Set setAutoFillBackground(true) for a bunch of our editors where
appropriate, similar to g4a2cd15aa5.
Change-Id: Ic87275e3be90af55b8352eb4742559d526dec2b6
Reviewed-on: https://code.wireshark.org/review/36386
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2004 called, they want their libpcap/WinPcap back.
RHEL 6 initially shipped with libpcap 1.0; even old Enterprise(TM)
versions of OSes ship with something shinier than 0.7.x these days.
This lets us get rid of a bunch of #ifdefs and workaround code for
missing APIs.
Change-Id: I862cb027418b0a0c0f45a26979acea82f93f833b
Reviewed-on: https://code.wireshark.org/review/36383
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Mostly comments, but a few messages.
Change-Id: Iff7380eb15f064bf6a3078e131c70987e36bca44
Reviewed-on: https://code.wireshark.org/review/36381
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The GSMTAP Um interface type has so far only been used for transporting
signaling messages. Osmocom has recently introduced support for
encapsulating user-plane data (voice codec frames) in virtphy and
osmo-bts-virtual. Let's catch up with this capability here.
For the Osmcoom side, see:
* https://gerrit.osmocom.org/c/osmocom-bb/+/17415
* https://gerrit.osmocom.org/c/osmo-bts/+/17377
Change-Id: Icceb524f0f47bab206ead8345d405ffea06ac109
Reviewed-on: https://code.wireshark.org/review/36359
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vadim Yanitskiy <axilirator@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Speeds up the asn1 build from 133 seconds to 39 seconds, and guide
builds from 40s to 33s (-j6). Extraction of parallel=x from
DEB_BUILD_OPTIONS was borrowed from the debhelper Makefile.
Switching to Ninja has even more potential speed ups and prevents
interleaving build output, but requires debhelper 11.2 (Ubuntu
bionic-backports, Debian stretch-backports).
Change-Id: I2d403863adf5bfd692300642aad7df4b1cdb6e46
Reviewed-on: https://code.wireshark.org/review/36377
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
As previously in commit 6bb691189c ("gitlab-ci: remove unnecessary jobs,
upgrade versions"), GCC 5 support would only catch two issues. From the
respective commits:
epan/dissectors/packet-synphasor.c:782:7: error: ‘ai’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
ui/qt/wireless_frame.h:63:25: error: in-class initialization of non-static data member is a C++11 extension [-Werror,-Wc++11-extensions]
These are normally just false positive warnings in old compilers, fixed
in newer GCC. It fails only because it was built from git master as
opposed to a release branch where -Werror is disabled by default.
Save some resources, and remove GCC 5. The CentOS-7 job still tests the
old GCC 4.8.5 compiler. Newer GCC versions are handled by other jobs.
Change-Id: I9f49d59e6476ea8bcd9e135dba1c94b37a2f047f
Reviewed-on: https://code.wireshark.org/review/36366
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It's mostly identation but we also fix an incorrect spec name: Usage
Pages. Usage Pages and Usages are different things, but the we currently
call them both "Usages", which is wrong and confusing.
Change-Id: I7e83fbe7dbd4c22a713ecbba136a2caf5d61e2fd
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36365
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
The current approach to identify the the usage page and usage page usages
is not great. It joins both the usage pages and the usages which are
supposed to be individual values. The HID usage tables declarations also
become harder to read as they hold the constructed value, not the value
from the spec.
This patch changes the HID usage table declartions from range_string to
value_string, making them less bulky and easier to read, and splits out
the usage page from the usages.
Change-Id: I018406267fae43683d68c1349049e2c7c26f8ad6
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/36362
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Running `ninja asn1` (or `ninja generate_dissector-t38`) resulted
in loss of some code. It turns out that the autogenerated file was
modified directly instead of the source.
Change-Id: I64bc7dfee8153867c2618deca08ab69dad4b46f4
Fixes: v3.3.0rc0-543-g32679c14be ("Introduce AudioCodes Debug Recording (ACDR) dissector")
Reviewed-on: https://code.wireshark.org/review/36367
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Orgad Shaneh <orgads@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a link to DSTO-TN-1257, which was referenced in the original commit
message.
Change-Id: Id554f59a7fe2b4575c9153ddc1000b1fcaac1228
Reviewed-on: https://code.wireshark.org/review/36361
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A lot of auto-generated ASN.1 dissectors have broken identation and
Clang 10 started warning about them for the first time. Fix these by
using 2 spaces as indentation instead of 2, none, or tabs.
Change-Id: Ia91668596c2f5000954d2265c39cc5dba18e44a7
Reviewed-on: https://code.wireshark.org/review/36368
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add links to the command prompt documentation and mention that you can
set up a VC++ environment in an existing command prompt.
Change-Id: I74a2e1450ad1113ef94896fc2c6dbd06d96e3d40
Reviewed-on: https://code.wireshark.org/review/36352
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is required to call asciidoctor.
Change-Id: Iff47a9d6b92f68d0b5ec611570cd2bbc2c56c926
Reviewed-on: https://code.wireshark.org/review/36340
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Emit the fieldSelected signal when the currently selected dissection
tree item is clicked. This causes the corresponding bytes in the
packet bytes tab to be re-selected.
Change-Id: I9168163f6734ef05ed3196c291a813125d8e86c6
Reviewed-on: https://code.wireshark.org/review/36303
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Roland Knall <rknall@gmail.com>
The AFS dissector was erroneously attempting to dissect the RPCs for the
Backup Tape Controller (BUTC) on the BACKUP port 7021. A different set
of RPCs for the Backup Database Server are served on the backup port
7021.
To address this confusion:
- Rename the existing "backup" RPC table to "butc", and dissect it on
the correct port. This port may be in a range from 7025 up to the
maximum 65535.
- Create a new "backup" RPC table with the correct RPC names for those
exported on the 7021 port.
- Make other adjustments as needed to properly distinguish and handle
both "backup" and "butc" requests and replies.
With these changes, the BKUP operations in the Wireshark afs.cap sample
capture are now dissected correctly.
Change-Id: I906787889e10cad307d9a6fa610c3e35f2b69184
Reviewed-on: https://code.wireshark.org/review/36300
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AFS reassembly support was added by commit
64d9c005f9. However, it was always on and
could not be disabled; this can cause unacceptable performance issues
with large packet traces.
Instead, add a configuration option for tshark:
-o afs_defragment:true or false (false by default)
Also, add a Wireshark preference pane item for AFS:
[ ] "Reassemble fragmented AFS PDUs" (off by default)
Change-Id: I9b8f2a7c7821214c15a2a27292f2f4006ce8efa3
Reviewed-on: https://code.wireshark.org/review/36299
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Teach the dissector about some newer RPCs, and document some of the gaps
in the RPC ranges.
While here, remove a few commented-out lines that refer to previous
incarnations of the reassembly code.
Also correct the ouput description for the Link RPC, which actually
describes the status of the created (hard) link, not a symlink.
Change-Id: I03181cb4807f842842fe8a1003fc7b40a49ad2ba
Reviewed-on: https://code.wireshark.org/review/36298
Reviewed-by: Anders Broman <a.broman58@gmail.com>
An RX_PACKET_TYPE_VERSION packet may be used to request the AFS version
from a server. It may also be issued periodically as a "NAT ping", to
assist in keeping UDP port mappings intact over what may otherwise be a
long period of network inactivity.
Provide some information in the info column for each of these use cases.
Change-Id: I73aa7f2cbfd4a3e9538d629086bfa35eda6b6bf7
Reviewed-on: https://code.wireshark.org/review/36294
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When decrypting a frame the decryption occurs in a temporary buffer.
After successful decryption the decrypted frame is first copied back,
then a memmove operation is used to remove the CCMP header mid frame.
As the mac header is not encrypted there's no need to copy that part
back again after decryption. This means there's no mid frame data
that must be removed. Instead just copy the relevant portion and
save one memmove operation.
Change-Id: I24b938a6f5fac5a23cd0132aefe9ce258b352ef8
Reviewed-on: https://code.wireshark.org/review/36342
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The offset parameter to functions Dot11DecryptWepMng and Dot11DecryptRsnaMng
is always same as mac_header_len so not needed anymore.
Change-Id: I298e207c9317051b634aabd3f6a0e0921687b4d4
Reviewed-on: https://code.wireshark.org/review/36341
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix Copy->Description from context menu in Packet List and
Packet Dialog. This was broken in gf6534b8a.
Align MainWindow::actionEditCopyTriggered() using the same procedure.
Improve ProtoTree::ctxCopyVisibleItems().
Bug: 16323
Change-Id: I564b73c027019bc59629aa84098db8f307e92d40
Reviewed-on: https://code.wireshark.org/review/36339
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Synchronize response stream on Bad Commands. Mark any skipped response
(missynchronized) data with expert info.
Insert Wireshark generated "Command in" and "Response in" fields that
allow fast navigation between packets.
Ping-Bug: 11743
Change-Id: I08914f19501a83ff7f6194cb8dce5604f781cb42
Reviewed-on: https://code.wireshark.org/review/36324
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the Distinguished Names list is large in the Certificate Request it can
trigger the "Dissector bug warning". Having a huge list in the tree pane is
not useful anyway so this change limits the amount of DNs added to the tree,
preventing this fault condition.
It is indicated by adding a "[Tree view truncated]" item.
A side effect is that a handshake is no longer incorrectly flagged as 'resumed'
because the Server Hello Done in the same packet is now dissected.
Bug: 16202
Change-Id: Ib315940dcabc2d6b31cf3562354214158ea545a5
Reviewed-on: https://code.wireshark.org/review/36314
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There's no
QString arg(uint a, int fieldWidth = 0, QChar fillChar = QLatin1Char(' '))
const
version of the arg method of QString, there's only
QString arg(uint a, int fieldWidth = 0, int base = 10,
QChar fillChar = Latin1Char(' ')) const
so if you don't pass the base argument, it turns the QChar into an int
(presumably using the unicode method, so that ends up being 0x20 or 32),
passes it as the base argument (so it does the conversion base-32 -
that's <= 36, so it's a valid value for the base argument), and defaults
the fillChar argument to space.
Add 10 as the base argument, so it behaves correctly.
Bug: 16429
Change-Id: If4872d6d55aa5d9a7489219622d4190827e65d34
Reviewed-on: https://code.wireshark.org/review/36337
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Keep the list selection when renaming a profile in the
Profiles dialog.
Bug: 15966
Change-Id: Ifda223b2286ef49ba46830954872e9303e27a089
Reviewed-on: https://code.wireshark.org/review/36322
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
When entering a deprecated protocol name in the filter a warning is
placed in the status bar to this effect. The new protocol name is
not reveiled though, leaving the user in doubt what to use.
This change adds the new protocol name to the text in the status bar.
Change-Id: Ib892f79893471065eca81c7cf17e165256fdc9a9
Reviewed-on: https://code.wireshark.org/review/36086
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
It's one byte, so it should be FT_UINT8, and it's a bitset, so it should
be BASE_HEX.
Change-Id: I4f155d5a7a062d0a4267be80d87b2ff3468c2784
Reviewed-on: https://code.wireshark.org/review/36326
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It has been patched and now it works again.
Change-Id: I69c28efb6b105ed7f748acc6be1fefd36d62cf9c
Reviewed-on: https://code.wireshark.org/review/36320
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
vcredist is now shipped with VS. No need to download it, then no
chance of getting the wrong one.
Change-Id: I90f3874d6e09dfb4de736756ef39274c028a5441
Reviewed-on: https://code.wireshark.org/review/36311
Reviewed-by: Gerald Combs <gerald@wireshark.org>
length+value strings in AFS are padded to a multiple of 4 octets.
A bug caused the dissector to add an extra 4-octet pad when no padding
was required. This causes any field after the string to be
mis-dissected, resulting in a false alarm "Malformed packet".
Correct the padding logic to eliminate the false alarm.
Change-Id: I2edc58f20830c2df99d87cdd7d0cbf3bc9b92991
Reviewed-on: https://code.wireshark.org/review/36297
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>