 23 Oct 2015 18:05:43 +0000 (11:05 -0700)]
Fix some copy+pasted tooltip text.

Change-Id: I782cc60b33639ad8b8b403db7094d9568e6cfc59
Reviewed-on: https://code.wireshark.org/review/11227
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoandroiddump: fix doc.
Dario Lombardo [Fri, 23 Oct 2015 08:56:29 +0000 (10:56 +0200)]
androiddump: fix doc.

Change-Id: If11a9095ab20e84f61eb0194a64f33dbee6cc70e
Reviewed-on: https://code.wireshark.org/review/11223
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agodoc: add README.extcap
Dario Lombardo [Thu, 22 Oct 2015 12:32:25 +0000 (14:32 +0200)]
doc: add README.extcap

Change-Id: I0c9b6b5c16a10d13860a0a7bd4c0ace3005bc893
Reviewed-on: https://code.wireshark.org/review/11210
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years ago[Nettrace] Add parsing of IP addresses and ports.
AndersBroman [Thu, 22 Oct 2015 11:55:47 +0000 (13:55 +0200)]
[Nettrace] Add parsing of IP addresses and ports.

Change-Id: I4e2988edd9b5f75f7b104c8daddd1510bf1fc722
Reviewed-on: https://code.wireshark.org/review/11209
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoTDS: Use hf_tds_prelogin field
Alexis La Goutte [Tue, 20 Oct 2015 06:42:01 +0000 (08:42 +0200)]
TDS: Use hf_tds_prelogin field

Change-Id: I06a87dbc402b5b96910f73402d44ed30118c9d23
Reviewed-on: https://code.wireshark.org/review/11172
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoTry to fix osx-app.sh bundle creation.
Gerald Combs [Thu, 22 Oct 2015 22:20:51 +0000 (15:20 -0700)]
Try to fix osx-app.sh bundle creation.

Change-Id: I6d96974fae3956a017a007988a1ed145f08d4647
Reviewed-on: https://code.wireshark.org/review/11220
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoPass --verbose to windeployqt.
Gerald Combs [Thu, 22 Oct 2015 20:03:14 +0000 (13:03 -0700)]
Pass --verbose to windeployqt.

Change-Id: I0adc2eb294c7165b9a327a70b2437916b228f044
Reviewed-on: https://code.wireshark.org/review/11219
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoosx-app.sh: Make sure we sign the Wireshark executable.
Gerald Combs [Thu, 22 Oct 2015 18:26:51 +0000 (11:26 -0700)]
osx-app.sh: Make sure we sign the Wireshark executable.

Change-Id: Ib94bfd5fb8579d8bd824109806d340ee3e4f2f1c
Reviewed-on: https://code.wireshark.org/review/11217
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoosx-app.sh: Fix bundling.
Gerald Combs [Thu, 22 Oct 2015 18:12:23 +0000 (11:12 -0700)]
osx-app.sh: Fix bundling.

When creating a bundle using osx-app.sh (i.e. when we're using
Autotools), make sure we copy androiddump to the extcap subdirectory.

Change-Id: Iabb24ae969ae77856f15dd94120cc6e395311198
Reviewed-on: https://code.wireshark.org/review/11215
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoosx-app.sh: Make sure we sign our binaries.
Gerald Combs [Thu, 22 Oct 2015 17:44:59 +0000 (10:44 -0700)]
osx-app.sh: Make sure we sign our binaries.

Throw an error if we don't.

Change-Id: I7967fe8903f989e6e1a1e8193fb65c6ce086595b
Ping-Bug: 11620
Reviewed-on: https://code.wireshark.org/review/11213
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoosx-app.sh fixups.
Gerald Combs [Thu, 22 Oct 2015 01:18:57 +0000 (18:18 -0700)]
osx-app.sh fixups.

For libraries, instead of prefixing dependent library paths with
@executable_path/../Framework, prefix them with @rpath. This should let
us load them from different directory depths.

Remove any LC_RPATH not in an allowed list of prefixes. This should keep
us from leaking paths specific to the build environment and user, and
should make any portability problems more obvious.

Add either @executable_path/../Frameworks or
@executable_path/../../Frameworks as an LC_RPATH depending on which
actually exists. This lets us place androiddump in the extcap
subdirectory.

Add error checking in a few places and make sure we detect failures in
subshells.

Add a macdeployqt buglink.

Bug: 11620
Change-Id: I43ef02ecc6f741761fcb9827c0b0b7b2ef16fa9a
Reviewed-on: https://code.wireshark.org/review/11205
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoqt: remove leak
Dario Lombardo [Wed, 14 Oct 2015 14:57:08 +0000 (16:57 +0200)]
qt: remove leak

Found by clang analyzer.

Change-Id: If8bc72e1de276ae778ee3ac3e0dfc9dffa384c29
Reviewed-on: https://code.wireshark.org/review/11028
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUse address functions instead of ADDRESS macros in ui.
Gerald Combs [Wed, 21 Oct 2015 18:46:49 +0000 (11:46 -0700)]
Use address functions instead of ADDRESS macros in ui.

Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the ui directory.

Change-Id: I10e95e66c8da5b880133452ebc484c53046e87ba
Reviewed-on: https://code.wireshark.org/review/11199
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUse address functions instead of ADDRESS macros in asn1 and epan
Gerald Combs [Wed, 21 Oct 2015 19:04:16 +0000 (12:04 -0700)]
Use address functions instead of ADDRESS macros in asn1 and epan

Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.

Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoTransifex: Add type of translation file
Alexis La Goutte [Thu, 22 Oct 2015 08:07:01 +0000 (10:07 +0200)]
Transifex: Add type of translation file

Change-Id: Ib6ef02013a2d42ec88b0b18cd1ba3794a7db59ae
Reviewed-on: https://code.wireshark.org/review/11206
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoAvoid adding -pie on older cmake versions
Peter Wu [Wed, 21 Oct 2015 14:52:47 +0000 (16:52 +0200)]
Avoid adding -pie on older cmake versions

Fixes building on Ubuntu 12.04 x86_64 which has cmake 2.8.7.

Bug: 11617
Change-Id: I253e9fda698d4b963d50516e483d8243231f056b
Reviewed-on: https://code.wireshark.org/review/11193
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
3 years agoRtpAudioStream: Add a cast.
Gerald Combs [Wed, 21 Oct 2015 21:26:57 +0000 (14:26 -0700)]
RtpAudioStream: Add a cast.

Change-Id: I45d353ad900dee062775408f12d58ebb43793219
Reviewed-on: https://code.wireshark.org/review/11203
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoQt: Wire up the RTP Streams "Analyze" button.
Gerald Combs [Thu, 8 Oct 2015 19:52:32 +0000 (12:52 -0700)]
Qt: Wire up the RTP Streams "Analyze" button.

Change-Id: I0ad5d689b6c05fd3f98ba3304a5d99297db2bd6c
Reviewed-on: https://code.wireshark.org/review/11198
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoLTE RLC Graph: fix CID 1328485: Uninitialized members (UNINIT_CTOR)
Martin Mathieson [Wed, 21 Oct 2015 21:05:39 +0000 (14:05 -0700)]
LTE RLC Graph: fix CID 1328485:  Uninitialized members  (UNINIT_CTOR)

Change-Id: Ia3d6a87ba4d8fb0ff66700d19ec30ffaeea86f2b
Reviewed-on: https://code.wireshark.org/review/11201
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
3 years agoSplit RTP player tapping, decoding, and plotting.
Gerald Combs [Tue, 20 Oct 2015 15:31:52 +0000 (08:31 -0700)]
Split RTP player tapping, decoding, and plotting.

In RtpAudioStream split tapping+decoding into separate member functions.
Store RTP payloads in memory. In RtpPlayerDialog split tapping+plotting.
This more closely resembles what we're doing in the GTK+ UI and paves
the way for jitter support and other changes.

Change-Id: I244c225cec8930545622e6582b7be35ebe45b237
Reviewed-on: https://code.wireshark.org/review/11195
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoh261: fix "hf->bitmask != 0" assertion
Peter Wu [Wed, 21 Oct 2015 15:27:11 +0000 (17:27 +0200)]
h261: fix "hf->bitmask != 0" assertion

fuzz-2014-03-13-20306.pcap from bug 9887 triggered:

    Dissector bug, protocol H.261, in packet 978: epan/proto.c:8418:
    failed assertion "hf->bitmask != 0" (h261.sbit)

Fixes regression from v1.99.6rc0-311-g8d6324f.

Change-Id: I69f537576743347cad41873222b4905d48c2fb8d
Reviewed-on: https://code.wireshark.org/review/11194
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoGSM SMS: do not call GSM SMS port IE subdissectors until message is reassembled
Pascal Quantin [Wed, 21 Oct 2015 11:57:40 +0000 (13:57 +0200)]
GSM SMS: do not call GSM SMS port IE subdissectors until message is reassembled

Change-Id: Ibf384c01a1d3283e36b87a3d84e6c256341b8664
Reviewed-on: https://code.wireshark.org/review/11190
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agox11 generator: Fix indent (use always 4 spaces) and add modelines
Alexis La Goutte [Sat, 17 Oct 2015 13:39:06 +0000 (15:39 +0200)]
x11 generator: Fix indent (use always 4 spaces) and add modelines

Change-Id: I91739bb6f4acc4da060cf389ec288ee910965b2a
Reviewed-on: https://code.wireshark.org/review/11113
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoAdd to DIS dissector many new PDU types, fixing issues, and richer information.
Oren Koler [Wed, 30 Sep 2015 19:08:20 +0000 (22:08 +0300)]
Add to DIS dissector many new PDU types, fixing issues, and richer information.

This is a massive changeset, developed by Oren Koler from IDF BattleLab, and is being integrated by me.
IDF BattleLab enhanced this dissector for its own popular PDUs, and was tested successfully by its own DIS scenarios.

We also fixed those issues:
* Only zero or one timestamp in DIS packet header (division of integer by integer)
* Bad datum values padding.

IDF BattleLab outputs the result of Oren Koler work to the community.

Sadly, because of information security, we couldn't share recorded captures with the community.
However, we brought basic PDU record outside from IDF BattleLab.

Change-Id: Iec425569da3842f7054a97be5f371cbe893ff482
Reviewed-on: https://code.wireshark.org/review/10710
Reviewed-by: Tal Hadad <tal_hd@hotmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoLTE RLC graph: Only enable graph buttons for directions with data
Martin Mathieson [Wed, 21 Oct 2015 09:18:23 +0000 (02:18 -0700)]
LTE RLC graph: Only enable graph buttons for directions with data

Change-Id: I80248aa6cf26a68c0d3aeff01c6c0e97951d1eed
Reviewed-on: https://code.wireshark.org/review/11189
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
3 years agoX11 generator: avoid extraneous parens in conditionals.
Jeff Morriss [Tue, 20 Oct 2015 20:14:21 +0000 (16:14 -0400)]
X11 generator: avoid extraneous parens in conditionals.

This is to avoid complaints from clang of the form:

wireshark/epan/dissectors/x11-extension-implementation.h:17021:18: error:
equality comparison with extraneous parentheses [-Werror,-Wparentheses-equality]
        if ((f_class_id == 0)) {
             ~~~~~~~~~~~^~~~

Change-Id: I91d629ad47677b71909d7da517c4a6198c276186
Reviewed-on: https://code.wireshark.org/review/11186
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoLTE dialogs: tidy up some loose ends
Martin Mathieson [Tue, 20 Oct 2015 14:07:10 +0000 (07:07 -0700)]
LTE dialogs: tidy up some loose ends

Change-Id: I18f099311f7660c91cffdf21bbacdb88b7c0fd7e
Reviewed-on: https://code.wireshark.org/review/11182
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>