When builing without the Speex library the build inserts its own files
to handle the codec conversion. These however require sharkd to be
linked against libm, for the sine function.
Change-Id: I80b3fd67a346849480976c00280537b786780627
Reviewed-on: https://code.wireshark.org/review/33582
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for ".template" icons, which are masked against the current
WindowText color. Convert the edit-find icons to templates.
Reload our icon(s) when we receive a QEvent::PaletteChange in MainWindow
and in StockIconToolButton.
Clean our SVGs.
To do:
- Convert other black or mostly black icons to templates.
- Handle QEvent::PaletteChange in more places.
Ping-Bug: 15511
Change-Id: I1ce78d92e769861dc38d86a3def5116fb869e2bf
Reviewed-on: https://code.wireshark.org/review/33571
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allows for dropping fields on the columns to add them as well as indicate
width while dragging the columns
Change-Id: Ic98ae431886e5eb2ebd9ba50390742995bf22d5a
Reviewed-on: https://code.wireshark.org/review/33573
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Remove the "title" parameter from the register_decode_as_next_proto()
function. This parameter is no longer required since decode_as_t does
not have a title any more.
Change-Id: I300c755bd465453aa91703b53ce9adc954e38c00
Reviewed-on: https://code.wireshark.org/review/33579
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the file_closed_ member from class TrafficTableDialog. We already
have a file_closed_ variable in the base class WiresharkDialog, which is
updated correctly when the file is closed.
The shadow file_closed_ variable in TrafficTableDialog is always false.
Classes that are derived from TrafficTableDialog will not see that the
capture file was closed.
The following scenario crashes Wireshark because of this bug
* open a capture file with TCP traffic
* Statistics / Conversations
* select a TCP conversation
* close the capture file
* press the Follow Stream button in the Conversations dialog
-> Wireshark crashes
Change-Id: I8f3d55f231eae5ecc682ff90650f0005fea4b333
Reviewed-on: https://code.wireshark.org/review/33578
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I95ad69fa2f271ab4870ccfe37db0087222b17540
Reviewed-on: https://code.wireshark.org/review/33575
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Nobody else needs its extra stuff, as they're not pulling data out of an
SMB byte buffer, so they don't need the extra length check, and nobody
else uses it - or should use it, as we now have support for string
encodings in the tvbuff and protocol-tree code.
Change-Id: I8d249ea2c89a744eef12a05ad755811c07ca463a
Reviewed-on: https://code.wireshark.org/review/33581
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We removed the "title" member from decode_as_t.
Update the sample code snippet accordingly.
Change-Id: I5d4ba979c955de50287f5b4deea7c64bf96f7d9b
Reviewed-on: https://code.wireshark.org/review/33574
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It can't be null, and it must never be passed a null pointer.
Fixes Coverity CID 1445961.
Change-Id: Ifad962c51e23706fdc544326a45543fe11b73fd1
Reviewed-on: https://code.wireshark.org/review/33572
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It can return null on error; don't add the string it returned to the
Info column if it didn't return a string.
Fixes Coverity CID 1445960.
Change-Id: I73b1585e95e39ad998f10d2a017f33fb3d54e7a7
Reviewed-on: https://code.wireshark.org/review/33569
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just use proto_tree_add_item() or tvb_get_string_enc(); that way, we
handle full UTF-16, not just the ISO 8859/1 subset thereof.
Change-Id: I8ded392b87522c45902354092d6988965265d3b3
Reviewed-on: https://code.wireshark.org/review/33567
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The styling of the color selection buttons in the color preferences is
such that it's impossible to tell if they're disabled or enabled. Hide
and show them instead as needed.
Rename combo box items based on feedback here at SharkFest.
Bug: 15775
Change-Id: I22b384aca56fee73957f5842349efae218b2dd09
Reviewed-on: https://code.wireshark.org/review/33566
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
IANA has registered the UDP port number 6696, called "babel", for use
by the Babel protocol.
Change-Id: I3745dfcdff0710f3245f2ac0226d2864c4260890
Reviewed-on: https://code.wireshark.org/review/33565
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
By holding down the Metamodifier (Ctrl on Mac) you get a contextmenu upon
dropping, from which you can decide if you want to add/or/and not/or not
the filter to the bar.
Bug: 15801
Change-Id: I78b3b265311ee53c7f53698c0e58186eb1afb57f
Reviewed-on: https://code.wireshark.org/review/33560
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
This is required for connectionless authentication, where the first
message is a CHALLENGE message, which contains what the server is
offering, and the AUTHENTICATE reply contains which of what the server
offers can be supported by the client.
It is also required in order to correctly dissect AUTHENTICATE messages
in connection-oriented authentication if the CHALLENGE message cannot be
found, either:
because it's missing in the capture;
because an SMB server is returning, in the Transaction reply
containing a DCE RPC message containing the CHALLENGE message, a
bogus PID and/or MID in response to the client Transaction
message containing a DCE RPC message NEGOTIATE message, so the
DCE RPC message in the Transaction reply isn't dissected as
such;
because one HTTP-over-TCP connection has the NEGOTIATE and
CHALLENGE message and a separate HTTP-over-TCP connection has
the AUTHENTICATE reply.
Both of the latter two have been seen in captures. We should probably
somehow deal with the second case and, if possible, the first case
(handing Transaction reply data to heuristic dissectors?).
Update comments.
Change-Id: I347cd1560e7fb8c7d1892ff4fb14c942b23e9a2a
Reviewed-on: https://code.wireshark.org/review/33559
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Initial go at adding the CableLabs Dual Channel Wi-Fi dissector.
Changes:
. New dissector for CableLabs Layer-3 Protocol ("CL3") IEEE EtherType 0xB4E3
. New dissector for Dual Channel Wi-Fi (Subprotocol of CL3)
. Defined EtherType macro for CL3 + description
Bug: 15818
Change-Id: I6edf99d40883c1890659185cc3f0524a2218a6c4
Reviewed-on: https://code.wireshark.org/review/33440
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The title of a decode_as_t was used by the GTK UI. It's no
longer required for Qt.
Change-Id: Ibd9d4acbe9cad2c1af520340d04e550326a97ebe
Reviewed-on: https://code.wireshark.org/review/33557
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The sequence number shown in the info field is read from the
iv_ogm_packet_v15 object before the actual member is actual read from the
packet buffer. Just split the initialization of the info column to the
actual dissection code for the packet to avoid these kind of problems.
Change-Id: I8eb637aae17680d227116156ef7828e77e36beae
Fixes: 4cc4315793 ("batadv: Add dissector support for batadv v15")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33547
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
The througput meter variant of the icmp packet only shared the first 17
bytes of the original packet structure. The rest of the packet is parsed
based on the message type (15). The new fields
* subtype (MSG, ACK)
* session
* seqno
* timestamp
are required to understand the data exchange between two mesh nodes.
Change-Id: Ic885097871c20d8b580a7f922ee5dac0510aa84e
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33542
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I63dee0897d8a8ee4efbc525f9de3938349fb849e
Reviewed-on: https://code.wireshark.org/review/33552
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Define a new dissector table for non-standard ISO7816 APDUs. If the
ISO7816 class byte indicates that an APDU does not conform to the
standard structure and encoding, we pass the entire APDU to a subdissector
from this table (if available).
Change-Id: I1e802506a66bdb2c9994d42893fa6825eb9fa5fe
Reviewed-on: https://code.wireshark.org/review/33550
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
FabricPath recalculates the FCS based on the whole packet (incl. the Ethernet
header) and overwrites the last four bytes of the packet, effectively stealing
the Ethernet FCS.
Since FabricPath FCS dissection and verification isn't available and falsely
attempted on the Ethernet layer, this commit implements the FCS treatment on
the FabricPath layer and treats the Ethernet layer explicitely as it would not
have a FCS.
It also adds a procotol option to enable FabricPath FCS validation which is
disabled by default though.
Bug: 15769
Change-Id: I382a4907bca158b549bcc8d77459b7829e60f94a
Reviewed-on: https://code.wireshark.org/review/33322
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Note that this dissector covers the USB to serial only. FTDI
Multi-Protocol Synchronous Serial Engine (MPSSE) should be implemented
as separate dissector receiving data from FTDI FT dissector if the chip
has MPSSE.
Ping-Bug: 11743
Change-Id: I1f2e2b56b9351442f7ddbe97106b5f166de2cdca
Reviewed-on: https://code.wireshark.org/review/33520
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The sequence number shown in the info field is read from the
icmp_packet_v15 object before the actual member is actual read from the
packet buffer. Just split the initialization of the info column to the
actual dissection code for the packet to avoid these kind of problems.
Change-Id: I2ab316527854260bb8f85d2283964426fb7508bd
Fixes: 4cc4315793 ("batadv: Add dissector support for batadv v15")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
To correctly show the message type of an batman-adv ICMP v15 packet, the
offset 3 inside the header has to be checked against the list of known
packet types.
Change-Id: I280aac59abd4133eac7d8381fac79f323c79b3de
Fixes: 4cc4315793 ("batadv: Add dissector support for batadv v15")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33545
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The B.A.T.M.A.N. V protocol replaced the OGM announcement with two new
types:
* Echo Location Protocol packet
* OriGinator Message 2 packets
The first packet is used locally to identify neighbors and their base
parameters (orignator + elp interval). The second one is used to announce
each mesh node globally.
The second step to understand the B.A.T.M.A.N. V mesh globally in wireshark
is to dissect the OGM2 packets.
Change-Id: Idee5793dd909fd01588024b4d9b44236ea5ffb86
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33544
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The B.A.T.M.A.N. V protocol replaced the OGM announcement with two new
types:
* Echo Location Protocol packet
* OriGinator Message 2 packets
The first packet is used locally to identify neighbors and their base
parameters (orignator + elp interval). The second one is used to announce
each mesh node globally.
The first step to understand the B.A.T.M.A.N. V mesh locally in wireshark
is to dissect the ELP packets.
Change-Id: I13f5d60637a2774282ca75853884238e8e7dd33c
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33543
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The upper 3 bits of the lower nibble in the octet for the sequence number
in fragmentation packets is used to store the priority of the original
(unfragmented) packet.
Change-Id: I1711ba078aafa06bec309c395e0ec3741b097c17
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Reviewed-on: https://code.wireshark.org/review/33541
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
