In particular, epan/wslua/lrexlib.c has its own buffer_ routines,
causing some linker warnings on some platforms, as reported in bug
10332.
(Not to be backported to 1.12, as that would change the API and ABI of
libwsutil and libwiretap. We should also make the buffer_ routines in
epan/wslua/lrexlib.c static, which should also address this problem, but
the name change avoids other potential namespace collisions.)
Change-Id: I1d42c7d1778c7e4c019deb2608d476c52001ce28
Reviewed-on: https://code.wireshark.org/review/3351
Reviewed-by: Guy Harris <guy@alum.mit.edu>
What mystical new compiler upgrade is this?
Change-Id: I89b3bfb53b9a19bbfb1cc8339d38cdc4a4652c62
Reviewed-on: https://code.wireshark.org/review/3347
Reviewed-by: Evan Huus <eapache@gmail.com>
file in the build directory (rather than the source directory).
Change-Id: I365e573ee84e9a41aa76f4aa9a4a6efaf42fb60e
Reviewed-on: https://code.wireshark.org/review/3334
Reviewed-by: Evan Huus <eapache@gmail.com>
make-taps.pl needs to know where to find the source files otherwise none of
the tap data gets built correctly.
This makes the wslua test suite run in out-of-source-tree builds too.
Change-Id: I059474d90d59e87bd57dba18530a66a927a014cf
Reviewed-on: https://code.wireshark.org/review/3337
Reviewed-by: Evan Huus <eapache@gmail.com>
Apply a layout to the "Compiled Filter Output" dialog. Render the filter
as monospaced text.
Don't add an "expert OK" icon to the list. It doesn't seem to indicate
any sort of status.
Use a "Close" button instead of "OK". According to
http://uxmovement.com/buttons/why-the-ok-button-is-no-longer-okay/
"OK" implies we're going to perform some sort of action.
Add a "Copy" button while we're here.
Change-Id: Ia63f3032916e322fa9f4f2d465140b128b4f8078
Reviewed-on: https://code.wireshark.org/review/3338
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Before, several managment packets were dissected incorrectly as
EPHandleDeleteReq's. Now they are dissected with the generic managment
packet dissector.
Change-Id: Id2f0951b91b99ba2340ff77c6285f382436788ef
Reviewed-on: https://code.wireshark.org/review/3328
Reviewed-by: Evan Huus <eapache@gmail.com>
If we have a pre-alternatives wireshark binary out there (e.g., because
we're upgrading from wireshark-1.10 to wireshark-1.12), get rid of it
in the %pre script. Otherwise the binary gets left there (because it's
listed as a %ghost in the new spec file).
Change-Id: I5828fcff486af3d269bad8dfe544c7659179bf5e
Reviewed-on: https://code.wireshark.org/review/3332
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Look for wpcap.lib in WpdPack/Lib/x64 when our target platform is Win64.
Change-Id: I9a1bac22106bcb6a1f155ce83c02e344e6ec0d55
Reviewed-on: https://code.wireshark.org/review/3331
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update some OS X information as well.
Change-Id: I9a252ec83712848696dbb531e6da15b3c7644591
Reviewed-on: https://code.wireshark.org/review/3327
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It doesn't build on Linux but cmake looks for it (won't build without it) and
Windows users might want it.
Change-Id: I978f0de0a2895a82f4f3b8c1e9e0ecec6a93e6f4
Reviewed-on: https://code.wireshark.org/review/3325
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
According to RFC 1323, the window scale shift value must not exceed 14.
Detect this and cap at 14 to prevent undefined behavior (shifting by a
too large value).
Caught by `clang -fsanitize=undefined`.
Change-Id: I1acad252b86c7f23e497575b48d9496346327e00
Reviewed-on: https://code.wireshark.org/review/3312
Reviewed-by: Michael Mann <mmann78@netscape.net>
As clang pointed out we end up storing a reference to it in a global and (more
relevantly) pushing that global to a tap which would run after the current frame
has returned.
Thanks to Alexis for bringing this to my attention.
Change-Id: I3aac43a806d217b0dc8a973f6bb2fa48cdd041bb
Reviewed-on: https://code.wireshark.org/review/3289
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only the former should be run through checkAPI.pl; Windows .rc files,
for example, shouldn't.
Change-Id: I948705b4020b413834c37a0d685eedcb747aa237
Reviewed-on: https://code.wireshark.org/review/3303
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ic7755a7756589167b4fea5cf42a21419f59ecdae
Reviewed-on: https://code.wireshark.org/review/3301
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Iffd5d81dde15eba12511dc89664d7ea06a70436f
Reviewed-on: https://code.wireshark.org/review/3300
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
transfer type in the endpoint descriptor
Change-Id: I9e23d9825efb30311cd3e04d01548c03b163c276
Reviewed-on: https://code.wireshark.org/review/3299
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
... As would be the case if proto_tree_add_text() + proto_item_add_subtree()
were used. (This initialization value is only used when TRY_TO_FAKE_THIS_ITEM()
shortcuts us out.)
As reported/discussed on -dev:
https://www.wireshark.org/lists/wireshark-dev/201407/msg00031.html
Change-Id: I4af63e3cf0a70607d58b4641597b2ce7907fbb8b
Reviewed-on: https://code.wireshark.org/review/3271
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Evan Huus <eapache@gmail.com>
Patch "ssl,dtls: simplify keyfile handling" did not account for the use
case where packets are captured and decrypted on the fly using
SSLKEYLOGFILE.
This patch restores that functionality by reading additional lines from
the keylog file when needed (to preserve the benefit of not having to
read the full file) and by watching the open file for deletions.
"Deletion" is detected by comparing st_dev and st_ino. Since these may
be useless on Windows, the size is also checked.
Change-Id: Ieadaef1426a9270587293db28f4dda33b3d17334
Reviewed-on: https://code.wireshark.org/review/3190
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previously, the keylog file would be fully parsed when an encrypted
pre-master secret is encountered or in the ChangeCipherSpec stage. There
was also a lot of duplication in the key logfile parsing.
This patch simplifies the key logfile parsing by using regular
expressions. Rather than scanning the key logfile for a specific key,
do this scan once at ssl init and save the results to a hashtable. The
map for session ID/tickets to master keys already existed, another one
for client random to master key and encrypted pre-master to pre-master
was added. This could later also be wired to the "Export SSL Keys"
menu item for improved reliability (when no session ID or tickets are
available, the client random could be used).
The ssl_{save,restore}_session{,_ticket} functions have been converted
to a single function that looks up a key (sid / client random / encr.
pre-master) to a (pre-)master secret.
Other minor changes: return booleans for some functions that can only
fail/pass. Remove some functions from the ssl-utils header that have
become private a few commits ago. Remove some outstanding issues
from the comments in packet-ssl as they are already done, add myself
to the ssl-utils header.
These changes pass the test suite and the sample Session Ticket-enabled
capture from https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5963
On-the-fly decryption are broken with this patch since keylog files are
read once at the start of a capture. This will be solved in a future
patch.
Change-Id: Idb343abe161950b5f3ff61bee093d0f4ef9655bd
Reviewed-on: https://code.wireshark.org/review/3057
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also make dissector "new style" using it's already built in basic heuristics.
Change-Id: I8b9b02d1f32cec96a1104c99647795d6fbda4804
Reviewed-on: https://code.wireshark.org/review/3275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Files from the debian directory, documents from the doc directory,
graphics from the docbook/wsug_graphics directory, and the echld
Makefile.nmake.
Change-Id: Iccccc58811753581b0b180053defd937aea22f95
Reviewed-on: https://code.wireshark.org/review/3283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also: remove vestigial line of commented-out code.
Change-Id: Ieb41a0e39a4e0ec14031b1dbd38fc0d7ad47a635
Reviewed-on: https://code.wireshark.org/review/3278
Reviewed-by: Bill Meier <wmeier@newsguy.com>
(Introduced when the ipv4_hash_table key format was changed in 5d98ab67)
Change-Id: Ie5d1314f7c7cc8bc71dca8a2db05e34a0a7776d7
Reviewed-on: https://code.wireshark.org/review/3277
Reviewed-by: Bill Meier <wmeier@newsguy.com>
If it's checked into asn1 or a subdirectory thereof, put it into the
distribution. (If it's not useful, why is it in Git?)
Change-Id: I4dac8a0d19a770db1513729cf71069a37f1d83fc
Reviewed-on: https://code.wireshark.org/review/3276
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Include CMakeLists.txt files and the gnm subdirectory, along with the
top-level Makefile.inc and Makefile.preinc files. Don't explicitly
include Custom.make, as automake does that automatically given that it's
included by asn1/Makefile.am.
Add some files to EXTRA_DIST lists.
Move some .asn files to EXTRA_DIST; they don't need to be in SRC_FILES,
as SRC_FILES always includes EXTRA_DIST, and they *do* need to be in
EXTRA_DIST so that they're in the distribution.
Change-Id: Id91df577260fa57028d40fe098be1d79c59398e6
Reviewed-on: https://code.wireshark.org/review/3273
Reviewed-by: Guy Harris <guy@alum.mit.edu>