That appears to be a name supplied both by MIT and Heimdal Kerberos.
Using it makes it a bit clearer what the code is doing, and might avoid
type clash warnings if it's the right type (e.g., if it's a member of an
enum, as it is in Heimdal, and the corresponding argument to
krb5_crypto_init() is of the same type, the types will match).
Change-Id: I81b79223f789b8d1ec47180b7636ac1d83e03681
Reviewed-on: https://code.wireshark.org/review/5898
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only in GLib 2.28 or later, but we don't require 2.28.
Instead, have col_custom_field_ids_free() do what g_slist_free_full() does -
and more.
Change-Id: I15768cfd2d26c847470b02ea6c51830dabcaa7ee
Reviewed-on: https://code.wireshark.org/review/5894
Reviewed-by: Guy Harris <guy@alum.mit.edu>
warnings (at least on NetBSD), presumably due to our use of
-Wc++-compat:
../../asn1/kerberos/packet-kerberos-template.c: In function
'read_keytab_file':
../../asn1/kerberos/packet-kerberos-template.c:497:10: warning: request
for implicit conversion from 'gpointer' to 'struct enc_key_t *' not
permitted in C++
../../asn1/kerberos/packet-kerberos-template.c:518:21: warning: request
for implicit conversion from 'gpointer' to 'char *' not permitted in C++
../../asn1/kerberos/packet-kerberos-template.c: In function
'decrypt_krb5_data':
../../asn1/kerberos/packet-kerberos-template.c:570:3: warning: enum
conversion when passing argument 3 of 'krb5_crypto_init' is invalid in
C++/usr/include/krb5/krb5-protos.h:1208:1: note: expected 'krb5_enctype'
but argument is of type 'int'
../../asn1/kerberos/packet-kerberos-template.c:581:13: warning: request
for implicit conversion from 'gpointer' to 'guint8 *' not permitted in
C++
../../asn1/kerberos/packet-kerberos-template.c:596:13: warning: request
for implicit conversion from 'gpointer' to 'char *' not permitted in C++
Change-Id: I17c10fc1df2685ec2e2c1b00cd3b81f62e09c829
Reviewed-on: https://code.wireshark.org/review/5886
Reviewed-by: Stephen Fisher <sfisher@sdf.org>
Also use proto_get_frame_protocols in main_menubar.c instead of doing it "manually".
Change-Id: Ie7a365c538700f2cebdd1e3d253f2fd9b189f5cf
Reviewed-on: https://code.wireshark.org/review/5851
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5868a40b71a989a3a1522cb091064bb0aaec6daf
Reviewed-on: https://code.wireshark.org/review/5828
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
You can now add column with Custom type with more than one field
by using OR "||" splitter.
Bug: 9695
Change-Id: Ia82a91e7a35b867647d36cb9626e3870f46c0d85
Reviewed-on: https://code.wireshark.org/review/5804
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Bluetooth dissector is used to add ability to filter all bluetooth
payload from capture files (there are many transport like:
hci_h4, hci_h1, hci_usb, hci_mon, btle). Also it is used to placeholder for
all data tree used to store additional informations like bd_addrs, names, etc.
Finally it is used to be one point for Bluetooth
Endpoints/Conversation filtering what is enabled now.
Also add Master/Slave Role and Connection Mode tracking.
Change-Id: I67048080fb8ee16fa0f4ec429c1257de81ddd737
Reviewed-on: https://code.wireshark.org/review/5771
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Generally where it is not connection then on LinkLayer protocol level
addresses for Source and Destination device are known.
Change-Id: Id67703edc08df73d4c7a2f66ee8f4d6810a867c9
Reviewed-on: https://code.wireshark.org/review/5776
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
This adds possibility to have two fields with the same abbrev name
but different type, for example FT_ETHER and FT_STRING.
That allows to compare each one to find a valid field.
Change-Id: I8b2a1708ac9648b7a4289777c72a0f3b18f3d8f8
Reviewed-on: https://code.wireshark.org/review/5702
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
For cases where record (meta)data is something that can't be written out
in a particular file format, return WTAP_ERR_UNWRITABLE_REC_DATA along
with an err_info string.
Report (and free) that err_info string in cases where
WTAP_ERR_UNWRITABLE_REC_DATA is returned.
Clean up some other error reporting cases, and flag with an XXX some
cases where we aren't reporting errors at all, while we're at it.
Change-Id: I91d02093af0d42c24ec4634c2c773b30f3d39ab3
Reviewed-on: https://code.wireshark.org/review/5823
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reworked zbee_mfr_code_names to be in monotonic order.
Fixed implicit shortening of time value with a cast.
Change-Id: I629948fbe32543fd2672bbc40af790333b970b10
Reviewed-on: https://code.wireshark.org/review/5808
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
- Improved handling of status bits
- Using bitfields where applicable
- Unified capitalization of hex values
- Using TFS instead of bits for status flags
- Added universe ID calculation from Address/Net/Port
- Added RDM PID decoding (values in packet-rdm.c)
- Added Poll/PollReply/Toc/Rdm support for Artnet3 (15bit universe)
- Updated manufacturer list from ESTA website
- Updated OEM codes from Art-Net SDK
Change-Id: I33edbfa754cb37391614f7cf4d6d4a9b11bcd52d
Reviewed-on: https://code.wireshark.org/review/5755
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
they were out of order for the extended value-string, I suspect honeywell1 and
honeywell2 had just been put in backwards
Change-Id: I4aacf27ba8aa20c137731f1ad652380cd5af5562
Reviewed-on: https://code.wireshark.org/review/5809
Reviewed-by: Evan Huus <eapache@gmail.com>
Removed attrID and cmdID ZCL cluster functions.
Bug in ZCL HVAC attribute registration.
Fixed bug in ZCL command ID field registration.
Update Manufacturer Codes and Profile Ids to ZigBee-053874r26 Oct 2014
Fixed broken fragmented ZigBee packet collection and reassembly
Use protocol fields for Thermostat schedule transitions.
Added support for Key Establishment Cluster (CBKE) at SE 1.2a
Updated Message cluster to SE 1.2a spec
Added attribute reporting status which is common to all SE 1.2a clusters
Added SE 1.2a tunnel cluster support
ZigBee Smart Energy (SE) decryption appears to have been broken for some time. For SE you do not know the Link Key until after successful completion of Key Establishment and then manually enter it into preferences. Entry in preferences was broken such that when the new Link Key was entered all existing link keys would be lost. This lead to the loss of the Network Key as well when the Transport Key message was re-processed without the Pre-Configured Link Key. The Link Key 'key ring' has been moved to the UAT post-update callback so that it will always be updated correctly after changes to the link keys in preferences
The attribute reporting status attribute which is common to all SE clusters was accidentally shared, now each cluster has it's own instance
ZigBee security added key display for decrypted packets
ZigBee Security Preferences fixed UAT type for Label so key label is editable again
Added definition for Retail Service profile
Added dissection for profile-wide (General Command Frame) commands when the profile is unknown
Added zbee-zcl-misc.c to precommit check whitelist as it contains ias and hvac clusters avoiding proliferation of too many small files
Change-Id: I53d85ba9d782db6a0e7e78c51b0bc7cdcdbca3ad
Reviewed-on: https://code.wireshark.org/review/5565
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That makes it clearer what the problem is, and that it should only be
returned by the dump code path, not by the read code path.
Change-Id: I22d407efe3ae9fba7aa25f08f050317549866442
Reviewed-on: https://code.wireshark.org/review/5798
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer what the problem is, and that it should only be
returned by the dump code path, not by the read code path.
Change-Id: Icc5c9cff43be6c073f0467607555fa7138c5d074
Reviewed-on: https://code.wireshark.org/review/5797
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It is too weak (just checking that the 2 first bytes of TCP segment are "HS") to be always activated
Change-Id: Iffda96046cc687004f403dd4d8e735375790b07b
Reviewed-on: https://code.wireshark.org/review/5789
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If you encounter a frame with an all-zeroes ethertype it's very likely
due to buggy hardware or software. Don't try to dissect it as MDS
Header traffic.
Change-Id: Ie08d6aba2dcb82e4e49d6dbe96a2a3639e3cafc4
Bug: 8256
Reviewed-on: https://code.wireshark.org/review/5788
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It was previously assumed that the remainder of a packet contains a
chunked-body response. This does not have be the case, and if the
assumption is violated, then the dissector would add multiple parts to a
single "De-chunked entity body".
This patch properly calculates the end of a chunked-body response,
taking the optional trailer-part into account and adjusting the size of
the chunked-body data as needed.
The CRLF in last-chunk that was previously dissected as "Chunk Boundary"
is the last CRLF that closes chunked-body, it is not part of last-chunk
(as it has no chunk-data to terminate).
A new header field is added for this trailer-part (RFC 7230 sec. 4.1).
Bug: 10707
Change-Id: Ifef1cc7dd0443edca4198eb1c27f58719f85fa9f
Reviewed-on: https://code.wireshark.org/review/5526
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
-> I don't see why they were uint8; ANSI E1.33 and ANSI E1.20 use uint16
Change-Id: Ia2c024b503d6a4b8c18020699bdc676a8459dcbd
Reviewed-on: https://code.wireshark.org/review/5783
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also update HTTP Header Compression (to draft-10)
No framing change on HTTP2 draft-16
Change-Id: I7f8ffd7ab37bc22fd6fbe156b0bf52543025e3a8
Reviewed-on: https://code.wireshark.org/review/5782
Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit implements a part of draft-ietf-isis-segment-routing-extensions:
- 3.2. SR-Algorithm Sub-TLV
Change-Id: Ibb419de234bf5a199f8067989b1321064fa93983
Ping-Bug: 10520
Reviewed-on: https://code.wireshark.org/review/5742
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 10761
Change-Id: I072cd3a68d852cb8dc57b9b9f807f792caba7259
Reviewed-on: https://code.wireshark.org/review/5750
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I0befc8846b9af43e1563adb369ba4d332775ef76
Reviewed-on: https://code.wireshark.org/review/5778
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I95f0ab387570c0c56e19990cb9b9063051bb792f
Reviewed-on: https://code.wireshark.org/review/5779
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Permit passing TRUE as the parameter during table registration to achieve that
effect.
Use it in RTP media type table.
Bug: 10708
Change-Id: I892fb1a421d349f0c05197dec90f14fc34ad6b97
Reviewed-on: https://code.wireshark.org/review/5695
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Generally where it is not connection then on LinkLayer protocol level
addresses for Source and Destination device are known.
Change-Id: I28da88381a26826ad4897b56da993909130683d3
Reviewed-on: https://code.wireshark.org/review/5768
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
SN = Sequence Number, so it is not bool.
Change-Id: I0691b17150bbbdd34a0e7cbe3cb90058c9183ff7
Reviewed-on: https://code.wireshark.org/review/5769
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
lot of change but it is majority reindent change (Using clang-format)
Change-Id: Idcd0fa79ca977e25d69eb80a89d3c61d228885e9
Reviewed-on: https://code.wireshark.org/review/5764
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use by MACSec
Change-Id: I27eee40ddc476435aecd57711c1b3597c2049901
Reviewed-on: https://code.wireshark.org/review/5751
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also do not display a 8bits data SMS as an expert error
Those 2 points led me to a wrong analysis yesterday
Change-Id: Ib319e2ef8f0e7297cd2e119b6d0d98638e6a3d61
Reviewed-on: https://code.wireshark.org/review/5763
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>