Don't display duplicate ports if transport name resolution is not
enabled (for UDP/TCP/DCCP).
Also introduce col_append_port() to handle info column port display
with name resolution in a uniform format.
Change-Id: Icb8ac45f726b7c539b4534c62061473e9b582753
Reviewed-on: https://code.wireshark.org/review/10804
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I94f096a0ca487311d44a03e4183732db015605b2
Reviewed-on: https://code.wireshark.org/review/10896
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
I give up. I don't know whether this all means our build mechanism is
too fragile, our code is to fragile, autotools are too fragile, the
compilers we're using are too fragile, Qt is too fragile, or C++ is too
fragile, but if the build breaks that easily, maybe we should just give
up on Leopard.
Change-Id: If700d928da95d09ed5173b976261e4ddd236d654
Reviewed-on: https://code.wireshark.org/review/10946
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When building for 10.5, if the version numbers of GTK+ and its support
libraries haven't been set, don't override the settings to get older
versions; that way, if you've changed macosx-setup.sh not to bother
installing GTK+, this won't force it to be installed.
Change-Id: Ia05f45fb6bd469b568a28a8769f3130a99180d7e
Reviewed-on: https://code.wireshark.org/review/10945
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Or, at least, 4.8.6. I guess they had to do an updated build or
something, as the actual dmg has "4.8.6-1", so handle that extra
versioning.
Clean up some white space while we're at it.
Change-Id: I62b99dd99e7e5cb84cca68bdc59b02e4bf65411f
Reviewed-on: https://code.wireshark.org/review/10943
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Try to figure out why CMake builds work on the 32-bit OS X buildbot but
autotools builds don't; either the compiler commands are different in
ways that break the autotools build, or the config.h files are different
in ways that break the autotools build, or magic pixies affect the
builds in different ways that only break the autotools build.
Change-Id: Id24bad04ff8ef755e4966e28fd445c2ab05c6913
Reviewed-on: https://code.wireshark.org/review/10931
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use lower case "x" or upper case "X" (Shift-X) to zoom in or out respectively only
the horizontal (X) axis. Use lower case "y" or upper case "Y" (Shift-Y) to zoom
in or out respectively only the vertical (Y) axis.
Change-Id: I2f4de3c81795c289a626cc917d46ec0b1d620f49
Reviewed-on: https://code.wireshark.org/review/10894
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
For the conversion of a 16-bit short address in 6lowpan to an IID, there
are several RFCs that produce different results. RFC 4944 section 6
specifies that the conversion uses the given PAN ID and the 16-bit short
address. RFC 6282, on the other hand, specifies thta the conversion only
uses the 16-bit short address and no longer uses the PAN ID.
The current version of the 6lowpan dissector supports only the newer RFC
6282, but there are protocols out there that assume that the address
conversion still abides to RFC 4944.
In order to support these protocols and following the discussion from
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8970
this patch introduces a boolean preference in the 6lowpan dissector that
indicates whether or not the older RFC 4944 should be used for address
conversion. By default, it is set to FALSE, thus leaving the behavior of
the dissector unchanged.
Besides the boolean preference, another helper function
lowpan_addr16_with_panid_to_ifcid has been written that implements the
expected behavior from RFC 4944 using the same hint mechanism already in
place in the dissector for the support of RFC 6282.
Change-Id: I8d202c69a225d7b1212080a174e0111e5203553c
Reviewed-on: https://code.wireshark.org/review/10902
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The 6lowpan standard specifies a reserved octet in the extended header
of an IP_PROTO_FRAGMENT packet in the same place used for the header
length for other extension headers.
The current version of the 6lowpan dissector displays the reserved octet
and the rest of the header (6 more bytes) together as data, as opposed to
displaying the reserved octet by itself and then the data (using the
data dissector).
This patch does not change the functionality of the dissector in any
way, only how the 7 bytes are displayed. Instead of displaying the
header information and then 7 bytes of data, it displays the reserved
octet and then the data. This is also consistent with the way the ipv6
dissector displays it (showing the reserved octet and its value).
For this purpose, there is a new hf (hf_6lowpan_nhc_ext_reserved) and
the corresponding proto_tree calls. Also, depending on the type of
extension header, the octets sent to the general data dissector are
shifted by one.
Change-Id: I4c7fb58a3364307e79517b979808f3e34a2e0b94
Reviewed-on: https://code.wireshark.org/review/10908
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Even if the result of the negative shift (in TIME_T_MIN) is not used
because the signedness check happens before, it still causes a
compile-time warning. Fix this by shifting on an unsigned value, then
truncate by casting it.
While at it, remove a "fix for broken SCO compiler", it might not apply
to us (fingers crossed).
Change-Id: Id9603149d8063e9eaaa65cf028323f10e60a6c42
Reviewed-on: https://code.wireshark.org/review/10862
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Dissectors developed as plugins in wireshark that create new address
types require the use of address_type_dissector_register. Without
WS_DLL_PUBLIC, the function is not found when loading the plugin and
wireshark refuses to initialize it.
This very simple patch fixes this problem.
Change-Id: I8594a7be525830dd4ab9e1b3ea633aac0a07938a
Reviewed-on: https://code.wireshark.org/review/10899
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
AC_PROG_CC_STDC should be setting whatever flags are needed for ISO C
plus extensions, including requesting C99 if available. Don't set -Ae
ourselves for HP C.
Change-Id: Icd4dfc0c2078586d5773075ee25c40bfc787a482
Reviewed-on: https://code.wireshark.org/review/10910
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do not leak the key and SSID. Note that there are still some leaks in
the GTK UI related to get_wireshark_keys(), but I did not track them
down.
Caught by LeakSanitizer.
Change-Id: I639166e6ea457605d6ae0ebd58e56d7594a7b7db
Reviewed-on: https://code.wireshark.org/review/10860
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I25d84c725559f5f077dcc03fb425a89d87e90f55
Reviewed-on: https://code.wireshark.org/review/10897
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The *third* argument is the value to use if we don't find the program;
we shouldn't fall back on "python3" if we can't find "python", we should
try both "python" and "python3" and just set $PYTHON to nothing if we
don't find either one.
Change-Id: I5168455f09bc3165c49db4334f05856dec46bf62
Reviewed-on: https://code.wireshark.org/review/10890
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename the "Play Call" button to "Play Streams". Move the button
creation code to a common routine. Use it to add a "Play Streams" button
to the RTP Stream Analysis, similar to the GTK+ UI.
Don't restrict RTP to IPv[46] as suggested by Michal. I don't have any
RTP-over-Bluetooth captures so I can't test this directly.
Change-Id: I4703cac1d5bf5b3ff0255d36da2c5164feb0547d
Reviewed-on: https://code.wireshark.org/review/10888
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I8cfd1c223c70c7e03728af8b2f7cbf9354d7ad86
Ping-Bug: 3949
Reviewed-on: https://code.wireshark.org/review/10865
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Looks like Petri-Dish does not generate it
Change-Id: I90823d82ac9d223d840ab20331a856550dffdc87
Reviewed-on: https://code.wireshark.org/review/10872
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: Iebf0fc5d3e86fba9a2ea4da5784256d820598e39
Reviewed-on: https://code.wireshark.org/review/10744
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I25bae2899f19982ee52c5ffb933a1459897b933b
Reviewed-on: https://code.wireshark.org/review/10864
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We're using some C99 features, such as variadic macros, so if there's a
compiler flag needed for C99 features, make sure it's supplied. If the
compiler doesn't support standard C, complain.
Change-Id: I6fb18f5222567249370b3d43065f2258dbde7e4d
Reviewed-on: https://code.wireshark.org/review/10866
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Would leak some bytes after startup.
Caught by LeakSanitizer.
Change-Id: I4644f204343ce5a803a7dfdedac6a1960882807f
Reviewed-on: https://code.wireshark.org/review/10859
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The p_(add|get)_proto_data() functions are used to store data related
to an AMQP frame. The stored information gets overwritten if there are
multiple small AMQP frames in one TCP/IP packet.
As suggested by Pascal and https://code.wireshark.org/review/#/c/10579/,
we should use tvb_raw_offset as key for p_(add|get)_proto_data().
Change-Id: I860df8af51a6fbbef495985747313ae96402cc5c
Reviewed-on: https://code.wireshark.org/review/10836
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
* draft-ietf-dnsop-delegation-trust-maintainance-14 => RFC 7344
Update also DNS-Based Authentication of Named Entities (DANE) Parameters (
2014-04-23) (no change)
Change-Id: I7aa7dddf8c26d2ea2ccb4a0533d835ce119737bd
Reviewed-on: https://code.wireshark.org/review/10825
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Load RSA private keys based on their public key instead of relying on
the user to specify a valid address and port mapping. This is more
reliable and prepares for simplification of the SSL Keys dialog.
After this change, the "address" part of the UAT dialog will be ignored
when loading the private key. The port+protocol mapping is still
imported, but should probably be removed too.
Change-Id: I4d7a2bfcf63d17e66e336ef770759f20510fc176
Reviewed-on: https://code.wireshark.org/review/10766
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The certificate and GnuTLS private key are never used except for
reporting in the log file. Remove the unused certificate-related code
from the PKCS#12 file parsing. Report an immediate error instead of
opening key file if GnuTLS is disabled.
Made ssl_load_key and ssl_load_pkcs12 static, they are not used outside
the SSL dissector. If for some reason the PKCS#12 bag contains multiple
private keys, then the previous one would be overwritten (leaking
memory). Fix this by returning the first private key found.
Simplify key_hash (dtls_key_hash/ssl_key_hash) memory management, now
the table automatically frees keys/values when items are removed.
Fix memory leaks:
- ssldecrypt_uat_fld_password_chk_cb: release ssl_load_pkcs12 memory.
- ssl_load_key: avoid leaking gnutls_x509_privkey_t on error.
- ssl_load_pkcs12: fix ssl_pkey leak on error path.
Change-Id: I5db6fecb0d74e5c78796392aeb17e3eb7985a2ef
Reviewed-on: https://code.wireshark.org/review/10764
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With the adjustment to heur_dissector_add passing an enable/disable flag and "global" control of heuristic dissectors just like regular ones, this is no longer needed.
Change-Id: I2d433c7bff8353421eca31f8813992e38b716911
Reviewed-on: https://code.wireshark.org/review/10848
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From draft-ietf-idr-bgp-extended-messages
Update BGP Capability Codes to 2015-09-30
Change-Id: I2f3b44ad8ad7a9e5444cdfbfb22bf7d0538ffbfc
Reviewed-on: https://code.wireshark.org/review/10826
Reviewed-by: Michael Mann <mmann78@netscape.net>
On Windows we set a few (but not all) ZLIB_* variables, then depend on
FindZLIB to fill in the rest. Make sure FindZLIB doesn't unset everything
the first time we run CMake.
Bug: 11569
Change-Id: I199c83570c29343466b9ff63080b6a964dfd8d73
Reviewed-on: https://code.wireshark.org/review/10843
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
