The second parameter is the state, not the status as seen in C702 doc, page 159
Bug: 12764
Change-Id: I0a91a0e586c7663ace7c4c6b1044cafc1c0975ac
Reviewed-on: https://code.wireshark.org/review/17178
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Flags are not in network byte order, use given encoding instead.
Show both flags fields for GET and NEW requests since the netlink
dissector cannot yet determine whether a request is for GET, NEW or
something else. This has no effect for the sockdiag dissector but it
will influence the route and netfilter netlink subdissectors.
Change-Id: I472ff9e0498debbbceef657a14408c4e6a9df75b
Reviewed-on: https://code.wireshark.org/review/17118
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added support for decryption of IKEv2 packets encrypted with PAED or CTR
cipher mode.
Verification of integrity requires libgcrypt 1.6.0 or later. If it is
not the case, only decryption is performed
Can easily be extended to other ciphers supported by libgcrypt.
NOTE: There is long-term bug in handling UAT for IKEv2 - any change
resulting in change count of IKEv2 UAT entries causes crash when
matching key from UAT is found.
Crash does not occur when UAT is read from user prefs file.
I observed this bug also on stock 1.10.6 version from Ubuntu 14.04 LTS
I have no knowledge, how to fix it.
Change-Id: Ibdab979b5959eb561635cbcb446e17138baca87b
Reviewed-on: https://code.wireshark.org/review/17078
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes the user avoid to click twice in order to see the info.
Change-Id: Ib983c78634b1309f12ab29d673abc1195088f55c
Reviewed-on: https://code.wireshark.org/review/17146
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Unfortunately, only one libpcap code path puts the CAN ID in the
SocketCAN header in network byte order; the others leave it in host byte
order. Therefore, a new LINKTYPE_/DLT_ value was introduced, and
libpcap was changed to use that for the cases where the CAN ID is in
host byte order. Support them both.
This means we need to, when reading pcap and pcapng files, fix up the
CAN ID if the host that wrote the file has a different byte order from
ours (as libpcap also now does). This includes Linux "cooked" captures,
which can include CAN packets.
Change-Id: I75ff2d68d1fbdb42753ce85d18f04166f21736dd
Reviewed-on: https://code.wireshark.org/review/17155
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I71e6e2f569524642a24778ceef81c03fdc0f54c5
Reviewed-on: https://code.wireshark.org/review/17149
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The definition was found in the Linux kernel source code.
Change-Id: I41d1435497042bc5905efc7e1af3941b9e8808e2
Ping-Bug: 12759
Reviewed-on: https://code.wireshark.org/review/17148
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- The proto_tree_add_subtree call was previously using the length of the full tvb,
instead of len-2 like all other calls. This typo did not previously cause an issue,
but in newer versions of Wireshark it causes an assert.
- When I created the selfm dissector 4-5 years ago, I used packet-synphasor.c
as a template and there was an 'if (tree)' wrapper around several initial GUI calls
including col_*** info column clear/set functions. It looks like in recent years
this layout has been removed (for example, https://code.wireshark.org/review/#/c/6725/ ).
I'm not sure of the exact reasoning behind this, but in Wireshark 2.x (QT), there are
several conditions where in the SEL protocol dissector the info column will be
cleared and not repopulate - I can only assume because col_clear has been called
with no col_add's. Removal of this 'if' condition does correct the issue with no immediate ill effects..
Change-Id: I4c619cb320cd2152e1d4d1b76c809b1498dfda61
Reviewed-on: https://code.wireshark.org/review/17147
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Some debug tools don't use the standard 443
Change-Id: I5826de69afe343e4c112ecb78ffa1e26bd35b242
Reviewed-on: https://code.wireshark.org/review/17069
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I259f457868f4b8cde7e188d88d3d55f97070ee3b
Reviewed-on: https://code.wireshark.org/review/17145
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
it is only Offset not Offset Length
Issue reported by Lucas
Change-Id: I3129d62a0601b896fd0d44d5ce4d32864afdd96e
Reviewed-on: https://code.wireshark.org/review/17138
Reviewed-by: Anders Broman <a.broman58@gmail.com>
for used on another dissector...
Change-Id: I7c27517ee26ee9f9384e22a83e547550863093d8
Reviewed-on: https://code.wireshark.org/review/17133
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes CID 1317251 obsolete.
Change-Id: Id342b996268ac0734a52e93c02ae368960ee2294
Reviewed-on: https://code.wireshark.org/review/17027
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also update link to source code
Change-Id: I9afb72e477d11e3427cb43d574b2949bb8d777f9
Reviewed-on: https://code.wireshark.org/review/17091
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug:12601
Change-Id: I555ee8097ea81e1afa8f2f5b2aba8fce60742016
Reviewed-on: https://code.wireshark.org/review/17107
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I53691344f22f7313242f31e0abce9af5a5dbf8be
Reviewed-on: https://code.wireshark.org/review/17117
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Based on Linux 4.7 headers, this decodes many interesting fields like
the setname, IP address and more. Many attributes are not fully
dissected, but at least the attribute names are visible now.
Tested with netlink-ipset.pcap, posted on the SampleCaptures wiki.
Change-Id: Ibd430e9d0f177d5f21753ac1206541b4e50329f2
Reviewed-on: https://code.wireshark.org/review/17031
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Do as we do with other Bluetooth fields that, when multiplied by 1.25,
give time amounts in milliseconds.
Change-Id: I89c599e68f91c134b216c495dabdbf77db10def3
Reviewed-on: https://code.wireshark.org/review/17099
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rather han checking everywhere that the RLC and MAC info are present in pinfo,
allocate a temporary structure that will be dropped once packet dissection is
over.
Bug: 12751
Change-Id: I890430dd0c0b56d641777c15eedbf07fef082904
Reviewed-on: https://code.wireshark.org/review/17094
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
It is described in Personal Health Devices Transcoding White Paper v1.6
at Bluetooth.org. It is not detailed implementation, because
white paper is not specification for this, but it is really
"giant leap for mankind".
Change-Id: I476b242a67c7c0b24e450ad347216c708cc12879
Reviewed-on: https://code.wireshark.org/review/17079
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
gcp_analyze_msg() is called with a NULL tvb, remove h248_tvb and use tvb
instead.
Change-Id: I2cb4c3577817bbaa4ec50b2a5ef0ef296059e683
Reviewed-on: https://code.wireshark.org/review/17082
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also update link to source code
Change-Id: I6512920927de76226137eb7451cceceb37230aa5
Reviewed-on: https://code.wireshark.org/review/17070
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Added in support for Analog Group Change & Assignment codes (FC 2 and 35)
- Modified RTU Configuration function code to support multiple chassis responses
Change-Id: I64f14fa3c9b1bdfa3d815eb8756de80fb4c716b4
Reviewed-on: https://code.wireshark.org/review/17076
Reviewed-by: Anders Broman <a.broman58@gmail.com>