Have programs that use libwiretap call that routine rather than
separately calling some or all of init_open_routines(),
wtap_register_plugin_types(), and wtap_opttypes_initialize().
Also don't have routines internal to libwiretap call those. Yes, this
means doing some initialization work when it isn't necessary, but
scattering on-demand calls throughout the code is a great way to forget
to make those calls.
Change-Id: I5828e1c5591c9d94fbb3eb0a0e54591e8fc61710
Reviewed-on: https://code.wireshark.org/review/19069
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Show codec libraries in About dialog, this should give the user a clue
of what codecs are available.
SBC is already supported, Spandsp (for G.722/G.726) is work in progress.
Change-Id: Iebc4d9c9fae619a442e06c8afc780a420aa3971b
Reviewed-on: https://code.wireshark.org/review/18978
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Not all codecs require the plugin infrastructure. For example, G.711U/A
is a built-in codec. Allow such functionality to be registered even if
plugin support is disabled.
Change-Id: I2505cc9955e7953268ec0739531278921f70a771
Reviewed-on: https://code.wireshark.org/review/18977
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The tap reset callback should not just invoke the reset callback of the
dissector, but also clear the previous list of objects in the dialog.
Otherwise duplicate entries will be created every time retapping occurs
(e.g. on changing the display filter).
Bug: 12230
Change-Id: I75f25db0652dcc9c0ac59ab0e536c06874aedb9c
Reviewed-on: https://code.wireshark.org/review/19055
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
size_str points to a dash, so the result of calling ws_strtoi32 on it is
a negative number, which becomes a huge positive number, because size is
a guint32.
Parse the number after the dash instead, and use ws_strtou32.
Also, check that size is divisible by 8, since otherwise it's unlikely
to be a bit length.
Change-Id: I531f67d45e9e914574d36a9ffceed9239fd46d64
Reviewed-on: https://code.wireshark.org/review/19006
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is similar to what we have for opening a dump file - one API that
uses the file name as specified, one that creates a temporary file and
provides the file name, and one that uses the standard output.
All of those APIs handle closing the output file.
Change-Id: I56beea7be347402773460b9148ab31a8f8bc51e1
Reviewed-on: https://code.wireshark.org/review/19059
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove symbols from plugins; they're not part of libwireshark.
Put all the get_rtd_ symbols together.
Add some new symbols.
Change-Id: I724ca7fd19ad083b7e05526a30974c23fa321e0b
Reviewed-on: https://code.wireshark.org/review/19060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, we can close the resulting wtap_dumper the same way we close
any other wtap_dumper, including closing the FD, rather than trying to
do everything *except* closing the FD (which is tricky for a FILE *).
Change-Id: I8cb66e32784d73e598b2e8720a12f9bdab1c6205
Reviewed-on: https://code.wireshark.org/review/19054
Reviewed-by: Guy Harris <guy@alum.mit.edu>
After this, hf_ssh_kexdh_host_key is no longer used, so remove it.
Change-Id: Ie56a086481bbe087b7ba3b17aea394c05986f63d
Reviewed-on: https://code.wireshark.org/review/19052
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Install all optional dependencies as reported by cmake.
Tested on Centos7, openSUSE Leap 41.1, Fedora 24.
Fedora 24 is shipped with lua5.3, that is not compatible
with the current master, then it is not enabled.
Change-Id: Ie4de7ff2849d66371e94d5d7960aab8146337dea
Reviewed-on: https://code.wireshark.org/review/18968
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
1. Fixed find_conversation for PT_IBQP to not lookup in reverse
direction when all searches fail.
This is required, because there could be valid different connection in
reverse direction which mistakenly gets updated for non template cases.
2. Added support for having MAD data for upper level dissectors to process
during RC packet processing.
This is required because connection options are negotiated out of band
using this CM exchanges (unlike in band TCP options).
3. Moved creating unidirectional connections when actually MAD packets
are processed.
Previously client-to-server unidirectional conversation was created when
CM_RSP stage, where MAD Data of CM_REQ packet is inaccessible.
4. Fixed creating multiple conversations with same address property by
eliminating create_conv_and_add_proto_data during RTU stage, which was
incorrect.
Now they are created during REQ and RSP frame processing. (Instead of
RSP and RTU processing).
5. Added support for creating bidirectional connection that ULP can
refer.
This is required to keep track of oustanding transactions on a
connection (requests and responses).
Bug: 11363
Change-Id: I32ea084a581a58efbc16dbb7a3e267c82622c50c
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/18982
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a new tshark feature to generate a folders report. The folders report
is essentially the information presented by Wireshark's About / Folders page
in a TAB delimited format.
Change-Id: Ic4b3d332b4bdaa7e6b7aad1e9cc5dd18413aada6
Reviewed-on: https://code.wireshark.org/review/19002
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Maybe this way we can identify which *particular* test is, according to
Valgrind, looking at uninitialized data; there's nothing obvious that
shows up from inspecting the code, and neither of our static analyzers
seem to have found anything.
Change-Id: I80f6bb8e6fa92decfe195c01766330b97e980821
Reviewed-on: https://code.wireshark.org/review/19049
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The current mechanism of detecting RPC-over-RDMA is broken because
it treats the Read list as a counted array (it's a list); and treats
the Write list and Reply chunk identically (one is a list, one is
always a single chunk).
While we're here, refactor pre-detection helper functions so they
can be used during frame dissection as well.
Bug: 13196
Change-Id: I76e210c8d2a9464fed00e7199072d37f4ebbebf2
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19025
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since the use of 'Decode as' can result in another port number than the
default port (7) being the service port, this should be checked against.
Change-Id: I93383613115595fff621e2fb9ab7959cd448c01e
Reviewed-on: https://code.wireshark.org/review/18991
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Display length fields in decimal, just as they are displayed by the
RDMA RETH dissector.
Display version fields in decimal, just as they are displayed by the
RPC dissector.
RDMA offset fields are left in hexadecimal since they are
essentially addresses, and at least the Linux RPC-over-RDMA
implementation has debugging messages that display these as
hexadecimal values.
Change-Id: I7206970675ca0ca486b3a2837b6dbb1c4d764091
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19028
Reviewed-by: Michael Mann <mmann78@netscape.net>
On an RDMA transport, RPC protocol never appears in a frame by
itself. If RPC-over-RDMA is not present, then RPC is by definition
not present as an InfiniBand data payload.
Bug: 13195
Change-Id: Icaea9d4936477af32adc73140c67539e977a7a9a
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-on: https://code.wireshark.org/review/19024
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, if we #define anything for large file support, that's done
before we include any system header files that either depend on that
definition or that define it themselves if it's not already defined.
Change-Id: I9b07344151103be337899dead44d6960715d6813
Reviewed-on: https://code.wireshark.org/review/19035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also adjust the smb2_info_t structure that handles the value.
Bug: 12915
Change-Id: Ia314b8dc840b9d26d2c1d185f06ef93f242a3a7b
Reviewed-on: https://code.wireshark.org/review/19019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A new "--export-object <protocol>,<destdir>" option is added to tshark.
This required refactoring Export Object behavior in all GUIs to give the
export object handling to the dissector, rather than the ui layer.
Included in the refactoring was fixing some serious memory leaks in Qt
Export Object dialog, crash due to memory scope issues in GTK Export
Object dialog, and addition sorting column feature in Qt dialog (set
up by creating a widget to manage the items that were previously
leaking memory)
Bug: 9319
Ping-Bug: 13174
Change-Id: I515d7662fa1f150f672b1476716f347ec27deb9b
Reviewed-on: https://code.wireshark.org/review/18927
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Apply the same value checks to the vendor generic suboption dissection
as is done for the Cable lab and ADSL forum ones.
See https://ask.wireshark.org/questions/57695 for an example issue.
Change-Id: I4fe07d07cf0a93f4693e5ff54dd70c008701cf41
Reviewed-on: https://code.wireshark.org/review/18999
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The required executable is rpmbuild and not rpm.
Change-Id: Iba1bff9c7fb6907659451a977ad8ab98efb169da
Reviewed-on: https://code.wireshark.org/review/19015
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Otherwise, _FILE_OFFSET_BITS might be defined by a header file included
by inet_addr.h before it gets defined by config.h.
Change-Id: I5987b3f1493b81fd2d427d9792b9606117b255d0
Reviewed-on: https://code.wireshark.org/review/19018
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There is *NO* guarantee that sed will do anything useful with input that
doesn't have a newline and, in fact, the default sed in Solaris 11
doesn't produce *any* output if you hand it input with no newline.
Furthermore, doing xxx=`yyy` will, if the output of yyy has newlines at
the end, strip them; to quote section 2.6.3 "Command Substitution" of
the Single UNIX Specification:
The shell shall expand the command substitution by executing
command in a subshell environment (see Shell Execution
Environment) and replacing the command substitution (the text of
command plus the enclosing "$()" or backquotes) with the
standard output of the command, removing sequences of one or
more <newline> characters at the end of the substitution.
so there's no need to strip the newline.
Change-Id: Ia710f67a42739c1e218eb9fec53a54bde6e010da
Reviewed-on: https://code.wireshark.org/review/19016
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
QStyledItemDelegate::paint asserts if you pass it an empty QModelIndex.
We were doing this in PercentBarDelegate and TimelineDelegate in order to
keep it from drawing any text. Return an empty string from ::displayText
instead, which appears to be the correct way to paint without text.
Bug: 13180
Change-Id: I8064d9575e04e95a926797eec7f6ad2b0bfef1c0
Reviewed-on: https://code.wireshark.org/review/19007
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, use elif in some chains of tests, to make it a bit clearer that
the cases in question are disjoint.
Change-Id: I6dc92d536450c7ac3db6ee118581a5ed0c3ce80c
Reviewed-on: https://code.wireshark.org/review/19009
Reviewed-by: Guy Harris <guy@alum.mit.edu>
RPM complains when the date isn't valid.
Change-Id: I859a9900ba87d52159071b06310d5873c092231a
Reviewed-on: https://code.wireshark.org/review/19003
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: Ib1e2b4e57832e94b94d34102c0079f820b18f350
Reviewed-on: https://code.wireshark.org/review/19000
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When registering preferences, make sure our titles and descriptions are
valid UTF-8. Make sure our titles are short and only contain printable
characters.
Fix problematic titles and descriptions.
Change-Id: I20d3f93438f2b3c30266f934297feb79897f2ee5
Reviewed-on: https://code.wireshark.org/review/18998
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For some time, the RTP Player has been crashing for me (Arch Linux, Qt
5.7.0) when the RTP Player is active (affects also Wireshark 2.0.5).
This call trace was observed:
+ RtpPlayerDialog::reject (closing dialog via Escape / Close button)
+ RtpAudioStream::stopPlaying
+ RtpAudioStream::outputStateChanged(QAudio::StoppedState)
+ QAudioOutput::deleteLater // problematic!
+ RtpPlayerDialog::~RtpPlayerDialog
+ RtpAudioStream::~RtpAudioStream
As the QAudioOutput instance is a child of RtpAudioStream, it is also
destroyed after that. QAudioOutput's destructor somehow invokes (via
libqtmedia_pulse.so) a main loop iteration which invokes the previously
scheduled deleteLater call.
As QAudioOutput was already being destructed, this results in a crash.
Workaround this by removing this child from RtpAudioStream (no cruelty
intended).
Change-Id: I88f2e929ac566534be5d2270e2e0b194685533eb
Reviewed-on: https://code.wireshark.org/review/18970
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make sure that simple_dialog displays plain text. Trim whitespace
and remove excessive newlines in order to improve message formatting.
Add a comment about simple_dialog's behavior in Qt and GTK+ and how it
might be improved.
Bug: 13178
Change-Id: Ic6ff3cecd5ef1d76ec095d7a409f38e602b41ce2
Reviewed-on: https://code.wireshark.org/review/18985
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
All TLS and DTLS RFCs (and SSLv3) limit the record length to 2^14, so
add expert info if this is exceeded. Spotted in the wild via
https://ask.wireshark.org/questions/57641/tls12-record-length-gt-16k-valid
Tested with a synthetic pcap having length 2^14+1 using Python:
from scapy.all import IP, TCP, UDP, wrpcap
len_plus_frag = b'\x40\x01' + 0x4001 * b'\0'
wrpcap('bad-record-length.pcap', [
IP()/TCP(sport=2000, dport=443)/(b'\x17\x03\x03' + len_plus_frag),
IP()/UDP(sport=2000, dport=853)/(b'\x17\xfe\xfd' + 8*b'\0' + len_plus_frag)
])
Change-Id: I5eac48775333d8d222e013a24a6d06da79892b77
Reviewed-on: https://code.wireshark.org/review/18959
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When we add our Qt to PATH, prepend it so that it will be found first.
Change-Id: I405496d6a08d676b5a2e0d9bd792de7ba9abe7f9
Reviewed-on: https://code.wireshark.org/review/18988
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
After opening the Call Flows dialog from the Voip Calls dialog, followed
by closing the Voip Calls dialog, the Go To Packet functionality in the
Call Flows dialog is broken. That happens because the signal is not
proxied anymore.
Just remove all these indirections via signals and directly update the
selected packet.
Change-Id: I9c6d519dbe800e4dfdf0407d832f17819b344e46
Reviewed-on: https://code.wireshark.org/review/18933
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
FT_CHAR is straightforward to support.
Split the list of "invalid" types into a list of "unsupported" types and
a short list of "invalid" types, containing FT_PCRE (which isn't a valid
type for a field) and "everything else". Add FT_IEEE_11073_SFLOAT and
FT_IEEE_11073_FLOAT to the "unsupported" list.
Flag the whole unsupported list as just "not handled yet".
Change-Id: I62d2d7eead53377e4e601594a035b4395fdbeead
Reviewed-on: https://code.wireshark.org/review/18979
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As stated in 3GPP 23.003:
"the APN has, after encoding as defined in the paragraph below,
a maximum length of 100 octets"
Change-Id: Iae23117f44ea5b668f6cb23dbd0e726e4e56ce41
Reviewed-on: https://code.wireshark.org/review/18972
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Place the UAT hint label at the same position as in other dialogs;
just below the main widget. Also use smaller font and italic.
Change-Id: I51251825ff08122e17ca60144ef53fed5c6142ef
Reviewed-on: https://code.wireshark.org/review/18969
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Guy Harris