Serval is a service-centric architecture that has been ported to XIA to
allow applications to communicate using service names. This change adds
a dissector for XIP Serval, which sits between layers 3 and 4, and
also amends the XIP dissector to be able to invoke it.
Bug: 11491
Change-Id: I11299ddbd0fb9eaf8728f8b3fde2a63656963114
Reviewed-on: https://code.wireshark.org/review/10315
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found by Clang 3.7
Change-Id: I3a7c41eba2ee636bb74326598a3de47f5a23126a
Reviewed-on: https://code.wireshark.org/review/10325
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Get rid of false-positive coverity issues by using a macro instead
of source code if-statement.
Bug: 11501
Change-Id: I07f478ed334931f05bdfb87cb8f614b16bbf8fa8
Reviewed-on: https://code.wireshark.org/review/10376
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
IPv6 Extension Headers compressed using IPHC should have a single Pad1
or PadN inserted at the end if necessary - the previous code just left
any padding zero-initialised (equivalent to multiple Pad1s).
This guarantees correctly-compressed packets are accurately
decompressed, including the specific option padding pattern. (The type of
padding could matter, eg for IPSec authentication - padding options are
authenticated.)
Print a warning note if a non-option header needs padding - this is
invalid.
Bug: 10523
Change-Id: I66c98370862800a8fccbe02ed6a851961e2f7d1d
Reviewed-on: https://code.wireshark.org/review/10230
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
These aren't "true" shadow issues, but the script doesn't completely understand C syntax (for things like struct member names "time" and "index"). But fixing them creates less noise.
Change-Id: I5a2db1549095824530428529e86cab453c031a04
Reviewed-on: https://code.wireshark.org/review/10368
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's _WIN32, with a leading underscore, not WIN32. See, for example:
https://sourceforge.net/p/predef/wiki/OperatingSystems/
and
https://msdn.microsoft.com/en-us/library/b0084kay.aspx
*Some* environments may also define WIN32, but we shouldn't depend on
that.
Replace all-caps "WIN32" referring to Windows in comments and other text
with "Windows" or "Win32". (The two are pretty much equivalent, these
days; nobody much cares about Win16, not that we ever ran on it, and
64-bit Windows is just a 64-bitified Win32.)
Change-Id: Id327bcd4b1e9baa4f27055eff08c2d9e594d6f70
Reviewed-on: https://code.wireshark.org/review/10367
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove some old cruft which compiled packet-rrc.c with '/Zd'
option for certain very old Microsoft C compilers which we no
longer support (e.g., MSVC6!).
Change-Id: I47f7ab8c92b9e495acedfe76260d607a01c2a40f
Reviewed-on: https://code.wireshark.org/review/10362
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: Ib28206e9573f1dd624be1d3c265fef405f65b19a
Reviewed-on: https://code.wireshark.org/review/10351
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
890:9: warning: Access to field 'str' results in a dereference of a null pointer (loaded from variable 'token_list')
3132:4: warning: Value stored to 'str' is never read
3155:4: warning: Value stored to 'str' is never read
3166:4: warning: Value stored to 'str' is never read
3183:4: warning: Value stored to 'str' is never read
3192:4: warning: Value stored to 'str' is never read
3203:4: warning: Value stored to 'str' is never read
3220:4: warning: Value stored to 'str' is never read
Change-Id: If1a1acfc331e0648f95f6d6defe6533b6927ccaa
Reviewed-on: https://code.wireshark.org/review/10357
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I67f572129821fb00e4478a30bfd4a52287b8b1a1
Reviewed-on: https://code.wireshark.org/review/10350
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: If617016f588bbf940f37699e27559dc5c59cf508
Reviewed-on: https://code.wireshark.org/review/10349
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I95edc1b40c07a4addf194df6a2056e7b61193e5a
Reviewed-on: https://code.wireshark.org/review/10348
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I22dccb2f2d71897334e11632f4060ccfbf4794ad
Reviewed-on: https://code.wireshark.org/review/10334
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert both the MTP3 statistics and summary. As with the GSM stats this
is mostly untested.
Change-Id: I7af8d5f21c8161dc95f7f2c710f32364b6f6a431
Reviewed-on: https://code.wireshark.org/review/10338
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I353b4fcb3091e731a4b2a68e1932a5abc60c6038
Reviewed-on: https://code.wireshark.org/review/10323
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This currently only works for data frames. A Fixme is in place for
managment frames.
Change-Id: I0a72a9a3e40cf8269856fbbcd97b270af422afa2
Reviewed-on: https://code.wireshark.org/review/10322
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
don't create an expert info under if (tree)
Change-Id: I2c8f90483c434d708a97b621621ca123fc505edc
Reviewed-on: https://code.wireshark.org/review/10319
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
RFC 6282 specifies special handling of the "Length" field in compressed
IPv6 extension headers. However, the Fragment Header does not have a
Length field, so this special handling does not apply - the second octet
should be treated as opaque data, and the header length is always 8
octets.
Bug: 11368
Change-Id: I28fcd66d96f58a5959bb669caf4244afaca9e67e
Reviewed-on: https://code.wireshark.org/review/10231
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
I now read 8.2.4.1.10 "Order field" in 802.11-2012 as saying that, in
management and QoS data frames, the Order bit shouldn't be set for
non-HT, non-VHT frames, so we can just test it for those frame types
without bothering to check the radio metadata to see if the frame is an
HT or VHT frame.
This handles cases where the radio metadata isn't complete, e.g. an HT
frame with a radiotap header but no MCS field.
Handle this for *all* QoS data frames when capturing.
Get rid of the "fixed-length link-layer header" stuff; it's not being
used.
Fix a case where we're appending text to a tree item without a space
separating it from the previous text.
Bug: 11351
Change-Id: I980f5b7509603b0c22c297fddc19434c08817913
Reviewed-on: https://code.wireshark.org/review/10288
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do not retrieve type and code base on the info column content.
Instead store type and code in pinfo structure and retrieve them in sequence analysis tap.
Change-Id: I71cd505d7faf713c2372731495d47b45928a41f8
Reviewed-on: https://code.wireshark.org/review/10280
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Artho <pascalartho@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The GTK+ UI sequentially dissects and caches column strings for all rows
before sorting a column. Do the same in the Qt UI, which can improve
performance considerably.
Don't colorize packets when sorting in the Qt UI unless it's necessary.
When sorting in the Qt UI, let the user cancel the initial packet
dissection. Note that we'll need to replace std::sort in order to
cancel out of sorting.
Use a pre-allocated and pre-compiled GRexex when we prime columns. Note
that we probably shouldn't parse a regular expression there.
Cache the last result of proto_registrar_get_byname.
Note performance hot spots elsewhere in the code.
To do:
GeoIP in packet-ip.c is pretty slow.
Bug: 11467
Change-Id: Ib34038fee08ef0319261faeffc4eca01e52f4bd3
Reviewed-on: https://code.wireshark.org/review/10275
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I066b70cfd58f5fb3ffbcb2e238416747d9e7dd57
Reviewed-on: https://code.wireshark.org/review/10269
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch enables validation of response authenticator messages when
the shared secret is known.
The validation can be activated in the preferences.
It implements the validation protocol described in RFC 2865 page 16: Response Authenticator.
When an authenticator is invalid, the information is added in the header information.
It adds two flags for the display filter : radius.authenticator.valid and
radius.authenticator.invalid: since verification is not always possible we use
two flags to determine if the verification has been made or not, in the same way as
udp and tcp checksum validation is implemented.
The Authenticator field becomes a tree, and the value of the flags are visible in
this tree.
Change-Id: I33a664f2265c6248e106cee7904c754089d50445
Reviewed-on: https://code.wireshark.org/review/10216
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
João Valverde