capture_opts_add_iface_opt(), when called in a program acting as a
capture child, will fetch the description for the interface, and will
also generate a "display name" for the interface.
In the process, we clean up capture_opts_add_iface_opt() a bit,
combining duplicate code.
We rename console_display_name to just display_name, as it may also be
used in the title bar of Wireshark when capturing.
Change-Id: Ifd18955bb3cb41df4c0ed4362d4854068c825b96
Reviewed-on: https://code.wireshark.org/review/29117
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only used there, so move it there.
Change-Id: I68472150e020ba94166782e3e4c08cba94c0f9ee
Reviewed-on: https://code.wireshark.org/review/29114
Reviewed-by: Guy Harris <guy@alum.mit.edu>
remove a space before comma
Change-Id: Ib8ca547d054aa1672557044efc35e865923ffce5
Reviewed-on: https://code.wireshark.org/review/29053
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't put identical code in both arms of a conditional - move it out of
the conditional.
Doing that with one line of code means that the conditional is now
*itself* duplicated in both arms of a conditional, so move it out, too.
Change-Id: I07c1d00e7d0053684aa2ef74b460eb008b145015
Reviewed-on: https://code.wireshark.org/review/29093
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename some of the columns - IFTREE_COL_NAME is the interface name,
IFTREE_COL_DESCRIPTION is the description/friendly name, and a new
IFTREE_COL_DISPLAY_NAME column is the display name (which may include
both the description and the interface name). Rename
IFTREE_COL_INTERFACE_COMMENT to just IFTREE_COL_COMMENT - there's no
*other* type of comment, and "IF" is short for "interface".
In the interface frame, use IFTREE_COL_DISPLAY_NAME, as that's the only
column that shows both and thus has something for all interfaces.
In the "Manage interfaces" dialog, put the description before the
interface name, as it was in earlier versions.
Change-Id: If0d959dcd4ca99913c941df00621da3c478233f6
Reviewed-on: https://code.wireshark.org/review/29090
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't show the display name, as that may include either the interface
name, which is already in another column, or the column comment, which
is also already in another column.
Change-Id: I12f81d9e4579b82267062bb5e4e745925ed382b7
Reviewed-on: https://code.wireshark.org/review/29087
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Windows is not the only OS with "friendly" names for interfaces; macOS
has them as well, and some *BSDs let you tag interfaces with names as
well.
The column headings for the "Interface Name" and the "Friendly Name"
were backwards.
Change-Id: I72543505cec9d479d8ab8aab3850daab3667805f
Reviewed-on: https://code.wireshark.org/review/29082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
TLS 1.3 was finalized as RFC 8446 with registry updates in RFC 8447.
Update references to match the final version.
Bug: 12779
Change-Id: I5390e515179404d4287666330d26252b1f5f1b95
Reviewed-on: https://code.wireshark.org/review/29071
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AT^CIMI is an alternative form for AT+CIMI for some modems
Change-Id: Id64fb4e0d76396400aa69fceeadba3a87ddf68e1
Reviewed-on: https://code.wireshark.org/review/29072
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix display for FCNO Struct
Fix display for ID Struct
Add new DEF
Removed unused variable
Change-Id: Id460ec3d9941d06cae4c400b89b8f979fd7d663f
Reviewed-on: https://code.wireshark.org/review/29050
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It's not a set of command-line options, it's information that's used
when showing summary information about the interface.
Change-Id: Ie1c3d998a3cc7cd8b54945186098ebae726cef11
Reviewed-on: https://code.wireshark.org/review/29070
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This extension is used for the OCSP Must-Staple property. For the lack
of a better place, it is currently added to the PKIX1Explicit module.
Bug: 15052
Change-Id: I0bb04f3e446ca4d458683625485ed58c6e64c195
Reviewed-on: https://code.wireshark.org/review/29062
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Support for writing it in live captures will come later; this change,
but not that one, will be backported so older versions of Wireshark
won't remove it when writing a file out.
Change-Id: I9fd4067991acfd2d18c03d0a373ce8337a9f3a76
Reviewed-on: https://code.wireshark.org/review/29064
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The server port must be set or else http_payload_subdissector will
assume two independent flows originating from the client. For example,
client 50813 connects through proxy server 3128 to server 443.
Previously it would result in three conversations: 50813<->3128 (proxy),
50813->443, 3128->443. Now it will see 50813<->3128 and 3128<->443 and
TLS decryption will work again.
Bug: 15042
Change-Id: I50bcef568be320b6512ee6fc5a09d2838d2f7a9a
Reviewed-on: https://code.wireshark.org/review/29046
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
session can be NULL if no valid session was found in the first pass.
Reproduced crash with attachment 16534 from bug 15050.
Change-Id: I45b9fcc4bfeb79b00075f70417acb17c2e4aede2
Fixes: v2.9.0rc0-1389-g5b61737dc9 ("WireGuard: implement initiation message decryption with static keys")
Reviewed-on: https://code.wireshark.org/review/29047
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Let's make the function accept FT_UINT40, FT_UINT48 and FT_UINT56 types.
Ping-Bug: 15050
Change-Id: I35440a7c0b9cbf25bd8d903c425b6026d6a987f0
Reviewed-on: https://code.wireshark.org/review/29044
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If for whatever reason a download got corrupted, detect this and
reattempt the download. This protects the developer against server
compromises. Additionally, if an uploaded file was wrong and needs to be
replaced, then this check ensures that the updated file is used.
The -Force option is removed as there is no point in downloading the
same file twice (well, except maybe for verifying that all checksums are
correct, but that can be done with a new destination directory as well).
Change-Id: I770cc8917c49f7fab7209121b2a059dea8f21a58
Reviewed-on: https://code.wireshark.org/review/28954
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Don't return an error unless we get a read error. If the line could be
read, but isn't a valid text line, that just means it's not an RFC 7468
text file.
Change-Id: I04f48294cac213cf61b8dcb851b99dc6dd776df8
Reviewed-on: https://code.wireshark.org/review/29039
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The handling for unknown IEs was flawed in that it printed
the IEI and the IE Length lines twice: Once the general code before
the switch statement, and then a second time inside the default
case handling.
Change-Id: Ic845bfb79e9ff881b39f709e3bff407e352c49fd
Reviewed-on: https://code.wireshark.org/review/29005
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In general, GPRS APN names are encoded like DNS strings. However,
there is one exception: The wildcard APN '*'. If we feed this
into the DNS decoder, it will throw an exception.
Let's explicitly check for '*' as a special case.
Change-Id: I2b346f8b067fa176b80613fdbcdada8c8a8eaa52
Related: https://osmocom.org/issues/3450
Reviewed-on: https://code.wireshark.org/review/29004
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since Qt 5.10, platform styles are no longer part of QtWidgets. Be sure
to delete the separate plugin (styles\qwindowsvistastyle.dll). See
https://bugreports.qt.io/browse/QTBUG-65177
Change-Id: I20376f787339c9a2072ef8127b3ea5cc55be8b06
Reviewed-on: https://code.wireshark.org/review/29003
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
New json option for frame request to output hidden fields:
"hidden": true
Output has two new optional keys: "g" for generated fields and
"v" for hidden fields.
Change-Id: If51fa5601c1193a03fff378bbe37dc9ab8f5e66d
Reviewed-on: https://code.wireshark.org/review/28955
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This was accomplished by factoring out the existing code supporting nullable
datetime and money types. The non-nullable versions are older and more often used
with TDS 4 and TDS 5.
Change-Id: I1bbf942d2b5ff3ec6bb9f1a607f0c579949f6131
Reviewed-on: https://code.wireshark.org/review/29008
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The HTTP dissector could crash (use-after-free) after switching
profiles. In reinit_http, it would assign the return value from
prefs_get_range_value to a global variable which is consulted during
dissection. This value is invalidated while switching profiles (via the
"prefs_reset" function), but is not reinitialized (because the
reinit_http function was not called).
A similar issue exists in the Kafka, UAUDP, VNC, TFTP, Gopher and TDS
dissectors. To reproduce using a capture from the SampleCaptures wiki,
start "wireshark -r vnc-sample.pcap -ovnc.tcp.port:1" and switch
profiles. For the HTTP crash, load any HTTP pcap and switch profiles.
Change-Id: I8725615504a8a82ae46255625a41e2188c07320a
Fixes: v2.3.0rc0-2097-g21a3b8cc71 ("Internalize struct preference")
Reviewed-on: https://code.wireshark.org/review/29030
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We call that dissector even for zero-length PSDUs, so the radio
information is shown. We also show the zero-length PSDU type.
We don't call the 802.11 dissector for zero-length PSDU frames.
That way, you don't have to open up the radiotap information to find out
about zero-length PSDU frames, we can support zero-length PSDU
information for other pseudo-headers and file types if they support it,
and taps using the radio information can get zero-length PSDU frame
information.
Change-Id: I7d5da4ea978d8ca4889fc76160f11e3416b4d036
Reviewed-on: https://code.wireshark.org/review/29034
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The loop doesn't just add them to the protocol tree, it also does sanity
checking; we want to do the sanity checking regardless of whether we're
building the protocol tree or not, so that if we skip processing the
radiotap header because it's malformed, we do so regardless of whether
we're building a protocol tree.
This prevents a crash I saw where, on the first pass, we weren't
building a protocol tree, so we didn't check the bitmaps and proceeded
to process the bad radiotap header in a fuzzed file and set the
"zero-length PSDU" flag, and didn't call the 802.11 radio dissector, and
didn't allocate a "wlan radio information" structure and attach it to
the packet, but, when I went to the packet, and thus *did* build a
protocol tree, we *did* check the bitmaps in the process of adding them
to the protocol tree, skipped the part where we processed the rest of
the radiotap header, *didn't* set the "zero-length PSDU" flag, and
*did* call the 802.11 radio dissector, which crashed becaus the "wlan
radio information" pointer was null.
(No, checking the "wlan radio information" pointer isn't the correct
fix; the correct fix is to make sure we do the same processing, other
than adding items to the protocol tree, *regardless* of whether we're
building the protocol tree.)
Change-Id: If3c16f76981448e4f396a4a9730f1d5dce8f8eba
Reviewed-on: https://code.wireshark.org/review/29033
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Note the places where we should be doing so.
Also, note that two of the tests in ieee80211_radiotap_iterator_init()
are redundant in Wireshark, and that it's irrelevant what versions of
radiotap Linux supports - this is Wireshark code, not Linux code. (If
there's anything to note, it's that there *is* no radiotap version other
than 0, so there's nothing *to* support.)
Change-Id: Ieabef703638b30649a097269d684f60e79db8ba5
Reviewed-on: https://code.wireshark.org/review/29031
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Report an error and quit dissecting if it's less than 8.
Change-Id: I297fcb0ca754641a9e197037df1140361000fd25
Reviewed-on: https://code.wireshark.org/review/29022
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris
Harald Welte