Dead Store include on g38c05061b
Change-Id: Ib29edea664ac6563c0eb9dc21dae168a8cfe6cd6
Reviewed-on: https://code.wireshark.org/review/9748
Reviewed-by: Michael Mann <mmann78@netscape.net>
The observe draft changed and now the option value does not contain the
lifetime anymore, but the value encodes if a user wants to register or
deregister.
Change-Id: I3719101c2bed87c956eb24056be40c9a79dafac8
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/9638
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hand it a table of version/procedure table/hf-for-program-number
triplets.
Change-Id: I2acc03c2da83353165bd422d8537362201c814e2
Reviewed-on: https://code.wireshark.org/review/9740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just hand the payload off to the data dissector.
Change-Id: I59a61ec6352ef0b0c51382d68ca23b00010eb723
Reviewed-on: https://code.wireshark.org/review/9733
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They are, after all, really byte strings, just as MAC-48s/EUI-48s are.
Clean up some of the integer <-> byte-string trickery a bit, using
unions rather than pointer punning.
Bug: 11380
Change-Id: I0d9aa3ca7bb6b7e4c75e49a11b13d3d0e5a04473
Reviewed-on: https://code.wireshark.org/review/9727
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This uses one line (on bottom) of items and makes it white.
Seen in Wireshark on some configurations of GTK 2 on Linux,
so backports it to Qt for people who like it.
In my opinion it helps if you use packet list background colors
for frames and you have a lot of following frames with
the same background color.
Bug: 10954
Change-Id: Id8f58520d7224db4eb8181bcc04febd7416a8578
Reviewed-on: https://code.wireshark.org/review/7293
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Not only must characters that aren't printable ASCII characters be
escaped, backslashes must be escaped (as backslash is an escape
introducer) and double-quotes must be escaped (as double-quotes
encapsulate strings).
When constructing a string to hand to uat_load_str(), escape pathnames,
as they are likely to contain backslashes on Windows, could contain
backslashes on UN*X, and could contain quotes on UN*X and possibly
Windows. (Arguably, we should escape all the string arguments
Bug: 11372
Change-Id: I594840327fa41895130903c3c612ba97d6c29df3
Reviewed-on: https://code.wireshark.org/review/9716
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise some protocol/container ID payload are skipped as their decoding depends on the direction that is unknown
Bug: 11378
Change-Id: Ic14aa67fe4f262a9f3056e8f70f58afd78c59043
Reviewed-on: https://code.wireshark.org/review/9710
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I151cb2186c7dabbab1bef5cd35dabe19a3600dfd
Reviewed-on: https://code.wireshark.org/review/9703
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
didn't work as expected for epan/dissectors/usb.c
Revert that file for now.
Change-Id: I7ebbc860e2e4a93f086fc3e53138f3272814d5f0
Reviewed-on: https://code.wireshark.org/review/9705
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Either there's a known body for the call or reply, in which case we
already have a dissector for it, or the body is empty, in which case we
now have dissect_rpc_void() to dissect it, or the body is unknown or
nobody's bothered writing it, in which case we use dissect_rpc_unknown()
for now.
This means that an attempt to look up the dissector for a known
procedure will always succeed, so we can label it with the name rather
than with "proc-N".
It also means that we distinguish between "it's void" and "it's
unknown", so that unknown values will get flagged as such.
Change-Id: I748580c1dca61d1f0972396db1a3b0885fc0a541
Reviewed-on: https://code.wireshark.org/review/9699
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If ssl.keylog_file is not configured, an empty string is set. In that
case, do not attempt to open the keylog file.
Change-Id: I2ba4b9dbc7cfb5009d2623c49a129e98734df80f
Reviewed-on: https://code.wireshark.org/review/9688
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I06841ec77cf9f34914b9dfe10b8cd35824b32b71
Reviewed-on: https://code.wireshark.org/review/9647
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
HCI Summary dialogue collect HCI Opcodes, HCI Events, Hardware Errors,
Statuses and Reasons. Also show occurrence of them. The top level item
is group of items (by OGF or types), the second level item is in real
command, event, hardware error, status or reason. The third level items
are direct link to packet that contains second level item type.
Change-Id: I6b6bd02533c4605a2dd2c1f5dfee46f72a0f3fdc
Reviewed-on: https://code.wireshark.org/review/9676
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Bug: 9827
Change-Id: I8fdba4827b164bd231981bfdd2e1bd0499f4f87c
Reviewed-on: https://code.wireshark.org/review/9669
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ping-Bug: 11358
Change-Id: Ieed093b4aa263026772450f95dd5fa18280f9b76
Reviewed-on: https://code.wireshark.org/review/9648
Reviewed-by: Michael Mann <mmann78@netscape.net>
Future: Allow multiple protocols to be disabled in one option statement
(perhaps using a comma or colon delmited set of names in <proto_name>)
instead of having to specify --disable-protocol <proto_name> multiple times.
Change-Id: I9b8f960acf75298ebb098d9b667fca49dca52306
Reviewed-on: https://code.wireshark.org/review/9631
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There's no "btrfcomm.channel" dissector table any more; there's a
"btrfcomm.dlci" table.
Change-Id: Ia7cdf45c04b6b116a67ef4b7dfdce509cdb15327
Reviewed-on: https://code.wireshark.org/review/9684
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 10202
Change-Id: Ic550d75a853eca7abd162241b8426ab196ba0d12
Reviewed-on: https://code.wireshark.org/review/9671
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
That way, we don't just silently fail.
Change-Id: I924f4387f6efdc342f6b02ed29796802567c1884
Reviewed-on: https://code.wireshark.org/review/9683
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Channel is not enough to decode streams over RFCOMM. DLCI is.
DLCI is Channel and Direction bit that can be used to recognize
which side RFCOMM service (channel) is - remote or local side.
Direction bit is first bit in DLCI so: DLCI = Channel < 1 | Direction.
Change-Id: I56a641cfd2d4495d119f08ded1aab5cead458e17
Reviewed-on: https://code.wireshark.org/review/9679
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Replace L2CAP Service, RFCOMM Service and AVCTP PID dissector table
by shared Bluetooth Service UUID table. It also supports UUID16,
UUID32 and UUID128 by hex-string, like for AVRCP: "110e".
Change-Id: I473bc73d10939e8ed6dd55a6a92387c7a1ec125a
Reviewed-on: https://code.wireshark.org/review/9678
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
They were never put in it in the first place because they can't hold the
necessary pointers.
Bug: 11373
Change-Id: I9e2ec76850929b5ac86e6f7a344d70f56ad3911c
Reviewed-on: https://code.wireshark.org/review/9672
Reviewed-by: Evan Huus <eapache@gmail.com>
Apparently GnuTLS 2.12.23 as used on Ubuntu 14.04 produces different
outputs for the u parameter as observed in gdb. GnuTLS 3.4.2 on Arch
Linux works fine. Workaround this issue by unconditionally calculating
the inverse.
Change-Id: I8406352f8c570b355ea774cafc903662d06888ac
Fixes: v1.99.8rc0-417-g85f8a99
Bug: 11371
Reviewed-on: https://code.wireshark.org/review/9666
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Ic7d713e8593cd0841089f2c26d2c24f2f008cb31
Reviewed-on: https://code.wireshark.org/review/9667
Reviewed-by: Michael Mann <mmann78@netscape.net>
to the SMB2 protocol.
I am submitting this purely so that it is available for others to play with.
Change-Id: I379b9da90731cc61ce38a1fdf21dc7c09d0d114e
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/9496
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Combine the GTK+ RTP Stream Analysis and RTP Graph Analysis dialogs into
one. Yell at the user less. Disable the Analyze RTP Stream menu item if
we don't have an RTP stream selected.
There are a *lot* of moving parts in this dialog. I've tested with the
few RTP captures I have but it's by no means complete.
"To do" items are listed at the top of rtp_analysis.cpp.
Change-Id: Id503977f069bebc46cc68bc749f0c9cbf4d37bf6
Reviewed-on: https://code.wireshark.org/review/9650
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Ping-Bug: 11358
Change-Id: I9ecb5fe6bcd7f25c763d968bf56fb2d9bce2180c
Reviewed-on: https://code.wireshark.org/review/9639
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove unused SSL_FAST code. That approach cannot work in modern
libgcrypt anyway since the symbols were renamed and private to
libgcrypt. The RSA decryption routine is not even a hot path, it is only
called for decrypting the encrypted pre-master secret.
While at it, expand the SSL_PRIVATE_KEY macro and remove its definition.
Change-Id: Ied556d18501ea6cbac5fb27218364b3479ad62ce
Reviewed-on: https://code.wireshark.org/review/9572
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
and dissect the components of a tag
add a global true-false string for constructed vs. primitive
Change-Id: If10ecf97cde59e2be9ff5e3163073f6d14e6c61e
Reviewed-on: https://code.wireshark.org/review/9636
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I93ce7151467c890c12f7d612b5a7eecf5f91c189
Ping-Bug: 11358
Reviewed-on: https://code.wireshark.org/review/9640
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
