Rework Application Layer fragment reassembly to handle
out of order fragments (seen over UDP).
Change-Id: Ifd2bffba30f0a419a5f82ea6b9d2d221f7d6d276
Reviewed-on: https://code.wireshark.org/review/19947
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Change-Id: I85535dfdb7b064ba81f44ed08c3b1e84e7204e9e
Reviewed-on: https://code.wireshark.org/review/19954
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icadbf65ad186c775b2a0ca8596d5bf4ba66e4c68
Reviewed-on: https://code.wireshark.org/review/19873
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id96ce391b9957ac37705c503bea35395ee3d358d
Reviewed-on: https://code.wireshark.org/review/19207
Reviewed-by: Paul Williamson <paul@mustbeart.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Decodes the options and meta length fields added with LWW for
{set,del}_with_meta request commands.
Decodes get_meta responses extra field.
Please see https://issues.couchbase.com/browse/MB-22003
Change-Id: Ie5205e8188a32d59145c4f9c499b16c7a7997274
Reviewed-on: https://code.wireshark.org/review/19928
Reviewed-by: Dave Rigby <daver@couchbase.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
* It must be multiple of 4 Octets otherwise NULL padding should be there
Change-Id: I7563b0407bd70d1f0b7aac8597ce3a757a08925e
Reviewed-on: https://code.wireshark.org/review/19893
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
capture_opts_cleanup() doesn't exist if we're building without libpcap,
so don't call it if we're building without libpcap.
Change-Id: I9ae33b0c13af2785b5adb380a5b03e89116f67df
Reviewed-on: https://code.wireshark.org/review/19925
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_opts_cleanup() doesn't exist if we're building without libpcap,
so don't call it if we're building without libpcap.
Change-Id: I6c9defea15fac7df5533269c4945b965d9a67c25
Reviewed-on: https://code.wireshark.org/review/19924
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This required a restyle of the way the different apps exit.
Change-Id: Iedf728488954cc415b620ff0284d2e60f38f87d2
Reviewed-on: https://code.wireshark.org/review/19780
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Add support for the NFSV4.2 mode_umask attribute which will be initially
supported by Linux v4.10.
Change-Id: Id98e20cd0ed93bf7ad9b2246e9e05299f3d7a9fc
Reviewed-on: https://code.wireshark.org/review/19921
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Being able to override (set) the application data dissector without
hacks (RSA keys dialog) would be nice. Modelled after
v2.3.0rc0-481-gafa2605e43 ("Support Decode As for {SSL,TLS}-over-TCP.")
Change-Id: Ic4c5ca55e8f20ad599c41c1df58b24f3bced2281
Reviewed-on: https://code.wireshark.org/review/19869
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Removed unused macros/functions that are apparently imported from
LibTomCrypt, only LOAD32L and STORE32L are needed. Remove code that
tries to distinguish between little/big endian, since WORDS_BIGENDIAN
was never defined, this would never have worked on big endian anyway.
Remove the special ROR "optimization" for GCC on i386, modern compilers
are able to optimize it to exactly the same thing. The generic
LOAD32L/STORE32L macros are less optimized (as can be seen in the
generated code), but this was not noticable in the mean running time.
Tested with the packet capture from bug 3232, the result is the same:
tshark -ocorosync_totemnet.private_keys:example.com -r corosync-totemsrp--key:example.com--2nodes.pcap -Vx
Bug: 13368
Change-Id: I59bf27d7dd990bbcd5ad34a1797f4a6c8a04512d
Reviewed-on: https://code.wireshark.org/review/19894
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add an option to rawshark that lets the user set a maximum memory limit.
Change-Id: Ie102ee5f6ba5aec90a35bd63297184c7dc37662c
Reviewed-on: https://code.wireshark.org/review/19911
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I0de1c332a6052c20f6afbe1e51dfb14e18485891
Reviewed-on: https://code.wireshark.org/review/19899
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Many of the register_init_routine/register_cleanup_routine functions
are for initializing and cleaning up a GHashtable.
wmem_map_new_autoreset can do that automatically, so convert many
of the simple cases.
Change-Id: I93e1f435845fd5a5e5286487e9f0092fae052f3e
Reviewed-on: https://code.wireshark.org/review/19912
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As described here https://wiki.gnome.org/Valgrind valgrind can be
tuned for Gtk/GNOME (glib) software by this official (or so) suppression
file. Add it to the standard valgrind script to reduce the output
for those functions out of Wireshark scope.
Change-Id: I5dbc91ce82a890c9c02b624289ced96909be5f84
Reviewed-on: https://code.wireshark.org/review/19910
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Added a parameter to set placeholder text in textBox.
Change-Id: Iccf92fe60abc78be8f0fa112c0c9eb78890674b5
Reviewed-on: https://code.wireshark.org/review/12463
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I87d842e3efe9f82eaaab81347dfb79d6c0932792
Reviewed-on: https://code.wireshark.org/review/19491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
-1 is fine on UN*X, but, on Windows, it's INVALID_SOCKET. We define
INVALID_SOCKET as (-1) on UN*X, so it can be used on both platforms.
Change-Id: Ib2269ddf98c352a1d3c85e44006cc49d80750a78
Reviewed-on: https://code.wireshark.org/review/19909
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"decoder->flow" could result in a NULL pointer dereference if a null
cipher was in use (caught by Clang static analyzer).
Answering the questions:
- DTLS records fragments do not need to be reassembled, thus there is no
flow. The Handshake messages have their own fragment_offset field and
thus there is no need to maintain an extra flow.
- Actually one datagram can contain multiple records (RFC 6347, 4.1.1),
but this is not implemented yet. The key can however not be "0"
though, it must match the offsets from ssl_get_record_info.
Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
Change-Id: Iac367a68a2936559cd5d557f877c5598114cadca
Reviewed-on: https://code.wireshark.org/review/19892
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Current code is not able to detect missing mandatory information elements
because the macro will return once the end of the payload is reached.
Remove this check from all mandatory IE macros, and put it at the beginning
of optional IE ones. It should allow to detect any missing mandatory IE
while still stopping message dissection in case optional IEs are not
present.
Change-Id: Ie820740e25c1d03ee3462fa4a913c3a7870fcc2d
Reviewed-on: https://code.wireshark.org/review/19816
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissection of all new HCI command/events related with
Bluetooh 5.0 feature 'PHY update - LE 2M and LE Coded'
Change-Id: I212cb368d3295ba36eb0ca34329df566cae1611b
Signed-off-by: Allan Møller Madsen <almomadk@gmail.com>
Reviewed-on: https://code.wireshark.org/review/19849
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
"default" frame information sets no retransmission or more fragments.
Bug: 13015
Change-Id: I1c8a29fe06d0b38abc789c8e454dc484490186f9
Reviewed-on: https://code.wireshark.org/review/19891
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Dear Microsoft: why did you choose not to support line buffering in
the MSVC "standard I/O library" routines?)
Change-Id: I5add94d2c83e73e9845fea0f355a1923fddf2deb
Reviewed-on: https://code.wireshark.org/review/19890
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kacer