Remove some unused defines, function parameters and functions.
Change-Id: I1bbc3ff7e0a9d11e8521ddf24b35113d8e332f08
Reviewed-on: https://code.wireshark.org/review/37305
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make wtap_file_get_shb() take a section number argument, and update code
that called it. In most cases, we convert the code to iterate over
sections; in cases where a big code change would be required, we
temporarily pass it 0 and mark the code as "needs to be updated for
multiple sections".
Eliminate cf_read_section_comment(); in calls outside file.c, other code
directly calls the libwiretap routines it calls and, inside file.c, we
just transplant the code and then fix it not to assume a single SHB.
Change-Id: I85e94d0a4fc878e9d937088759be04cb004e019b
Reviewed-on: https://code.wireshark.org/review/37000
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Add some ENC_ values for various flavors of packed BCD, and use that
instead of explicitly calling tvb_bcd_dig_to_wmem_packet_str() and
adding the result.
Change-Id: I07511d9d09c9231b610c121cd6ffb3b16fb017a9
Reviewed-on: https://code.wireshark.org/review/36952
Reviewed-by: Guy Harris <gharris@sonic.net>
Add proto_item_get_display_repr(), which returns a string, allocated
with a specified wmem scope, containing the display representation of
the value of a proto_item.
Use it in the LLDP dissector, to append that string to the parent
protocol tree item; use packet scope, so it doesn't hang around forever
(the previous code used the NULL scope, meaning explicit freeing was
required, but it wasn't explicitly freeing the value, so it was
leaking).
Change-Id: I146380118833b1daef9dea8bd9463001e5b9325f
Reviewed-on: https://code.wireshark.org/review/36931
Petri-Dish: Guy Harris <gharris@sonic.net>
Reviewed-by: Guy Harris <gharris@sonic.net>
true_false_strings have no helper function to properly retrieve the
string representing the true or false value, much like unit_strings,
even though this is not uncommon in dissectors.
This change introduces the helper function and modifies the dissectors,
so that they use this helper i.s.o. their own expressions.
Change-Id: I477ed2d90a9a529fc5dcfef7e3ea42ec180d27ae
Reviewed-on: https://code.wireshark.org/review/36920
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add convenience routines for getting and setting a per-protocol,
per-packet depth value, which can be used to limit recursion, nesting,
cycling, etc. Use them in the BACapp, DAAP, Mongo, VLAN, and WBXML
dissectors.
Change-Id: I172514828169253ae7fcf9162c9d7eeb3041ff9c
Reviewed-on: https://code.wireshark.org/review/36846
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Speeds up the asn1 build from 133 seconds to 39 seconds, and guide
builds from 40s to 33s (-j6). Extraction of parallel=x from
DEB_BUILD_OPTIONS was borrowed from the debhelper Makefile.
Switching to Ninja has even more potential speed ups and prevents
interleaving build output, but requires debhelper 11.2 (Ubuntu
bionic-backports, Debian stretch-backports).
Change-Id: I2d403863adf5bfd692300642aad7df4b1cdb6e46
Reviewed-on: https://code.wireshark.org/review/36377
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Those fetch gint and guint values, respectively, rather than values with
specified sizes in bits.
This should squelch Coverity CID 1457357.
Change-Id: Ia8f100bd3fe90c266e24a4346f80b2667c653b93
Reviewed-on: https://code.wireshark.org/review/36177
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1. Switch list of manually resolved names from a list to a map
(IP Address --> Custom Hostname)
2. If an address was already in the list, just update the old entry.
Previously this added a new entry anytime somebody would edit a
hostname.
3. Display the previous hostname in the GUI
4. Remove unused manually_resolve_cleanup()
Bug: 11221
Change-Id: I42d5b6267eb6613bdf7783865bc2d30d6bda1147
Reviewed-on: https://code.wireshark.org/review/36059
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Although we don't depend on any of Qt's SVG classes directly, we do use
SVG icons in Preferences → Appearance → Language and QIcon loads its SVG
engine dynamically. If it's not present Wireshark will still run, but
the user won't see any flag icons.
Require QtSVG in the Debian and RPM packaging. It's not that large (~
400k here on Ubuntu 18.04) and ensures that we have a uniform user
experience across platforms. In this particular case, if the user
experience happens to be "Wireshark's UI is in a language I don't
understand" the little flags can come in handy.
Change-Id: If3c2e8a6040967353dbc462ee475ef12514b25f9
Reviewed-on: https://code.wireshark.org/review/36037
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Much better to use a known library than create it ourselves.
Also remove get_tempfile_path as it's not used.
Bug: 15992
Change-Id: I17b9bd879e8bdb540f79db83c6c138f8ee724764
Reviewed-on: https://code.wireshark.org/review/34420
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Two enhancements and one fixed bug:
1. Add dissecting protobuf fields as wireshark (header) fields preferences. User
can input the full names of protobuf fields or messages in Filter toolbar for
searching.
2. Add 'protobuf_field' dissector table. Dissector based on protobuf can register
itself to 'protobuf_field' keyed with the full names of fields of BYETS or STRING
types.
3. A bug about search MESSAGE or ENUM type in context is fixed.
4. Another small enhancement is adding prefs_set_preference_effect_fields() which
can mark a preference that affects fields change (triggering FieldsChanged event).
See the linked bug for sample capture file and .proto files.
Ping-Bug: 16209
Change-Id: Ibc3c45a6d596a8bb983b0d847dd6a22801af7e04
Reviewed-on: https://code.wireshark.org/review/35111
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's a "wmem version" of format_size (from wsutil/str_util.h).
Also improved the flexibility in formatting of format_size() to handle future
needs of format_size_wmem
Ping-Bug: 15360
Change-Id: Id9977bbd7ec29375bbac955f685d46e75b0cef2c
Reviewed-on: https://code.wireshark.org/review/31233
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If a ProtoField object was created, but not linked to a Proto, then the
strings field and all elements (depending on type) would leak.
This is a follow-up to g79fef2ae and fixes the real issue in g44870fb1.
Change-Id: I01880a92bb20fae45f68c754b07daeb07630deec
Reviewed-on: https://code.wireshark.org/review/34872
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
1. Add show_details preferences. Disable it will hidden names of
message/field/enum, field number, and other details.
2. Have only one popup message with all the errors listed,
that are found during parsing .proto files. (Buffer errors and print once)
Loading .proto files and checking message types of UDP port will
be done only when protobuf dissector has been called.
3. Support parsing .proto files in legacy MAC file format
(that newline is '\r') or mixed newline (\r + \n) file format.
Change-Id: I97bcde000957e4cd1cce98a7f61120d03027423e
Reviewed-on: https://code.wireshark.org/review/34736
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts commit f1285fcf06.
NSIS package is broken with this commit.
Change-Id: Ief22a308edad188fa2d5fab79355f19493359fa6
Reviewed-on: https://code.wireshark.org/review/34758
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
HTML docs are installed to both $docdir and $pkgdatadir. Fix that
to install to $docdir only.
Change-Id: I115158585b6df9170d9a01249adbc8548df91f14
Reviewed-on: https://code.wireshark.org/review/34640
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.
Known issues that will be addressed in the future:
- If a single packet contains multiple streams, then Follow QUIC Stream
will wrongly include data from streams other than the selected one.
This is tracked by bug 16093 and affects HTTP/2 as well.
- The Substream index menu does not properly filter for available
stream numbers. If a non-existing stream is selected, then changing
to another (potentially valid) index results in the "Capture file
invalid." error. As workaround, clear the display filter first.
- Follow Stream always selects Stream ID 0 instead of the first or
currently selected stream field in a packet. Users should manually
update the stream index as needed.
Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On Windows, fstat() and stat() sets st_dev to different value depending
on whether it was called with file handle or file path. If file handle
was used, the st_dev is simply the file handle casted to unsigned.
If file path was used, then st_dev corresponds to drive letter
(A=0, B=1, C=2, ...).
Compare the files using the file index information retrieved by
GetFileInformationByHandle(). When compiled in configuration that
supports FILE_ID_INFO, the code first tries to obtain 128-bit FILE_ID_INFO
and if that fails, fallback to GetFileInformationByHandle().
Bug: 16059
Change-Id: I5f8d8d8127337891ef9907c291e550b1d17aabbb
Reviewed-on: https://code.wireshark.org/review/34573
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add "native" support for the "zig-zag" version of a varint in proto.[ch] and
tvbuff.[ch]. Convert the use of varint in the KAFKA dissector to use the (new)
"native" API.
Ping-Bug: 15988
Change-Id: Ia83569203877df8c780f4f182916ed6327d0ec6c
Reviewed-on: https://code.wireshark.org/review/34386
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A few dissectors need the functionality of adding a time field to a proto_tree
while also needing the "time to string" value (typically to show on a tree above).
The functionality to do "get value from tvb and convert to string" was being done
in packet-ntp.c.
Instead proto_tree_add_item_ret_time_string can be used with various encoding to
get the necessary functionality with less code duplication.
ENC_TIME_MIP6 was added as a result of the refactoring.
ABSOLUTE_TIME_NTP_UTC was added as another potential "base" type for time fields.
Change-Id: Ie460c33370b0af59ef60bdab893ce9d6eb23b94f
Reviewed-on: https://code.wireshark.org/review/34390
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For use by EAP-TTLS which embeds TLS.
Change-Id: I4770d03f912dd75f92878dd74ad830ebb7eb1431
Reviewed-on: https://code.wireshark.org/review/34311
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Before the unzipped files are being copied from the temp directory,
they are checked against the stored list of profile names, to ensure,
that only allowed files are being imported.
Also ensures, that no empty directory exists for the skipped one
Bug: 15969
Change-Id: I6ae8c9fb5f63d089d42fc0ef18dbe84baec515a2
Reviewed-on: https://code.wireshark.org/review/34184
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change the Profile types from User/System to Personal/Global in UI
to match the terminology used in About Wireshark -> Folders.
This reverts commit 40af4aa93e.
This reverts commit f0cde7ca34.
This reverts commit c37cabe900.
Change-Id: I9012db6385707754e26a2dadb57f6003f8112f9b
Reviewed-on: https://code.wireshark.org/review/34134
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
It's called system profiles in UI so update function names and
variables to use the same name. This will increase code readability.
Change-Id: I048e9ea85bd6ebab4a2c3ed1c685487ac8f7e40e
Reviewed-on: https://code.wireshark.org/review/34116
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
There are 3694 warnings for one of the following two messages:
UserWarning: The same field names for different types. Explicit field renaming is recommended.
UserWarning: The same type names for different types. Explicit type renaming is recommended.
Both warnings are accompanied by some context. Since the packager is
unlikely going to address these issues, and CI systems struggle with the
size of the generated logs, disable this subset of warnings. The output
of `ninja asn1` shrinks from 28191 lines (2.4MiB) to 483 lines (32KiB).
Change-Id: I44e9e1ab40f2255136fb1440e3bde2ccc9e55295
Reviewed-on: https://code.wireshark.org/review/34098
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Those functions are defined as inline in proto.h and are not exported
functions. The change g76e227bcef had an impact on this check and now
they are flagged as missing. Let's remove them.
Bug: 15944
Change-Id: I58a0bd41283ce20aa7441ca08173e3d8d469a0ec
Reviewed-on: https://code.wireshark.org/review/34088
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
That's what the remaining calls to tvb_get_nstringz() and
tvb_get_nstringz0() are being used to do, even though those routines
were not intended for that purpose - the calls are extracting from a
text protcool, meaning that the strings are *not* null-terminate in the
packet.
Strings - even null-terminated ones - should, in almost all cases, be
extracted by tvb_get_string_enc() or routines that call it, so that an
encoding is specified. In the few cases where we're fetching strings
only to be compared to ASCII constants, or to parse as numbers, we can
get away with this.
Change-Id: I29f0532902c4ade2207de7f06db69c32eafd4132
Reviewed-on: https://code.wireshark.org/review/34072
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add package relations to the deprecated wireshark-gtk package. The
transitional package added by "Stop shipping Wireshark's GTK+ GUI" has
not been incorporated however. The Standards-Version version bump done
in 2.0.5+ga3be9c6-1 (2 Aug 2016) required no changes. Note that both
Debian Stretch and Ubuntu 16.04 have debian-policy 3.9.8.
Change-Id: Idb6f106ea03d47bcf87ba60f5470754e9ae4369e
Reviewed-on: https://code.wireshark.org/review/34047
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
because wireshark/epan/packet_info.h (libwireshark-dev)
depends on wireshark/wiretap/wtap.h (libwiretap-dev)
Change-Id: I76eb17c2c0502f4ea53c6ce934aeaea5ff5cfdd9
Reviewed-on: https://code.wireshark.org/review/34046
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Incorporates debian/tests/ changes up to upstream/3.0.0-76-ge634555b61:
* Add autopkgtest for testing starting GUI
* Add missing autopkgtest dependencies
* Use automatic xvfb server number in tests
* Use GLX extension in autopkgtest, Qt needs it
* Install at-spi2-core in gui autopkgtest to avoid error messages
* debian/test/gui: Ignore stderr from wireshark-gtk since upstream deprecated it
* debian/tests/gui: Redirect stderr to stdout because Lua prints to stderr
* Stop shipping Wireshark's GTK+ GUI
Change-Id: I840fa17fb5ac2bc7b4fed36c4286ea97742f7369
Reviewed-on: https://code.wireshark.org/review/28519
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
/usr/bin/dumpcap may be locally diverted to somewhere else, so let's
query dpkg-divert for the current location.
Change-Id: I4347d390b2c1e94383308d274b113a23bec62f5b
Reviewed-on: https://code.wireshark.org/review/34040
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a simple helper function to get the dissector handle that's
currently selected in a given payload dissector table.
We have similar functions already for string and uint dissector tables.
Change-Id: Ia1092fe2b8d038bae2b26db99fd08cd9d6979fcd
Reviewed-on: https://code.wireshark.org/review/33933
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
The contents of the Symbol Proprietary TLV was assumbed to be the same
as the Vendor Specific TLV. This proved not to be the case, at least for
Zebra Extreme networks nodes. This change implements the dissection of
the format as defined in the bug.
Bug: 15909
Change-Id: I4c14dde386d33302d187680f9f09f8b5bb1ef213
Reviewed-on: https://code.wireshark.org/review/34023
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The latest iteration of Microsoft updates to SMB3 added compression to
the protocol. This commit implements decompressing and dissecting
compressed payloads.
The compression algorithms that can be used are "Plain LZ77",
"LZ77+Huffman" and "LZNT1" which you can read more about in the
[MS-XCA] documentation. This set of algorithm is sometimes referred to
as XPRESS.
This commit reuses the existing uncompression API scheme already in
place with zlib and brotli and adds 3 tvb_uncompress_*() function
implemented in:
* epan/tvbuff_lz77.c
* epan/tvbuff_lz77huff.c
* epan/tvbuff_lznt1.c
A new function wmem_array_try_index() was added to the wmem_array API
to make bound checked reads that fail gracefully. New tests for it
have been added as well.
Since both reads (tvb) and writes (wmem_array) are bound checked the
risk for buffer overruns is drastically reduced. LZ77+Huffman has
decoding tables and special care was taken to bound check these.
Simplified versions of the implementations were succesfully tested
against AFL (American Fuzzy Lop) for ~150 millions executions each.
The SMB2/3 dissector was changed to deal with the new transform header
for compressed packets (new protocol_id value) and READ request
flags (COMPRESSED). Badly compressed or encrypted packets are now
reported as such, and the decryption test suite was changed to reflect
that.
This commit also adds a test capture with 1 packet compressed with
each algorithm as returned by Windows Server 2019, along with 3
matching tests in test/suite_dissection.py
Change-Id: I2b84f56541f2f4ee7d886152794b993987dd10e7
Reviewed-on: https://code.wireshark.org/review/33855
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The "Basic code table" in ISO 646 is mostly ASCII, but some code points
either 1) have more than one glyph that can be assigned to them or 2)
have no glyph assigned to them. National versions choose one of the two
glyphs for the code points in group 1) and assign specific glyphs to the
code points in group 2); the International Reference Version assigns the
same glyphs to those code points as does ASCII.
For the "Basic code table" encoding, we map the code points in groups 1)
and 2) to a REPLACEMENT CHARACTER; additional encodings can be added for
the national versions.
Add ENC_ISO_646_IRV (International Reference Version) as an alias for
ENC_ASCII.
Expand some comments, and add some comments, while we're at it.
Change-Id: I4f1b5e426ec193775e919731c5cae1224dc65115
Reviewed-on: https://code.wireshark.org/review/33941
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
CMake does not need libtool.
Change-Id: Ib96c2ad96fbf62aad86536f40f979fe7786cc576
Reviewed-on: https://code.wireshark.org/review/33772
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Neither VERSION nor docdir are used in CMake, remove it. The wheezy
workaround was needed to fix build failures with PIE, but since Wheezy
is EOL, it can be removed.
'distrelease' can also be removed, but let's keep it in case
distro-specific workarounds are needed in the future.
Change-Id: I6e8a296112b218ebce79f697bbb1def7c0efdad7
Reviewed-on: https://code.wireshark.org/review/33712
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested with python-ply 3.11 and Python 3.7.3 on Arch Linux using the
'ninja asn1' command.
Bundling lex.py and yacc.py is one distribution method suggested by PLY
upstream (https://www.dabeaz.com/ply/README.txt), but since it is also
available in many Linux distributions, we could potentially remove it in
the future. Windows developers can install it through pip if needed.
Change-Id: I9c847072916ee33da49994820b435ec1d7110303
Reviewed-on: https://code.wireshark.org/review/33708
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fixes lintian warnings:
W: wireshark-dev: binary-package-depends-on-toolchain-package depends: debhelper
W: wireshark-dev: binary-package-depends-on-toolchain-package depends: cdbs
wireshark-dev does not depend on either cdbs or debhelper, remove it. A
versioned debhelper dependency is present as Build-Depends however.
Change-Id: Ic3393e7ecbaf6d4bdf032315e5da586823ae1e05
Reviewed-on: https://code.wireshark.org/review/33676
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Fixes the following Lintian 2.15.0 (Debian sid) warnings with WS 3.0.2:
W: wireshark-common: extended-description-line-too-long
W: wireshark-common: command-with-path-in-maintainer-script postrm:11 /usr/sbin/delgroup
W: wireshark-dbg: priority-extra-is-replaced-by-priority-optional
W: wireshark-doc: priority-extra-is-replaced-by-priority-optional
Replace absolute path test in postrm and fix indentation.
Remove the Priority line in binary packages since they default to the
Source priority which is set to "optional". See
https://www.debian.org/doc/debian-policy/ch-archive.html#s-priorities
Change-Id: Ib07f6414348cbbfb1e7177643d9b9acfd9f1a477
Reviewed-on: https://code.wireshark.org/review/33675
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Convert asn2wrs.py to Python 3 via `2to3 --print-function --write` along
with additional tweaks.
Convert asn2deb and idl2deb using `2to3 --write`.
Work around what appears to be a Debian packaging bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818609
Change-Id: I5cc246f7162c2d713673955c10c092e1b91adf82
Reviewed-on: https://code.wireshark.org/review/33504
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way, even if we're not building a protocol tree, so that you don't
get protocol tree items, you can get the display string, e.g. to use in
a column.
Replace the use of the "get display string" routines with calls to those
routines.
Change-Id: I23e3e88838bdf837d8660c271f78c79b7d1c5620
Reviewed-on: https://code.wireshark.org/review/33519
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a BASE_SHOW_ASCII_PRINTABLE flag for the "display" field, to use
with FT_BYTES and FT_UINT_BYTES fields; it specifies that, if the field
consists solely of printable ASCII characters, its value be displayed as
a string, in quotes. Have a routine hfinfo_format_bytes() to do that
formatting, depending on the display field value.
Add routines to fetch the display value of string and
FT_BYTES/FT_UINT_BYTES fields; for strings, it's the result of
hfinfo_format_text(), and for byte arrays, it's the result of
hfinfo_format_bytes().
Use BASE_SHOW_ASCII_PRINTABLE for extended attribute data in SMB and
SMB2. Use the routines in question for extended attribute names
(string) and data (bytes). That keeps us from displaying non-text
extended attribute data as if it were text.
Document BASE_SHOW_ASCII_PRINTABLE.
Change-Id: I24dcf459c14f00985e4daaf9b58f5933964eabd8
Reviewed-on: https://code.wireshark.org/review/33517
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This requires some special hackery, including a new packet-ber.c
routine, as those strings are just OCTET STRINGs, not UTF8Strings.
Change-Id: I776ed47f7400eba366a630b60b94be3397f7b45f
Reviewed-on: https://code.wireshark.org/review/33403
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add export DPKG_GENSYMBOLS_CHECK_LEVEL=4 to debian/rules in order to
ensure that we update the Debian config when we change the API.
Change-Id: Ieeaf08342790c075de62a52079d874fe9d36bed8
Reviewed-on: https://code.wireshark.org/review/33119
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I8443379d23a2946dd21c12e5e0bd5464ab73ca25
Reviewed-on: https://code.wireshark.org/review/31857
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Those routines exist on both Windows and UN*X, but they don't do
anything on UN*X (they could if it were ever necessary).
That eliminates some #ifdefs, and also means that the gory details of
initializing Winsock, including the Winsock version being requested,
are buried in one routine.
The initialization routine returns NULL on success and a pointer to a
g_malloc()ated error message on failure; report the error to the user,
along with a "report this to the Wireshark developers" suggestion.
That means including wsutil/socket.h, which obviates the need to include
some headers for socket APIs, as it includes them for you.
Change-Id: I9327bbf25effbb441e4217edc5354a4d5ab07186
Reviewed-on: https://code.wireshark.org/review/33045
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it possible to set the console.log.level from the Advanced
preferences window.
Change-Id: I5c5551f089a935eef77f54fdcad0ba060f14edfd
Reviewed-on: https://code.wireshark.org/review/32930
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
That makes it - and the routines that implement it - work more like the
seek-read routine.
Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add support for decrypting IEEE 802.11 WPA3-Personal / SAE traffic.
SAE uses AES encryption but a different key derivation function (KDF)
making Wireshark fail to decrypt such captures. Also both KDF and
decryption method is determined based only on EAPOL key description
version. This is not enough to figure out that SAE is being used.
Implement the alternative KDF needed to derive valid PTK. Also
implement a function to parse pairwise + group cipher suites and
auth key management type from RSNE tag. Using this new function
together with a number of new cipher and AKM lookup functions
correct KDF for SAE can be selected.
Bug: 15621
Change-Id: I8f6c917af1c9642c276a244943dd35f850ee3757
Reviewed-on: https://code.wireshark.org/review/32485
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add locale-independent version that replaces json_dumper_value_anyf for
floating-point numbers. NaN and -/+Infinity are mapped to null.
Change-Id: I8e7856de480b7bcafe77ddd015239e1257768ced
Reviewed-on: https://code.wireshark.org/review/31948
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <jbwzawadzki@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Provide a way to retrieve key URIs ("pkcs11:" and in the future maybe
"system:") and validate the PIN/password for such keys. Additionally
permit validation of a RSA key file.
This will be used for the RSA Keys GUI dialog.
Change-Id: I4177a11cb9f4758d7564daae509e20a4a42623fa
Reviewed-on: https://code.wireshark.org/review/31794
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The loop to remove all matching callbacks was skipping every second
entry which would give some leaks when reloading Lua plugins.
Add funnel_cleanup() to be called in epan_cleanup() at shutdown
to remove all allocated menu entries.
Change-Id: I3a50ba2070c8675fee1385f25e9e109db57c2dc5
Reviewed-on: https://code.wireshark.org/review/31769
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Sort both lists; for the man pages, sort the extcap man pages after the
regular command-line tool man pages.
Add the captype and randpkt programs and man pages, and the udpdump man
page.
Change-Id: I0244013f8d08685d61ba70274185cb5539ff0545
Reviewed-on: https://code.wireshark.org/review/31503
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>