git.samba.org - metze/wireshark/wip.git/log

dumpcap: Add support for 802.11ac monitor modes

Add dumpcap support for configuring 80MHz, 80+80MHz, 160MHz monitor
modes via nl80211.

Change-Id: I2ae8955670c2a9b5051e2223d45ce522459f2c5f
Reviewed-on: https://code.wireshark.org/review/13964
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ieee802154: fix Uninitialized argument value found by Clang Analyzer

Change-Id: I71282d6ef15802700f6e58308f1d8e89fe9bd24c
Reviewed-on: https://code.wireshark.org/review/14262
Reviewed-by: Michael Mann <mmann78@netscape.net>

Prevent use-after-free issues with pcapng.c/wtap_opttypes.c

Bug: 12173
Change-Id: Ifff28491073d50e088b26847830a3bc8835f4282
Reviewed-on: https://code.wireshark.org/review/14180
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

debian-setup: need libtool-bin for building.

Change-Id: I761babced3eb49b8a8cea4996b7ccd6f748a6200
Reviewed-on: https://code.wireshark.org/review/13829
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

L2TP: Added AVPs from RFC 5515

Basic dissection of AVPs from RFC 5515.

Ping-Bug: 12208
Change-Id: Ie16073378a66a81f8378eab7a83988ef9e8a5c88
Reviewed-on: https://code.wireshark.org/review/14246
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

FC: Forget about MDS when dealing with ETHERTYPE_BRDWALK (CID 280012)

Since the MDS trailer is smaller anyway, no need to copy that code.

Change-Id: Ie3931cda3ef2386526cd81daee535d106e522875
Reviewed-on: https://code.wireshark.org/review/14253
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Update the current XZ version.

5.0.4 is no longer available; the current version is 5.0.8.

Change-Id: I982a4809ae87362837561297967a8eb63485676c
Ping-Bug: 12214
Reviewed-on: https://code.wireshark.org/review/14257
Reviewed-by: Guy Harris <guy@alum.mit.edu>

IrDA: Register a link-layer IrLAP address type".

Was using AT_NONE as "unknown address type" instead of "no address".

Ping-Bug: 12205
Change-Id: Ic1d7022f8eaa3dfab9bb7b607eed264cc527c87c
Reviewed-on: https://code.wireshark.org/review/14242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Don't show a progress bar when previewing for the Qt print dialog.

We don't do much work to do that - we don't print anything before the
first selected page, and once we're finished generating that page, we
terminate the printing process - so it shouldn't need a progress bar.
(If it needs a progress bar, We Have A Problem, as that slows down the
drawing of the dialog box.)

This should prevent the problem seen in bug 12040.

Bug: 12040
Change-Id: I129191e06fff3e1eb59a9631c7395b9e7f650809
Reviewed-on: https://code.wireshark.org/review/14255
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add a #define for the wildcard pattern that matches all files.

It's *.* on Windows, but just * on UN*X; add a header that provides the
definition, and use it instead of hardwiring *.*.

Call the entry "All Files", that being the conventional name, rather
than "Any File", whilst we're at it.

Change-Id: I7c29324fc5b41e93c150e1ec67f1529f171dc6a3
Reviewed-on: https://code.wireshark.org/review/14243
Reviewed-by: Guy Harris <guy@alum.mit.edu>

802.15.4 Minimal support for MLME Payload IE with Enhanced Beacon Filter IE

Minimal support has been added for the MLME Payload IE and the Enhanced Beacon
Filter Sub-IE. Dissection of Payload IEs and Sub-IEs is supported making it
easy to add dissection for specific applications once this is known.

Change-Id: I3a4f237e17413ec3e7bbfd32ded0625fc97da11b
Reviewed-on: https://code.wireshark.org/review/13999
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

make-version: Don't emit one common warning to stderr

git rev-parse @{upstream} will (obviously) fail if there is no
upstream set for the current branch. This is fairly common and
not problematic. Don't emit an error message to stderr when it
fails.

Change-Id: I4989fb19b25fefff83335061151e360c78652e88
Reviewed-on: https://code.wireshark.org/review/14151
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

fuzz-test: Add missing new line

Change-Id: I68f85cdbef24289cabb5e46905356c3cc1c39ad8
Reviewed-on: https://code.wireshark.org/review/14252
Reviewed-by: João Valverde <j@v6e.pt>

Support dissecting the TLV data format specified for Lwm2m

Lightweight M2M is a protocol on top of CoAP that is used for
device management. The specification contains a custom payload
format - a simple type, length, value binary encoding.

This patch adds support for dissecting this payload format.
While not yet officially registered, the main open source
implementation of the lwm2m protocol - eclipse's leshan - uses this
content type 1542 for its messages.

Bug: 12110
Change-Id: Ib022d1f485c706f1d69ceec7200790448d080965
Reviewed-on: https://code.wireshark.org/review/13835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

PIDL: regen pidl-generated dissectors

mapi&nspi dissectors skipped on purpose since they the output is
malformed. This was already the case before the samba sync.

Change-Id: Ib3b78459e3506c755aaa219433ac6b5865482f01
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-on: https://code.wireshark.org/review/13968
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

PIDL: sync pidl with samba repo

Copy pidl from samba repo after all wireshark changes were applied.

Change-Id: I0d3fb780c3f79b3b873304bab0655d98564dfc71
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-on: https://code.wireshark.org/review/13967
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Update mailmap with another of my email addresses.

Change-Id: I9de850dff753988ab3322f0e5885df83625e5a48
Reviewed-on: https://code.wireshark.org/review/14240
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Fix randpktdump build in Windows.

Change-Id: If749635d771443542285a74f05f37156123b2991
Reviewed-on: https://code.wireshark.org/review/14238
Reviewed-by: Michael Mann <mmann78@netscape.net>

extcap: Move extcap handling to base

Also add the extcap-version parameter to enable parsing of
version and helppage separately

Change-Id: I35ba5aa992940ffbb0cd9ebea8b7c3a1e8629d74
Reviewed-on: https://code.wireshark.org/review/14094
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>

Only say we have a new resolved MAC address if it's actually *new*.

If we aren't changing the resolved name, it's not new.

This prevents us from perpetually "resolving" the address. If we have
ARP packets that cause us to map a MAC address to a host name, based on
the ARP packet saying the MAC address corresponds to a given resolved IP
address, then each time we dissect the packet, the address will be
"resolved" - and each time we have new resolved addresses as a result of
that, we'll redissect the displayed packets so that they show the
resolved address, and we'll forever be redissecting.

Change-Id: I445e92f407d52a4ed5986721ffcc472f86e99431
Reviewed-on: https://code.wireshark.org/review/14236
Reviewed-by: Guy Harris <guy@alum.mit.edu>

DISv7: parse PDU Status field

Section 6.2.67 in IEEE 1278.1-2012 defines PDU Status bit field in
the PDU Header. The bit meaning varies with the PDU type. This
change provides full parsing and presentation for all fields and
PDU types.

Bug: 12043
Change-Id: I8f4ef6606ff59a1ef0ed97630c4832b2b6a4dff7
Reviewed-on: https://code.wireshark.org/review/14232
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Use *, not *.*, as the wildcard pattern on UN*X.

On Windows, the pattern that matches all files is *.*; *, by itself,
doesn't work, as I remember. UN*Xes take the pattern a bit more
literally, so if it has a dot in it, it has to match a dot.

Bug: 12203
Change-Id: I11518c29c4ffd73485bad6e49b6dd9cc16bbd0b0
Reviewed-on: https://code.wireshark.org/review/14233
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Update documentation of hf fields.

- Specify the valid characters in hf abbreviations as suggested in
  https://ask.wireshark.org/questions/50444/braces-inside-abbreviated-name-fieldabbrev-of-header_field_info
- Update the valid characters for protocol abbreviations too.
- Remove a couple old (ancient?) hf substitutions (things to replace in the
  dissector template).  I don't think PARENT_SUBFIELD or ID_VALUE have been
  used in quite a while.
- We no longer automatically add the protocol's abbreviation to the field's
  abbreviation (it's now the dissector-writer's job).
- Abbreviations can no longer be empty strings (since
  a146f5a2e211aa414cba98ce0b0503a690695d34).
- When talking about hf fields reference the substitution names (to make it
  easier to find additional documentation).

Change-Id: Ic80dc6a230dc727ba544e68c4a0cc746768e5081
Reviewed-on: https://code.wireshark.org/review/14107
Reviewed-by: Michael Mann <mmann78@netscape.net>

u3v: use interface class and subclass in heuristic checks

don't access the class-specific conversation structure before we know
that the packet is a U3V packet

the USB dissector should fill interfaceClass and interfaceSubclass with
correct values - if it doesn't that's another bug to be fixed

Bug:12194
Change-Id: Ic9e73e7cb05c8887fee794e4735936caad1b7f49
Reviewed-on: https://code.wireshark.org/review/14224
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

TCP: Added bytes sent since last PSH flag

Added tcp.analysis.push_bytes_sent to see how many bytes sent since the last PSH flag. Can be useful when analyzing application behavior and performance and bytes_in_flight gets altered by ACKs

Change-Id: I8c6348de43cdb1545169d3a04773885d2411eb00
Reviewed-on: https://code.wireshark.org/review/9822
Reviewed-by: Jasper Bongertz <jasper@packet-foo.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Qt: Added geometry_state_dialog to Wireshark.pro

Change-Id: I8844469a1cef7e37d4ec0f7ad2aff10bac521af2
Reviewed-on: https://code.wireshark.org/review/14230
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: Improve Show Packet Bytes

- Add ShowAsASCIIandControl to keep ShowAsASCII only ASCII printable.
- Enable show selected when ShowAsRAW.
- Use QString::fromLatin1() when ShowAs8859_1.
- Don't replace null with symbol for null when ShowAsUTF8.

Change-Id: I25750247160e33d342fde12e6a998e3198270acf
Reviewed-on: https://code.wireshark.org/review/14220
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

wslua: don't crash if disable_lua = true in init.lua

in wslua_init(), our lua instance L is set to NULL if
disable_lua is true in init.lua
make sure that we leave wslua_init() in this case

if we don't, we crash in lua_pop(L,1); with L==NULL

Program received signal SIGSEGV, Segmentation fault.
0x00007fffefb41a73 in lua_settop () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
(gdb) bt
#0  0x00007fffefb41a73 in lua_settop () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#1  0x00007ffff4fb50e4 in wslua_init (cb=cb@entry=0x516f40 <splash_update(register_action_e, char const*, void*)>,
    client_data=client_data@entry=0x0) at init_wslua.c:900
[...]

Bug:12196
Change-Id: Ic338c4edcb897c0eaa9b6755bbb6c9991ec6ed02
Reviewed-on: https://code.wireshark.org/review/14228
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: Add dialog geometry restore

Add GeometryStateDialog class to handle load and save dialog geometry.
The QDialog class name will be used as window name. For shared
classes the UAT name or the statistics title or abbr will be used.

Change-Id: I5a019598307fb3861518f41e733de834788184d8
Reviewed-on: https://code.wireshark.org/review/14139
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Add .png files for Debian packaging.

Bug: 12160
Change-Id: I00771df346893c1112599f8affb9a47f9d793a87
Reviewed-on: https://code.wireshark.org/review/14199
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Michael Mann <mmann78@netscape.net>

[Automatic update for 2016-02-28]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I01e2b802cce29c9390a85b2d12fe4fefef2357c2
Reviewed-on: https://code.wireshark.org/review/14225
Reviewed-by: Gerald Combs <gerald@wireshark.org>

usb: fix a typo

... and the copy of it that I just made :-(

bInterfaceProtocol should be bInterfaceSubClass

Change-Id: Ic25f28cad7305986cb79ddea5110b1e739e57101
Reviewed-on: https://code.wireshark.org/review/14223
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

usb: resolve some subclasse codes of interface class misc

Change-Id: I597fa87248caf77b3622065bc4dbdaa66cee809a
Reviewed-on: https://code.wireshark.org/review/14222
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

u3v: clean up the heuristic check

check for the minimum lenght before dereferencing data
add a NULL check for usb_conv_info

Change-Id: I91014d5929f57cc9eed2bfc7adef9f89541ece45
Reviewed-on: https://code.wireshark.org/review/14221
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

U3V: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Ie86aba59e95ed739b07fcb9f596fa206bf9793f5
Reviewed-on: https://code.wireshark.org/review/14217
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

Typo in packet-gsm_a_dtap.c

Bug: 12186
Change-Id: Ib73ee78ba732f5ed88f596a72146a75efa47cebd
Reviewed-on: https://code.wireshark.org/review/14198
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

packet-amqp.c: Fix multiple fields with incompatible types

Change-Id: I68b7fa0b5d7fae86289807d7ef01a2141dcb8ff6
Reviewed-on: https://code.wireshark.org/review/14059
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

gryphon: fix 'gryphon.reserved' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT32

Change-Id: Ia2ef8c4211ca717d6e99f596cd7f2de92d5aa7ca
Reviewed-on: https://code.wireshark.org/review/14202
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

LLDP: Add 802.3 TLV Energy Efficient Ethernet (Subtype 5)

Bug:12165
Change-Id: I341d4387227a41af826a2867b48a53eff7e1e62a
Reviewed-on: https://code.wireshark.org/review/14200
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

SPRT: fix 'sprt.payload' exists multiple times with NOT compatible types: FT_NONE and FT_UINT32

Change-Id: Ie6c6f71e413463f93924c1a47b908a1c97d94407
Reviewed-on: https://code.wireshark.org/review/14209
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Zbee (nwk): fix 'zbee_nwk.multicast' exists multiple times with NOT compatible types: FT_UINT8 and FT_BOOLEAN

Change-Id: I5947b0543e0b6270cbef69184360c19e2d25c8e0
Reviewed-on: https://code.wireshark.org/review/14205
Reviewed-by: Michael Mann <mmann78@netscape.net>

irda: fix 'irlmp.xid.name' exists multiple times with NOT compatible types: FT_BYTES and FT_STRING

Change-Id: I93215bd126dab1e7b6207f8510c7ce9b116637a3
Reviewed-on: https://code.wireshark.org/review/14203
Reviewed-by: Michael Mann <mmann78@netscape.net>

ZEP: fix 'zep.seqno' exists multiple times with NOT compatible types: FT_STRING and FT_UINT8

Change-Id: I8d39436efaa5b561a95b08b5849b200a51e3c981
Reviewed-on: https://code.wireshark.org/review/14204
Reviewed-by: Michael Mann <mmann78@netscape.net>

Zbee (zcl se): fix 'zbee_zcl_se.ke.cert.type' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT

Change-Id: I493491f4e93556ccff95abe69cc2ecce1f9f28b2
Reviewed-on: https://code.wireshark.org/review/14207
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

BOOTP: Add preference to determine endianness of UUID.

Spec doesn't appear to explicitly state endian format.

Bug: 11544
Change-Id: I601d94523199bc3f9ce4f573d9976e328d9c816a
Reviewed-on: https://code.wireshark.org/review/14201
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Zbee (Security): fix 'zbee.sec.key' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT8

Change-Id: If6f61c973baf02abda640553febab91b8f4f5fe6
Reviewed-on: https://code.wireshark.org/review/14206
Reviewed-by: Michael Mann <mmann78@netscape.net>

sFlow v5: Add original packet header length to protocol tree.

Change-Id: I05af7d55fac139b462895d3a219c94ea2e8359c4
Reviewed-on: https://code.wireshark.org/review/13982
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Fix names of SSLv2 RC2 cipher suites

The previous naming for suite 0x040080 was wrong according to [1] and [2]. It
is an export suite but its name did not reflect that.

This also removes the extra "CBC_" in both RC2 cipher suites as it seems more
consistent with other names, the specification and OpenSSL.

[1] https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/ssl/ssl2.h#L95
[2] http://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html

Change-Id: I4a62463fdd7b0733a9652f8ab601848b26977c28
Reviewed-on: https://code.wireshark.org/review/14197
Reviewed-by: Michael Mann <mmann78@netscape.net>

GTK: make dist fixups

Change-Id: I6e83335cd3c6c77a77f5d77c2e1edc36afd0fbed
Reviewed-on: https://code.wireshark.org/review/14153
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

Lua configure.ac improvements

Use PKG_WIRESHARK_CHECK_SYSTEM_MODULES for consistency with other
system dependencies.

Give slightly more informative configure messages other than multiple
'checking for LUA'.

Check for headers using pkg-config to avoid undefined symbols in
config.h.

Change-Id: I8d3df9ccf6f718d7d055da4f713af60d46d89e33
Reviewed-on: https://code.wireshark.org/review/14173
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

wtap (opttypes.h): fix no newline at end of file [-Wnewline-eof]

Change-Id: I5bdd42bce983cd874597f4675afe4c8b2790e0f6
Reviewed-on: https://code.wireshark.org/review/14196
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

TCP: Use MIDDLE DOT for the flag placeholder.

If you apply tcp.flags.str as a column you end up with a Wall Of
Asterisks. Use Unicode MIDDLE DOT as a placeholder instead.

Change-Id: I3e2bebd2a951cc516399e965ace6bf87501adc9e
Reviewed-on: https://code.wireshark.org/review/13855
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Have the interface list unsorted by default.

That way, they initially show up in pcap's order, putting the preferred
interface at the top. If the user wants to sort them by some column,
the user can click on the column in question.

Change-Id: I30ac38519c42ae5317d99fdd0a079b030e6af308
Reviewed-on: https://code.wireshark.org/review/14194
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix appending the list of remote interfaces.

Don't assume if_list is non-null when append_remote_list() is called; it
won't be, if we didn't find any local interfaces. Have
append_remote_list() return the final if_list value, and assign it to
if_list.

Change-Id: I05586d5b034f3d61aa38a20f6c6d2c69117b367e
Reviewed-on: https://code.wireshark.org/review/14191
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Replace extcap_interface_list() with append_extcap_interface_list().

Pull the "rebuild the list of extcap interfaces and, optionally, return
a list of if_infos for them" into a separate
extcap_reload_interface_list() routine, call it in the cases where we
don't want the if_infos list, and have append_extcap_interface_list()
call it, asking it for the if_infos list, and then append the interfaces
to that list.

Change-Id: I07478ab133859484b3e0916144971639f961224b
Reviewed-on: https://code.wireshark.org/review/14189
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Put the extcap interfaces at the *end* of the interface list.

The list should start with the native local interfaces, as returned by
pcap, so that we default to the interface pcap gives first, rather than
to whatever extcap interface happens to be at the beginning.

This also means that, if we're only calling extcap_interface_list() to
regenerate our internal data structures, we don't bother allocating -
and leaking! - a list of if_info structures.

Change-Id: Ida651b5b081883f118a300b9f57403f2dc5c4363
Ping-Bug: 12183
Reviewed-on: https://code.wireshark.org/review/14187
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Ensure we have a name resolution block when parsing its block type.

Bug: 12174
Change-Id: I82eb0ac75f2e03f15c2f016e9b7ff72fdc7044f5
Reviewed-on: https://code.wireshark.org/review/14179
Reviewed-by: Michael Mann <mmann78@netscape.net>

Clean up setting *err_str to NULL.

Just do it upfront.

Change-Id: I5305882b8efd080fcb3e8ea626e09f4682729702
Reviewed-on: https://code.wireshark.org/review/14185
Reviewed-by: Guy Harris <guy@alum.mit.edu>

packet-nsh.c - Look for correct ethernet dissector name.

Bug: 12180
Change-Id: If089ad49a27de2a681490ef75aaa9a7b7e5ad922
Reviewed-on: https://code.wireshark.org/review/14184
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add free_address_wmem(), fix warnings [-Wcast-qual]

Try to improve address API and also fix some constness warnings
by not overloading the 'data' pointer to store malloc'ed buffers
(use private pointer for that instead).

Second try, now passing test suite.

Change-Id: Idc101cd866b6d4f13500c9d59da5c7a38847fb7f
Reviewed-on: https://code.wireshark.org/review/13946
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

Fix indentation.

Change-Id: I201c35e1f6dfdb67a68dbc0ee684e0231842f00b
Reviewed-on: https://code.wireshark.org/review/14182
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix nmake build for extcap apps.

Change-Id: I09c4ae9a6b05f82b0fdc2271559d715148611e18
Reviewed-on: https://code.wireshark.org/review/14177
Reviewed-by: Michael Mann <mmann78@netscape.net>

cmake: fix parallel docbook build

Let targets depend on the generate_developer-guide.xml target instead of
the developer-guide.xml output file.

Change-Id: I66106ad69c9baedbd58a008b4dbbbf93b787c2c2
Reviewed-on: https://code.wireshark.org/review/14156
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Empty out InterfaceTree::updateGlobalDeviceSelections() if no pcap.

It doesn't even need to bother checking the argument.

Change-Id: I2cdc9d7da24392ff3fae84e31442530c2e854734
Reviewed-on: https://code.wireshark.org/review/14174
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Mark a variable unused when we're not using it.

Change-Id: I020447859114551e71810bf17ba05dc353a1ff08
Reviewed-on: https://code.wireshark.org/review/14171
Reviewed-by: Gerald Combs <gerald@wireshark.org>

tcp_stream_dialog: Integer overflow in Average Throughput

Overflow occurs in the TCP Stream Graphs window when Average Throughput exceeds 20-30 Gbps.

* Screenshot examples
https://raw.githubusercontent.com/koizumi-k/pub/master/misc/stream1-current-win64.png
https://raw.githubusercontent.com/koizumi-k/pub/master/misc/stream2-current-win64.png

Change-Id: I4e557fdeae659ef27b986fca18c74cc8983fe4d3
Reviewed-on: https://code.wireshark.org/review/14163
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Qt: Update selected interface filter behavior.

Change the selected interface behavior in the main window and the
capture interfaces dialog to better handle multiple selections. Attempt
to document this at the top of interface_tree.cpp.

Move the default capture filter code from CaptureFilterEdit to
MainWelcome. Add a "conflicting filter" check to CaptureEdit which
updates the placeholder text.

Handle conflicting filters in the main welcome screen and the capture
interfaces dialog. Propagate interface selections and filter updates in
the capture interfaces dialog to the main welcome screen.

Consolidate some of the interface handling code in InterfaceTree and
CaptureInterfacesDialog.

Make sure CaptureInterfacesDialog manages the global capture options by
device name instead numeric index.

Start deprecating prefs.capture_devices_filter and
capture_dev_user_cfilter_find.

Change some member function names so that they're hopefully more clear
and consistent.

Ping-Bug: 11886
Change-Id: I63b06dbae29c2c45ee9252092ad54bdcbacae6e6
Reviewed-on: https://code.wireshark.org/review/14129
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

HTTP: Fix full_uri when using a Proxy

When the HTTP request is transmitted to a Proxy the URI is already
a "full URI".

Bug was reported by Thomas Baudelet.

Bug: 12176
Change-Id: I83f6bdef6fa96233792c6bbe54caad38df0f5fb6
Reviewed-on: https://code.wireshark.org/review/14142
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Update README.plugins to remove deprecated nmake references

Change-Id: I259fe24e6dca7679f22492161b0c4cd97c7521de
Reviewed-on: https://code.wireshark.org/review/14145
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>

extcap: Fix noinst header

Change-Id: I2b4c6eda29a6a8198993f577c42741729ed39538
Reviewed-on: https://code.wireshark.org/review/14160
Reviewed-by: Roland Knall <rknall@gmail.com>

snmp: Decode msgSecurityParameters ASN.1 header

Decode ASN.1 identifier and length to get correct offset to
msgSecurityParameters.

Bug: 12181
Change-Id: Icf83616ac0a63e1d48652738942fe339dd165cab
Reviewed-on: https://code.wireshark.org/review/14158
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

extcap: move windows functions into extcap-base

Change-Id: Iec7fed027a24992afd673b09c32470af51739ae5
Reviewed-on: https://code.wireshark.org/review/14075
Reviewed-by: Roland Knall <rknall@gmail.com>

debian: Override some lintian warnings

Change-Id: Id262cfa7577fe45b360399d5e4a9de0ea002bf67
Reviewed-on: https://code.wireshark.org/review/14155
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Balint Reczey <balint@balintreczey.hu>

extcap: Fix make distcheck

Change-Id: I46ba924e4231ae0e59d9cd7870cde516df8f3c28
Reviewed-on: https://code.wireshark.org/review/14152
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: Capture Interfaces dialog geometry updates.

Widen CaptureInterfacesDialog. Manually set some column widths.

Change-Id: I84fd060d83b5f7bc186d79e22d5cc608dfdbd6c5
Reviewed-on: https://code.wireshark.org/review/14148
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Clean up modelines and indentation.

HT tab stops are set every 8 spaces on UN*X; UN*X tools that treat an HT
character as tabbing to 4-space tab stops, or that even are configurable
but *default* to 4-space tab stops (I'm looking at *you*, Xcode!) are
broken. tab-width: 4, tabstop=4, and tabSize=4 are errors if you ever
expect anybody to look at your file with a UN*X tool, and every text
file will probably be looked at by a UN*X tool at some point, so Don't
Do That.

Adjust indentation to reflect the mode lines.

Change-Id: Icf0831717de10fc615971fa1cf75af2f1ea2d03d
Reviewed-on: https://code.wireshark.org/review/14150
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add text2pcap-scanner_lex.h to the list of generated headers.

Change-Id: I874e86f5fd192eedb8f636ad208b2f7ad7f705fd
Reviewed-on: https://code.wireshark.org/review/14149
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: Emit textEdited from CaptureFilterEdit in more places.

We should emit textEdited whenever the user changes the text
interactively. Do so when the user clicks the clear button or selects a
recent filter.

We might want to copy this to DisplayFilterEdit.

Change-Id: Icf02fead52947fcef6e7e617b0c49bfc9e1aec65
Reviewed-on: https://code.wireshark.org/review/14144
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Put extcap-base.h into the release tarball.

Change-Id: I17213b20c26acfb9e5b3de251b3f90a8e23ce0a7
Reviewed-on: https://code.wireshark.org/review/14146
Reviewed-by: Guy Harris <guy@alum.mit.edu>

pre-commit: Use uname -a instead.

Not all shells support uname -o.

Change-Id: Ia6f46f3580f6d7b421da672418dcbee38ad9e60b
Reviewed-on: https://code.wireshark.org/review/14143
Reviewed-by: João Valverde <j@v6e.pt>

extcap: move includes into extcap-base.

Change-Id: I802cc3a3bb3989411216ed070ecc018345e0d54f
Reviewed-on: https://code.wireshark.org/review/14073
Reviewed-by: Roland Knall <rknall@gmail.com>

Qt: Use UTF8_HORIZONTAL_ELLIPSIS for …

Bug: 12172
Change-Id: Icbb3011ff18fc53c3e77c62692ed977178d1aace
Reviewed-on: https://code.wireshark.org/review/14138
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

extcap: move common code into extcap-base files

Change-Id: Ia4a73c7df39426c8773fce04cac223bda3c6ef1c
Reviewed-on: https://code.wireshark.org/review/14071
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>

GRE: call ID not always decoded

Always decode Call ID (and payload length) when Version is Enhanced GRE (and no ACK flag)

Issue reported by Duncan Salerno

Bug:12149
Change-Id: I2f61dd6851e26cc93174f96e05c0055fc45be4e2
Reviewed-on: https://code.wireshark.org/review/14088
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

pre-commit: Avoid launching python subprocesses.

This makes Python required only for (portable) fnmatch().

Change the ignore script to work as a filter.

Multi-platform improvements.

Change-Id: I6ac757d48ba2ff965da5da3dc9c25047a0e37f92
Reviewed-on: https://code.wireshark.org/review/13693
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>

Sort the pixel formats.

(qsort() is your friend.)

Change-Id: I71ab5fea0c8c0f548d737f5d5d1b7523b8a668ea
Reviewed-on: https://code.wireshark.org/review/14137
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix build with CFLAGS="-g -Og" [-Werror=maybe-uninitialized]

packet-flexray.c: In function ‘dissect_flexray’:
packet-flexray.c:245:6: error: ‘flexray_frame_tree’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
expert_add_info(pinfo, flexray_frame_tree, &ei_flexray_frame_payload);
^
cc1: all warnings being treated as errors

Change-Id: Iadcae49e7d958823ae7066906892f6c1ae85169b
Reviewed-on: https://code.wireshark.org/review/14124
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Cleanup CMakeLists.txt indentation and use lower case function names

Change-Id: Ie94d2e9b6b4975d7caec10c3ce472cafe1eefd62
Reviewed-on: https://code.wireshark.org/review/14120
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add GResource message to configure script

Use more descriptive naming while at it.

Change-Id: Ic89562cb9fa2cd5e315992f12ad9e46f2361da0b
Reviewed-on: https://code.wireshark.org/review/14057
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

u3v: dissector for the USB3 Vision protocol

Dissector for the USB3 Vision machine vision camera protocol.
* Descriptors
* Bootstrap registers
* Control (GenCP)
* Stream data

A sample capture (usb_u3v_sample.pcapng) has been uploaded to
https://wiki.wireshark.org/SampleCapture

USB3 Vision a standard developed under the sponsorship
of the AIA for the benefit of the machine vision industry.
U3V stands for USB3 Vision (TM) Protocol

Change-Id: If1206df7974c6a91cf18f59ddecf9d38b9827934
Reviewed-on: https://code.wireshark.org/review/14008
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CIP: Improve error checking

1. Expert info for cip_short_string,cip_string
2. Combine dissect_cip_multiple_service_packet_req/dissect_cip_multiple_service_packet_rsp. The formats are the same, and this ensures that all expert info checks are applied to both.
3. Remove some copy-paste in dissect_cip_generic_data

Change-Id: I433990bf4389bee78d414cab8547bd2bb39498c7
Reviewed-on: https://code.wireshark.org/review/14105
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

diameter: change GArray into wmem_array.

This change fixes a leak in packet-diameter that loads a dictionary
but doesn't free all the data. Found by valgrind.

==30481== 36,656 (960 direct, 35,696 indirect) bytes in 24 blocks are definitely lost in loss record 3,417 of 3,421
==30481==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30481==    by 0xA7FE610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==30481==    by 0xA81422D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==30481==    by 0xA7CDC44: g_array_sized_new (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==30481==    by 0x6863743: dictionary_load (packet-diameter.c:1980)
==30481==    by 0x6863743: proto_register_diameter (packet-diameter.c:2344)
==30481==    by 0x71C4BA4: register_all_protocols (register.c:323)
==30481==    by 0x65EEFA7: proto_init (proto.c:521)
==30481==    by 0x65CD621: epan_init (epan.c:126)
==30481==    by 0x115330: main (tshark.c:1220)

Change-Id: I3c0d19e1accab415355aa0f50c598f0c83356985
Reviewed-on: https://code.wireshark.org/review/13821
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Update README.plugins

Update docs to include steps for CMake builds.

Change-Id: Iefbe038ab93311bb3b2e9fd21bcdc674290dba45
Reviewed-on: https://code.wireshark.org/review/14121
Reviewed-by: Anders Broman <a.broman58@gmail.com>

sFlow: Add lag_port_stats (format 7)

Bug:10501
Change-Id: I8d77c41537f1bfed9b5fbc585119496ec73c06eb
Reviewed-on: https://code.wireshark.org/review/14123
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Try putting the output directly into the error message.

When the tests are run in the buildbot, messages such as

Error during test execution: see {pathname}

aren't very useful.

Change-Id: I4509ea58c162c264c316358019a1cbc01cd93e31
Reviewed-on: https://code.wireshark.org/review/14135
Reviewed-by: Guy Harris <guy@alum.mit.edu>

An SHB with a magic of 0x1A2B3C4D isn't necessarily little-endian.

If it's 0x1A2B3C4D, that means it has the same byte order as the
instruction set for which Wireshark was built[*]; if it's 0x4D3C2B1A, it
means it has the opposite byte order. (We assume no "middle-endian"
machines here; it's extremely unlikely that any of this code will ever
work on a PDP-11.)

Wireshark *does* work on big-endian machines (if there are any places
where it doesn't, those are bugs that must be fixed), so we can't assume
that "same byte order as our instruction set" means "little-endian".

[*]If, for example, you run a PowerPC binary under Rosetta, it'll act as
if big-endian is the native byte order, even though it's running on a
little-endian machine.

Change-Id: Ic438bd85c034f1fba276408ba30214d7078121d1
Reviewed-on: https://code.wireshark.org/review/14133
Reviewed-by: Guy Harris <guy@alum.mit.edu>

For SHBs, always use the byte order from the byte-order magic.

Don't use the byte order from any previously-seen SHB, as it might be
different.

Bug: 12167
Change-Id: I19a81f81f2e8115938387487e2682b8b11a100fe
Reviewed-on: https://code.wireshark.org/review/14131
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix allocation of option bocks in pcapng_read().

We don't need to allocate an WTAP_OPTION_BLOCK_IF_DESCR option block;
don't use the value we allocated.

We must not allocate an WTAP_OPTION_BLOCK_IF_STATS option block until we
need it, as we may have to allocate *more than one* of them here! The
old code would reuse the same block, adding it more than once, causing a
"freeing already freed data"/"freeing non-allocated data" error on some
platforms.

Change-Id: I8582627c1f5deecfd4f6490dcdf8c31ee3809d12
Reviewed-on: https://code.wireshark.org/review/14130
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix another heap-based bufffer overflow.

The S1 code works similarly to the S2/S3 code, and has the same issue.

Change-Id: I288e30ccdf67d8a6daec8c8428c0f703e18ecc89
Reviewed-on: https://code.wireshark.org/review/14127
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add 1 byte and 16 byte as separate values.

The 1 is for the byte written with vht_ndp_flag; the 16 is for the PLCP
header. Separate them out; no change to the actual code (as any
compiler worth its salt would do constant folding).

Change-Id: I5e081c67e605203153270ed9a3f9e30b9e9b968c
Reviewed-on: https://code.wireshark.org/review/14125
Reviewed-by: Guy Harris <guy@alum.mit.edu>