Guy Harris [Fri, 23 May 2014 23:40:56 +0000 (16:40 -0700)]
More handling of missing time stamps.
Make nstime_cmp() handle "unset" time stamps (they're equal to other
"unset" time stamps, and less than all other time stamps), use it in
reordercap, and "unset" the time stamp if it's absent.
Also, nstime_cmp() does not modify its argument, so make it const.
Change-Id: I016dab5fefaf4696e78cbd8c6dd3395808e54369
Reviewed-on: https://code.wireshark.org/review/1769
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 23:23:58 +0000 (16:23 -0700)]
Set the presence flags.
If we're going to stuff a time stamp in there, let's at least indicate
that it's there.
Change-Id: Idc3d4ba5fdc109b21b5c6034906664a763b2ddda
Reviewed-on: https://code.wireshark.org/review/1767
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 22:35:32 +0000 (15:35 -0700)]
More checks for the presence of a time stamp.
Change-Id: If8dd4c37bcb1b35dd9f988184ad53118172ae9db
Reviewed-on: https://code.wireshark.org/review/1764
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 21:03:42 +0000 (14:03 -0700)]
More checks for the presence of a time stamp.
And make sure we have a pointer to the struct wtap_pkthdr for the packet
before we check it for a time stamp.
Change-Id: I26b205e5467a3a1236e9fd1f7633e86ece5e9040
Reviewed-on: https://code.wireshark.org/review/1762
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Fri, 23 May 2014 20:56:41 +0000 (13:56 -0700)]
1.11.4 → 1.99.0.
Change-Id: I5b0f713fdbc63e78f4f52177317c0e536aca3044
Reviewed-on: https://code.wireshark.org/review/1761
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Fri, 23 May 2014 18:53:08 +0000 (11:53 -0700)]
Don't assume all packets have time stamps.
Pcap-ng files might have Simple Packet Blocks, which don't have time
stamps, and some other file formats might not have time stamps as well.
Only check the time stamp if we have one, and don't use "the start time
stamp is unset" as an indication that we've just read the first packet,
use "the count of packets we've read is 1" as an indication that we've
just read the first packet.
Change-Id: I097c54867655efb5c343fb880a113b3583736bbd
Reviewed-on: https://code.wireshark.org/review/1757
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 18:10:05 +0000 (11:10 -0700)]
file_seek() sets the error variable; no need to set it ourselves.
Change-Id: I637326841e6db562b0896e77c86c4ebf9c3b0561
Reviewed-on: https://code.wireshark.org/review/1756
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 18:07:31 +0000 (11:07 -0700)]
Fix comment.
Change-Id: Ifa526ff6a9f685a0956e1b2e49f35fecfd290cb0
Reviewed-on: https://code.wireshark.org/review/1755
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 18:02:40 +0000 (11:02 -0700)]
Get rid of extra trailing blank lines.
Change-Id: I2cb1fdc3bc27c0075cc1e4910dc32088d2695bff
Reviewed-on: https://code.wireshark.org/review/1754
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 17:59:16 +0000 (10:59 -0700)]
Fix a comment.
Change-Id: I91a5c52939a516807431494a4120aecc5b0dba41
Reviewed-on: https://code.wireshark.org/review/1753
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 17:55:30 +0000 (10:55 -0700)]
Get rid of extra trailing blank lines.
Change-Id: I161bdbf08b35bfbfa1a19fc4facc5b72ef2b0390
Reviewed-on: https://code.wireshark.org/review/1752
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 17:53:13 +0000 (10:53 -0700)]
Get rid of trailing blank lines.
Change-Id: I53c560557d70e2a1cb78de37aad17d92a714ce2a
Reviewed-on: https://code.wireshark.org/review/1751
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 17:51:56 +0000 (10:51 -0700)]
Fix the type of i4b_read_rec() to reflect what it actually returns.
Change-Id: Iafd4996a724418460043abda455a237a539c7925
Reviewed-on: https://code.wireshark.org/review/1750
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 17:47:44 +0000 (10:47 -0700)]
Remove trailing blank lines.
Change-Id: I62171eb8686fc31af901367182186ccd79098fe2
Reviewed-on: https://code.wireshark.org/review/1749
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bill Meier [Fri, 23 May 2014 15:42:49 +0000 (11:42 -0400)]
Improve handling of short MQTT PDUs.
This is a "good-enough" fix for now until a more comprehensive fix
is committed to handle the case of the (variable size) PDU
length field being split across TCPO segments.
Change-Id: I57e8f5e9d7a9855fac320e8843b82a273ffb7cc5
Reviewed-on: https://code.wireshark.org/review/1748
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Alexis La Goutte [Fri, 23 May 2014 14:44:09 +0000 (16:44 +0200)]
Fix -Wdocumentation
epan/packet.h:369:11: error: parameter 'returns' not found in the function declaration [-Werror,-Wdocumentation]
Change-Id: Ieedd203c4e952ae0ac17273311163d25ab2da066
Reviewed-on: https://code.wireshark.org/review/1746
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Fri, 23 May 2014 14:03:03 +0000 (16:03 +0200)]
SIP: remove leading spaces/tabs between security parameters
Change-Id: Icf15d18a16937e48d6b96749e8fa7c931916b491
Reviewed-on: https://code.wireshark.org/review/1743
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Fri, 23 May 2014 15:06:16 +0000 (17:06 +0200)]
SIP: parse ports definition in security mechanism
Change-Id: Iaef57f01b903b66ec55275d77f80f4e81a8130dc
Reviewed-on: https://code.wireshark.org/review/1747
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 23 May 2014 14:10:24 +0000 (16:10 +0200)]
LISP : error: declaration of 'address' shadows a global declaration [-Werror=shadow]
Change-Id: I3f490ec40ae3241e9836e0914d43424ff9565fb5
Reviewed-on: https://code.wireshark.org/review/1744
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Fri, 23 May 2014 14:34:57 +0000 (17:34 +0300)]
Dissect Nonce Locator LCAF
Change-Id: I23f05cf3a0bc43baac4c4c31f5ce0dc0dffcade1
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1745
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Fri, 23 May 2014 13:06:38 +0000 (16:06 +0300)]
Dissect AS Number LCAF
Change-Id: I03c839a23c037a4d7da63d74e5407f0470301697
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1742
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Martin [Mon, 19 May 2014 09:14:44 +0000 (11:14 +0200)]
Zero out pinfo->src and dst before adding a frag.
If an mp2t packet contains one full subpacket and the fragment of
another one, it happens that the first subpacket will set src or dst to
an ethernet or IP address. Adding the fragment of the second subpacket
will then use this information for calculating the hash in the fragment
table. However, later fragments in other mp2t packets will not have
these info and reassembly will fail.
Change-Id: Ic52763017cb854851b6686654c2d8a1624305d65
Reviewed-on: https://code.wireshark.org/review/1692
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris [Fri, 23 May 2014 10:50:02 +0000 (10:50 +0000)]
Revert "Allow wtap_read() and wtap_seek_read() to return non-packet records."
This reverts commit
c0c480d08c175eed4524ea9e73ec86298f468cf4.
A better way to do this is to have the record type be part of struct wtap_pkthdr; that keeps the metadata for the record together and requires fewer API changes. That is in-progress.
Change-Id: Ic558f163a48e2c6d0df7f55e81a35a5e24b53bc6
Reviewed-on: https://code.wireshark.org/review/1741
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 10:48:46 +0000 (10:48 +0000)]
Revert "Fix some white space issues."
This reverts commit
2456b22cd36b08fc2816d5a730918af3d7a9d480.
Next step: revert my other change.
Change-Id: I7a2302c527c8a85ce9f37d6e4f68c1e2d0adb741
Reviewed-on: https://code.wireshark.org/review/1740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Alexis La Goutte [Thu, 22 May 2014 17:23:22 +0000 (19:23 +0200)]
Update comment about -Wunreachable-code and -Wdocumentation
Change-Id: I5b942bdacc5f4a9ecfa084dbff479eba6582b0df
Reviewed-on: https://code.wireshark.org/review/1726
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Evan Huus [Mon, 19 May 2014 02:17:30 +0000 (22:17 -0400)]
Add jumbo-allocation support to wmem fast block
As it turns out, we do occasionally need it.
Bug:10115
Change-Id: Ifec79e4d2470bbc09f15674534d01418a6571a0d
Reviewed-on: https://code.wireshark.org/review/1688
Reviewed-by: Evan Huus <eapache@gmail.com>
Evan Huus [Fri, 23 May 2014 03:34:24 +0000 (23:34 -0400)]
Add cast to please mac buildbot
Change-Id: Ifffcd79732f0eeaad9f618cb5b8e98217fae32da
Reviewed-on: https://code.wireshark.org/review/1738
Reviewed-by: Evan Huus <eapache@gmail.com>
Guy Harris [Fri, 23 May 2014 03:05:20 +0000 (20:05 -0700)]
Fix some white space issues.
Change-Id: I3b4f57c2d1ceffeea1770494fe19a0eee8717a76
Reviewed-on: https://code.wireshark.org/review/1737
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Fri, 23 May 2014 03:01:31 +0000 (20:01 -0700)]
Allow wtap_read() and wtap_seek_read() to return non-packet records.
This is the first step towards implementing the mechanisms requestd in
bug 8590; currently, we don't return any records other than packet
records from libwiretap, and just ignore non-packet records in the rest
of Wireshark, but this at least gets the ball rolling.
Change-Id: I34a45b54dd361f69fdad1a758d8ca4f42d67d574
Reviewed-on: https://code.wireshark.org/review/1736
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michael Mann [Fri, 23 May 2014 02:54:28 +0000 (22:54 -0400)]
tvb parameter should not be NULL as the lengths are nonzero.
Change-Id: If085a9fc69bbbf28a7c801930a664c412a4a5b7a
Reviewed-on: https://code.wireshark.org/review/1734
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Thu, 22 May 2014 21:53:30 +0000 (14:53 -0700)]
Don't use sizeof(guintN) for sizes of data in packets.
Either
1) sizeof(guintN) = N/8, in which case it's redundant
or
2) sizeof(guintN) != N/8, in which case it's wrong.
This also keeps us from having to throw casts at complaints about
shortening 64-bit values.
Change-Id: I33911acfc54c0f3f21b73026a100a82b1ee2c35e
Reviewed-on: https://code.wireshark.org/review/1731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Alexis La Goutte [Thu, 22 May 2014 20:09:27 +0000 (22:09 +0200)]
RADIUS: Remove double space before type (t=...)
Change-Id: I536a359e7c808b3ace8387e30117f307c0a66e8b
Reviewed-on: https://code.wireshark.org/review/1729
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pascal Quantin [Thu, 22 May 2014 19:05:54 +0000 (21:05 +0200)]
GSM SIM: fix a typo and update obsolete API calls
Change-Id: Iccd51dde155e9aaed23eb753c27ae29c8cee94cd
Reviewed-on: https://code.wireshark.org/review/1725
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
ruengeler [Thu, 22 May 2014 11:46:36 +0000 (13:46 +0200)]
Call dissect_ip_tcp_options to save the window scale.
Change-Id: I411b16cdb3bc128cb49218080179c43e13f96e99
Reviewed-on: https://code.wireshark.org/review/1723
Reviewed-by: Michael Mann <mmann78@netscape.net>
AndersBroman [Thu, 22 May 2014 15:47:30 +0000 (17:47 +0200)]
Missed update of one dissector_try_heuristic() when merging.
ssed# asn1/s1ap/s1ap.diff
Change-Id: I4bb473860bf116138fa82791aa0f4a952164476a
Reviewed-on: https://code.wireshark.org/review/1724
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Owen Kirby [Fri, 18 Apr 2014 03:33:42 +0000 (23:33 -0400)]
Tighten heuristic checks for IEEE 802.15.4 protocols, and add Decode-As by PANID for when we still get it wrong.
Change-Id: Icc2b274d2478a9426da881998bbbbfb3bf34ec4a
Reviewed-on: https://code.wireshark.org/review/1167
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Thu, 22 May 2014 08:40:55 +0000 (10:40 +0200)]
Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: Ie97c65c1a995881eb400a44f17a493494f97d9dd
Reviewed-on: https://code.wireshark.org/review/1722
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Thu, 22 May 2014 08:28:13 +0000 (10:28 +0200)]
Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: I2c7ed98e28a5149562d61f8005629f351a31c11b
Reviewed-on: https://code.wireshark.org/review/1721
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Anish Bhatt [Thu, 22 May 2014 04:46:03 +0000 (21:46 -0700)]
LLDP Cleanup : 802.3 TLV
Change-Id: Iac1740e7e1895388de3ef3c103ef6e60cc688d9e
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/1720
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Roman Volkov [Wed, 21 May 2014 21:38:54 +0000 (00:38 +0300)]
Wrong length of Modulation Type and Modulation System fields in Satellite Delivery Descriptor
According EN300468 in Satellite Delivery Descriptor 'Modulation System' field has 1 bit length. 'Modulation Type' has 2 bits length.
But in my Wireshark 'Modulation System' is 2 bit long and 'Modulation Type' is 1 bit long.
bug: 10119
Change-Id: I762145418bbfc9c0621ee7ca1a07d35afb6d7d92
Reviewed-on: https://code.wireshark.org/review/1718
Reviewed-by: Michael Mann <mmann78@netscape.net>
Joerg Mayer [Wed, 21 May 2014 23:01:14 +0000 (01:01 +0200)]
Print the values in the BSS Load Element in human readable format as well.
Change-Id: Ie20c340e06b970602a94c601be4c629ccae56e7c
Reviewed-on: https://code.wireshark.org/review/1719
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Mark Weel [Wed, 21 May 2014 13:21:50 +0000 (15:21 +0200)]
DIS: implement IFF PDU
Change-Id: Ica5029ab31077f95cabde22ad7df42ced769a3d0
Reviewed-on: https://code.wireshark.org/review/1714
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Tue, 20 May 2014 10:54:20 +0000 (12:54 +0200)]
Change the signature of dissector_try_heuristic() to return hdtbl_entry
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs [Wed, 21 May 2014 17:17:49 +0000 (10:17 -0700)]
Remove extra parentheses.
Fix the clang warning
epan/wmem/wmem_allocator_simple.c:49:27: error: equality comparison with extraneous parentheses [-Werror,-Wparentheses-equality]
if ((allocator->count == allocator->size)) {
~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~
We might want to add -Wno-parentheses-equality to the compiler flag
list but I'm not sure if doing so would hide valid problems.
Change-Id: Id59b55af1411f13309fbec77870f869e04a6f49f
Reviewed-on: https://code.wireshark.org/review/1717
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Lorand Jakab [Wed, 21 May 2014 17:07:19 +0000 (20:07 +0300)]
Dissect Multicast Group Membership Information LCAF
Bug: 10126
Change-Id: I81d643978d663d6905070d3cd7e751286c316fcd
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1716
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Wed, 21 May 2014 13:58:19 +0000 (16:58 +0300)]
LISP: Add support for MAC address AFI
Change-Id: I105ba5a9623d482c912c94d2c21a1c02d869db56
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1715
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Wed, 21 May 2014 09:19:46 +0000 (12:19 +0300)]
Dissect Replication List Entries LCAF
Bug: 10124
Change-Id: Ided4fff8259bbf1b5cb4b5209be6e3931ab09fe5
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1711
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Wed, 21 May 2014 10:41:26 +0000 (13:41 +0300)]
Add value to correct tree in Key/Value LCAF
Change-Id: Icd4ae54bff25e30406c70739c6c799db2484255b
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1713
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Wed, 21 May 2014 09:52:15 +0000 (12:52 +0300)]
Add MAC address family numbers (RFC 7042)
See http://tools.ietf.org/html/rfc7042#section-5.2 for details
Change-Id: I6002bef860b67e21058a66489eb16df88ba0ddf0
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1712
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Evan Huus [Sat, 17 May 2014 14:49:54 +0000 (10:49 -0400)]
Fix lua directory tests.
The underlying directory iterator is not guaranteed to return directories in the
same order according to the glib documentation, so don't rely on the directory
order being the same when testing it.
https://developer.gnome.org/glib/2.37/glib-File-Utilities.html#g-dir-read-name
Bug:10009
Change-Id: I4b1078e1f3981921b1e83c4f77b4bc30a5d21b46
Reviewed-on: https://code.wireshark.org/review/1671
Reviewed-by: Evan Huus <eapache@gmail.com>
Evan Huus [Wed, 21 May 2014 03:01:49 +0000 (23:01 -0400)]
Add cast to satisfy buildbot
Change-Id: Ib0f66fb6e4a577da7381a75789b08a0d0371ddd2
Reviewed-on: https://code.wireshark.org/review/1709
Reviewed-by: Evan Huus <eapache@gmail.com>
Lorand Jakab [Tue, 20 May 2014 20:22:08 +0000 (23:22 +0300)]
Dissect Source/Destination 2-Tuple Lookups LCAF
Change-Id: I0e8595ab5cf5385a7fda636a1804b0788f9eb869
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1707
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Tue, 20 May 2014 20:47:08 +0000 (22:47 +0200)]
Fix indent (use tabs)
Change-Id: Ie23faaeeab61c684d57c4ff7b3c1b4ff95906dbe
Reviewed-on: https://code.wireshark.org/review/1706
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Tue, 20 May 2014 21:00:12 +0000 (23:00 +0200)]
Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: I9bccb246817ee442fbb7c216e9a2599c791a54b2
Reviewed-on: https://code.wireshark.org/review/1708
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Peter Lemenkov [Wed, 14 May 2014 12:03:09 +0000 (16:03 +0400)]
Don't panic in case of mediaproxy-ng/rtpengine extension
Change-Id: Id0441ec3e68b594051930623c17f45e806b79616
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://code.wireshark.org/review/1633
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Guy Martin [Mon, 19 May 2014 09:14:08 +0000 (11:14 +0200)]
Fix the SET_ADDRESS_HF() macro.
Change-Id: I01ac342f791b578be0aab80ce8fe07a97ba5ed50
Reviewed-on: https://code.wireshark.org/review/1691
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Tue, 20 May 2014 16:54:17 +0000 (18:54 +0200)]
SSL/TLS: Add Padding Extension (20)
http://tools.ietf.org/html/draft-agl-tls-padding-03
Change-Id: I181718edf5b5f297aaf2e247524dfce069c90cce
Reviewed-on: https://code.wireshark.org/review/1703
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Anish Bhatt [Tue, 20 May 2014 18:12:55 +0000 (11:12 -0700)]
Fix error in dcbx feature TLV dissection. Willing and Error bits were flipped
Change-Id: Ia6d727909816b86c48232685adca653700f071d9
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/1705
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Tue, 20 May 2014 16:58:12 +0000 (19:58 +0300)]
Update ELP LCAF dissection to new draft revision
There was a change in the ELP LCAF packet format between
draft-ietf-lisp-lcaf revisions -03 and -04 reversing the flags and AFI
fields, to be more consistent with other LCAF types.
http://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-lisp-lcaf-04.txt
Change-Id: I2c572050f413696f2d388969e7db24238783bd56
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1704
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Lorand Jakab [Tue, 20 May 2014 13:13:00 +0000 (16:13 +0300)]
Dissect Key/Value Address Pair LCAF
Change-Id: Ic1640a823816c5cd225c573147ff9b6b8c88879e
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1702
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Tue, 20 May 2014 12:14:26 +0000 (14:14 +0200)]
PCP: Remove whitespace before (
Change-Id: I199895718311867be4c589137074c18ac4d45eea
Reviewed-on: https://code.wireshark.org/review/1701
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Tue, 20 May 2014 11:52:25 +0000 (13:52 +0200)]
PCP: Discovering NAT64 IPv6 Prefixes Using the Port Control Protocol (RFC7225)
Change-Id: Ib404c3db8c13ebb0a2e1f6d9f767a183896f869f
Reviewed-on: https://code.wireshark.org/review/1700
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Tue, 20 May 2014 11:25:55 +0000 (13:25 +0200)]
PCP: Add Description Option for the Port Control Protocol (RFC 7220)
Change-Id: I2931b14855981e71d1135a8ff7cc3b494a2a7572
Reviewed-on: https://code.wireshark.org/review/1699
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Tue, 20 May 2014 12:11:14 +0000 (14:11 +0200)]
PCP : Enhance display of Option...
* Display reserved using FT_BYTES
* Set option code in option subtree
Change-Id: Ie6cf32ed260ddccceaa9f617f0a74982c95f08f5
Reviewed-on: https://code.wireshark.org/review/1698
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Mark Weel [Mon, 19 May 2014 14:10:50 +0000 (16:10 +0200)]
DIS: update enumerations to SISO-REF-010-00v20-0
Change-Id: I99cd075bef5b8d3f2546032cc6ce9774bcf8efc1
Reviewed-on: https://code.wireshark.org/review/1695
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Sean O. Stalley [Mon, 19 May 2014 20:03:28 +0000 (13:03 -0700)]
Remove incorrect _U_ flag in dissect_mausb signature
Removes _U_ flag for data field in dissect_mausb(),
since tcp_dissect_pdus(), uses the data field.
Change-Id: Iccb5aae1aa203f98484666763410c4a555413ac0
Reviewed-on: https://code.wireshark.org/review/1696
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Martin [Mon, 19 May 2014 09:17:20 +0000 (11:17 +0200)]
Fix warning about the adaptation field control for docsis packet. The specs actually say that it should be set to 1.
Change-Id: I136b48c6284c09798ee8e88f012a20e2cb16cd5e
Reviewed-on: https://code.wireshark.org/review/1693
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Guy Martin [Mon, 19 May 2014 09:13:41 +0000 (11:13 +0200)]
Increase frag_id for self contained subpackets in mp2t packets. This fix length calculation on second pass.
Change-Id: I6224657c0765fa9696829844b4819f6ab0a3d3f4
Reviewed-on: https://code.wireshark.org/review/1690
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Martin Kaiser [Mon, 5 May 2014 15:21:22 +0000 (17:21 +0200)]
convert SEK and SIV to their binary form only once when a new key/iv is
set, don't do the same conversion for each apdu
Change-Id: I6b19a0b4e138cd9d333b7ab95d6a8ee3eb516293
Reviewed-on: https://code.wireshark.org/review/1694
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Martin Kaiser [Wed, 14 May 2014 21:58:08 +0000 (23:58 +0200)]
change the satellite frequency into a float (freq in GHz)
and make it filterable
Change-Id: I0644e5c69ff58301c00ea3d37e80f25b856168e4
Reviewed-on: https://code.wireshark.org/review/1689
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Jakub Zawadzki [Sun, 18 May 2014 07:56:20 +0000 (09:56 +0200)]
Add new proto_tree_add_format_text() function
There are lot of text dissectors which want just to add escaped (not filtrable) text,
add new function proto_tree_add_format_text() which just do this in optimized way.
Change-Id: Ia0e189b620cc0a5b74cfdaef1ad4571d766bb2ab
Reviewed-on: https://code.wireshark.org/review/1678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Peter Wu [Sat, 17 May 2014 22:07:28 +0000 (00:07 +0200)]
ip: display calculated checksum
This patch adds a new "ip.checksum_calculated" field that can be used
for display in a column.
Based on
d7c4bde2799084aee717dbaa04d7fd4be06cd989 ("tcp: display
calculated checksum").
Change-Id: Ide5eb6640d51ded88b1df309092a0a3aaf482b03
Reviewed-on: https://code.wireshark.org/review/1676
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Peter Wu [Sat, 17 May 2014 20:02:21 +0000 (22:02 +0200)]
udp: display calculated checksum
This patch adds a new "udp.checksum_calculated" field that can be used
for display in a column or tshark.
Based on
d7c4bde2799084aee717dbaa04d7fd4be06cd989 ("tcp: display
calculated checksum").
Change-Id: Iefcfd8395adeff7a3ac58a1bfff1a3c97976aa56
Reviewed-on: https://code.wireshark.org/review/1675
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Michael Mann [Sun, 18 May 2014 18:21:31 +0000 (14:21 -0400)]
Use g_ alloced memory (instead of emem) when printing fields. emem shouldn't be used for GUI functions anyway.
emem was exposed because of its memory limits trying to output PDML for a very large byte field in a capture file.
When converting from proto_construct_match_selected_string to fvalue_to_string_repr remember proto_construct_match_selected_string includes fieldname + value, not just value
bug:10081
Change-Id: I4fc6ea7fd1f63cff410207c8b30562771af40ada
Reviewed-on: https://code.wireshark.org/review/1578
Reviewed-by: Evan Huus <eapache@gmail.com>
Alexis La Goutte [Sun, 18 May 2014 21:31:57 +0000 (23:31 +0200)]
MySQL: fix soft-deprecated APIs
tvb_length -> tvb_reported_length
tvb_get_string -> tvb_get_string_enc
Change-Id: I98d46b5603e0d840d17968f6c81b33d9bdbb9dea
Reviewed-on: https://code.wireshark.org/review/1687
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Sun, 18 May 2014 21:25:42 +0000 (23:25 +0200)]
MySQL: add new (extended) Capability flags
http://dev.mysql.com/doc/internals/en/capability-flags.html
Change-Id: I0aef20fef5346bd24d610444fdbc89cbe720c3c4
Reviewed-on: https://code.wireshark.org/review/1686
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Sun, 18 May 2014 19:35:28 +0000 (21:35 +0200)]
Mysql : add new flag for server status flags
http://dev.mysql.com/doc/internals/en/status-flags.html
Change-Id: Ic08e2aa449eeb6963c5ebf7e65b5bf39e9da76d9
Reviewed-on: https://code.wireshark.org/review/1685
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Sun, 18 May 2014 19:20:24 +0000 (21:20 +0200)]
Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: I9bf53014d90857b7d71efbb09b5ceb708b3df6ca
Reviewed-on: https://code.wireshark.org/review/1683
Reviewed-by: Michael Mann <mmann78@netscape.net>
AndersBroman [Sun, 18 May 2014 17:32:19 +0000 (19:32 +0200)]
Only call ep_tcp_port_to_display/ep_udp_port_to_display once for sorce and
destination ports.
Change-Id: I490a716b7991d0d7dfcaecd722a267c77af2e776
Reviewed-on: https://code.wireshark.org/review/1682
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Joerg Mayer [Sun, 18 May 2014 19:34:13 +0000 (21:34 +0200)]
- Modify Cisco Compatible Extentions MFP dissection
- Add Cisco Compatible Extensions DTPC dissection
Change-Id: I3dc7075865c0041ee964d9260339028d0adf17e0
Reviewed-on: https://code.wireshark.org/review/1684
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Gerald Combs [Sun, 18 May 2014 15:04:32 +0000 (08:04 -0700)]
[Automatic manuf, services and enterprise-numbers update for 2014-05-18]
Change-Id: Ia3d139ee0f02588ccc8aa1c83768ae51bd832d15
Reviewed-on: https://code.wireshark.org/review/1679
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Guy Harris [Sat, 17 May 2014 22:28:30 +0000 (15:28 -0700)]
Use gsize rather than int, to avoid some complaints about shortening.
Change-Id: Ic673525a05cd106677226a4063af825d0f22c97c
Reviewed-on: https://code.wireshark.org/review/1677
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Jakub Zawadzki [Tue, 13 May 2014 23:56:23 +0000 (01:56 +0200)]
Introduce col_add_lstr(), use it instead of slower col_add_fstr.
We have callgrind benchmarks which shows that col_add_fstr() takes
5% of Ir count cause of formatting done in g_vsnprintf().
New col_add_lstr() can be used in few dissectors without much ugliness,
and it should be a little faster.
Change-Id: Ifddd951063dfd3a27c2a7da4dafce9b242c0472c
Reviewed-on: https://code.wireshark.org/review/1629
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu [Sat, 17 May 2014 15:49:08 +0000 (17:49 +0200)]
lua: fix buffer underrun
A line containing just "\n" will cause a buffer underrun.
Test:
tshark -r test/captures/sipmsg.log -X lua_script:test/lua/acme_file.lua -w /dev/null
Caught by ASAN.
Change-Id: Idf38f1af2b211101b3929ee3fbd83c54c99c1e21
Reviewed-on: https://code.wireshark.org/review/1673
Reviewed-by: Evan Huus <eapache@gmail.com>
Peter Wu [Sat, 17 May 2014 15:19:42 +0000 (17:19 +0200)]
wiretap: fix regression, missing initialization
wtap_dump_open() allocates an empty wtap_dumper struct such that
interface_data is not initialized. Fix this by adding the member back.
Regression from
3aee917058fb46b2e86d750766001c4db214fc78 ("wiretap:
remove unused code, drop number_of_interfaces").
Bug: 10113
Change-Id: Ia6259bf50b25d5e7aa837b0fb7396b07d5d3c72c
Reviewed-on: https://code.wireshark.org/review/1672
Reviewed-by: Evan Huus <eapache@gmail.com>
Peter Wu [Thu, 15 May 2014 21:39:12 +0000 (23:39 +0200)]
wiretap: remove unused code, drop number_of_interfaces
While investigating an ASAN issue (fixed in
commit
dcdd076ab0965c346efe90051678ba790eaf7a02), I got greatly confused
by three different types having the same "interface_data" field name:
* pcapng_t *pn stores an array of interface_data_t objects.
* wtap *wth stores an array of wtapng_if_descr_t objects.
* pcapng_dump_t should store an array of interface_data_t objects.
pcapng_dump_t and friends are unused since
commit
c7f1a431d23e17a15777652b1252e139f182b0e6, so drop it.
To fix the confusion, rename the interface_data_t type to
interface_info_t type and use the local variable "iface_info"
everywhere. Rename interface_data of pcapng_t to "interfaces" and
add a comment what this exactly means (interfaces listed in the capture
file).
Drop the number_of_interfaces field for interfaces as the array
length is already available from GArray. Now interface_data is always
initialized for wth (which also gets copied to idb).
s/int/guint/g and replace cast at some places.
There are no regressions for the in-tree test suite.
Change-Id: I2d5985c9f1e43f8230dbb4a73bd1e243c4858170
Reviewed-on: https://code.wireshark.org/review/1656
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Evan Huus [Sat, 17 May 2014 12:23:52 +0000 (08:23 -0400)]
Fix newly optimized strdup_vprintf.
As Jakub pointed out, our +1/-1 logic for null terminators wasn't quite right.
Also be sure to re-copy the va_list parameter if we need to re-use it, as
otherwise things break oddly.
Change-Id: Ibeaa95af602f565791e9378a6cfce434f13025eb
Reviewed-on: https://code.wireshark.org/review/1670
Reviewed-by: Evan Huus <eapache@gmail.com>
Jakub Zawadzki [Sat, 17 May 2014 11:06:01 +0000 (13:06 +0200)]
Fixes after wmem_strdup_vprintf() optimization
- g_vsnprintf()[1] buffer size can includes space for terminating NUL,
this simplifies code, and fix problems with string truncation
- g_vsnprintf() returns number of bytes without terminating NUL, so we
need to do + 1
- second g_vsnprintf() call use already consumed 'ap2' va_arg, which
makes wmem_strdup_vprintf() doesn't work/ crash for FORMATTED string length > 80
[1] https://developer.gnome.org/glib/stable/glib-String-Utility-Functions.html#g-vsnprintf
Change-Id: I0ebb7f452e3e89c9b55f8ac889166f02e8a7c982
Reviewed-on: https://code.wireshark.org/review/1667
Reviewed-by: Michael Mann <mmann78@netscape.net>
Evan Huus [Sat, 17 May 2014 12:05:35 +0000 (08:05 -0400)]
Guard closing capture window with ifdef.
That variable is only defined if we HAVE_LIBPCAP. Should fix OSX10.5 buildbot.
Change-Id: I0bafc48955ef4af3c0b8d9d7a35b1e8b27577d31
Reviewed-on: https://code.wireshark.org/review/1669
Reviewed-by: Evan Huus <eapache@gmail.com>
Evan Huus [Sat, 17 May 2014 12:02:45 +0000 (08:02 -0400)]
Add casts to fix OSX 10.6 buildbot
Change-Id: Ice852356201ba222290d2705d9f5526ce242b031
Reviewed-on: https://code.wireshark.org/review/1668
Reviewed-by: Evan Huus <eapache@gmail.com>
Chun-Yeow Yeoh [Fri, 16 May 2014 08:52:51 +0000 (16:52 +0800)]
Add SAE authentication algorithm in 802.11
Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com>
Change-Id: If3500dda55aed45bbecd0261191ce1ec6cfbdbca
Reviewed-on: https://code.wireshark.org/review/1661
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Yeoh Chun-Yeow <yeohchunyeow@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Fri, 16 May 2014 12:07:54 +0000 (14:07 +0200)]
Use a pre allocated buffer in wmem_strdup_vprintf() reduces the function
cost by more than half.
Change-Id: I6ad2ae407325d2091ffb60919cb3ed74f78f39fa
Reviewed-on: https://code.wireshark.org/review/1662
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Martin Mathieson [Fri, 16 May 2014 16:19:17 +0000 (17:19 +0100)]
Show EMM and ESM causes in the Info column
Change-Id: I2e3be18e997d6be0b250fbd8e664779d0d2a8228
Reviewed-on: https://code.wireshark.org/review/1666
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Gerald Combs [Fri, 16 May 2014 16:21:57 +0000 (09:21 -0700)]
Build with GTK+ 2.24.23.
Change-Id: Ic5c385c0fcef4d40a8cb9e7a271d14eb80905460
Reviewed-on: https://code.wireshark.org/review/1665
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
Alexis La Goutte [Fri, 16 May 2014 13:11:11 +0000 (15:11 +0200)]
IP Protocol : Update description of IP Protocol
From Boaz
In IANA the two IPv4 protocols are defined:
35 IDPR Inter-Domain Policy Routing Protocol
45 IDRP Inter-Domain Routing Protocol
http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
However, in Wireshark, they are named:
{ IP_PROTO_IDPR, "Interdomain routing" }, /* 35 IDPR Inter-Domain Policy Routing Protocol [Martha_Steenstrup] */
{ IP_PROTO_IDRP, "IDRP" }, /* 45 IDRP Inter-Domain Routing Protocol [Sue_Hares] */
Which is somewhat confusing.
I think IDPR should be named "Inter-Domain Policy Routing".
And IDRP should be named "Inter-Domain Routing Protocol".
Change-Id: I69b34ea8d9b3169fd779357710edb44cfb5cb2b3
Reviewed-on: https://code.wireshark.org/review/1664
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 16 May 2014 12:59:32 +0000 (14:59 +0200)]
Add modelines info
Change-Id: Ia37dd9c79e70b839063e131c532ae2b724293600
Reviewed-on: https://code.wireshark.org/review/1663
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 16 May 2014 06:48:40 +0000 (08:48 +0200)]
DNS: fix soft-deprecated APIs
tvb_length -> tvb_reported_length
tvb_get_string -> tvb_get_string_enc
Change-Id: Ia511f0e9d3f8ae3d7a1a965431016336ec47188d
Reviewed-on: https://code.wireshark.org/review/1660
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Fri, 16 May 2014 06:37:38 +0000 (08:37 +0200)]
DNS: Use acronyms from RFC7218 for DANE / TLSA
http://tools.ietf.org/html/rfc7218
Change-Id: Icd276c6cb4680aa53b081c239cb8eb2d8fc109c6
Reviewed-on: https://code.wireshark.org/review/1659
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann [Thu, 15 May 2014 22:23:26 +0000 (18:23 -0400)]
Make (almost) all fields filterable and use "normal" dissection functions to do it.
Removed the additional "parseFields" layer as it was unnecessary and IMO ends up creating more work for a developer if they want to add additional filterable fields. That layer also hid the (large) number of unfilterable fields that were in the dissector that would normally be caught by counting the number of proto_tree_add_text function calls.
Change-Id: I6f9607938c2386de40bdd3dae652614f07dda31e
Reviewed-on: https://code.wireshark.org/review/1653
Reviewed-by: Peter Ross <peter.ross@rmit.edu.au>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Evan Huus [Thu, 15 May 2014 23:59:52 +0000 (19:59 -0400)]
Try to fix stack-buffer-overflow caught by ASAN
Use wmem_array_append rather than wmem_array_append_one to make sure the pointer
types match up. _append_one automatically takes the address of its argument,
which causes problems if that argument is already a pointer.
Thanks to Alexis for catching this.
Change-Id: Ie702bb2c776f9fcf31bd64073c756edd75d888e8
Reviewed-on: https://code.wireshark.org/review/1657
Reviewed-by: Michael Mann <mmann78@netscape.net>
git.samba.org / metze / wireshark / wip.git / log