Since v2.1.0rc0-184-gb0b53fa593, $XDG_CONFIG_HOME/wireshark (instead of
$HOME/.wireshark) is used, clarify this in the WSUG and manuals.
Change-Id: I74a6f9b86bd8d54ee326ca83d7536e091d6da08a
Reviewed-on: https://code.wireshark.org/review/20364
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since v2.1.0rc0-184-gb0b53fa593, the config directory has changed.
Change-Id: Idbeb62f2393d1a4ec192da2d85e6bfb76782aeb8
Reviewed-on: https://code.wireshark.org/review/20365
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add the ability to move back and forth in the packet selection history
similar to GTK+. Update the documentation accordingly.
Change-Id: If1fdc1e59b240c0588c292dc0f7f0a5f083c30e1
Reviewed-on: https://code.wireshark.org/review/20320
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for resetting the Default profile by deleting it in
the Profile Dialog. All profile files will be deleted and all
other files will be kept.
Change-Id: I795a6db3ee7b2c29e7aba461183e6cc411798b75
Reviewed-on: https://code.wireshark.org/review/20097
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Removed all guards for HAVE_LIBGCRYPT, change autotools and CMake to
error out if it is not available. Update release notes, developer
documentation and README with the new status. Clarify relation with
GnuTLS in macosx-setup.sh. Install Libgcrypt via brew script.
Motivation for this change is that many dissectors depend on Libgcrypt
and having it optional increases the maintenance burden (there have been
several compile issues in the past due to the optional status).
Furthermore, wsutil has crypto code that can be replaced by Libgcrypt.
Change-Id: Idf0021b8c4cd5db70b8766f7dcc2a8b3acbf042f
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20030
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Adds support for IndigoCare nursecall protocols
Bug: 13241
Change-Id: I83098c15d467ea42da8301c6b6a5568d9892fc60
Reviewed-on: https://code.wireshark.org/review/19224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added examples for the matches, contains and bitwise_and operators.
Most of the text and the examples have been taken from the wiki and the
wireshark-filter manpage.
Bug: 13320
Change-Id: Icd9a325c05ecd4ecd1cbde8162a4c88cae335d1d
Reviewed-on: https://code.wireshark.org/review/19758
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Any call of the form tvb_new_subset_length_caplen(tvb, offset, -1, -1)
should instead be tvb_new_subset_remaining(tvb, offset).
Change-Id: I4bc95b028103ea4fc82453ef3460c147d7ccabd6
Reviewed-on: https://code.wireshark.org/review/19598
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
NVM Express is high speed interface for accessing solid state drives.
NVM Express specifications are maintained by NVM Express industry
association at http://www.nvmexpress.org.
Bug: 13201
Change-Id: Id40edaf72838eea9f4087c8ddba9518a9374efab
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19063
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Parav Pandit <paravpandit@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit introduces a new dissector aimed at decoding the USB
protocol used by X-Rite i1 Display Pro (and derivatives) colorimeter. It
is based on reverse engineering work by Graeme Gill from the ArgyllCMS
project.
Change-Id: Icdfd0c3f75499d0df4360c6eb6856078de30ba56
Reviewed-on: https://code.wireshark.org/review/18901
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ping-Bug: 12759
Change-Id: Ic4d47155168978541fb8c3670fcabaf3c35f8aad
Reviewed-on: https://code.wireshark.org/review/19187
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Applications can also use GSMTAP framing to convey log messages
which would traditionally be printed on stderr or on log files. This
allows the ordered/interspersed display of protocol messages with log
lines from the applications that send or received those messages.
The osmocom logging framework (part of libosmocore) implements this in
libosmocore.git Change-Id I9a7e72b8c9c6f6f2d76d1ea2332dcdee12394625
Change-Id: I0de723445e5b5ce0199a4081808111240a9ed047
Reviewed-on: https://code.wireshark.org/review/19183
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The ASCIIDOC_CONF_FILES setting for asciidoc was only generated
if any of the guides were being built.
Clean up a dup setting and some and blank lines in FindASCIIDOC
Change-Id: Ie8ab97db09e18cdb8d7e2a7bd4dcf8c288dd036f
Reviewed-on: https://code.wireshark.org/review/19291
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
This was inspired by the https://www.wireshark.org/lists/wireshark-dev/201505/msg00029.html thread.
Used TCP and NTP dissectors as the guinea pig with sample use.
Documentation updates includes some unrelated cleanup just because it was noticed.
Change-Id: I59b26e1ca3b95e3473e4757f1759d7ad82976965
Reviewed-on: https://code.wireshark.org/review/19211
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Many capitalization can be found for this library (spandsp, Spandsp, SpanDSP),
let's use the one found in the library README and in its spec file.
Change-Id: Ia66b723e5d582a6218da1b6366b7d4859272f80c
Reviewed-on: https://code.wireshark.org/review/19122
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add a combobox for selecting the output device and populate it with our
available devices. Let the user know if our output format isn't
supported.
Ping-Bug: 13105
Change-Id: I299c7d0f191bb66d93896338036000e2c377781f
Reviewed-on: https://code.wireshark.org/review/19046
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Integrate the Spandsp library for G.722 and G.726 support. Adds support
for G.722 and all eight variants of G.726.
Note: this also fixes a crash in Qt (buffer overrun, reading too much
data) caused by confusion of the larger output buffer (resample_buff)
with the smaller input buffer (decode_buff). It was not triggered before
because the sample rate was always 8k, but with the addition of the new
codecs, a different sample rate became possible (16k).
Fix also a crash which occurs when the RTP_STREAM_DEBUG macro is enabled
and the VOIP Calls dialog is opened (the begin frame, start_fd, is not
yet known and therfore a NULL dereference could occur).
Passes testing (plays normally without bad RTP timing errors) with
SampleCaptures files: sip-rtp-g722.pcap and sip-rtp-g726.pcap. Tested
with cmake (Qt), autotools (Qt and GTK+) with ASAN enabled.
Bug: 5619
Change-Id: I5661908d193927bba50901079119eeff0c04991f
Reviewed-on: https://code.wireshark.org/review/18939
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
A new "--export-object <protocol>,<destdir>" option is added to tshark.
This required refactoring Export Object behavior in all GUIs to give the
export object handling to the dissector, rather than the ui layer.
Included in the refactoring was fixing some serious memory leaks in Qt
Export Object dialog, crash due to memory scope issues in GTK Export
Object dialog, and addition sorting column feature in Qt dialog (set
up by creating a widget to manage the items that were previously
leaking memory)
Bug: 9319
Ping-Bug: 13174
Change-Id: I515d7662fa1f150f672b1476716f347ec27deb9b
Reviewed-on: https://code.wireshark.org/review/18927
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Rename the text highlight enum "HighlightMode" to make its use and
intent more clear. Add a mode for the offset highlight instead of using
a separate variable. Use our palette to draw the hover highlight colors.
Add a note about colors to the Developer's Guide.
Change-Id: I488b2512a5058e17eb5b49c8ac55616100f32fbc
Reviewed-on: https://code.wireshark.org/review/18953
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This dissector allows Snort to process all of the
packets passed to Wireshark, and for the alerts to
be shown in the protocol tree. It is also possible
to set the source of alerts to be packet comments.
Change-Id: I6e0a50d3418001cbac2d185639adda2553a40de8
Reviewed-on: https://code.wireshark.org/review/18848
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Move the replacement definitions in asciidoc.conf to
attributes.asciidoc. This makes the markup a bit cleaner and is more
compatible with AsciiDoctor. Use a standard naming scheme for URLs.
Change-Id: Ica73aaadb013be2a4e6a3963fb54e6db6e02e98f
Reviewed-on: https://code.wireshark.org/review/18655
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Ieb36a77a98da1ce6e5de34010806cdc05f8e6533
Reviewed-on: https://code.wireshark.org/review/15637
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anish Bhatt <anish@gatech.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The feature activates/deactivates fullscreen mode of Qt UI.
A new menu item has been added as well as a shortcut (F11 or Ctrl+Cmd+F)
according to browsers common shortcut.
Change-Id: I01906b494d0a13ce70d27c00ebbe03e6ec87cbd7
Reviewed-on: https://code.wireshark.org/review/18332
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix the casing of the preference while at it (it now matches other name
resolution preferences).
Change-Id: Ibfecbc94f9eccefa7d3b1a50ae2598dfefb707a2
Reviewed-on: https://code.wireshark.org/review/18330
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I suggested disabling GTK+ by default at Sharkfest EU and no one
objected, hence this patch.
Disable it by default in both Autotools and CMake. Make sure it's
enabled for Debian packaging. The RPM packaging enables GTK3 explicitly
so no change appears to be necessary there.
Change-Id: If5daeaef4bb26cf60006bc8883be15b2cf6c6ae4
Reviewed-on: https://code.wireshark.org/review/18256
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Improve example with better formatting, clarification comments and more
common variable names.
Extend make-wsluarm.pl to support arguments containing underscores.
Fixes the description of dissect_tcp_pdus.
Change TvbRange.tvb(tvb) into tvbrange:tvb() and ByteArray.tvb(name)
into bytearray:tvb(name), these are really instance methods.
Change-Id: I1e20ef46195dc6c06f9ac790d3432db283d21a5e
Reviewed-on: https://code.wireshark.org/review/18226
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Running "ninja developer_guide_html" somehow did not produce a new HTML
docbook once wsluarm.ascii (a dependency of developer-guide.xml) was
modified.
It turns out that output file docbook/wsdg_html/index.html only had a
ordering-only dependency on target generate_developer-guide.xml. An
extra dependency is needed on the output file to ensure that the HTML
file gets rebuild on changes.
See the last note on
https://samthursfield.wordpress.com/2015/11/21/cmake-dependencies-between-targets-and-files-and-custom-commands/
Fixes v2.1.0rc0-2137-gd544ecd ("cmake: fix parallel docbook build").
Change-Id: I7689c71994f13b29cf7f8561f7c993aa8298632d
Reviewed-on: https://code.wireshark.org/review/18225
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
http://fc00.io/
Bug: 13014
Change-Id: I846d4dc28a8cb03bc877f0b4a392864100019d2d
Reviewed-on: https://code.wireshark.org/review/18117
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12985
Change-Id: Iceacd3d122337091380d56bd7fa9875bf7cb4d47
Reviewed-on: https://code.wireshark.org/review/18134
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12906
Change-Id: I0dafdd74b21b27189d0a532c679e449c536f76f0
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/17725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The Osmux protocol bundles multiple AMR frames inside one UDP packet to avoid
the overhead of having one IP/UDP/RTP packet per AMR frame. It is used by the
osmocom project.
Sponsored-by: On-Waves ehf
Change-Id: I8fb21e54adec8d8bd7ac5ebd2154100a73ab71c9
Reviewed-on: https://code.wireshark.org/review/16996
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12942
Change-Id: I69ab22caa9938167db421ca2f0346ca086280823
Reviewed-on: https://code.wireshark.org/review/17890
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Set variablelist.as.blocks in custom_layer_pdf.xsl so that we don't end
up with list text squeezed into tiny columns on the right. Set column
widths for most of our tables.
Change-Id: I3fe47d945a7945618012c9de1fc0e97b788dea9e
Reviewed-on: https://code.wireshark.org/review/17893
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Adjust the column widths of some tables to that they render more cleanly
and without FOP warnings. Move some table content to plain text instead
of trying to shove it into table cells. Fix some other layout and
formatting.
Change-Id: I40e40fd7ca5c3cc594ea30c8b1ad233afd4cdca4
Reviewed-on: https://code.wireshark.org/review/17880
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Wrap monospace text in our PDF output. Fix the formatting of a list. Fix
an anchor reference.
Change-Id: Id9433f3e3462569299e6702b4a4e137481ad80c4
Reviewed-on: https://code.wireshark.org/review/17877
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pass relative image directory paths to xsltproc. The DocBook documentation
says you can use a URI, but trying to get that to work with CMake
and Windows appears to be a path to tears and undignified wails of
frustration.
Add attributes for our different types of images and use them so that
the PDFs don't scale our screenshots to an unusable size.
Change-Id: I786d09d9ef9be3d423b2af426a8867739ae12c1a
Reviewed-on: https://code.wireshark.org/review/17688
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This change based on BlueZ code on the same license that Wireshark is.
It seems that a lot of commands/events are incomplete or unknown,
however better to have them.
Also rename variables (etc.) of the first dissector to contain
vendor name like new one, to distinguish them.
Change-Id: I2db3ed73d477699032a44bac2d3c88a9230b0095
Reviewed-on: https://code.wireshark.org/review/17657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 12687
Change-Id: Ib489b4c6aff1e0611e9b8a086054e56284f24b84
Reviewed-on: https://code.wireshark.org/review/16787
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>