This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add also special case on hello key_share extension
Ping-Bug: 12779
Change-Id: Ib8e2dd060f322c2404a8afa9b8cb70de7c2c65b7
Reviewed-on: https://code.wireshark.org/review/18093
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The preferences subsystem knows/stores the default values for all preferences;
maybe we should use that to show the default values for all preferences.
Change-Id: I562ce9f129c8dfd8378aeb425f70f21b4cf59230
Reviewed-on: https://code.wireshark.org/review/18094
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Add Connection ID to tree
2. Remove unused defines
3. Fix Typo
Change-Id: I25b76057d5c482c73f22e45cc38d5dceb68feca6
Reviewed-on: https://code.wireshark.org/review/18099
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. CIP Safety: Exception Detail Alarm and Exception Detail Warning both were not parsing their 3 parts because the offset was not increased. Fixed the offsets and combined the functions because they have the same format.
2. CIP: Forward Open Safety Response had wrong offsets so it was parsing incorrectly. This incorrectly showed as Malformed.
3. CIP Safety: Pass in tvb to proto_tree_add_subtree() instead of NULL. This was causing a Dissector bug (seems only on trunk, not 2.2). This was already done for packet-cip.c under https://code.wireshark.org/review/#/c/16748/
4. Some minor typos
Change-Id: I63e8d200cd3408c16ca0a1edbc483c3bb8298d3b
Reviewed-on: https://code.wireshark.org/review/18100
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I667c00a8093896984dbf75fa20bec86304706886
Reviewed-on: https://code.wireshark.org/review/18101
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12984
Change-Id: Ie7d74a99807cfc77b0c444d79e21b64e1612ac90
Reviewed-on: https://code.wireshark.org/review/18088
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12982
Change-Id: Iaf816247d49b2f869dc19f64cb0a24247fb38169
Reviewed-on: https://code.wireshark.org/review/18087
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Both 29.060 and 29.274 reference to 24.008 for TFT filter.
Remove redundant part and switch to common TFT encoder.
Second reason: decode_gtp_tft didn't encoder all correct,
missed direction and filter index.
Change-Id: I9691dcb5a9d151f181a3531145ac339fcc7ba245
Reviewed-on: https://code.wireshark.org/review/18082
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Derive the dissection functions from
dissect_ike_attribute() and dissect_ipsec_attribute():
* Add dedicated header fields.
* Remove attribute types not applicable in Responder Lifetime context.
Clean up the field name "isakmp.ipsec.attr.type".
Bug: 12963
Change-Id: I486380836d915255812098be2190bcc77ec13c00
Reviewed-on: https://code.wireshark.org/review/17970
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
g_malloc() may abort(3) the program when the comprlen is insanely large so use tvb_memdup() instead.
Change-Id: I23fbdc2362900030c41da1c297ab0c787de7c5ca
Reviewed-on: https://code.wireshark.org/review/18043
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I077c21eb213435e7ed0e9ac0b9a8f95aa9dd6f3d
Reviewed-on: https://code.wireshark.org/review/18075
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I7846dd04c45d0398ded8345b6a2794d6f851cb64
Ping-Bug: 12979
Reviewed-on: https://code.wireshark.org/review/18065
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic9923d93d74a40da2a4009f8b27d8a5ae9803833
Reviewed-on: https://code.wireshark.org/review/18064
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As an FT_NONE field, you can't filter/use the message it contains.
Bug: 12960
Change-Id: Icaa9a260195711f1bd90f5ed14797c0d0c46de9c
Reviewed-on: https://code.wireshark.org/review/18063
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure temp_dfilter is initialized so that we don't end up freeing
invalid memory.
Change-Id: Id31969573690574846422b67c950188fd6ee4ef3
Reviewed-on: https://code.wireshark.org/review/18066
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The PT_TXTMOD_HEXBYTES comment was misleading, edit it to reflect the
actual implementation in GTK+/Qt.
Change-Id: I1506ad9189296dcc09cc20eafb0d65eaf291d79f
Reviewed-on: https://code.wireshark.org/review/18058
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The retured-content is defined as IMPLICIT Content (octet string),
so ensure we handle this correctly.
Bug: 12976
Change-Id: I4bcce67cea97142bf3312e1a5c2aeb169c7a69d2
Reviewed-on: https://code.wireshark.org/review/18054
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Move the modification of the content item (which adds the length)
inside the check for a valid tvb to avoid calling tvb_reported_length()
with a NULL parameter.
Bug: 12976
Change-Id: I54368584b7c00f7a2937eaec772533ae73d98f80
Reviewed-on: https://code.wireshark.org/review/18050
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
In ColoringRulesDialog:
Only check a rule's display filter if that rule is enabled. This keeps
us from disabling the OK button when we shouldn't.
Adjust the "Your coloring rules file contains unknown rules" dialog text
and buttons for accuracy.
In color_filters.c:
Don't try to compile disabled filters in color_filters_apply. Don't warn
about disabled and invalid filters in read_filters_file.
Bug: 12814
Change-Id: I7143bf8e7a6162d296f1e93769344b69763195c8
Reviewed-on: https://code.wireshark.org/review/17823
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I947dc83e3b1b853873b5158f234e44ef933c3bcc
Reviewed-on: https://code.wireshark.org/review/17982
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ia8d4d74a7f0f5795790f930fc1e894a7ee202da7 didn't have proper bit comparison.
Change-Id: I5b7e431745aff7ca895b6b83500bd7e8f1039fde
Reviewed-on: https://code.wireshark.org/review/18038
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Support collection values
- Support out-of-band values
- Support unknown values
- Support detail for octetString/collection values
- Support symbolic enum keywords for member attributes
- Update detail format to be more compact, normalize format to match IPP
syntax descriptions
Change-Id: I76295221901fa88250a2e9ef099eca2c53b20132
Reviewed-on: https://code.wireshark.org/review/17693
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Smith Kennedy <smith.kennedy@hp.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also get rid of two global variables
Change-Id: I8c20decb76f5c1773f58efd24d2e1e7d1177d358
Reviewed-on: https://code.wireshark.org/review/18029
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Lua 5.2.4 built with -DLUA_USE_APICHECK detected a stack issue:
tshark: lapi.c:175: lua_settop: Assertion `(-(idx+1) <= (L->top - (func + 1))) && "invalid new top"' failed.
Function File_read always assumes that File_read_line pushes a value on
the stack (which clearly did not happen). On read failure, it would then
pop the stack (tripping the assertion) to push nil.
The other user (File_lines) is also affected by this change, but the Lua
5.2.4 documentation says that it should also return nil on EOF, fitting
this implementation.
Change-Id: I9cc8a5319523b2b56f4ae4735bbdbc1196387386
Reviewed-on: https://code.wireshark.org/review/18016
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I874314ac736ad94bfaf15665ee7b030382e9bdf3
Reviewed-on: https://code.wireshark.org/review/18015
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>