metze/wireshark/wip.git
3 years agoUse g_get_charset instead of g_get_codeset.
Gerald Combs [Fri, 13 May 2016 16:22:34 +0000 (09:22 -0700)]
Use g_get_charset instead of g_get_codeset.

From Guy via
https://www.wireshark.org/lists/wireshark-dev/201605/msg00027.html

Change-Id: I7884cecb6cd87f474ecc3f84253797fe57f62487
Reviewed-on: https://code.wireshark.org/review/15421
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoQt: Use SpeexDSP API names for RTP player
João Valverde [Thu, 12 May 2016 12:23:27 +0000 (13:23 +0100)]
Qt: Use SpeexDSP API names for RTP player

The speex headers use some CPP magic to rename the API.

Using the public names in the calling code reduces obfuscation and
allows linking with libspeexdsp.so also.

Change-Id: I10c6cd2de6b237400224d3db6a9995e646747311
Reviewed-on: https://code.wireshark.org/review/15400
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoQt: Fix a recent files infinite loop.
Gerald Combs [Fri, 13 May 2016 18:13:07 +0000 (11:13 -0700)]
Qt: Fix a recent files infinite loop.

QListWidget::takeItem does nothing if the row is invalid. This is the
case when we pass it ::count(). Make sure that we remove a valid row and
that our loop will terminate.

Follow-up to g174dc98.

Change-Id: I7e695cc04b2f3b5c28a8cc70af0579d787ff8737
Reviewed-on: https://code.wireshark.org/review/15417
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoFix (spurious) checkAPIs issue
Graham Bloice [Fri, 13 May 2016 17:50:40 +0000 (18:50 +0100)]
Fix (spurious) checkAPIs issue

checkAPIs complains that the system member of the kingfisher_packet_t
structure shadows a system variable.

Althoguh this is a false positive, rename the variable to keep
checkAPIs happy.

Change-Id: Ia356dea5abb3ed93d10c5057f55786e2f28cec11
Reviewed-on: https://code.wireshark.org/review/15414
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
3 years agopacket-nfs: Add flex file flag: FF_FLAGS_NO_READ_IO
Tom Haynes [Fri, 13 May 2016 18:10:45 +0000 (11:10 -0700)]
packet-nfs: Add flex file flag: FF_FLAGS_NO_READ_IO

Change-Id: I3c5895d2e0671cdcd8063aa27356d49aa2bdbfa7
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/15416
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Trond Myklebust <trondmy@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoRun checkAPIs in epan/wmem/
Michael Mann [Fri, 13 May 2016 15:03:55 +0000 (11:03 -0400)]
Run checkAPIs in epan/wmem/

Was fixed to pass.  Let's keep it that way.

Change-Id: I49b532b6f1df2430b3912f8f1e9d518caff17d2c
Reviewed-on: https://code.wireshark.org/review/15413
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoHave wmem conform to checkAPIs.pl
Michael Mann [Thu, 12 May 2016 17:39:15 +0000 (13:39 -0400)]
Have wmem conform to checkAPIs.pl

Yes, the rename of structure members is a bit hacky.
Yes, catering to Windows since "GLib's v*printf routines are
surprisingly slow on Windows".
But it does pass checkAPIs.pl

Change-Id: I5b1552472c83aa2e159f17b5b7eb70b37d03eff9
Reviewed-on: https://code.wireshark.org/review/15404
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: add some cleanup function calls missing when leaving application
Pascal Quantin [Wed, 11 May 2016 13:16:44 +0000 (15:16 +0200)]
Qt: add some cleanup function calls missing when leaving application

Change-Id: I8f22d321e84daa36d4a40856b61d0844d3489cc2
Reviewed-on: https://code.wireshark.org/review/15374
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoBACAPP: event-time-stamps decode fix
Lori Tribble [Fri, 13 May 2016 01:08:35 +0000 (21:08 -0400)]
BACAPP: event-time-stamps decode fix

event-time-stamps decode when array-index is 0.

Bug: 12422
Change-Id: I9f1f90e269352a49a8fc8a2ba2f64211f3cf7961
Reviewed-on: https://code.wireshark.org/review/15409
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoFix inclusion of images in PDF versions of the guides.
Jeff Morriss [Fri, 13 May 2016 01:02:22 +0000 (21:02 -0400)]
Fix inclusion of images in PDF versions of the guides.

We need to point xsltproc to the images directories.

The bigger images have scaling problems but at least they're
there now.

This is already done in cmake.

Change-Id: I260a8f3e335b9f5726811bcd6811f6c5b9f3a6b2
Reviewed-on: https://code.wireshark.org/review/15408
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoautomake/nmake: run checkAPIs in ui/cli/
Jeff Morriss [Thu, 12 May 2016 15:02:57 +0000 (11:02 -0400)]
automake/nmake: run checkAPIs in ui/cli/

cmake already does this.

Use checkAPIs arguments appropriate to the cli directory (there's no gtk code
here so don't bother checking for deprecated gtk APIs).

Change-Id: I3e76ed5260223f05ac1b42431569bde3d1c596ea
Reviewed-on: https://code.wireshark.org/review/15403
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agojxta: there's no need to call proto_tree_set_visible() when calling append_text()
Jeff Morriss [Fri, 13 May 2016 02:49:09 +0000 (22:49 -0400)]
jxta: there's no need to call proto_tree_set_visible() when calling append_text()

It only needs to be called if you're calling proto_tree_append_string().

Change-Id: Ia00c3cb0077469ef6c2eadf98d02569af399fa7d
Reviewed-on: https://code.wireshark.org/review/15411
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoAdd filterable fields for each ISUP number.
Jeff Morriss [Fri, 15 Apr 2016 02:43:16 +0000 (22:43 -0400)]
Add filterable fields for each ISUP number.

Make a common number dissection function to do this without cut-n-pasting code
a whole bunch of times.

Clean up the number dissection code while we're there:
 - Don't throw an exception when we found too many digits.  Report it (expert
   info) and move on.
 - Avoid a useless (text) subtree: use the hf for the number as the root of
   the tree.  This means using proto_tree_append_string() which adds some
   complication but it's worth it to avoid a hidden item (which was the old
   solution if we passed the number to the E.164 dissector).

Bug: 12334
Change-Id: I465cab91b216b734f5763a4e56faa8e06b0731a2
Reviewed-on: https://code.wireshark.org/review/14924
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoMove the Valgrind size check after the capinfos check of the file.
Jeff Morriss [Fri, 13 May 2016 02:42:50 +0000 (22:42 -0400)]
Move the Valgrind size check after the capinfos check of the file.

That way if we pass a file that doesn't exist to the fuzz-test script we won't
get errors from 'ls' complaining that the file doesn't exist.

Change-Id: I33f4bd692775e6d3f990adaaa37b7530d343fe52
Reviewed-on: https://code.wireshark.org/review/15410
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoautomake: fix wslua generation in out-of-source-tree builds.
Jeff Morriss [Thu, 12 May 2016 20:49:45 +0000 (16:49 -0400)]
automake: fix wslua generation in out-of-source-tree builds.

We neeed to set the build directory (because that's where the wslua stuff gets
put).

Also fix up wslua dependencies:
 - It's needed (only) for the asciidoc->XML step
 - It's not needed for the wsug any more

Change-Id: Ic1231a964b1edfb7d2eeacc5cc1c3fdda6969f21
Reviewed-on: https://code.wireshark.org/review/15407
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoUpdate the release notes.
Gerald Combs [Wed, 11 May 2016 23:41:15 +0000 (16:41 -0700)]
Update the release notes.

Change-Id: I0e3296555ce95dd48256a7a8c39fc82c71466dcb
Reviewed-on: https://code.wireshark.org/review/15392
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agopacket-nfs: add decoding and displaying of exclusive create attributes
Tigran Mkrtchyan [Thu, 12 May 2016 13:40:20 +0000 (15:40 +0200)]
packet-nfs: add decoding and displaying of exclusive create attributes

NFSv4.1 defines FATTR4_SUPPATTR_EXCLCREAT attribute which tells the client
a bitmap of attributes which can be set during exclusive create. Wireshark did
show that FATTR4_SUPPATTR_EXCLCREAT is provided, but doesn't show supported
attributes.

Bug: 12435
Change-Id: I29fc6beb2e75e9c78d68b1ca73a714bab2ad10a2
Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
Reviewed-on: https://code.wireshark.org/review/15401
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoBACAPP: Added dissection for NotificationParameter
Lori Tribble [Wed, 11 May 2016 02:42:54 +0000 (22:42 -0400)]
BACAPP: Added dissection for NotificationParameter

Case 19 - change-of-reliability and related enums

Bug: 11734
Change-Id: Ie40acc9d157adcf4d69b9cc57c6419daf8f6263d
Reviewed-on: https://code.wireshark.org/review/15350
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoERF: In packet-eth register ERF_TYPE_ETH variants.
Anthony Coddington [Thu, 12 May 2016 07:10:37 +0000 (19:10 +1200)]
ERF: In packet-eth register ERF_TYPE_ETH variants.

Register for:
ERF_TYPE_COLOR_ETH
ERF_TYPE_DSM_COLOR_ETH
ERF_TYPE_COLOR_HASH_ETH

Change-Id: I5877ca5721abaa269f937cca0414df4f6b1a5eef
Reviewed-on: https://code.wireshark.org/review/15398
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agocodecs: Move noinst_HEADERS to Makefile.am
João Valverde [Thu, 12 May 2016 12:26:42 +0000 (13:26 +0100)]
codecs: Move noinst_HEADERS to Makefile.am

It's not common code and because it is only required for make dist
placing it in Makefile.am provides better automake readability.

Also noinst_HEADERS is not necessary in _SOURCES.

Change-Id: I5269b79b62141efbc3151e69c5584643e5ebec47
Reviewed-on: https://code.wireshark.org/review/15399
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoWiX banner and dialog images.
Gerald Combs [Wed, 11 May 2016 18:19:44 +0000 (11:19 -0700)]
WiX banner and dialog images.

Add initial Wireshark-branded artwork to the WiX installer.

Change-Id: I1997023784112890f5366a577ca3b8101be530da
Reviewed-on: https://code.wireshark.org/review/15383
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoextcap (CID 1355644): fix the range check for guint
Martin Kaiser [Tue, 10 May 2016 20:36:41 +0000 (22:36 +0200)]
extcap (CID 1355644): fix the range check for guint

by using a temporary variable

Change-Id: I4f1f51a9fd600356839cbb44f099965058556bf0
Reviewed-on: https://code.wireshark.org/review/15340
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoautotools: Move OSX autoconf macros to ws_osx.m4
João Valverde [Wed, 11 May 2016 05:53:14 +0000 (06:53 +0100)]
autotools: Move OSX autoconf macros to ws_osx.m4

Change-Id: Icde077957810a0eb2a99cdfd6ec57dfd04b4ad47
Reviewed-on: https://code.wireshark.org/review/15354
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoconfigure.ac: Remove condition for AC_CHECK_FUNC (on Solaris)
João Valverde [Wed, 11 May 2016 06:04:27 +0000 (07:04 +0100)]
configure.ac: Remove condition for AC_CHECK_FUNC (on Solaris)

Change-Id: Iecf697c718cb2ca522060c64b4ca136458b38127
Reviewed-on: https://code.wireshark.org/review/15355
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoconfigure.ac: Remove obsolete AM_PROG_LIBTOOL
João Valverde [Wed, 11 May 2016 05:33:24 +0000 (06:33 +0100)]
configure.ac: Remove obsolete AM_PROG_LIBTOOL

Not needed anymore.

Change-Id: I4743554fc488767516b5c21b36eec19a4a08c818
Reviewed-on: https://code.wireshark.org/review/15352
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoQt: Fix Show Packet Bytes ShowAsImage
Stig Bjørlykke [Wed, 11 May 2016 12:19:30 +0000 (14:19 +0200)]
Qt: Fix Show Packet Bytes ShowAsImage

Always loadFromData when ShowAsImage to avoid situations where a valid
image is not loaded.  Enable print/copy/save-as buttons when loading
a valid image.

Change-Id: I8461f560e1e41388b59f7d8a46f30d511cf2e4a4
Reviewed-on: https://code.wireshark.org/review/15369
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
3 years agoAdd ${LIBSSH_DLL} for generating Wix component group list
Michael Mann [Thu, 12 May 2016 03:11:06 +0000 (23:11 -0400)]
Add ${LIBSSH_DLL} for generating Wix component group list

copy/paste error missed ${LIBSSH_DLL} when looping second time.

Change-Id: Iccb32c0d32b328828e4da13f745fb0bc9bdc16ae
Reviewed-on: https://code.wireshark.org/review/15395
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agopcap-common: Fix several serious ENCAP_ERF extension header writing issues
Anthony Coddington [Tue, 5 Apr 2016 06:19:59 +0000 (18:19 +1200)]
pcap-common: Fix several serious ENCAP_ERF extension header writing issues

Write ERF subheader after extension headers, especially important for Ethernet
(other types predate extension headers for the most part).
Add missing ERF_TYPE_MC_AAL2 and ERF_TYPE_COLOR_HASH_ETH.

Truncate final ERF extension header when too many. Rlen is not currently
adjusted so may be incorrect (see followup patch). Existing tools generally
check against PCAP incl_len anyway as there are other scenarios where this can
happen like naive snapping or Wireshark ERF-to-PCAP.
Properly fixing this will involve getting rid of the ERF pseudoheader.
Consistent with the ERF wiretap (except for different padding behaviour).

Bug: 3606
Change-Id: I6086cbc3fef948586fbad6f585f648d99adfff4f
Reviewed-on: https://code.wireshark.org/review/15358
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRPM: make autoconf (and a few other build dependencies) optional.
Jeff Morriss [Mon, 9 May 2016 17:51:26 +0000 (13:51 -0400)]
RPM: make autoconf (and a few other build dependencies) optional.

Most people building RPMs don't need autoconf, automake, flex, or bison.
But enough people do patch Wireshark (in the spec file) to make it an option.

Based on Joao's Ib3f85b59c26c25c83fe6a939aee1a2dc75dd28f9.

Change-Id: I62bf2a0c5cbe0a1abd680322ab82fcb14aedd0c3
Reviewed-on: https://code.wireshark.org/review/15313
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoRun checkAPIs in epan/ .
Jeff Morriss [Wed, 11 May 2016 17:59:44 +0000 (13:59 -0400)]
Run checkAPIs in epan/ .

It runs cleanly (no errors anyway) now.

Change-Id: I1dca3a3f854c4f2feebcf4193e3c5d444a01e06b
Reviewed-on: https://code.wireshark.org/review/15378
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: for QUIC < 33, display CID flag with 2 bits
Alexis La Goutte [Tue, 3 May 2016 14:47:10 +0000 (16:47 +0200)]
QUIC: for QUIC < 33, display CID flag with 2 bits

Change-Id: I943a40b7a942a6175d9b92cbb6060de34060459d
Reviewed-on: https://code.wireshark.org/review/15269
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: Add conversation support for store the version
Alexis La Goutte [Tue, 3 May 2016 05:12:59 +0000 (07:12 +0200)]
QUIC: Add conversation support for store the version

Change-Id: Id9e2cc4a8b94ed91e35a6ab7610ab37ab2c41340
Reviewed-on: https://code.wireshark.org/review/15268
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: fix dissection when num_timestamp = 0 and also reason phrase length use little...
Alexis La Goutte [Mon, 9 May 2016 08:58:19 +0000 (10:58 +0200)]
QUIC: fix dissection when num_timestamp = 0 and also reason phrase length use little endian

Change-Id: Id0158463b437face3412ec416f28d95b63ae4a07
Reviewed-on: https://code.wireshark.org/review/15302
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoERF: Fix Ethernet FCS detection and remove preference
Anthony Coddington [Thu, 7 Apr 2016 05:45:20 +0000 (17:45 +1200)]
ERF: Fix Ethernet FCS detection and remove preference

Use eth_maybefcs instead of eth_withoutfcs.
ERF_TYPE_ETH records almost always have FCS, but using maybe means the "Assume
packets have FCS" is respected.
Mark the erf_ethfcs preference as obsolete. It was being ignored.
This was broken by Change 3670 which changed the ERF dissector to use
a dissector table.

Change-Id: I45cffdaed3890f8a0f505b2011be8c5204d9b2a6
Reviewed-on: https://code.wireshark.org/review/15360
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoautomake/nmake: don't run checkAPIs on lex and yacc files.
Jeff Morriss [Wed, 11 May 2016 16:06:55 +0000 (12:06 -0400)]
automake/nmake: don't run checkAPIs on lex and yacc files.

The lex files use malloc and friends which is prohibited; don't check them
(until checkAPIs becomes smart enough to realize this is OK).

This mirrors what is done in cmake.

Change-Id: Ie80ea7a9b7c0e25c70c8edf3671e80a493ea1b2f
Reviewed-on: https://code.wireshark.org/review/15377
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoTShark: Separate columns using UTF-8 arrows.
Gerald Combs [Mon, 9 May 2016 17:16:48 +0000 (10:16 -0700)]
TShark: Separate columns using UTF-8 arrows.

Use UTF8_RIGHTWARDS_ARROW and UTF8_LEFTWARDS_ARROW instead of "->" and
"<-" between addresses. This matches the port-printing behavior of the
TCP, UDP, and SCTP dissectors.

Change-Id: I0add8bfb1748319758a1ce7dbd362af818139db8
Reviewed-on: https://code.wireshark.org/review/15319
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoTShark: Add a "-E bom=" option.
Gerald Combs [Mon, 9 May 2016 20:35:36 +0000 (13:35 -0700)]
TShark: Add a "-E bom=" option.

Add an option to print the UTF-8 BOM.

Change-Id: I3d30c67852b9b89d1548b0f957d97fd8e8741049
Reviewed-on: https://code.wireshark.org/review/15318
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRun checkAPIs in epan/ftypes/ .
Jeff Morriss [Wed, 11 May 2016 13:31:39 +0000 (09:31 -0400)]
Run checkAPIs in epan/ftypes/ .

Michael cleaned up the strcpy()'s which were preventing it from running
without errors.

Change-Id: I3f02150a9b1fbefddb67c0cb90fc2c58766d7d2a
Reviewed-on: https://code.wireshark.org/review/15375
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: fix loading of profile by command line
Pascal Quantin [Wed, 11 May 2016 12:31:59 +0000 (14:31 +0200)]
Qt: fix loading of profile by command line

recent_read_static() must be called before processing the -C option
as it will select the last profile used.
While we are at it, add a missing profile_store_persconffiles(FALSE) call
to match what is done in GTK based UI

Bug: 12425
Change-Id: I9cfdca3ed25f0ed97535178973e3f0427b9ad2b1
Reviewed-on: https://code.wireshark.org/review/15371
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agos7comm: block/file up-/download redesign
Thomas Wiens [Fri, 6 May 2016 10:53:21 +0000 (12:53 +0200)]
s7comm: block/file up-/download redesign

Redesigned the block/file up- and download, using new informations from
PI-Services.
Changed the block-info items, as it's in general a string, which can be
further dissected if it's a PLC program block.
Other types of Siemens automation hardware may use this as a simple
filename for filetransfer.
Changed the display-style for block name/number in info-column, to be more
compact.

Change-Id: Ie7c3a285d25897f8516ed8827041a5dbdf80679e
Reviewed-on: https://code.wireshark.org/review/15275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoFixed value for experimental result code 5142
Marius Paliga [Wed, 11 May 2016 12:41:25 +0000 (14:41 +0200)]
Fixed value for experimental result code 5142

Bug: 12428
Change-Id: Idc46b4bc881fb2c5e83af7ac55b5cfd060d9b185
Reviewed-on: https://code.wireshark.org/review/15370
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoCreate a Wix Installer
Michael Mann [Thu, 7 Apr 2016 23:03:51 +0000 (19:03 -0400)]
Create a Wix Installer

This is intended to replace the NSIS installer for Windows.
It does not include installing WinPcap or USBPcap.  From the research I've done, it seems to make more sense to "bundle" them with Wix ("wrapper" installer that would include Wireshark, WinPcap and USBPcap installers together)

TODO:
1. Customize installer with Wireshark graphics
2. Better handling flexibility of installing VC CRT Merge module (need build script to provide appropriate macros).  Something like (or modifying existing) FindMSVC_REDIST.cmake.
3. Use Wireshark UpgradeProductCode for install/uninstall. Previous NSIS installer did not have an upgrade code, so there are some backwards compatibility concerns.
4. Uninstall considerations (removing whole directories - plugins, configuration profiles?).  NSIS needed to do more things "manually" than Wix does by default.  Need to merge as best as possible to handle backwards compatibility.

Many thanks to Brian Pratt for all the Wix help.

Change-Id: Ib50780214fc7707ba2a46fd96ba8797a1763fa0c
Reviewed-on: https://code.wireshark.org/review/14858
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoCreate IEC401 source TCP port preference.
Jaap Keuter [Mon, 9 May 2016 18:06:33 +0000 (20:06 +0200)]
Create IEC401 source TCP port preference.

In order to decode IEC401 over TCP/IP it's not always the case
that the source port is the default 2404. Makeing this port a
preference addresses the decoding issue and src/dst determination.

Bug: 12407
Change-Id: Ifaee829e014a5e0ce449d047d9e0e44c470cd2f5
Ping-Bug: 10933
Reviewed-on: https://code.wireshark.org/review/15321
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
3 years agoFix warnings for good ISUP messages
Rustam Safargalin [Wed, 11 May 2016 06:57:05 +0000 (09:57 +0300)]
Fix warnings for good ISUP messages

Bug: 12423
Change-Id: Ie4bd0507677850317fda69b991d167948b241397
Reviewed-on: https://code.wireshark.org/review/15356
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoDecode the first 6 bytes of Unknown1 as Timestamp: Two recorded Beacons
Joerg Mayer [Wed, 11 May 2016 11:37:47 +0000 (13:37 +0200)]
Decode the first 6 bytes of Unknown1 as Timestamp: Two recorded Beacons
had the identical difference in the timestamp and unknown1 value, and
the difference was almost identical to the beacon interval (102398 vs 102400us).

Change-Id: Ic3fe8c1b52f3e9852ffdeae0fda79c5cb2e1482b
Reviewed-on: https://code.wireshark.org/review/15368
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
3 years ago[tshark] Document -U option and create a list of tap names when entering
AndersBroman [Tue, 10 May 2016 13:16:26 +0000 (15:16 +0200)]
[tshark] Document -U option and create a list of tap names when entering
an empty name "".

Change-Id: I2b8332ff6900c8a88514a25a416f342d7b696d34
Reviewed-on: https://code.wireshark.org/review/15332
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoMRCPv2: do not update info column under tree check
Pascal Quantin [Wed, 11 May 2016 09:55:18 +0000 (11:55 +0200)]
MRCPv2: do not update info column under tree check

Bug: 12426
Change-Id: I1921e6d409af3290862f41f07e95c2c5036bee80
Reviewed-on: https://code.wireshark.org/review/15364
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agocorrectly decode EA Data Length in CIFS
Christian Ambach [Wed, 11 May 2016 09:36:17 +0000 (11:36 +0200)]
correctly decode EA Data Length in CIFS

This field is little endian, not big.
The SMB2 dissector already does it right.

Change-Id: I859f581424be861fdcc1a586d085ba3bfe70a2f0
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-on: https://code.wireshark.org/review/15365
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoUpgrade c-ares Windows library from 1.9.1 to 1.11.0
Pascal Quantin [Tue, 10 May 2016 20:18:34 +0000 (22:18 +0200)]
Upgrade c-ares Windows library from 1.9.1 to 1.11.0

Bug: 12412
Change-Id: I5e5f8f86293e391ec425a6e3e314573711947bce
Reviewed-on: https://code.wireshark.org/review/15345
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoRevert "Simplify val_to_str[_ext] implementation."
Guy Harris [Wed, 11 May 2016 04:22:20 +0000 (04:22 +0000)]
Revert "Simplify val_to_str[_ext] implementation."

This reverts commit 1d0a97493280fd79d00e85a0971b3842d7f00e5e.

This appears to be causing a crash - and the code in val_to_str() isn't just a copy of the code in val_to_str_wmem(), as it doesn't do a wmem allocation if try_val_to_str(), which *doesn't* use wmem, succeeds.

Change-Id: I40e9e8b4ed0a1c66e20ab4bd827ac51c3fac85ff
Reviewed-on: https://code.wireshark.org/review/15351
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoSimplify val_to_str[_ext] implementation.
Michael Mann [Wed, 11 May 2016 00:52:57 +0000 (20:52 -0400)]
Simplify val_to_str[_ext] implementation.

All val_to_str API use wmem, so just call the wmem function version
passing packet_scope instead of copying it.

Change-Id: Ib58b6b702fbaf5a81cc445bd01ef1a523774be6e
Reviewed-on: https://code.wireshark.org/review/15348
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRemove strcpy from wmem_strbuf.c
Michael Mann [Wed, 11 May 2016 00:46:37 +0000 (20:46 -0400)]
Remove strcpy from wmem_strbuf.c

This removes all strcpy calls from Wireshark provided code
(only ones remaining are in lemon.c)

Change-Id: I7a467fc3e10cc94c97196ecea3277a5375bc14b7
Reviewed-on: https://code.wireshark.org/review/15347
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoGive FvalueToStringRepr a length parameter.
Michael Mann [Tue, 10 May 2016 20:37:44 +0000 (16:37 -0400)]
Give FvalueToStringRepr a length parameter.

This allows the conversion of a few straggler strcpy calls
in ftype library. Also provides a more accurate size value
instead of the many hard coded values the ftypes were using.

Change-Id: Ia6273980432e16ad3a6233816a6054d9fed5d2a4
Reviewed-on: https://code.wireshark.org/review/15344
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoHave fvalue_to_string_repr always return an (wmem) allocated buffer.
Michael Mann [Tue, 10 May 2016 20:04:14 +0000 (16:04 -0400)]
Have fvalue_to_string_repr always return an (wmem) allocated buffer.

Previous patches converted all fvalue_to_string_repr calls to expect
an allocated buffer (and not a passed in one).  Now changing signature
to force an allocated buffer.  Added wmem in case that can be taken
advantage of within epan (and since the function signature was changing
anyway).

Change-Id: Ica1ac4a9a182ce0e73303856329e198d9d525b7b
Reviewed-on: https://code.wireshark.org/review/15343
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agorawshark: Have fvalue_to_string_repr just return allocated string representation.
Michael Mann [Tue, 10 May 2016 18:38:19 +0000 (14:38 -0400)]
rawshark: Have fvalue_to_string_repr just return allocated string representation.

Simplify use of fvalue_to_string_repr in rawshark by just having it
return an allocated string representation of a field value instead
of trying to find the right allocated buffer size to pass in.
This will also allow fvalue_to_string_repr to be converted to
exclusively return allocated strings and not accept a provided buffer.

Change-Id: I9996411dca4656d599b30ed415453d0207131824
Reviewed-on: https://code.wireshark.org/review/15342
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agorawshark: Get "field string values" from existing functionality.
Michael Mann [Tue, 10 May 2016 16:07:24 +0000 (12:07 -0400)]
rawshark: Get "field string values" from existing functionality.

rawshark shouldn't be converting FT_ and BASE_ values into strings on its own, there's a function for that.

Change-Id: Ib4ce1651ee130a03644b5de3ab471333444e19a9
Reviewed-on: https://code.wireshark.org/review/15341
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoenttec: CID 1355670 (same code for different branches)
Martin Kaiser [Tue, 10 May 2016 20:10:41 +0000 (22:10 +0200)]
enttec: CID 1355670 (same code for different branches)

else if and else branch do exactly the same thing - remove the else if

Change-Id: If6017f2fdb960b5533d02f1f863070de95babdf5
Reviewed-on: https://code.wireshark.org/review/15339
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoDynamically allocate the string for representing FT_IEEE_11073_[S]FLOAT.
Michael Mann [Tue, 10 May 2016 13:06:18 +0000 (09:06 -0400)]
Dynamically allocate the string for representing FT_IEEE_11073_[S]FLOAT.

Most uses of fvalue_to_string_repr() don't provide a buffer to write to, so memory is allocated dynamically inside the function.  Trying to move to where ALL cases don't provide a buffer to simplify fvalue_to_string_repr handling and the underlying functionality of the ftypes.

Change-Id: Iac03e4eb63b5e38311a6472fbe488009ed55206c
Reviewed-on: https://code.wireshark.org/review/15331
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Keep the OverlayScrollBar from disappearing.
Gerald Combs [Tue, 10 May 2016 18:51:53 +0000 (11:51 -0700)]
Qt: Keep the OverlayScrollBar from disappearing.

Make sure we disable transience in both the parent and child scroll bar.
This keeps the child from disappearing on Yosemite when "System
Preferences → General → Show scroll bars: When scrolling" is enabled.

Add some comments about what will be required to properly handle
transience.

Change-Id: I6fc37ef1783b6c8dea179f08ad6c4343c7cf8095
Reviewed-on: https://code.wireshark.org/review/15336
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoenttec: uups, I forgot some if (tree) checks
Martin Kaiser [Tue, 10 May 2016 20:07:04 +0000 (22:07 +0200)]
enttec: uups, I forgot some if (tree) checks

Change-Id: Id092b91408cdac9e490cb060a3d95e4a1d78e4e6
Reviewed-on: https://code.wireshark.org/review/15338
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoenttec: remove some unnecessary if (tree) checks
Martin Kaiser [Tue, 10 May 2016 20:01:40 +0000 (22:01 +0200)]
enttec: remove some unnecessary if (tree) checks

Change-Id: Id108b0bacac377ad1f3fe7e999fb4d772bb69789
Reviewed-on: https://code.wireshark.org/review/15337
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoiso14443 ats: show explicitly if TA(1), TB(1) and TC(1) are transmitted
Martin Kaiser [Sat, 7 May 2016 21:00:24 +0000 (00:00 +0300)]
iso14443 ats: show explicitly if TA(1), TB(1) and TC(1) are transmitted

Change-Id: I3f6e2bb73da901de0c6127564612fba86d49ddb4
Reviewed-on: https://code.wireshark.org/review/15335
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoWhen using clang, warn about c99 only syntax (like pedantic without all the rest).
Joerg Mayer [Tue, 10 May 2016 16:54:06 +0000 (18:54 +0200)]
When using clang, warn about c99 only syntax (like pedantic without all the rest).

Change-Id: Ife6fcb14ce04e4d505ee4911a102420932fb18de
Reviewed-on: https://code.wireshark.org/review/15334
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
3 years agoSanity check eapol_len in AirPDcapDecryptWPABroadcastKey
Michael Mann [Tue, 10 May 2016 00:41:45 +0000 (20:41 -0400)]
Sanity check eapol_len in AirPDcapDecryptWPABroadcastKey

Bug: 12175
Change-Id: Iaf977ba48f8668bf8095800a115ff9a3472dd893
Reviewed-on: https://code.wireshark.org/review/15326
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
3 years agoRequire automake 1.11 and move AM_SILENT_RULES macro
João Valverde [Tue, 26 Apr 2016 08:50:24 +0000 (09:50 +0100)]
Require automake 1.11 and move AM_SILENT_RULES macro

Change-Id: I94468dd971db7cb196be1e62ce529a70789256c5
Reviewed-on: https://code.wireshark.org/review/15255
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoautotools: docbook build improvements
João Valverde [Fri, 29 Apr 2016 21:50:04 +0000 (22:50 +0100)]
autotools: docbook build improvements

Let the make recipe fail if a dependency is missing. That is more user-friendly
(a2x: command not found) than an empty target and having to re-run configure.

Test for both w3m and lynx when generating text files. If neither is available
skip it.

Add an explicit target to build pdf documentation.

Change-Id: I760475acd7278f5ab5a782c1828a134c58cf7b42
Reviewed-on: https://code.wireshark.org/review/15229
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoBGP-LS: fix Prefix-SID parsing, add SR-Capabilities and SR-Algorithm
Francesco Fondelli [Mon, 9 May 2016 11:24:14 +0000 (13:24 +0200)]
BGP-LS: fix Prefix-SID parsing, add SR-Capabilities and SR-Algorithm
dissection.

- 20 *rightmost* bits of the 'SID/Label' field represent
  a MPLS label (Adjacency-SID already fixed).
- Add support for SR-Capabilities (TLV 1034) and SR-Algorithm
  (TLV 1035) dissection (draft-gredler-idr-bgp-ls-segment-routing-ext-01).

Change-Id: Ib02137f1c41c4a201afee5d61cf2b6bf88d59991
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/15306
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoQt: activate RTP/IAX2 analysis widget when analyzing packets with a snaplen
Pascal Quantin [Mon, 9 May 2016 21:21:28 +0000 (23:21 +0200)]
Qt: activate RTP/IAX2 analysis widget when analyzing packets with a snaplen

Only the payload save should be deactivated

Bug: 12406
Change-Id: I8dd53c0b0c1ea4568f0ff292806656bfb65a6566
Reviewed-on: https://code.wireshark.org/review/15322
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agocmake: fix build without Lua
Peter Wu [Tue, 10 May 2016 09:59:44 +0000 (11:59 +0200)]
cmake: fix build without Lua

Fixes this error:

    Objects of target "wslua" referenced but no such target exists.

Change-Id: I1168dbff538fb62f614073c28aaba6e6666f499b
Reviewed-on: https://code.wireshark.org/review/15329
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Léo Gaspard
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agocapinfos: wsgcrypt.h checks internally if we HAVE_LIBGCRYPT
Martin Kaiser [Tue, 10 May 2016 06:23:35 +0000 (08:23 +0200)]
capinfos: wsgcrypt.h checks internally if we HAVE_LIBGCRYPT

we can #include <wsutils/wsgcrypt.h> without doing the check ourselves

Change-Id: Id0cee25e10c150105636574e683c39b81eb07ebf
Reviewed-on: https://code.wireshark.org/review/15328
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoUpdate.
Guy Harris [Tue, 10 May 2016 05:06:10 +0000 (22:06 -0700)]
Update.

Change-Id: I0884bf0c06bbb32eb10f0f731461dc6b4586fb32
Reviewed-on: https://code.wireshark.org/review/15327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoFix up the compare chain in nstime_delta().
Guy Harris [Mon, 9 May 2016 23:51:29 +0000 (16:51 -0700)]
Fix up the compare chain in nstime_delta().

The first case handles the two time stamps having the same seconds
value, so, in the subsequent cases, they're guaranteed not to have the
same seconds value; check for b->secs < a->secs, not for b->secs <= a->secs
(the two tests will always get the same value, as b->secs != a->secs),
to make it clearer what's being done.

Change-Id: I6d3806237dae0ea12af92ea0344a31a2c5322b12
Reviewed-on: https://code.wireshark.org/review/15325
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoCID 1215245, 1215247: NULL check for the param of proto_get_id()
Martin Kaiser [Mon, 9 May 2016 21:06:28 +0000 (23:06 +0200)]
CID 12152451215247: NULL check for the param of proto_get_id()

Change-Id: Ie1bcbffdc0040bf25e32c763185befb0231f4173
Reviewed-on: https://code.wireshark.org/review/15320
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoGive the time_[m]secs_to routines names that begin with "[un]signed_".
Guy Harris [Mon, 9 May 2016 22:54:27 +0000 (15:54 -0700)]
Give the time_[m]secs_to routines names that begin with "[un]signed_".

Indicate whether they take a signed time delta or an unsigned time
delta.

Export unsigned_time_secs_to_str() while we're at it.

Change-Id: I0fbe87f1825efa886364caa61a3358b79d285947
Reviewed-on: https://code.wireshark.org/review/15324
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoHandle -2^31 as a negative time-in-seconds.
Guy Harris [Mon, 9 May 2016 22:20:08 +0000 (15:20 -0700)]
Handle -2^31 as a negative time-in-seconds.

Its absolute value *is* expressible as an unsigned 32-bit value, so have
time_secs_to_str_buf(), for negative values, just put a - at the front
of the string and then pass the absolute value to
time_secs_to_str_buf_unsigned().

Change-Id: I87252fe541d9aac4902f81493c9f032ec3ed1500
Reviewed-on: https://code.wireshark.org/review/15323
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoShuffle some routines to put absolute-time and relative-time code together.
Guy Harris [Mon, 9 May 2016 20:21:44 +0000 (13:21 -0700)]
Shuffle some routines to put absolute-time and relative-time code together.

Put the routines that handle absolute time ("relative to the Epoch")
together and the routines that handle relative time together.

Change-Id: I15256921091ab67a1d92026385bf1b27aa52b404
Reviewed-on: https://code.wireshark.org/review/15316
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agocmake: fix GTK3 detection via pkg-config
Peter Wu [Mon, 9 May 2016 19:54:10 +0000 (21:54 +0200)]
cmake: fix GTK3 detection via pkg-config

Put QUIET before the module name, otherwise FindPkgConfig tries to
locate a module named QUIET. This fixes a build failure that complains
about missing pango/pango.h.

Tested with GTK 3.20, CMake 3.5.2 on Arch Linux.

Change-Id: I76e487d0f4b7f9fbac4105521c349b392b680923
Reviewed-on: https://code.wireshark.org/review/15314
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoformat DIS header timestamp as mm:ss.nnnnnn
alpartis [Fri, 6 May 2016 11:57:42 +0000 (07:57 -0400)]
format DIS header timestamp as mm:ss.nnnnnn

Older versions of this dissector displayed the header timestamp formatted to show
minutes, seconds, and milliseconds past the hour (the DIS spec actually defines the
timestamp in terms of microseconds).  This commit fulfills a feature request to
return to that format.

Bug: 12402
Change-Id: Ide4adf8f80306f2458e48e8b2f78c911782669e5
Reviewed-on: https://code.wireshark.org/review/15276
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoLAPDm: reset the last N(S) variable only during first pass
Pascal Quantin [Mon, 9 May 2016 12:12:22 +0000 (14:12 +0200)]
LAPDm: reset the last N(S) variable only during first pass

Change-Id: If496ca47f6e8b093511ee9a9a6834a49ef3553fa
Reviewed-on: https://code.wireshark.org/review/15308
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoLPADm: fixes for reassembly
Pascal Quantin [Sat, 7 May 2016 17:25:38 +0000 (19:25 +0200)]
LPADm: fixes for reassembly

- do not packets in error in reassembly table
- filter retransmissions based on N(S) value

See https://www.wireshark.org/lists/wireshark-users/201605/msg00000.html

Change-Id: I0c2ab36acd5927529d40f8fa7fd2eed17a6fc486
Reviewed-on: https://code.wireshark.org/review/15281
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoTShark: Convert TTY output.
Gerald Combs [Fri, 6 May 2016 17:25:02 +0000 (10:25 -0700)]
TShark: Convert TTY output.

If we detect that we're writing to a TTY and that it doesn't support
UTF-8, convert our output to the current code page on UNIX/Linux or
to UTF-16LE on Windows. This helps to ensure that we don't fill users'
screens with mojibake, along with scrubbing invalid output.

Add a note about our output behavior to the TShark man page. Add a note
about the glyphs we should and shouldn't be using to utf8_entities.h.

Bug: 12393

Change-Id: I52b6dd240173b80ffb6d35b5950a46a565c97ce8
Reviewed-on: https://code.wireshark.org/review/15277
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSMI_DLL should not be part of directory path for copying MIBs
Michael Mann [Sun, 8 May 2016 20:46:48 +0000 (16:46 -0400)]
SMI_DLL should not be part of directory path for copying MIBs

Change-Id: Ib21ff7175fdaf4833398151378cba93d309dd409
Reviewed-on: https://code.wireshark.org/review/15294
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoGet rid of extra blank line.
Guy Harris [Sun, 8 May 2016 21:17:00 +0000 (14:17 -0700)]
Get rid of extra blank line.

Change-Id: Ibe35ee1dd8dcea5641e8cb8104c1fbf33966eca4
Reviewed-on: https://code.wireshark.org/review/15299
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRemove the MIBenum stuff from the WAP code.
Guy Harris [Sun, 8 May 2016 21:15:02 +0000 (14:15 -0700)]
Remove the MIBenum stuff from the WAP code.

MIBenum values are from an IANA registry, not a WAP specification; add
<epan/iana_charsets.h> to declare the MIBenum -> Wireshark encoding
mapper routine and the value_string_ext for MIBenum values, and
epan/iana_charsets.c to define them.

Change-Id: I6d9c82cd011bd5211c688322e6423de38e161f41
Reviewed-on: https://code.wireshark.org/review/15298
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGSM A RR: fix dissection of GPRS Cell Options IE
Pascal Quantin [Sun, 8 May 2016 19:22:16 +0000 (21:22 +0200)]
GSM A RR: fix dissection of GPRS Cell Options IE

As seen in the capture given in https://www.wireshark.org/lists/wireshark-users/201605/msg00007.html
The extension length is not always equal to ll the options defined for a given release

Change-Id: I68ba57dd384122eed1f1ff36cc8acc7ef029fcd0
Reviewed-on: https://code.wireshark.org/review/15290
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoLAPSat: fix reported length for tvb subset
Pascal Quantin [Sun, 8 May 2016 20:39:20 +0000 (22:39 +0200)]
LAPSat: fix reported length for tvb subset

It seems like LAPSat can have have padding bytes as seen in the capture found
here: https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9005

Change-Id: Ia2c7230c4c9fdae0bbe456585ab164f04eda0eb8
Reviewed-on: https://code.wireshark.org/review/15293
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoShow MIBenum values for character sets as decimal.
Guy Harris [Sun, 8 May 2016 20:42:52 +0000 (13:42 -0700)]
Show MIBenum values for character sets as decimal.

http://www.iana.org/assignments/character-sets/character-sets.xhtml is
the official IANA registry for character sets, including MIBenum values,
and it shows MIBenum values in decimal, not hex, so show them in
decimal, not hex.

Change-Id: Id00a0d351a1f758401232aba621cc60aeccf360a
Reviewed-on: https://code.wireshark.org/review/15292
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoHandle the encoding when displaying the string table.
Guy Harris [Sun, 8 May 2016 20:31:51 +0000 (13:31 -0700)]
Handle the encoding when displaying the string table.

Don't just treate the strings as piles of ASCII characters.

Add a proto_tree_add_item_ret_string_and_length() routine to help do
this.  Clean up some of the documentation of the proto_tree_add_item_ret
routines while we're at it.

Change-Id: Ib4c52bd8a8331eac97312583326f5be9175889d9
Reviewed-on: https://code.wireshark.org/review/15291
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoThe tabulation is specified by the stuff at the end.
Guy Harris [Sun, 8 May 2016 18:06:21 +0000 (11:06 -0700)]
The tabulation is specified by the stuff at the end.

I'm not sure what "4-space tabulation means", but:

if it's "a tab character means 4 spaces", that's just *wrong* in
a UN*X environment (Apple's mistaken use of "tab is 4 spaces" as
the default in Xcode nonwithstanding - Xcode is just *wrong*
there);

if it's "use 4-space *indentation*", then the code should be
reformatted and the editor hints updated.

Change-Id: Ie8249b483fe9d6fcd8db29b72167eb854eec863e
Reviewed-on: https://code.wireshark.org/review/15288
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoShow the string table a bit better.
Guy Harris [Sun, 8 May 2016 18:03:51 +0000 (11:03 -0700)]
Show the string table a bit better.

Show, for each item, the offset and the string value; the offset is
what's used in tokens.

While we're at it, print a 32-bit unsigned length field as unsigned
rather than signed.

Change-Id: I167e1683bab6a8ed1dba4c53c1c9050d5c25c754
Reviewed-on: https://code.wireshark.org/review/15286
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years ago[Automatic update for 2016-05-08]
Gerald Combs [Sun, 8 May 2016 15:09:33 +0000 (08:09 -0700)]
[Automatic update for 2016-05-08]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I5136aee86c90ac089273c88ae5fe974759bed67a
Reviewed-on: https://code.wireshark.org/review/15283
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoiso14443: show nad and cid info in the ats
Martin Kaiser [Thu, 5 May 2016 20:11:26 +0000 (23:11 +0300)]
iso14443: show nad and cid info in the ats

re-use the boolean hf variables from the atqb

in the ats, the info if nad and cid are supported is in different
positions than in the atqb

therefore, we can't use a bitmask for the hf variables
fetch the correct bit manually instead

Change-Id: I8ba36ff9662052edcc7899f24d1110fdc4834c2e
Reviewed-on: https://code.wireshark.org/review/15282
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoUpdate README.wmem
Evan Huus [Sat, 7 May 2016 02:14:05 +0000 (22:14 -0400)]
Update README.wmem

It was getting stale in a few places, and I added a bunch of detail after
discussions on https://code.wireshark.org/review/15270.

Change-Id: Icd5ad954c4fbf592df0be63e6fb9440565a8efc1
Reviewed-on: https://code.wireshark.org/review/15280
Reviewed-by: Evan Huus <eapache@gmail.com>
3 years agomanuf: Add well-known MAC entries for DOCSIS and regenerate file
Dominic Chen [Fri, 6 May 2016 19:34:57 +0000 (15:34 -0400)]
manuf: Add well-known MAC entries for DOCSIS and regenerate file

DOCSIS has a few well-known MAC entries defined in ANSI SCTE 22-1
with the prefix 01-E0-2F. Currently, this gets munged by
manuf_name_lookup() to 00-E0-2F and the vendor "McnsHold", which
is incorrect.

Change-Id: Ib5888d2545fcfbcadf4dd918dd2639de8f7b81b4
Reviewed-on: https://code.wireshark.org/review/15278
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGive the full name of the current version of the IEEE standard in question.
Guy Harris [Fri, 6 May 2016 23:38:34 +0000 (16:38 -0700)]
Give the full name of the current version of the IEEE standard in question.

Change-Id: Ia9b41ec4dd29ca7316828f4a3f0b3fd112d83202
Reviewed-on: https://code.wireshark.org/review/15279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoEPL: Add support for DS302-E
Christoph Schlosser [Wed, 4 May 2016 07:56:32 +0000 (09:56 +0200)]
EPL: Add support for DS302-E

 * Add AN local and global flags to the SoA frame
 * Add NMT command for dynamic node assignment (DNA)

Change-Id: I7cc8c9ee26b0676727d28f32b056fbe1a153c8af
Reviewed-on: https://code.wireshark.org/review/15263
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Christoph Schlosser <christoph@schlosser.xyz>
Reviewed-by: Roland Knall <rknall@gmail.com>
3 years agoUSB Audio: add dissect of ChannelConfig bitmap
Alexis La Goutte [Thu, 5 May 2016 10:28:27 +0000 (12:28 +0200)]
USB Audio: add dissect of ChannelConfig bitmap

Bug: 11858
Change-Id: I4a4a557f4f217c3dec5285fbc9d152c9df52ccb0
Reviewed-on: https://code.wireshark.org/review/15267
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agos7comm: Add errorcode descriptions, extended list values, style cleanup
Thomas Wiens [Tue, 3 May 2016 21:23:55 +0000 (23:23 +0200)]
s7comm: Add errorcode descriptions, extended list values, style cleanup

Added new errorcodes, changed to extended value-string. Removed the
defines as they are and will not be used in the code.
Add errorcode to info column, if there is an error.
Removed the functioncall-tree comment, as it was not up to date.

Change-Id: I0abe8eb046b9b2f28e32cf71e214704daa0aa843
Reviewed-on: https://code.wireshark.org/review/15260
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoConvert ftype-tvbuff.c to ftype-protocol.c
Michael Mann [Tue, 3 May 2016 01:44:48 +0000 (21:44 -0400)]
Convert ftype-tvbuff.c to ftype-protocol.c

As noted in https://www.wireshark.org/lists/wireshark-dev/201604/msg00103.html
a protocol field isn't really a tv_buff, so allow for the possibility
of a NULL tv_buff in a "protocol type".  If the tvb is NULL, use the
string of the protocol field for comparison

Bug: 12335
Change-Id: Ie12a5f7b31c7293c61006b0f70135d100a97c4e0
Reviewed-on: https://code.wireshark.org/review/15261
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoiso14443: add sfgi
Martin Kaiser [Thu, 5 May 2016 19:01:11 +0000 (22:01 +0300)]
iso14443: add sfgi

Change-Id: Id8328cb7ca8674564a7230c7395dbeb24ffcea27
Reviewed-on: https://code.wireshark.org/review/15273
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>