As clang pointed out we end up storing a reference to it in a global and (more
relevantly) pushing that global to a tap which would run after the current frame
has returned.
Thanks to Alexis for bringing this to my attention.
Change-Id: I3aac43a806d217b0dc8a973f6bb2fa48cdd041bb
Reviewed-on: https://code.wireshark.org/review/3289
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only the former should be run through checkAPI.pl; Windows .rc files,
for example, shouldn't.
Change-Id: I948705b4020b413834c37a0d685eedcb747aa237
Reviewed-on: https://code.wireshark.org/review/3303
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ic7755a7756589167b4fea5cf42a21419f59ecdae
Reviewed-on: https://code.wireshark.org/review/3301
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Iffd5d81dde15eba12511dc89664d7ea06a70436f
Reviewed-on: https://code.wireshark.org/review/3300
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
transfer type in the endpoint descriptor
Change-Id: I9e23d9825efb30311cd3e04d01548c03b163c276
Reviewed-on: https://code.wireshark.org/review/3299
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
... As would be the case if proto_tree_add_text() + proto_item_add_subtree()
were used. (This initialization value is only used when TRY_TO_FAKE_THIS_ITEM()
shortcuts us out.)
As reported/discussed on -dev:
https://www.wireshark.org/lists/wireshark-dev/201407/msg00031.html
Change-Id: I4af63e3cf0a70607d58b4641597b2ce7907fbb8b
Reviewed-on: https://code.wireshark.org/review/3271
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Evan Huus <eapache@gmail.com>
Patch "ssl,dtls: simplify keyfile handling" did not account for the use
case where packets are captured and decrypted on the fly using
SSLKEYLOGFILE.
This patch restores that functionality by reading additional lines from
the keylog file when needed (to preserve the benefit of not having to
read the full file) and by watching the open file for deletions.
"Deletion" is detected by comparing st_dev and st_ino. Since these may
be useless on Windows, the size is also checked.
Change-Id: Ieadaef1426a9270587293db28f4dda33b3d17334
Reviewed-on: https://code.wireshark.org/review/3190
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previously, the keylog file would be fully parsed when an encrypted
pre-master secret is encountered or in the ChangeCipherSpec stage. There
was also a lot of duplication in the key logfile parsing.
This patch simplifies the key logfile parsing by using regular
expressions. Rather than scanning the key logfile for a specific key,
do this scan once at ssl init and save the results to a hashtable. The
map for session ID/tickets to master keys already existed, another one
for client random to master key and encrypted pre-master to pre-master
was added. This could later also be wired to the "Export SSL Keys"
menu item for improved reliability (when no session ID or tickets are
available, the client random could be used).
The ssl_{save,restore}_session{,_ticket} functions have been converted
to a single function that looks up a key (sid / client random / encr.
pre-master) to a (pre-)master secret.
Other minor changes: return booleans for some functions that can only
fail/pass. Remove some functions from the ssl-utils header that have
become private a few commits ago. Remove some outstanding issues
from the comments in packet-ssl as they are already done, add myself
to the ssl-utils header.
These changes pass the test suite and the sample Session Ticket-enabled
capture from https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5963
On-the-fly decryption are broken with this patch since keylog files are
read once at the start of a capture. This will be solved in a future
patch.
Change-Id: Idb343abe161950b5f3ff61bee093d0f4ef9655bd
Reviewed-on: https://code.wireshark.org/review/3057
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also make dissector "new style" using it's already built in basic heuristics.
Change-Id: I8b9b02d1f32cec96a1104c99647795d6fbda4804
Reviewed-on: https://code.wireshark.org/review/3275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Files from the debian directory, documents from the doc directory,
graphics from the docbook/wsug_graphics directory, and the echld
Makefile.nmake.
Change-Id: Iccccc58811753581b0b180053defd937aea22f95
Reviewed-on: https://code.wireshark.org/review/3283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also: remove vestigial line of commented-out code.
Change-Id: Ieb41a0e39a4e0ec14031b1dbd38fc0d7ad47a635
Reviewed-on: https://code.wireshark.org/review/3278
Reviewed-by: Bill Meier <wmeier@newsguy.com>
(Introduced when the ipv4_hash_table key format was changed in 5d98ab67)
Change-Id: Ie5d1314f7c7cc8bc71dca8a2db05e34a0a7776d7
Reviewed-on: https://code.wireshark.org/review/3277
Reviewed-by: Bill Meier <wmeier@newsguy.com>
If it's checked into asn1 or a subdirectory thereof, put it into the
distribution. (If it's not useful, why is it in Git?)
Change-Id: I4dac8a0d19a770db1513729cf71069a37f1d83fc
Reviewed-on: https://code.wireshark.org/review/3276
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Include CMakeLists.txt files and the gnm subdirectory, along with the
top-level Makefile.inc and Makefile.preinc files. Don't explicitly
include Custom.make, as automake does that automatically given that it's
included by asn1/Makefile.am.
Add some files to EXTRA_DIST lists.
Move some .asn files to EXTRA_DIST; they don't need to be in SRC_FILES,
as SRC_FILES always includes EXTRA_DIST, and they *do* need to be in
EXTRA_DIST so that they're in the distribution.
Change-Id: Id91df577260fa57028d40fe098be1d79c59398e6
Reviewed-on: https://code.wireshark.org/review/3273
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Qwindows.dll at least needs to be in the "platforms" subdirectory. Use a
PowerShell script to convert the output of windeployqt to its equivalent
NSIS instructions. Give the Qt DLL manifest a .nsh extension. Make sure
we uninstall known Qt DLL directories. DLLs now load correctly according
to Dependency Walker.
Install and uninstall our .qm files while we're here.
Change-Id: I06ed279809e6fce0e008c5f278a56b1ae34c8f21
Reviewed-on: https://code.wireshark.org/review/3267
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Also use %u instead of %d for these unsigned numbers.
Change-Id: I3d1df3bdcc3c68193b49ba8daf1dc56171356290
Reviewed-on: https://code.wireshark.org/review/3266
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
for the other build systems as well.
Small whitespace fix.
Change-Id: I071ee4ae0fa85306435d2d82d36265973181b71c
Reviewed-on: https://code.wireshark.org/review/3263
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
In 2008, before the OpcUa specification was released, the EncodingMask was changed to include the Locale after the LocalizedText. This commit applies the changes necessary to display DiagnosticInfo correctly.
Change-Id: Iad35ff0557eac62a259a63505ebce3e637095136
Reviewed-on: https://code.wireshark.org/review/3259
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
ssl_print_string uses out->data_len to determine the length of the
printed data, but this was not set. Use ssl_data_set for that and add an
additional DISSECTOR_ASSERT just in case we change something here.
Reported by Alexis La Goutte, found by Clang static analyzer.
Change-Id: I630a9193ff1ece86a0a46924dd86591fedf5c595
Reviewed-on: https://code.wireshark.org/review/3261
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
I intentionally left the fields displayed alone (so they don't exactly match Wireshark GUI), because as Guy points out in bug 6310, not sure its A Bug or A Feature. But at least all types of conversations allowed are in sync with Wireshark GUI.
Bug:6310
Change-Id: I722837df510a39dadc1f9a07a99275509516698c
Reviewed-on: https://code.wireshark.org/review/3212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Note that the cache file (CMakeCache.txt) must be cleared when the
include or library paths change, otherwise the cached result of
CHECK_FUNCTION_EXISTS will be re-used.
Change-Id: Ia18ed4f1b6b162499aeae6e66f612a4945390c2a
Reviewed-on: https://code.wireshark.org/review/3245
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Added a few filterable fields in the process of trying to figure out the macros. Much more can be done to add many more filterable fields (and remove proto_tree_add_text calls hidden in the macros), but that'll be done some other time.
bug:10281
Change-Id: I9788f176c0e721ff4f243d4ecb79d7d0114fffc0
Reviewed-on: https://code.wireshark.org/review/3262
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If we find windeployqt, use it to create a DLL manifest for NSIS.
Fall back to the previous manual lists if we don't. This assumes that
your copy of windeployqt works.
New bug: The Windows installer is huge when using the official Digia DLLs
(around 43 MB for the win 64 package).
Change-Id: I1f662381b7a2c5474595b05177dbdfd3138c7e60
Reviewed-on: https://code.wireshark.org/review/3253
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I81e43fac5176fdd0805001636991efb7f588a3c0
Reviewed-on: https://code.wireshark.org/review/3252
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Icefbaf632e888e84bcb2cc20ae3a6c4744b82fae
Reviewed-on: https://code.wireshark.org/review/3251
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I64bb64787c83ffe712ffd348cceb5449690dd6d0
Reviewed-on: https://code.wireshark.org/review/3247
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Otherwise the call to winqtdeploy will fail if it is not already in the PATH
Change-Id: I74db604a6fd45204bda8d6ac9d9c98c0c12598ec
Reviewed-on: https://code.wireshark.org/review/3218
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
it was overiding the correct one from dictionary.xml
Change-Id: Ic6073a550a15f56584e214eec8bd79057673c25c
Reviewed-on: https://code.wireshark.org/review/3244
Reviewed-by: Anders Broman <a.broman58@gmail.com>