git.samba.org - metze/wireshark/wip.git/log

UI: Remove Win32 file dialog stuff specific to GTK

Remove "Export SSL Session Keys", "Import/Export Color Filters" and
"Export Raw Bytes" dialogs. These were only used by GTK+ as Qt has its
own implementation.

Change-Id: I0520a0f6e35d0f8a55c58e77f89c5229393c2b23
Reviewed-on: https://code.wireshark.org/review/30559
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

capture_loop_write_pcapng_cb() shouldn't be called if use_pcapng is false.

If it *is* called when global_capture_opts.use_pcapng is false, don't
just silently drop the packet on the floor, abort.

Change-Id: Idb8f8e4c4ba231cfe674a81da34bf46e00f8247c
Reviewed-on: https://code.wireshark.org/review/30562
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Dumpcap: Move the "just wrote one packet" logic to one place.

Add capture_loop_wrote_one_packet, which increments the appropriate
counters and checks for autostop and ring buffer conditions. Call it
when we write a pcap or pcapng packet. This fixes `-b packets:NUM` for
pcapng output.

Change-Id: Ie2bdd725fbee59c1ae10b05be84ae9a3a6d80111
Reviewed-on: https://code.wireshark.org/review/30561
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Diameter-3gpp: Dissect the SMS inside AVP 3301 SM-RP-UI.

Change-Id: I0f293ea529dce5147eef5bfb9d8d4b39640fd0aa
Reviewed-on: https://code.wireshark.org/review/30554
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: fix parallel build by not copying ws.css repeatedly

A race condition exists with msbuild where building some targets
(generate_{developer,user}-guide.xml, {developer,user}_guide_pdf) will
result in parallel, repeated execution of the commands to copy 'ws.css'.
Synchronize those executions using a single target to avoid this.

Change-Id: Ie93d07e504bc18fa4e4e8aac5b611fba329ff188
Reviewed-on: https://code.wireshark.org/review/30553
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ICMP: Add Extended Echo (Probe) RFC8335

Implementing ICMP extended echo (RFC8335) for IPv4.

Ping-Bug: 14457
Change-Id: Id7ae6fce88ef43f8b6a62b06285257416acd0a77
Reviewed-on: https://code.wireshark.org/review/30552
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: Dissect RSN GTK and IGTK IE

Change-Id: Ifda4defeb2db72d9f65dce89d6f97bfe09f7f5ad
Reviewed-on: https://code.wireshark.org/review/30547
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Dumpcap+Qt: Add support for `-a packets:NUM` and `-b packets:NUM`.

Add the ability to rotate files after a specified number of packets (`-b
packets:NUM`). Move some condition checks to capture_loop_write_packet_cb.

Add `-a packets:NUM` in order to be consistent. It is functionally
equivalent to the `-c` flag.

Add a corresponding "packets" option to the Capture Interfaces dialog
Output tab.

Add initial tests for autostop and ringbuffer conditions.

Change-Id: I66eb968927ed287deb8edb96db96d7c73526c257
Reviewed-on: https://code.wireshark.org/review/30534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

isakmp: Free the UAT tables' records using a free callback

Change-Id: Ife44b225337e5c583c722ac62f711ed3ec9cf808
Reviewed-on: https://code.wireshark.org/review/30535
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

dot11decrypt: Create RC4 decryption and key copy helper functions

In preparation for decrypting and dissecting EAPOL keydata in
ieee80211 dissector move the RC4 decryption and key copy into
separate helper functions.

Change-Id: I13f3e981038f48526032e263b6eb3c9e3496abbe
Reviewed-on: https://code.wireshark.org/review/30546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

macos-setup.sh: Remove unused variables and code.

Remove unused variables found by shellcheck. Remove a dead check for
10.5 (which we no longer support) which enables 32-bit builds (which we
no longer support).

Change-Id: I8f987f31025c74d27e46c7f74f514857ec8cdd3b
Reviewed-on: https://code.wireshark.org/review/30549
Reviewed-by: Anders Broman <a.broman58@gmail.com>

test: make it possible to use pytest-style test fixtures

Currently all binaries must be available or no tests will be executed.
This is inconvenient if you just want to test a single binary (e.g.
text2pcap) without having to build epan. The problem is essentially that
tests lack dependency annotations.

To solve this problem, add the required dependencies as parameters to
each test (so-called 'fixtures' in pytest). Skip a test if a binary
(such as tshark) is unavailable. As a demonstration, suite_dissection.py
is converted. Over time, tests should no longer depend on config.py due
to explicit dependencies fixtures (listed in fixtures_ws.py).

Since the unittest module does not support such dependency injections,
create a small glue for use with pytest and an (incomplete) emulation
layer for use with test.py.

Tested with pytest 3.8.2 + Python 3.7.0 and pytest 3.0.3 + Python 3.4.3.
Python 2.7 is not supported and will fail. Test commands:

~/wireshark/test/test.py -p ~/build/run
WS_BIN_PATH=~/build/run pytest ~/wireshark/test -ra

Change-Id: I6dc8c28f5c8b7bbc8f4c04838e9bf085cd22eb0b
Ping-Bug: 14949
Reviewed-on: https://code.wireshark.org/review/30220
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GTP: fix NR user plane DL data delivery status

Change-Id: Ie947ebe5c0a43e4d621203fca13b8af783458cf5
Reviewed-on: https://code.wireshark.org/review/30541
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

proto.c: increase the number of pre allocated fields

Change-Id: I5b2cb3ae6a9e6ab507f18e6eb5f89a37b2983129
Reviewed-on: https://code.wireshark.org/review/30551
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

SMPP: prevent triggering an exception in the heuristic checks

Change-Id: Ic69b31914d2c5c1eaa1c30d34f946d66bbfdf6a3
Reviewed-on: https://code.wireshark.org/review/30550
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

SRT: clear the state after displaying it

Bug: 15264
Change-Id: If75e6af2de1cecc09cb1c4c559bc64b9cb4aad83
Reviewed-on: https://code.wireshark.org/review/30544
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

macos-setup.sh: fix Python 3 installation for OS X 10.8 and older

Change-Id: I3c5b7fa272fbef770b06430edadb8abfc688e951
Fixes: v2.9.0rc0-2460-ge9f7bb5127 ("Require Python 3, drop Python 2 support")
Reviewed-on: https://code.wireshark.org/review/30548
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>

test: drop Python 2 compatibility, use more Python 3 features

Reduces maintenance costs and makes it possible to simplify code.
pytest supports Python 2.7 and Python 3.4 (or newer), so that is more or
less the minimum target for now.

Change-Id: I0347b6c334bf2fc6c9480ff56e9ccfcd48886dde
Reviewed-on: https://code.wireshark.org/review/30193
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

rpm: update all rpm files for using python3.

This includes:
- tools/rpm-setup.sh
- packaging/rpm/wireshark.spec.in

Fixes: v2.9.0rc0-2460-ge9f7bb5127 ("Require Python 3, drop Python 2 support")
Change-Id: I9fb92be936dec5fdb819a54e132e64521fa95bbb
Reviewed-on: https://code.wireshark.org/review/30543
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

Diameter: Add AVPs for 3GPP S6c

Change-Id: I8ad0f2d0fa2919b459e65c2241b1e6fa14a9c44a
Reviewed-on: https://code.wireshark.org/review/30540
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NAS EPS: update ciphering heuristic check for 15 EPS bearers contexts

Change-Id: I8c413420f231a65121cf13df7bd28fe066b606a6
Reviewed-on: https://code.wireshark.org/review/30539
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

docsis: Changed vendor-specific TLV to 44 to conform CM-SP-MULPIv3.1-115-180509

Change-Id: Idf48e55214cc59a00cecde14f577bfd4bfad9aa1
Reviewed-on: https://code.wireshark.org/review/30538
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Require Python 3, drop Python 2 support

Python 3 is widely available. All major Linux distributions support it.
RHEL is covered via EPEL (which is already required for cmake3). Drop
support for Python 2 in order to reduce maintenance costs. The main
motivation is being able to simplify the tests.

CMake is updated to search for Python >= 3.4 and will fail if
unavailable (generating dissectors.c requires Python, so it is quite an
important piece to have).

The documentation is updated to reflect the Python 3.7 paths used by
Chocolatey. Tested the git-review installation instructions in Windows 7
x64 without a previous Chocolatey installation.

macOS brew now installs Python 3 (its dependencies are already installed
by python@2 for libxml2). The macOS (non-brew variant) is updated to use
the official 64-bit installer to install Python 3.

Change-Id: I80b1e36957f338e0dad1bfcc173b6418682cddba
Reviewed-on: https://code.wireshark.org/review/30192
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gsm_abis_oml: Decode Primary OML IP Address as big endian

Related: Osmocom #3624
Change-Id: Ie0ca3ff0b0ce0aedeeae8a3e439e54e8f34ca94d
Reviewed-on: https://code.wireshark.org/review/30533
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gsm_abis_oml: Support decoding IPA Primary OML Config List

Related: Osmocom #3624
Change-Id: If9083a69ea2c1387f474d3c9a41926a139f672a2
Reviewed-on: https://code.wireshark.org/review/30532
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GSM MAP: register a few more MAP SSNs by default.

SSNs 145 and 148-150 are all used by MAP so register for them.

This allows Wireshark to decode messages between, for example, an SGSN and
GMLC without having to touch the dissector preferences.

Change-Id: Iaaad668bcde074a2a89d3de605659849856dc396
Reviewed-on: https://code.wireshark.org/review/30531
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

6lowpan: fix handling of UDP packets without payload

Replace all calls of tvb_ensure_captured_length_remaining with
tvb_ensure_length_remaining as they are only used to ensure that already
read data is present and it is not always required that at least 1 more
byte follows.

Change-Id: I71b1142c0d8f8fe3ddb09b80b6ca8ed10e0b67b6
Reviewed-on: https://code.wireshark.org/review/30517
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Add file hashes to capture file properties dialog

Like capinfos provide file hashes in the capture file properties dialog.

Change-Id: Ia9f1b05f61abd239d81b7061bbba1e53c01f28be
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30524
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: Cleanup an if-statement

Change-Id: If56f3837e8bcf0ef3a11579ca031223909ac47b9
Reviewed-on: https://code.wireshark.org/review/30528
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

docbook: Fix a typo

Change-Id: I41b3626bdfac54291fb3d8be0deb035c1a9f9f55
Reviewed-on: https://code.wireshark.org/review/30529
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

NTP: fix dissection of authentication parameters in mode 7 packets

Based on ntp_request.h header file:
- authentication parameters are only present in request messages, not
resonse ones
- the authentication timestamp is at a fixed position with an offset
of 184 bytes in the packet, followed by the encryption keyid and
optionally the mac
- do not display the authentication timestamp (even if present in the
packet) if the authentication bit is not set (as the value 0 translates
into a date in 2036)

Bug: 15258
Change-Id: Id2e49beeef4a0fdc3082d9b7b09a214fd531a6bb
Reviewed-on: https://code.wireshark.org/review/30527
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

DNS: fix compilation broken by g224aa2ed98

Change-Id: I913fdeb3cc827347b0ef11d10f03981c59cad1df
Reviewed-on: https://code.wireshark.org/review/30526
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Add XMSS for SSHFP. This has shipped with OpenSSH since release 7.7

Change-Id: I995b0c93cef0f0b15b4a8115408b68bd7f4e12a3
Reviewed-on: https://code.wireshark.org/review/30523
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Windows: fix RC information generation

Change-Id: I36e1da16b7eb8c224dab74750939a2c9a9a01cfa
Reviewed-on: https://code.wireshark.org/review/30525
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

ieee80211ah: Start adding support for S1G.

This is only the new IEs and one new Extension Frame type

Change-Id: If55fbf205735f657352c8f21b22fa0858ae183f0
Reviewed-on: https://code.wireshark.org/review/30519
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CDMA2000: add what seems to be a missing break

Change-Id: Ie1efc5b56da1d81dc06b5d7ebee2e77418640f0b
Reviewed-on: https://code.wireshark.org/review/30522
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

NTP: add request/response tracking to mode 7 packets

Change-Id: I8cee0b2fb6f371682df045cbae4193e871b485c5
Reviewed-on: https://code.wireshark.org/review/30516
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NTP: fix parsing of NTP mode 7 messages

- fix byte used for A and Sequence fields
- added missing unused field in MON_GETLIST_1 strcuture
- added dissection of MON_GETLIST structure
- added dissection of Encryption Keyid and MAC fields

Bug: 15258
Change-Id: I7525fcd8daeeeef449294c0d79c2853a852328ed
Reviewed-on: https://code.wireshark.org/review/30514
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add dissector for CDMA 2000 3GPP2 C.S0005-E v3.0

Change-Id: Id71c4208297893468dfa7d48e778e25c342f1581
Reviewed-on: https://code.wireshark.org/review/30521
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add GCSNA General Circuit Services Notification Application Protocol
dissector.

Change-Id: I8c29b827cd5bc875bc40ee7e9315b0525b0d3263
Reviewed-on: https://code.wireshark.org/review/30520
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add Secure Reliable Transport dissector

Bug: 15209
Change-Id: I4353a9d3961a8cd8e7bbc02167d8d6cb1fd76285
Reviewed-on: https://code.wireshark.org/review/30224
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Add dissector for ANSI Local Number Portability Database Query Protocol.

Bug: 15236
Change-Id: I3a04394bf9069f63b90f7a3d60e801a846840839
Reviewed-on: https://code.wireshark.org/review/30515
Reviewed-by: Anders Broman <a.broman58@gmail.com>

travis: fully restyle the matrix.

It includes the following builds:
- osx default pcap on/off
- osx xcode 10.1 pcap on/off
- linux gcc-8 pcap on/off
- linux clang-7 pcap on/off

Doc: https://docs.travis-ci.com/user/languages/cpp/

Change-Id: I21e20f3678d35d19756cb1ce1a7b97624f18c3e3
Reviewed-on: https://code.wireshark.org/review/30493
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

ansi tcap: Fix faulty mask for AMSI MAP "family" in Operation code

Bug: 15236
Change-Id: Iab14c15f8ad7ed3ee669d9aa759c587aca2777df
Reviewed-on: https://code.wireshark.org/review/30513
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

nas5gs: Use tfs_nas_5gs_ul_data_sts_psi in a couple of more places.

Change-Id: Ia69dd05082883030a28f878eb05cee834ba7532e
Reviewed-on: https://code.wireshark.org/review/30512
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gtpv2: Add dissection of SCEF PDN Connection.

Change-Id: I940c786d01d6b648f6e50dad50bb2ecfb37ddefb
Reviewed-on: https://code.wireshark.org/review/30511
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee802154: Free uat table records

Add addr_uat copy and free callbacks.

Change-Id: Ifecf962cccdea4a4f87fc30c5573eee285ba00bc
Reviewed-on: https://code.wireshark.org/review/30510
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

btrfcomm: Free uat table records

Add uat_rfcomm_channels copy and free callbacks.

Change-Id: I0a778447cf32cbf73dd0d09bfdeabcc7c803f91b
Reviewed-on: https://code.wireshark.org/review/30509
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

DHCP: Handle proxyDHCP on UDP port 4011.

Proxy DHCP (proxyDHCP) is described in the PXE specification ver 2.1 (section
2.2.3) as a mechanism to allow a PXE client to query a separate service,
listening on port 4011, to obtain boot file information.  Other than the UDP
port number used, the protocol is identical to regular DHCP.

This change implements support for dissecting proxyDHCP packets.

The change expands the default pref value for the DHCP/BOOTP UDP ports list to
include port 4011, and if the dissector receives a packet for port 4011 which
passes a rough heuristic (the DHCP magic number is mandatory for proxyDHCP --
there is no such thing as BOOTP-only proxyDHCP), the packet passes through to
the regular DHCP dissector.

There's currently no separate preference to allow configuration of the expected
proxyDHCP port number...  This seems reasonable, since the port number 4011 is
stipulated in the PXE specification, and variations would seem unlikely.

Testing Done: Opened a capture file containing a DHCP conversation using
   proxyDHCP, and saw the traffic on UDP port 4011 was now decoded as DHCP and
   reported as "proxyDHCP", instead of being generic UDP.  Regular DHCP traffic
   in the same capture file is still decoded as it was before.  Produced some
   deliberately malformed requests (bad magic number) and tweaked the
   DHCP/BOOTP port list in prefs, and saw the expected behavior in each case.
   20,000 iterations of fuzz-test.sh with a small corpus of captures from
   PXE-booting systems.

Change-Id: Ifd485cd75834a51bdfd6f3ba3fe517c4a892d9d0
Reviewed-on: https://code.wireshark.org/review/30498
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: add option to set proxycommand to ssh sessions.

sshdump and ciscodump have been updated to use it.

Change-Id: I4e1e0d35f086d76c13264939bc4f14308cc88cfb
Reviewed-on: https://code.wireshark.org/review/30496
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: change boolean to boolflag for --debug option.

Change-Id: I6a42e689fa9a914f7f3bee1c1ade2218573a1c3f
Reviewed-on: https://code.wireshark.org/review/30502
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: fix return value in extcap_base_parse_options().

We need to split good options' from bad options' return value.

Change-Id: I836e58c0f05716484664f354e7332a74d6a08c20
Reviewed-on: https://code.wireshark.org/review/30503
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

PFCP: corrected field naming typo

Change-Id: I1b530ed95cf0da781a1e2dfad64c7e15f906d748
Reviewed-on: https://code.wireshark.org/review/30508
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

UDP/UDP-Lite : Add Conversation timestamps

Change-Id: Ibc6cf4ec014e2798032f7dcd65d119ff3ca1a78d
Reviewed-on: https://code.wireshark.org/review/30476
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

tools: fix LUA version and add more libs to the brew script.

brew installs lua 5.3 by default, that is not Wireshark compatible.
lua@5.1 is installed instead since lua@5.2 is not available, see
https://github.com/Homebrew/homebrew-core/issues/24409

Change-Id: I82c98bc3314e367dbdb71109887c37372f6293d2
Reviewed-on: https://code.wireshark.org/review/30494
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

c1222: Free uat table records

Add c1222_uat_data copy and free callbacks

Change-Id: I43a737db72ea826aab18960247784d4927fe3ec5
Reviewed-on: https://code.wireshark.org/review/30505
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

wireguard: Free uat table records

Add wg_key_uat_record copy and free callbacks

Change-Id: I7f49dace09f41763b9676e02ce69cc2d65d3ca8a
Reviewed-on: https://code.wireshark.org/review/30504
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

travis: use ctest directly (allows parallel execution).

Change-Id: I74b2eb852ab2bac6b5151916c8f5fa52f7f7de49
Reviewed-on: https://code.wireshark.org/review/30506
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>

[Automatic update for 2018-11-04]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Iee0e09f81a210056a76987713b09d95c390f5876
Reviewed-on: https://code.wireshark.org/review/30499
Reviewed-by: Gerald Combs <gerald@wireshark.org>

IAX: Don't try and copy a non-existent address

Bug: 15251
Change-Id: I47e80ea6271f46731cf391a54ceea61c363b6cf7
Reviewed-on: https://code.wireshark.org/review/30481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

sshdump: add missing space.

Change-Id: I593ccf333db91dd9877cf5e8ef30c3e722c6df89
Reviewed-on: https://code.wireshark.org/review/30497
Reviewed-by: Dario Lombardo <lomato@gmail.com>

travis: fix indentation.

Change-Id: I5c69218d590d210d61b18c4dc6b7322b9a9ee2b1
Reviewed-on: https://code.wireshark.org/review/30489
Reviewed-by: Dario Lombardo <lomato@gmail.com>

TDS: Remove Type info for Value

Change-Id: I3f2005c9b6587b9b9425f9e61f5afecba822bbf9
Ping-Bug: 15255
Reviewed-on: https://code.wireshark.org/review/30467
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

IAX: Don't try and convert an invalid codec to a mask

Bug: 15251
Change-Id: I1929e96766c32654f3b41c522df5cf22a1c60516
Reviewed-on: https://code.wireshark.org/review/30483
Reviewed-by: Johannes Altmanninger <aclopte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

IAX: Fix the bitmask extracting the subclass field

See https://github.com/asterisk/asterisk/blob/master/channels/chan_iax2.c#L10154

Change-Id: I2b4dc8a5af783bae9c5afed03deb6cd0b85cacc2
Reviewed-on: https://code.wireshark.org/review/30486
Reviewed-by: Tom Hughes <tom@compton.nu>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

%f suffices for floats and doubles.

Change-Id: Ic45a009d449b7ef20fa903e7d5222eef872d337b
Reviewed-on: https://code.wireshark.org/review/30490
Reviewed-by: Guy Harris <guy@alum.mit.edu>

tds: use %lf instead of G_GINT64_MODIFIER for text.

On many platforms, G_GINT64_MODIFIER is "ll", that gives an error when used with
the float modifier:

../epan/dissectors/packet-tds.c:2270:55: error: length modifier 'll' results in undefined behavior or no effect with 'f' conversion specifier [-Werror,-Wformat]
                    proto_item_append_text(item, " (%"G_GINT64_MODIFIER"f)", tvb_get_letohieee_float(tvb, *offset));
                                                    ~~^~~~~~~~~~~~~~~~~~~
/usr/local/Cellar/glib/2.58.1/lib/glib-2.0/include/glibconfig.h:56:28: note: expanded from macro 'G_GINT64_MODIFIER'
#define G_GINT64_MODIFIER "ll"
                           ^
1 error generated.

The solution appears to revert back to %lf.

Fixes: v2.9.0rc0-2411-gdbe2d081ec
Change-Id: I470cc5395921abc14aedd501f27881d5c21c618f
Reviewed-on: https://code.wireshark.org/review/30487
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>

extcap: use the correct values for comparing.

Change-Id: Ieb9c0940065aeff1234998aaec37f05fb7f80ed9
Reviewed-on: https://code.wireshark.org/review/30484
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

extcap: small fix.

Change-Id: I043bef4eb1f1fe74f277bcdb3d7a3d1c8d2ec1a9
Reviewed-on: https://code.wireshark.org/review/30485
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

extcap: add check before using pipedata.

In line 1131 the check assumes that pipedata can be NULL. All subsequent
uses require it is not NULL, otherwise it may result in a NULL
dereference.

Found by Clang.

Change-Id: I9bd35b6213adfb41de2e96d5cc6da2b3bac4dd95
Reviewed-on: https://code.wireshark.org/review/30478
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

isakmp: free the ikev[12] uat tables on shutdown

Change-Id: Ic79d7a61ca70e408fd44a007a95414d8f6c700c9
Reviewed-on: https://code.wireshark.org/review/30463
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>

TDS: Display value of data on top of field

Bug: 15255
Change-Id: Ib100de8c5eebfc359a6913a3bb7b6b171c12eedc
Reviewed-on: https://code.wireshark.org/review/30468
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

teamspeak2: fix indent

add space after comma

Change-Id: I51486a55ae07aef4af4d36174dbe8ce849232538
Reviewed-on: https://code.wireshark.org/review/30469
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

IAX: Fix compilation when DEBUG_HASHING is defined

Change-Id: I66d6ddccc1a8afceb251565a54bf235b4e9a44f7
Reviewed-on: https://code.wireshark.org/review/30480
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

oer: fix spelling-error-in-binary found by lintian

Occurance -> Occurrence

Change-Id: I97149e3792f06880333c4bb03cf88444b6589598
Reviewed-on: https://code.wireshark.org/review/30479
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

cemi: fix dead assignment (found by clang).

Change-Id: I30739813c84ae05c9c6edf31b204dfff8496a954
Reviewed-on: https://code.wireshark.org/review/30477
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

MQTT v5 malformed packet fixes.

Neither of the following situations were reading MQTT v5 properties from
the packet, leading to valid MQTT 5 packets being marked as malformed.

CONNECT packet with a Will
UNSUBSCRIBE packet

Bug: 15257
Change-Id: Iedb68e7285832fc5692f793b4354a6402ca8ac8d
Reviewed-on: https://code.wireshark.org/review/30464
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Bluetooth: HCI: Add more description about SCO Packet Types

Bluetooth specification says that some bits mean that packet type MAY BE used,
but some other bits meaning is "may NOT be used" what is suprising.
Follow specification by improving description of these fields.

Bug: 15156
Change-Id: Ie3cf11db420fff07b4833878d1131d56575ccc22
Reviewed-on: https://code.wireshark.org/review/30459
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

TLS: more SSL -> TLS rename

Change-Id: Iea719f2d87a6f5cc61d17c843da533b401390792
Reviewed-on: https://code.wireshark.org/review/30474
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Fix "Follow TLS Stream" after ssl -> tls rename

Change-Id: I53be2ae6fae135b2da98ae95deac535bcd37af74
Reviewed-on: https://code.wireshark.org/review/30473
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

MySQL: is_ssl -> is_tls rename

Change-Id: I9782334ce8f16996f31d932d40b569228f7aa4a3
Reviewed-on: https://code.wireshark.org/review/30472
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Follow SSL -> Follow TLS

Change-Id: I6b89d07ee5b57d3f3b709d7af7e3362206518a62
Reviewed-on: https://code.wireshark.org/review/30471
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

TLS: rename decrypted data source from SSL to TLS

Change-Id: Ia6229ee7243ee5285c2152778712e540063eadc1
Reviewed-on: https://code.wireshark.org/review/30470
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

ZigBee SE: Dissect notification flags and snapshot causes

NotificationFlags in GetNotifiedMessage (previously only done for attributes).
SnapshotCause in TakeSnapshot, GetSnapshot and PublishSnapshot.
SnapshotPayloadCause in GetPrepaySnapshot and PublishPrepaySnapshot.

Change-Id: I9a6d19414b910b27f9dc7b9b7ba63c0d14eb1e01
Reviewed-on: https://code.wireshark.org/review/30416
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

macOs: Fix build fix for tab view

Fix the build for displaying the tabs wrongly on mac

Change-Id: I58265b7cf9a4758885ef1add13417c42a467be9d
Reviewed-on: https://code.wireshark.org/review/30462
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

Qt: Remove wireless toolbar if not supported

To mimic the behaviour we have with remote controls, we
hide the wireless toolbar if it cannot be used, instead
of displaying an empty toolbar with the information that
it is not supported

Change-Id: Iccb0bf78a29a2547adf2290198df8a1bf3450d82
Reviewed-on: https://code.wireshark.org/review/30455
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

print.c: use SEP_XXX to print byte strings

Bug: 15253
Change-Id: I3b294fa65c1bd4ef4184bcf2e1b56ef4f55cbb82
Reviewed-on: https://code.wireshark.org/review/30461
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add RTCP Floor Control packets dissection for MCPTT based on 3GPP TS
24.380

Bug:15147
Change-Id: I332b2eabd3cd8fc1b88e6b0268814d858d360ca2
Reviewed-on: https://code.wireshark.org/review/30460
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packetlogger: Show all known types in Info column

Always lookup type from type_vals to show in Info column.

Change-Id: I8cb9a1e748e40d37d58be0e21d2cce395f7f8cec
Reviewed-on: https://code.wireshark.org/review/30457
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

ws_pipe_close(): also close the handle after terminating process

Change-Id: Ie19eba9706e2af1a58a6946e8af68ab90c0c8a7d
Reviewed-on: https://code.wireshark.org/review/30456
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

ws_pipe_close() is now available starting from 2.6.5

Change-Id: I182e6227fda8402519a6bc7268f78aae7485c49a
Reviewed-on: https://code.wireshark.org/review/30454
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Use ws_pipe_close() in one more place

Change-Id: I584df2c7ae8041a29d9941995883c232abb040d6
Reviewed-on: https://code.wireshark.org/review/30452
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Revert "FT_BYTES: fix dissection of FT_BYTES when using SEP_SPACE and "NONE" options"

This reverts commit 0457e6041942776ecff9d4377fc0ce5a340dbb7a.

Change-Id: Id39722872efbe98648754d7543da7ae5b08f8b67
Reviewed-on: https://code.wireshark.org/review/30451
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

wsutil: introduce ws_pipe_close() helper and use it to terminate mmdbresolve

We were not calling TerminateProcess() to stop mmdbresolve.Exe process on
Windows.

Bug: 15248
Change-Id: Ic90cf438a8003a6fefb023b7056984681ce09b46
Reviewed-on: https://code.wireshark.org/review/30449
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

mmdb: do not lock the pipe mutex recursively

According to GLib documentation, take twice the lock in the same thread
leads to undefined behavior (and could lead to deadlocks).

Change-Id: I40e02ba9d619eb1db2a04f2be54c461c817b15ff
Reviewed-on: https://code.wireshark.org/review/30446
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

FT_BYTES: fix dissection of FT_BYTES when using SEP_SPACE and "NONE" options

SEP_SPACE and BASE_NONE both default to colon (:). Fix SEP_SPACE and add SEP_NONE

Bug: 15253
Change-Id: Ib5db997714414370b08ffb9458c73d4aeef6aacf
Reviewed-on: https://code.wireshark.org/review/30447
Reviewed-by: Jeremy Martin <boardermartin@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Move condition logic to dumpcap.c

Move the condition logic from capture_stop_conditions.c to dumpcap.c.
Remove capture_stop_conditions.[ch] and conditions.[ch].

Switch duration values to doubles.

Change-Id: Ifa74fb13ec8fc923b0721597a6cf071d72069ea0
Reviewed-on: https://code.wireshark.org/review/30440
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>