Change-Id: Id06bd486114a80fb899f8dc148d48928e99e775e
Reviewed-on: https://code.wireshark.org/review/2602
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since DTLS and TLS do not differ in handling ClientKeyExchange and
ServerKeyExchange, its dissection got moved to ssl-utils. The code is
based on the SSL dissector, with header field names adjusted to the
DTLS ones (those got capitalized). Besides a version difference (for
signatures), the header field and function names, the DTLS and SSL code
are equal (this is verified).
This patch refactors the dissectors for DHE_RSA and ECDHE to make use of
a common function to dissect the signed_params field. All offset
tracking is also removed in favor of exception handling by the
proto_tree_add_item function. Occurrences of proto_tree_add_uint are
also replaced by proto_tree_add_item for simplicity.
After those changes, the SKE dissector for DH key exchanges is updated
to handle the mandatory signature field in TLSv1.2, using the newly
added function. (bug 9208)
Another bug occurred after the length check removal, pre-TLS and
OpenSSL's old DTLS implemenation do not include a vector length in
the CKE. This is now also fixed. (bug 10222)
Other minor changes: comments added/corrected, renamed
keyex_dh -> keyex_dhe (includes DHE_RSA and DHE_DSS).
Bug: 9208
Bug: 10222
Change-Id: I76e835d56a65c91facce46840d79c1c48ce8d5dd
Reviewed-on: https://code.wireshark.org/review/2542
Reviewed-by: Evan Huus <eapache@gmail.com>
That way, the code that constructs the runtime version string doesn't
itself have to call libpcap and libz, and could be usable in programs
that don't call them.
While we're at it, add "with" to the run-time version information for
GnuTLS and libgcrypt, to match the compile-time version information, and
add the version information from libwireshark to TShark.
Change-Id: I3726a027d032270b032292da9314c1cec535dcd2
Reviewed-on: https://code.wireshark.org/review/2587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove no longer needed system includes
Change-Id: Id9ffffaa7da5185041db63fa7611d348a1cc4b68
Reviewed-on: https://code.wireshark.org/review/2577
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Profling SIP shows that gperf generated hashing code, is
3 times faster than using GHashTable & g_str_hash/_equal()
This result in about 1% improve of whole dissection (sip traffic with filter).
Change-Id: Id6bf64bacd872e2d1c30a1b6356db444b25ba326
Reviewed-on: https://code.wireshark.org/review/2116
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When dissecting with columns TCP dissector spends
around 1/4 time in col_append_fstr(), add col_append_lstr()
and do formatting by ourselves.
Change-Id: If90bc26242761884b4991e8db0db62c8f9e32690
Reviewed-on: https://code.wireshark.org/review/2527
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Presumably that was the intent.
Change-Id: Icf8529a23a9a36e7f12e446d67f3867771b221d8
Reviewed-on: https://code.wireshark.org/review/2566
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I753ca95e2e1b38bad2c09955317e648c525e40ef
Reviewed-on: https://code.wireshark.org/review/2509
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
bug: 6071
Change-Id: If7b544a762df10ffc13aeaf8886cf74a1757c37c
Reviewed-on: https://code.wireshark.org/review/2512
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib60ca75b7da8cfa21cfe2999c9b9448a02c332df
Reviewed-on: https://code.wireshark.org/review/2560
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some binary logcat packets has more then one line, show them in
a convenient form.
Change-Id: I008aac6fe5589f2b10db51f7221853f9d79bbc7a
Reviewed-on: https://code.wireshark.org/review/2549
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Fix invalid structure casting by using defaults values,
this also fix DecodeAs for A2DP.
Do the same for VDP.
Change-Id: I360787af648ed65205eb54732ab6d88f8532cf15
Reviewed-on: https://code.wireshark.org/review/2551
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Some interfaces support multiple Bluetooth adapters with events like
add/remove. We must support that to distinquish adapters streams
in case that new adapter has the same id that old one.
Next one is create session for "Connection Handle", so
next layer will now when it is connected and disconnected.
This is also used to distinguish streams.
Change-Id: I9e062c8e4cc9c033b75f1a596e8351a215169843
Reviewed-on: https://code.wireshark.org/review/2548
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Hopefully, this will fix the warnings from the buildbot that entry_item
was used without being set.
Change-Id: Ibfd921bfbbad68cd8eafd1e3ad3d178cfca03d6e
Reviewed-on: https://code.wireshark.org/review/2547
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ieaa0fa5cdbe8dc8f50cf5b9ee432c786a8f9fc9a
Reviewed-on: https://code.wireshark.org/review/2540
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia32c2f24df9392d1102fa1121ac93b1071bae7ca
Reviewed-on: https://code.wireshark.org/review/2538
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I6cbc5047b8d58ecbe41bf5392d31dc0adc81d5d5
Reviewed-on: https://code.wireshark.org/review/2537
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Iec3bdfcb3cb14e97045789aec1e11288357d379d
Reviewed-on: https://code.wireshark.org/review/2536
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I4e60295208c2ac35a452f5fb3dffd090cc151473
Reviewed-on: https://code.wireshark.org/review/2535
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
(just copied the existing code)
Change-Id: Ia6dd9be9b39c3c16408e22181225c18d56ac6016
Reviewed-on: https://code.wireshark.org/review/2534
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Add a routine get_ws_vcs_version_info() that, for builds from a tree
checked out from Wireshark's version control system, returns a string
that includes both the Wireshark version number and an indication of
what particular VCS version was checked out, and just returns
Wireshark's version number for other builds.
Use that routine rather than manually gluing VERSION and the Git version
number together.
("vcs", not "git", just in case we do something bizarre or mercurial
some day. :-))
Change-Id: Ie5c6dc83b9d3f56655eaef30fec3ec9916b6320d
Reviewed-on: https://code.wireshark.org/review/2529
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This fix does change the format printed for values using bitmasks
(because the bit values are printed first) and is not always wanted
in this dissectors (because of readability).
We should have a better way of doing what I want in this dissectors,
so I'll have a look at this later.
Change-Id: I2477aa6b1d0c42a7ad5848bba3cb74dce3bba1f0
Reviewed-on: https://code.wireshark.org/review/2485
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I6653b733dfd2c587909371e50fd0c2efc4649dcd
Reviewed-on: https://code.wireshark.org/review/2482
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5762fb30f57d0f9bc3e5fc786577ed1cc49b64d7
Reviewed-on: https://code.wireshark.org/review/2481
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
This is intended as a replacement for all of the proto_tree_add_text followed by proto_item_add_subtree calls.
Change-Id: I892136d7b9d8b4e100996097eff62ce7af9512d2
Reviewed-on: https://code.wireshark.org/review/2472
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hidden fields are deprecated, and we were hiding them inconsistently anyways.
Bug:10211
Change-Id: Iaf1576ae7bc04c0c0bd896c096b117f1b8af2e9e
Reviewed-on: https://code.wireshark.org/review/2474
Reviewed-by: Evan Huus <eapache@gmail.com>
Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
Essentially:
When more data is needed to continue dissecting a PDU, use
DESEGMENT_ONE_MORE_SEGMENT instead of repeatedly requesting
additional bytes (for one or a few more fields).
- Improves the efficiency of the dissection;
- Prevents 'one-pass' tshark dissection from redissecting
the PDU repeatedly many, many times with each time dissecting
the PDU with one or a few more additional fields.
This generated *lots* of (repeated) output since a reassembled
VNC PDU can contain many fields (each of short length).
- (A comment in packet-tcp.c states, in effect, that repeatedly
requesting a specific amount of more bytes to dissect a PDU
will "break reassembly" although I note that the reassembly did
seem to work (in-efficiently)).
Note: Although this patch improves the handling of reassembly, the
dissector has significant issues. For example. see Bug #5366.
I expect this fixes the Bug #10134 issue: "Cannot allocate memory";
Before the fix, 'tshark -nVxr' for the input file generated trees with
multiple hundreds of thousands of entries and generated reassembled
PDUs consisting of many, many small fragments.
Change-Id: I970037c346fbaa4bffa5726fd5bee5f69396eabf
Reviewed-on: https://code.wireshark.org/review/2471
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Also rename base protocol filter name to match prefix of all other fields
Change-Id: Iff234c1443252b9f8e6d87fd7a76925746b5e513
Reviewed-on: https://code.wireshark.org/review/2449
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Cleaned up filter names that were shared, but had different types (which can cause problems in a display filter compare)
Also cleaned up many [FIELDDESCR] that effectively mimicked the field name. Even more could probably be done (and/or rename field name to be more descriptive), but I was being conservative.
Change-Id: I2e072b4f411c390b9430a0a0d903133d6decae5e
Reviewed-on: https://code.wireshark.org/review/2448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't manually fetch each character to find ',' use tvb_find_guint8()
Change-Id: I29711421469e868a86bf2edd7adf8dcc85ed26eb
Reviewed-on: https://code.wireshark.org/review/2446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I59ad726c16d4a85dd065f4a21bdf5d86e47c82cd
Reviewed-on: https://code.wireshark.org/review/2451
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(unknown length)
this fixes bug 9527
Change-Id: I255ae9662dfeea06e61e4b0891e0ea8eaa254d0f
Reviewed-on: https://code.wireshark.org/review/2462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ie1a71046b791bcbbf3cf02ddd1c4ddc88b388302
Reviewed-on: https://code.wireshark.org/review/2461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Check for all the different AF_INET6 values that are on various OSes.
If Totem is, and will forever be, used *ONLY* on one particular OS, feel
free to remove the uses of other _AF_INET6 values (but do *not* change
back to using the OS's AF_INET6; this should dissect the protocol
correctly on *all* OSes).
Add a common AF_INET definition to epan/aftypes.h while we're at it, and
use that; as most OSes picked up 4.2BSD's AF_INET value, most if not all
of them use 2, but IPv6 came out after 4.2BSD, and various OSes all
picked their own values for AF_INET6.
Change-Id: Iae15dfdd15203ed3ecd078a6499821dc09139a98
Reviewed-on: https://code.wireshark.org/review/2458
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ieb231d9f551f3e157197f56378088fb0069388d3
Reviewed-on: https://code.wireshark.org/review/2455
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib3a1ddc4342a7a8648d6ed8bfcb35aa229c56a27
Reviewed-on: https://code.wireshark.org/review/2445
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I487a3451344796447f0d5621b993cc89c29e93b5
Reviewed-on: https://code.wireshark.org/review/2383
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
At least now it does. (So does ep_address_to_str().)
Change-Id: I5fdf15ca42faac802fd21b4b6f5b750ed402bd05
Reviewed-on: https://code.wireshark.org/review/2442
Reviewed-by: Guy Harris <guy@alum.mit.edu>
ep_address_to_str() doesn't crash if called outside packet scope, but
it's still not correct to use outside packet scope. Use
address_to_str(NULL, ...) to allocate those strings, and then explicitly
free them when we're done; exceptions don't get thrown between the
allocate and free, so there's no risk of a leak.
Change-Id: Iea2af93b0757e648d399e2ba64249224eb7e9e3c
Reviewed-on: https://code.wireshark.org/review/2438
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most (all?) of these functions are being called within GUI, so they can't have packet_scope, which is why they weren't already converted (I made this mistake once already)
This reverts commit 7fea55a054.
Change-Id: I4bf29b206e5e1f5daefcec131309a8f6e78e1eb1
Reviewed-on: https://code.wireshark.org/review/2428
Reviewed-by: Michael Mann <mmann78@netscape.net>
They aren't built with the same warning flags as normal, but if you add those
flags a bunch of warnings show up.
Change-Id: If3776fbd98cc45e473f055e07c86ea8f6a5034f7
Reviewed-on: https://code.wireshark.org/review/2432
Reviewed-by: Evan Huus <eapache@gmail.com>
From Masatake YAMATO
changes in patch3 (Masatake YAMATO):
* Fix a typo(s/Sequnce/Sequence/)
* Use variable len instead of a number literal
* Put _U_ marker to length parameter of dissect_corosync_totemsrp_ip_address
* Use tvb_report_length instread of tvb_length
changes in patch5 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Adapt to new dissector_try_heuristic interface
+ pass hdtbl_entry argument to dissector_try_heuristic.
* packet-corosync-totemnet.c: Initialize corosync_totemnet_port to 5405
changes in patch6 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Use tvb_reported_length instead of tvb_length.
* packet-corosync-totemsrp.c: Remove unnecessary trailing space in string literals.
* packet-corosync-totemnet.c: Remove SVN Id tag in a comment.
changes in patch8 (Masatake YAMATO):
* packet-corosync-totemnet.c: Remove SVN Id tag in comment(again).
* packet-corosync-totemsrp.c: Use val_to_str_const instead of val_to_str.
changes in patch9 (Masatake YAMATO):
* wsutil/sober128.[ch]: New files derived from packet-corosync-totemnet.c.
Decryption code is moved here.
* packet-corosync-totemnet.c: Remove all decryption code from this file.
Change-Id: Id832d9c5ce1be1668c857c9bbf39e8a84c31880c
Reviewed-on: https://code.wireshark.org/review/725
Reviewed-by: Evan Huus <eapache@gmail.com>
I've avoided using any mathematical checks even though tlv type vals increase linearly just in case they change in the future.
Change-Id: I0ec7021df5b91543e12edf9ba8d9c4ac44ecb11c
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/2193
Reviewed-by: Evan Huus <eapache@gmail.com>
No need to use dissector_add_uint() with a bogus value.
Change-Id: Ia5e51d199487ba14cd671c7df44231a0d407c50b
Reviewed-on: https://code.wireshark.org/review/2431
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Combine tvb_find_guint8() for comma, semicolon into one tvb_pbrk_guint8()
- Instead of fetching each character use tvb_pbrk_guint8() to fast
forward.
- Remove not needed tvb_find_guint8() call, as the result is discarded.
Change-Id: I38d6775b187146656d47cea9b64f8e0ccad18d36
Reviewed-on: https://code.wireshark.org/review/2384
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Separating the "try to guess whether there's a control word" type from
the "yes, there's a control word" and "no, there's not a control word"
types is just a huge UI botch.
Make it clearer that the default is "Ethernet pseudo-wire, try to guess
whether there's a control word".
Change-Id: I91cc526fc709ad102b22ca67f5a9d7c98fffa0cc
Reviewed-on: https://code.wireshark.org/review/2414
Reviewed-by: Guy Harris <guy@alum.mit.edu>
and will be verified by Jasper next week
Change-Id: I3cda397285e8174abb9c05b7aaf7c1bfabdfc71a
Reviewed-on: https://code.wireshark.org/review/2408
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Instead, explicitly allocate and free the address string.
Using packet scope was causing test failures.
Change-Id: Ie18d2da44d2eec8a92a6a86b0ba883a5525f49cd
Reviewed-on: https://code.wireshark.org/review/2387
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This (if it works well) will let us do much more accurate out-of-order
detection, which is currently otherwise hardcoded to 3ms. Ask Jörg for details.
Change-Id: Ie0662723946edeaea1e43958bf7f5158f09dde71
Reviewed-on: https://code.wireshark.org/review/2367
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Id292fd1b0fbff3a043e64296a88c78c1a5ac00d7
Reviewed-on: https://code.wireshark.org/review/2369
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
This patch makes tvbparse_[not_]chars() to generate
array of characters which is accepted,
later this array is checked in cond_chars_common().
This results in nice speedup of XML dissector (~33% for my file).
Change-Id: I62a5585f8bccaaea1a0c49fc70c7552531493442
Reviewed-on: https://code.wireshark.org/review/2356
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I2274b97c74a845e6514e8acff136e55f721f11a8
Reviewed-on: https://code.wireshark.org/review/2354
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ie494a52fa73f7b91bc65da1bc36516f799ef4967
Reviewed-on: https://code.wireshark.org/review/2353
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
bit decoding for these values.
Change-Id: I7ab6c4badf5b66d6f434a47523e2b35730ecb65d
Reviewed-on: https://code.wireshark.org/review/2338
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
this can happen and cause invalid memory accesses with incorrectly-large padding
values
Bug:10187
Change-Id: Ib9b2a2fa10766efb4d95d588f57354a56373c626
Reviewed-on: https://code.wireshark.org/review/2325
Reviewed-by: Evan Huus <eapache@gmail.com>
free the value we pass it, fixing a memory leak
Change-Id: I446cb85d82a0697c24035461ad03450855b68884
Reviewed-on: https://code.wireshark.org/review/2304
Reviewed-by: Evan Huus <eapache@gmail.com>
This does not work for old-style dissectors as they always return
the number of bytes in incoming buffer and not the number of bytes
dissected. This is noted in the documentation.
Change-Id: I5b236a73952cac3efc830e40276283bed9af1f87
Reviewed-on: https://code.wireshark.org/review/2237
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using dissect_nt_64bit_time it is not possible to access the created proto_item afterwards, hence the new function.
Change-Id: I39aca92536a53841045c30b601b6ec1a7d8bfb4e
Reviewed-on: https://code.wireshark.org/review/2160
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Select an appropriate gcrypt cipher based on ISAKMP encryption ID and
key length attribute. Fixes bug 10128.
Bug:10128
Change-Id: Ie74fc51eb9bfe6d68340056d3ef2ef28c7677fb8
Signed-off-by: Alex Badea <abadea@ixiacom.com>
Reviewed-on: https://code.wireshark.org/review/2296
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
There is a check that disables decryption for non-PSK authentication. It
has been around ever since its introduction in commit acfe071e (svn
r17229). As suggested in bug 7951, remove this check to allow decryption
for e.g. certificates authentication.
Bug: 7951
Change-Id: I5e98407d0f8dbabac2cdaf632cf0af403192872b
Signed-off-by: Alex Badea <abadea@ixiacom.com>
Reviewed-on: https://code.wireshark.org/review/2297
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also make repetition_coding_indications[] standard terminated.
Change-Id: Ice20e1f27f5ab4d111f893608a230b83899efc9f
Reviewed-on: https://code.wireshark.org/review/2288
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
As far as I can tell these calls were just missed in the first initial pass,
they're not in a weird scope.
Close review from somebody else please to verify that!
Change-Id: Ic3188879124dcb8fdf42e79d200d4f244200aa7b
Reviewed-on: https://code.wireshark.org/review/2266
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found thanks to warning:
** (process:20239): WARNING **: Extended value string 'attributes' forced to fall back to linear search:
entry 53, value 32858 [0x805a] < previous entry, value 32861 [0x805d]
Change-Id: I12396380b42bbcb90dd139775c4b8d0bfdc79972
Reviewed-on: https://code.wireshark.org/review/2273
Reviewed-by: Evan Huus <eapache@gmail.com>
This appears to be a TLV architecture, not sure if the T and L should be broken up and filtered separately. Right now, just filtering on value.
Change-Id: Ic5853d2216b6b5f845587e4b789435bed5fe60ff
Reviewed-on: https://code.wireshark.org/review/2252
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
When a dict structure is passed by GlusterFS, the values are not encoded
normally. We now assume that the GFID in the dict is in network-order,
but this will be incorrect for Big Endian systems. The majority of
Gluster deployments are on Little Endian, and the GFID is displayed
correctly for this case. I am sorry for the few users on Big Endian
Gluster environments, they will see some GFIDs in Wireshark that don't
exist on the Gluster volume.
With this change, it is also made possible to filter on the GFID that is
contained inside of the dict.
Change-Id: I62a265eca34df23a507403397012cf652d43ca54
Reported-by: Vikhyat Umrao <vumrao@redhat.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: https://code.wireshark.org/review/1856
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also remove that function as it is now unused.
Fix what appeared to be a memory leak in the manual address resolution dialog
while in the neighbourhood.
Change-Id: I75128ab0f95e5a7673f92bfeea45191f00581c25
Reviewed-on: https://code.wireshark.org/review/2244
Reviewed-by: Michael Mann <mmann78@netscape.net>
No exceptions can be thrown when loading a key from a file, so it's safe.
Change-Id: I14ee8569bb516fcb45b72f07f76d28ef4b32065c
Reviewed-on: https://code.wireshark.org/review/2243
Reviewed-by: Michael Mann <mmann78@netscape.net>