metze/wireshark/wip.git
3 years agoAdjust proto_tree_add_[float|double]_format_value calls to use unit string
Michael Mann [Mon, 12 Dec 2016 18:22:05 +0000 (13:22 -0500)]
Adjust proto_tree_add_[float|double]_format_value calls to use unit string

Several calls to proto_tree_add_[float|double]_xxx could be better served
using BASE_UNIT_STRING with a "unit string" in hf_ field.

Added a few more "common" unit string values to unit_strings.[ch]

Change-Id: Id0da7b579403898d20c2667d6c4abcd59d5a48d4
Reviewed-on: https://code.wireshark.org/review/19241
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Optionally restore our selected packet when thawing.
Gerald Combs [Mon, 12 Dec 2016 19:34:03 +0000 (11:34 -0800)]
Qt: Optionally restore our selected packet when thawing.

Stash the current row when we freeze the packet list. Make it possible
to restore it when thawing. Do so when the layout changes and when we
move a column.

Change-Id: I44cfb8bafcd4d49a46e1c89bf47aecf5ac139773
Reviewed-on: https://code.wireshark.org/review/19222
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agowin-setup.ps1: add missing zlib-1.2.8-ws folder
Pascal Quantin [Tue, 13 Dec 2016 21:15:28 +0000 (22:15 +0100)]
win-setup.ps1: add missing zlib-1.2.8-ws folder

Change-Id: Ie32a231146365c11fe80e9e4f414ef7c464a8249
Reviewed-on: https://code.wireshark.org/review/19247
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoimf: fix no newline at end of file [-Wnewline-eof]
Alexis La Goutte [Tue, 13 Dec 2016 10:39:16 +0000 (11:39 +0100)]
imf: fix no newline at end of file [-Wnewline-eof]

Change-Id: Ibddfbb049fdf8510ffc14fbadba7484300821888
Reviewed-on: https://code.wireshark.org/review/19236
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agortp_analysis_dialog.cpp: RTP Stream Analysis dialog shows same SSRC for forward and...
Jiri Novak [Mon, 12 Dec 2016 19:30:29 +0000 (20:30 +0100)]
rtp_analysis_dialog.cpp: RTP Stream Analysis dialog shows same SSRC for forward and reverse stream

Same SSRC is shown because of typo in variable name for reverse stream.

Bug: 13236
Change-Id: Idcba4d83c7b4358cd8ebf1ee5c5b5bde2fc2e48b
Reviewed-on: https://code.wireshark.org/review/19238
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoAdd support for adding unit names to hf_ fields.
Michael Mann [Mon, 12 Dec 2016 00:16:52 +0000 (19:16 -0500)]
Add support for adding unit names to hf_ fields.

This was inspired by the https://www.wireshark.org/lists/wireshark-dev/201505/msg00029.html thread.

Used TCP and NTP dissectors as the guinea pig with sample use.

Documentation updates includes some unrelated cleanup just because it was noticed.

Change-Id: I59b26e1ca3b95e3473e4757f1759d7ad82976965
Reviewed-on: https://code.wireshark.org/review/19211
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago[RTP Analysis] calculate BW correctly whem IPv6 is used.
AndersBroman [Tue, 13 Dec 2016 08:52:31 +0000 (09:52 +0100)]
[RTP Analysis] calculate BW correctly whem IPv6 is used.

Change-Id: Ia53efa57042d199673a77c59491215c0e99c9e84
Reviewed-on: https://code.wireshark.org/review/19235
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agobthci_acl: Set src/dst addresses before reassembly.
Stig Bjørlykke [Sun, 11 Dec 2016 13:18:55 +0000 (14:18 +0100)]
bthci_acl: Set src/dst addresses before reassembly.

Set all addresses before we do reassembly because sub-dissectors may set
their own addresses, and we don't want to override them again.

This fixes "Follow TCP Stream" and shows the correct IP addresses in the
Source and Destination columns when transporting IP packets.

Allocate the addresses in pinfo pool to avoid possible stack buffer overflow.

Bug: 13230
Change-Id: I3b81ccb02b38331add4773d9bb3d5e0f6dcf025e
Reviewed-on: https://code.wireshark.org/review/19201
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
3 years agossh: add dissection for Elliptic Curve Diffie-Hellman KEX
Роман Донченко [Thu, 8 Dec 2016 21:19:25 +0000 (00:19 +0300)]
ssh: add dissection for Elliptic Curve Diffie-Hellman KEX

The protocol is actually nearly identical to ordinary Diffie-Hellman,
but the names are different, and the ephemeral keys are bytestrings
rather than integers.

Change-Id: I261b6426137dae12fe53686e74517080abd80bb3
Reviewed-on: https://code.wireshark.org/review/19210
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoAdd BGP dissector support for draft-ietf-idr-shutdown-01
Arjen Zonneveld [Fri, 2 Dec 2016 12:20:18 +0000 (13:20 +0100)]
Add BGP dissector support for draft-ietf-idr-shutdown-01

Parse the communication bits of a BGP Cease NOTIFICATION:

Border Gateway Protocol - NOTIFICATION Message
    Marker: ffffffffffffffffffffffffffffffff
    Length: 146
    Type: NOTIFICATION Message (3)
    Major error Code: Cease (6)
    Minor error Code (Cease): Administratively Shutdown (2)
    BGP Shutdown Communication Length: 124
    Shutdown Communication: NTT will perform maintenance on this router. This is tracked in TICKET-1-24824294. Contact noc@ntt.net for more information.

Draft at https://tools.ietf.org/html/draft-ietf-idr-shutdown-01, sample
file taken from from http://instituut.net/~job/shutdown.pcap

Change-Id: I2ab633883cc69e560ff79cb6239e02fcffd71e10
Reviewed-on: https://code.wireshark.org/review/19144
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoBluetooth: BTLE: Add new commands parsing
Jakub Pawlowski [Tue, 13 Dec 2016 03:27:58 +0000 (19:27 -0800)]
Bluetooth: BTLE: Add new commands parsing

Add "LE Set Extended Advertising Parameters" and
"LE Set Extended Advertising Parameters" commands parsing.

Change-Id: Ibcc9f145694e54710da3a11ade237f7132674366
Reviewed-on: https://code.wireshark.org/review/19234
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoBuild TRANSUM plugin
Pascal Quantin [Mon, 12 Dec 2016 20:42:14 +0000 (21:42 +0100)]
Build TRANSUM plugin

Add plugin to autofoo and CMake build systems and fix errors found
Add plugin to Windows installer (optional component activated by default)

Change-Id: Id1b777bdee04e53076b3291f6fb68d5abad6985d
Reviewed-on: https://code.wireshark.org/review/19228
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoChange spaces to tab for recent wka entries
David Barrera [Mon, 12 Dec 2016 10:06:42 +0000 (11:06 +0100)]
Change spaces to tab for recent wka entries

Commit 66549a9cacb29abdbb2c6fdaaf8235c4f34f6a13 added 3 new entries to
wka.tmpl, but used spaces instead of the default tab separator. This
inconsistency causes external tools that expect tabs in the manuf file
to behave unexpectedly.

The manuf file was re-generated after the fix to wka.tmpl.

Change-Id: I79bceac649e0fc29b3502fc2e074dcd513f29ff5
Reviewed-on: https://code.wireshark.org/review/19217
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoBluetooth: BTLE: Add BT5.0 command and event name parsing
Jakub Pawlowski [Tue, 13 Dec 2016 01:56:32 +0000 (17:56 -0800)]
Bluetooth: BTLE: Add BT5.0 command and event name parsing

Change-Id: I830551959965896451ddc08f3e843b61f22eed67
Reviewed-on: https://code.wireshark.org/review/19233
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agopacket-infiniband: Update conversation src port for exact lookup
Parav Pandit [Sat, 10 Dec 2016 08:00:09 +0000 (03:00 -0500)]
packet-infiniband: Update conversation src port for exact lookup

Dissectors above infiniband (such as RPC dissector)
performs exact lookup on saddr, daddr, sport, dport. They are unaware
that underlying transport is infiniband which doesn't have src_qp in
packets. Due to which srcport remains uninitialized and exact lookup
fails.
In order to get them work seemlessly, this fix updates the sport
to src_qp (similar to destport to dest_qp). With this upper level
dissectors can perform direct lookup similar to TCP. Those which need to
access private data of unidirectional CM messages, can still continue to
perform unidirectional lookup as before.

It also fixes the issue where req_qp and resp_qp were swapped during
bidirectional conversation creation. This was caught during testing with
packet-rpc.c by Chuck Lever.

Tested protocols:
1. nfs-rdma over Infiniband with trace of Bug 13213
2. ICMP packets over Infiniband
3. NVMe fabrics over RDMA
Tested with trace of Bug 13201 for Nvme.

Bug: 13202
Bug: 13213
Change-Id: Ica1b6aae3ccaa6642dc3b3edfa9a5a4c335cc5da
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19190
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUpdate to WinSparkle 0.5.3.
Gerald Combs [Thu, 8 Dec 2016 17:41:47 +0000 (09:41 -0800)]
Update to WinSparkle 0.5.3.

Update our WinSparkle package to 0.5.3. This fixes a file deletion bug.
Note that WinSparkle now supports application shutdown callbacks, which
should let us fix bugs 9687 and 12989.

Bug: 13217
Change-Id: I4b5f325c6dc251ce167f7bd344bbf3ca5ad3fe14
Reviewed-on: https://code.wireshark.org/review/19230
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRemove some GtkCList comments and code.
Gerald Combs [Mon, 12 Dec 2016 22:03:25 +0000 (14:03 -0800)]
Remove some GtkCList comments and code.

Remove some comments and hopefully-no-longer-necessary code specific to
GtkCList.

Change-Id: Ib62387f87e662798afba282cf95cbd215d60075e
Reviewed-on: https://code.wireshark.org/review/19227
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agortp_player_dialog.cpp: fix usage of unsupported method QComboBox::setCurrentText...
Jiri Novak [Mon, 12 Dec 2016 12:26:53 +0000 (13:26 +0100)]
rtp_player_dialog.cpp: fix usage of unsupported method QComboBox::setCurrentText with Qt4.x

QComboBox::setCurrentText() method is available in Qt5.x.
Older versions code won't compile with it.

Bug: 13235
Change-Id: Ia2e2713fefe0f2be01a0b77ff1ac39c9162fd0d1
Reviewed-on: https://code.wireshark.org/review/19219
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoMove the declaration of packet_list_select_last_row() to ui/gtk/packet_list.h.
Guy Harris [Mon, 12 Dec 2016 21:12:26 +0000 (13:12 -0800)]
Move the declaration of packet_list_select_last_row() to ui/gtk/packet_list.h.

It's GTK+-only, so it shouldn't be in ui/ui_util.h.  Get rid of the
unused Qt packet list implementation of it.

Change-Id: Ia9f8fe2209939dff5244e6948c36f29509340f68
Reviewed-on: https://code.wireshark.org/review/19226
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGet rid of some GTK+-only routines in file.c.
Guy Harris [Mon, 12 Dec 2016 20:57:12 +0000 (12:57 -0800)]
Get rid of some GTK+-only routines in file.c.

Just directly call the packet_list_select_ routine from the GTK+ code.

Change-Id: I9146fb968c407d6186b146a86aa34678765f7352
Reviewed-on: https://code.wireshark.org/review/19225
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMark routines GTK+ only.
Gerald Combs [Mon, 12 Dec 2016 20:34:26 +0000 (12:34 -0800)]
Mark routines GTK+ only.

Mark packet_list_select_last_row and cf_goto_bottom_frame GTK+ only.

Change-Id: I158814c2fa8c5fa8021b7156dded0945535c978a
Reviewed-on: https://code.wireshark.org/review/19223
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoDo not set Qt Window focus when highlighting rows
D. Ulis [Sun, 11 Dec 2016 23:52:26 +0000 (18:52 -0500)]
Do not set Qt Window focus when highlighting rows

Bug: 11890
Change-Id: I372f096c1ac0e483bf49cf95831e3df43621a642
Reviewed-on: https://code.wireshark.org/review/19209
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years ago[RTP] In case no conversation is found, check if we have a dissecor for
AndersBroman [Mon, 12 Dec 2016 13:21:03 +0000 (14:21 +0100)]
[RTP] In case no conversation is found, check if we have a dissecor for
the dynamic payload type defined. If so set the dynamic
payload_type_string to that dissectors name.

This is for RTP analysis to work if there is no setup information in the
file.

Change-Id: I7ae7b957cfa9eb6013f7d32d50563e2034210af6
Reviewed-on: https://code.wireshark.org/review/19220
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRename non-EBCDIC-specific routines.
Guy Harris [Mon, 12 Dec 2016 08:19:44 +0000 (00:19 -0800)]
Rename non-EBCDIC-specific routines.

Those routines can handle any single-byte character set whose characters
map to characters in the Basic Multilingual Plane; it could be used for
extended ASCII, but we have another routine for that, mapping only
characters with code points > 0x7f, so we just say "nonascii" rather
than "ebcdic".

Change-Id: I3d55b5d58e3e7ab08f3dfbfdb57a0301a30e71d4
Reviewed-on: https://code.wireshark.org/review/19214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUpdate for library changes.
Guy Harris [Mon, 12 Dec 2016 08:06:35 +0000 (00:06 -0800)]
Update for library changes.

Change-Id: Ibe63e79a2865c53be0aafbf1b53103267a502b7a
Reviewed-on: https://code.wireshark.org/review/19213
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoFix handling of EBCDIC string fields.
Guy Harris [Mon, 12 Dec 2016 05:49:14 +0000 (21:49 -0800)]
Fix handling of EBCDIC string fields.

Have a routine that takes a 256-element translation table and uses it to
map various flavors of EBCDIC to Unicode.  Have separate translation
tables for "common" EBCDIC (everything that's the same in all EBCDIC
code pages that include the original EBCDIC characters) and EBCDIC code
page 037.  Add ENC_EBCDIC_CP037 for code page 037.

Change-Id: Ia882b3c0abef9e30eb54cd47396e6fa0d6342044
Reviewed-on: https://code.wireshark.org/review/19212
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agossh: correct inaccurate field names/abbrevs/id variable names
Роман Донченко [Sun, 11 Dec 2016 00:21:52 +0000 (03:21 +0300)]
ssh: correct inaccurate field names/abbrevs/id variable names

* kex_first_packet_follows -> first_kex_packet_follows
  That's the name the spec (RFC 4253) uses.

* DH H signature -> H signature, DH host key -> host key
  Neither the host key nor the H signature have much to do
  with Diffie-Hellman. They're used in the same way in
  every key exchange method that I know of, so their names
  should be more generic.

* mpint_[ef] -> dh_[ef], mpint_[pg] -> dh_gex_[pg]
  This is to make all key exchange method-specific fields follow
  a consistent pattern with all names/abbrevs being prepended
  by the method name.

Change-Id: Ic887fb92d8cbb6042e9b8e553cb5804db0ba4db8
Reviewed-on: https://code.wireshark.org/review/19199
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agosmb/tftp: fix no previous prototype for ‘tftp/smb_eo_cleanup’ [-Wmissing-prototypes]
Alexis La Goutte [Sun, 11 Dec 2016 20:00:06 +0000 (21:00 +0100)]
smb/tftp: fix no previous prototype for ‘tftp/smb_eo_cleanup’ [-Wmissing-prototypes]

Change-Id: I22ce7c49eab9232d38ace51a39fee098786f981d
Reviewed-on: https://code.wireshark.org/review/19206
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years ago[Automatic update for 2016-12-11]
Gerald Combs [Sun, 11 Dec 2016 16:12:37 +0000 (08:12 -0800)]
[Automatic update for 2016-12-11]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Ie1a890ea3d5cfab844bc486806303e0ea4417ec3
Reviewed-on: https://code.wireshark.org/review/19203
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoCleanup dissection of endpoint addresses.
Guy Harris [Sun, 11 Dec 2016 04:18:26 +0000 (20:18 -0800)]
Cleanup dissection of endpoint addresses.

All the pseudo-headers encode the endpoint as per a bEndpointAddress in
sections 9.6.6 "Endpoint" of the USB 2.0 spec and the USB 3.1 spec, with
a 4-bit endpoint number at the bottom and a 1-bit direction at the top
with 0 = OUT and 1 = IN.

Show the FreeBSD endpoint address the same way the other endpoint
addresses are shown; the FreeBSD one is shown as a 4-byte little-endian
value, but only the low-order (first) byte is used, so just show that
byte.

Call that field the "endpoint address", with the lower 4 bits being the
"endpoint number" and the uppermost bit the "endpoint direction".

Change-Id: Ic7358c7fb6b6df2502315b590eb5178cecb321d9
Reviewed-on: https://code.wireshark.org/review/19200
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agossh: remove uninformative blurbs
Роман Донченко [Sat, 10 Dec 2016 23:40:27 +0000 (02:40 +0300)]
ssh: remove uninformative blurbs

For most of the fields, the blurb is just the name with "SSH" prepended,
which is not particularly useful. Replace a few of them with more
informative descriptions and remove the rest.

Change-Id: I15e95a42e897d09d3b6334022b32dd36f29e86a4
Reviewed-on: https://code.wireshark.org/review/19198
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoAdd a preference to control whether string and byte lengths appear in protocol tree
Martin Mathieson [Fri, 9 Dec 2016 22:40:59 +0000 (14:40 -0800)]
Add a preference to control whether string and byte lengths appear in protocol tree

Change-Id: I6be13d9adb8871cbbf4604155e8e7175a74ddaa3
Reviewed-on: https://code.wireshark.org/review/19188
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dmitry Lazurkin <dilaz03@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
3 years agogsmtap: Introduce a new packet-gsmtap.h header file
Harald Welte [Fri, 9 Dec 2016 18:21:13 +0000 (13:21 -0500)]
gsmtap: Introduce a new packet-gsmtap.h header file

Move the GSMTAP protocol related #defines to packet-gsmtap.h, as there
are other dissectors (like packet-gsm_sim.c and future dissectors) need
access to some of those #defines.

Change-Id: Ibb3517bd773be63b7e3cd30104a5351427e22ebf
Reviewed-on: https://code.wireshark.org/review/19185
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoInitialize fd_head->frame in all cases where we allocate fd_head.
Guy Harris [Sat, 10 Dec 2016 18:37:07 +0000 (10:37 -0800)]
Initialize fd_head->frame in all cases where we allocate fd_head.

Also, sort the initializations of structure members by the order in the
structure, to make it easier to check that we've initialized them all.

Bug: 13231
Change-Id: Id2819940d916a5fd5a3f1bf2fc20bd3ee34a75f4
Reviewed-on: https://code.wireshark.org/review/19195
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Avoid infinite recursion in ExtcapArgument::loadValues
Stig Bjørlykke [Sat, 10 Dec 2016 12:07:06 +0000 (13:07 +0100)]
Qt: Avoid infinite recursion in ExtcapArgument::loadValues

If configuring a extcap "value" sentence with {value=} then loadValues()
must not run in a infinite recursion trying to find it's children.

Change-Id: Ic2577b31d9312e8f6a099c4fe7c0672e801dbc89
Reviewed-on: https://code.wireshark.org/review/19192
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
3 years agossh: organize header field IDs
Роман Донченко [Thu, 8 Dec 2016 22:04:39 +0000 (01:04 +0300)]
ssh: organize header field IDs

The header field ID variables are listed in a somewhat chaotic order,
making the list hard to comprehend and update. Group them according
to the part of the protocol the corresponding fields occur in, and
order the groups and the IDs within groups to roughly match
the protocol flow and message formats.

Change-Id: I915f508fd78ff89819c96d246c79d335de6a172e
Reviewed-on: https://code.wireshark.org/review/19154
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoBoost the max CPU time.
Guy Harris [Sat, 10 Dec 2016 03:27:58 +0000 (19:27 -0800)]
Boost the max CPU time.

See if that lets the big file from bug 13226 pass the test under
Valgrind.

Change-Id: I76eb0c18809289e3b14ff8071402c31f70d93d42
Ping-Bug: 13226
Reviewed-on: https://code.wireshark.org/review/19189
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years ago[ICMP] use abs() in detecting timestamp heuristics
Michael Mann [Fri, 9 Dec 2016 02:41:58 +0000 (21:41 -0500)]
[ICMP] use abs() in detecting timestamp heuristics

The code was making the assumption that the ICMP data time will always
be greater than or equal to the frame time, but not earlier, but that
is not always the case and the heuristics can fail.

Bug: 13161
Change-Id: I4bc7bd8d22d717d3b1f08afdd651f8a70cb7aef2
Reviewed-on: https://code.wireshark.org/review/19157
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago[RTP] Don't call p_get_proto_data() twice
AndersBroman [Fri, 9 Dec 2016 14:43:30 +0000 (15:43 +0100)]
[RTP] Don't call p_get_proto_data() twice

Change-Id: Ie13e23232e183818b813e391274d75415b3fee83
Reviewed-on: https://code.wireshark.org/review/19181
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-windows-common.h: Fix "Warning: this decimal constant is unsigned only in...
Thomas Dreibholz [Fri, 9 Dec 2016 15:34:42 +0000 (10:34 -0500)]
packet-windows-common.h: Fix "Warning: this decimal constant is unsigned only in ISO C90"

Bug: 12824
Change-Id: I4b857f3cc488867d8ee7487c1f978edf639988f8
Reviewed-on: https://code.wireshark.org/review/19182
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoui: move filesystem code to wsutil/filesystem.c
Dario Lombardo [Fri, 9 Dec 2016 10:46:20 +0000 (11:46 +0100)]
ui: move filesystem code to wsutil/filesystem.c

This function can be used by code outside ui (eg. extcap).

Ping-Bug: 13218
Change-Id: Ic11f7acebefeaf777692df044ebff9b1bc387aa3
Reviewed-on: https://code.wireshark.org/review/19178
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago[RTP]Rearrange the logic in process_rtp_payload() to make it a bit clearer
AndersBroman [Fri, 9 Dec 2016 12:04:28 +0000 (13:04 +0100)]
[RTP]Rearrange the logic in process_rtp_payload() to make it a bit clearer
what happens.

Change-Id: Ib64c127ef5e2ba3fe57301c7ac7c75fd1d0e0d27
Reviewed-on: https://code.wireshark.org/review/19176
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSet a Libgcrypt log handler on Windows.
Gerald Combs [Thu, 8 Dec 2016 23:16:00 +0000 (15:16 -0800)]
Set a Libgcrypt log handler on Windows.

Libgcrypt prints all log messages to stderr by default. On Windows the
slow_gatherer routine logs

    NOTE: you should run 'diskperf -y' to enable the disk statistics

if DeviceIoControl(..., IOCTL_DISK_PERFORMANCE, ...) fails. We don't
depend on cryptographically secure random numbers and the message is
needlessly confusing. Add a log handler that ignores less-severe messages.

Change-Id: If40a691ea380364457dfdf126b9bf33ac2672d3a
Reviewed-on: https://code.wireshark.org/review/19155
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoextcap: add new option type (timestamp).
Dario Lombardo [Wed, 9 Nov 2016 12:56:12 +0000 (13:56 +0100)]
extcap: add new option type (timestamp).

Bug: 12787
Change-Id: I941833c55fb607c8af2ef832082af58d7b94e965
Reviewed-on: https://code.wireshark.org/review/18721
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agotransum: plugin code
Paul Offord [Mon, 3 Oct 2016 08:09:18 +0000 (09:09 +0100)]
transum: plugin code

A plugin to calculate response, service and spread time values based on
the RTE model.

Bug: 12892
Change-Id: I47d7e5354fc269916851a318fef10b826897eaf8
Reviewed-on: https://code.wireshark.org/review/17750
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years ago.mailmap: Update (of november)
Alexis La Goutte [Sun, 13 Nov 2016 17:47:28 +0000 (18:47 +0100)]
.mailmap: Update (of november)

Change-Id: I643825baa09bf1b6b54515dc109669c0cb1e2cd7
Reviewed-on: https://code.wireshark.org/review/18800
Reviewed-by: Franklin Mathieu <snaipe@diacritic.io>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoextcap: Whitespace cleanup.
Stig Bjørlykke [Wed, 7 Dec 2016 18:59:53 +0000 (19:59 +0100)]
extcap: Whitespace cleanup.

Cleanup code to use uniform whitespace to make it more readable.
Also added brackets to unbracketed one line conditional statements.

This was done using "astyle -A1cHjk3pU".

Change-Id: Iebe96c488c843ce1d790ede0016eb9df025e98a5
Reviewed-on: https://code.wireshark.org/review/19133
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoFix a mis-merging.
Guy Harris [Thu, 8 Dec 2016 20:34:59 +0000 (12:34 -0800)]
Fix a mis-merging.

Also, remove the "make sure we're not fetching a bogus structure" tests.

Add a comment explaining how a compiler bug where it's overly optimizing
a combination of tests could cause the valgrind errors we were seeing,
so we're zeroing the entire structure, padding included, to avoid that.

Change-Id: I24f94b2cbceec5234c1da82b891f609648075839
Reviewed-on: https://code.wireshark.org/review/19149
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agotns: reduce variable scope.
Dario Lombardo [Thu, 8 Dec 2016 14:46:59 +0000 (15:46 +0100)]
tns: reduce variable scope.

Change-Id: Ie187692143b5866bb52b7daf1def2e36ce202a86
Reviewed-on: https://code.wireshark.org/review/19146
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years ago[GTP] Add dissection of Extended Common Flags II IE
AndersBroman [Thu, 8 Dec 2016 12:50:42 +0000 (13:50 +0100)]
[GTP] Add dissection of Extended Common Flags II IE
while at it extend IE value_strings.

Change-Id: Iea592aca088384c381843be7255922db2ade393a
Reviewed-on: https://code.wireshark.org/review/19145
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agosdp: decode pt for more RTP transport protocols
Peter Wu [Wed, 7 Dec 2016 23:24:05 +0000 (00:24 +0100)]
sdp: decode pt for more RTP transport protocols

Do not just decode the payload type for RTP/AVP, but also all RTP
transport types.

Add RTP/AVPF (same as normal RTP/AVP, but with additional RTCP formats).
Similarly, add RTP/SAVPF and the two DTLS variants. Add references to
the relevant specifications and order per IANA registry.

Tested with dtls-srtp-ws-sip.pcapng, now the payload types under the
"m=" tree have names and frames that were previously reported as RTP
show up as SRTP. Frame 442 now shows "Encrypted RTCP Payload" warning
instead of decoding it as garbage.

Change-Id: I06893f385ec270391f8891e72a364d08d2354a0a
Ping-Bug: 13193
Reviewed-on: https://code.wireshark.org/review/19139
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoQt: Fix currentOutputDeviceName() without QtMultimedia
Michal Labedzki [Thu, 8 Dec 2016 07:14:14 +0000 (08:14 +0100)]
Qt: Fix currentOutputDeviceName() without QtMultimedia

Fix build error:
ui/qt/moc_rtp_player_dialog.cxx:87:76: error: ‘currentOutputDeviceName’ was not declared in this scope
         case 0: *reinterpret_cast< QString*>(_v) = currentOutputDeviceName(); break;

Change-Id: I065862540e775c3e965cb5d3ae4c53bd8d505bdd
Reviewed-on: https://code.wireshark.org/review/19142
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRevert "Revert "Don't use a local variable's address in set_address().""
Guy Harris [Thu, 8 Dec 2016 09:07:13 +0000 (09:07 +0000)]
Revert "Revert "Don't use a local variable's address in set_address().""

This reverts commit 92a2c184b09ce41a1ab717963750bb5543099742.

Actually, that address *is* attached to a pinfo structure.

Change-Id: I183135f9cf10a6714045091d2ae02d2799093bae
Reviewed-on: https://code.wireshark.org/review/19143
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agopacket-rpcrdma: Select correct size of transport header
Chuck Lever [Sat, 12 Nov 2016 19:40:31 +0000 (14:40 -0500)]
packet-rpcrdma: Select correct size of transport header

Nit: Make it easier to see the transition between the end of the
RPC-over-RDMA transport header and the start of the RPC header.
Calculate the selection size of the RPC-over-RDMA header
properly, including the size of the chunk lists.

Change-Id: I84bc7d970a95e8f50a21a45ded386322711b6512
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19034
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoFix ZigBee End Device Timeout enumeration
Chris Brandson [Wed, 7 Dec 2016 22:36:17 +0000 (14:36 -0800)]
Fix ZigBee End Device Timeout enumeration

Value 1 incorrect. Remaining enumerations correct

Change-Id: I31939fabded6c4eab13c5b61bbdd4f61b962f0e0
Reviewed-on: https://code.wireshark.org/review/19137
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRevert "Don't use a local variable's address in set_address()."
Guy Harris [Wed, 7 Dec 2016 22:50:49 +0000 (22:50 +0000)]
Revert "Don't use a local variable's address in set_address()."

This reverts commit e2c26ff90c6aee381c3af0c33253dcfa5631bb43.

*That* address isn't attached to a pinfo structure, it's used to create a conversation, and a copy is made of it, using file scope.  So that's not the cause of this problem.

Change-Id: I07ce091e678c42c30080cd00fd17cd1584f473ad
Reviewed-on: https://code.wireshark.org/review/19138
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDon't use a local variable's address in set_address().
Guy Harris [Wed, 7 Dec 2016 22:21:09 +0000 (14:21 -0800)]
Don't use a local variable's address in set_address().

The address data is supposed to outlive the current routine's scope, so
you can't pass it a pointer to an argument to the routine; you have to
allocate pinfo-scoped memory and copy the variable to that.

Bug: 13219
Change-Id: Id3fdb52b614036d4d24d0676e798a2524fbe916c
Reviewed-on: https://code.wireshark.org/review/19136
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRevert "Temporarily break up complicated expression into a bunch of separate ifs."
Peter Wu [Tue, 6 Dec 2016 16:31:32 +0000 (16:31 +0000)]
Revert "Temporarily break up complicated expression into a bunch of separate ifs."

This reverts commit db7c6286169015a727024e86eb270722127125bb.

As pointed out in bug 13044, the warning is really coming from checking
"cops_call->solicited", no need to expand the whole expression.

Ping-Bug: 13044
Change-Id: Ib376ce6d0ec9fcf896e6081adae7664f19d9f759
Reviewed-on: https://code.wireshark.org/review/19115
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: don't append a second extension to save file names
Роман Донченко [Tue, 6 Dec 2016 22:14:39 +0000 (01:14 +0300)]
Qt: don't append a second extension to save file names

When checking if the file already has one of the possible extensions,
MainWindow::fileAddExtension reuses file_suffix between iterations and
appends to it each time, so it ends up checking for the wrong suffix for all
extensions except the first one. Scope file_suffix to the for loop to
fix that.

Change-Id: Idbc5a619a4793d8c477bfd88305cdb44ea844e13
Reviewed-on: https://code.wireshark.org/review/19123
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoThe version lists are sequences of 1-byte integers, not strings.
Guy Harris [Wed, 7 Dec 2016 19:50:10 +0000 (11:50 -0800)]
The version lists are sequences of 1-byte integers, not strings.

Show each version in the list independently as an item.

Perhaps the Set Protocol response version lists seen have only one
version, but the presence of a version-0 terminator suggests that it
could contain multiple versions, so dissect it as such.

For FT_STRINGZ values, let proto_tree_add_item() determine the length -
pass a length of -1.  If we need the length, use
proto_tree_add_item_ret_length().

Change-Id: I5954ccac34f9e462c6d43e9a213974cf818f4d0d
Reviewed-on: https://code.wireshark.org/review/19134
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Fixup the currentOutputDeviceName Q_PROPERTY.
Gerald Combs [Wed, 7 Dec 2016 17:58:28 +0000 (09:58 -0800)]
Qt: Fixup the currentOutputDeviceName Q_PROPERTY.

The CONSTANT attribute indicates that the same value will be returned
every time. That isn't the case here so remove it.

Change-Id: Ie7451e6aabcb4fa1a6960762d96ad190f32b3d7a
Reviewed-on: https://code.wireshark.org/review/19130
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoextcap: Separate dirname and file with G_DIR_SEPARATOR_S.
Stig Bjørlykke [Wed, 7 Dec 2016 18:02:06 +0000 (19:02 +0100)]
extcap: Separate dirname and file with G_DIR_SEPARATOR_S.

Change-Id: I9e1e9b1a10a15ca95519392a7a19ba77f460141e
Reviewed-on: https://code.wireshark.org/review/19131
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-tns: add Set Protocol dissection.
Alexandr Savca [Sat, 3 Dec 2016 14:42:23 +0000 (16:42 +0200)]
packet-tns: add Set Protocol dissection.

Set Protocol is a SQLNET (NET8) message of Data packet type. At the
moment, request message is fully implemented, response partly.

Also, remove unused href entry(s).

Change-Id: I1814ce867cf4f03fa70f05552bfe870ed8f7737c
Reviewed-on: https://code.wireshark.org/review/19051
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoBluetooth: SMP: Use bitmask fields
Michal Labedzki [Tue, 6 Dec 2016 08:10:52 +0000 (09:10 +0100)]
Bluetooth: SMP: Use bitmask fields

And try to improve column output readability by using
separators.

Change-Id: I274f47275519c2a87def483f8f857a98edc341d1
Reviewed-on: https://code.wireshark.org/review/19109
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoFix: Allocate new string for export object entry to prevent crash when memory is...
bwhitn [Wed, 7 Dec 2016 15:32:31 +0000 (07:32 -0800)]
Fix: Allocate new string for export object entry to prevent crash when memory is freed

Change-Id: Ied9f267b28144ea6069388d2d739d07955642863
Reviewed-on: https://code.wireshark.org/review/19129
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-rpcrdma: Fix selection size in chunk list dissectors
Chuck Lever [Tue, 6 Dec 2016 16:25:59 +0000 (11:25 -0500)]
packet-rpcrdma: Fix selection size in chunk list dissectors

Use proto_item_set_len instead of walking the packet ahead of time
trying to compute the size.

Change-Id: I5eb3da1fef45895853cb5b6b198d0310394e4176
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19120
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRTCP: Bugfix MS Video Source Request dissection
Michael Mann [Wed, 7 Dec 2016 02:19:01 +0000 (21:19 -0500)]
RTCP: Bugfix MS Video Source Request dissection

Bug: 13212
Change-Id: I249d38e843f737bbd0773828f24980d148fbaa00
Reviewed-on: https://code.wireshark.org/review/19126
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agosdp: replace bitmask by enum for transport protocol
Peter Wu [Tue, 6 Dec 2016 23:06:23 +0000 (00:06 +0100)]
sdp: replace bitmask by enum for transport protocol

Previously the bitmask also stored whether the type of media (video) and
address type (IPv4/IPv6). Now that these are gone, it makes more sense
to use enums.

There is no functional change (only debugging output is different).

Change-Id: Idc9659cd21e36489a3f5720bbf13640c4beecc02
Reviewed-on: https://code.wireshark.org/review/19124
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoThrow in another tweak to check for uninitialized cops_call_t structures.
Guy Harris [Tue, 6 Dec 2016 21:37:45 +0000 (13:37 -0800)]
Throw in another tweak to check for uninitialized cops_call_t structures.

Temporariy add a "magic" field, initialize it when we allocate it, and
whenever we fetch a structure from the array, make sure the "magic"
field has the right value.

(If this all turns out to be a valgrind bug, I'm not going to be very
happy.)

Change-Id: I29becc715367fdc305504b38d48be05dc516132a
Reviewed-on: https://code.wireshark.org/review/19128
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agopacket-rpcrdma: Prepare dissector for RPC-over-RDMA on iWARP or RoCE
Chuck Lever [Fri, 11 Nov 2016 22:35:58 +0000 (17:35 -0500)]
packet-rpcrdma: Prepare dissector for RPC-over-RDMA on iWARP or RoCE

Remove the Infiniband-centric QP filtering. This filtering attempted
to create conversations to allow the heuristic dissector to be
bypassed once it was established that a QP was carrying
RPC-over-RDMA traffic.

However, it was preventing proper identification of RPC-over-RDMA
traffic when a CM connection establishment exchange doesn't appear
in the capture (which is frequently the case for captures of NFS
traffic).

Also, without this conversation logic, loading a capture file
appears to be significantly faster, at least for capture files
I have on hand.

Later, some form of conversation management will be needed in
order to associate RPC-over-RDMA transport headers with
RDMA Read and Write operations that go along with them. But it
will need to be agnostic about the underlying link layer.

Bug: 13199
Bug: 13202
Change-Id: Ie6b7a4c65979dac036306f7367ce18836713ab4d
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19032
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-tns: add TNS_TYPE_DATA functions dissection.
Alexandr Savca [Sat, 3 Dec 2016 13:36:51 +0000 (15:36 +0200)]
packet-tns: add TNS_TYPE_DATA functions dissection.

Those functions also known as NET8 commands or SQLNET layer of TNS protocol.
Also added a lot of sub-functions for one NET8 command, also known as OCI
(Oracle Call Interface).

Do other cleanup while in the neighbor hood including:
1. Use proto_tree_add_bitmask where applicable
2. Remove individual "hidden" command fields. Filtering should use "tns.type"
3. Remove unnecessary if (tree)s

Change-Id: Ib7cc5cf307179d5d252c334949a4e77d9d396ba4
Reviewed-on: https://code.wireshark.org/review/19050
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoreformatted IMF export objects
bwhitn [Tue, 6 Dec 2016 18:58:17 +0000 (10:58 -0800)]
reformatted IMF export objects

Change-Id: I3d8da3f481d6808d374c2a906652370a46a4c088
Reviewed-on: https://code.wireshark.org/review/19121
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Moshe Kaplan <me@moshekaplan.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoChange SpanDSP capitalization
Pascal Quantin [Tue, 6 Dec 2016 19:49:12 +0000 (20:49 +0100)]
Change SpanDSP capitalization

Many capitalization can be found for this library (spandsp, Spandsp, SpanDSP),
let's use the one found in the library README and in its spec file.

Change-Id: Ia66b723e5d582a6218da1b6366b7d4859272f80c
Reviewed-on: https://code.wireshark.org/review/19122
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agocops: try to avoid uninitialized warning error
Peter Wu [Tue, 6 Dec 2016 16:46:09 +0000 (17:46 +0100)]
cops: try to avoid uninitialized warning error

Valgrind 3.11.0 on the Ubuntu 16.04 buildbot reports that
cops_call->solicited is not initialized:

    pdus_array = (GPtrArray *)wmem_map_lookup(cops_conv_info->pdus_tree, GUINT_TO_POINTER(handle_value));
    /* ... */
    for (i=0; i < pdus_array->len; i++) {
        cops_call = (cops_call_t*)g_ptr_array_index(pdus_array, i);
        if ( /* ... */
        ( (cops_call->op_code == COPS_MSG_KA && !(cops_call->solicited)) &&
                                                  ^^^^^^^^^^^^^^^^^^^^

which is clearly bogus since the only place where cops_call could be
created is a few lines up:

    ver_flags = tvb_get_guint8(tvb, offset);
    is_solicited = (lo_nibble(ver_flags) == 0x01);
    /* ... */
    pdus_array = (GPtrArray *)wmem_map_lookup(cops_conv_info->pdus_tree, GUINT_TO_POINTER(handle_value));
    if (pdus_array == NULL) {
        pdus_array = g_ptr_array_new();
        wmem_map_insert(cops_conv_info->pdus_tree, GUINT_TO_POINTER(handle_value), pdus_array);
    }
    /* ... */
    cops_call = wmem_new(wmem_file_scope(), cops_call_t);
    cops_call->op_code = op_code;
    cops_call->solicited = is_solicited;
    /* ... */
    g_ptr_array_add(pdus_array, cops_call);

Try to zero the whole structure to avoid this bogus warning.

Change-Id: I1ec4d23e99c987849af580a1c8134610c383e55e
Ping-Bug: 13044
Ping-Bug: 13203
Reviewed-on: https://code.wireshark.org/review/19119
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoBluetooth: SMP: Indicate when keys are Debug
Michal Labedzki [Wed, 9 Nov 2016 15:34:34 +0000 (16:34 +0100)]
Bluetooth: SMP: Indicate when keys are Debug

Debug mode keys are described by Bluetooth Core4 specification.
Inform user if any of keys are debug. Debug mode is only if both
keys are debug.

Change-Id: Id7f58c2445614dc386a67b91cbe6f78ffbeda880
Reviewed-on: https://code.wireshark.org/review/19083
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoQt: Make the RTP player output device selectable.
Gerald Combs [Fri, 2 Dec 2016 23:52:02 +0000 (15:52 -0800)]
Qt: Make the RTP player output device selectable.

Add a combobox for selecting the output device and populate it with our
available devices. Let the user know if our output format isn't
supported.

Ping-Bug: 13105
Change-Id: I299c7d0f191bb66d93896338036000e2c377781f
Reviewed-on: https://code.wireshark.org/review/19046
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoBluetooth: SMP: Dissect remaining Key Distribution bits
Michal Labedzki [Thu, 27 Oct 2016 11:51:05 +0000 (13:51 +0200)]
Bluetooth: SMP: Dissect remaining Key Distribution bits

Add "Linkkey" and "Reserved" fields.

Change-Id: I21a23824348500bbcf8366c947fe2d6599b015d4
Reviewed-on: https://code.wireshark.org/review/19081
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-rpcrdma: Add filter variable for Write chunk segment count
Chuck Lever [Mon, 5 Dec 2016 02:47:57 +0000 (21:47 -0500)]
packet-rpcrdma: Add filter variable for Write chunk segment count

Allow the Write segment count field to be selected and filtered on.
In many Write chunks there is just one segment. However in some
special cases there can be multiple segments in a Write or Reply
chunk.

Change-Id: Ic4a4104e3a44bf4f2c96e4e5353a10e7547350c9
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19102
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoAdd udpdump to the macOS package.
Gerald Combs [Tue, 6 Dec 2016 16:53:10 +0000 (08:53 -0800)]
Add udpdump to the macOS package.

Change-Id: I9d16a8291efdd564a905b2f8bc1ded4fa1aa718d
Reviewed-on: https://code.wireshark.org/review/19118
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agocodecs: Add support for G.722 and G.726
Peter Wu [Wed, 23 Nov 2016 23:27:14 +0000 (00:27 +0100)]
codecs: Add support for G.722 and G.726

Integrate the Spandsp library for G.722 and G.726 support. Adds support
for G.722 and all eight variants of G.726.

Note: this also fixes a crash in Qt (buffer overrun, reading too much
data) caused by confusion of the larger output buffer (resample_buff)
with the smaller input buffer (decode_buff). It was not triggered before
because the sample rate was always 8k, but with the addition of the new
codecs, a different sample rate became possible (16k).

Fix also a crash which occurs when the RTP_STREAM_DEBUG macro is enabled
and the VOIP Calls dialog is opened (the begin frame, start_fd, is not
yet known and therfore a NULL dereference could occur).

Passes testing (plays normally without bad RTP timing errors) with
SampleCaptures files: sip-rtp-g722.pcap and sip-rtp-g726.pcap. Tested
with cmake (Qt), autotools (Qt and GTK+) with ASAN enabled.

Bug: 5619
Change-Id: I5661908d193927bba50901079119eeff0c04991f
Reviewed-on: https://code.wireshark.org/review/18939
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoAutotools: Disable Qt4 on macOS.
Gerald Combs [Fri, 2 Dec 2016 19:36:45 +0000 (11:36 -0800)]
Autotools: Disable Qt4 on macOS.

Add a check for macOS+Qt4 to configure.ac in order to roughly match the
CMake behavior in ge858829.

Change-Id: I37de95d5db515d28dd88f13d818531bf6e94d07e
Reviewed-on: https://code.wireshark.org/review/19036
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoSDP: Fix compiler warning
Michael Mann [Thu, 22 Sep 2016 17:36:44 +0000 (13:36 -0400)]
SDP: Fix compiler warning

Change-Id: I5d415ba9ce7ae62eff43d47ceaa96e6282eaad1a
Reviewed-on: https://code.wireshark.org/review/19113
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoDOF: fix UAT update callbacks
Pascal Quantin [Tue, 6 Dec 2016 13:50:09 +0000 (14:50 +0100)]
DOF: fix UAT update callbacks

- update callback must return a boolean to indicate success / failure
- error message must be allcoated in glib memory as GUI will g_free it

Bug: 13209
Change-Id: Ibb9690034d66dae85e775d0010aadeb192c76b4a
Reviewed-on: https://code.wireshark.org/review/19111
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoBluetooth: Sync "Classic" color rules
Michal Labedzki [Fri, 28 Oct 2016 06:26:12 +0000 (08:26 +0200)]
Bluetooth: Sync "Classic" color rules

Change-Id: Ic64f9b71eba4ba8c79c28e10fe4eac983ca98f22
Reviewed-on: https://code.wireshark.org/review/19085
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
3 years agosdp: refactor session/media level handling of attributes
Peter Wu [Sun, 4 Dec 2016 23:43:02 +0000 (00:43 +0100)]
sdp: refactor session/media level handling of attributes

The media_count meaning is horrendous. -1 means "none", a count of "0"
actually means "1". This led to various bugs in the past, so just rip it
out and use a (wmem) array from which the length can be determined.

That also means that a hard-coded limit on the media can now easily be
lifted without affecting the size of the transport_info_t structure.
(This limit, SDP_MAX_RTP_CHANNELS,  is unchanged in this patch though.)

Refactor the SDP dissector such that:

 - Media and related attributes are no longer a bunch of fixed array
   fields, but grouped in one structure. This results in the largest
   changes all over the place since "transport_info->media[n]" is now
   transformed into "media_desc->media" where "media_desc" is an element
   of the "transport_info->media_descriptions" wmem array.
 - Simplify protocol (in "m=") parsing (lots of ifs -> array + loop).
 - Remove convert_disposable_media and disposable_media_info_t, parse
   fields (media protocol from "m=", connection address from "c=", etc.)
   while parsing the SDP instead of parsing it at the end.
 - Have two distinct structures for keeping the info for the session and
   media level. Emphasize that new media descriptions are inherited from
   session level attributes (via sdp_new_media_description).
 - Delay creation of dynamic payload type information table until we
   actually create the media description. Create function
   clean_unused_media_descriptions to handle the common of freeing
   unused dynamic pt.
 - Remove SDP_IPv4/SDP_IPv6, these are replaced by checking the type
   member of the address structure.

Changes to MSRP part:

 - Move MSRP attributes to the media-level attributes.
 - Remove msrp_transport_address_set attribute, rely on the AT_NONE
   address type for detecting bad addresses.
 - Remove SDP_MSRP_IPv4 check, this never worked as the flag was never
   set. Now it relies on the address family from the host in a=path:.

Tested with these capture files with no change in PDML output nor
improvements/regressions with memleaks (as reported by ASAN):

    capture sip call wireshark 1.8.2.pcap
    NOringback.pcapng
    rtp_not_parsed_by_1_10_1.pcap
    rtsp_interleaved_coreplayer.cap
    SIP_CALL_RTP_G711.pcapng
    srtpincorrectlyselected.pcap
    tdnwifitontwifi_withnatting_clientAbhopati_03082015.pcapng

Change-Id: Ia0dbc63f8bd78cc84dad2e18174540e31b78a80d
Reviewed-on: https://code.wireshark.org/review/19072
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agortp: add function to duplicate rtp_dyn_payload_t
Peter Wu [Mon, 5 Dec 2016 22:00:33 +0000 (23:00 +0100)]
rtp: add function to duplicate rtp_dyn_payload_t

There is no way to iterate through the contents. For a future patch to
the SDP dissector (where the session-level info is copied to the
media-level), it would be nice to duplicate the dynamic payload info.

Change-Id: I79b8349e5e157298a28fc608e20c2c2e03e76400
Reviewed-on: https://code.wireshark.org/review/19106
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoDTLS: add support for use_srtp extension (RFC 5764)
Peter Wu [Wed, 30 Nov 2016 20:43:09 +0000 (21:43 +0100)]
DTLS: add support for use_srtp extension (RFC 5764)

Decryption support will be added later. Tested with
dtls-srtp-ws-sip.pcapng from the linked bug.

Change-Id: Ida1a2da754ef9aef16ad15ff64455b6f8e703ffd
Ping-Bug: 13193
Reviewed-on: https://code.wireshark.org/review/18996
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agossh: add dissection for ECDSA host keys
Роман Донченко [Mon, 5 Dec 2016 19:43:21 +0000 (22:43 +0300)]
ssh: add dissection for ECDSA host keys

Change-Id: Ic9851976bfa25fc61c708ee08e5a26ad01769f06
Reviewed-on: https://code.wireshark.org/review/19097
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoSDP: reduce code duplication
Peter Wu [Sat, 3 Dec 2016 00:20:10 +0000 (01:20 +0100)]
SDP: reduce code duplication

Observe that some code in setup_sdp_transport is effectively the same
code as a part from dissect_sdp with these differences:

 - Removal of these two conditions (setup_sdp_transport already returns
   early when a packet is visited):
    (!pinfo->fd->flags.visited) && (transport_info == &local_transport_info)
 - "establish_frame" in setup_sdp_transport is replaced by "pinfo->num"
   in dissect_sdp.

dissect_sdp further has two additional blocks that add information to
the VoIP calls dialog. This is preserved.

Freeing of the RTP payload information has also been simplified. Instead
of checking it inside the main loop that adds addresses (now moved to a
new function, "apply_sdp_transport"), let the caller do it outside the
loop.

The transformation in this patch is rather mechanical:

 0. Add a comment on what the new function is supposed to do.
 1. Move code from setup_sdp_transport into a new function,
    apply_sdp_transport and reduce indentation level.
 2. Copy all variables to the new function and populate the parameter
    list.
 3. Compile result, remove unused variables that the compiler warns for.
 4. Move freeing of unused media outside the loop to the caller.
 5. Create a new conditional statement before the duplicated loop, which
    checks whether setup_sdp_transport has been used before. (SIP first
    calls setup_sdp_transport, then it invokes the media type dissector
    which calls dissect_sdp to populate the tree.)
 6. Remove the duplicated code from the dissect_sdp loop until only the
    VoIP Calls dialog info remains.

There is no functional change intended.

Change-Id: I928379466af56ef1729cccbf4a5b60895ddb3227
Reviewed-on: https://code.wireshark.org/review/19047
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoSDP: add basic ICE candidate attribute dissection (RFC 5245)
Peter Wu [Wed, 30 Nov 2016 20:57:56 +0000 (21:57 +0100)]
SDP: add basic ICE candidate attribute dissection (RFC 5245)

Dissect the first, fixed part of a=candidate. The candidate type is also
unabbreviated for easier understanding. Tested with
dtls-srtp-ws-sip.pcapng from the linked bug.

Change-Id: I9950c8f066becea86f1fe8e9ffab2dc07ae0f425
Ping-Bug: 13193
Reviewed-on: https://code.wireshark.org/review/18997
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoCIP: Minor enhancements
D. Ulis [Mon, 5 Dec 2016 12:43:03 +0000 (07:43 -0500)]
CIP: Minor enhancements

1. ENIP: Display the CIP Forward Open Request packet number for connected data
2. CIP: Extended Network: Display expert info when the expected bytes does not match actual bytes
3. CIP: Look up more data fields as CIP service or Device Type
4. CIP: Display data as Dec/Hex, depending on how the spec shows things
5. Minor: Pull out common code into load_cip_request_data()
6. Minor: Text corrections

Change-Id: I184ac3899786f650e4d4643a5dfe68bba785d6e0
Reviewed-on: https://code.wireshark.org/review/19092
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-rpcrdma: Clean up Reply chunk dissection
Chuck Lever [Mon, 5 Dec 2016 01:16:59 +0000 (20:16 -0500)]
packet-rpcrdma: Clean up Reply chunk dissection

Display the Reply chunk as a tree, using the same code that the
Write list dissector now uses. Fix up the selection size of the
Reply chunk.

Bug: 13197
Change-Id: Ie861b7721b2c2dd9a5839986488ee22f39f81d1e
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19101
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-rpcrdma: Fix Write list dissection
Chuck Lever [Sun, 4 Dec 2016 23:39:39 +0000 (18:39 -0500)]
packet-rpcrdma: Fix Write list dissection

The current mechanism of dissecting RPC-over-RDMA chunk lists is not
working. It treats the Write list as a list of RDMA segments (it's a
list of counted arrays).

Bug: 13197
Change-Id: I6f8e788d66eefd17d6c1995e238a9ff9fa1e81f2
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19100
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-rpcrdma: Fix Read list dissection
Chuck Lever [Sun, 4 Dec 2016 22:36:59 +0000 (17:36 -0500)]
packet-rpcrdma: Fix Read list dissection

The current mechanism of dissecting RPC-over-RDMA chunk lists is not
working. It treats the Read list as a counted array (it's a list).

Part of this confusion arises because RFC 5666 uses the term "chunk"
to mean "chunk", "read segment", and "rdma segment". Re-organize
the dissector logic to make this distinction properly.

Bug: 13197
Change-Id: Iad517804dbcf8b30de795af03af7a71a6f231231
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19099
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRTPS: Cleanup endian handling
Michael Mann [Mon, 5 Dec 2016 20:21:34 +0000 (15:21 -0500)]
RTPS: Cleanup endian handling

1. Rather than pass a boolean that has to be continually evaluated, just pass the
necessary encoding (ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN)
2. Incorporate more use of proto_tree_add_item_ret_[u]int
3. Remove NEXT_guint16 and NEXT_guint32 because we now have tvb_get_guint16 and
tvb_get_guint32

Change-Id: Ib1c3488450b4e727d2c1943ba4e577faf2350dcc
Reviewed-on: https://code.wireshark.org/review/19103
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agokafka: add dissection for rest of api keys
Dmitry Lazurkin [Fri, 25 Nov 2016 19:45:02 +0000 (22:45 +0300)]
kafka: add dissection for rest of api keys

- support rest of api keys
- dissect kafka.required_acks with constants
- dissect kafka.message_timestamp_type
- add expert info about missing request

Change-Id: I3d18936adac6702a61f545385bdec1b75b564bd9
Reviewed-on: https://code.wireshark.org/review/18954
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
3 years agopacket-rpcrdma: Display length fields in decimal
Chuck Lever [Mon, 5 Dec 2016 03:11:12 +0000 (22:11 -0500)]
packet-rpcrdma: Display length fields in decimal

Change-Id: I3a3a51de76286800992b1445c332c50059112c54
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19098
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopacket-rpcrdma: Remove if (tree) preventing dissectors being called.
Chuck Lever [Sun, 4 Dec 2016 21:58:37 +0000 (16:58 -0500)]
packet-rpcrdma: Remove if (tree) preventing dissectors being called.

When tshark displays each frame in default mode (without -V):

- NFS on TCP is dissected and displayed
- NFS on RPC/RDMA is displayed as only an RPC/RDMA frame

NFS on RPC/RDMA should be dissected and displayed just like NFS on
TCP. Make passing along the RPC payload to the RPC dissector
unconditional.

Bug: 13198
Change-Id: Ia86f3abcfcbc65a860d4ff7bac19a5f3af44a0b0
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19027
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoCMake: Update FindWiX.
Gerald Combs [Mon, 5 Dec 2016 18:53:32 +0000 (10:53 -0800)]
CMake: Update FindWiX.

The WiX Toolset installer sets the WIX environment variable. Search for
our WiX executables there first.

Change-Id: I5acc9cb369dc2bdbb071d35b5a39498c6db117a3
Reviewed-on: https://code.wireshark.org/review/19096
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRTPS: Added submessages and fixed minor issues for Secure DDS
Juanjo Martin [Wed, 30 Nov 2016 16:13:30 +0000 (17:13 +0100)]
RTPS: Added submessages and fixed minor issues for Secure DDS

Bug: 13204
Change-Id: Iaad562aafe3a4f0300398fc45927ac810814ee75
Reviewed-on: https://code.wireshark.org/review/18990
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>