Commit Graph

716 Commits

Author SHA1 Message Date
Mikael Kanstrup 685a125729 dot11decrypt: Remove some unused code
Remove some unused defines, function parameters and functions.

Change-Id: I1bbc3ff7e0a9d11e8521ddf24b35113d8e332f08
Reviewed-on: https://code.wireshark.org/review/37305
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-05-25 10:33:23 +00:00
Guy Harris 582ad24c38 Remove some single-SHB assumptions.
Make wtap_file_get_shb() take a section number argument, and update code
that called it.  In most cases, we convert the code to iterate over
sections; in cases where a big code change would be required, we
temporarily pass it 0 and mark the code as "needs to be updated for
multiple sections".

Eliminate cf_read_section_comment(); in calls outside file.c, other code
directly calls the libwiretap routines it calls and, inside file.c, we
just transplant the code and then fix it not to assume a single SHB.

Change-Id: I85e94d0a4fc878e9d937088759be04cb004e019b
Reviewed-on: https://code.wireshark.org/review/37000
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
2020-05-01 19:46:42 +00:00
Uli Heilmeier 99ecab4122 New dissector: Dynamic Link Exchange Protocol
Code based on https://github.com/mit-ll/dlep-wireshark-dissector
authored by Jeffrey Wildman <jeffrey.wildman@ll.mit.edu>

Updated types according to
https://www.iana.org/assignments/dlep-parameters/dlep-parameters.xhtml

Changed:
* removed some tvb_get_*() calls
* updated expert info handling
* changed registering the dissector

Sample capture:
https://wiki.wireshark.org/SampleCaptures#Dynamic_Link_Exchange_Protocol_.28DLEP.29

Change-Id: I13e0c918f46af036c1be4acf34acab838aeaf342
Reviewed-on: https://code.wireshark.org/review/36901
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-04-28 06:13:10 +00:00
Guy Harris 524baee94f Add string encoding values for various BCD encodings, and use them.
Add some ENC_ values for various flavors of packed BCD, and use that
instead of explicitly calling tvb_bcd_dig_to_wmem_packet_str() and
adding the result.

Change-Id: I07511d9d09c9231b610c121cd6ffb3b16fb017a9
Reviewed-on: https://code.wireshark.org/review/36952
Reviewed-by: Guy Harris <gharris@sonic.net>
2020-04-27 01:53:09 +00:00
Guy Harris 9f03cde5a5 Add a routine to get the representation of a protocol tree item and use it.
Add proto_item_get_display_repr(), which returns a string, allocated
with a specified wmem scope, containing the display representation of
the value of a proto_item.

Use it in the LLDP dissector, to append that string to the parent
protocol tree item; use packet scope, so it doesn't hang around forever
(the previous code used the NULL scope, meaning explicit freeing was
required, but it wasn't explicitly freeing the value, so it was
leaking).

Change-Id: I146380118833b1daef9dea8bd9463001e5b9325f
Reviewed-on: https://code.wireshark.org/review/36931
Petri-Dish: Guy Harris <gharris@sonic.net>
Reviewed-by: Guy Harris <gharris@sonic.net>
2020-04-25 06:27:53 +00:00
Jaap Keuter 9750d00ff1 Introduce tfs_get_string helper
true_false_strings have no helper function to properly retrieve the
string representing the true or false value, much like unit_strings,
even though this is not uncommon in dissectors.
This change introduces the helper function and modifies the dissectors,
so that they use this helper i.s.o. their own expressions.

Change-Id: I477ed2d90a9a529fc5dcfef7e3ea42ec180d27ae
Reviewed-on: https://code.wireshark.org/review/36920
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-04-25 04:39:46 +00:00
Pau Espin 485476d0d2 OsmoTRX: Use units from unit_strings.{c,h}
Change-Id: I79dd406fe34b623678bd8a13b2ec75930f886fe8
Reviewed-on: https://code.wireshark.org/review/36904
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-04-23 15:22:54 +00:00
Gerald Combs 6a8c1b9b93 epan: Add p_[gs]et_proto_depth.
Add convenience routines for getting and setting a per-protocol,
per-packet depth value, which can be used to limit recursion, nesting,
cycling, etc. Use them in the BACapp, DAAP, Mongo, VLAN, and WBXML
dissectors.

Change-Id: I172514828169253ae7fcf9162c9d7eeb3041ff9c
Reviewed-on: https://code.wireshark.org/review/36846
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-04-15 04:09:08 +00:00
Balint Reczey b5593553d4 debian: Ship codecs libraries in libwireshark0
Bug: 16430
Change-Id: I2f9b07be780d39c75898bba06fa6fb66b9895c88
Signed-off-by: Balint Reczey <balint.reczey@canonical.com>
Reviewed-on: https://code.wireshark.org/review/36433
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2020-03-15 16:55:31 +00:00
Peter Wu e3212a49e5 debian: speed up build by running asn1 and guides target in parallel
Speeds up the asn1 build from 133 seconds to 39 seconds, and guide
builds from 40s to 33s (-j6). Extraction of parallel=x from
DEB_BUILD_OPTIONS was borrowed from the debhelper Makefile.

Switching to Ninja has even more potential speed ups and prevents
interleaving build output, but requires debhelper 11.2 (Ubuntu
bionic-backports, Debian stretch-backports).

Change-Id: I2d403863adf5bfd692300642aad7df4b1cdb6e46
Reviewed-on: https://code.wireshark.org/review/36377
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-03-12 06:45:56 +00:00
Guy Harris cd6134da90 Add ws_strtoi() and ws_strtoui() routines and use them.
Those fetch gint and guint values, respectively, rather than values with
specified sizes in bits.

This should squelch Coverity CID 1457357.

Change-Id: Ia8f100bd3fe90c266e24a4346f80b2667c653b93
Reviewed-on: https://code.wireshark.org/review/36177
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2020-02-25 08:27:52 +00:00
Dylan Ulis 7b99a82bf8 Edit Resolved Name: Don't add duplicate IPs
1. Switch list of manually resolved names from a list to a map
   (IP Address --> Custom Hostname)
2. If an address was already in the list, just update the old entry.
Previously this added a new entry anytime somebody would edit a
hostname.
3. Display the previous hostname in the GUI
4. Remove unused manually_resolve_cleanup()

Bug: 11221
Change-Id: I42d5b6267eb6613bdf7783865bc2d30d6bda1147
Reviewed-on: https://code.wireshark.org/review/36059
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-02-24 07:45:00 +00:00
Gerald Combs 937c7c512a Debian+RPM: Require QtSVG.
Although we don't depend on any of Qt's SVG classes directly, we do use
SVG icons in Preferences → Appearance → Language and QIcon loads its SVG
engine dynamically. If it's not present Wireshark will still run, but
the user won't see any flag icons.

Require QtSVG in the Debian and RPM packaging. It's not that large (~
400k here on Ubuntu 18.04) and ensures that we have a uniform user
experience across platforms. In this particular case, if the user
experience happens to be "Wireshark's UI is in a language I don't
understand" the little flags can come in handy.

Change-Id: If3c2e8a6040967353dbc462ee475ef12514b25f9
Reviewed-on: https://code.wireshark.org/review/36037
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2020-02-11 01:43:33 +00:00
Martin Mathieson 0290bd3592 HTTP: share dissector status value_string array with tshark HTTP stats
Change-Id: I6de4a8b691922f7c4a8141b581b9f3c8ca112b60
Reviewed-on: https://code.wireshark.org/review/35942
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
2020-01-24 22:38:17 +00:00
Martin Mathieson 8a79d27010 SIP: share dissector status value_string array with tshark SIP stats
Change-Id: I8f12310f69aa5393ba8ad37e498845f2a1f17693
Reviewed-on: https://code.wireshark.org/review/35927
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
2020-01-24 16:10:43 +00:00
Dario Lombardo 73a5236f2f debian: remove double spaces.
Change-Id: Ifee8b32bbde5947944c6f3a30b5245d173beea09
Reviewed-on: https://code.wireshark.org/review/35661
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2020-01-07 12:45:00 +00:00
Michael Mann 2925fb0850 Use g_file_open_tmp within create_tempfile
Much better to use a known library than create it ourselves.

Also remove get_tempfile_path as it's not used.

Bug: 15992
Change-Id: I17b9bd879e8bdb540f79db83c6c138f8ee724764
Reviewed-on: https://code.wireshark.org/review/34420
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
2019-12-20 19:26:38 +00:00
Huang Qiangxiong 623b347d1e Protobuf: add dissecting protobuf fields as wireshark fields preferences, etc.
Two enhancements and one fixed bug:

1. Add dissecting protobuf fields as wireshark (header) fields preferences. User
can input the full names of protobuf fields or messages in Filter toolbar for
searching.

2. Add 'protobuf_field' dissector table. Dissector based on protobuf can register
itself to 'protobuf_field' keyed with the full names of fields of BYETS or STRING
types.

3. A bug about search MESSAGE or ENUM type in context is fixed.

4. Another small enhancement is adding prefs_set_preference_effect_fields() which
can mark a preference that affects fields change (triggering FieldsChanged event).

See the linked bug for sample capture file and .proto files.

Ping-Bug: 16209
Change-Id: Ibc3c45a6d596a8bb983b0d847dd6a22801af7e04
Reviewed-on: https://code.wireshark.org/review/35111
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-12-19 05:04:17 +00:00
Michael Mann f509a83381 Add format_size_wmem
It's a "wmem version" of format_size (from wsutil/str_util.h).

Also improved the flexibility in formatting of format_size() to handle future
needs of format_size_wmem

Ping-Bug: 15360
Change-Id: Id9977bbd7ec29375bbac955f685d46e75b0cef2c
Reviewed-on: https://code.wireshark.org/review/31233
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-12-02 05:01:16 +00:00
Gerald Combs faf3118d45 [Automatic update for 2019-12-01]
Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I3baf4cf43786b1680c02514f10c526cf8dca8536
Reviewed-on: https://code.wireshark.org/review/35269
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-12-01 08:20:14 +00:00
Gerald Combs beb1fee658 3.1.0 → 3.3.0.
Change-Id: Ia6217b00741f824b1f6805eb406408802dd5b5a8
Reviewed-on: https://code.wireshark.org/review/35167
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-11-20 23:33:02 +00:00
Gerald Combs ae58402e14 3.1.1 → 3.1.2.
Change-Id: Id89e46103f61392653cfdc60ef16d11123fe0928
Reviewed-on: https://code.wireshark.org/review/35128
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-11-18 20:12:27 +00:00
Gerald Combs 7d2e3fa8f5 [Automatic update for 2019-11-17]
Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I5a453e0aeb29491152bce579ba11d65d0b05acc8
Reviewed-on: https://code.wireshark.org/review/35108
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-11-17 08:20:23 +00:00
João Valverde 5d18c9b4df dumpcap: Add support for TCP@IPv6 socket captures
Bug: 15820
Change-Id: Id32f376190c115b0808ba72e5b63e019e2a70274
Reviewed-on: https://code.wireshark.org/review/35030
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
2019-11-11 17:17:36 +00:00
Gerald Combs 4ad8ff785c [Automatic update for 2019-11-10]
Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Ia72b63b2fca34056e2c18d828526ff896295a9bd
Reviewed-on: https://code.wireshark.org/review/35040
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-11-10 08:20:55 +00:00
Gerald Combs 2ff32787c5 epan: Make proto_tree_add_oid* usable from DLLs.
Prefix proto_tree_add_oid, proto_tree_add_oid_format_value, and
proto_tree_add_oid_format with WS_DLL_PUBLIC.

Change-Id: Ia3fa8fb762869bb1afa1c1f57a3a5f02aa126a3f
Reviewed-on: https://code.wireshark.org/review/35018
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
2019-11-07 16:43:43 +00:00
Stig Bjørlykke 551745998e wslua: Fix memleak of unregistered ProtoField strings
If a ProtoField object was created, but not linked to a Proto, then the
strings field and all elements (depending on type) would leak.

This is a follow-up to g79fef2ae and fixes the real issue in g44870fb1.

Change-Id: I01880a92bb20fae45f68c754b07daeb07630deec
Reviewed-on: https://code.wireshark.org/review/34872
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
2019-10-28 15:05:54 +00:00
Huang Qiangxiong 62101950f3 Protobuf: Add show_details preferences. Fix two bugs.
1. Add show_details preferences. Disable it will hidden names of
message/field/enum, field number, and other details.

2. Have only one popup message with all the errors listed,
that are found during parsing .proto files. (Buffer errors and print once)
Loading .proto files and checking message types of UDP port will
be done only when protobuf dissector has been called.

3. Support parsing .proto files in legacy MAC file format
(that newline is '\r') or mixed newline (\r + \n) file format.

Change-Id: I97bcde000957e4cd1cce98a7f61120d03027423e
Reviewed-on: https://code.wireshark.org/review/34736
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-10-14 06:47:30 +00:00
João Valverde 97cb389a35 Revert "CMake: Don't install HTML manuals twice"
This reverts commit f1285fcf06.

NSIS package is broken with this commit.

Change-Id: Ief22a308edad188fa2d5fab79355f19493359fa6
Reviewed-on: https://code.wireshark.org/review/34758
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
2019-10-10 15:58:41 +00:00
João Valverde f1285fcf06 CMake: Don't install HTML manuals twice
HTML docs are installed to both $docdir and $pkgdatadir. Fix that
to install to $docdir only.

Change-Id: I115158585b6df9170d9a01249adbc8548df91f14
Reviewed-on: https://code.wireshark.org/review/34640
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
2019-10-09 13:24:58 +00:00
Peter Wu d2a660d805 QUIC: Add Follow QUIC Stream support to Qt and tshark
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.

Known issues that will be addressed in the future:

 - If a single packet contains multiple streams, then Follow QUIC Stream
   will wrongly include data from streams other than the selected one.
   This is tracked by bug 16093 and affects HTTP/2 as well.

 - The Substream index menu does not properly filter for available
   stream numbers. If a non-existing stream is selected, then changing
   to another (potentially valid) index results in the "Capture file
   invalid." error. As workaround, clear the display filter first.

 - Follow Stream always selects Stream ID 0 instead of the first or
   currently selected stream field in a packet. Users should manually
   update the stream index as needed.

Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-10-04 04:36:09 +00:00
Tomasz Moń bd439c9090 Win32: Do not reload TLS keylog file on each packet
On Windows, fstat() and stat() sets st_dev to different value depending
on whether it was called with file handle or file path. If file handle
was used, the st_dev is simply the file handle casted to unsigned.
If file path was used, then st_dev corresponds to drive letter
(A=0, B=1, C=2, ...).

Compare the files using the file index information retrieved by
GetFileInformationByHandle(). When compiled in configuration that
supports FILE_ID_INFO, the code first tries to obtain 128-bit FILE_ID_INFO
and if that fails, fallback to GetFileInformationByHandle().

Bug: 16059
Change-Id: I5f8d8d8127337891ef9907c291e550b1d17aabbb
Reviewed-on: https://code.wireshark.org/review/34573
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-09-22 18:23:28 +00:00
Alexander Gryanko 9fff62e2a8 Qt, http2: Add Follow HTTP/2 Stream functionality
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.

Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.

[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]

Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-09-22 05:29:30 +00:00
Gerald Combs 88bc8ef73a [Automatic update for 2019-09-15]
Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I175cef2c3e0e43854d99f9741f47f07441fcce2c
Reviewed-on: https://code.wireshark.org/review/34529
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-09-15 09:15:25 +00:00
Gerald Combs 39aba1a891 [Automatic update for 2019-09-08]
Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Ifff2c6116b57d189f564986caa40e0a25de5233c
Reviewed-on: https://code.wireshark.org/review/34472
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-09-08 08:22:37 +00:00
Michael Mann 168ee5003f kafka: Cleanup to use "native" APIs.
Add "native" support for the "zig-zag" version of a varint in proto.[ch] and
tvbuff.[ch].  Convert the use of varint in the KAFKA dissector to use the (new)
"native" API.

Ping-Bug: 15988
Change-Id: Ia83569203877df8c780f4f182916ed6327d0ec6c
Reviewed-on: https://code.wireshark.org/review/34386
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-09-05 03:25:39 +00:00
Michael Mann 01d7793976 Add proto_tree_add_item_ret_time_string
A few dissectors need the functionality of adding a time field to a proto_tree
while also needing the "time to string" value (typically to show on a tree above).
The functionality to do "get value from tvb and convert to string" was being done
in packet-ntp.c.
Instead proto_tree_add_item_ret_time_string can be used with various encoding to
get the necessary functionality with less code duplication.

ENC_TIME_MIP6 was added as a result of the refactoring.
ABSOLUTE_TIME_NTP_UTC was added as another potential "base" type for time fields.

Change-Id: Ie460c33370b0af59ef60bdab893ce9d6eb23b94f
Reviewed-on: https://code.wireshark.org/review/34390
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-08-29 13:31:48 +00:00
Piotr Smolinski ad94c4d459 Kafka: include zstd compression in Kafka message batches
Change-Id: I1d06486ccf7b174ee9aa621fa3d8acb8b3673777
Reviewed-on: https://code.wireshark.org/review/34222
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-08-20 13:50:45 +00:00
Peter Wu 9ad4f907e8 TLS: add mechanism to set the TLS appdata protocol
For use by EAP-TTLS which embeds TLS.

Change-Id: I4770d03f912dd75f92878dd74ad830ebb7eb1431
Reviewed-on: https://code.wireshark.org/review/34311
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-08-19 04:16:56 +00:00
Roland Knall 5c678288bc Qt: Check filename before import
Before the unzipped files are being copied from the temp directory,
they are checked against the stored list of profile names, to ensure,
that only allowed files are being imported.

Also ensures, that no empty directory exists for the skipped one

Bug: 15969
Change-Id: I6ae8c9fb5f63d089d42fc0ef18dbe84baec515a2
Reviewed-on: https://code.wireshark.org/review/34184
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
2019-08-05 13:47:11 +00:00
Stig Bjørlykke 5d0a2ccbb7 Qt: Change from User/System to Personal/Global profile types
Change the Profile types from User/System to Personal/Global in UI
to match the terminology used in About Wireshark -> Folders.

This reverts commit 40af4aa93e.
This reverts commit f0cde7ca34.
This reverts commit c37cabe900.

Change-Id: I9012db6385707754e26a2dadb57f6003f8112f9b
Reviewed-on: https://code.wireshark.org/review/34134
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
2019-07-30 10:11:10 +00:00
Guy Harris f0cde7ca34 The next release, introducing those functions, will probably be 3.1.1.
Change-Id: I93557ac0991d4e06269ebec2583607793ce8da70
Reviewed-on: https://code.wireshark.org/review/34130
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-07-29 21:36:05 +00:00
Tomasz Moń 53ecc16079 USBLL: Verify Token/Split packets CRC-5
Ping-Bug: 15908
Change-Id: I25aaf772d3d0af2f459a1ad78d8253344ed13f05
Reviewed-on: https://code.wireshark.org/review/34025
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-07-29 20:49:09 +00:00
Stig Bjørlykke c37cabe900 Qt: Rename profile global to system
It's called system profiles in UI so update function names and
variables to use the same name. This will increase code readability.

Change-Id: I048e9ea85bd6ebab4a2c3ed1c685487ac8f7e40e
Reviewed-on: https://code.wireshark.org/review/34116
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
2019-07-29 11:07:15 +00:00
Peter Wu cfab27d464 debian/rules: reduce log spam from asn1 target
There are 3694 warnings for one of the following two messages:

   UserWarning: The same field names for different types. Explicit field renaming is recommended.
   UserWarning: The same type names for different types. Explicit type renaming is recommended.

Both warnings are accompanied by some context. Since the packager is
unlikely going to address these issues, and CI systems struggle with the
size of the generated logs, disable this subset of warnings. The output
of `ninja asn1` shrinks from 28191 lines (2.4MiB) to 483 lines (32KiB).

Change-Id: I44e9e1ab40f2255136fb1440e3bde2ccc9e55295
Reviewed-on: https://code.wireshark.org/review/34098
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
2019-07-28 16:21:56 +00:00
Guy Harris 5cf3fd03f1 HTTPS In More Places, update some URLs.
Change-Id: Ice2e1e2e4d94f6c9da7c651866cfa1a8ac4a31d8
Reviewed-on: https://code.wireshark.org/review/34096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-07-27 07:55:36 +00:00
Guy Harris 1759288e4e Tag routines added in 3.0.x releases appropriately.
Change-Id: Ic5ce106d4e61886c71bedb96aa73c951f4cdf355
Reviewed-on: https://code.wireshark.org/review/34090
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-07-26 19:09:22 +00:00
Guy Harris 20800366dd HTTPS (almost) everywhere.
Change all wireshark.org URLs to use https.

Fix some broken links while we're at it.

Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-07-26 18:44:40 +00:00
Pascal Quantin 3a137dfef0 Debian: remove symbols
Those functions are defined as inline in proto.h and are not exported
functions. The change g76e227bcef had an impact on this check and now
they are flagged as missing. Let's remove them.

Bug: 15944
Change-Id: I58a0bd41283ce20aa7441ca08173e3d8d469a0ec
Reviewed-on: https://code.wireshark.org/review/34088
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
2019-07-26 09:39:41 +00:00
Gerald Combs 12e8b4edd3 3.1.0 > 3.1.1.
Change-Id: Idc7ab6cfe38cffa4053d0d8ce710cb95b33aa6ac
Reviewed-on: https://code.wireshark.org/review/34084
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-07-25 20:03:30 +00:00
Tomasz Moń dd5f2bd054 USBLL: Verify DATA packets CRC-16
Ping-Bug: 15908
Change-Id: Idda280545665184aca40c694ea6d639c9317307a
Reviewed-on: https://code.wireshark.org/review/34016
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-07-25 08:58:13 +00:00
Guy Harris 2c7e0a93e5 Add a routine to fetch raw bytes into a fixed-length buffer as a string.
That's what the remaining calls to tvb_get_nstringz() and
tvb_get_nstringz0() are being used to do, even though those routines
were not intended for that purpose - the calls are extracting from a
text protcool, meaning that the strings are *not* null-terminate in the
packet.

Strings - even null-terminated ones - should, in almost all cases, be
extracted by tvb_get_string_enc() or routines that call it, so that an
encoding is specified.  In the few cases where we're fetching strings
only to be compared to ASCII constants, or to parse as numbers, we can
get away with this.

Change-Id: I29f0532902c4ade2207de7f06db69c32eafd4132
Reviewed-on: https://code.wireshark.org/review/34072
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-07-24 19:05:13 +00:00
Peter Wu 920f5c3dbf debian/control: sync downstream wireshark-gtk changes
Add package relations to the deprecated wireshark-gtk package. The
transitional package added by "Stop shipping Wireshark's GTK+ GUI" has
not been incorporated however. The Standards-Version version bump done
in 2.0.5+ga3be9c6-1 (2 Aug 2016) required no changes. Note that both
Debian Stretch and Ubuntu 16.04 have debian-policy 3.9.8.

Change-Id: Idb6f106ea03d47bcf87ba60f5470754e9ae4369e
Reviewed-on: https://code.wireshark.org/review/34047
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-07-24 09:41:44 +00:00
Gregor Jasny 12866e8279 debian: libwireshark-dev must depend on libwiretap-dev
because wireshark/epan/packet_info.h (libwireshark-dev)
depends on wireshark/wiretap/wtap.h (libwiretap-dev)

Change-Id: I76eb17c2c0502f4ea53c6ce934aeaea5ff5cfdd9
Reviewed-on: https://code.wireshark.org/review/34046
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-07-24 09:41:18 +00:00
Balint Reczey 8928460c87 debian: Add autopkgtest for testing starting GUI and CLI
Incorporates debian/tests/ changes up to upstream/3.0.0-76-ge634555b61:

 * Add autopkgtest for testing starting GUI
 * Add missing autopkgtest dependencies
 * Use automatic xvfb server number in tests
 * Use GLX extension in autopkgtest, Qt needs it
 * Install at-spi2-core in gui autopkgtest to avoid error messages
 * debian/test/gui: Ignore stderr from wireshark-gtk since upstream deprecated it
 * debian/tests/gui: Redirect stderr to stdout because Lua prints to stderr
 * Stop shipping Wireshark's GTK+ GUI

Change-Id: I840fa17fb5ac2bc7b4fed36c4286ea97742f7369
Reviewed-on: https://code.wireshark.org/review/28519
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-07-24 09:40:55 +00:00
Topi Miettinen 4d41836db4 debian: Fix permission change in case of local diversions
/usr/bin/dumpcap may be locally diverted to somewhere else, so let's
query dpkg-divert for the current location.

Change-Id: I4347d390b2c1e94383308d274b113a23bec62f5b
Reviewed-on: https://code.wireshark.org/review/34040
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-07-24 09:40:35 +00:00
Martin Kaiser cc15201436 helper function to get a payload dissector table's current handle
Add a simple helper function to get the dissector handle that's
currently selected in a given payload dissector table.

We have similar functions already for string and uint dissector tables.

Change-Id: Ia1092fe2b8d038bae2b26db99fd08cd9d6979fcd
Reviewed-on: https://code.wireshark.org/review/33933
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
2019-07-22 15:44:08 +00:00
Jaap Keuter 44129c6ded IEEE80211: handle symbol proprietary tag seperately
The contents of the Symbol Proprietary TLV was assumbed to be the same
as the Vendor Specific TLV. This proved not to be the case, at least for
Zebra Extreme networks nodes. This change implements the dissection of
the format as defined in the bug.

Bug: 15909
Change-Id: I4c14dde386d33302d187680f9f09f8b5bb1ef213
Reviewed-on: https://code.wireshark.org/review/34023
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-07-21 13:11:20 +00:00
Aurelien Aptel 0db39ae59a smb2: add support for decompression
The latest iteration of Microsoft updates to SMB3 added compression to
the protocol. This commit implements decompressing and dissecting
compressed payloads.

The compression algorithms that can be used are "Plain LZ77",
"LZ77+Huffman" and "LZNT1" which you can read more about in the
[MS-XCA] documentation. This set of algorithm is sometimes referred to
as XPRESS.

This commit reuses the existing uncompression API scheme already in
place with zlib and brotli and adds 3 tvb_uncompress_*() function
implemented in:
* epan/tvbuff_lz77.c
* epan/tvbuff_lz77huff.c
* epan/tvbuff_lznt1.c

A new function wmem_array_try_index() was added to the wmem_array API
to make bound checked reads that fail gracefully. New tests for it
have been added as well.

Since both reads (tvb) and writes (wmem_array) are bound checked the
risk for buffer overruns is drastically reduced. LZ77+Huffman has
decoding tables and special care was taken to bound check these.

Simplified versions of the implementations were succesfully tested
against AFL (American Fuzzy Lop) for ~150 millions executions each.

The SMB2/3 dissector was changed to deal with the new transform header
for compressed packets (new protocol_id value) and READ request
flags (COMPRESSED). Badly compressed or encrypted packets are now
reported as such, and the decryption test suite was changed to reflect
that.

This commit also adds a test capture with 1 packet compressed with
each algorithm as returned by Windows Server 2019, along with 3
matching tests in test/suite_dissection.py

Change-Id: I2b84f56541f2f4ee7d886152794b993987dd10e7
Reviewed-on: https://code.wireshark.org/review/33855
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-07-15 21:00:14 +00:00
Guy Harris e26e0b4de0 Add support for the ISO 646 "Basic code table" encoding.
The "Basic code table" in ISO 646 is mostly ASCII, but some code points
either 1) have more than one glyph that can be assigned to them or 2)
have no glyph assigned to them.  National versions choose one of the two
glyphs for the code points in group 1) and assign specific glyphs to the
code points in group 2); the International Reference Version assigns the
same glyphs to those code points as does ASCII.

For the "Basic code table" encoding, we map the code points in groups 1)
and 2) to a REPLACEMENT CHARACTER; additional encodings can be added for
the national versions.

Add ENC_ISO_646_IRV (International Reference Version) as an alias for
ENC_ASCII.

Expand some comments, and add some comments, while we're at it.

Change-Id: I4f1b5e426ec193775e919731c5cae1224dc65115
Reviewed-on: https://code.wireshark.org/review/33941
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-07-15 07:50:30 +00:00
Gerald Combs df28091c09 [Automatic update for 2019-07-07]
Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Ib32cb52cb8b439802b343ad62420055177ffc211
Reviewed-on: https://code.wireshark.org/review/33859
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-07-07 08:20:30 +00:00
Peter Wu 2e9f54ee5b debian/control: remove unused libtool dependency
CMake does not need libtool.

Change-Id: Ib96c2ad96fbf62aad86536f40f979fe7786cc576
Reviewed-on: https://code.wireshark.org/review/33772
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-06-30 13:07:24 +00:00
Balint Reczey 2639691687 debian: Use proper CC flags when test-compiling with development headers
Change-Id: Icdc239f490ea648cfbddb6c23edcc0a4b63bbb22
Reviewed-on: https://code.wireshark.org/review/33713
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-06-23 18:46:37 +00:00
Peter Wu ba3f25b3ee debian/rules: remove unused variables
Neither VERSION nor docdir are used in CMake, remove it. The wheezy
workaround was needed to fix build failures with PIE, but since Wheezy
is EOL, it can be removed.

'distrelease' can also be removed, but let's keep it in case
distro-specific workarounds are needed in the future.

Change-Id: I6e8a296112b218ebce79f697bbb1def7c0efdad7
Reviewed-on: https://code.wireshark.org/review/33712
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-06-23 18:46:22 +00:00
Peter Wu 7dfcb4425a asn2wrs: use system lex and yacc from ply if available
Tested with python-ply 3.11 and Python 3.7.3 on Arch Linux using the
'ninja asn1' command.

Bundling lex.py and yacc.py is one distribution method suggested by PLY
upstream (https://www.dabeaz.com/ply/README.txt), but since it is also
available in many Linux distributions, we could potentially remove it in
the future. Windows developers can install it through pip if needed.

Change-Id: I9c847072916ee33da49994820b435ec1d7110303
Reviewed-on: https://code.wireshark.org/review/33708
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-06-23 17:31:15 +00:00
Balint Reczey d0b961f982 debian/control: Update Vcs-{Browser|Git} to point to Salsa
Fixes Lintian warnings:

    I: wireshark source: vcs-field-uses-insecure-uri vcs-browser http://svn.debian.org/wsvn/collab-maint/ext-maint/wireshark/trunk/
    I: wireshark source: vcs-field-not-canonical http://svn.debian.org/wsvn/collab-maint/ext-maint/wireshark/trunk/ https://anonscm.debian.org/viewvc/collab-maint/ext-maint/wireshark/trunk/
    W: wireshark source: vcs-deprecated-in-debian-infrastructure vcs-browser http://svn.debian.org/wsvn/collab-maint/ext-maint/wireshark/trunk/
    I: wireshark source: vcs-field-uses-insecure-uri vcs-svn svn://svn.debian.org/svn/collab-maint/ext-maint/wireshark/trunk
    I: wireshark source: vcs-field-not-canonical svn://svn.debian.org/svn/collab-maint/ext-maint/wireshark/trunk svn://anonscm.debian.org/collab-maint/ext-maint/wireshark/trunk
    W: wireshark source: vcs-deprecated-in-debian-infrastructure vcs-svn svn://svn.debian.org/svn/collab-maint/ext-maint/wireshark/trunk

Change-Id: I81456ec8569ccf2e554efb944b1c84e306c66c41
Reviewed-on: https://code.wireshark.org/review/33678
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-06-21 16:59:37 +00:00
Peter Wu bc7797792c debian/control: remove debhelper and cdbs from wireshark-dev
Fixes lintian warnings:

    W: wireshark-dev: binary-package-depends-on-toolchain-package depends: debhelper
    W: wireshark-dev: binary-package-depends-on-toolchain-package depends: cdbs

wireshark-dev does not depend on either cdbs or debhelper, remove it. A
versioned debhelper dependency is present as Build-Depends however.

Change-Id: Ic3393e7ecbaf6d4bdf032315e5da586823ae1e05
Reviewed-on: https://code.wireshark.org/review/33676
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-06-21 16:59:27 +00:00
Peter Wu e56ec71c6a debian/control: fix minor Lintian warnings related to Priority, etc.
Fixes the following Lintian 2.15.0 (Debian sid) warnings with WS 3.0.2:

    W: wireshark-common: extended-description-line-too-long
    W: wireshark-common: command-with-path-in-maintainer-script postrm:11 /usr/sbin/delgroup
    W: wireshark-dbg: priority-extra-is-replaced-by-priority-optional
    W: wireshark-doc: priority-extra-is-replaced-by-priority-optional

Replace absolute path test in postrm and fix indentation.

Remove the Priority line in binary packages since they default to the
Source priority which is set to "optional". See
https://www.debian.org/doc/debian-policy/ch-archive.html#s-priorities

Change-Id: Ib07f6414348cbbfb1e7177643d9b9acfd9f1a477
Reviewed-on: https://code.wireshark.org/review/33675
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-06-21 16:59:14 +00:00
Balint Reczey 5d9ab62748 debian/copyright: Mention GPLv3+ code snippet in tools/pidl/idl.yp
Change-Id: Ia0af1532358585c6cd1aaaa17466145297d81393
Reviewed-on: https://code.wireshark.org/review/33670
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-06-21 16:59:01 +00:00
Pascal Quantin be3d469ddc NGAP: fix dissection of N2 Information Content
Change-Id: I8aaf578c8eb71533313cf2cfd42871eae0c0ff57
Reviewed-on: https://code.wireshark.org/review/33603
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
2019-06-16 11:30:24 +00:00
Pascal Quantin 388a38447e debian: update libwsutil0 symbols
Change-Id: I319d619b34ab754a65f003623f957e421675499b
Reviewed-on: https://code.wireshark.org/review/33561
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
2019-06-11 21:39:02 +00:00
João Valverde 63af1da7e7 Kill libwscodecs plugin library, just use plugins
Change-Id: I085d04840acb53b0b7681787429a2b4e10547cd5
Reviewed-on: https://code.wireshark.org/review/33068
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-06-11 20:59:39 +00:00
Gerald Combs 20568aa8b9 tools: Switch some scripts exclusively to Python 3.
Convert asn2wrs.py to Python 3 via `2to3 --print-function --write` along
with additional tweaks.

Convert asn2deb and idl2deb using `2to3 --write`.

Work around what appears to be a Debian packaging bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818609

Change-Id: I5cc246f7162c2d713673955c10c092e1b91adf82
Reviewed-on: https://code.wireshark.org/review/33504
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-06-09 04:53:08 +00:00
Guy Harris 1c601c204a Have routines to add a protocol tree item and return a display string.
That way, even if we're not building a protocol tree, so that you don't
get protocol tree items, you can get the display string, e.g.  to use in
a column.

Replace the use of the "get display string" routines with calls to those
routines.

Change-Id: I23e3e88838bdf837d8660c271f78c79b7d1c5620
Reviewed-on: https://code.wireshark.org/review/33519
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-06-08 09:11:22 +00:00
Guy Harris ee35570e90 Improve handling of binary data that *might* be text.
Add a BASE_SHOW_ASCII_PRINTABLE flag for the "display" field, to use
with FT_BYTES and FT_UINT_BYTES fields; it specifies that, if the field
consists solely of printable ASCII characters, its value be displayed as
a string, in quotes.  Have a routine hfinfo_format_bytes() to do that
formatting, depending on the display field value.

Add routines to fetch the display value of string and
FT_BYTES/FT_UINT_BYTES fields; for strings, it's the result of
hfinfo_format_text(), and for byte arrays, it's the result of
hfinfo_format_bytes().

Use BASE_SHOW_ASCII_PRINTABLE for extended attribute data in SMB and
SMB2.  Use the routines in question for extended attribute names
(string) and data (bytes).  That keeps us from displaying non-text
extended attribute data as if it were text.

Document BASE_SHOW_ASCII_PRINTABLE.

Change-Id: I24dcf459c14f00985e4daaf9b58f5933964eabd8
Reviewed-on: https://code.wireshark.org/review/33517
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-06-07 21:15:23 +00:00
Gerald Combs 2eb1a0dd61 Use the HTTPS URL for our main site in a few places.
Fixup the encoding of plugins/plugin.rc.in while we're here.

Change-Id: I21b56ce68bc3d84298a846a991c72bf710b9ae8a
Reviewed-on: https://code.wireshark.org/review/33414
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2019-05-29 04:00:42 +00:00
Guy Harris f72e504817 Dissect LDAP strings as UTF-8.
This requires some special hackery, including a new packet-ber.c
routine, as those strings are just OCTET STRINGs, not UTF8Strings.

Change-Id: I776ed47f7400eba366a630b60b94be3397f7b45f
Reviewed-on: https://code.wireshark.org/review/33403
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-05-28 04:11:35 +00:00
Dario Lombardo 4a5117ca43 debian: add libspeexdsp-dev to debian/control.
Change-Id: Ie4fda4b81be6746eba9880edd6ed69693889ca4d
Reviewed-on: https://code.wireshark.org/review/33255
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-05-20 04:16:17 +00:00
Gerald Combs 4812e2e7fa Debian: Be more strict about symbol changes.
Add export DPKG_GENSYMBOLS_CHECK_LEVEL=4 to debian/rules in order to
ensure that we update the Debian config when we change the API.

Change-Id: Ieeaf08342790c075de62a52079d874fe9d36bed8
Reviewed-on: https://code.wireshark.org/review/33119
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-05-09 04:31:10 +00:00
Gerald Combs 97ff5fe2cd Debian: Add missing symbols.
Change-Id: Ia35aedfe0c934ea2a9020ad8e157c09f68743d06
Reviewed-on: https://code.wireshark.org/review/33118
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-05-08 19:17:34 +00:00
João Valverde 186f985793 CMake: Check for and use system SpeexDSP library
Change-Id: I8443379d23a2946dd21c12e5e0bd5464ab73ca25
Reviewed-on: https://code.wireshark.org/review/31857
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
2019-05-02 21:12:01 +00:00
Guy Harris 2ee483a222 Move the Winsock initialization and cleanup to wsutil routines.
Those routines exist on both Windows and UN*X, but they don't do
anything on UN*X (they could if it were ever necessary).

That eliminates some #ifdefs, and also means that the gory details of
initializing Winsock, including the Winsock version being requested,
are buried in one routine.

The initialization routine returns NULL on success and a pointer to a
g_malloc()ated error message on failure; report the error to the user,
along with a "report this to the Wireshark developers" suggestion.

That means including wsutil/socket.h, which obviates the need to include
some headers for socket APIs, as it includes them for you.

Change-Id: I9327bbf25effbb441e4217edc5354a4d5ab07186
Reviewed-on: https://code.wireshark.org/review/33045
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-05-02 09:29:01 +00:00
Tomasz Moń c42433b6bb Qt: Support setting custom preferences
This makes it possible to set the console.log.level from the Advanced
preferences window.

Change-Id: I5c5551f089a935eef77f54fdcad0ba060f14edfd
Reviewed-on: https://code.wireshark.org/review/32930
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-04-24 00:33:37 +00:00
Dániel Bakai 9ce60b173b Add brotli decompression support for HTTP and HTTP2 dissectors.
Change-Id: I9c09f55673187f6fee723fcd72798fb6b9958b03
Reviewed-on: https://code.wireshark.org/review/32745
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-04-22 15:24:46 +00:00
Guy Harris 8a5b26efb1 Have wtap_read() fill in a wtap_rec and Buffer.
That makes it - and the routines that implement it - work more like the
seek-read routine.

Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-04-05 02:49:43 +00:00
Gerald Combs 8d3ac3af86 epan: Convert our PROTO_ITEM_ macros to inline functions.
Convert our various PROTO_ITEM_ macros to inline functions and document
them.

Change-Id: I070b15d4f70d2189217a177ee8ba2740be36327c
Reviewed-on: https://code.wireshark.org/review/32706
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-04-04 04:03:38 +00:00
Guy Harris 4098687fee Add some new symbols for Debian.
Change-Id: I11fdfba21c4c2a68726d8aaf7f98c9b80e6b4ec8
Reviewed-on: https://code.wireshark.org/review/32654
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-04-01 01:43:57 +00:00
Mikael Kanstrup 9cf77ec5e1 ieee80211: Support decrypting WPA3-Personal / SAE captures
Add support for decrypting IEEE 802.11 WPA3-Personal / SAE traffic.

SAE uses AES encryption but a different key derivation function (KDF)
making Wireshark fail to decrypt such captures. Also both KDF and
decryption method is determined based only on EAPOL key description
version. This is not enough to figure out that SAE is being used.

Implement the alternative KDF needed to derive valid PTK. Also
implement a function to parse pairwise + group cipher suites and
auth key management type from RSNE tag. Using this new function
together with a number of new cipher and AKM lookup functions
correct KDF for SAE can be selected.

Bug: 15621
Change-Id: I8f6c917af1c9642c276a244943dd35f850ee3757
Reviewed-on: https://code.wireshark.org/review/32485
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-03-21 12:13:58 +00:00
Gerald Combs 0781a88c5b Debian: Add a missing symbol.
Change-Id: Ic6596fbac05204c41b8790aa24b895413554ddce
Reviewed-on: https://code.wireshark.org/review/32478
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-03-19 05:00:53 +00:00
Guy Harris f1421927d8 Add new Debian symbols.
Change-Id: I7c270ca5b079fa5993c2391e68f98fe3a0d4c356
Reviewed-on: https://code.wireshark.org/review/32108
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-02-19 18:06:11 +00:00
Peter Wu 7cc5941f95 json_dumper: add json_dumper_value_double
Add locale-independent version that replaces json_dumper_value_anyf for
floating-point numbers. NaN and -/+Infinity are mapped to null.

Change-Id: I8e7856de480b7bcafe77ddd015239e1257768ced
Reviewed-on: https://code.wireshark.org/review/31948
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <jbwzawadzki@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-02-11 05:09:58 +00:00
Dario Lombardo ea75ba8146 debian: fix indentation in postinst script.
Change-Id: I753dd887990660f5218a91767c4e124a8ae1971d
Reviewed-on: https://code.wireshark.org/review/31909
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-02-06 20:37:35 +00:00
Dario Lombardo 47b77dfa4f debian: fix wrong version in symbols.
Change-Id: Ia9ad470f8b9137526ceea0358d1ddeaa87aa56c6
Reviewed-on: https://code.wireshark.org/review/31910
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
2019-02-06 12:26:40 +00:00
Dario Lombardo f2df0fc88d debian: update libwireshark symbols.
Change-Id: I69d32009fbd27b05f6eb1da6ee6daa47cca2e1fd
Reviewed-on: https://code.wireshark.org/review/31900
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-02-05 21:23:23 +00:00
Gerald Combs 2ed12a238b 2.9 → 3.1.
Change-Id: Iea6b55037bfb62d2e9b333148cbdc55fcd53dfa2
Reviewed-on: https://code.wireshark.org/review/31888
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-02-05 01:21:10 +00:00
Peter Wu 8c7ca0e884 secrets: add functions to query and validate pkcs11 tokens/key files
Provide a way to retrieve key URIs ("pkcs11:" and in the future maybe
"system:") and validate the PIN/password for such keys. Additionally
permit validation of a RSA key file.

This will be used for the RSA Keys GUI dialog.

Change-Id: I4177a11cb9f4758d7564daae509e20a4a42623fa
Reviewed-on: https://code.wireshark.org/review/31794
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-01-29 23:33:51 +00:00
Stig Bjørlykke 6cab8c57bd funnel: Fix memleaks in funnel_remove_menu
The loop to remove all matching callbacks was skipping every second
entry which would give some leaks when reloading Lua plugins.

Add funnel_cleanup() to be called in epan_cleanup() at shutdown
to remove all allocated menu entries.

Change-Id: I3a50ba2070c8675fee1385f25e9e109db57c2dc5
Reviewed-on: https://code.wireshark.org/review/31769
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
2019-01-28 10:57:30 +00:00
Guy Harris 891bdc469d Fix up the lists of binaries and man pages in dpkgs.
Sort both lists; for the man pages, sort the extcap man pages after the
regular command-line tool man pages.

Add the captype and randpkt programs and man pages, and the udpdump man
page.

Change-Id: I0244013f8d08685d61ba70274185cb5539ff0545
Reviewed-on: https://code.wireshark.org/review/31503
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2019-01-11 23:20:24 +00:00
Gerald Combs ecd48a9752 debian: Fixup symbols.
Change-Id: I544220cdcc43b20b4f6b663e28039804cd6d3619
Reviewed-on: https://code.wireshark.org/review/31475
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
2019-01-10 02:18:11 +00:00
Dario Lombardo 0eff9103b6 debian: add dh-python to debian deps.
Basic Ubuntu installation lacks it.

Change-Id: I208952d15bd32a7813c20625fe94656fb71ae824
Reviewed-on: https://code.wireshark.org/review/31322
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
2019-01-04 18:50:45 +00:00