When updating the monospace font, don't apply it to PacketList itself.
On Windows and Linux here it sets the header font as well.
Add the item delegate width to the column size hint. This correctly
resizes column 0 on Windows. It seems to add extra space on OS X and
Linux, unfortunately.
Change-Id: I294cd9868fe00144b896636be65896e8557ab208
Reviewed-on: https://code.wireshark.org/review/8402
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add completion to DisplayFilterEdit. Disable autocompletion in
DisplayFilterCombo.
New behavior: If we're at the beginning of the entry "recent" display
filters appear at the top of the list.
Start using QLineEdit::placeholderText while we're here.
Bug: 10923
Ping-Bug: 9254
Change-Id: Ic8dd37768abb83d50d4e6c849bb51095fc3742d2
Reviewed-on: https://code.wireshark.org/review/8360
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Part 1
Change-Id: Icbc73690370eba07e77b35d2815346f1d5a44347
Reviewed-on: https://code.wireshark.org/review/8386
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
CDR strings appear to be both counted *and* NULL-terminated in many cases,
which is rather weird, so if we see a NULL-terminator, ignore it in the count;
otherwise we print a trailing '\000' on all the strings we put in the tree.
Bug: 11126
Change-Id: I45b6b414683a6f646d37c2e2001b7319d5c80be5
Reviewed-on: https://code.wireshark.org/review/8390
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modified CIP Motion parser to include newly-defined Axis Safety related
fields in the status data set section.
Change-Id: I70c6dd345ae9353b87e6f7c1300b60687f41a1f6
Reviewed-on: https://code.wireshark.org/review/8342
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That got the crash information in the WPA EAPOL Rekey test; use it for
all other tests where, otherwise, the crash information would be lost.
Change-Id: I230b7952b6d79ebf6dc003747dc05328616ef7c2
Reviewed-on: https://code.wireshark.org/review/8394
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a script that takes a command as an argument and runs it in a
subshell, so that said subshell will catch any signals from it and
report it.
This would be done for commands that aren't the last command in the
pipeline, as, given that the exit status of a pipeline is the exit
status of the last command in the pipeline, there's no guarantee that
the shell will bother to pick up the exit status of earlier commands in
the pipeline.
Use that for the tshark in the WPA EAPOL Rekey test, so it at least can
report the signal (on Solaris, SIGSEGV means, among other things,
"dereferenced a pointer pointing out of the address space" and SIGBUS
means, among other things, "dereferenced a misaligned pointer on
SPARC"). Maybe we can make the script also fire up a debugger if it
finds a core dump (and a debugger) and get a stack trace.
Change-Id: I4188190a1f1a4d3afc4719d886161ee56bd89d8b
Reviewed-on: https://code.wireshark.org/review/8392
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While we are at it, put back some debug logs that were removed in g1439eb6 (otherwise msgbuf is no more initialized)
Change-Id: Ie34c4f2e638bc3ee77a0565446de37a15385dc0d
Reviewed-on: https://code.wireshark.org/review/8389
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
In AirPDcapRsnaPwd2PskStep(), digest[] holds an SSID plus 4 bytes of
count, so the size is MAX_SSID_LENGTH plus 4, and digest1[] holds an
SHA-1 digest, so the size is SHA1_DIGEST_LEN.
That makes it a bit clearer why those are the sizes.
Change-Id: I58ed6643f57675375f7f369470d600382323315f
Reviewed-on: https://code.wireshark.org/review/8387
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Replace "Capture in" with "Enable" for promiscuous mode; the checkbox doesn't
actually affect which interfaces get captured on, which is the way I wanted to
read the old text.
Change-Id: I35dd2c8f9523311cb267515804b1421e50e60e06
Reviewed-on: https://code.wireshark.org/review/8374
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I2488a505e6634da5cbcaf2e86505414d34823b8e
Reviewed-on: https://code.wireshark.org/review/8381
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: If2f5ee4629b48fe0ffbe76c49952de8fb14fb64e
Reviewed-on: https://code.wireshark.org/review/8380
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add separate ett for all possible information elements.
It's better to expand only necessary subtree but not all
Change-Id: If84359e28547ce5dcf753dc1bee691ece7f29ace
Reviewed-on: https://code.wireshark.org/review/8054
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Have it allocate the buffer for the unwrapped key and return a pointer
to it, rather than having it be handed a buffer for that key.
That makes it a bit easier to validate, in AES_unwrap, that we don't
write past the end of the buffer.
Change-Id: Id02852c23054b3ed33eeeb383e7aa6cf12d02ed9
Reviewed-on: https://code.wireshark.org/review/8371
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Hopefully that'll make it a little easier to make sure that we're not
overflowing arrays.
Change-Id: I770df045ef9a45fd486c1271ea424b3334bb39d2
Reviewed-on: https://code.wireshark.org/review/8370
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It points to an array of bytes, not a character string.
Add some casts to squelch other Sun/Oracle C warnings.
Clean up some comments while we're at it.
Change-Id: Id0908178cb00d537e95569b9ce6f745c8fd6d716
Reviewed-on: https://code.wireshark.org/review/8369
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Mistake when remove proto_tree_add_text calls
Change-Id: I820264b7a90a2563f846b6e6472416cd3e3278a4
Reviewed-on: https://code.wireshark.org/review/8368
Reviewed-by: Michael Mann <mmann78@netscape.net>
- fix PLSP-ID parsing, is a 20 bits field
- fix SID parsing, is in network order on the wire
- fix PATH-SETUP-TYPE and SR-PCE-CAPABILITY code points
Change-Id: If26035181462a9cad77a4a594aab3c007b4d00a2
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/8351
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use Session-ID as a place holder for grouped AVPs that can hold any AVP and
look up the contents of a couple grouped AVPs whose contents wasn't specified.
Also, update the DTD to allow vendors to not add any AVPs.
Change-Id: Id2852e31cecbcfaf64efb46918101b3a81ed5bdb
Reviewed-on: https://code.wireshark.org/review/8355
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The LHS of the & operation is unsigned; make the RHS unsigned as well.
That squelches a Sun/Oracle C warning.
Change-Id: I6983cc89603a512020b8e8b560c00632de6b2fb3
Reviewed-on: https://code.wireshark.org/review/8363
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This squelches a warning from Sun/Oracle C, and it's the right thing to
do in any case, as the LHS of the & operator is unsigned.
Change-Id: I824a82d945f8f2535282bbf466dcd65806c6f695
Reviewed-on: https://code.wireshark.org/review/8362
Reviewed-by: Guy Harris <guy@alum.mit.edu>
g1439eb6 changed AIRPDCAP_WPA_PSK_LEN from 64 bytes to 32 bytes, leading to a stack corruption in AirPDcapRsnaPwd2Psk() function
Change-Id: Ibf51f6749715055cd84906a144214ed44c85256b
Reviewed-on: https://code.wireshark.org/review/8358
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
If recent file name contains underscore, menu item parses it as mnemonic accelerator. So disabled using underline for recent file menu item.
Change-Id: I1253a0103e750a14a69f0d064587e0eb56581b82
Reviewed-on: https://code.wireshark.org/review/8325
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Show all expert messages in a combined view. Group top-level items by a
(severity, group, protocol) tuple.
Let the user enable and disable messages via a check menu.
Add ProtoTree::goToField and expert_info_t.hf_index. Use them to jump to
what we hope is the afflicted item.
Enable the context menu only if the user has selected a packet item.
Add a free-form search field that matches expert summaries.
This differs from the GTK+ version but hopefully provides a smoother
workflow.
Bug: 10931
Change-Id: Ia12cb7c27cdea1634fa2798fb7e4c1b23bd16ad2
Reviewed-on: https://code.wireshark.org/review/8294
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch extends the existing decryption support for WPA to also
handle rekeys by checking each decrypted packet for a 4-way-handshake.
Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
(WPA-EAP).
For decrypting WPA-EAP secured packets the user must provide all used PMK's
of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
via the existing interface.
(The capture must have all 4-way-handshakes included also, starting with
the first unencrypted one.)
Every decrypted unicast packet will habe the used PMK and TK shown in the
CCMP/TKIP section below the key index in the GUI. Group packets will display the
GTK instead.
Additionally this fixes a small issue with group rekey handling, so every packet
can be selected in the GUI in random order, removing the need to manually find
the correct group keying packets prior to that.
It was tested primary with WPA-CCMP, but TKIP is also working.
One section in the code touch bluetooth 802.1X support. It should do
exactly the same, but will now also examine all decypted packets for rekeys.
Ping-Bug: 11172
Change-Id: I19d055581fce6268df888da63485a48326046748
Reviewed-on: https://code.wireshark.org/review/8268
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris