Change-Id: Ie070aa0f58cca156661ddd5689596e29ad56b128
Reviewed-on: https://code.wireshark.org/review/12412
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Set seconds type from recent values at startup.
Change-Id: I761f4e25f41cf9eae666196fe5cd69ef9f87556f
Reviewed-on: https://code.wireshark.org/review/12582
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Basic support of the option, no decryption support.
Change-Id: I2556954dcb8b0e79d0e2ac9f3101ae0c423bcd36
Ping-Bug: 11874
Reviewed-on: https://code.wireshark.org/review/12548
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This is done through a preference that defaults the range to 6000-6063, which corresponds to its IANA registered ports.
Bug: 11869
Change-Id: Ifafcf598417cd44545b0b4b9ac883cf1b63c9b23
Reviewed-on: https://code.wireshark.org/review/12572
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The GTK+ UI has a capture info dialog which shows a summary of captured
protocols, including IPX (!), NetBIOS (!!) and VINES (!!OMG!!). It's
been disabled by default since 2006 (g59aa9e40).
Remove the preference in the Qt UI capture pane. It's still available
via the advanced prefs. Add comments in various parts of the code noting
that the capture_info routines and structs are GTK+ only. Also note that
if we *do* want to add a Qt capture info dialog we'll probably want to
modernize the information we show.
Change-Id: I3c63f6f01b60f0767fb33602a7f0c3b537dbde51
Reviewed-on: https://code.wireshark.org/review/10991
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to https://msdn.microsoft.com/en-us/library/fe06s4ak.aspx
an invalid string will trigger invalid parameter handler
Also check the validity of each field before activating import button
Bug: 11873
Change-Id: I9fc1c6e061a02354690871410f0e2cf2e0dd86a7
Reviewed-on: https://code.wireshark.org/review/12537
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When changing columns in the preferences or when removing a column
from the packet list header menu we need to apply recent column
widths to preserve the remaining columns widths.
Change-Id: Ie5c074722424b5cee31af3b6953ab1b026ba7fa5
Reviewed-on: https://code.wireshark.org/review/12575
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
the byteswap function is now called pcap_byteswap_linux_usb_pseudoheader()
Change-Id: Iefceaccf4eabb96228bf8ea53fc5814f9a0ae502
Reviewed-on: https://code.wireshark.org/review/12574
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
The "-Wwrite-strings" flag produces nuisance warnings. These warnings are
not useful, they're impossible to fix in a sane way and therefore are being
handled with casts of static strings to (char *).
This just moves the warning to [-Wcast-qual] and a compiler pragma is
in turn required (and used) to squelch that warning.
Remove the Wwrite-strings warning. Let that responsibility fall on the
programmer (as is done by casting).
Change-Id: I5a44dfd9decd6d80797a521a3373593074962fb5
Reviewed-on: https://code.wireshark.org/review/12162
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia7c3e09d147d8e46acaf4476b82acdde88a400b9
Reviewed-on: https://code.wireshark.org/review/12567
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
and move ATQB dissection into a separate function
Change-Id: Iaa6b4aaaa70bb33ddd334ed4d5c39ffc15454e4c
Reviewed-on: https://code.wireshark.org/review/12566
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Bug: 11830
Change-Id: I010093f0ee6f876161de0aca24ea5037616d0039
Reviewed-on: https://code.wireshark.org/review/12555
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I463f93e515ebe12ed30b1f08cca7d29a7bd535ae
Reviewed-on: https://code.wireshark.org/review/12552
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
NSIS script modified to:
- check for KB 3033929 presence on Windows 7 / 2008R2 (as we sign drivers with a SHA2 certificate)
- do not delete the installation folder if not empty
Bug: 11766
Change-Id: I5c7b6378b0775bb75c1b9e58e503997176c12213
Reviewed-on: https://code.wireshark.org/review/12546
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The default prefix policy on modern versions of Windows prefers IPv6.
This in combination with the fact that our ping target (www.wireshark.org)
currently has both A and AAAA records might result in ICMPv6 traffic
instead of ICMPv4. Update the capture test suite accordingly.
Change-Id: I5c88f24fb9458526ffd44c5003f09247b6999ce7
Reviewed-on: https://code.wireshark.org/review/12553
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Those are obviously wrong.
Also, clean up some stuff left over from the GTK+ 1.x days; GTK+ 2.x
doesn't expose raw XLFD font names, it lets you specify a font by name
and size, and font_zoom() doesn't determine whether the font is
resizeable - it just constructs a new font name/size pair and leaves it
up to its callers to try to load the font, so "there's no such font as
Wingdings Gothic" and "you can't blow up Fraktur to 10 million points"
both show up as errors loading the font by name.
Bug: 8854
Change-Id: I6af142c75c9ebabd1a95308c203f8cb1f36dd82f
Reviewed-on: https://code.wireshark.org/review/12549
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fixes 90d9710145.
Change-Id: I334c8b1816e08163fc68970b19586734b8194087
Reviewed-on: https://code.wireshark.org/review/12532
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The check in tmp_fld_check_assert() does terminate with g_error
if given an empty string as name, so we have to check for this.
Change-Id: I084e3e715bd319484a52f60ef90c1a2aea30df1b
Reviewed-on: https://code.wireshark.org/review/12534
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
If the connection info is not available, ensure that enough connected data is available to meet the minimum explicit message size.
Change-Id: I6c8bf54dda4adbf23749d2a2c8c19f4ea2bc5222
Reviewed-on: https://code.wireshark.org/review/12520
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Valgrind report leaks of several allocations like these:
590 bytes in 50 blocks are possibly lost in loss record 29,818 of 31,670
at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xCB9C8A7: __vasprintf_chk (vasprintf_chk.c:82)
by 0xA3D8DCA: g_vasprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B846C: g_strdup_vprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B850B: g_strdup_printf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0x6F4B51: scan_local_interfaces (iface_lists.c:254)
by 0x6EF3D8: iface_mon_handler2 (iface_monitor.c:113)
by 0xBE56F1D: ??? (in /lib/libnl-3.so.200.3.0)
by 0xBA16F19: ??? (in /usr/lib/libnl-route-3.so.200.3.0)
by 0xBE54E5E: nl_cache_parse (in /lib/libnl-3.so.200.3.0)
by 0xBE585CA: nl_msg_parse (in /lib/libnl-3.so.200.3.0)
by 0x6EF372: iface_mon_handler (iface_monitor.c:123)
When the list of network interfaces is updated allocations done
for global_capture_opts.all_ifaces elements leak memory. Fixed by
introducing a helper function to be used for removing an interface_t
element from all_ifaces array. While at it also fixed misc leaks when
updating individual allocated records of all_ifaces elements.
Change-Id: I035e6936a44edeef2ebe4780931c14cde99e93a4
Reviewed-on: https://code.wireshark.org/review/12209
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Most of the deregister functions are used internally from Lua
while reloading plugins. Don't export them for others to use.
Change-Id: I919dbfa807f696c38d409ca7206104a0fba1ae65
Reviewed-on: https://code.wireshark.org/review/12508
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: Iaa297340708170e8efb2d73d0c164e0358507eb2
Reviewed-on: https://code.wireshark.org/review/12502
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also improve column info for unknown MH types.
Ping-Bug: 11728
Change-Id: I4e54ae56dbb76eaf9ea4f33eb0ff497a518dbd9a
Reviewed-on: https://code.wireshark.org/review/12513
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I1955a88025c26564e7dca4dfbb811cc7265632ea
Reviewed-on: https://code.wireshark.org/review/12518
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Regression introduced with v1.99.4rc0-112-gf0855e0 ("Remove
proto_tree_add_text from packet-ssl.c").
While SSL decryption is not needed on the second pass, the items still
have to be added.
Bug: 11851
Change-Id: Iccb43f2ccff19bbe6d998fb08600b226ac054825
Reviewed-on: https://code.wireshark.org/review/12510
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GTK+ had this very useful Ctrl+1 .. Ctrl+9 shortcuts for conversation
coloring rules. Add this functionality to Qt too.
Ctrl+0 is not ported though, this now means "Restore zoom" which is
quite logical. Also, Ctrl+= (shortcut in GTK+) somehow does not work in
Qt 5.5.1 (it is detected as Ctrl++ instead).
Change-Id: I5528c723ef6d4ea11298a135db8539a8d03d9aae
Reviewed-on: https://code.wireshark.org/review/12506
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Support reloading Lua plugins with expert infos.
Use the same delayed deregister logic as for fields.
Change-Id: I36efa0820050b3a7afed4de7a8b0fa16805e8dfa
Reviewed-on: https://code.wireshark.org/review/12498
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
packet-ncp2222.inc: The 'ncp_rec->func == 0x59' condition was already verified in line 7300.
packet-bgp: The 'nlri_len < 21' condition was already verified in line 3879
packet-rtp.c: The 'p_conv_data' condition was already verified in line 1460
Change-Id: I65299718b26454596e3f25665d413a17a99e4ce0
Reviewed-on: https://code.wireshark.org/review/12341
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The macros are no longer needed because the conversion is complete.
Change-Id: I42c4b937986d9707eff9225c444cbcab73f8e86a
Reviewed-on: https://code.wireshark.org/review/12517
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mostly plugins, but also LUA and generated skinny dissector.
Change-Id: Ifeb4205442f9a60875266b4e82841ff38b4fdb63
Reviewed-on: https://code.wireshark.org/review/12515
Reviewed-by: Michael Mann <mmann78@netscape.net>
RFC 3518 defines two protocols, one used to encapsulate bridged PDUs and
one used to configure the bridging process. Make them two
separately-registered protocols.
Change-Id: I393ea31ab7ef44cae2ef2b592ffde5d53ecb113f
Reviewed-on: https://code.wireshark.org/review/12509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This includes:
1. new_create_dissector_handle -> create_dissector_handle
2. new_register_dissector -> register_dissector
3. new_register_ber_oid_dissector -> register_ber_oid_dissector
4. new_register_ber_syntax_dissector -> register_ber_syntax_dissector
Also remove PDU_NEW, SYNTAX_NEW and REGISTER_NEW as there is no need for the distinction anymore.
Change-Id: I82c7de7c8ffeeab3259d1b55bb4afc5f6a1e0329
Reviewed-on: https://code.wireshark.org/review/12491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector shows the information related to the RTI TCP Control
messages used to manage the TCP connections, but also dissects the
RTPS data that is sent on top of RTI TCP. This only happens with
RTI's DDS implementation.
Bug: 11640
Change-Id: I89fcb620256aeed7cae5829b70d92c6868d94929
Reviewed-on: https://code.wireshark.org/review/11305
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte