This patch escapes some characters like \n when showing text
contained in a packet by appending it to a protocol item.
Change-Id: Ice0040040ec7ab573dd9a412f8c0c197a566a031
Reviewed-on: https://code.wireshark.org/review/3095
Petri-Dish: Michael Tüxen <tuexen@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Add single-shot timers to ramp up the tap update interval and update
taps when we finish reading the capture file.
Change-Id: Ia1694b47ffd2705b6a06aa50c21e675a64aefeac
Reviewed-on: https://code.wireshark.org/review/3099
Reviewed-by: Gerald Combs <gerald@wireshark.org>
accepting a packet as DNP3.
Bug: 10287
Change-Id: I222ec885186447c8a72eaf11cebacff8b9b79fad
Reviewed-on: https://code.wireshark.org/review/3092
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
bug: 10271
Change-Id: Id2de856104d7506583e94893501cff23de3ec212
Reviewed-on: https://code.wireshark.org/review/2976
Reviewed-by: Michael Mann <mmann78@netscape.net>
We went with the whole WS_DLL_EXPORT thing so that we don't *have* to
maintain lists of exported symbols; is there truly no way to automate
the generation of *these* files?
Change-Id: I77f240c77782ed634e4620833f951c4a02fb4390
Reviewed-on: https://code.wireshark.org/review/3083
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This was started by Chris Maynard before Qt was announced and I just polished it off for inclusion in GTK version of Wireshark.
This also can be used as input into the Qt version of the Expert Info "dialog" since it hasn't been written yet. Personally I like the "template" the Qt statistics dialog has with the display filter built it. I think that would work well for the Expert Info dialog as well.
bug:1860
Change-Id: Icaada6e7900f22b0a3d97c2a5656edfd8d8c8b7f
Reviewed-on: https://code.wireshark.org/review/3035
Reviewed-by: Christopher Maynard <Christopher.Maynard@gtech.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, capitalize "File" in the GTK+ version (it's already capitalized in
the Qt version).
Change-Id: I27eb27022930b1c0e0321cd1a1446c3b9dc1bd17
Reviewed-on: https://code.wireshark.org/review/3072
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Not all compilers we use support __func__.
Change-Id: I61194e1073c87e67f821e14698ea21b73d63983c
Reviewed-on: https://code.wireshark.org/review/3071
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In at least some versions of GLib, g_array_free() warns if passed a null
pointer, rather than just silently returning.
Change-Id: I1bfc0a81faa1eeebe288f6e0cc58ebfb64784958
Reviewed-on: https://code.wireshark.org/review/3068
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise, if you link with both libwiretap and libfiletap, it's
anybody's guess which one you get. That means you're wasting memory
with two copies of its routines if they're identical, and means
surprising behavior if they're not (which showed up when I was debugging
a double-free crash - fixing libwiretap's buffer_free() didn't fix the
problem, because Wireshark happened to be calling libfiletap' unfixed
buffer_free()).
There's nothing *tap-specific about Buffers, anyway, so it really
belongs in wsutil.
Change-Id: I91537e46917e91277981f8f3365a2c0873152870
Reviewed-on: https://code.wireshark.org/review/3066
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That prevents some double-free issues (I got one when doing non-"Update
list of packets in real time" captures, if I do one such capture and
then another one).
Change-Id: Ia08034d9d1640bad21b74960efade8926dbfc5de
Reviewed-on: https://code.wireshark.org/review/3063
Reviewed-by: Guy Harris <guy@alum.mit.edu>
My previous change removed master-key retrieval in the Server Hello.
This broke decryption when ClientKeyExchange is missing. That was done
because decryption is only needed after ChangeCipherSpec.
This patch moves the remaining initialization in ClientKeyExchange to
ChangeCipherSpec. In theory this could fix decryption of DTLS traffic
when an abbreviated handshake is used (and thus keyring material is
never generated in ClientKeyExchange since it is not called).
It also avoids saving a session ticket with an empty key which can
happen when no RSA key is present, but the NewSessionTicket message
is received. This could lead to garbage decryption.
Change-Id: If0f475232c270b1d7b006c1f9af0e8d8098c6b65
Reviewed-on: https://code.wireshark.org/review/3019
Reviewed-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Evan Huus <eapache@gmail.com>
Based on DTLS code with changes merged from SSL. Changes:
- Ignore large Session IDs, this was not harmful though since the
backing storage was 256 bytes in size.
- {ssl,dtls}.handshake.random: fixed description, it is not used like
a SSLv2 random challenge.
- dtls: also debug print client/server for random
- SSL: the common dissector now returns an offset rather than dissected
length.
- dtls: display actual Session ID bytes in the UI rather than the text
"Session ID (32 bytes)". The length field is already visible in the
preceding field.
Also changed is the handling of key material generation. The SSL
dissector previously generated key material based on the Session ID,
Session Ticket or a key logfile. (DTLS did not have this functionality.)
As decryption is needed only after ChangeCipherSpec, I have removed it
from the ServerHello handling. This will break decryption when a
ClientKeyExchange message is missing, but it will be restored proper in
a next patch.
(By the way, there was an inverted if-condition bug in DTLS that could
break decryption by not restoring the master key matching a SID. This
is gone in the refactoring because the faulty code is removed.)
Change-Id: Ida3de88adefe3f7691f85936c496977426c4d96e
Reviewed-on: https://code.wireshark.org/review/3018
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Evan Huus <eapache@gmail.com>
The MAUSB dissector can now dissect transfer responses for control
endpoints.
Change-Id: Ic488ccb308365d072bbbf0eaf128b198caf74eca
Reviewed-on: https://code.wireshark.org/review/2960
Reviewed-by: Evan Huus <eapache@gmail.com>
USB Setup Responses are now dissected in their own function.
Before they were dissected inline in the usb_dissect_common()
function.
(just copied code).
Also replaced proto_tree_add_text() with proto_tree_add_item()
for generic setup response data.
Change-Id: Ia3943334cccc0a1813e0c906196307f99561ad21
Reviewed-on: https://code.wireshark.org/review/2959
Reviewed-by: Evan Huus <eapache@gmail.com>
Also indicate what the states mean.
Change-Id: Ie1701bb2fb33334bcd66d325d1368c2a15cbb7e8
Reviewed-on: https://code.wireshark.org/review/3061
Reviewed-by: Guy Harris <guy@alum.mit.edu>
exp_pdu_file_open() isn't used outside ui/tap_export_pdu.c; make it
static.
do_export_pdu() isn't a tap routine, it's called *from* tap routines, so
its last argument doesn't need to be a generic pointer; its last
argument must be a pointer to an exp_pdu_t, so declare it as such.
Clean up comments while we're at it.
Change-Id: Iab51b54a0c272052d7876110a095f2fff66fa2c1
Reviewed-on: https://code.wireshark.org/review/3060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, if we're reading a Windows-format file on UN*X, we handle it
the same way we'd handle a UN*X-format file.
This handles bug 10272 for the cfilter and dfilter file; there are other
configuration files that may need code changes as well.
While we're at it, don't hand non-ASCII characters to isspace().
Change-Id: I4f5efeaa938bcb2d85737ab136c3ca19ea1ddb5b
Reviewed-on: https://code.wireshark.org/review/3045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, if we're reading a Windows-format file on UN*X, we handle it
the same way we'd handle a UN*X-format file.
This handles bug 10272 for the preference file and the "recent" files;
there are other configuration files that may need code changes as well.
Change-Id: Iec15a8fac276929ce8b53ae16070e9f2855f574c
Reviewed-on: https://code.wireshark.org/review/3042
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_opts.c:1017:61: error: declaration of 'index' shadows a global declaration [-Werror=shadow]
Change-Id: Ie409b4fa7abeb85e460bea398735cdc98d9034b1
Reviewed-on: https://code.wireshark.org/review/3041
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
The original formatting, besides looking silly, also prevents the function
from being picked up by make-dissector-reg.
Change-Id: I06e37b0e862064275b07976295eca8f0288a0974
Reviewed-on: https://code.wireshark.org/review/3025
Reviewed-by: Anders Broman <a.broman58@gmail.com>
when we delete an interface from all_ifaces, delete it from ifaces as well
remove its selected status if it was selected
at the moment, an interface that was used for capturing before will
never be removed from the list of interfaces even if it becomes
unavailable as it remains in ifaces and will be re-added to all_ifaces
in scan_local_interfaces()
new helper function capture_opts_del_iface() to delete an entry from ifaces and
free all its components
Change-Id: Ie3271a7ed086367e511d3a971f3b68cfc014115d
Reviewed-on: https://code.wireshark.org/review/2965
Reviewed-by: Evan Huus <eapache@gmail.com>
This could lead to problems for fragmented DTLS packets.
Change-Id: I602c7e181ea3799a4a2e7bcfed05bfbb129f7df4
Reviewed-on: https://code.wireshark.org/review/3017
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Michael Tüxen