1. Fixed find_conversation for PT_IBQP to not lookup in reverse
direction when all searches fail.
This is required, because there could be valid different connection in
reverse direction which mistakenly gets updated for non template cases.
2. Added support for having MAD data for upper level dissectors to process
during RC packet processing.
This is required because connection options are negotiated out of band
using this CM exchanges (unlike in band TCP options).
3. Moved creating unidirectional connections when actually MAD packets
are processed.
Previously client-to-server unidirectional conversation was created when
CM_RSP stage, where MAD Data of CM_REQ packet is inaccessible.
4. Fixed creating multiple conversations with same address property by
eliminating create_conv_and_add_proto_data during RTU stage, which was
incorrect.
Now they are created during REQ and RSP frame processing. (Instead of
RSP and RTU processing).
5. Added support for creating bidirectional connection that ULP can
refer.
This is required to keep track of oustanding transactions on a
connection (requests and responses).
Bug: 11363
Change-Id: I32ea084a581a58efbc16dbb7a3e267c82622c50c
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/18982
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a new tshark feature to generate a folders report. The folders report
is essentially the information presented by Wireshark's About / Folders page
in a TAB delimited format.
Change-Id: Ic4b3d332b4bdaa7e6b7aad1e9cc5dd18413aada6
Reviewed-on: https://code.wireshark.org/review/19002
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Maybe this way we can identify which *particular* test is, according to
Valgrind, looking at uninitialized data; there's nothing obvious that
shows up from inspecting the code, and neither of our static analyzers
seem to have found anything.
Change-Id: I80f6bb8e6fa92decfe195c01766330b97e980821
Reviewed-on: https://code.wireshark.org/review/19049
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The current mechanism of detecting RPC-over-RDMA is broken because
it treats the Read list as a counted array (it's a list); and treats
the Write list and Reply chunk identically (one is a list, one is
always a single chunk).
While we're here, refactor pre-detection helper functions so they
can be used during frame dissection as well.
Bug: 13196
Change-Id: I76e210c8d2a9464fed00e7199072d37f4ebbebf2
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19025
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since the use of 'Decode as' can result in another port number than the
default port (7) being the service port, this should be checked against.
Change-Id: I93383613115595fff621e2fb9ab7959cd448c01e
Reviewed-on: https://code.wireshark.org/review/18991
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Display length fields in decimal, just as they are displayed by the
RDMA RETH dissector.
Display version fields in decimal, just as they are displayed by the
RPC dissector.
RDMA offset fields are left in hexadecimal since they are
essentially addresses, and at least the Linux RPC-over-RDMA
implementation has debugging messages that display these as
hexadecimal values.
Change-Id: I7206970675ca0ca486b3a2837b6dbb1c4d764091
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19028
Reviewed-by: Michael Mann <mmann78@netscape.net>
On an RDMA transport, RPC protocol never appears in a frame by
itself. If RPC-over-RDMA is not present, then RPC is by definition
not present as an InfiniBand data payload.
Bug: 13195
Change-Id: Icaea9d4936477af32adc73140c67539e977a7a9a
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19024
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, if we #define anything for large file support, that's done
before we include any system header files that either depend on that
definition or that define it themselves if it's not already defined.
Change-Id: I9b07344151103be337899dead44d6960715d6813
Reviewed-on: https://code.wireshark.org/review/19035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also adjust the smb2_info_t structure that handles the value.
Bug: 12915
Change-Id: Ia314b8dc840b9d26d2c1d185f06ef93f242a3a7b
Reviewed-on: https://code.wireshark.org/review/19019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A new "--export-object <protocol>,<destdir>" option is added to tshark.
This required refactoring Export Object behavior in all GUIs to give the
export object handling to the dissector, rather than the ui layer.
Included in the refactoring was fixing some serious memory leaks in Qt
Export Object dialog, crash due to memory scope issues in GTK Export
Object dialog, and addition sorting column feature in Qt dialog (set
up by creating a widget to manage the items that were previously
leaking memory)
Bug: 9319
Ping-Bug: 13174
Change-Id: I515d7662fa1f150f672b1476716f347ec27deb9b
Reviewed-on: https://code.wireshark.org/review/18927
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Apply the same value checks to the vendor generic suboption dissection
as is done for the Cable lab and ADSL forum ones.
See https://ask.wireshark.org/questions/57695 for an example issue.
Change-Id: I4fe07d07cf0a93f4693e5ff54dd70c008701cf41
Reviewed-on: https://code.wireshark.org/review/18999
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The required executable is rpmbuild and not rpm.
Change-Id: Iba1bff9c7fb6907659451a977ad8ab98efb169da
Reviewed-on: https://code.wireshark.org/review/19015
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Otherwise, _FILE_OFFSET_BITS might be defined by a header file included
by inet_addr.h before it gets defined by config.h.
Change-Id: I5987b3f1493b81fd2d427d9792b9606117b255d0
Reviewed-on: https://code.wireshark.org/review/19018
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There is *NO* guarantee that sed will do anything useful with input that
doesn't have a newline and, in fact, the default sed in Solaris 11
doesn't produce *any* output if you hand it input with no newline.
Furthermore, doing xxx=`yyy` will, if the output of yyy has newlines at
the end, strip them; to quote section 2.6.3 "Command Substitution" of
the Single UNIX Specification:
The shell shall expand the command substitution by executing
command in a subshell environment (see Shell Execution
Environment) and replacing the command substitution (the text of
command plus the enclosing "$()" or backquotes) with the
standard output of the command, removing sequences of one or
more <newline> characters at the end of the substitution.
so there's no need to strip the newline.
Change-Id: Ia710f67a42739c1e218eb9fec53a54bde6e010da
Reviewed-on: https://code.wireshark.org/review/19016
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
QStyledItemDelegate::paint asserts if you pass it an empty QModelIndex.
We were doing this in PercentBarDelegate and TimelineDelegate in order to
keep it from drawing any text. Return an empty string from ::displayText
instead, which appears to be the correct way to paint without text.
Bug: 13180
Change-Id: I8064d9575e04e95a926797eec7f6ad2b0bfef1c0
Reviewed-on: https://code.wireshark.org/review/19007
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, use elif in some chains of tests, to make it a bit clearer that
the cases in question are disjoint.
Change-Id: I6dc92d536450c7ac3db6ee118581a5ed0c3ce80c
Reviewed-on: https://code.wireshark.org/review/19009
Reviewed-by: Guy Harris <guy@alum.mit.edu>
RPM complains when the date isn't valid.
Change-Id: I859a9900ba87d52159071b06310d5873c092231a
Reviewed-on: https://code.wireshark.org/review/19003
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: Ib1e2b4e57832e94b94d34102c0079f820b18f350
Reviewed-on: https://code.wireshark.org/review/19000
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When registering preferences, make sure our titles and descriptions are
valid UTF-8. Make sure our titles are short and only contain printable
characters.
Fix problematic titles and descriptions.
Change-Id: I20d3f93438f2b3c30266f934297feb79897f2ee5
Reviewed-on: https://code.wireshark.org/review/18998
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For some time, the RTP Player has been crashing for me (Arch Linux, Qt
5.7.0) when the RTP Player is active (affects also Wireshark 2.0.5).
This call trace was observed:
+ RtpPlayerDialog::reject (closing dialog via Escape / Close button)
+ RtpAudioStream::stopPlaying
+ RtpAudioStream::outputStateChanged(QAudio::StoppedState)
+ QAudioOutput::deleteLater // problematic!
+ RtpPlayerDialog::~RtpPlayerDialog
+ RtpAudioStream::~RtpAudioStream
As the QAudioOutput instance is a child of RtpAudioStream, it is also
destroyed after that. QAudioOutput's destructor somehow invokes (via
libqtmedia_pulse.so) a main loop iteration which invokes the previously
scheduled deleteLater call.
As QAudioOutput was already being destructed, this results in a crash.
Workaround this by removing this child from RtpAudioStream (no cruelty
intended).
Change-Id: I88f2e929ac566534be5d2270e2e0b194685533eb
Reviewed-on: https://code.wireshark.org/review/18970
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make sure that simple_dialog displays plain text. Trim whitespace
and remove excessive newlines in order to improve message formatting.
Add a comment about simple_dialog's behavior in Qt and GTK+ and how it
might be improved.
Bug: 13178
Change-Id: Ic6ff3cecd5ef1d76ec095d7a409f38e602b41ce2
Reviewed-on: https://code.wireshark.org/review/18985
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
All TLS and DTLS RFCs (and SSLv3) limit the record length to 2^14, so
add expert info if this is exceeded. Spotted in the wild via
https://ask.wireshark.org/questions/57641/tls12-record-length-gt-16k-valid
Tested with a synthetic pcap having length 2^14+1 using Python:
from scapy.all import IP, TCP, UDP, wrpcap
len_plus_frag = b'\x40\x01' + 0x4001 * b'\0'
wrpcap('bad-record-length.pcap', [
IP()/TCP(sport=2000, dport=443)/(b'\x17\x03\x03' + len_plus_frag),
IP()/UDP(sport=2000, dport=853)/(b'\x17\xfe\xfd' + 8*b'\0' + len_plus_frag)
])
Change-Id: I5eac48775333d8d222e013a24a6d06da79892b77
Reviewed-on: https://code.wireshark.org/review/18959
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When we add our Qt to PATH, prepend it so that it will be found first.
Change-Id: I405496d6a08d676b5a2e0d9bd792de7ba9abe7f9
Reviewed-on: https://code.wireshark.org/review/18988
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
After opening the Call Flows dialog from the Voip Calls dialog, followed
by closing the Voip Calls dialog, the Go To Packet functionality in the
Call Flows dialog is broken. That happens because the signal is not
proxied anymore.
Just remove all these indirections via signals and directly update the
selected packet.
Change-Id: I9c6d519dbe800e4dfdf0407d832f17819b344e46
Reviewed-on: https://code.wireshark.org/review/18933
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
FT_CHAR is straightforward to support.
Split the list of "invalid" types into a list of "unsupported" types and
a short list of "invalid" types, containing FT_PCRE (which isn't a valid
type for a field) and "everything else". Add FT_IEEE_11073_SFLOAT and
FT_IEEE_11073_FLOAT to the "unsupported" list.
Flag the whole unsupported list as just "not handled yet".
Change-Id: I62d2d7eead53377e4e601594a035b4395fdbeead
Reviewed-on: https://code.wireshark.org/review/18979
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As stated in 3GPP 23.003:
"the APN has, after encoding as defined in the paragraph below,
a maximum length of 100 octets"
Change-Id: Iae23117f44ea5b668f6cb23dbd0e726e4e56ce41
Reviewed-on: https://code.wireshark.org/review/18972
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Place the UAT hint label at the same position as in other dialogs;
just below the main widget. Also use smaller font and italic.
Change-Id: I51251825ff08122e17ca60144ef53fed5c6142ef
Reviewed-on: https://code.wireshark.org/review/18969
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Check if the OK button should be enabled when removing a row in a
UAT dialog. Also update the error hint.
Change-Id: Icb5c47c2b2e65ed266fd2c7e3a1535f6a3a50279
Reviewed-on: https://code.wireshark.org/review/18967
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Move parts of currentTabChanged to conversationSelectionChanged. This
lets us enable the "Follow Stream" and "Graph" buttons when either the
current tab or the current selection changes.
Bug: 12893
Change-Id: I025447d26073a938f2d8b5a8fcad7c0d5e855650
Reviewed-on: https://code.wireshark.org/review/18963
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
On double-clicking a packet number, the current field item is
invalidated by goToPacket. Skip the URL since a field can either have a
URL or a frame number (but not both).
Change-Id: I58e5445fa74071fa0fd203df77ebdecdd1478d31
Reviewed-on: https://code.wireshark.org/review/18971
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I3afb93cced09df7844c0810438ee6d760f8237a5
Reviewed-on: https://code.wireshark.org/review/18960
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Rename the text highlight enum "HighlightMode" to make its use and
intent more clear. Add a mode for the offset highlight instead of using
a separate variable. Use our palette to draw the hover highlight colors.
Add a note about colors to the Developer's Guide.
Change-Id: I488b2512a5058e17eb5b49c8ac55616100f32fbc
Reviewed-on: https://code.wireshark.org/review/18953
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Apparently, it was forgotten ;)
Bug: 12614
Change-Id: Id1a2d98e3ea2b381c5fa60faeb342256d4c7d9f8
Reviewed-on: https://code.wireshark.org/review/18955
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When LineDelay is decoded, the FormatIndicator is not evaluted.
Sample LineDelay: 2147483658 (0x80 00 00 0a)
This value should be 10,
since FormatIndicator (Bit 31) = 0x01 states that this is a CableDelay.
Change-Id: I08ae8e6de8b6f8c493122109e29e91dc47096734
Reviewed-on: https://code.wireshark.org/review/18950
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
wmem_file_scope() was used too many times when wmem_packet_scope() will do.
Also, use the wmem string functions to only allocate enough space to
handle a string instead of using MAX_BUF_LEN.
Change-Id: I3031d3aef34b7105264b17dc83e3b1f4cfb4b3d4
Reviewed-on: https://code.wireshark.org/review/18910
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As for .travis.yml, this file triggers the CI module of GITLAB.
On the public instance of gitlab (gitlab.com) the runners are active
by default, then any mirror of wireshark on gitlab.com will result
in an automated build.
The current version of .gitlab-ci.yml builds with gcc 4,5,6 and with
default config, without extcap and without pcap.
Change-Id: I0800045e7f1b4a137dbd69a185d3b09a89398948
Reviewed-on: https://code.wireshark.org/review/18936
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Change-Id: Iaa554ac94d248c67c635ac180ea2d1c1e3775b6a
Reviewed-on: https://code.wireshark.org/review/18915
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
version.conf is to be found in the source dir after unpacking.
Bug: 13163
Change-Id: Ib8308e341b771d991ab48b48553f8d92b0b0621c
Reviewed-on: https://code.wireshark.org/review/18923
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Parav Pandit