git.samba.org - metze/wireshark/wip.git/log

Just pass on a snapshot length of 0 to the dumper.

It means "snapshot length unknown".

For most file formats, the snapshot length isn't recorded (even for
formats that support slicing - all they record is the on-the-network
length, and length after slicing, for each packet), so it's ignored in
the dumper.

The one exception is pcap, which records it in the file header; if it's
unknown, the pcap-writing code picks the maximum supported snapshot
length for the file's link-layer header type.

Change-Id: Ieda5dfe34c4bac63e43fdadeff31799ac3c908de
Reviewed-on: https://code.wireshark.org/review/30657
Reviewed-by: Guy Harris <guy@alum.mit.edu>

test: convert suite_dfilter to use fixtures

Stop using subprocesstest, drop the (now redundant) DFTestCase base
class and use pytest-style fixtures to inject the dependency on tshark.
This approach makes it easier to switch to pytest in the future.
Most substitutions were automated, so no typos should be present.

Change-Id: I3516029162f87423816937410ff63507ff82e96f
Reviewed-on: https://code.wireshark.org/review/30649
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

test: convert suite_nameres to use fixtures

Create a special custom profile just for the nameres tests, instead of
doing this for all tests. Other tests do not need it.

Change-Id: I41de0ece9dcf1ee310957beab2bbee0a99784753
Reviewed-on: https://code.wireshark.org/review/30633
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

test: convert suite_text2pcap to use fixtures

Inline all capture file names and use fixtures instead of the global
config object. This makes dependencies more explicit.

Change-Id: I37a6eda73822735b5a6957b44bce53bb5ecd1aa0
Reviewed-on: https://code.wireshark.org/review/30631
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Don't set anything in *wth until we've decided it's a Peek classic file.

Change-Id: I8b6f5b46cc578a65eec3e255d468d3841f9b0197
Reviewed-on: https://code.wireshark.org/review/30652
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Dumpcap: Update our pipe closed logic.

Check for pipe status only when we no longer have packets. This keeps us
from flushing packets that we should have written.

Change-Id: I714f52597da792a0b228b5e1a1dd3a993dc93681
Reviewed-on: https://code.wireshark.org/review/30651
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

nettrace: Parse IPv6 addresses.

Change-Id: Iad583c39605ed2dd7a1c64f3729500c6b8a31fd3
Reviewed-on: https://code.wireshark.org/review/30650
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Simplify code.

Just directly set wth->file_encap.

Change-Id: I9fb3d34d3d46d9bef6b7206e25ba72049d9b12f1
Reviewed-on: https://code.wireshark.org/review/30648
Reviewed-by: Guy Harris <guy@alum.mit.edu>

CBRS-OIDs: adding Citizens Broadband Radio Service Object Identifiers

Used within CBRS X.509 certificates, related certificate requests etc

Extracted from
- WInnForum CBRS COMSEC TS WINNF-15-S-0065-V2.0.0
https://www.wirelessinnovation.org/assets/work_products/Specifications/winnf-15-s-0065-v2.0.0%20cbrs%20communications%20security%20technical%20specification.pdf
- WInnForum CBRS Certificate Policy Document WINNF-17-S-0022
https://www.wirelessinnovation.org/assets/work_products/Specifications/winnf-17-s-0022%20v1.0.0%20cbrs%20pki%20certificate%20policy.pdf

Change-Id: I7ee5246bb15214d37cd566f8b2beadeb0a2bce01
Reviewed-on: https://code.wireshark.org/review/30642
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Debian: Add missing symbols.

Change-Id: Ia8a385faad06a1221a9ab6f31e27e4be09a5590d
Reviewed-on: https://code.wireshark.org/review/30646
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Always use the file header to set the encapsulation type for Peek classic.

The information given by the person who provided the change to do so for
V7 files seems to indicate that 1) V5 and V6 files have the same file
header and 2) the protoNum field shouldn't be used for this purpose.

It also provided information about the bits in the flags and status
field, so add that.

The first three of those bits appear to match the first three bits of
the flags field in Peek tagged files, so note that in the Peek tagged
reader, in case the other bits also match.

Change-Id: I492afd594676efc14b487b3030c861bf5feb2d23
Reviewed-on: https://code.wireshark.org/review/30647
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Dumpcap: Make sure we set our pipe error status.

Make sure cap_pipe_read_data_bytes sets pcap_src->cap_pipe_err if it
encounters an error or EOF. This fixes a regression introduced in
ga51b3d1d16. Have it return -1 or the number of bytes read similar to
read(2). Explicitly treat its return value as a signed integer.

Change-Id: I3de92859eee45e8d4a24a8c8309a816ef1b7924a
Reviewed-on: https://code.wireshark.org/review/30639
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

WSDG: update test section with pytest fixtures

Try to describe the motivation of pytest fixtures and update the
examples. Add a missing build dependency in CMake while at it.

Change-Id: I5384a86f2191835b834285b81343a7ee56f88e79
Reviewed-on: https://code.wireshark.org/review/30632
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

LISP: Fix action bits decoding

Change-Id: I76f5e10fbc5ca0071d1444e31ce4c8fba639c3bc
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/30630
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

macos-setup.sh: Update library and tool versions.

Update the following versions:

CMake: 3.7.2 to 3.12.4
Qt: 5.9.5 to 5.9.7 (Current LTS)
libxml2: 2.9.4 to 2.9.7 (2.9.4 has security issues)
c-ares: 1.12.0 to 1.15.0 (1.12.0 has security issues)
libssh: 0.7.4 to 0.8.5 (0.7.4 has security issues)

Change-Id: Ia97b436981705a4d99c0b0a2f238738e18394d45
Reviewed-on: https://code.wireshark.org/review/30589
Reviewed-by: Gerald Combs <gerald@wireshark.org>

nas5gs: Update AMF in 5GS mobile identity.

Change-Id: I6e2f2c259b9aed3073b322b8a3301ce8acfd79c6
Reviewed-on: https://code.wireshark.org/review/30629
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DOCSIS: both TLV 43 and 44 need VSIF encodings

Change-Id: Ide8fe96de05423fed135797988dd620b92e9cddc
Reviewed-on: https://code.wireshark.org/review/30628
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

nettrace_3gpp_32_423: Don't crash on error and improve error output.

Change-Id: I4ea7ccf51321d6ce316456bde24aa37880ea52ed
Reviewed-on: https://code.wireshark.org/review/30627
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

blip: fix memory safety issues and a build failure without zlib

Fix use-after-free of decompress_streams when reloading a capture file.
Cleanup the z_stream on capture file closure and simplify the hash key.
Fix build in case zlib is not available, remove unnecessary headers and
fix the indentation information (tabs instead of spaces).

Change-Id: I08268db1b9714cdddfc7f47b496f3e9da518139a
Fixes: v2.9.0rc0-2492-ga8c40412d8 ("Added support for the Couchbase BLIP protocol")
Reviewed-on: https://code.wireshark.org/review/30626
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jim Borden <jim.borden@couchbase.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: Add RETIRE_CONNECTION_ID frame type (draft -15)

Change-Id: If181e89a70044db6d429e2066db6bd8869968ef3
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/30492
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: Renumbering ACK and ACK_ECN frame (draft -15)

* create a draft14 (and older) frame type
* on ACK_ECN, ECN (ect0, ect1, ecn-ce) are after ACK block

Change-Id: I810e32865a00abebbc29611cae5972d51268f476
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/30491
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Update MongoDB ObjectID dissector element

The MongoDB ObjectID spec traditionally included a "host hash" and "PID" field.
These have for a while been treated as random data for the server, and the
MongoDB drivers have recently addopted a specification that says the same:
https://github.com/mongodb/specifications/blob/master/source/objectid.rst#random-value

This patch reorganises the original Host Hash and PID fields under a new
"Machine ID" field, to be able to show both the current interpretation of the
field, as well as the historical one.

Change-Id: Ib25b5552935781bc512fcdadb870ed20838d8808
Reviewed-on: https://code.wireshark.org/review/30604
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

ui: add missing break.

Error:
../ui/alert_box.c: In function ‘cfile_write_failure_alert_box’:
../ui/alert_box.c:359:13: error: this statement may fall through [-Werror=implicit-fallthrough=]
             simple_error_message_box(
             ^~~~~~~~~~~~~~~~~~~~~~~~~
                         "Frame %u%s has a network type that differs from the network type of earlier packets, which isn't supported in a \"%s\" file.",
                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                         framenum, in_file_string,
                         ~~~~~~~~~~~~~~~~~~~~~~~~~
                         wtap_file_type_subtype_string(file_type_subtype));
                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../ui/alert_box.c:364:9: note: here
         case WTAP_ERR_PACKET_TOO_LARGE:
         ^~~~

Change-Id: I55464afff5625ae8c587470e417234560c7e606c
Reviewed-on: https://code.wireshark.org/review/30623
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

All Veriwave files and packets use WTAP_ENCAP_IXVERIWAVE.

We set the file encapsulation to WTAP_ENCAP_IXVERIWAVE when we open the
file; we don't need to update it when we read packets. and we don't need
to set the per-packet encapsulation because it's set to the file
encapsulation for us by wtap_read() and wtap_seek_read().

Change-Id: I2f123e3fb0d505334f3451685290bdbae77a598b
Reviewed-on: https://code.wireshark.org/review/30622
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix whitespace.

Change-Id: I4e1ca2bcefbaf8bb04e26bed0c668c43b1a6f788
Reviewed-on: https://code.wireshark.org/review/30621
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fail more cleanly if the file has no records.

If we have no records, we can't determine the link-layer type.

Also:

Use more signed values, and do more sanity checks on the file header and
TLVs to make sure we don't run into the first packet.

When writing the file header, accumulate the header length/first packet
offset in a 32-bit variable, and stuff it into the
offset-to-first-packet fields (plural) once we're done.

Change-Id: I3aeb5258bc16ddd8cf0ec86ef379287d0c4b351a
Reviewed-on: https://code.wireshark.org/review/30620
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ieee80211: Avoid decrypting packets two times

Encrypted packets were decrypted two times. One time to scan for
new keys. If no keys were found the decrypted data was simply
discarded. Then later on the packet was decrypted again for
dissection.

Avoid decrypting packets two times by storing the result from first
decryption if no key was found. Skip the second attempt.

Note though that in the special case where a key was actually found
inside an encrypted packet the decryption will still be performed
twice. First time decrypt, discover the key, and return the EAPOL
keydata. Second time decrypt and return the decrypted frame.

Change-Id: I1acd0060d4e1f351fb15070f8d7aa78c0035ce39
Reviewed-on: https://code.wireshark.org/review/30568
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: Decrypt and dissect EAPOL keydata

Decrypt EAPOL keydata information and have it dissected with the
ieee80211 dissector.

This is achieved by letting the Dot11Decrypt engine retrieve the EAPOL
keydata decrypted while extracting the GTK during 4-way handshake.
The ieee80211 dissector then stores the decrypted data in packet proto
data so that the wlan_rsna_eapol subdissector can retrieve it for
dissection.

Change-Id: I2145f47396cf3261b40e623fddc9ed06b3d7e72b
Reviewed-on: https://code.wireshark.org/review/30530
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Dumpcap: Don't let individual pipes stop our capture.

If a capture source is a pipe and it reaches the end of its input, don't
stop capturing globally since we might have other active interfaces. We
do need to stop capturing if all of our interfaces are pipes and none of
them are open, so add a check to do so.

Change-Id: Id7f950349e72113c9b4bfeee4f0a9c8a97aefe8c
Reviewed-on: https://code.wireshark.org/review/30615
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

test: convert some more tests to use fixtures

Continue the conversion from use of globals (the config module) to
fixtures. If a program (like wmem_test or tshark) is unavailable, it
will be skipped now rather than failing the test.

The general conversion pattern is:
- Decorate each class with `@fixtures.uses_fixtures` and (for tests that
  run tshark) `@fixtures.mark_usefixtures('test_env')`.
- Convert all `config.cmd_*` to `cmd_*` and add an argument.
- Convert all `config.*_dir` to `dirs.*_dir` and add an argument.
- Convert users of `os.path.join(dirs.capture_file, ...)` to use a new
  'capture_file' fixture to reduce boilerplate code. Inline variables if
  possible (this conversion was done in an automated way using regexes).

Some other changes: tests that do not require a test environment (like
wmem_test) will use 'base_env' which avoids copying config files,
`env=config.test_env` got removed since this is the default. Some test
classes in suite_clopts were combined. Removed unused imports.

Change-Id: Id5480ffaee7d8d56cf2cb3189a38ae9afa7605a1
Reviewed-on: https://code.wireshark.org/review/30591
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Dumpcap: Move packet dequeueing code to a common routine.

Dequeue and write packets in capture_loop_dequeue_packet. This ensures
that we properly handle pcapng packets both inside our capture loop and
after it's finished.

Change-Id: Iacc980c90481b1378761eac83d8044aaddabfdc2
Reviewed-on: https://code.wireshark.org/review/30609
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: save debug flag and use it to activate ssh debug.

Change-Id: Ida32834f8c0838f1d815f7e33116b6a6161acf34
Reviewed-on: https://code.wireshark.org/review/30572
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssh-base: define a struct for storing ssh parameters.

Update sshdump and ciscodump to use it.

Change-Id: I5fbb9e3a870ec8baa0f326ad34733743cbb981f3
Reviewed-on: https://code.wireshark.org/review/30571
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssh-base: support libssh config file.

It's operating system dependent, but the library takes care of it
on different operating systems.

Options are set with this precedence:
- if user-provided, use it
- if not, take the one from config file
- (username only) if none in the config file, take the current user from OS

Change-Id: I00dcc1c9a8613e6d1250b6404bf2100f6ccff7b7
Reviewed-on: https://code.wireshark.org/review/30558
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Catch attempts to write multiple encapsulation types if unsupported.

If, in the process of opening the input file, we determine that it has
packets of more than one link-layer type, we can catch attempts to write
that file to a file of a format that doesn't support more than one
link-layer type at the time we try to open the output file.

If, however, we don't discover that the file has more than one
link-layer type until we've already created the output file - for
example, if we have a pcapng file with a new IDB, with a different
link-layer type from previous IDBs, after packet blocks for the earlier
interfces - we can't catch that until we try to write the packet.

Currently, that causes the packet's data to be written out as is, so the
output file claims it's of the file's link-layer type, causing programs
reading the file to misdissect the packet.

Report WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on the write attempt
instead, and have a nicer error message for
WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on a write.

Change-Id: Ic41f2e4367cfe5667eb30c88cc6d3bfe422462f6
Reviewed-on: https://code.wireshark.org/review/30617
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Give an error if an output file isn't specified.

Just silently not bothering to do any work isn't all that useful in that
case; giving the usage message indicates that you need both input and
output files.

Change-Id: I9512d3e45e1e9a9d4bccb28b49aeea8c12ad0100
Reviewed-on: https://code.wireshark.org/review/30614
Reviewed-by: Guy Harris <guy@alum.mit.edu>

tshark: Print the packets' comments in the expert info

Previously 'tshark -z expert' was failing with abort when a packet
contains a comment

- Add a new comment parameter and update the tshark's manual page
- Add a new comment_level severity and change the default lavel to it.
- Add various 'tshark -z expert' tests

Change-Id: I188317da5e00019b8f2b725f0fe84942f774520f
Reviewed-on: https://code.wireshark.org/review/30610
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

RTPS: APP_ACK_CONF submessage dissection fixed.

Count field of APP_ACK_CONF submessage was dissected using a signed
integer rather than unsigned. That avoids the dissection to be concluded
due to a wrong type error.

Change-Id: Ie5f85ce5b3d745d74e1b50d96a77560fb854034b
Reviewed-on: https://code.wireshark.org/review/30605
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: Allow ASCII '0' in preference name

Update another regex to also allow '0' in the preference name.

Change-Id: I61e39a160d86195c989ab53623bc5887a10dcaad
Reviewed-on: https://code.wireshark.org/review/30606
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

PKIX1EXPLICIT: Fixing Attribute and AttributeTypeAndValue ASN.1 cnf

EXPERIMENTAL, this has not been widely validated yet. It is not clear whether
there is any deeper sense in how the prior ASN.1 cnf was done.

If this is used, it might also be beneficial to rename the double-overloaded
"type".

Removing pre-existing empty line at the end of packet-pkix1explicit-template.c
to comply with coding style requirements.

Change-Id: Iaddeb62f8abb8605b182091ea9c64b8f2172a884
Reviewed-on: https://code.wireshark.org/review/30599
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

PKCS10/pkix1explict: adding PKCS#9 OIDs

Attribute types for use in PKCS #10 certificate requests as specified
in PKCS#9 / RFC 2985

A CSR including one of the PKCS#9 OIDs, SubjectAltNames within an
pkcs-9-at-extensionRequest, can be generated with the following OpenSSL command
line on most Linux systems:

openssl req -new -sha256 -nodes -keyout domain.key \
            -subj "/C=US/ST=CA/O=Acme, Inc./CN=example.com" \
            -reqexts SAN -config \
            <(cat /etc/ssl/openssl.cnf \
            <(printf "\n[SAN]\nsubjectAltName=DNS:example.com,DNS:www.example.com")) \
            -out attr_with_san.csr

Change-Id: I5ae4bd782003c65286bbebf41b96d142e4e99a60
Reviewed-on: https://code.wireshark.org/review/30600
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: Allow ASCII '0' in preference name

Update the regex to also allow '0' in the preference name.

Change-Id: I881079b579b9193dd31dda2150d9a50c000c0dd3
Reviewed-on: https://code.wireshark.org/review/30602
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RTCP: Fix RTCP Floor Control message Sub-type "Floor taken" is displayed
as "Unknown"

Bug: 15276
Change-Id: I313f9d98d0c305a1508f465ec99ae98a91d3d9e9
Reviewed-on: https://code.wireshark.org/review/30603
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

PKCS10: Enabling own dissection function for Attributes

The one in pkix1explicit might be broken, while it might have unexpected
side-effects to mess with that. Anyway, RFC 2986 defines the Attribute
sequence for PKCS10 directly.

Change-Id: I854b5b5fb83322a1302d011c9cd6f2d5c9fc2b78
Reviewed-on: https://code.wireshark.org/review/30585
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix function name in comment.

Change-Id: Ice41094e6cc91df7e1f8286f35d49e1a20a89cc7
Reviewed-on: https://code.wireshark.org/review/30598
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Move the Linux ARPHRD_ types to epan/arptypes.h.

Change-Id: I6fa9593af64e8af1ade4f049ea949989adfd00c7
Reviewed-on: https://code.wireshark.org/review/30595
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix dissection of 802.11+radiotap frames in Linux "cooked" captures.

Those frames *don't* have their link-layer headers stripped, even on
PF_PACKET/SOCK_DGRAM captures (hopefully, nobody will consider that a
bug and "fix" it).

The "hatype" field is the ARPHRD_ value for the adapter, as returned by
SIOCGIFHWADDR; in monitor mode, those frames will have an hatype of
ARPHRD_IEEE80211_RADIOTAP. Add an "sll.hatype" dissector table, which
we check before checking the "sll.ltype" dissector table, and have the
radiotap dissector register in that table.

We still use the special hack for an hatype of ARPHRD_NETLINK, because,
for *those* frames, the "protocol" field of the nominal SLL header is
the netlink family, not an Ethertype or anything else that the SLL
dissector would handle.

Change-Id: If503a7daa9133adf1b8c330ec28c4c824d4f551d
Reviewed-on: https://code.wireshark.org/review/30592
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't have _ng versions of the dumper open routines.

Have the routines always take a parameters pointer; pass either null or
a pointer to an initialized-to-nothing structure in cases where we were
calling the non-_ng versions.

Change-Id: I23b779d87f3fbd29306ebe1df568852be113d3b2
Reviewed-on: https://code.wireshark.org/review/30590
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Use the Wayback Machine for a page that currently isn't working.

It loads, but displays nothing (either in Safari 12, or a presumably
recent Chrome, on my Mac).

Change-Id: I4a5530007ddf3c14a5fd349998318d5868da5d5c
Reviewed-on: https://code.wireshark.org/review/30588
Reviewed-by: Guy Harris <guy@alum.mit.edu>

wiretap: refactor common parameters for pcapng dump routines

Four variants of wtap_dump_open_ng exists, each of them take the same
three parameters for the SHB, IDB and NRB blocks that has to be written
before packets are even written. Similarly, a lot of tools always create
these arguments based on an existing capture file session (wth).

Address the former duplication by creating a new data structure to hold
the arguments. Address the second issue by creating new helper functions
to initialize the parameters based on a wth. This refactoring should
make it easier to add the new Decryption Secrets Block (DSB).

No functional change intended.

Change-Id: I42c019dc1d48a476773459212ca213de91a55684
Reviewed-on: https://code.wireshark.org/review/30578
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Remove obsolete files.

Change-Id: Ibc2f20a895f7aaf4fc5988eb8814124a68dd886e
Reviewed-on: https://code.wireshark.org/review/30583
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>

IPv6: Fix payload root tree for IPv6 Routing Hdr

We need to pass the original proto_tree pointer to sub-dissectors,
not the p_ipv6_pinfo_select_root() return value. Rename the "_tree"
argument to follow the existing style and make the code more readable.

Bug: 15270
Change-Id: I0322f015abc0d6426d6f05c16c48e928c253c2eb
Reviewed-on: https://code.wireshark.org/review/30579
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gtpv2: Update RAT types.

Change-Id: Ifb134ce340d847af65bad4dd20d5c453af85d4e1
Reviewed-on: https://code.wireshark.org/review/30582
Reviewed-by: Anders Broman <a.broman58@gmail.com>

fix documentation and tests for cmake run directory.

Change-Id: If33a39c26714ebe699463d1c8c67469025767efb
Reviewed-on: https://code.wireshark.org/review/30581
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

blip: Use correct guint64 printf modifier

Change-Id: I6e326cc5396467a0f65edbde1148414a10e22df2
Reviewed-on: https://code.wireshark.org/review/30580
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Added support for the Couchbase BLIP protocol

Documentation for the protocol is available at https://github.com/couchbaselabs/BLIP-Cpp/blob/master/docs/BLIP%20Protocol.md

Bug: 15212
Change-Id: I2fe947c3af10c53d68c740241466e2de6c4be551
Reviewed-on: https://code.wireshark.org/review/30229
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

PDCP-NR: Show some config highlights in config root and Info column.

Also add convenience functions for getting/setting the PDCP-NR struct.

Change-Id: Id30d380ecb2910e5f32e08b791657696bb513910
Reviewed-on: https://code.wireshark.org/review/30569
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

sshdump: fix generation of error message from remote side.

Change-Id: I15f5989f08b7e3851a7c4b949d63434fbc750020
Reviewed-on: https://code.wireshark.org/review/30557
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

[Automatic update for 2018-11-11]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I49c9b5a86e33811c59c7e70d5f548d103f7bc35c
Reviewed-on: https://code.wireshark.org/review/30573
Reviewed-by: Gerald Combs <gerald@wireshark.org>

cmake: Add CMakeGraphVizOptions.cmake to improve the generated layout.

Adjust the CMake configuration to generate grapvhiz files with an
improved layout.

Documentation: https://cmake.org/cmake/help/latest/module/CMakeGraphVizOptions.html

To generate a dependency graph from the build directory (example):
cmake . --graphviz=wireshark.dot
fdp wireshark.dot -Tpdf -o wireshark.pdf

Change-Id: Icf238668004224b9d373d8080e549b9b583f676c
Reviewed-on: https://code.wireshark.org/review/30564
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>

wiretap: fix truncated reads while reading compressed file formats

A lot of file dissectors (pcapng, json, etc.) assumed that the packet
size is equal to the file size. This is not true if the file was
compressed and could result in silently truncating reads or failing to
open a file (if the compressed file is larger than the actual data).

Observe that a lot of file dissectors are simply copies of each other.
Move the fixed implementation to wtap.c and reuse the methods everywhere
else. While at it, avoid an unnecessary large allocation/read in
ruby_marshal.

Change-Id: I8e9cd0af9c4d1bd37789a3b509146ae2182a5379
Reviewed-on: https://code.wireshark.org/review/30570
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

ieee80211: Fix Vendor Specific Fixed Field dissection.

Prevent malformed packet exceptions.

Bug: 15273
Change-Id: I88c8fe4bf19d1c8ef478068dde8c220afdd33589
Reviewed-on: https://code.wireshark.org/review/30565
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

sshdump: fix some debug messages.

Change-Id: I92d157367efc36d4c1d1a53a201ed652d701894e
Reviewed-on: https://code.wireshark.org/review/30556
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ssh-base: fix wrong type for ssh port.

According to documentation:

http://api.libssh.org/master/group__libssh__session.html#ga82371e723260c7572ea061edecc2e9f1

Change-Id: I788f909efdb263d645bf402ad5a293a4b3e8d089
Reviewed-on: https://code.wireshark.org/review/30555
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

MMSE: catch length overflows to avoid infinite loop.

After fetching a length from the packet ensure those bytes exist to
avoid integer overflows by callers (while avoiding having to ensure
every caller checks for overflows).

Also add a check to ensure the loop in question is progressing through
the TVB; report a dissector bug if it doesn't.

Bug: 15250
Change-Id: I9434bfe9d530942fd45342690383df2decacdba1
Reviewed-on: https://code.wireshark.org/review/30560
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

UI: Remove Win32 file dialog stuff specific to GTK

Remove "Export SSL Session Keys", "Import/Export Color Filters" and
"Export Raw Bytes" dialogs. These were only used by GTK+ as Qt has its
own implementation.

Change-Id: I0520a0f6e35d0f8a55c58e77f89c5229393c2b23
Reviewed-on: https://code.wireshark.org/review/30559
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

capture_loop_write_pcapng_cb() shouldn't be called if use_pcapng is false.

If it *is* called when global_capture_opts.use_pcapng is false, don't
just silently drop the packet on the floor, abort.

Change-Id: Idb8f8e4c4ba231cfe674a81da34bf46e00f8247c
Reviewed-on: https://code.wireshark.org/review/30562
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Dumpcap: Move the "just wrote one packet" logic to one place.

Add capture_loop_wrote_one_packet, which increments the appropriate
counters and checks for autostop and ring buffer conditions. Call it
when we write a pcap or pcapng packet. This fixes `-b packets:NUM` for
pcapng output.

Change-Id: Ie2bdd725fbee59c1ae10b05be84ae9a3a6d80111
Reviewed-on: https://code.wireshark.org/review/30561
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Diameter-3gpp: Dissect the SMS inside AVP 3301 SM-RP-UI.

Change-Id: I0f293ea529dce5147eef5bfb9d8d4b39640fd0aa
Reviewed-on: https://code.wireshark.org/review/30554
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: fix parallel build by not copying ws.css repeatedly

A race condition exists with msbuild where building some targets
(generate_{developer,user}-guide.xml, {developer,user}_guide_pdf) will
result in parallel, repeated execution of the commands to copy 'ws.css'.
Synchronize those executions using a single target to avoid this.

Change-Id: Ie93d07e504bc18fa4e4e8aac5b611fba329ff188
Reviewed-on: https://code.wireshark.org/review/30553
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ICMP: Add Extended Echo (Probe) RFC8335

Implementing ICMP extended echo (RFC8335) for IPv4.

Ping-Bug: 14457
Change-Id: Id7ae6fce88ef43f8b6a62b06285257416acd0a77
Reviewed-on: https://code.wireshark.org/review/30552
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: Dissect RSN GTK and IGTK IE

Change-Id: Ifda4defeb2db72d9f65dce89d6f97bfe09f7f5ad
Reviewed-on: https://code.wireshark.org/review/30547
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Dumpcap+Qt: Add support for `-a packets:NUM` and `-b packets:NUM`.

Add the ability to rotate files after a specified number of packets (`-b
packets:NUM`). Move some condition checks to capture_loop_write_packet_cb.

Add `-a packets:NUM` in order to be consistent. It is functionally
equivalent to the `-c` flag.

Add a corresponding "packets" option to the Capture Interfaces dialog
Output tab.

Add initial tests for autostop and ringbuffer conditions.

Change-Id: I66eb968927ed287deb8edb96db96d7c73526c257
Reviewed-on: https://code.wireshark.org/review/30534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

isakmp: Free the UAT tables' records using a free callback

Change-Id: Ife44b225337e5c583c722ac62f711ed3ec9cf808
Reviewed-on: https://code.wireshark.org/review/30535
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

dot11decrypt: Create RC4 decryption and key copy helper functions

In preparation for decrypting and dissecting EAPOL keydata in
ieee80211 dissector move the RC4 decryption and key copy into
separate helper functions.

Change-Id: I13f3e981038f48526032e263b6eb3c9e3496abbe
Reviewed-on: https://code.wireshark.org/review/30546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

macos-setup.sh: Remove unused variables and code.

Remove unused variables found by shellcheck. Remove a dead check for
10.5 (which we no longer support) which enables 32-bit builds (which we
no longer support).

Change-Id: I8f987f31025c74d27e46c7f74f514857ec8cdd3b
Reviewed-on: https://code.wireshark.org/review/30549
Reviewed-by: Anders Broman <a.broman58@gmail.com>

test: make it possible to use pytest-style test fixtures

Currently all binaries must be available or no tests will be executed.
This is inconvenient if you just want to test a single binary (e.g.
text2pcap) without having to build epan. The problem is essentially that
tests lack dependency annotations.

To solve this problem, add the required dependencies as parameters to
each test (so-called 'fixtures' in pytest). Skip a test if a binary
(such as tshark) is unavailable. As a demonstration, suite_dissection.py
is converted. Over time, tests should no longer depend on config.py due
to explicit dependencies fixtures (listed in fixtures_ws.py).

Since the unittest module does not support such dependency injections,
create a small glue for use with pytest and an (incomplete) emulation
layer for use with test.py.

Tested with pytest 3.8.2 + Python 3.7.0 and pytest 3.0.3 + Python 3.4.3.
Python 2.7 is not supported and will fail. Test commands:

~/wireshark/test/test.py -p ~/build/run
WS_BIN_PATH=~/build/run pytest ~/wireshark/test -ra

Change-Id: I6dc8c28f5c8b7bbc8f4c04838e9bf085cd22eb0b
Ping-Bug: 14949
Reviewed-on: https://code.wireshark.org/review/30220
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GTP: fix NR user plane DL data delivery status

Change-Id: Ie947ebe5c0a43e4d621203fca13b8af783458cf5
Reviewed-on: https://code.wireshark.org/review/30541
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

proto.c: increase the number of pre allocated fields

Change-Id: I5b2cb3ae6a9e6ab507f18e6eb5f89a37b2983129
Reviewed-on: https://code.wireshark.org/review/30551
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

SMPP: prevent triggering an exception in the heuristic checks

Change-Id: Ic69b31914d2c5c1eaa1c30d34f946d66bbfdf6a3
Reviewed-on: https://code.wireshark.org/review/30550
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

SRT: clear the state after displaying it

Bug: 15264
Change-Id: If75e6af2de1cecc09cb1c4c559bc64b9cb4aad83
Reviewed-on: https://code.wireshark.org/review/30544
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

macos-setup.sh: fix Python 3 installation for OS X 10.8 and older

Change-Id: I3c5b7fa272fbef770b06430edadb8abfc688e951
Fixes: v2.9.0rc0-2460-ge9f7bb5127 ("Require Python 3, drop Python 2 support")
Reviewed-on: https://code.wireshark.org/review/30548
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>

test: drop Python 2 compatibility, use more Python 3 features

Reduces maintenance costs and makes it possible to simplify code.
pytest supports Python 2.7 and Python 3.4 (or newer), so that is more or
less the minimum target for now.

Change-Id: I0347b6c334bf2fc6c9480ff56e9ccfcd48886dde
Reviewed-on: https://code.wireshark.org/review/30193
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

rpm: update all rpm files for using python3.

This includes:
- tools/rpm-setup.sh
- packaging/rpm/wireshark.spec.in

Fixes: v2.9.0rc0-2460-ge9f7bb5127 ("Require Python 3, drop Python 2 support")
Change-Id: I9fb92be936dec5fdb819a54e132e64521fa95bbb
Reviewed-on: https://code.wireshark.org/review/30543
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

Diameter: Add AVPs for 3GPP S6c

Change-Id: I8ad0f2d0fa2919b459e65c2241b1e6fa14a9c44a
Reviewed-on: https://code.wireshark.org/review/30540
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NAS EPS: update ciphering heuristic check for 15 EPS bearers contexts

Change-Id: I8c413420f231a65121cf13df7bd28fe066b606a6
Reviewed-on: https://code.wireshark.org/review/30539
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

docsis: Changed vendor-specific TLV to 44 to conform CM-SP-MULPIv3.1-115-180509

Change-Id: Idf48e55214cc59a00cecde14f577bfd4bfad9aa1
Reviewed-on: https://code.wireshark.org/review/30538
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Require Python 3, drop Python 2 support

Python 3 is widely available. All major Linux distributions support it.
RHEL is covered via EPEL (which is already required for cmake3). Drop
support for Python 2 in order to reduce maintenance costs. The main
motivation is being able to simplify the tests.

CMake is updated to search for Python >= 3.4 and will fail if
unavailable (generating dissectors.c requires Python, so it is quite an
important piece to have).

The documentation is updated to reflect the Python 3.7 paths used by
Chocolatey. Tested the git-review installation instructions in Windows 7
x64 without a previous Chocolatey installation.

macOS brew now installs Python 3 (its dependencies are already installed
by python@2 for libxml2). The macOS (non-brew variant) is updated to use
the official 64-bit installer to install Python 3.

Change-Id: I80b1e36957f338e0dad1bfcc173b6418682cddba
Reviewed-on: https://code.wireshark.org/review/30192
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gsm_abis_oml: Decode Primary OML IP Address as big endian

Related: Osmocom #3624
Change-Id: Ie0ca3ff0b0ce0aedeeae8a3e439e54e8f34ca94d
Reviewed-on: https://code.wireshark.org/review/30533
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gsm_abis_oml: Support decoding IPA Primary OML Config List

Related: Osmocom #3624
Change-Id: If9083a69ea2c1387f474d3c9a41926a139f672a2
Reviewed-on: https://code.wireshark.org/review/30532
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GSM MAP: register a few more MAP SSNs by default.

SSNs 145 and 148-150 are all used by MAP so register for them.

This allows Wireshark to decode messages between, for example, an SGSN and
GMLC without having to touch the dissector preferences.

Change-Id: Iaaad668bcde074a2a89d3de605659849856dc396
Reviewed-on: https://code.wireshark.org/review/30531
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

6lowpan: fix handling of UDP packets without payload

Replace all calls of tvb_ensure_captured_length_remaining with
tvb_ensure_length_remaining as they are only used to ensure that already
read data is present and it is not always required that at least 1 more
byte follows.

Change-Id: I71b1142c0d8f8fe3ddb09b80b6ca8ed10e0b67b6
Reviewed-on: https://code.wireshark.org/review/30517
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Add file hashes to capture file properties dialog

Like capinfos provide file hashes in the capture file properties dialog.

Change-Id: Ia9f1b05f61abd239d81b7061bbba1e53c01f28be
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30524
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: Cleanup an if-statement

Change-Id: If56f3837e8bcf0ef3a11579ca031223909ac47b9
Reviewed-on: https://code.wireshark.org/review/30528
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

docbook: Fix a typo

Change-Id: I41b3626bdfac54291fb3d8be0deb035c1a9f9f55
Reviewed-on: https://code.wireshark.org/review/30529
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

NTP: fix dissection of authentication parameters in mode 7 packets

Based on ntp_request.h header file:
- authentication parameters are only present in request messages, not
resonse ones
- the authentication timestamp is at a fixed position with an offset
of 184 bytes in the packet, followed by the encryption keyid and
optionally the mac
- do not display the authentication timestamp (even if present in the
packet) if the authentication bit is not set (as the value 0 translates
into a date in 2036)

Bug: 15258
Change-Id: Id2e49beeef4a0fdc3082d9b7b09a214fd531a6bb
Reviewed-on: https://code.wireshark.org/review/30527
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

DNS: fix compilation broken by g224aa2ed98

Change-Id: I913fdeb3cc827347b0ef11d10f03981c59cad1df
Reviewed-on: https://code.wireshark.org/review/30526
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Add XMSS for SSHFP. This has shipped with OpenSSH since release 7.7

Change-Id: I995b0c93cef0f0b15b4a8115408b68bd7f4e12a3
Reviewed-on: https://code.wireshark.org/review/30523
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Windows: fix RC information generation

Change-Id: I36e1da16b7eb8c224dab74750939a2c9a9a01cfa
Reviewed-on: https://code.wireshark.org/review/30525
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

ieee80211ah: Start adding support for S1G.

This is only the new IEs and one new Extension Frame type

Change-Id: If55fbf205735f657352c8f21b22fa0858ae183f0
Reviewed-on: https://code.wireshark.org/review/30519
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>