Ensure we remove the info status for a selected field when closing
a capture file to bring the text back to "Ready to load or capture".
Change-Id: I2946675b2c0bc47cb8c05c1d391ff8a0875e8c7f
Reviewed-on: https://code.wireshark.org/review/29216
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove what appears to be a debug message from CMake.
Change-Id: If6d12ca07d3c3b5f012a7e7ee530f7db18c813e5
Reviewed-on: https://code.wireshark.org/review/29215
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At least on my OpenBSD 6.3 VM, there's no Bash installed; just use
/bin/sh.
Fix two places that use csh-style ">& /dev/null" to use
"> /dev/null 2>&1" instead.
Change-Id: I48656c47e89b3ad09f3c2d9e3c90dfad7afabb71
Reviewed-on: https://code.wireshark.org/review/29214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1) At least with FreeBSD's "pkg search", the search does *not* do a
prefix match, so if you look for "pkg-config", you can find packages
whose name is *not* pkg-config but that has "pkg-config" in the middle
of the name. This means that we think we have a "pkg-config" package,
but we don't, and fail when we try to install it.
So we force a prefix match.
2) FreeBSD 11 doesn't have a "pkg-config" packate, but has a "pkgconf"
package. If we don't find "pkg-config", look for "pkgconf".
Change-Id: Iad5ef9d5630981958830c03e4cb90fe2d01ce1d0
Reviewed-on: https://code.wireshark.org/review/29213
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The field that used it was removed in
I5092d19b99fc6b9b5c870cafec2990dd67012ab1.
Change-Id: Ia358f475b8fbfeaf1fe10df79e9094ac837e3dd2
Reviewed-on: https://code.wireshark.org/review/29212
Reviewed-by: Guy Harris <guy@alum.mit.edu>
On my FreeBSD 11 VM, it's the standard FreeBSD package, which installs
it in /usr/local/bin/bash.
Change-Id: Ic6427a88efd963de8909a2d333c2c3bf8586e559
Reviewed-on: https://code.wireshark.org/review/29211
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Next patch will add new supported TLV
Bug: 15015
Change-Id: I5092d19b99fc6b9b5c870cafec2990dd67012ab1
Reviewed-on: https://code.wireshark.org/review/29206
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Required to pass the test suite.
28: Process output for suite_unittests.case_unittests.test_unit_fieldcount:
28: -- Begin stdout for command ('run/tshark', '-G', 'fieldcount') --
28: There are 205013 header fields registered, of which:
28: 0 are deregistered
28: 2468 are protocols
28: 15147 have the same name as another field
28:
28: 205000 fields were pre-allocated.
28: * * Please increase PROTO_PRE_ALLOC_HF_FIELDS_MEM (in epan/proto.c)! * *
28:
28: The header field table consumes 1609 KiB of memory.
28: The fields themselves consume 14414 KiB of memory.
28: -- End stdout for command ('run/tshark', '-G', 'fieldcount') --
28: -- Begin stderr for command ('run/tshark', '-G', 'fieldcount') --
28: -- End stderr for command ('run/tshark', '-G', 'fieldcount') --
28/29 Test #28: suite_unittests .....................***Failed 12.72 sec
Change-Id: I694ed42dbd5bef99df9d2037d505d71901afd2dd
Reviewed-on: https://code.wireshark.org/review/29209
Reviewed-by: João Valverde <j@v6e.pt>
It is still not very clear how to parse the element, so
focus only on the Unicast TWT for now.
This should be useful for the short term.
Ping-Bug: 15009
Change-Id: Ia589b170966e329ce051845553841a9fb80fcd5f
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Reviewed-on: https://code.wireshark.org/review/28857
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
- Make it possible to append text to the extension header decoding
- Make it clarer that the T-PDU decoding is an heuristic
- Prettify presentation of data.
Change-Id: I874f3f500e4c5c3c7f88cd6bf2370fbf6a4dc8a1
Reviewed-on: https://code.wireshark.org/review/29158
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Many dependencies (Git, MSVC2015, etc.) are already installed. The only
missing ones are HTMLHelp and Doxygen, but these are not used.
The AppVeyor free plan has one concurrent job with 2 cores, starting
with the first item in the test matrix. As everyone likely develops on
64-bit, 32-bit is more likely to break, thus prioritize it for VS2015.
For testing artifacts, do create a VS2017 x64 build before that though.
Cloning git and installing deps takes about 2-3 minutes. cmake takes
2-3 minutes. Wireshark.sln and test-programs build in about 11-12
minutes, tests run in about 3 minutes, nsis packages in 3-4 minutes.
A single job takes 21-28 minutes (depending on environment).
Change-Id: If0c738743ce3ccd7ddfb5d9e77cdb2d3a5354ac7
Reviewed-on: https://code.wireshark.org/review/28967
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The vcredist version (directory name) has changed. Instead of listing
all possible versions, just glob for it. I only observed a single
directory anyway.
As CMake can find compilers without vcvarsall.bat, it is possible that
env var VCINSTALLDIR is not set. Fallback to querying the location from
the registry (as was done in VS2015).
The MSVC_VERSION/VS/VCRT table is partially based on
https://blogs.msdn.microsoft.com/vcblog/2017/11/15/side-by-side-minor-version-msvc-toolsets-in-visual-studio-2017/
Change-Id: I58107597c5037ab597a0d620925cb870e6ef7793
Reviewed-on: https://code.wireshark.org/review/28980
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Store the association id instead of a pointer to the volatile
"sctp_assoc_info_t" structure because it gets freed after a rescan.
Bug: 14970
Change-Id: Id8fe2dfe3549bd711fc8ddef0770b217e83c2088
Fixes: v1.11.3-rc1-604-g796bf409b0 ("Add dialogs and graphs to analyse SCTP behavior similar to the GTK version.")
Reviewed-on: https://code.wireshark.org/review/28711
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
valgrind --tool=memcheck --leak-check=full ./run/tshark \
-r ../test/captures/krb-816.pcap.gz \
-o "kerberos.decrypt:TRUE" \
-o "kerberos.file:../test/keys/krb-816.keytab" \
-Tfields -e kerberos.keyvalue
24 bytes in 2 blocks are definitely lost in loss record 37 of 117
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xCB9FE1F: krb5_ktfileint_internal_read_entry.isra.5 (kt_file.c:1359)
by 0xCBA1436: krb5_ktfileint_read_entry (kt_file.c:1409)
by 0xCBA1436: krb5_ktfile_get_next (kt_file.c:510)
by 0x7A55A4F: read_keytab_file (packet-kerberos-template.c:324)
by 0x7A55922: read_keytab_file_from_preferences (packet-kerberos-template.c:249)
by 0x7A55EC4: decrypt_krb5_data (packet-kerberos-template.c:383)
141 (80 direct, 61 indirect) bytes in 2 blocks are definitely lost in loss record 99 of 117
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xCB9F9D9: krb5_ktfileint_internal_read_entry.isra.5 (kt_file.c:1237)
by 0xCBA1436: krb5_ktfileint_read_entry (kt_file.c:1409)
by 0xCBA1436: krb5_ktfile_get_next (kt_file.c:510)
by 0x7A55A4F: read_keytab_file (packet-kerberos-template.c:324)
by 0x7A55922: read_keytab_file_from_preferences (packet-kerberos-template.c:249)
by 0x7A55EC4: decrypt_krb5_data (packet-kerberos-template.c:383)
8,343 (24 direct, 8,319 indirect) bytes in 1 blocks are definitely lost in loss record 116 of 117
at 0x4C30B06: calloc (vg_replace_malloc.c:711)
by 0xCB9F129: krb5_ktfile_resolve (kt_file.c:198)
by 0xCB9DE82: krb5_kt_resolve (ktbase.c:175)
by 0x7A559BC: read_keytab_file (packet-kerberos-template.c:310)
by 0x7A55922: read_keytab_file_from_preferences (packet-kerberos-template.c:249)
by 0x7A55EC4: decrypt_krb5_data (packet-kerberos-template.c:383)
Change-Id: Ia6f62d8576f3812e8832acc747eac84de8383756
Reviewed-on: https://code.wireshark.org/review/29146
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Switch the AUTHORS heading markup from underscores to equals. This makes
it easier to transform to Pod headings.
Update the AUTHORS-SHORT-FORMAT output so that the author lists are
verbatim paragraphs. Add a style for the author lists instead of
wrapping everything in a <pre>.
The AUTHORS files are UTF-8 and wireshark.pod sets "=encoding utf8".
There's no need to translate characters.
Change-Id: I43cf18ff86774421b08edb84d968a9410be177fe
Reviewed-on: https://code.wireshark.org/review/29181
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We've set "=encoding utf8" in wireshark.pod for a long time. Do so in
the rest of our .pod files.
Change-Id: I3ef0fb3a88ed63275b4ff4362b6afbf13d79a0bc
Reviewed-on: https://code.wireshark.org/review/29182
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
PFCP session tracking follows the Session Endpoint Identifier, SEID.
Function is Disable by default.
Change-Id: I14ebe0745d8159ec90f31a985bcf46e6453c1361
Reviewed-on: https://code.wireshark.org/review/29168
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
valgrind --tool=memcheck --leak-check=full ./run/tshark -r sctp.pcap -U "OSI layer 3" -w exported.pcap
13 bytes in 1 blocks are definitely lost in loss record 20 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xB27B3C5: g_malloc (gmem.c:99)
by 0xB294D22: g_strdup (gstrfuncs.c:363)
by 0x117B5D: capture_opts_add_opt (capture_opts.c:889)
by 0x118C0E: main (tshark.c:1112)
Change-Id: I9b794015aa4d2626b43a5743864c2d732c6acaa1
Reviewed-on: https://code.wireshark.org/review/29125
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Now in alphabetical order
Change-Id: I9c572e04e422cc595c66681ff77cd37a944383b9
Reviewed-on: https://code.wireshark.org/review/29171
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Field 'smoothingInterval-r15' (lpp.smoothingInterval_r15) has a conflicting entry in its value_string: 3 is at indices 3 (1-2 min) and 4 (2-4 min)
Field 'smoothingInterval-r15' (lpp.smoothingInterval_r15) has a conflicting entry in its value_string: 3 is at indices 3 (1-2 min) and 5 (4-8 min)
Field 'smoothingInterval-r15' (lpp.smoothingInterval_r15) has a conflicting entry in its value_string: 3 is at indices 4 (2-4 min) and 5 (4-8 min)
Field 'smoothingInterval-r15' (lpp.smoothingInterval_r15) has a conflicting entry in its value_string: 3 is at indices 3 (1-2 min) and 6 (> 8 min)
Field 'smoothingInterval-r15' (lpp.smoothingInterval_r15) has a conflicting entry in its value_string: 3 is at indices 4 (2-4 min) and 6 (> 8 min)
Change-Id: Ib4ec9c7efd894d40487ee123fb0c07b5be88bf1f
Reviewed-on: https://code.wireshark.org/review/29176
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add TLS 1.3 tests that verify decryption of handshake, application and
early data. Add another test that shows that early data is properly
skipped. This completes TLS 1.3 (RFC 8446) decryption support.
The trace was created using boringssl c4131a4a23a1.
Bug: 12779
Change-Id: Iddd266ecd3f428c95aa3f69616ce55e75d4ccca0
Reviewed-on: https://code.wireshark.org/review/29170
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When early data is present but undecryptable (due to lack of keys), it
should not result in incrementing the sequence number or the following
application data from the client will fail to decrypt.
Change-Id: I8016a30508d96c14cbd6a3b9c4af1591a6c437c3
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/29169
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The Remarks section in WaitForMultipleObjects describes what kind of
handles the function can wait for. Pipe handles are not listed there.
The problem was introduced in c18459e66e
While it might be possible to setup overlapped reads on the pipe handles
and then wait on overlapped events, it would result in quite complex
code. As a tradeoff, simply keep peeking at the pipes every 100 ms.
Change-Id: I6ba4f4bf4c1d2af856027cca36ffd6d4f7f49f36
Bug: 14657
Reviewed-on: https://code.wireshark.org/review/29163
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The code was decoding IB_SG_DATA according to Encoding Variant 1.
Added parsing of the second variant and a preference to let the user choose
between the two.
Bug: 15054
Change-Id: I45efcb84c48d599b46037488792dbc5dad97ebd1
Reviewed-on: https://code.wireshark.org/review/29018
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Now in alphabetical order
Change-Id: I28d863fc176518a2c26c417257f657f9d888ceb7
Reviewed-on: https://code.wireshark.org/review/29156
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>