Versions 2 and 3 of MEGACO (H.248 text) added statisticsDescriptor
to one of the options for a streamParm that can appear inside a
mediaDescriptor. Dissect it.
Part of #11080
These messages are used in the GSUP-based CEAI interface between
strongswan IPsec and osmo-epdg, which acts basically as a forwarding
protocol between IKEv2 on the UE side and GTPv2C S2b towards PGW + Diameter
SWm towards AAA Server.
Those fields are already present in libosmocore, GSUP reference
implementation [1].
[1] https://gitea.osmocom.org/osmocom/libosmocore/src/branch/master/include/osmocom/gsm/gsup.h#L205
The value in the length field in ENRP parameters and error causes
include the length and types, and must be at least 4. In particular,
not erring on zero can cause an infinite loop.
https://datatracker.ietf.org/doc/html/rfc5354Fix#19674
If the comment (i.e. Info column) text is elided, show the
full text as a tooltip. We already show it down in the status
hint text, but it's nice not to have to look all the way at
the bottom of the window.
Somewhat related to #4972
(I think, for that one, we will probably need to make the
column width controlled by a different widget rather than a
QSplitter, because making it a QSplitter would make the comments
no longer an axis, and then they wouldn't be printed.)
Compact protocol uses little endian doubles instead of big endian like compact.
This issue is documented as an accident that became the de-facto standard.
For consistency, the sub-tvbuff_t given to delegated sub-dissectors is aligned
with binary protocol to allow a sub-dissector to work with both binary and compact.
Previous recursion check only worked with generic dissector.
The introduced changes cover the sub-dissectors as well.
Remove the existing check as it counted basic types as well.
Add a check at every place where a sub-tree is created:
- containers (list, set, map)
- structures
This commit increases the maximum size for the JSON commands processed
by `sharkd` from 2048 to 8192 bytes. The primary reason for this
change is to allow larger filters in `filter0`...`filter9` arguments
which, combined with the outer JSON boilerplate, can cause a command
to quickly hit the existing 2048-byte limit.
Add a check box for case sensitivity when finding in follow stream
and show packet bytes.
Note that QPlainTextEdit::find() has a bit unexpected behavior with
QRegularExpression (https://bugreports.qt.io/browse/QTBUG-88721).
Searches are case-insensitive by default there too, respecting
the default options. This is a change from the older QRegExp, where
the option to find was ignored, and only the regex option was used,
so for the last few releases regexp searches have been case-insensitive
as well by default. (?-i) has been available to mode switch.
We might want to move the various keyboard handling from
FollowStreamDialog and ShowPacketBytesDialog and instead have
FindLineEdit install shortcuts on the parents when constructed.
That would be a little cleaner separation.
We might also want to move the buttons and label to a separate
composite widget class, that signals the parent to start a
find.
Fix#3784
In KRB_TOKEN_CFX_WRAP (RFC 4121), for signed-only Wrap tokens
("Wrap tokens without confidentiality"), the plaintext is followed
by the checksum, unlike in other implementations where the all
the GSSAPI bits, including the checksum, precede the plaintext.
For those cases, the calling dissector cannot simply dissect
the entire original tvb after the returned offset, as it's not
all plaintext. Instead, place the plaintext without checksum
subset in gssapi_decrypted_tvb and return it to the caller.
In these cases, gssapi_data_encrypted will be set to FALSE, to
allow dissectors that wish to distinguished signed-and-sealed
from signed-only. For dissectors that do not care to distinguish
the cases, this requires no change.
Update the documentation in the GSSAPI header to describe this.
Fix#9398.
The IFTREE_COL_HIDDEN is in fact a "Show" column (should the
names be changed?) so when saving the data the hidden state
is the opposite of the checked status.
We were doing the inverted logic when writing to the preferences,
but not when changing the device interface_t struct directly.
However, before 6e12e504b9
we always re-read the hidden state from the preferences after
changing it in the Manage Interfaces Dialog, so this bug wasn't
exposed until we stopped doing that and used the current status.
Fix#19672
Add a colorsChanged signal/slot, more precise than the generic
preferencesChanged signal, and only call it when one of the
color related preferences have changed. Connect it to the
packetList::colorsChanged() function, instead of calling that
whenever preferencesChanged() is called. We could eventually
move the signals and slots some of the other GUI widgets to this.
Send that signal before handling preferences that change
dissection and freeze the packet list, so that when we
restore the column widths due to Qt bug 122109 it takes effect.
The packet_list_hover_style preference affects colors, not
the layout, despite its presence in the GUI layout module.
https://bugreports.qt.io/browse/QTBUG-122109
A bug introduced by the fix for https://bugreports.qt.io/browse/QTBUG-116013
causes all visible sections to reset to the default section size whenever a
style sheet is applied (even if defaultSectionSize didn't change.)
Make sure that before applying a style sheet we prevent our recent
column widths from being updated, and then restore column widths
from the recent values afterwards.
This affects versions 6.5.4 (commercial only, 6.5.3 is the last free
release) and 6.6.1 and 6.6.2.
Enforce the requirement, already mentioned in the headers,
that preference and preference module effect flags must be
nonzero so that the application knows that a preference has changed.
(Lua, for example, needs this.)
Use this and avoid sending the PreferencesChanged signal when
preferences have not changed.
Add field expression functions to convert unsigned integer
and char fields to hex or decimal. (BASE_OCT is handled
somewhat different currently now, presumably because it
can't be used in filters, so leave that commented until
it is handled as a display representation.)
Currently string() always converts unsigned integers to their
decimal representation so it is the same as dec(), but possibly in
the future string() might use the native base.
These can be used in columns thanks to the fix for #15990Fix#5308
"extcap" by itself can be the name of a directory that stores
extcap programs, especially if the default profile is being
used. Add an extension to the default file name so it doesn't clash.
Follow up to 4fb2ef8af8
Fix
```
wireshark/epan/dissectors/packet-icmpv6.c:1709:1: warning: function 'dissect_icmpv6_nd_opt' is within a recursive call chain [misc-no-recursion]
1709 | dissect_icmpv6_nd_opt(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
| ^
wireshark/epan/dissectors/packet-icmpv6.c:1709:1: note: example recursive call chain, starting from function 'dissect_icmpv6_nd_opt'
wireshark/epan/dissectors/packet-icmpv6.c:2247:30: note: Frame #1: function 'dissect_icmpv6_nd_opt' calls function 'dissect_icmpv6_nd_opt' here:
2247 | opt_offset = dissect_icmpv6_nd_opt(tvb, opt_offset, pinfo, icmp6opt_tree);
| ^
wireshark/epan/dissectors/packet-icmpv6.c:2247:30: note: ... which was the starting point of the recursive call chain; there may be other cycles
```
Fix
```
wireshark/epan/dissectors/packet-dhcpv6.c:1846:1: warning: function 'dhcpv6_option' is within a recursive call chain [misc-no-recursion]
1846 | dhcpv6_option(tvbuff_t *tvb, packet_info *pinfo, proto_tree *bp_tree,
| ^
wireshark/epan/dissectors/packet-dhcpv6.c:1846:1: note: example recursive call chain, starting from function 'dhcpv6_option'
wireshark/epan/dissectors/packet-dhcpv6.c:2052:28: note: Frame #1: function 'dhcpv6_option' calls function 'dhcpv6_option' here:
2052 | temp_optlen += dhcpv6_option(tvb, pinfo, subtree,
| ^
wireshark/epan/dissectors/packet-dhcpv6.c:2052:28: note: ... which was the starting point of the recursive call chain; there may be other cycles
wireshark/epan/dissectors/packet-dhcpv6.c:2958:1: warning: function 'dissect_dhcpv6' is within a recursive call chain [misc-no-recursion]
2958 | dissect_dhcpv6(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
| ^
```
This change updates references to obsoleted RFCs and I-Ds,
provides human-readable interpretation of kid values, and fixes
the text encoding type in proto_tree_add_cbor_tstr().
Fixes#19659
Aligning the data type with the 802.1AS specs the data type is
now INT32 instead of UINT32.
Also added a generated field where the scale and offset is removed
to easier interpret the actual accumulated rate ratio.
For our test in check_dcid_on_coalesced_packet, check the *last*
QUIC packet in the frame so far, not the first packet in the
frame.
Only create the quic_packet structure after checking for a coalesced
packet, so that the last QUIC packet in the frame is the previous
one, not the current one.
What happens if 0-RTT packets are lost and resent? There's an
alternative suggestion featuring checking if the ciphers are
initialized on the first pass that might work too, but if we
did that, what happens if the server Handshake is fragmented,
reassembled, and the server sent some "0.5-RTT" data after the
last fragment but then had to resend a different Handshake fragment
later? We'd still get some 1-RTT data before the handshake was done.
Fix#19665 while still not upsetting #19503.