Set the merge module path based on our platform and version of Visual
Studio.
Change-Id: Ic866447f36d5264d61fc988f3f9d8b4d2e5c0827
Reviewed-on: https://code.wireshark.org/review/22192
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Currently the UMTS FP & MAC dissector's are named packet-umts_X.
This commit renames the UMTS RLC's files to show their relation.
Change-Id: I9e37be95f7c7d08278075a49b8abc2b480a13d64
Reviewed-on: https://code.wireshark.org/review/22188
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For at least Qt, the main_window_update callback is not necessary to
make the stop button work. When restarting a live capture during a
flood (via Ctrl-R), this callback actually results in an infinite loop
in MainWindow::captureStop since the capture state never changes from
FILE_READ_IN_PROGRESS.
Remove this callback to ensure that the problematic
pipeActivated / sync_pipe_input_cb / capture_input_new_packets /
main_window_update / ... / on_actionCaptureRestart_triggered /
testCaptureFileClose / captureStop sequence is avoided.
Even though captureStop invokes capture_stop, I guess that this does not
change the state because the pipeActivated callback is already active.
Bug: 10917
Change-Id: I6ca4fa946963928b7bc8a53ca14f9a9a3a35eaa7
Reviewed-on: https://code.wireshark.org/review/22097
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
testCaptureFileClose can also be invoked while reading an existing
capture file (the original comment only applied to GTK+, not Qt). When
the user quits Wireshark while reading an offline pcap, this could
result in a confusing "Unsaved packets" dialog. Fix this by checking the
actual capture session state.
After fixing this, the next issue is that cf_close trips on an assertion
("cf->state != FILE_READ_IN_PROGRESS"). To address this problem, do not
close the capture file immediately, but signal to the reader (cf_read)
that this should be done (similar to the quit logic in GTK+).
Bug: 13563
Change-Id: I12d4b813557bf354199320df2ed8609070fdc58a
Reviewed-on: https://code.wireshark.org/review/22096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If the pdu length is too short, we can simply stop dissection and return
the number of bytes we processed.
Change-Id: I11581daa3fdb80b3d5a07754039ec1b640945b2e
Reviewed-on: https://code.wireshark.org/review/22187
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Cisco uses propietary option 65004 to transmit RPF Proxy Vector
information. Add the name of the option to the option identification.
Change-Id: I5ee9e4d44d6326d8a457a8a4bbb24896e17216e8
Reviewed-on: https://code.wireshark.org/review/22186
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ITU-T Q.703 2.3.3 specifies that the length indicator MUST be set
to its correct value. Adding a expert_info warning makes it easier
to determine if a capture uses the optional extended sequence number
format found in Appendix A, for which a preference already exists.
Change-Id: I7c99c7f2801a6d44d1bc693b59f38a76e08cfe4a
Reviewed-on: https://code.wireshark.org/review/22135
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some phones (Android and iOS smartphones) encode emoji characters as
UTF-16 big endian and although the UTF-16 is not specified in the 3GPP
23.038 (GSM 03.38) it seems to be widely supported
Bug: 13808
Change-Id: Ic4a600e42fb4b471223aaef1a661bd002835b519
Reviewed-on: https://code.wireshark.org/review/22181
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change guard that prevents decryption of v2015 to only check if frame counter
suppression is not used.
Add new aux header fields.
Cleanups.
Bug: 13805
Change-Id: Ib025e724415d7d7b85d63e2f44a37c7c691e9de6
Reviewed-on: https://code.wireshark.org/review/22165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In abda30e9e validation of JSON UTF-8 characters was implemented but it
doesn't handle well the valid characters
Bug: 13806
Change-Id: Id8777065cfff9deae94f457dee08017d03b50f20
Reviewed-on: https://code.wireshark.org/review/22169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The two code paths don't share any code, so they might as well be in
separate routines.
That makes it even easier to read.
Change-Id: I8ee335f4cac2aedc42216db7f9674e1a609d9347
Reviewed-on: https://code.wireshark.org/review/22179
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move some commented-out code where it belonged, and #if 0 it out
instead.
Have only *one* test for OCTO.
Change-Id: I6e8803f936ebd88f1705b2185f034ec0b2bddb77
Reviewed-on: https://code.wireshark.org/review/22177
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Two separate checks for OCTO, one right after the other, is a bit
confusing.
Change-Id: I702aa1809dc7271b69b5419dc850228fac516ed6
Reviewed-on: https://code.wireshark.org/review/22175
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While we're at it, note in the comment for get_utf_16_string() the
"decoding UTF-16" algorithm in RFC 2781.
Change-Id: I5d7dc5c09af0474c055796e49e0c7b94fa87d2ad
Reviewed-on: https://code.wireshark.org/review/22171
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's now FindMACOS_FRAMEWORKS.cmake.
(But is it actually *used*? CMakeLists.txt does the check itself.)
Change-Id: I6e972869b94da959dc7c9a3fccacfbd35e0e992c
Reviewed-on: https://code.wireshark.org/review/22163
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's now "macOS".
While we're at it, note that the property list from which it fetches
version information still calls it "Mac OS X".
Change-Id: I438ef9dc65c2619d7378b0deb5efc84734a2ac6d
Reviewed-on: https://code.wireshark.org/review/22159
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 13745
Change-Id: Ibd00ea4818eb4b47a2c46324c1bfc878fef03d1e
Reviewed-on: https://code.wireshark.org/review/22155
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Refactors the print.c json output functions to be more intuitive and
to allow easy switching to single json keys with a json array of values
instead of duplicate json keys. With this commit the json output does
not change at all.
These changes have been tested on multiple decrypted http2 traces with
the following testing method:
- Save the pcap file as json with a build of the current master branch.
- Save the pcap file as json with a build of the master branch + this
commit.
- Compare the files for changes with the "cmp" utility.
No differences were found between files for multiple different decrypted
http2 traces. Printing with the "-x" or "-j" options also does not
produce any changes either.
Bug: 12958
Change-Id: Ibd3d39119c3a08906389aa8bbf4e2a2b21dd824e
Reviewed-on: https://code.wireshark.org/review/22064
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Put them in the same order as the order in which the _VERSION values are
defined and in which they're invoked.
Similarly, do the "make sure we have the requested version installed"
tests in the same order as the un-installation order (which is the
reverse of the installation order).
Change-Id: I0e2bd1d249832090c3d81bacfe010de19de54cdf
Reviewed-on: https://code.wireshark.org/review/22158
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We now require libgcrypt, and libgcrypt requires libgpg-error.
Change-Id: Ifdf40acb11fef84485310321523500b1396736b6
Reviewed-on: https://code.wireshark.org/review/22157
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We want a newer version of libgcrypt to get additional crypto functions.
Update to the current release, 1.7.7.
Update to the current release of libgpg-error, 1.27, while we're at it.
Update to the current "stable" version of GnuTLS, 3.4.17; 2.12.19
doesn't work with libgcrypt 1.7.7. 3.4.17 requires Nettle, and Nettle
requires GMP, so, if we're building with GnuTLS, download and install
the current versions of Nettle and GMP.
GMP requires lzip, so download and install it as well.
Clean up some "version >= x.y.z" checks to check the major version
number in all cases.
Change-Id: I39cccd34e0d7f49ac35b0bbacdab03251d42a1de
Reviewed-on: https://code.wireshark.org/review/22156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When a mandatory information element is missing, try to report an expert info,
instead of throwing a fatal malformed exception (or of reporting nothing at all).
According to TS 24.007 11.2.3, a mandatory i.e. may be part of the imperative part
of the message, so that expert info should be at PI_ERROR level
Change-Id: Id399c236f2923db36540bbda0d29d666548f7cbd
Reviewed-on: https://code.wireshark.org/review/22134
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This makes those tests more like other such tests.
Change-Id: Ide920d4083f6092ce5892adf4fc178236c49729f
Reviewed-on: https://code.wireshark.org/review/22150
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have them all be "usb-XXX", where XXX indicates the type of header.
Change-Id: I7f1bfea7e264b17c57f94c484d64d1cce91b9b78
Reviewed-on: https://code.wireshark.org/review/22147
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Correct some symbolic references in source file comments
and add a note about the CMake configuration options.
Change-Id: Idb670a2c798c2a52cdce142340ce8fc5a2022508
Reviewed-on: https://code.wireshark.org/review/22138
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
udpdump has local copies of the tag values from exported_pdu.h, so the
dependency isn't needed. exported_pdu.h required tv_buff.h and packet_info.h,
whose inclusion caused link errors on SPARC.
Bug: 13801
Change-Id: Icbf7b59b8af0d3a0fc73599baad6932e76dc3462
Reviewed-on: https://code.wireshark.org/review/22131
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13793
Change-Id: I8863da14f889c68d161f4e53aa6a4e0d2636ba48
Reviewed-on: https://code.wireshark.org/review/22140
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The spurious retransmission check operates on the last-seen
acknowledgment in the reverse direction. Adjust the analysis logic so
that it is checked independently of the forward sequence number.
Update the documentation accordingly.
Change-Id: I3714f44398501a581f967c61e119fe95f90209b1
Reviewed-on: https://code.wireshark.org/review/21769
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
RETH remote key might be needed in protocol's dissectors.
Remote access key is shared out of band usually via RDMA
send operation. This key sharing is upper layer protocol specific
and protocol dissector knows about the key.
infiniband layer do not know about which rkey is shared.
For protocol dissectors to associate data packets with past
command packets, infiniband needs to provide the rkey.
Change-Id: I927116d649ed2b01c388afbcdb924cb7e5128e12
Signed-off-by: Nitzan Carmi <nitzanc@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Tested-by: Nitzan Carmi <nitzanc@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/22123
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icdcb770723e3783013f525524c3fe745d5dd862d
Reviewed-on: https://code.wireshark.org/review/22122
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Iaf705172496e26f571f77902bcc1a95f3b817c80
Reviewed-on: https://code.wireshark.org/review/22098
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
concatlen was not updated if FCParm was unknown, leading to an infinite loop.
Bug: 13797
Change-Id: I1b64d757a369183a711f01b0b5cd1ba7aa0787bc
Reviewed-on: https://code.wireshark.org/review/22120
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs