Make it possible to remove the "Capture to a permanent file" setting
in Capture Interfaces Output dialog by turning off saving_to_file in
updateInterfaces().
Also make sure to free the old values for save_file and orig_save_file
to avoid memory leaks.
Set orig_save_file to the same as save_file from the '-w' option to
fill in the current "Capture to a permanent file" value correctly.
Change-Id: I1f4df8cfa279f934eff028f32838b9734b627af1
Reviewed-on: https://code.wireshark.org/review/32111
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When reading a malformed packet, it can occur that we go close to
the end of the buffer. We need to check if we have 2 bytes before
reading a uint16.
Bug: 15497
Change-Id: I2b00f44933ca11b925ffbf05b9855684feebcda5
Reviewed-on: https://code.wireshark.org/review/32028
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
evolved Common Public Radio Interface (eCPRI) is a protocol, which will
be used in fronthaul transport network. It will be included in standard
ethernet frames and UDP frames.
There are 8 Message Types to decode with eCPRI Specification V1.2.
Bug: 15510
Change-Id: I2bb74c1e95e89f0b812492509a05395d6b86eb54
Reviewed-on: https://code.wireshark.org/review/32004
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do the conversion for case 6, units of 320 hours too.
Change-Id: If9713ae2823308aba2afa404f7100157d68eb7d6
Reviewed-on: https://code.wireshark.org/review/32101
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an "Install Perl" section to the "Win32/64: Step-by-Step Guide"
section. Recommend Strawberry Perl first there and in the "Microsoft
compiler toolchain" chapter under the theory that if it's good enough
for Larry Wall then it's good enough for us.
Bug: 15512
Change-Id: I9a01c7ae2da01b98fd20b64d29144577a8f456b2
Reviewed-on: https://code.wireshark.org/review/32088
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add dissection of MESH specific bits in QoS control field (bit 8-10).
Use presence of Mesh Control field to determine if this is a MESH
frame.
Bug: 15522
Change-Id: I23ccf0f2ba4f6ae649b2932183c69e886cb4d22a
Reviewed-on: https://code.wireshark.org/review/32084
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Fix regression introduced by '802.11: Dissect locally originated mesh
frames' that prevent to include dissection for Mesh Control field when
QoS Control field is present in the frame.
Bug: 15521
Change-Id: Idb6b0591c245fc5976f03df6e163fc9072dae193
Reviewed-on: https://code.wireshark.org/review/32083
Reviewed-by: cedric izoard <cedric.izoard@ceva-dsp.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Missing DCP features are implemented.
Minor bugs are fixed as well.
Change-Id: I2deb00ca61a09cc290a692eadaea4eaa1a52fb85
Reviewed-on: https://code.wireshark.org/review/32030
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Create a dissector table for ARP hardware type to more cleanly handle
"non Ethernet" dissection.
2. Move the creation of the ARP tree up higher to use proto_tree_add_item_ret_uint
as well as have "Duplicate IP address detected" tree be after the ARP tree, not
between Ethernet and ARP (implying it didn't come from ARP).
Change-Id: I48c815b3e84f7d5f08ad1b731f16e7c1adef8247
Reviewed-on: https://code.wireshark.org/review/32082
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 15426
Change-Id: I5223e50eed1724cbc51aac3131d24b07fae1926c
Reviewed-on: https://code.wireshark.org/review/32080
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 15473
Change-Id: Ia0c998bac4ea008e6a9a4792146780b0e680c606
Reviewed-on: https://code.wireshark.org/review/32081
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add header files lists to add_library() so that Visual Studio can pick them
up and include them in a "Header Files" folder for easier navigation within
Visual Studio.
Change-Id: I7cd8e39550f4db67eed8205593060ae8b4a5b1b9
Reviewed-on: https://code.wireshark.org/review/31289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissector supports only type 1: AP Name.
Bug: 15415
Change-Id: I64b248137fd2b895b8a0e7c88e48096aad0448d8
Reviewed-on: https://code.wireshark.org/review/31476
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previously Modbus dissector was using request data to determine how many coils
or registers to dissect. However, if the request wasn't found, it wouldn't dissect
all of the coil/request data. Now if pkt_info->num_reg is 0, use the byte count in
the packet for determining how many registers/coils there are.
Bug: 15473
Change-Id: I8818ba53187248fea4ccc2b5077985ab94578886
Reviewed-on: https://code.wireshark.org/review/32077
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Content of Mesh Peering Management element depends of the type of
self-protected action frame it is included in.
This type was currently wrongly read from the element itself.
To know the type of self-protected action frame when parsing Mesh
Peering Management element it is saved in a new field of the
association_sanity_check_t structure: ampe_frame (AMPE stands for
Authenticated mesh peering exchange).
This field is updated when parsing a self-protected action frame that
is part of the AMPE (i.e. Mesh Peering OPEN, CONFIRM or CLOSE)
Bug: 15499
Change-Id: Ibad4fd77d43542ef867ac2a8ad9f186a1dd6c0f0
Reviewed-on: https://code.wireshark.org/review/32025
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
MIC element is used in Authenticated Mesh Peering Exchange (AMPE)
frames.
The content of the frame after the MIC element is encrypted and
authenticated so don't try to parse it as normal 802.11 element.
Bug: 15499
Change-Id: Iaede048e1c30c5f980e98afb87b099bca531d3d0
Depends-On: I20e7f1e5779934e19464ad86666bfec8ded939e0
Reviewed-on: https://code.wireshark.org/review/32027
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Although the element is simply called MIC it is only used during a
mesh peering exchange (at least as of 802.11-2016) that's why I
associated it to field wlan.mesh.mic
Bug: 15499
Change-Id: I20e7f1e5779934e19464ad86666bfec8ded939e0
Depens-On: Ibad4fd77d43542ef867ac2a8ad9f186a1dd6c0f0
Reviewed-on: https://code.wireshark.org/review/32026
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3edb887d8561cce206d64899eb62ec209e5a6546
Reviewed-on: https://code.wireshark.org/review/32045
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
On the previous builder, `otool -L /path/to/libssh.4.dylib` returned a
bare "libssh.4.dylib", which required a workaround. On the new builder
it returns "@rpath/libssh.4.dylib". Adjust the workaround accordinly.
Remove a couple of chmods while we're here. Permission issues are better
addressed elsewhere.
Change-Id: If0692219d9558c77b45620e7aad309853012b7e8
Reviewed-on: https://code.wireshark.org/review/32059
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It might currently only be used by the Wireshark app, but somebody
might, at some point, have a TShark option to generate a PDF or JPEG
or... with a map image.
Hopefully this fixes the build of the WiX installer.
Change-Id: Iac9d65b23156d0c1d4c3cceef7d0b74fdcce64c1
Reviewed-on: https://code.wireshark.org/review/32065
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For now, only apply to nr-rrc.
Change-Id: I9be4bc5c3af33acad76c0a24ac04547e5f302c73
Reviewed-on: https://code.wireshark.org/review/32058
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
It's possible to do a *build* on Windows without the Wireshark app being
built; however, the *installers* can't currently be built.
If we have NSIS or WiX, and Wireshark isn't being built, report a
warning, and don't have targets for building the installers.
Change-Id: I2cc9c1f6ba375dbcb6d5b7520d2fa33ad97ba9fe
Reviewed-on: https://code.wireshark.org/review/32061
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Here is the list of new TLVs:
- SRv6 Capabilities sub-TLV
- Node MSD sub-TLV (rfc8491)
- IPv6 TE Router-ID (rfc5316)
- SRv6 Locator TLV
- SRv6 End SID sub-TLV
- SRv6 End.X SID sub-TLV
- SRv6 LAN End.X SID sub-TLV
Change-Id: I49c09852d18d28ed7ef678c7e87b8eeef00da602
Reviewed-on: https://code.wireshark.org/review/32040
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
In both cases, a file used in the process of building the installer is
generated from the Wireshark binary, so, unless we also arrange not to
put that file in the installer if Wireshark isn't being built, we can't
build the installer.
Have ADD_NSIS_PACKAGE_TARGET and ADD_WIX_PACKAGE_TARGET check whether
we're building Wireshark and fail if we aren't. That way, *if* we're
including the NSIS or WiX packages in the build files, we fail if we
aren't building Wireshark.
Change-Id: Icfe4d2491bd721cdd5fef424e9a7565c4990defa
Reviewed-on: https://code.wireshark.org/review/32053
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Fix a typoo while we're at it.)
Change-Id: I2129c301ea377a9fb48b3f5abd418f7319659638
Reviewed-on: https://code.wireshark.org/review/32050
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fold messages by overwriting the same line via a carriage return),
similar to Ninja. The full log will still contain all messages.
Change-Id: I89cc7d10147ebd21f22d40c8d2c4481b1dd2ab56
Reviewed-on: https://code.wireshark.org/review/32024
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The Travis casher Bash implementation for Windows has bugs. The
workarounds only slow down the build further. Given the lack of feedback
on the casher bugs from Travis CI, let's try to improve it. Hopefully
this will avoid stalls during the cache step.
The "cd .." and "cd build" hack is required due to an annoying bug:
https://travis-ci.community/t/caching-is-broken-after-directory-changes/2279
Change-Id: Iae62aa7e9ef78815d240b91199acfe21549c1af7
Reviewed-on: https://code.wireshark.org/review/32023
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Periodically report the installation status to avoid aborting the
installation on slow Qt installations (possibly due to slow network?).
Change-Id: I6b8b8db49f2268d557a5ca2e7b1f08b6ea801fd9
Reviewed-on: https://code.wireshark.org/review/32022
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
As noted in "AsciiDoc Recommended Practices" at
https://asciidoctor.org/docs/asciidoc-recommended-practices/, the
AsciiDoc/Asciidoctor community seems to have settled on ".adoc" as a
file extension and that's the one preferred by the Asciidoctor project.
Update our filenames to match.
Change-Id: I2d352623d42d65d950b64310c3655b0fd177ee8c
Reviewed-on: https://code.wireshark.org/review/32037
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the Visual C++ Redistributable installer returns 1638
(ERROR_PRODUCT_VERSION) treat it as a success.
Bug: 15509
Change-Id: I136704ddc3266abc1a79f0fdcdd0b6cb7e33266e
Reviewed-on: https://code.wireshark.org/review/32041
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert our self-generating FAQ to Asciidoctor via the following steps:
- `help/faq.py > /tmp/faq.html`.
- `pandoc -t asciidoc -o docbook/faq.adoc /tmp/faq.html`.
- Manually clean up the markup using a text editor.
Question and answer content was left intact. Removing or updating
obsolete content will have to be done in a separate change.
The Asciidoctor project uses the .adoc extension, so start using it here
as well.
The contents of the "help" directory appear to have been used for
offline support in help_url.c, but that functionality was removed in
2008 in 242e3b78bc. Its content is covered in the User's Guide and man
pages so remove it.
Change-Id: I9060eefe97cfc137f8b414077c30f814379b576a
Reviewed-on: https://code.wireshark.org/review/32014
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>