Multiple instances of a single flag from -D/-L/-d/-S should behave like
a single instance of that flag; -D plus -L, for example, is not
supported, but -D plus another -D should be. -k, however, takes an
argument, and we only support one.
Change-Id: I8baced346fbffd75f8d768497213f67bb9a0555f
Reviewed-on: https://code.wireshark.org/review/7723
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix the loop that goes through all the objects to be saved so that it
looks at all the objects to be saved rather than repeatedly looking at
the first object.
When letting the user select a directory in which to save, restrict them
to looking at directories.
QDir doesn't do what we actually want here - QDir.setCurrent() might do
a chdir() but it doesn't appear to set the QDir's path, so when we use
it to construct pathnames it constructs them based on
wsApp->lastOpenDir() rather than the directory the user selected. Use
Boring Old GLib's g_build_filename(), as we do in the GTK+ version, for
now. (It also does something we *don't* want, namely, at least as the
documentation implies, a chdir().)
Bug: 11062
Change-Id: I705292dc2713b9dba615b0d59a4cf8313f357d82
Reviewed-on: https://code.wireshark.org/review/7720
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Add description for attribute type, verification and authentication results
- Fix Certificate Authentication Response
The second signature is optional
- Fix Access WAI Authentication Response
The Multiple Certificate Verification Result field is actually
the content of Certificate Authentication Response :
result plus one or two signature
- FIx CErtificate Authentication request
THe last filed is optional and it is a identity list
bug: 11061
Change-Id: Ia6710046d8d28ca3c53354f7a997a3d76f09373d
Reviewed-on: https://code.wireshark.org/review/7708
Reviewed-by: cedric izoard <cedric.izoard@ceva-dsp.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ida53904b4db1ca982055de267ce6f4fdcedd248b
Reviewed-on: https://code.wireshark.org/review/7701
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
release of all TCH and SDCCH IE
Change-Id: I552c436fe8bea5971863fd7ba023a86aa08f2f0c
Reviewed-on: https://code.wireshark.org/review/7700
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Conveying path setup type in PCEP messages, draft-ietf-pce-lsp-setup-type-00
PCEP Extensions for Segment Routing, draft-ietf-pce-segment-routing-01
Bug: 11046
Change-Id: Ib2ea9a96079324377fa65ef8c3ab37a98f530793
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/7618
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The return of EINTR is not exactly a failure of child process but may be because of any number of reasons. Adding logic to retry to get status of child process.
Bug: 10889
Change-Id: Ic2de7248cb7bd9c801b917c841ce911fb7c17dcc
Reviewed-on: https://code.wireshark.org/review/7669
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icb81649363725c92f94dde5cb28cbba0f6ab5099
Reviewed-on: https://code.wireshark.org/review/7687
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If7cf7ab42ca6a886deb1eab6bc1f391d993e1dad
Reviewed-on: https://code.wireshark.org/review/7677
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I42a06b728d807853d2c9b87a18ed36e1e0321085
Reviewed-on: https://code.wireshark.org/review/7685
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
QTreeView also use timerEvent() to do something... so call its overloaded
method and make CPU happy again.
Bug: 11035
Change-Id: I405c8c2763ae0b96c0483aedcb314a5f259e76a1
Reviewed-on: https://code.wireshark.org/review/7696
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Change-Id: Ifdffdf042908c5b4b25704c56d734e9c942d24f4
Reviewed-on: https://code.wireshark.org/review/7690
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It prevents using an uninitialized variable if sscanf fails
Bug: 11060
Change-Id: I3866d35ae05e8114263fd13a8ccc5e20c3a0d63a
Reviewed-on: https://code.wireshark.org/review/7683
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This should increase user experience.
Change-Id: Id2713e7c5af8ca0f0d87e3ae52542b4f189ace9a
Reviewed-on: https://code.wireshark.org/review/7681
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Change-Id: I2721086221c435d228bf27aef62f9dc5f6d9ee10
Reviewed-on: https://code.wireshark.org/review/7684
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 11051
Change-Id: I04b1f1c852b60182ef7f5405716c0b6733d0f44a
Reviewed-on: https://code.wireshark.org/review/7679
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia0cbb36e9962c762648ead8dddd3bb0a794cec74
Reviewed-on: https://code.wireshark.org/review/7678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previously DecodeAs neither save its changes nor changes dissector tables.
Do that and redissect packets to refresh view.
Bug: 10553
Change-Id: Icd8453c9650f0265852f6b6b58bc483b35570a15
Reviewed-on: https://code.wireshark.org/review/7676
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
A1,A2,A3 and A4 in 802.11 MAC header were not correctly
mapped to SA/TA/DA/RA/BSSID
Change-Id: I050cbb544500d8c3bf3d545f85144ca853079dde
Reviewed-on: https://code.wireshark.org/review/7655
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Idb2d9e070c7f65540ad27b011bd4a3dcaa3dd7e4
Reviewed-on: https://code.wireshark.org/review/7667
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a "test-programs" target to each toolchain which builds each unit
test executable. "test-programs" must now be built before running
the unit test suite.
Change-Id: I9317a1e305d987f244c4bd8b4a7f05d11fed7090
Reviewed-on: https://code.wireshark.org/review/7673
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I123c591cb0eb83b561163119a4b00c616bcd0990
Reviewed-on: https://code.wireshark.org/review/7666
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add packaging/nsis/CMakeLists.txt and use it to generate each NSIS include
file. Add macros to generate packaging-related targets and invoke them
from the top-level CMakeLists.txt.
Add a top-level "plugins" target. Copy plugins to "plugins" in each of
our staging directories instead of "plugins/$VERSION".
Add missing files to the copy_data_files and copy_cli_dlls targets.
Add all files in the NSIS package from the staging directory.
Drop a bunch of no-longer-needed defines, e.g. MSVC_VARIANT.
Change-Id: Ib1079260d164c65118050f1431af8e582cd577fa
Reviewed-on: https://code.wireshark.org/review/6459
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It allows to have "Follow UDP stream" context menu working again
Bug: 11055
Change-Id: I8eae15bfddb45ea033eb8dd2e3f7ca038057421a
Reviewed-on: https://code.wireshark.org/review/7662
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also fix up the hf description to make it clearer (to me) that this frame number is pointing *to* the ACK, not *from* it.
Change-Id: Ic60e949e65f3988f9ac34fff39d4addc28a1fdbc
Reviewed-on: https://code.wireshark.org/review/7658
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It should solve the recent failure seen since gdf164df
Change-Id: If86bff18fcd9157941ea843ad5029c9d0b2f0b32
Reviewed-on: https://code.wireshark.org/review/7659
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Add FT_FRAMENUM_ACK and FT_FRAMENUM_DUP_ACK and set them for
tcp.analysis.acks_frame and tcp.analysis.duplicate_ack_frame. Draw a
single or double check mark in the packet list accordingly.
These are probably specific to TCP, but as it happens there are a lot of
TCP packets.
Change-Id: I35416506419159a79ad8cc2e35f8a14485edfb7e
Reviewed-on: https://code.wireshark.org/review/7568
Reviewed-by: Anders Broman <a.broman58@gmail.com>
To allow future tap interfaces as well as analysis plugins
to use the same definitions the dissector used, all defines
are being separated into a header file
Change-Id: Iec38e361ded46aab6684c2713ba9a047193a6694
Reviewed-on: https://code.wireshark.org/review/7468
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Process wslua/CMakeLists.txt using add_subdirectory instead of
include. Generate files in the build directory instead of the source
directory.
Copy lua scripts to DATAFILE_DIR instead of DATAFILE_DIR/lua. That's
where init.lua looks for console.lua.
Always set WIRESHARK_RUN_FROM_BUILD_DIRECTORY when testing. We
presumably want to test our source files and not files which may or
may not be in the system path.
When we're running from the build directory look for lua scripts in both
the Autotools and CMake build locations.
Change-Id: Ic15ab8c58ff1b170d000c9b3e0a329af2ec44b7b
Reviewed-on: https://code.wireshark.org/review/7590
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
data: the invalid frame number will crash Wireshark.
Bug: 10885
Change-Id: I3ae278b77a9449136fbaaac52f2bbaa8a510bf76
Reviewed-on: https://code.wireshark.org/review/7651
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The capture timer was never enabled on capture start or disabled on
capture stop. This is now implemented.
Bug: 10601
Change-Id: Iae23a952986a2c5dddf92b6ac0d1f1bc1c83719c
Reviewed-on: https://code.wireshark.org/review/7582
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the setUniformRowHeights(true) call in the PacketList
constructor. This means that the packet list now calculates its height
by querying the Qt::SizeHintRole for every item instead of simply
multiplying item_height * number_of_rows.
Implement SizeHintRole in PacketListModel::data so that size
calculations aren't unbearably slow. We don't have any row text until an
item is drawn (via DisplayRole), so items with multiple lines end up
being rendered twice. Note where we make assumptions on line heights.
Although we call gtk_tree_view_set_fixed_height_mode() in the GTK+ UI we
don't have this problem there. GTK+ is apparently less strict about
enforcing row heights.
Bug: 10924
Change-Id: I98e9f4f5f321c2e03f18498e0a7e7556f88792a1
Reviewed-on: https://code.wireshark.org/review/7430
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows for exporting the SSL session keys for captures which were
decrypted using a RSA certificate, but where the server does not support
session resumption.
To avoid frequent reallocations, the expected length is used as initial
string size.
Tested against a nginx server with ssl_session_cache off.
Note that all keys loaded via ssl.keylog_file are exported, not just the
displayed ones!
Change-Id: Ie3a93d3692885502f46442953fa53303d16672d7
Reviewed-on: https://code.wireshark.org/review/7175
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Enable the reliable Magic Hello heuristics by default and dissect
further packets as HTTP2 as well. The weak frame heuristics is still
disabled by default.
Change-Id: I783d036fb6c6d867daedf251a5264fdf3b475447
Reviewed-on: https://code.wireshark.org/review/7615
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I78376c5578ee1f1871260db478a9c0d994f5bd38
RFC6594: Use of the SHA-256 Algorithm with RSA, Digital Signature Algorithm (DSA), and Elliptic Curve DSA (ECDSA) in SSHFP Resource Records
RFC7479: Using Ed25519 in SSHFP Resource Records
Reviewed-on: https://code.wireshark.org/review/7654
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Part 2
Change-Id: I4fa4a48fe047b7231f1cf084d8c798ada15372c5
Reviewed-on: https://code.wireshark.org/review/7607
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
TLSv1.2 gained an additional SignatureAndHashAlgorithm field for fields
marked with the digitally-signed attribute. This was already implemented
before for ServerKeyExchange, let's reuse that.
Note that the SignatureAndHashAlgorithm tree and fields (hash algo,
signature algo) are repurposed in a different context, but since the
structure is the same it is kept like this.
By the way, add support for DTLSv1.2 too. RFC 6347 section 4.2.6
suggests that the implementation is the same (as far as the dissector is
concerned).
Also update the comments and remove the additional "Signature with
client's private key" subtree since the CertificateVerify message has no
other items.
Bug: 11045
Change-Id: I025901b85e607f04d60357ff14187cc13db2ae5d
Reviewed-on: https://code.wireshark.org/review/7650
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris