Fix decryption of the Initial Packet for Facebook mvfst, based on IETF
QUIC draft -22.
Bug: 16378
Change-Id: I023738f792a68fe020d780e0caee7c6046fe5ca8
Reviewed-on: https://code.wireshark.org/review/36089
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
GREASE (Generate Random Extensions And Sustain Extensibility) is no
longer a draft. Changed references from 'draft' to RFC 8701.
https://tools.ietf.org/html/rfc8701
Change-Id: I9c56098d0c18f1bee1a45ca8ef609b07ea3c0487
Reviewed-on: https://code.wireshark.org/review/36087
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
g46b3753d53 changed "ws_find_package(WINSPARKLE ..." to
"ws_find_package(WinSparkle ..." in CMakeLists.txt in order to
fix an issue with case-sensitive folders.
This exposed a different issue in FindWinSparkle.cmake, where we
were passing "WINSPARKLE" to find_package_handle_standard_args. When
successful this would set WINSPARKLE_FOUND, which would in turn *not*
match WinSparkle_FOUND in ws_find_package, which means that we wouldn't
enable automatic updates.
Pass "WinSparkle" to find_package_handle_standard_args instead. Using
a mixed-case package name results in setting both PackageName_FOUND and
PACKAGENAME_FOUND, which fixes our various checks.
Bug: 16381
Change-Id: I46ef98194dc060ad37d9a30bff4d9e905713759e
Reviewed-on: https://code.wireshark.org/review/36079
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Followup on commit 33bb4b0c22 adding back
the lower end spacer, moving the language selection to the bottom and
also adding tooltips with variable information.
Change-Id: I55c7e39d3a524bb17ccfad55a0e8bf844a500408
Reviewed-on: https://code.wireshark.org/review/36072
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts tpncp.dat changes in f307dcc1d4
in order to maintain compatibility with previous versions of the dissector.
Also update the real value of address family for IPv6, and reset
address family after using it.
Change-Id: I87acf85a84a5ad41fea4a5658181badccebefcb8
Reviewed-on: https://code.wireshark.org/review/36074
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Although we don't depend on any of Qt's SVG classes directly, we do use
SVG icons in Preferences → Appearance → Language and QIcon loads its SVG
engine dynamically. If it's not present Wireshark will still run, but
the user won't see any flag icons.
Require QtSVG in the Debian and RPM packaging. It's not that large (~
400k here on Ubuntu 18.04) and ensures that we have a uniform user
experience across platforms. In this particular case, if the user
experience happens to be "Wireshark's UI is in a language I don't
understand" the little flags can come in handy.
Change-Id: If3c2e8a6040967353dbc462ee475ef12514b25f9
Reviewed-on: https://code.wireshark.org/review/36037
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The actual sampling rate in plugins/codecs/G722/G722decode.c is reported
as 16000 while the RTP clock rate as included in the SDP message is 8000
for historical reasons. Add some text to help people understand where
this difference comes from.
Example dissection for this cosmetic change:
Session Description Protocol
...
Media Attribute (a): rtpmap:9 G722/8000
Media Attribute Fieldname: rtpmap
Media Format: 9
MIME Type: G722
Sample Rate: 8000 (RTP clock rate is 8kHz, actual sampling rate is 16kHz)
Media Attribute (a): rtpmap:101 telephone-event/8000
Media Attribute Fieldname: rtpmap
Media Format: 101
MIME Type: telephone-event
Sample Rate: 8000
Change-Id: I47ccb798719a23713f28ae36fff6716b6dfbb22b
Reviewed-on: https://code.wireshark.org/review/36073
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In case of multiple instances it can be helpful to have an extra identifier
in the window title. These facilities are present and working, yet the
identifiers are not easily modifiable (only through the Advanced preference
page). This changes exposes these setting in the normal Appearance
preference page.
Change-Id: Ib6d7b18d29932edaed7419b44e4edc2f99134cbf
Reviewed-on: https://code.wireshark.org/review/36068
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The packet time calculation used the time(NULL) call to get the time
in seconds and than divided by 1000 to get micro seconds. This results
in correct seconds but some random micro seconds values.
Now get the time in microseconds and divide by 1000000 to get the
seconds and use the remainder for the micro seconds part.
Change-Id: I31f90960e27b0089c20936f69c7dc30f1efd50d9
Signed-off-by: Erwin Rol <erwin@erwinrol.com>
Reviewed-on: https://code.wireshark.org/review/36067
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From Johannes Berg with changes by Richard Sharpe to make it easier for
people to add support for RADIOTAP Header TLVs in the future.
Change-Id: I66d69cbe16740abce1e75ca1e789a2034283306b
Reviewed-on: https://code.wireshark.org/review/36057
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This circumvents a buggy pkg version in 11.x.
Move env var to the proper place while here.
Change-Id: Ib527a92cf8b542c8478daddf082c696caa296d80
Reviewed-on: https://code.wireshark.org/review/36055
Reviewed-by: Dario Lombardo <lomato@gmail.com>
File names can be longer than 256 bytes and still be sane. Fixes
filenames being reported as "[unknown]".
Change-Id: I3425d3106cf6ef63e298c2e73a063a207a4d4aea
Reviewed-on: https://code.wireshark.org/review/36045
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MPSSE response data and chip specific command parameters are not
dissected yet.
Ping-Bug: 11743
Change-Id: If783ef4580d0f8862419a249191f24521e316271
Reviewed-on: https://code.wireshark.org/review/35961
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure we have enough data for a CRC.
Bug: 16368
Change-Id: I03a2532061a5cf5e28cb65c83dd4ab90654d1679
Reviewed-on: https://code.wireshark.org/review/36048
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The "The NPF driver isn't running. You may have trouble" warning dialog
is now redundant, so remove it along with the "privs.warn_if_no_npf"
recent setting.
Add a more general "sys.warn_if_no_capture" recent setting along with a
getter for SimpleDialog's "Don't show this message again." string. Use
them to add a "Don't show this..." link to the main welcome warning
label.
Change-Id: Idffb800761eebf04b75e4be3f6bf7727dd468949
Reviewed-on: https://code.wireshark.org/review/36042
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
In captures of LDAP Privacy (encrypted) data, the dissector
threw Malformed errors because had it attempted to decode
encrypted payloads. See attached example capture
"PRIVACY-payload-(encrypted-data).pcap" at
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16358
Bug: 16358
Change-Id: Ic6d74d464157b145896090316ba73af025af7312
Reviewed-on: https://code.wireshark.org/review/36038
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Previous code did not properly decode protocol (Object dictionnary is not always sent). All changes comply with CANopen DS301 freely available on the web.
Change-Id: Ibaae09af0f1a5300a323a9c94077d1fb7dadd560
Reviewed-on: https://code.wireshark.org/review/35558
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In osx-app.sh, $VERSION used to hold the minor version of the OS. We no
longer set it and it's probably safe to assume that we're building on
Lion or later, so remove it.
Change-Id: I8e85cd7c2fe2162019c7c436b7865be95d4a33e2
Reviewed-on: https://code.wireshark.org/review/36039
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Significantly increased readability of the code, speed of work
and reduced size of the consumed memory.
- The number of memory allocations has been reduced from N to a few
- Removed double (redundant) data copying
Change-Id: I05aed194932ed3305eefb6e2e0f847e57851c41c
Reviewed-on: https://code.wireshark.org/review/36026
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Use the "create_new" property convention similar to PacketList. Fix a
"QWidget::insertAction: Attempt to insert null action" warning in the
packet dialog while at it.
Change-Id: I29b3b113aba92634b1b9a3427e2313fca30633eb
Reviewed-on: https://code.wireshark.org/review/36023
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "create_new" property was never set which prevented a new row from
being created once the dialog is opened.
Change-Id: I19c793ebd219bb58cb34f4d67451660ace51aa32
Fixes: v3.1.1rc0-254-gf402b4cdaa72 ("Qt: PacketList call DecodeAsDialog directly")
Reviewed-on: https://code.wireshark.org/review/36020
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The code was not properly corrected and a confirm result would show
a malformed packet because two bytes were not accounted for.
Change-Id: Ibc2f14ec46b0d63401d8d3b3768b032ed9b12e56
Reviewed-on: https://code.wireshark.org/review/36028
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow the filter in the Resolved Address dialog to be cleared to disable
filtering without requiring the dialog to be reopened.
Change-Id: I8164d42ac763f8b7faf23821633e129feba69790
Fixes: v3.1.1rc0-244-g743f8598cd0b ("Qt: Rework Resolved Addresses dialog")
Reviewed-on: https://code.wireshark.org/review/36027
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix several issues in the Resolved Addresses dialog:
- Missing IP hosts because the list was populated with one
tab-separated item while the caller expected space-separated items.
- Fix duplicate entries due to the "values" list not being cleared.
- Remove IPv4/IPv6 Hash Tables since these are a superset of IPv4/IPv6
Hosts, except that the former also includes mappings without a known
name (e.g. 8.8.8.8 -> 8.8.8.8).
- Fold both IPv4 and IPv6 hosts into one as before. Users like me
usually look for any IP match, regardless of the address family.
- Minor optimizations: do not construct the label every time.
- Rename "Mac Address" [sic] to simply "Address", that covers both IP
addresses and MAC addresses.
Bug: 16366
Change-Id: I6253fc01da7b6429ce093e7db9fe58e235b7c137
Fixes: v3.1.1rc0-244-g743f8598cd0b ("Qt: Rework Resolved Addresses dialog")
Reviewed-on: https://code.wireshark.org/review/36022
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs