In ASN.1 PER, Stop dissection if our sequence offset hasn't advanced
after 50 items.
atn-ulcs.asn overrides the definition of AttributeTypeAndValue as a
sequence of NULLs. Update our .cnf file so that we only dissect the
first item in that case.
Fixes#17842.
Updating the message checking for 3GPP TS 29.060 V16.0.0,
adding 7.5A MBMS Messages and 7.5B MS Info Change Reporting Messages.
This adds all the messages from TS 29.060. Some of them could be
updates to use the GSN specific fields in some cases. Also the
ETSI message checking needs to be updated to handle GTP' correctly.
The GGSN addresses for control plane and user traffic are both
included or both not included in the Update PDP Context Response
message (included if the Cause is Request Accepted), so we know
which one is the control plane and which one is the user plane.
Also fix the coment about the IEs for the alternative address, and
that they are Conditional, not Optional.
If the ESP NULL heuristic is on, but interpreting the padding length
byte as unencrypted would leave fewer than zero bytes remaining for
the payload tvb, just consider the heuristic failed instead of trying
to create the next_tvb subset and thus throwing an error.
inputMask populates the field with a space for each character
in the mask. Mouse people that click in the field may position
the cursor at the far right of the mask and not be able to enter
a value.
https://www.qtcentre.org/threads/7106-QLineEdit-and-input-mask
Remove the inputMask from the field definition and add a validator.
The beginning of the tshark manual talks about read filters and
using the -R option. Switch all that to display filters and -Y,
since that's the typical use now, with -R limited to two-pass
analysis.
When RPCGSS flavor is used and GSS context is destroyed (GSS procedure is set
to RPCSEC_GSS_DESTROY), Verifier field must be dissected as a part of 'RPC'
protocol in the same way as for other GSS procedures. This behaviour
is explicitly defined by RFC2203 chapter '5.4 COntext Destruction'.
Reverts commit 3d81f3612b.
Fixes#17845.
Signed-off-by: Volodymyr Khomenko <Khomenko.Volodymyr@gmail.com>
Calculate the relative sequence number correctly for the first
data chunk of an association in the first pass. This fixes
tshark display and fixes calculation of retransmissions if the
first data chunk of an association is retransmitted. Fix#17917.
macos-setup.sh:
- Fix filename of libtiff in existence test from "libtiff" to "tiff"
- Added fallback URL for libtiff when the downloaded file is not a valid gzip
archive. The host rotates older versions of libtiff into an "old"
subdirectory, so curl downloads a 404 Web page and exits without error. Then
the call to gzcat fails with an invalid gzip archive error. Maybe libtiff
version should be updated instead?
Fix the URL for the FreeBSD pflog code.
Make the byte order for the UID and the PID an enum, with the default
being *host*-endian, as, from a quick look at the PF code in the OSes
that have it, both the IDs are in the byte order of the host writing
the file. (This means I need to update libpcap and libwiretap to
byte-swap them when reading a byte-swapped capture file or file section,
as we do with some other pseudo-header fields. That's next on the
list.)
Add some comments about the signedness of the UID and PID fields.
This is the right way to handle #10202.
At some point the indices of the request and response stat tables
got switched, and stats were being looked up in the wrong table.
Use stat_tap_find_table to lookup the tables rather than hardcoding
the indices. Fix#17904