This patch improves detection of a SPDY/3.1 in SSL capture. While at it,
add other protocols from the RFC/drafts.
spdy was tested against a private capture from spdy/3.1 communication
between Chromium 40 and ssl.gstatic.com.
http2 was tested against http2-16-ssl.pcapng from
http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys
Change-Id: I111efae34d614b7d8e37eaaa686b391d332753dd
Reviewed-on: https://code.wireshark.org/review/7000
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Clicking "Decode" in the RTP player triggered an ASAN
heap-use-after-free in update_progress_bar(). Explicitly set
progress_bar to NULL to prevent this.
Change-Id: Ice3105a11642a1cc5a54b8fbdf7dbf0ed430d965
Ping-Bug: 10714
Reviewed-on: https://code.wireshark.org/review/6999
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On the wire P_DATA_V2 is same as P_DATA-V1 plus 3 bytes "peer-id" value
after opcode. Client-side support has been added since OpenVPN 2.3.6,
server side is in master branch and will appear in 2.4.
Peer-id is especially useful for mobile clients (they often float
between 3G/Wi-Fi) and in general for Wi-Fi clients (solves UDP NAT
timeout issue).
Change-Id: Ic5d2e05e62c27bed18c2368a1bbc5c7bf4d358f1
Reviewed-on: https://code.wireshark.org/review/7023
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows for even more cleanup with respect to how address types are handled, including removing address_to_str.c. Most of the functionality was folded into address_types.c, but the remainder was just dispersed because it didn't make sense to keep the file.
Change-Id: Id4e9391f0c3c26eff8c27b362e4f7a1970d718b4
Reviewed-on: https://code.wireshark.org/review/7038
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Using the new address type registration, dissectors can create their own address types with their own (column) filters attached to them, eliminating the need for an address to keep track of a hf_ field.
Change-Id: I2bbec256a056f403a7ac9880d5d76a0b2a21b221
Ping-Bug: 7728
Reviewed-on: https://code.wireshark.org/review/7037
Reviewed-by: Michael Mann <mmann78@netscape.net>
Information about dissector (filter) fields should be kept in a dissector as much as possible. Supporting "column filter string" also allows other dissectors to create their own "address types" with different column filters (because AT_ETHER isn't always an "Ethernet" address).
This feature also allowed a few "dissector specific" address types to be moved to their own dissector.
Change-Id: Ie9024af4db62bc2ee4f8c9d28a1d807f706f45bf
Ping-Bug:7728
Reviewed-on: https://code.wireshark.org/review/7029
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now address types are setup just like field types and must be registered with a structure that provides its string representation (and more things in the future). Address types that are limited to a single dissector are registered by the dissector. More "common" ones are globally registered. There are still a few that really belong in a dissector, but have other dependencies currently not accounted for in the address type support.
Many of the "address to string" conversions that involved g_sprintf have be changed to use more "performance friendly" methods (some at the cost of needing to_str-int.h)
Leaving all comments regarding this "solution" in address_to_str.c in until all have been implemented
Change-Id: I494f413e016b22859c44675def11135f228796e0
Reviewed-on: https://code.wireshark.org/review/7019
Reviewed-by: Michael Mann <mmann78@netscape.net>
The DNS packet's 3rd additional RR is a LOC RR.
In the LOC RR, Wireshark marks the Size field with meters unit.
However, the Horizontal and Vertical Precision fields have no units
Issue reported by Boaz
Bug:10940
Change-Id: If177757d2bba6ea012a320aceaea2f8d8e50155c
Reviewed-on: https://code.wireshark.org/review/7014
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ied0428324c14f248bf6857fd288b4fb5d4591230
Reviewed-on: https://code.wireshark.org/review/7033
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I11c805b285d277ecb963622385154c310f6d1c67
Reviewed-on: https://code.wireshark.org/review/7032
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icb7fec658f895e91069e51bab50d57a0a93f5cba
Reviewed-on: https://code.wireshark.org/review/7031
Reviewed-by: Michael Mann <mmann78@netscape.net>
Preparation to add Multicast Stream Dialog on Qt (Add extern C...)
Change-Id: Ic8bc39a18dba607d6da116df799de7847ce8e4c8
Reviewed-on: https://code.wireshark.org/review/6984
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic8f93913396de3d97cdba4473e6837056c8250a6
Reviewed-on: https://code.wireshark.org/review/7030
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Mostly: Rename a number of macros to be RIEMANN_...
Change-Id: I2b8beb5f9241a0a2a380b8a38222ef07beb1703c
Reviewed-on: https://code.wireshark.org/review/7028
Reviewed-by: Bill Meier <wmeier@newsguy.com>
The following doesn't quite do what it might seem to be doing:
*value |= (byte & 0x7F) << shift; //guint64 *value // guint8 byte
The warning from MSVC2013:
Arithmetic overflow: 32-bit value is shifted, then cast to 64-bit
value. Results might not be an expected value
Change-Id: I06e196559ec0e84da77d8866355ae7f86ba43f73
Reviewed-on: https://code.wireshark.org/review/7020
Reviewed-by: Bill Meier <wmeier@newsguy.com>
uuid_t is a data type provided by a number of environments, thanks to
the Open Software Fuundation; calling the Bluetooth code's data type,
which includes an actual OSF-style UUID as a member, "uuid_t" can lead
to confusion and *does* lead to compile errors on platforms where, for
better or worse, system headers such as <unistd.h> define uuid_t (and
are included by, for example, Qt headers).
Just rename it "bluetooth_uuid_t".
Change-Id: Ic742723913ba4105cd3269dd24fc821147285176
Reviewed-on: https://code.wireshark.org/review/7017
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The following doesn't quite do what it might seem to be doing:
guint64 num;
guint8 b;
num |= ((b & 0x7f) << shift);
The warning from MSVC2013:
Arithmetic overflow: 32-bit value is shifted, then cast to 64-bit
value. Results might not be an expected value
Change-Id: Ic8c939355b54317f0b459c60342f3cb5dfa29624
Reviewed-on: https://code.wireshark.org/review/7015
Reviewed-by: Bill Meier <wmeier@newsguy.com>
if they're dealing with HID descriptors
Change-Id: Ia529fe373653ddf18e05e8ad148a2f5b5686fa95
Reviewed-on: https://code.wireshark.org/review/7010
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I19544eeccd5206de88fe480f9b02bc57fcc278bd
Reviewed-on: https://code.wireshark.org/review/7009
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Iaf339310c3b606885e945d10cffc1956ce24578a
Reviewed-on: https://code.wireshark.org/review/7008
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
treat those two messages as class-specific control messages, handle them
inside the USB HID dissector
Change-Id: I42d201df4a8fdb94c947b6118c0b50945c306423
Reviewed-on: https://code.wireshark.org/review/7006
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
pass the data only to one subsequent dissection function
either we have a standard request or a non-standard request that can be
handled by a class dissector (we used to do both at the same time,
this makes the output difficult to read)
Change-Id: Ia46239b2b9e121c9ca165cc56d0b271345d7962e
Reviewed-on: https://code.wireshark.org/review/7005
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
top-most tree on which it operates
this gives callers more control over where things are displayed
Change-Id: I8cdc07b4f3569bca728781fb709e2a2bb37c433b
Reviewed-on: https://code.wireshark.org/review/7004
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
standard setup request
it's not sufficient to look at the type bits in the request type field
use the new function where we checked the type bits before
Change-Id: I65b901dca91607a4dad4e4296b3f3a877aebf346
Reviewed-on: https://code.wireshark.org/review/7003
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Version to add as generated field, without tvb offset, length.
Change-Id: If4c7aebcbf1b47faa483bcbd40995eff3ccb99f0
Reviewed-on: https://code.wireshark.org/review/6906
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Introduced in gca3fe28;
Found by MSVC2013 Code Analysis
Change-Id: I4c754dfacca492b53debdaf82557e4fe91698460
Reviewed-on: https://code.wireshark.org/review/6991
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
It is a GUI+QT feature that introduce Bluetooth menu and
"ATT Server Attributes" that present all handle+UUID pairs
as table. User may copy cell value, row, selected rows or whole
table within header. On activate user will go to packet that
introduce UUID for specified handle.
Change-Id: If17e53aff5feb89ededc740a595ba5882b90be5e
Reviewed-on: https://code.wireshark.org/review/6911
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
"Break" is not missing, "error opcode" is part of opcode "Error Response"
that is needed to fetch request data.
Change-Id: I35432b22fae492a93332a8787213dd8fcf796e3b
Reviewed-on: https://code.wireshark.org/review/7001
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
The tap listener was handling rtpstream_tapinfo_t* types while other
users was expecting a GList* instead. Fix this and avoid future
confusion by replacing void* pointers.
Ping-Bug: 10714
Change-Id: I66f62eaaed4a529714264bbf4e7ad1e72b46ce5a
Reviewed-on: https://code.wireshark.org/review/6997
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Merge in the old ColorDialog which was a placeholder for
color_filter_add_cb.
Change-Id: I48d188509f480b8514122b4011ac9d8790fcca10
Reviewed-on: https://code.wireshark.org/review/6996
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Main window:
Keep track of our current layout and only change it if the preferences
change. This keeps the panes from resizing.
Re-select the current packet if the layout changes so that the proto
tree and byte view aren't left in an invalid state. This fixes a crash
similar to bug 10896.
Search frame:
Get rid of an invalid error message. Update coding style.
I don't think any of these fix bug 10921 since Xiaochuan seems to get a
crash immediately upon opening the dialog.
Change-Id: I0e880a50d3c9ac1c6ae6a01034b05fd2249444f4
Reviewed-on: https://code.wireshark.org/review/6989
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
- Remove some boilerplate comments;
- Use a consistent indent style (gnu);
- Use a consistent format for hf[] entries;
- Whitespace;
- Long lines;
- Rename a generic macro;
Change-Id: Ic2edcf8a8c0151d63a0d0ad901ddea9d7443ad19
Reviewed-on: https://code.wireshark.org/review/6994
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Found by MSVC2013 Code Analysis
Change-Id: If8138ff3eab7daa1da728781314f8024e36545be
Reviewed-on: https://code.wireshark.org/review/6992
Reviewed-by: Bill Meier <wmeier@newsguy.com>
can be considered TOS 0.
Use similar logic in LSA-Summary processing.
Ping-Bug: 6302
Change-Id: I0a74b95f6c4413ebce240e6e1b46c7e88311713a
Reviewed-on: https://code.wireshark.org/review/6951
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since 'values' is always 'length/4', we can have it as 'gint' and avoid
the Clang warning concerning the while cycle.
>> cannot optimize loop, the loop counter may overflow [-Wunsafe-loop-optimizations]
Change-Id: I4342f9e3fcd5df7779f41414ab6f789fe402e3af
Reviewed-on: https://code.wireshark.org/review/6979
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Remove emem's 8-byte-memory-alignment configure check as well as references
to all the environment variables emem used.
Change-Id: I897aec9e9c68e064454561e7a9f066b18892ec66
Reviewed-on: https://code.wireshark.org/review/6950
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
They've been deprecated for a very long time. Replace them with
getaddrinfo. Note that we might not want to do synchronous name
resolution at all.
Add HAVE_GETADDRINFO to the KfW win-mac.h collision list.
Change-Id: If59ce8a038776eadd6cd1794ed0e2dad8bf8a22c
Reviewed-on: https://code.wireshark.org/review/6958
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>