1. According to ESR05 there is no event called "Bluetooth Logo Testing".
2. According to ESR09 error code 0x23 is also "LL Procedure Collision"
3. Add some HCI status for event for HCI Summary
bthci_evt is now up-to-date with Bluetooth Core 4 + CSA4 + CSS6 and ERS09
- nothing to implementing...
Change-Id: Ief9e2de61be91942ab2211de6bc44a8f15d12426
Reviewed-on: https://code.wireshark.org/review/20355
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When selecting a display filter from the bookmark list this filter
should be applied, because that's the most common action for a user.
Holding down the the Alt key will only prepare the filter.
Change-Id: I567ee8a2a70a3de07fea33fa5763d9efba591de3
Reviewed-on: https://code.wireshark.org/review/20317
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Allow the enable/disable of an element
Change-Id: I9652e8d74b261ba259cebfba53e7bc7ef560d347
Reviewed-on: https://code.wireshark.org/review/20370
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Bug: 11228
Change-Id: Id8bcc51ff694ef9f2019bc7509e440021d049d22
Reviewed-on: https://code.wireshark.org/review/19735
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Event:
Authenticated Payload Timeout Expired
Commands:
Set Connectionless Slave Broadcast
Set Connectionless Slave Broadcast Receive
Set MWS Signaling
Read Synchronization Train Parameters
Write Synchronization Train Parameters
Read Secure Connections Host Support
Read Authenticated Payload Timeout
Read Local OOB Extended Data
Read Extended Page Timeout
Read Extended Inquiry Length
LE Read Suggested Default Data Length
LE Write Suggested Default Data Length
LE Read Resolving List Size
LE Read Peer Resolvable Address
LE Read Local Resolvable Address
LE Read Maximum Data Length
Change-Id: Id57693b284151b054b7e06237744629a6af98057
Reviewed-on: https://code.wireshark.org/review/20354
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use bitwise AND to check if a modifier bit is set.
Also changed from MetaModifier to AltModifier to match the comment
and the modifier key used in "Next/Previous Packet in History".
Change-Id: I89072a1dfdd14a2beb7344a672cbc18a3ace8924
Reviewed-on: https://code.wireshark.org/review/20359
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Since v2.1.0rc0-184-gb0b53fa593, $XDG_CONFIG_HOME/wireshark (instead of
$HOME/.wireshark) is used, clarify this in the WSUG and manuals.
Change-Id: I74a6f9b86bd8d54ee326ca83d7536e091d6da08a
Reviewed-on: https://code.wireshark.org/review/20364
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added functionality to verify SIP authorization lines. With this functionality
it's possible to find faulty passwords that were added to configuration by
automatic processes (eg having unescaped '&' characters in XML config
files) resulting in authorization failures that cannot be diagnosed
otherwise.
Other uses include bug hunting in SIP stacks.
Bug: 13444
Change-Id: I5abecd048480c8f5130a5112c531587c5993f12f
Reviewed-on: https://code.wireshark.org/review/20314
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't try to process timestamps that are more than 60 seconds apart.
Avoids the infinite loop in bug 13432.
Bug: 13432
Change-Id: I05aea4c733c94cbfe832f03ba826c74a41e6bb2f
Reviewed-on: https://code.wireshark.org/review/20366
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Strip some padding from the main welcome screen and lower the minimum
width to allow the window to be shrinked. Even when a capture file was
open, the minimum dimensions from the main welcome screen would apply.
The minimum dimensions on Arch Linux with Qt 5.8.0-5 and Plasma 5.9.2
(with the default Breeze theme) for a window have changes as follows:
- main screen/pcap loaded: 746x626 -> 702x590
- with search bar opened: 826x658 -> 826x622
(These numbers exclude 35x10 window decoration.)
Change-Id: Iccc43ee55803abb8105c0d9664368aab09e8cfcf
Reviewed-on: https://code.wireshark.org/review/20343
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Allow to add and remove single items from a selector list and also
fixing the selection of items in a selector list
Change-Id: I0c69ea97db6ca1a6932939f0df9049c6fb720f77
Reviewed-on: https://code.wireshark.org/review/20363
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Since v2.1.0rc0-184-gb0b53fa593, the config directory has changed.
Change-Id: Idbeb62f2393d1a4ec192da2d85e6bfb76782aeb8
Reviewed-on: https://code.wireshark.org/review/20365
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
TCLAS IE contains a set of parameters to identify incoming
frames with a TS.
During verification with various types of classifier types
Wireshark prints Error/Malformed message for type 2 (IEEE802.1Q)
IEEE802.11e defines that for classifier type 2 frame length is
5 not 6.
Change-Id: Icf61f7fb65e5b119aedbb664b4adaee1f1e9fde8
Signed-off-by: Marcin Rokicki <marcin.rokicki@gmail.com>
Reviewed-on: https://code.wireshark.org/review/20361
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
as needlessly highlighted expert info but as normal text in the protocol tree.
Change-Id: I41028b00c6c5cdb85e399c959df721d768f674e1
Reviewed-on: https://code.wireshark.org/review/20360
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add missing unit [ms] for "Command-Response Delta"
Change-Id: I7ba31fc6bf3baae161608432ea5fcd1015414604
Reviewed-on: https://code.wireshark.org/review/20356
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to move back and forth in the packet selection history
similar to GTK+. Update the documentation accordingly.
Change-Id: If1fdc1e59b240c0588c292dc0f7f0a5f083c30e1
Reviewed-on: https://code.wireshark.org/review/20320
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Even if a packet has only one or two lines for the byte view, Qt
autoresizing insists to require a minimum of 5.5 lines (or 7.5 lines for
packets without multiple data sources). Remove this artificial
requirement and allow the packet bytes view to be resized to show
nothing (except for possible data sources tabs).
This makes it easier to fit more packets and details for screenshots.
Change-Id: I3ea997b9effa8292b396dc2ceb2ab1c35cead410
Reviewed-on: https://code.wireshark.org/review/20342
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It warns that a 32-bit value is being shifted left and then converted to
a 64-bit type; presumably it means "this might overflow and not give you
the result you expect". That's unlikely to be the case here, as few
UN*X file systems have a recommended I/O block size > 2^30, but we might
as well throw in a cast so the convert-to-a-64-bit-type is done first.
Change-Id: Id6ab11d750d5cf4cc03d060d63edc01b66cd179d
Reviewed-on: https://code.wireshark.org/review/20352
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I7214adc58362902790c006e1e22f77104be5df2e
Reviewed-on: https://code.wireshark.org/review/20341
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We're now comparing an unsigned with an expression made mostly of
unsigned, so there's no need to cast the expression to long to squelch
signed vs. unsigned warnings.
Change-Id: I3b8c6f6faf26a9c252eb55d9e69fb298a3ad4c3b
Reviewed-on: https://code.wireshark.org/review/20347
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The record size fields are guint8, but NSPR_V20RECORDSIZE_2BYTES was
0x80, which has type int, promoting the result to int. Make it 0x80U,
which means everything is unsigned.
This squelches a compiler warning.
Change-Id: I1c63e485352a90c7f675ab0dacaaeba794235b35
Reviewed-on: https://code.wireshark.org/review/20344
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet-snort.c: In function snort_dissector:
packet-snort.c:882: error: converted_content_length may be used
uninitialized in this function
packet-snort.c:882: note: converted_content_length was declared here
packet-snort.c:880: error: content_offset may be used uninitialized in
this function
packet-snort.c:880: note: content_offset was declared here
Change-Id: I8fb990492f31fc4ce942244005f547f3b3c9bba3
Reviewed-on: https://code.wireshark.org/review/20335
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do the check early in the process of processing the record, and do it
for all record types.
Bug: 13429
Change-Id: Id7f4d12415c6740241850d8f873cff52909e7110
Reviewed-on: https://code.wireshark.org/review/20330
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Records in a properly formatted NetScaler file shouldn't go past the end
of a page, but nothing guarantees that a NetScaler file will be properly
formatted.
NetScaler 3.x files allow record bodies to go past the end of a page,
but 1.x and 2.x files don't, so treat record headers that go past the
end of a page, and record bodies in 1.x and 2.x files that go past the
end of a page, as errors.
Clean up some stuff while we're at it.
Bug: 13430
Change-Id: I3b1d56086e3bb14b246406f306e3d730df337561
Reviewed-on: https://code.wireshark.org/review/20326
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ia88d00593163b1c1e9a0e120aeff5e36f0135474
Reviewed-on: https://code.wireshark.org/review/20319
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
To ease development of callbacks and new parameters,
move all parameters for the callback methods to a
struct
Change-Id: I160277acf4d0473897172124f7c7aa744718da9c
Reviewed-on: https://code.wireshark.org/review/20316
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Since commit fdb5257f7c the ATTR_W_VENDOR
symbol was never matched, so remove it.
Change-Id: I5a56f48ce1995c23f9eca518308d3543a15ad049
Reviewed-on: https://code.wireshark.org/review/20313
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The same data is referenced by the ID-to-name and name-to-ID mapping, so
be make sure that the ID mapping is responsible (as the name mapping is
just used for duplicate detection and while parsing dictionary files).
Still to be done is fixing duplicate attribute numbers (by adding
support for OIDs and changing TLV attribute type IDs to OIDs) and fixing
duplicate attribute names (by prefixing the Vendor Names to them).
Also not handled is fixing Value memleaks.
Reproducers of the crash under ASAN:
tshark -G fields >/dev/null
tshark -r radius-ms-mppe-etrl-bug.cap (from bug 796)
Change-Id: Ifa4055901072bc830e19fe06937af67ce524a3be
Fixes: v2.3.0rc0-2536-gd4cf57100c ("Free radius dissector memory on shutdown")
Reviewed-on: https://code.wireshark.org/review/20307
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The value_string was taken from the GArray and added to
radius_attr_info_t, but these were not properly freed.
Change-Id: I8de2b84760887c41229a57881ff46cedcef1d22f
Reviewed-on: https://code.wireshark.org/review/20311
Reviewed-by: Michael Mann <mmann78@netscape.net>
The VENDOR line did not have a proper ID, so scanning the full line
failed and the "yyextra->vendor_name" was not freed. Import the current
version from FreeRadius to fix this problem.
(Since the attributes are now grouped by the vendor, the conflict
comment no longer applies.)
Change-Id: Id6020c0a5f34c624aedbb0acebe70dc643402e41
Reviewed-on: https://code.wireshark.org/review/20312
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make also text2pcap_lex_destroy() public to be called from main.
Change-Id: I360c3dd3991d027afe6e4542ea5f9680e92f92cf
Reviewed-on: https://code.wireshark.org/review/20226
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Fix some warnings when building with -Wshorten-64-to-32 flag for
C++ code.
Fixes for warnings from QList, QTimer and QVector has been pushed
upstream, so some time we may be able to enable this flag for C++.
Change-Id: Iae7457f9afc469c63f3edbe23dbf272b5c6c9e5e
Reviewed-on: https://code.wireshark.org/review/20310
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
For some unknown reason between 802.11 protocol fields end and LLC
protocol field start two octets of padding may appear. These octets
(value 0x00) were observed on the OLPC laptop, heuristically detected
and marked as OLPC mysterious stuff.
It seems that Atheros chipset drivers also show this behaviour,
although the padding is not 0x0000, but seem to be a duplicate of the
sequence control field. This is now also heuristically detected and
marked more generically as payload padding.
Bug: 13411
Change-Id: I1e817e07dc19be8b3917ff302ede3328ca6a4938
Reviewed-on: https://code.wireshark.org/review/20284
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Architecture of androiddump based on "blocking" sockets,
however for start-up it is better to use non-bloking connect()
to avoid long waiting time then fail.
Change-Id: I2bb8ea51e24db4dd1f5a6b97e1d2bc0156342d97
Reviewed-on: https://code.wireshark.org/review/20293
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Improved META_OPERATION_START (CreateSnapshot, ApplySnapshot)
Added VHDSET_QUERY_INFORMATION (SnapshotEntry)
Added DELETE_SNAPSHOT
Minor fixes:
RSVD Status field of RSVD header shown as NT_STATUS
Using more structural names for RSVDv2 hf_
Change-Id: I0199527a2de819796c7b34b663df73547f32d2fd
Ping-Bug: 11232
Reviewed-on: https://code.wireshark.org/review/20300
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't report expert-info warnings for lctr when it is actually color.
Change-Id: I689ec84dd8f1cafa1ec7e8740f9bc4091339929a
Reviewed-on: https://code.wireshark.org/review/20306
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I8c339e7484d410460d499dd2923641630b482ebe
Reviewed-on: https://code.wireshark.org/review/20303
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michal Labedzki