1. For each connected data message, display generated connection
information including:
a. Connection Path from the initial connection
b. API values
c. Forward Open packet number. (This already existed, but moving it to a
consistent place in the tree)
2. Display O->T or T->O in the Info column depending on the direction of data.
3. Remove cip.conn_path_class filter. This was originally added to show
which type of data is in a given packet. But, it's not really needed
anymore because we have the generated connection path in each connected
data packet now.
4. Ensure dummy structs used for Decode As menus are zeroed out.
5. memset -> zero initialization
pcaps from the following bug reports are good examples:
Bug: 14939
Bug: 6617
Bug: 14916
Bug: 14958
Change-Id: I63885a5ca41f95e04f855a1e1dcd9ab3684f7eec
Reviewed-on: https://code.wireshark.org/review/30808
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Both NFSv3 and NFSv4 ACCESS reply dissection will be
sensible when the ACCESS request is not available (because the packet
containing the request was either not capture or truncated).
Bug: 15343
Change-Id: I5bf7b9905e85b1c1eb30e2949b9b246b54f9ec68
Reviewed-on: https://code.wireshark.org/review/30965
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is intended to be a replacement for get_token_len (from strutil.h) when its used on a tvb. It should be a little safer and remove the need for a dissector to use tvb_get_ptr.
Change-Id: Ib2d4a79718b6fba4eb9acc0129b13be6c8199a43
Reviewed-on: https://code.wireshark.org/review/30892
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add message type named 'fast extension' to analyze unprocessed messages
Bug: 15345
Change-Id: I62fce2b753899cb4f2ba833a58388906c9f0d2d3
Reviewed-on: https://code.wireshark.org/review/30954
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is already permitted since C89 and popular compilers seem to
support it (including Clang 3.0 - 7.0, GCC 4.1.2 - 8.2 and MSVC 2015).
GCC used to be buggy: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53119
C89 6.5.7. Initialization: "only enough initializers from the list are
taken to account for the members of the subaggregate".
Change-Id: Ic59b9fe71e2d3ce60b4b7d1074f8d84af01a817a
Reviewed-on: https://code.wireshark.org/review/30968
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The CAT-TP specification says explicitly that the version bits must be
zero. Fail the heuristic check if they aren't.
I checked ETSI TS 102 127 V15.0.0 from
https://www.etsi.org/deliver/etsi_ts/102100_102199/102127/15.00.00_60/ts_102127v150000p.pdf
Bug: 15342
Change-Id: I05a886ccd5811f367abdb9faead4983d137c12c6
Reviewed-on: https://code.wireshark.org/review/30970
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Using the recent updates occasional 'trailing' byte warnings
occur if the key encodes a collection-ID, with these changes
we now get much better key decoding, without the warnings
with and without collections.
Change-Id: I9fc1e0d807c8054065a7346a09b0ce99d05f1e63
Reviewed-on: https://code.wireshark.org/review/30956
Reviewed-by: Dave Rigby <daver@couchbase.com>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previous decoding showed "Unknown TLV: <TLV value>". This was confusing, because people interpreted the value as the type of the unknown TLV.
Change-Id: Ia9259db547fca393c248f78ea7c758969b69548e
Reviewed-on: https://code.wireshark.org/review/30959
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
UATs are loaded at startup, no need to do it again. Call chain:
epan_load_settings -> read_prefs -> init_prefs -> uat_load_all.
Change-Id: I57caabafb16b0b46fcb6d1621dd6b503154c805c
Reviewed-on: https://code.wireshark.org/review/30958
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1) The default build configuration is to select PCAPNG as
output format, but it can be selected as PCAP. Some of the
command line tools have the option to select the output
format and default towards the build configuration.
This has to be reflected in their help output also.
2) Various documentation files are still stating that PCAP is
the default format of various tools. With the default build
configuration being PCAPNG these have to be adjusted as well.
(with lack of dynamic content the documentation can only refer
to the default build configuration format).
Change-Id: I51d19642a7ed8c99817971c1f25d20972095021e
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30951
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts commit 8992760c68.
Breaks the "make clean" target as it tries to remove the "help"
directory. Since this change, the macOS builds started failing tests as
well (init.lua and colorfilters seems not to be applied).
Change-Id: I3fce346e04875e667680a4ed9ba3beca8054a168
Reviewed-on: https://code.wireshark.org/review/30950
Reviewed-by: João Valverde <j@v6e.pt>
Saves a check and removes a GCC warning from CMakeError.log:
cc1: warning: command line option ‘-Wextra-semi’ is valid for C++/ObjC++ but not for C
Change-Id: I76d027e7b5703b06237ac70eb340c4a09322e09e
Fixes: v2.9.0rc0-958-g866ddb1b18 ("Add -Wextra-semi to (clang) C and C++ flags to make sure the buildbots will find this.")
Reviewed-on: https://code.wireshark.org/review/30948
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Get rid of the IMPORT_MAX_PACKET #define; just directly use
WTAP_MAX_PACKET_SIZE_STANDARD, to match what text2pcap.c does.
Update comments in text2pcap.c and ui/text_import.c to say the maximum
packet size is WTAP_MAX_PACKET_SIZE_STANDARD.
Change-Id: I34118f76426d1416fccf43b2a356ad8d200de19b
Ping-Bug: 15292
Reviewed-on: https://code.wireshark.org/review/30945
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1. Correctly print out the AP Tx Power level.
2. The A-Control UL MU Response field was renamed to the TR Response field.
3. Handle padding correctly in the A-Control field.
Change-Id: I33000aa28b9e00ab97ca30d53907685e302c49c2
Reviewed-on: https://code.wireshark.org/review/30918
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Import size is increased to 256kiB, but tooltip says 64kB.
Adjust text according to limit set bt code.
Change-Id: I586248fd25a96e4ffe0936babc90b4150c14f118
Ping-Bug: 15292
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30940
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Those IEs have specific dissect methods that expect offset to point to
the IE type, not to its value. Furthermore, those methods already add a
subtree, so no need to create it for them.
Related: https://osmocom.org/issues/3705
Change-Id: Ia63253b95678b799f59ed945d1381f4eb01be636
Reviewed-on: https://code.wireshark.org/review/30931
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification, PortState is renamed and dissected
as "LinkState.Link" and "LinkState.Port" which are both 8 bits.
Change-Id: I1eff258f48d6fd76286ae08a7d2d80793ea23f12
Reviewed-on: https://code.wireshark.org/review/30913
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With the introduction of the ip command (from iproute2) on modern
Linux systems it becomes common to see this tool available,
gradually replacing tools like netstat and ifconfig.
Change-Id: I1fb309e741c07c93271b61a35c4833d36bcc5cb8
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30924
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Always initialize our length in dissect_oer_length_determinant. Its
callers assume that this happens and doing so should fix some scan-build
warnings.
Change-Id: I67abc19417e6437b9302b880164140fb8a773204
Reviewed-on: https://code.wireshark.org/review/30935
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The snaplength as saved in the capture file is set to the original
PCAP file length of 65535. In reality the package size can grow to
256kiB. Make use of the correct constant when writing the PCAP file.
Bug: 15292
Change-Id: Ib7710e4151cdc712f3344c1436252f9b3bfb556c
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30923
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not allways good to pick up frames for related call legs when
filtering.
Make different hf:s for the two use cases.
Change-Id: I33c640636a76173f3a7952f4a740491ccfac276d
Reviewed-on: https://code.wireshark.org/review/30922
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
To stop accepting SIP messages on the
hart-ip port.
Change-Id: Ifc653f4a3defb823336914e8be6f20453aedb6fe
Reviewed-on: https://code.wireshark.org/review/30914
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename DATAFILE_DIR to be closer to CMake and avoid mixing
with the staging dir path variable of the same name.
Change-Id: I7b1e02152d8bde14cca210fbfae4acbdba7d78d7
Reviewed-on: https://code.wireshark.org/review/30916
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
According to MS-SFU 2.2.2 PA_S4U_X509_USER checksum section;
PA-S4U-X509-USER may be returned inside encrypted-pa-data, but
it contains just the checksum data so do not try to dissect it.
Quote:
The padata of type 130 in the encrypted-pa-data field contains
the checksum value in the S4U request concatenated with the
checksum value in the S4U reply.
Change-Id: Ia124f56914ef2fefd5b0a64fccd176911321f246
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-on: https://code.wireshark.org/review/30908
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for decoding a collection-ID from the
key-bytes.
Update DCP as collection_len is no longer in the
protocol and the system events have changed.
Change-Id: Ib910083d929a906729e2bba2b0f07ba23e093cf5
Reviewed-on: https://code.wireshark.org/review/30895
Reviewed-by: Dave Rigby <daver@couchbase.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added dissection of Support Type Object LB type.
Change-Id: I7e654faed4874a87865f1d94a372eb8f00dde412
Reviewed-on: https://code.wireshark.org/review/30903
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>