* fix exporting "beginning of" frame logs into info field
* add missing "Failure" level to regexp in wiretap part
* remove usage of GDateTime from wiretap part
Change-Id: Ibdea730623241cccbbc1694a34daa308e48c0a89
Reviewed-on: https://code.wireshark.org/review/3493
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
It's only available from GLib 2.26 while we only require 2.16
Change-Id: I3c2e6748aa93b9af7158f5051433baff6a7c0324
Reviewed-on: https://code.wireshark.org/review/3480
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Per Android documentation, the PID and TID are int
Change-Id: I05326d134047315d61a873c33dd02a48d1849f8d
Reviewed-on: https://code.wireshark.org/review/3481
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I6f1710a093fc548c718defa9b40ab68877ede977
Reviewed-on: https://code.wireshark.org/review/3470
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That doesn't eliminate them, but at least it encapsulates them.
Change-Id: I78f0202cb7d2eb86e2dce220b2b97acc256d1e42
Reviewed-on: https://code.wireshark.org/review/3489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This eliminates some tvb_get_ptr calls from dissectors, as part of
trying to minimize if not eliminate its use in dissectors (it's a bit of
what's called an "attractive nuisance", in that users who don't
understand what it does - and doesn't! - do may use it in ways that are
unsafe, e.g. thinking you can use it to get a null-terminated string
from a packet).
It also eliminates the possibility of passing one length to
tvb_get_ptr() and another to crc32c_calculate().
Change-Id: I8a07168d0bc088b45d607e00c5bb1d98421ebc73
Reviewed-on: https://code.wireshark.org/review/3488
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Even when the protocol specifies that a string ends in a null-terminator, there
are packets which won't. Therefore:
**the result of tvb_get_ptr SHALL NOT be treated as a null-terminated string**
We need to post that in big neon lettering somewhere obvious.
Bug: 10353
Change-Id: Ie30cd13353a9830311e573e734dd89dc07622c98
Reviewed-on: https://code.wireshark.org/review/3485
Reviewed-by: Evan Huus <eapache@gmail.com>
APN field is not encoded as a dotted string so the first character is not a length
Bug: 10323
Change-Id: Ia62137c785d505e9d0f1536a333b421a85480741
Reviewed-on: https://code.wireshark.org/review/3461
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ief00f09225805c6c7488d92f8aa5b59c21575788
Reviewed-on: https://code.wireshark.org/review/3464
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
highlight its data part as well
Change-Id: Ia69ac6b1460245ffa44b6ad3b17f07948baf03d4
Reviewed-on: https://code.wireshark.org/review/3463
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
CapResp Packets may contain Device Capability Descriptors.
This patch allows wireshark to show what descriptors are present,
& checks that their length fields are valid.
See section 6.3.3 of the MA USB spec for more information.
Change-Id: Ia120435bdffcced091b67e66e0ba8f1a750358db
Reviewed-on: https://code.wireshark.org/review/3330
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Wireshark already supports reading and writing logcat
logs saved in binary files. Binary format, although
better, is used less often than saving those logs to
text files.
This patch extends wireshark's support for android logcat
logs to reading and writing logcat logs in text files.
Features:
* support for tag, brief, process, thread, time, threadtime
and long formats
* saving in original format
* it's generally awesome
Change-Id: I013d6ac2da876d9a2b39b740219eb398d03830f6
Reviewed-on: https://code.wireshark.org/review/1802
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Launch SSL dissector when MySQL switch to SSL
Ping-Bug:9515
Bug:10338
Change-Id: I96487d6d2131db3678f4a24095d702b6cd4ea5b2
Reviewed-on: https://code.wireshark.org/review/3411
Reviewed-by: Daniël van Eeden <wireshark@myname.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This fixes decoding of authetication data in MySQL 5.6+
It also decodes the charset.
Bug: 10351
Change-Id: Ic76961e94d2e3bf15bc72e279128a5251acfd749
Reviewed-on: https://code.wireshark.org/review/3441
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
take this setting into account when we try to detect the first packet of
a tftp transfer
Change-Id: Ia80f9b5f994b02ecaaa063308b1a87d00fe0dafe
Reviewed-on: https://code.wireshark.org/review/3450
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
when we set one, we clear the other
Change-Id: I7c316dc9cc7b2c93cfa1b00eb617553f55a58715
Reviewed-on: https://code.wireshark.org/review/3449
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I80f7e438cbb44c40ee28f1eb78a7779f43563732
Reviewed-on: https://code.wireshark.org/review/3448
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
don't add a generated tree item with the filename stored in the
conversation
Change-Id: Ia9a7fe712d0dd8241399e456509019b8e3902554
Reviewed-on: https://code.wireshark.org/review/3447
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
display the opcode first, followed by the file name
Change-Id: Ic5dd7409414d2f748c326c59a4b850dc2244da1f
Reviewed-on: https://code.wireshark.org/review/3446
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia91d51acd7dedd18ba5d0a73bc353b2d198474c7
Reviewed-on: https://code.wireshark.org/review/3445
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
packet-isakmp.c: In function 'dissect_isakmp':
packet-isakmp.c:1873:6: error: 'ivd' may be used uninitialized in this function [-Werror=maybe-uninitialized]
packet-isakmp.c:1747:14: note: 'ivd' was declared here
cc1: all warnings being treated as errors
(not sure why the compiler complains here)
Change-Id: I9b9589d3193b0dc37f2db8f6c4c6727b2a92eaaa
Reviewed-on: https://code.wireshark.org/review/3444
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
- remove unneeded initializers;
- replace tabs in files with editor mode line 'expandtabs';
- col_set_str() --> col_add_str() (in one case);
- tvb_length() -- > tvb_reported_length() (in one case);
- do some whitespace & indentation fixes/changes.
Change-Id: Ib8ffbbcdb6e4a74c0df6021a75430ae1ef9ae089
Reviewed-on: https://code.wireshark.org/review/3435
Reviewed-by: Bill Meier <wmeier@newsguy.com>
- Fix a few minor bugs;
- Remove unneeded #includes;
- Do some whitespace/long_lines formatting changes.
Change-Id: I97239fa20727498604682239cda0e1b87b10f4bc
Reviewed-on: https://code.wireshark.org/review/3434
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Other minor cleanup while in the area.
Change-Id: Id8d957d3d68a2e3dd5089f490bd59d773e1be967
Reviewed-on: https://code.wireshark.org/review/3427
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I.e., no, the epan/decode_as.c stuff belongs in libwireshark, not libui,
because dissectors need to be able to say "I support decode-as...".
Code to implement the UIs that allow decode-as entries to be specified
would belong in libui.
Change-Id: Ibf9da19e752481a3892d0f03d0a0537590ab1811
Reviewed-on: https://code.wireshark.org/review/3416
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is the first version of a Ceph dissector. It is not complete but
is far enough along to be helpful to many people working with Ceph.
Currently the dissector can fully dissect the Ceph protocol and has
support for full dissection of most common messages. For the other
messages for which full dissection is not available their metadata is
parsed and shown along with the raw data of the different message
sections.
Change-Id: Ic7917a3d01148c6fe2f9ea2c13ecd09ecc06c2d7
Reviewed-on: https://code.wireshark.org/review/1889
Reviewed-by: Bill Meier <wmeier@newsguy.com>
MySQL Response packets within an SSL stream are not correctly decoded.
When not using SSL:
- Decoding works
- Multiple MySQL protocol entries per frame
- Info==Response
With SSL:
- Decoding partly works
- One MySQL protocol entry per fram
- Info==Response Tabular
From me:
call dissect_mysql (with tcp_dissect_pdus..) and not dissect_mysql_pdu !
Bug: 10339
Change-Id: I253f6683105ed23b49a72865fea005e31e2594d8
Reviewed-on: https://code.wireshark.org/review/3412
Reviewed-by: Evan Huus <eapache@gmail.com>
Bug: 10282
Change-Id: Id3e53c53d024a74df0dfb5254e26d4594eb2e9a4
Reviewed-on: https://code.wireshark.org/review/3036
Reviewed-by: Michael Mann <mmann78@netscape.net>
The version of GCC on the OS X 32-bit buildbot isn't smart enough to
figure out that this can't happen (it's one of those "if (xxx) foo =
bar; ... if (xxx) use foo;" cases.)
Change-Id: I04fef2d602c913761ae7832c4f568aaaad398c87
Reviewed-on: https://code.wireshark.org/review/3390
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is what you get for forward-cherrypicking commits you made on master-1.12.
Change-Id: I8e51181d497dc63c614fe623439506cfe99c6fa3
Reviewed-on: https://code.wireshark.org/review/3385
Reviewed-by: Evan Huus <eapache@gmail.com>
make-taps.pl needs to know where to find the source files in order to build
the taps.
This makes the wslua test suite run in autofoo out-of-source-tree builds too.
To make it work with cmake builds requires putting all the epan/wslua/ output
(or at least init.lua) in epan/wslua/ instead of epan/.
Change-Id: I1b3c517f08d3c752ee03cb89482ee4951ceb5bf3
Reviewed-on: https://code.wireshark.org/review/3348
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>