The packet time calculation used the time(NULL) call to get the time
in seconds and than divided by 1000 to get micro seconds. This results
in correct seconds but some random micro seconds values.
Now get the time in microseconds and divide by 1000000 to get the
seconds and use the remainder for the micro seconds part.
Change-Id: I31f90960e27b0089c20936f69c7dc30f1efd50d9
Signed-off-by: Erwin Rol <erwin@erwinrol.com>
Reviewed-on: https://code.wireshark.org/review/36067
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From Johannes Berg with changes by Richard Sharpe to make it easier for
people to add support for RADIOTAP Header TLVs in the future.
Change-Id: I66d69cbe16740abce1e75ca1e789a2034283306b
Reviewed-on: https://code.wireshark.org/review/36057
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This circumvents a buggy pkg version in 11.x.
Move env var to the proper place while here.
Change-Id: Ib527a92cf8b542c8478daddf082c696caa296d80
Reviewed-on: https://code.wireshark.org/review/36055
Reviewed-by: Dario Lombardo <lomato@gmail.com>
File names can be longer than 256 bytes and still be sane. Fixes
filenames being reported as "[unknown]".
Change-Id: I3425d3106cf6ef63e298c2e73a063a207a4d4aea
Reviewed-on: https://code.wireshark.org/review/36045
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MPSSE response data and chip specific command parameters are not
dissected yet.
Ping-Bug: 11743
Change-Id: If783ef4580d0f8862419a249191f24521e316271
Reviewed-on: https://code.wireshark.org/review/35961
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure we have enough data for a CRC.
Bug: 16368
Change-Id: I03a2532061a5cf5e28cb65c83dd4ab90654d1679
Reviewed-on: https://code.wireshark.org/review/36048
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The "The NPF driver isn't running. You may have trouble" warning dialog
is now redundant, so remove it along with the "privs.warn_if_no_npf"
recent setting.
Add a more general "sys.warn_if_no_capture" recent setting along with a
getter for SimpleDialog's "Don't show this message again." string. Use
them to add a "Don't show this..." link to the main welcome warning
label.
Change-Id: Idffb800761eebf04b75e4be3f6bf7727dd468949
Reviewed-on: https://code.wireshark.org/review/36042
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
In captures of LDAP Privacy (encrypted) data, the dissector
threw Malformed errors because had it attempted to decode
encrypted payloads. See attached example capture
"PRIVACY-payload-(encrypted-data).pcap" at
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16358
Bug: 16358
Change-Id: Ic6d74d464157b145896090316ba73af025af7312
Reviewed-on: https://code.wireshark.org/review/36038
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Previous code did not properly decode protocol (Object dictionnary is not always sent). All changes comply with CANopen DS301 freely available on the web.
Change-Id: Ibaae09af0f1a5300a323a9c94077d1fb7dadd560
Reviewed-on: https://code.wireshark.org/review/35558
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In osx-app.sh, $VERSION used to hold the minor version of the OS. We no
longer set it and it's probably safe to assume that we're building on
Lion or later, so remove it.
Change-Id: I8e85cd7c2fe2162019c7c436b7865be95d4a33e2
Reviewed-on: https://code.wireshark.org/review/36039
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Significantly increased readability of the code, speed of work
and reduced size of the consumed memory.
- The number of memory allocations has been reduced from N to a few
- Removed double (redundant) data copying
Change-Id: I05aed194932ed3305eefb6e2e0f847e57851c41c
Reviewed-on: https://code.wireshark.org/review/36026
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Use the "create_new" property convention similar to PacketList. Fix a
"QWidget::insertAction: Attempt to insert null action" warning in the
packet dialog while at it.
Change-Id: I29b3b113aba92634b1b9a3427e2313fca30633eb
Reviewed-on: https://code.wireshark.org/review/36023
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "create_new" property was never set which prevented a new row from
being created once the dialog is opened.
Change-Id: I19c793ebd219bb58cb34f4d67451660ace51aa32
Fixes: v3.1.1rc0-254-gf402b4cdaa72 ("Qt: PacketList call DecodeAsDialog directly")
Reviewed-on: https://code.wireshark.org/review/36020
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The code was not properly corrected and a confirm result would show
a malformed packet because two bytes were not accounted for.
Change-Id: Ibc2f14ec46b0d63401d8d3b3768b032ed9b12e56
Reviewed-on: https://code.wireshark.org/review/36028
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow the filter in the Resolved Address dialog to be cleared to disable
filtering without requiring the dialog to be reopened.
Change-Id: I8164d42ac763f8b7faf23821633e129feba69790
Fixes: v3.1.1rc0-244-g743f8598cd0b ("Qt: Rework Resolved Addresses dialog")
Reviewed-on: https://code.wireshark.org/review/36027
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix several issues in the Resolved Addresses dialog:
- Missing IP hosts because the list was populated with one
tab-separated item while the caller expected space-separated items.
- Fix duplicate entries due to the "values" list not being cleared.
- Remove IPv4/IPv6 Hash Tables since these are a superset of IPv4/IPv6
Hosts, except that the former also includes mappings without a known
name (e.g. 8.8.8.8 -> 8.8.8.8).
- Fold both IPv4 and IPv6 hosts into one as before. Users like me
usually look for any IP match, regardless of the address family.
- Minor optimizations: do not construct the label every time.
- Rename "Mac Address" [sic] to simply "Address", that covers both IP
addresses and MAC addresses.
Bug: 16366
Change-Id: I6253fc01da7b6429ce093e7db9fe58e235b7c137
Fixes: v3.1.1rc0-244-g743f8598cd0b ("Qt: Rework Resolved Addresses dialog")
Reviewed-on: https://code.wireshark.org/review/36022
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
After feedback from the WFA and checking tables 9-3 and 9-6 in
IEEE802.11-2016 and testing this is more correct.
Change-Id: I26e65046610d887b2bcdac6caa8b4665eb2f6e20
Reviewed-on: https://code.wireshark.org/review/36018
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
With SAE there is a need to handle the anti-clogging token.
Tested with test cases from WFA.
Change-Id: I5bad92677481bc45b7bd10b526aa6a44c200ce17
Reviewed-on: https://code.wireshark.org/review/36019
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This allows higher-layer file or protocol dissectors to dissect the file
contents. Note that there are currently no dissectors that do this in-tree,
but an example of how to do this is at:
https://github.com/Roman-Koshelev/Arinc-615a-Wireshark-Dissector.
Bug: 16069
Change-Id: I88236175128efd0f6d474218dd117f5b0ca1fae9
Reviewed-on: https://code.wireshark.org/review/35553
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
IKEv2 added the critical flag to all payloads except payloads and
transforms. The dissection code just checked that it was looking at
IKEv1 but missed a check for proposals and transforms.
Bug: 16364
Change-Id: Ia9297af039fddf2da81f9712fdf7ac165fb2d86d
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-on: https://code.wireshark.org/review/36009
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The formatting, tab/space indents, brace location, alignments,
binpacking etc... were wildly inconsistant in this file. It
made it hard to update without introducing unintentded changes
and difficult to read.
I've cleaned up most of the whitespace inconsistancy. I can't say this
is absolutelty complete, but should be the majority. Some deviation
may occur in the intrest of readability, and I expect future changes to
favor readabilty as well.
As I'm starting a process to clean-up this dissector and improve on
remnants left over from its coversion to a built-in from a plug-in, I'm
starting with a whitespace-only commit that funcional changes can base
from.
Change-Id: I2eb0aca8860c2e91daf103b760461b928873a92b
Reviewed-on: https://code.wireshark.org/review/36003
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Now that the NR RRC dissector has all its logical channel dissectors
available, its time to call them.
Change-Id: I5f00552af49ef84d187da0c8a4f5850c7e7831fb
Reviewed-on: https://code.wireshark.org/review/36004
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
The unencrypted padding after the client Initial Packet was interpreted
as a short header packet. At that point, the TLS dissector has not
encountered the Server Hello yet and was not able to provide decryption
secrets. The QUIC dissector wrongly assumed that decryption would never
be possible from that point on.
Add a comment to clarify why decryption was skipped, and avoid treating
the zero padding as Short Header (SH) packets to fix decryption.
Alternatively, the short header dissector could try to validate the DCID
in SH packets, but that might result in failure to dissect legitimate SH
packets when the handshake packets are missing.
Ping-Bug: 13881
Change-Id: Id20eb23c976226cb3ef78ac91f25a291f94dc805
Reviewed-on: https://code.wireshark.org/review/36000
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
If an extcap tool fails to start or the tool exits unexpectedly
Wireshark will try to kill PID -1. This has very unexpected results
on Linux, like bringing down the whole window manager.
Make sure it's a valid PID before killing the extcap child process.
Bug: 16362
Change-Id: I58c0cb409fec3f35d3c76d841e2430a2f8742301
Fixes: v3.3.0rc0-461-g8efde39805 ("extcap: terminate the child process using kill.")
Reviewed-on: https://code.wireshark.org/review/35998
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Now that the NR RRC dissector has all its logical channel dissectors
available, its time to call them.
Change-Id: Id59da5af1bca3654f3c5fca5c81ce664454d4f1e
Reviewed-on: https://code.wireshark.org/review/35999
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Since draft 22 the CID length ranges from 1 - 20 instead of 4 * 18.
Firefox 74.0a1 happened to send a SCID of 3 bytes which resulted in
failure to find the connection for short header packets.
Ping-Bug: 13881
Change-Id: Iacff6ea215fd27861d196bc831991be7e4450419
Reviewed-on: https://code.wireshark.org/review/35993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>