The processor brand string returned by CPUID is left-padded in some
cases. For example, adding
g_warning("==>%s<==\n", CPUBrandString);
to get_cpu_info() on a test machine here returns
** (tshark.exe:3808): WARNING **: ==> Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz<==
Make sure it's stripped before we add it to our version information.
Change-Id: Idf9f9574477043a5e7fe4ff1ecb7890d6da90e0a
Reviewed-on: https://code.wireshark.org/review/36108
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When verification fails, it is reported, but when verification
succeeded, it was not entirely sure whether this happened. Change it:
...
Retry Token: a1146aad02d817fec13d6cb95e48b0e3a4d8bd7eb1029588ac9dc55434381cea9c5cec6b…
Retry Integrity Tag: 0b299146c79957dff224ecec33d8b2fc [verified]
Change-Id: I7b99e74d091c28677be91cc6544a0e2cdc1d9ae1
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/36111
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow unconsumed octets to be passed back to the caller so that possible
trailer dissctors can be ran.
Bug: 16387
Change-Id: I289b4b077d40581d5d0f884e30c2f882d58fccf1
Reviewed-on: https://code.wireshark.org/review/36097
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jason Cohen <kryojenik2@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow unconsumed octets to be passed back to the caller so that possible
trailer dissctors can be ran.
Bug: 16388
Change-Id: I022fb2e714a687390259037ac2885751d24619f7
Reviewed-on: https://code.wireshark.org/review/36096
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jason Cohen <kryojenik2@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
My previous patch was broken and did not handle the new Anti-Clogging Token
container. It was broken because I did not realise that Table 9-42 specified
the order of elements in the SAE Fixed Field. Table 9-43 specifies when
elements will be in which type of SAE request. However, 9-42 specifies the
order.
This has been tested with captures from WFA and Jouni Malinen.
Change-Id: Icbaa53560036c421299c74867ec04d9a28ea8aa0
Reviewed-on: https://code.wireshark.org/review/36098
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
All I/O Graph instances share the same configuration. The code was
accessing the UAT underlying number of items variable (num_io_graphs_)
directly but the actual rows were accessed indirectly via UAT interface.
This could lead to UAT missynchronization and in turn an out of range
index access in IOGraphDialog::createIOGraph().
Fix the issue by not using the num_io_graphs_ directly.
Bug: 16373
Change-Id: Ifbc0fddb619d23f31f32aa46c4ae613954a8b780
Reviewed-on: https://code.wireshark.org/review/36106
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From RFC7170
Bug: 16379
Change-Id: I1698e87c78ce3cdc3e322cfb112fd99e8d23e3ec
Reviewed-on: https://code.wireshark.org/review/36056
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ACDR is a protocol over UDP that is used by AudioCodes devices for
recording traffic to and from the device.
It adds a header to each packet that contains extra data about the packet.
For some packet types (like SIP), it also appends the IP and UDP/TCP
headers of the sent/received packet.
The dissector unwraps the ACDR header, and displays the packets with the
original type (and when available, with the original addresses).
Bug: 16275
Change-Id: I19ad90053a2ef73da80881dc5e94aa362de23ea3
Reviewed-on: https://code.wireshark.org/review/35417
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fix decryption of the Initial Packet for Facebook mvfst, based on IETF
QUIC draft -22.
Bug: 16378
Change-Id: I023738f792a68fe020d780e0caee7c6046fe5ca8
Reviewed-on: https://code.wireshark.org/review/36089
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
GREASE (Generate Random Extensions And Sustain Extensibility) is no
longer a draft. Changed references from 'draft' to RFC 8701.
https://tools.ietf.org/html/rfc8701
Change-Id: I9c56098d0c18f1bee1a45ca8ef609b07ea3c0487
Reviewed-on: https://code.wireshark.org/review/36087
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
g46b3753d53 changed "ws_find_package(WINSPARKLE ..." to
"ws_find_package(WinSparkle ..." in CMakeLists.txt in order to
fix an issue with case-sensitive folders.
This exposed a different issue in FindWinSparkle.cmake, where we
were passing "WINSPARKLE" to find_package_handle_standard_args. When
successful this would set WINSPARKLE_FOUND, which would in turn *not*
match WinSparkle_FOUND in ws_find_package, which means that we wouldn't
enable automatic updates.
Pass "WinSparkle" to find_package_handle_standard_args instead. Using
a mixed-case package name results in setting both PackageName_FOUND and
PACKAGENAME_FOUND, which fixes our various checks.
Bug: 16381
Change-Id: I46ef98194dc060ad37d9a30bff4d9e905713759e
Reviewed-on: https://code.wireshark.org/review/36079
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Followup on commit 33bb4b0c22 adding back
the lower end spacer, moving the language selection to the bottom and
also adding tooltips with variable information.
Change-Id: I55c7e39d3a524bb17ccfad55a0e8bf844a500408
Reviewed-on: https://code.wireshark.org/review/36072
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts tpncp.dat changes in f307dcc1d4
in order to maintain compatibility with previous versions of the dissector.
Also update the real value of address family for IPv6, and reset
address family after using it.
Change-Id: I87acf85a84a5ad41fea4a5658181badccebefcb8
Reviewed-on: https://code.wireshark.org/review/36074
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Although we don't depend on any of Qt's SVG classes directly, we do use
SVG icons in Preferences → Appearance → Language and QIcon loads its SVG
engine dynamically. If it's not present Wireshark will still run, but
the user won't see any flag icons.
Require QtSVG in the Debian and RPM packaging. It's not that large (~
400k here on Ubuntu 18.04) and ensures that we have a uniform user
experience across platforms. In this particular case, if the user
experience happens to be "Wireshark's UI is in a language I don't
understand" the little flags can come in handy.
Change-Id: If3c2e8a6040967353dbc462ee475ef12514b25f9
Reviewed-on: https://code.wireshark.org/review/36037
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The actual sampling rate in plugins/codecs/G722/G722decode.c is reported
as 16000 while the RTP clock rate as included in the SDP message is 8000
for historical reasons. Add some text to help people understand where
this difference comes from.
Example dissection for this cosmetic change:
Session Description Protocol
...
Media Attribute (a): rtpmap:9 G722/8000
Media Attribute Fieldname: rtpmap
Media Format: 9
MIME Type: G722
Sample Rate: 8000 (RTP clock rate is 8kHz, actual sampling rate is 16kHz)
Media Attribute (a): rtpmap:101 telephone-event/8000
Media Attribute Fieldname: rtpmap
Media Format: 101
MIME Type: telephone-event
Sample Rate: 8000
Change-Id: I47ccb798719a23713f28ae36fff6716b6dfbb22b
Reviewed-on: https://code.wireshark.org/review/36073
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In case of multiple instances it can be helpful to have an extra identifier
in the window title. These facilities are present and working, yet the
identifiers are not easily modifiable (only through the Advanced preference
page). This changes exposes these setting in the normal Appearance
preference page.
Change-Id: Ib6d7b18d29932edaed7419b44e4edc2f99134cbf
Reviewed-on: https://code.wireshark.org/review/36068
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The packet time calculation used the time(NULL) call to get the time
in seconds and than divided by 1000 to get micro seconds. This results
in correct seconds but some random micro seconds values.
Now get the time in microseconds and divide by 1000000 to get the
seconds and use the remainder for the micro seconds part.
Change-Id: I31f90960e27b0089c20936f69c7dc30f1efd50d9
Signed-off-by: Erwin Rol <erwin@erwinrol.com>
Reviewed-on: https://code.wireshark.org/review/36067
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From Johannes Berg with changes by Richard Sharpe to make it easier for
people to add support for RADIOTAP Header TLVs in the future.
Change-Id: I66d69cbe16740abce1e75ca1e789a2034283306b
Reviewed-on: https://code.wireshark.org/review/36057
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This circumvents a buggy pkg version in 11.x.
Move env var to the proper place while here.
Change-Id: Ib527a92cf8b542c8478daddf082c696caa296d80
Reviewed-on: https://code.wireshark.org/review/36055
Reviewed-by: Dario Lombardo <lomato@gmail.com>
File names can be longer than 256 bytes and still be sane. Fixes
filenames being reported as "[unknown]".
Change-Id: I3425d3106cf6ef63e298c2e73a063a207a4d4aea
Reviewed-on: https://code.wireshark.org/review/36045
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MPSSE response data and chip specific command parameters are not
dissected yet.
Ping-Bug: 11743
Change-Id: If783ef4580d0f8862419a249191f24521e316271
Reviewed-on: https://code.wireshark.org/review/35961
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure we have enough data for a CRC.
Bug: 16368
Change-Id: I03a2532061a5cf5e28cb65c83dd4ab90654d1679
Reviewed-on: https://code.wireshark.org/review/36048
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The "The NPF driver isn't running. You may have trouble" warning dialog
is now redundant, so remove it along with the "privs.warn_if_no_npf"
recent setting.
Add a more general "sys.warn_if_no_capture" recent setting along with a
getter for SimpleDialog's "Don't show this message again." string. Use
them to add a "Don't show this..." link to the main welcome warning
label.
Change-Id: Idffb800761eebf04b75e4be3f6bf7727dd468949
Reviewed-on: https://code.wireshark.org/review/36042
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
In captures of LDAP Privacy (encrypted) data, the dissector
threw Malformed errors because had it attempted to decode
encrypted payloads. See attached example capture
"PRIVACY-payload-(encrypted-data).pcap" at
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16358
Bug: 16358
Change-Id: Ic6d74d464157b145896090316ba73af025af7312
Reviewed-on: https://code.wireshark.org/review/36038
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Previous code did not properly decode protocol (Object dictionnary is not always sent). All changes comply with CANopen DS301 freely available on the web.
Change-Id: Ibaae09af0f1a5300a323a9c94077d1fb7dadd560
Reviewed-on: https://code.wireshark.org/review/35558
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>