Many proto_item_append_text calls were just adding a unit string to a field.
There's a better way to do that now.
Change-Id: Id18d5ac1ea4d8ecdc4cbe7ebaec07fbd2eab6e78
Reviewed-on: https://code.wireshark.org/review/19289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
proto_tree_add_uint_format_value had the most use of unit strings, this
patch handles all of the other proto_tree_add_xxx_format_value calls that
could be better served using BASE_UNIT_STRING with a "unit string" in hf_ field.
Added more "common" unit string values to unit_strings.[ch]
Change-Id: I0fb680be781e10037eb7bd40dd21a9ee20c1fb1c
Reviewed-on: https://code.wireshark.org/review/19288
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, $PATH points to .../Wireshark.app/Contents/Resources/bin, so
the man command will look in
.../Wireshark.app/Contents/Resources/share/man.
This also may obviate the need to install the wrapper scripts in
/usr/local/bin, although those scripts obviate the need to re-set PATH
after installing Wireshark.
Change-Id: I7202b5a0fe5d2b90c956dc0db2af073f6c08b00d
Reviewed-on: https://code.wireshark.org/review/19296
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The ASCIIDOC_CONF_FILES setting for asciidoc was only generated
if any of the guides were being built.
Clean up a dup setting and some and blank lines in FindASCIIDOC
Change-Id: Ie8ab97db09e18cdb8d7e2a7bd4dcf8c288dd036f
Reviewed-on: https://code.wireshark.org/review/19291
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
As per glib manual, GSLists need to be NULL initialized.
Change-Id: If78904b900f6ddd7a0afaf3a1c480ec7626f2027
Reviewed-on: https://code.wireshark.org/review/19281
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Those sizes are limited by the packet sizes we support, and we only
support a maximum packet size of 2^32.
This squelches some compiler warnings.
Remove some casts that this renders unnecessary.
Change-Id: Id9a7bcf8c2ce30bbed7be6c0e28deb9cf38002e0
Reviewed-on: https://code.wireshark.org/review/19279
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch modifies the homeplug-av dissector to better decode sniffer data according to the IEEE 1901-2010 standard.
The dissector now decodes MPDU variant fields correctly based on delimiter type, and decodes beacon MPDU payloads.
There are some variable-length fields it doesn't handle yet.
This patch should have no effect on how non-sniffer-data packets are decoded.
These changes are based on Andrew Margolis' pull request to faifa at https://github.com/ffainelli/faifa/pull/11
Change-Id: Ia60ac7affa99a68b38f04ab66373ac715c761328
Reviewed-on: https://code.wireshark.org/review/19156
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
See 8.4a.2 from 802.11ad-2012(.pdf)
Issue reported by Hany ASSASA
Ping-Bug: 13244
Change-Id: I6e22de3009b722e61b30ce2dd93596c4f51bb2fe
Reviewed-on: https://code.wireshark.org/review/19243
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
As per RFC 3161 Appendix A. The ASN.1 elements it defines are not
officially part of any module, so just stick them into PKIXTSP.
Change-Id: I728505cb305b924465b62eb442288edea7f916a7
Reviewed-on: https://code.wireshark.org/review/19272
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In some messages (observed in Oracle 12c) packet length has 4 bytes
instead of 2.
Tested with oracle12-example.pcapng from SampleCaptures wiki.
Also small datatype fix.
Change-Id: I35490ade8cf0dee6392f4fa1b51d8dc7cff85400
Reviewed-on: https://code.wireshark.org/review/19264
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When VoIP Calls/Flow Sequence generates list of nodes to show (nodes above flow), it do not clear the list from last call. As consequence of it, when second call is between hosts than first call, you see nodes which are not involved in call.
Change-Id: I80f9acb09e6aa71b3a32bb6eacaeb5b4bb13b332
Reviewed-on: https://code.wireshark.org/review/19267
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- spaghetti code for save was split into separate functions
- code saves G.711 only, all other codecs are saved as silence with correct duration
- code is ready to include other codecs
- code supports 8000 Hz sampling rate only, other rates are rejected with warning
- bidirectional stream (forward and reverse) creates stereo .au file
- output is based on timestamps in RTP streams
- save operation is slower than before because it is set of seek() - one per each codec sample
- code allows align of save audio:
- as it is - each stream is saved from its beginning, no aling
- to start of each other - later stream is prepended with silence
- align saved audio to beginning of capture file - each stream is prepended with silence
- save to raw works correctly now - only payload is saved
- old code was inserting G.711 silence time to time to raw data
Bug: 13242
Change-Id: I74d02a1cc1c75acf9ffe930d078c00a0555cbfb6
Reviewed-on: https://code.wireshark.org/review/19245
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check the length of the line first.
Bug: 13246
Change-Id: I906bb652594898061afb4b2cd4edb916af354161
Reviewed-on: https://code.wireshark.org/review/19273
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Added back legacy version (<= 0.9.7) support after restructuring
for dissector completeness.
Change-Id: I5355bf8faa1b9fd8ee9056254048fe5c314b6efb
Reviewed-on: https://code.wireshark.org/review/19271
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This clears up the diff between the local copy of the CMS module and
upstream, making it easier to determine what modifications were made.
Change-Id: I466cb97e6505ea8075d01663e1ede95b85468898
Reviewed-on: https://code.wireshark.org/review/19269
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Added header fields in a new subtree.
- Restructured to use fewer functions and to use offset
counting instead of offset defines.
- Removed support for legacy version 0.9.7.
- Removed unused code.
Change-Id: I9eb6c8b3b450ddb95fb0f4bdd9f9717dafa687b0
Reviewed-on: https://code.wireshark.org/review/19260
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The dissector for the Nordic BLE Sniffer was added as internal in
g7844a118, so ensure we don’t load this third party dll on WIN32.
Change-Id: I74c200d42793f3c1e764bc9f6c3a9a795d38a5a7
Reviewed-on: https://code.wireshark.org/review/19259
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The help statement is in the first sentence, while interfaces are
in others. We need to keep state of it.
Ping-Bug: 13218
Change-Id: Iad1d403d5e8bc34e2489daaa3b14d469d5ee5b5b
Reviewed-on: https://code.wireshark.org/review/19148
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Format of file selected by user is derived from save dialog format selection, not from filename as before.
Bug: 13240
Change-Id: Id6e159d97e4f26c25b3d2d98d43041d8617cc737
Reviewed-on: https://code.wireshark.org/review/19240
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dialog shows time (relative to capture start) and packet number when forward and reverse stream starts. It shows difference in such values on bottom of dialog too.
Bug: 13239
Change-Id: If807b8a56723df17ed131b1aac053cf8f985bb7b
Reviewed-on: https://code.wireshark.org/review/19239
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's a manual attempt at what proto_tree_add_bitmask can do anyway.
Change-Id: If551e8afa346a33b8e15dc441aae75ba0752ab46
Reviewed-on: https://code.wireshark.org/review/19257
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also use proto_tree_add_item_ret_length for string handling.
Change-Id: Id1eae2e51460a3b7f4c3385b9b1fd7f12398a227
Reviewed-on: https://code.wireshark.org/review/19255
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Remove functionality that was replaced by a proto_tree_add_bitmask
2. Remove use of nbdgm_header structure which is just a useless placeholder
3. Remove some if (tree) over single fields.
Change-Id: I0879043685686eb5b861cf77ec38bbf25ed6044e
Reviewed-on: https://code.wireshark.org/review/19254
Reviewed-by: Michael Mann <mmann78@netscape.net>
IMG_JFIF was trying to be a macro for all display and expert info filters.
This messed with the pre-commit scripts ability to ensure protocol
filter name was being used as the prefix for display and expert info
filters. So replaced IMG_JFIF with the proper prefix - "image-jfif"
Change-Id: I1fe3dc8797529c9d17f75c511bc279824e7e69b0
Reviewed-on: https://code.wireshark.org/review/19253
Reviewed-by: Michael Mann <mmann78@netscape.net>
The file list contains semicolon-separated list of files to check.
When merging the lists we need to separate them properly.
Error:
No such file: "packet-ncp2222.cpacket-coseventcomm.c" at wireshark/tools/checkAPIs.pl line 2050.
Change-Id: I19702ab85408caf69ed922732fce74c3058be640
Reviewed-on: https://code.wireshark.org/review/19237
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Several calls to proto_tree_add_uint_format_value could be better served
using BASE_UNIT_STRING with a "unit string" in hf_ field. There also
a few cases where proto_tree_add_uint_format_value could just be
proto_tree_add_uint.
Added a few more "common" unit string values to unit_strings.[ch]
Change-Id: Iaedff82c515269c9c31ab9100dff19f5563c932d
Reviewed-on: https://code.wireshark.org/review/19242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Several calls to proto_tree_add_[float|double]_xxx could be better served
using BASE_UNIT_STRING with a "unit string" in hf_ field.
Added a few more "common" unit string values to unit_strings.[ch]
Change-Id: Id0da7b579403898d20c2667d6c4abcd59d5a48d4
Reviewed-on: https://code.wireshark.org/review/19241
Reviewed-by: Michael Mann <mmann78@netscape.net>
Stash the current row when we freeze the packet list. Make it possible
to restore it when thawing. Do so when the layout changes and when we
move a column.
Change-Id: I44cfb8bafcd4d49a46e1c89bf47aecf5ac139773
Reviewed-on: https://code.wireshark.org/review/19222
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Same SSRC is shown because of typo in variable name for reverse stream.
Bug: 13236
Change-Id: Idcba4d83c7b4358cd8ebf1ee5c5b5bde2fc2e48b
Reviewed-on: https://code.wireshark.org/review/19238
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This was inspired by the https://www.wireshark.org/lists/wireshark-dev/201505/msg00029.html thread.
Used TCP and NTP dissectors as the guinea pig with sample use.
Documentation updates includes some unrelated cleanup just because it was noticed.
Change-Id: I59b26e1ca3b95e3473e4757f1759d7ad82976965
Reviewed-on: https://code.wireshark.org/review/19211
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Set all addresses before we do reassembly because sub-dissectors may set
their own addresses, and we don't want to override them again.
This fixes "Follow TCP Stream" and shows the correct IP addresses in the
Source and Destination columns when transporting IP packets.
Allocate the addresses in pinfo pool to avoid possible stack buffer overflow.
Bug: 13230
Change-Id: I3b81ccb02b38331add4773d9bb3d5e0f6dcf025e
Reviewed-on: https://code.wireshark.org/review/19201
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The protocol is actually nearly identical to ordinary Diffie-Hellman,
but the names are different, and the ephemeral keys are bytestrings
rather than integers.
Change-Id: I261b6426137dae12fe53686e74517080abd80bb3
Reviewed-on: https://code.wireshark.org/review/19210
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Parse the communication bits of a BGP Cease NOTIFICATION:
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 146
Type: NOTIFICATION Message (3)
Major error Code: Cease (6)
Minor error Code (Cease): Administratively Shutdown (2)
BGP Shutdown Communication Length: 124
Shutdown Communication: NTT will perform maintenance on this router. This is tracked in TICKET-1-24824294. Contact noc@ntt.net for more information.
Draft at https://tools.ietf.org/html/draft-ietf-idr-shutdown-01, sample
file taken from from http://instituut.net/~job/shutdown.pcap
Change-Id: I2ab633883cc69e560ff79cb6239e02fcffd71e10
Reviewed-on: https://code.wireshark.org/review/19144
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add "LE Set Extended Advertising Parameters" and
"LE Set Extended Advertising Parameters" commands parsing.
Change-Id: Ibcc9f145694e54710da3a11ade237f7132674366
Reviewed-on: https://code.wireshark.org/review/19234
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add plugin to autofoo and CMake build systems and fix errors found
Add plugin to Windows installer (optional component activated by default)
Change-Id: Id1b777bdee04e53076b3291f6fb68d5abad6985d
Reviewed-on: https://code.wireshark.org/review/19228
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Commit 66549a9cac added 3 new entries to
wka.tmpl, but used spaces instead of the default tab separator. This
inconsistency causes external tools that expect tabs in the manuf file
to behave unexpectedly.
The manuf file was re-generated after the fix to wka.tmpl.
Change-Id: I79bceac649e0fc29b3502fc2e074dcd513f29ff5
Reviewed-on: https://code.wireshark.org/review/19217
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann