These are not (easily) visible during installation and are better
suited for documentation anyway, as implied in the Makefile comments.
Change-Id: Id2581f6e8dfc05f1a6c0de918a0f687f025e6d12
Reviewed-on: https://code.wireshark.org/review/23910
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
After ChangeCipherSpec, record fragments are encrypted. Use this strong
hint to fix misinterpreting the explicit nonce as a handshake message.
One edge case remaing unsolved though, if an encrypted Finished message
follows the CCS in the same TCP packet, then it could still be
misinterpreted.
Bug: 14117
Change-Id: Ie54bb5335f115d0fd8f05a13d1c826e3807cbbd3
Reviewed-on: https://code.wireshark.org/review/23900
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
In preparation for possibly using AUTOUIC in CMake which treats "ui_*.h"
files specially, rename ui_util.h. No other changes.
Change-Id: Id026572c000b713ff0e9388dc7fff8d81d4df73e
Reviewed-on: https://code.wireshark.org/review/23916
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Currently, the Elasticsearch output exports the packet details and,
if -x is specified, the raw hex data.
This change adds the option of exporting the packet summary as well.
The default stays the same (packet details only), but now the existing
-P switch turns on printing of the packet summary. It also turns off
printing packet details, which can be turned back on with -V to print
both, and combined with -x to print all three: summary, details and
raw hex.
The packet summary is especially useful when exploring and visualizing
the data in Kibana, e.g. by displaying the summary "Info" field/column
in a table, as in the Wireshark GUI.
Change-Id: I2030490cfdd905572397bc3d5457ba49d805a5c4
Reviewed-on: https://code.wireshark.org/review/22716
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Strawberryperl 5.26.1.1 installs "pod2man.bat" but not "pod2man" so
find_program cannot locate it.
Change-Id: Iebfe2efec220085b15a4d73681da9cc7ea6a5360
Reviewed-on: https://code.wireshark.org/review/23913
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also remove XXX comment (answer: no, using package flags is preferable).
Change-Id: I05e7c0a40db9f1e1931b0fc585fed49cd7409526
Reviewed-on: https://code.wireshark.org/review/23901
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The packet-per.c intialisation of ext_length is not really
needed - idx could be -1 with or without extension_flag
being set. But it'd be best not to have someone need to
think this through again.
Change-Id: If07f98ac7d7f2619149e35a2a0d75b765839a7ba
Reviewed-on: https://code.wireshark.org/review/23905
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Red Hat, at one point, provided a /usr/include/pcap/pcap.h without
bothering to also provide a /usr/include/pcap.h that linked to it or
included it, breaking source compatibility. That's what we're working
around when we search in both the top-level include directories and, if
they exist, pcap subdirectories of those directories.
libpcap 1.0 and later also put pcap.h in a pcap subdirectory, but also
provided a pcap.h in the top-level include directory that included
pcap/pcap.h, preserving source compatibility, so that's not the reason
we're searching in the top-level include directories and their pcap
subdirectories.
Change-Id: I8f427d46ce8293d278be9005ee623cda1ea5d691
Reviewed-on: https://code.wireshark.org/review/23902
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Autotools has the very useful feature by design of allowing the user
to override the default build flags (you break it you keep it).
Apparently CMake applies COMPILE_OPTIONS target property after
CMAKE_{C,CXX}_FLAGS so that doesn't work here. Prepend our flags to those
variables instead to make it work then.
Specific target flag overrides can still be added with COMPILER_OPTIONS
(e.g: generated files with -Wno-warning) but this is less effective and
then we're back at the point where this overrides user flags. It's less
of a concern though.
Change-Id: I44761a79be4289238e02d4e781fef0099628817b
Reviewed-on: https://code.wireshark.org/review/23675
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
'docsis_vsif.gex.extended_cmts_mic_hmac_type' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT8
Change-Id: Ic3a0f7f6edf5a28ffde6703276d4747d138081c7
Reviewed-on: https://code.wireshark.org/review/23896
Reviewed-by: Michael Mann <mmann78@netscape.net>
ptvcursor_add_ret_uint
ptvcursor_add_ret_int
ptvcursor_add_ret_string
ptvcursor_add_ret_boolean
Change-Id: I41fa91b1ab805778d34a61215830b12a1331e864
Reviewed-on: https://code.wireshark.org/review/23895
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Replace some g_new()s, g_strdup()s and GArrays used in prefix
registration with their epan_scoped wmem equivalents. This reduces
the amount of memory we leak so that we come in below the Valgrind
fuzzer's current threshold (102400).
Bug: 14106
Change-Id: I7308ac89465316c06773552253dabc876b6c2425
Reviewed-on: https://code.wireshark.org/review/23891
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also keep track of last frame of data response, and work out duration of
ftp-data stream.
Change-Id: I460aaa5c8736e044410eab428707651cede39d7e
Reviewed-on: https://code.wireshark.org/review/23880
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
that it exists.
Change-Id: I1986b7678193f3b4c9ed8cabff7e411cef5bf185
Reviewed-on: https://code.wireshark.org/review/23892
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Expose the PSN (packet sequence number) and the RETH DMA length
to protocol's dissectors.
Change-Id: Ied53a8964d7cd5c3d148ec7c7642017951e56118
Reviewed-on: https://code.wireshark.org/review/23886
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
tcpdump just got a --print option, which causes packet information to be
printed even if the raw packets are being saved to a file with -w. We
have -P for the same purpose; make --print another name for it.
While we're at it:
document --help and --version;
just speak of -P/--print as causing printing even of the packet
details, even though -V forces printing with -w, for consistency
with how --print is documented for tcpdump;
fix the description of -h/--help.
Change-Id: Idf650a202a09a2d1682edbd9d76123f1b1412b55
Reviewed-on: https://code.wireshark.org/review/23888
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I4f3af7e06169461a15507ed8ecce8f15075b9667
Reviewed-on: https://code.wireshark.org/review/23835
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
declaration of rand shadows a global declaration
Change-Id: I98f4edb14cd241bd709d50e8ac9151448773a658
Reviewed-on: https://code.wireshark.org/review/23884
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Protobuf dissector supports the almost all basic protobuf types of
varint, sint, string, and so on.
2. Protobuf messages are not self-described protocol, for example,
varint in protobuf may be int32, int64, uint32, uint64, sint32,
sint64, bool or enum. Currently dissector will dissect field without
detail definition in common way, for numeric field it show uint32 or
uint64, for length-delimited field it just show as bytes. But user
turn the try_dissect_all_length_delimited_field_as_string or
show_all_possible_field_types options on, that dissect will show all
possible value for each field according to wire type. (for example,
a numeric field will parsed in int32, uint32, sint32, sint64 and so
on).
Ping-Bug: 13932
Change-Id: Idfe49307b1c84fe461603756f75daeb3e410a905
Reviewed-on: https://code.wireshark.org/review/23814
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
filter.
Change-Id: Idcfa53d1db9e9f7b5501ca92592fb0fa0790ffe9
Reviewed-on: https://code.wireshark.org/review/23873
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
FI_BITS_XXX were using bits 5-15 of the field_info->flags bitmask.
Move FI_VARINT to be outside of that range.
Change-Id: I92efcb5644cdbb562537d2813b611e583315874b
Reviewed-on: https://code.wireshark.org/review/23871
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I9e0314ae2e975a1c50cfaf2b00e469ad7f640357
Reviewed-on: https://code.wireshark.org/review/23866
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Estimating the effort required to process a capture based on its size
isn't very reliable. Instead of rejecting files that are too large, just
limit Valgrind fuzzing to the first 100,000 packets in each file. This
should fix a timeout issue we're seeing on the master fuzzer.
Change-Id: I0117735341d3a183c6131f5f05dbd1d559fc4b3f
Reviewed-on: https://code.wireshark.org/review/23872
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Make string mapping for UC_RDMA_WRITE_MIDDLE consistent with
all other mappings in the OpCodeMap table.
Remove extra blank lines in the OpCodeMap table.
Change-Id: Ifb3e242a89458103f3db3b5718d5d939dffb6dae
Reviewed-on: https://code.wireshark.org/review/23867
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When we exit due to excessive memory leaks make sure we say so in the
error log.
Change-Id: I03f60271f3e4bb467fbaa5b9ac17431eed96f300
Reviewed-on: https://code.wireshark.org/review/23870
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Let's perform the check before potentially breaking the loop.
While we are at it, let's update the test to remove the last layer so as to
match the one used to add it.
Change-Id: I5807219de75c4e2c23b9435d6271ad60aec45783
Reviewed-on: https://code.wireshark.org/review/23844
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I6031600ee3d764a7b2690ff88dbbfb01a1d6244b
Reviewed-on: https://code.wireshark.org/review/23824
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the chunk_size to the offset to get the correct write list
count, this issue was introduced by the fix for Bug: 13558
Change-Id: I306a9c0c9d601f7bdf4cc0e49eacd5466a6adb89
Reviewed-on: https://code.wireshark.org/review/23851
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Rename osx-app.sh to osx-app.sh.in and add the version to the plugin
path at configure time.
Instead up updating Autotools accordingly just remove the macOS
packaging targets. gf61c381b5a removed support for Autotools in
osx-app.sh and if anyone wants to build macOS packages I'd prefer that
they use the same toolchain as the buildbot.
Change-Id: Ide5205265bf8859a85b1afab68fa8f8285952bd3
Reviewed-on: https://code.wireshark.org/review/23839
Reviewed-by: Anders Broman <a.broman58@gmail.com>
João Valverde