Add support for aliasing one protocol name to another and for filtering
using aliased fields. Mark aliased fields as deprecated.
Rename the BOOTP dissector to DHCP and alias "bootp" to "dhcp". This
lets you use both "dhcp.type" and "bootp.type" as display filter fields
without having to duplicate all 500+ DHCP/BOOTP fields.
To do:
- Add checks to proto.c:check_valid_filter_name_or_fail?
- Transition SSL to TLS.
- Rename packet-bootp.c to packet-dhcp.c?
Change-Id: I29977859995e8347d80b8e83f1618db441b10279
Ping-Bug: 14922
Reviewed-on: https://code.wireshark.org/review/29327
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Capture file of Bug 15074 lists two requests in a row. Only the first
response gets dissected. The second one not.
This commit defaults to mysql_dissect_result_header() for response packets.
The documentation [1] doesn't provide any useful information how to
handle this.
[1]: https://dev.mysql.com/doc/dev/mysql-server/latest/PAGE_PROTOCOL.html
Ping-Bug: 15074
Change-Id: I77c269dd95859bc26e12c6b89cedaac9b6047d9f
Reviewed-on: https://code.wireshark.org/review/29349
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Trailing stray characters will not show up in the packet tree item
when the string is correctly null terminated. This expert info
will indicate when this occurs, typically from wrongly implemented
protocol encoders.
This will warn about cases like:
tvb = "foo\0bar"
proto_tree_add_item(..., tvb, 0, 7, ...)
Change-Id: I66b9d3ba7bb3e45f1f6e492fa6916b29c9ee9ca4
Reviewed-on: https://code.wireshark.org/review/29310
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Create a unique subtree for each registered resource.
Change-Id: Ia24f640597d87fee38ba628d3ad2069c7258c7a3
Reviewed-on: https://code.wireshark.org/review/29346
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a file parser and dissector that can handle the output of
`journalctl -o export`. From here we can add a systemd journal extcap
and possibly support for the JSON and binary formats.
Change-Id: I01576959b2c347ce7ac9aa57cdb5c119c81d61e9
Reviewed-on: https://code.wireshark.org/review/29311
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change from proto_tree_add_string() to proto_tree_add_item() for strings
which is fetched from the packet.
Change-Id: Iae6538977b2ecf69f83c62b47ac02198f5f09d54
Reviewed-on: https://code.wireshark.org/review/29348
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Changes:
- changed processing to allow multibyte headers
- added CLIMAX headers from ED-137A
- added generated information about type of DDC message
- ED-137 branch code cleanup
- ED-137A/B variable naming cleanup
- lower/upper case filter syntax cleanup
- Added support for ED-137C headers
- MAM
- Test PTT
Change-Id: I9706ce5d783299d5cd1a4506dd452b45086427c6
Reviewed-on: https://code.wireshark.org/review/29129
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
OoO reassembly assumed that the stream starts with the first data
segment, but this can already be OoO. Use the hint from SYN instead.
The test capture is based on a local capture, post-processed with scapy
to introduce an OoO condition and fixup the frame time.
Bug: 15078
Change-Id: Id0e312bb3d0e7c7f8f1b243a2be9f15c9851c501
Fixes: v2.9.0rc0-1097-gca42331437 ("tcp: add support for reassembling out-of-order segments")
Reviewed-on: https://code.wireshark.org/review/29305
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Current IPv6 address expansion function has trouble with certain
classes of addresses, returning errors for valid addresses. The
expression to determine address validity is based on an unknown
assumption, now replaced by one without false negatives.
Bug: 15056
Change-Id: Ic52f8e944f86a2b4d6838846795735df77cba56d
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/29290
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Resources directory was removed a while back. Since CMake 3.12, the
copy_directory command will fail when the source directory is missing.
Reported by anta_tw in the #wireshark IRC channel at Freenode.
Change-Id: I4de087dd2833e79a806c8a0c9a28024848e1e03f
Fixes: v2.1.0rc0-2347-g4aa049019a ("OS X: Remove GTK+ packaging.")
Reviewed-on: https://code.wireshark.org/review/29304
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
We are exporting a registration function from libwireshark just
to have it passed back as a callback. Seems unnecessary.
Change-Id: I7621005c9be11691d319102326824c5e3520a6f3
Reviewed-on: https://code.wireshark.org/review/29328
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The third extension is not decoded correctly because bad description of the second extension.
Spare bits 8 and 7 were missing in I021_090_PARTS[] structure.
Bug: 15076
Change-Id: I68b644b15177016e075c87004281b76b5c6f19e2
Reviewed-on: https://code.wireshark.org/review/29335
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Disable the PPP over USB heuristic subdisector by default.
Clarify the comment about "compressed" address and control fields. Compressed
means absent in this case. Therefore, the heuristic check for PPP over USB
comes down to checking that the first byte is 0x7e. This is too weak and produces
lots of false positives.
Change-Id: Idf2fa41ac2b9e46ec982c9d0ebbea0e72ec0e21b
Reviewed-on: https://code.wireshark.org/review/29322
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id398c4a89562c1d9f444f6d444b1a27c131ef3f1
Reviewed-on: https://code.wireshark.org/review/29321
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Change-Id: Icc6a798565d74fa84dae975e424762db9963c1b2
Reviewed-on: https://code.wireshark.org/review/29320
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is similar to what LTE did before RRC was doing detailed
bearer configuration.
Change-Id: Ieee735ad1269f9ce962137c97c2c18431b6a1d48
Reviewed-on: https://code.wireshark.org/review/29315
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Note that set_mac_lte_channel_mapping() only sets mappings
in this range.
Change-Id: I78048ed9b15af3992d813208fbe0fd4ed76e25cd
Reviewed-on: https://code.wireshark.org/review/29314
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
It is clearer and more consistent with other IEs.
Change-Id: I1afc8ddb0f30605cb6bc7eb12ea38ec9b2bbcb54
Reviewed-on: https://code.wireshark.org/review/29272
Reviewed-by: Joakim Karlsson <oakimk@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ensure that at least 12 bytes were captured before trying to check the magic.
Otherwise it can trigger an exception and prevent other heuristic dissectors
from being called.
Change-Id: Ib90febc208a69ae4e10c5c971e7cddfa7157c8a4
Reviewed-on: https://code.wireshark.org/review/29298
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Use UTF8_HORIZONTAL_ELLIPSIS to indicate string truncation in
bytestring_to_str() and bytes_to_str().
We also use UTF8_HORIZONTAL_ELLIPSIS in the Packet List.
Change-Id: Iaf5c2de97fa71369a8f29ac65fa81f71ed814752
Reviewed-on: https://code.wireshark.org/review/29291
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Use FT_UINT_BYTES to handle SYBLONGBINARY cleanly.
Change-Id: Ie88c19bb788670190113c8c1e962660162ce3780
Reviewed-on: https://code.wireshark.org/review/29273
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A CMake config-file package provides support for downstreams using
CMake and Wireshark libraries to easily configure the libwireshark
dependency with:
find_package(Wireshark CONFIG [REQUIRED])
target_link_libraries(foo epan)
The FindWireshark.cmake file is no longer needed.
See cmake-package(7) for more details on CMake's package system.
Change-Id: Ie8af1d44417a99dd08d37959f7b2ffca88572ec2
Reviewed-on: https://code.wireshark.org/review/29208
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
When dissecting a DPOE TLV, dissector incorrectly attempts to
read a value when the value length is set to zero. This causes
the dissector to throw a malformed packet error. Added a check
for length zero and skip adding the value if length is zero.
Created an expert info output indicating that the TLV value is
zero length.
Change-Id: I313e20f6f436b9f0af3e6f82044964fe7c502485
Reviewed-on: https://code.wireshark.org/review/29270
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>