Commit Graph

84889 Commits

Author SHA1 Message Date
Gerald Combs a7be80b04a [Automatic update for 2022-08-07]
Update manuf, services enterprise numbers, translations, and other items.
2022-08-07 16:38:23 +00:00
DarienSpencer65 66b264559c UMTS FP: Fix flag in conversation_new calls 2022-08-07 07:09:12 +00:00
John Thacker 2347345eec prefs: More port prefs to auto prefs with ranges
Move the rest of the SCTP port preferences to auto prefs
with ranges. Ping #14319.
2022-08-06 18:51:07 -04:00
Uli Heilmeier f9cf0a0ae7 BGP: Check nhlen
Only call tvb_bytes_to_str() when nhlen > 0

Fixes: #18248
2022-08-06 20:42:15 +00:00
Jaap Keuter da5603a0d0 extcap: implement saving and restoring radio button setting 2022-08-06 20:19:04 +00:00
John Thacker 6fd212926a epan: Constify a few range functions 2022-08-06 08:26:40 -04:00
John Thacker 057436ff81 Prefs: Convert some SCTP port preferences to auto prefs
Convert SCTP port preferences in dissectors starting m-z.
Preferences that were already the name of the table can just
be removed from the dissector and they will migrate. Preferences
with a different name are added to deprecated_port_prefs in
epan/prefs.c (Since that function handles them there is no
need to mark them as obsolete.)

Also change a few TCP and UDP single ports reigstered with
preferences and callbacks that used the sample dissector as
a template.

Uses more auto preferences, makes more port preferences ranges,
and reduces the number of preference callbacks. Ping #14319
2022-08-06 00:17:14 -04:00
John Thacker 9cfd989abf prefs: A few more range conversions
A few more protocols that have callbacks to retrieve auto preferences
for request/response determination.  Convert them to getting ranges,
since all these are ranges now. Ping #14319
2022-08-05 22:23:43 -04:00
John Thacker 41791cad7b ipsec: Fix ESP NULL pad check
Correctly break out of the loop
2022-08-05 21:27:23 -04:00
Hadar Shoham b87e7aea49 Add support for DOCSIS TLV 5.76 'Low Latency Support' 2022-08-05 12:56:57 +00:00
John Thacker e43c6b1aa2 quake2, quakeworld: Get ports as ranges
quake2 and quakeworld get the port list to use to determine
client/server. Get that as a range now. Ping #14319.
2022-08-05 08:04:43 -04:00
John Thacker 0aed38cf97 ipsec: Improve ESP NULL autodetection
Improve the ESP NULL autodetection, and get it closer to the
heuristics in RFC 5879:

Detect multiple ICV lengths - 12, 16, 24, and 32
Check padding length validity
Check padding values
Reject if the subdissector rejects the packet

Still does not attempt to properly detect ENCR_NULL_AUTH_AES_GMAC,
which has a nonzero IV.

Fix #13730.
2022-08-05 11:16:25 +00:00
Roland Knall d24d27ebc1 Qt: Fix interface auto slot
The signal attached "currentIndexChanged" takes only int as argument,
the correct signal is "currentTextChanged". This also fixes a crash
whenever you changed the visible/nonvisible setting for an interface
2022-08-05 08:56:22 +00:00
Gerald Combs 74e0b506be Windows: Don't define or check for WIN32.
_WIN32 is defined by the compiler, and is arguably a more reliable
test that WIN32. Switch to checking for _WIN32 in a couple of places in
the code.

Remove a WIN32 definition from config.h. It was added for the WinPcap
developer pack but we no longer use that.
2022-08-05 08:33:49 +00:00
Daniël van Eeden a0d03745a9 mysql: Handle unsigned fields in prepared stmt
The flag of unsigned fields is either 0x0 for signed integer fields or
0x80 (128) for unsigned integer fields.

The code expected 0x0 for signed and 0x1 for unsigned to match the right
dissector for the field, causing no match to be found.

Example client code:

```c

int main(int argc, char **argv) {
  MYSQL *con = mysql_init(NULL);
  if (mysql_real_connect(con, "127.0.0.1", "root", NULL, NULL, 4000, NULL, 0) ==
      NULL) {
    printf("%s\n", mysql_error(con));
    mysql_close(con);
    exit(1);
  }

  MYSQL_STMT *stmt = mysql_stmt_init(con);
  mysql_stmt_prepare(stmt, "DO ?", 4);

  MYSQL_BIND bind[1];
  int my_int = 1;
  bind[0].buffer_type = MYSQL_TYPE_TINY;
  bind[0].buffer = (void *)&my_int;
  bind[0].is_unsigned = 1;
  bind[0].is_null = 0;

  mysql_stmt_bind_param(stmt, bind);
  mysql_stmt_execute(stmt);
  mysql_stmt_close(stmt);
}
```
2022-08-05 08:07:20 +00:00
Chuck Craft 077547d033 dccp: allow port resolution in conversation table 2022-08-05 00:52:56 +00:00
John Thacker 5f05a705a6 ipsec: Don't include ICV in decrypted data with ESP NULL
ESP NULL can be used with a non NULL AUTH, when wishing to
provide authentication without encryption.

Part of #13730
2022-08-04 19:24:03 -04:00
John Thacker baf61478e4 rsync: Fix port pref
The port pref value is used in a callback, so convert that to
retrieving a range. Also, remove the old preference (it was
converted to use an auto preference some time ago but the
duplicate preference wasn't removed.)

Ping #14319
2022-08-04 08:14:14 -04:00
John Thacker 452b5e3e0f prefs: Remove prefs_register_decode_as_preference
All Decode As auto preferences are registered as ranges now,
so remove this internal function. Ping #14319.
2022-08-04 07:16:16 -04:00
Dylan Ulis 59909dfb5d CIP: Correct UTIME sub-seconds portion 2022-08-04 08:44:30 +00:00
Gerald Combs 0ca960c6d8 epan: Update our name resolution preference names.
Update the dns_pkt_addr_resolution, use_external_name_resolver, and
use_custom_dns_servers names to be more consistent. Make it more clear
that use_external_name_resolver uses you're system's DNS settings.
2022-08-04 06:00:34 +00:00
John Thacker 8604d03a98 prefs: Make all auto port preferences ranges
When a single port is added to a dissector along with an auto
preference, make it create a range preference (defaulting to
that single value.) This converts the rest of the auto port
preferences to ranges.

Ping #14319. Still to do are converting other non-auto port
preferences to auto preferences (e.g., sctp ports), and maybe
some minor cleanups.
2022-08-04 05:43:47 +00:00
David Perry 7238dad792 Always use `next_tvb` for X.25 payload 2022-08-04 03:23:18 +00:00
John Thacker 13bffe4630 prefs: Add default range to description of auto pref 2022-08-03 19:19:18 -04:00
Peter Dobransky fe12d2428c Add support for missing DPoE OAM leaf-branch attributes 2022-08-03 21:32:28 +00:00
Jaap Keuter 1c1d23e323 Asterix: update dissector after specification updates 2022-08-03 19:39:55 +02:00
Zoran Bošnjak 7547e7993c asterix: asterix-specs converter fix
Some new asterix editions contain nested 'Group' item inside 'Extended'.
In such case, a 'Group' item is processed like regular 'Element'.

Fixes #18238
2022-08-03 17:10:36 +00:00
Tomasz Moń bf26f538c6
wiretap: Do not silently limit capture length
Libpcap assumes that packet length is greater or equal to captured data
length. However, due to a bug in libpcap, it was possible for libpcap to
generate isochronous URB packets (WTAP_ENCAP_USB_LINUX_MMAPPED) with
captured data length greater than packet length. The discrepancy comes
from slightly different semantics in Linux kernel.

Linux kernel usbmon packet documentation mentions:
    unsigned int length;  /* 32: Length of data (submitted or actual) */
    unsigned int len_cap; /* 36: Delivered length */

Wireshark shows usbmon packet length as URB length (usb.urb_len) and
len_cap as Data length (usb.data_len). For usbmon isochronous IN packets
containing data (URB complete), usbmon length is "actual". Actual length
is the sum of payload packets length received from device. Delivered
length refers to the amount of data associated with usbmon packet, that
is the isochronous descriptors and actual isochronous data. There can be
multiple isochronous descriptors in single URB and the actual payload in
special cases can be noncontiguous (there can be gaps).

Libpcap when reading usbmon capture calculates packet length based on
usbmon packet structure size (64), "actual length" and number of
isochronous descriptors. This gives expected packet length as long as
there are no gaps between isochronous data. If there are gaps, the
calculated packet length will be smaller than delivered length.

Wireshark should show the frame length and captured length as provided
by the capture engine, even if the capture length is greater than frame
length. Silently limiting captured length essentially hides the issue
from the user and allows misbehaving capture engine to go unnoticed.

Passing unmodified Frame Length and Capture Length to dissectors (and
thus complete tvb) allows USB dissector to show all ISO Data fields
captured on Linux usbmon interface using bugged libpcap.

Fixes #18021
2022-08-03 18:50:53 +02:00
Chuck Craft 566ea8ceb4 ipx: ipxnet_hash_table clear after init causes ipx_crash
Closes #18234
2022-08-03 10:40:36 -05:00
Odysseus Yang 53b49b292d MBIM: Display CellularClass as bitmask instead of enum
Display CellularClass of MBIM_CID_DEVICE_CAPS and MBIM_CID_DEVICE_CAPS_V2
as bitmask instead of enum.
2022-08-03 09:38:13 +00:00
João Valverde 5a430097b0 About: Reformat and expand some text. 2022-08-03 09:10:07 +00:00
Martin Kaiser b61c47e1b5 zvt: dissect the receipt info object
Dissect the receipt info object that may appear in the tlv container of a
zvt message.

Define an ett value for receipt bitfields and use it for receipt info and
receipt param. We shouldn't be using the ett for the tlv tag.
2022-08-03 08:56:10 +00:00
Daniël van Eeden c72bf933b6 mysql: Fix dissection of AuthSwitchResponse
The state that was set by AuthSwitchRequest was overwritten before it
was checked, causing incorrect decoding of AuthSwitchResponse
2022-08-03 08:39:46 +00:00
Daniël van Eeden fd03a35c5f mysql: Fix handling of AuthSwitchRequest
The decoding of the new and old styles of this packet seem to have been
mixed up.
2022-08-03 08:25:41 +00:00
Daniël van Eeden cd2d79a220 mysql: Fix decoding of AuthSwitch on top of TLS
The code checks for state=LOGIN, but the state is set to RESPONSE_OK,
which is not correct in case of TLS as the packet following the non-TLS
LOGIN is another LOGIN, but on TLS. The first LOGIN is not really a
LOGIN, but more of a STARTTLS situation.

Closes https://gitlab.com/wireshark/wireshark/-/issues/10346
2022-08-03 08:09:28 +00:00
Guy Harris 20a013a8af Qt: fix speling. 2022-08-02 23:31:44 -07:00
John Thacker ab6f902216 prefs: Make add_for_decode_as_with_preference add ranges
Make add_for_decode_as_with_preference create a range preference,
instead of a single uint preference. Decode As allows multiple
ports to be set for a dissector, so a range preference is correct.
This prevents an odd situation where the quasi preference only
holds the last value set in the Decode As table, and changing it
only changes that one value, not all the other values. Moving
the preference to a range also means that the empty string clears
the result instead of doing nothing. (With uint preferences
inputing 0 is required to not dissect.)

This moves a lot of the automatic port preferences over to ranges.

Ping #14319. Fix #15554.
2022-08-03 00:00:24 +00:00
Guy Harris 71f32ef2a8 Make sure we don't create comment options longer than 65535 bytes.
Check in both editcap and Wireshark to make sure that comments have
fewer than 65536 bytes before accepting them.

This shoudl fix #18235, although there should also be checks in
libwiretap to catch cases where the user interface code doesn't do the
check (it should be done in the UI so that the user gets notified
appropriately).
2022-08-02 16:38:49 -07:00
John Thacker 4d9167908c GTP: Fix the version check in decode_qos_umts()
Releases 98 and 99 are older than version 8. Also fix the
extra length added for RADIUS so that it properly accounts
for the lack of allocation-retention priority in RADIUS.
Previously it was off by one, which caused errors in Release
98. Fix #10688 again.
2022-08-02 21:50:05 +00:00
Daniël van Eeden ebc20edea1 mysql: fix dissecting login packet with zstd compression flag set 2022-08-02 21:36:49 +00:00
Daniël van Eeden bacaa1b869 mysql: Add new protocol capability flags
See also https://dev.mysql.com/doc/dev/mysql-server/latest/group__group__cs__capabilities__flags.html

Adding:
- CLIENT_OPTIONAL_RESULTSET_METADATA
- CLIENT_ZSTD_COMPRESSION_ALGORITHM
2022-08-02 21:36:49 +00:00
David Perry e2ab139249 ISUP tap with proper message 2022-08-02 21:32:11 +00:00
John Thacker 66b26d7251 follow: Only retrieve matching conversations
The TCP and UDP follow conversation filter functions should
only retrieve a conversation and conversation data, not
create new conversations or new stream numbers. (That should
only happen during actual packet processing.) So they should
match on the endpoint type and not look up endpoints (since
TCP and UDP don't use the endpoint API.)

They still don't work with tunneling, or any other situation where
the addresses and ports have been changed (see #18231), but this
at least works when some other protocol _has_ used the endpoint
API, and also avoids creating nonsensical streams.

Making them work properly with tunneling either requires adding
packet info to each packet with the stream information, or using
the endpoint API (after finishing it to allow more than one endpoint
on the packet, and a way of searching for endpoints other than
the most recent.)
2022-08-02 20:54:36 +00:00
Martin Kaiser 210a891fb7 zvt: add some currency codes
Add the currency codes for CHF, GBP and USD to the list of currency codes.

ZVT is used mainly in german speaking countries. The currencies above plus
EUR should cover most use cases. If necessary, we can add more currency
codes from https://en.wikipedia.org/wiki/ISO_4217.
2022-08-02 21:27:51 +02:00
João Valverde 80f16015e2 epan: Refactor floating point display types
Remove the redundant BASE_FLOAT field display type. The name
BASE_FLOAT is meaningless and the value aliased to BASE_NONE.

Require BASE_NONE instead of BASE_FLOAT (corresponding to
the printf() %g format).

Add new float display types using BASE_DEC, BASE_HEX and BASE_EXP
corresponfing to %f, %a and %e respectively.

Add support for BASE_CUSTOM with floats.
2022-08-02 13:16:46 +00:00
João Valverde 269e4b7d10 Qt: Remove capitalization of preposition in title
Most style guides recommend against capitalizing preposition in titles
with less than 5 letters or so.

For example KDE: https://develop.kde.org/hig/style/writing/capitalization/
2022-08-02 13:48:43 +01:00
João Valverde 2c4557d7ad About: Tweak a sentence about the project
Uncapitalize Open Source Software. Prefer the well established umbrella
term "free and open source software". Add specifics about the license
version.

Most references use an hyphen with "open-source". Do that as well.
2022-08-02 00:26:24 +00:00
João Valverde a97e1ee581 About: Make clipboard info a close copy of dialog info
To maintain familiarity and keep to expectations do an exact copy.

The last sentence to check the man page is an exception because it
is an addenda and recognizing that this clipboard information will
be used mostly in bug reports, it might get annoying.
2022-08-02 00:26:24 +00:00
João Valverde b8ec3199ab Convert Acknowledgements to markdown and update GUI
Move Acknowledgements to a separate file to enable some code
simplification and improve maintenance and discoverability
for acknowlegements.

Convert the Acknowledgements file to Github flavored markdown
and display it in rich text using QTextBrowser.

Add Acknowledgements.md to NSIS installer
2022-08-02 00:09:29 +00:00
Dario Lombardo a0174e4f0b github: fix ubuntu workflow. 2022-08-01 21:36:07 +00:00