Either pcap_process_pseudo_header() returns -1, in which case we fail,
or it returns the exact same value as pcap_get_phdr_size(). If we don't
fail, don't bother to check whether the values are the same.
Change-Id: I18191cc3de2a1c2144ca9b508ed17b2f593fc835
Reviewed-on: https://code.wireshark.org/review/29879
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Keeping them together might increase the likelihood that all of them get
updated when a new pcap/pcapng link-layer type whose pseudo-header is
first processed here rather than by a dissector.
Change-Id: Ia6f45c38e9530b7c6a53d006fbc01b3040e9a014
Reviewed-on: https://code.wireshark.org/review/29868
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Sort the cases to match the order in other routines.
That turned up a missing case for WTAP_ENCAP_NFC_LLCP, so add it.
Change-Id: I500731322ae93c6d2efc368f16cf468f589910f3
Reviewed-on: https://code.wireshark.org/review/29858
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix JSON generation:
- add lookup table to encode all required control characters (0x00 - 0x1F),
- don't output comma just after opening object in iograph.
Change-Id: Ib53af9c37f4d7785cafc5f9a8d0e71b214c7f349
Reviewed-on: https://code.wireshark.org/review/29852
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Have pcap_read_erf_pseudoheader() do all the work of reading an ERF
pseudo-header.
Add pcap_write_erf_pseudoheader() as a routine to do all the work of
writing an ERF pseudo-header.
Change-Id: If53ae50fcee35a45113ca0f0c64f69848e044cbd
Reviewed-on: https://code.wireshark.org/review/29847
Reviewed-by: Guy Harris <guy@alum.mit.edu>
it is the first release to start to follow IETF QUIC (draft-12)
Update also the heuristic to detect Q044
Bug: 15131
Change-Id: Ieec7d75a2a0a7ab1ddacfb88d86cb9856cd67164
Reviewed-on: https://code.wireshark.org/review/29572
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
RFC 6887 states that options have to be padded to a multiple
of 4 octets. This commit adds missing padding.
Bug: 14950
Change-Id: I68a0631ecdd2f30e24e83b1a6e8dfc55856c9c94
Reviewed-on: https://code.wireshark.org/review/29832
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Put the cases in pcap_write_phdr() into the same order as the cases in
pcap_process_pseudo_header().
Doing so revealed that there wasn't a case for WTAP_ENCAP_NFC_LLCP in
pcap_write_phdr(), so NFC LLCP captures wouldn't be saved correctly.
Add pcap_write_llcp_pseudoheader() and use it.
Change-Id: I2728a96e63d2e0606ae0bb480f97fe124ab48d17
Reviewed-on: https://code.wireshark.org/review/29841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For each pseudo-header type, put a routine to write the pseudo-header
after the routine to read it.
Change-Id: Iffc010c1bf97acc5eb834a388e328ad3c2310351
Reviewed-on: https://code.wireshark.org/review/29840
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not as if 0 means received, 1 means sent, and anything else is
invalid; treat all non-zero values as meaning "sent" when reading, and
write out 1 for "sent".
Change-Id: Iaf5eb327a6b87b893a203475c8730452c51a38e9
Reviewed-on: https://code.wireshark.org/review/29839
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Put all the #defines and structure declarations for a particular
pseudo-header before the function to read the pseudo-header.
Change-Id: I11013ff99d72832f49e9bea56dbc07f5cd8618f3
Reviewed-on: https://code.wireshark.org/review/29838
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That centralizes knowledge of the particular pseudo-header into its read
routine.
Change-Id: I4931d03a20a1b648af3ab6b92a034659c55d1ba3
Reviewed-on: https://code.wireshark.org/review/29837
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Either it's TRUE, meaning sent, or it's FALSE, meaning received. Make
it a gboolean and get rid of the #defines for it. ("Unknown" is handled
by the WTAP_ENCAP_ value not *having* a p2p pseudo-header.)
Change-Id: I650d7213523b49e7531d9555a98cde1be519a294
Reviewed-on: https://code.wireshark.org/review/29836
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For file formats, say "pcap/pcapng" or "pcap and pcapng" instead; this
code handles both formats. Use just "pcap_" in structure types.
Change-Id: I2c0e096855ac3736bbfd72480ed4221b3a2f25d1
Reviewed-on: https://code.wireshark.org/review/29835
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not just for X.25, it's for anything that has the notion of Data
Terminal Equipment and Data Communications Equipment; call it "dte_dce",
not "x25".
Change-Id: I3d51fec8b424e91ffd6d59895f50fc5ece791b08
Reviewed-on: https://code.wireshark.org/review/29834
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We always tell pcap_process_pseudo_header() to check to make sure the
pseudo-header isn't bigger than the captured data; no need for a flag
argument to tell it to do so.
Change-Id: I8310bb06a390a7f4a7a232ad140ae07955d52da1
Reviewed-on: https://code.wireshark.org/review/29833
Reviewed-by: Guy Harris <guy@alum.mit.edu>
gcd95e197ca renamed a bunch of "<proto>.ssl.port" preferences to
"<proto>.tls.port" but neglected to add obsolete entries for the old
preferences. Do so here.
Rename couchbase.tls_port to couchbase.tls.port to be in line with the
other TLS port preferences.
Change-Id: Ie23d6be0a5cb3616f37e41dbfbf13ad1b7206473
Reviewed-on: https://code.wireshark.org/review/29829
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Rename packet-ssl{,-utils}.[ch] to packet-tls{,-utils}.[ch].
Change-Id: I4732162ec131ddf0734b3dd191ccc9e48a76ce06
Reviewed-on: https://code.wireshark.org/review/29659
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Many printf()s generates only key, value is generated by
json_puts_string() or json_print_base64().
Add helper functions sharkd_json_value_string, sharkd_json_value_base64
to generate key with a string, or base64 as a value.
It lower number of printf() from 156 to 105 (32% reduction).
Change-Id: I22901d9759534a4fab7bcdefd66242fd6c5b20cc
Reviewed-on: https://code.wireshark.org/review/29821
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
In the about dialog, create directories within the folders tab
if the user wants them to open and they do not exist yet
Change-Id: Ia95692dabef92392714c329c868abc78e3bcec6e
Reviewed-on: https://code.wireshark.org/review/29782
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Most of sharkd printf()'s are used to output formatted value with given key.
Add two formatting-function helpers: sharkd_json_value_anyf and sharkd_json_value_stringf.
Conversion printf to these function lower number of printf() from 300 to 156 (48% reduction).
Change-Id: Ied538cc5b84d48d942e2140ff6b93969579d6132
Reviewed-on: https://code.wireshark.org/review/29816
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
A funny thing happened on the way to the Frame Relay Forum.
Change-Id: Ia58e55645ab6ee16fb077cde4496c25352c7e08d
Reviewed-on: https://code.wireshark.org/review/29819
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A funny thing happened on the way to the {ATM, MPLS} Forum.
Change-Id: I8159f9191737febe3e5c4618bbb72ecb4bfc300b
Reviewed-on: https://code.wireshark.org/review/29818
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Dissect the ESNI TLS 1.3 extension in CH and EE.
Bug: 14984
Change-Id: I95bb5ef0313aefdab7c09dbeb60556d9574c2a00
Reviewed-on: https://code.wireshark.org/review/29817
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
packet-mpeg-pmt.h is included only by DVB-CI. All it contains is
the definition of a value string for stream types in the ca_pmt.
Move the definition into packet-dvbci.c and remove the include file.
Change-Id: I7d63e49804c936284f6a9c5218e0fd9b4fa469a6
Reviewed-on: https://code.wireshark.org/review/29813
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts commit 5dd0c8daa5.
Reason for revert: As Guy pointed out, Oracle ships a recent version.
Change-Id: I9689dfd0656d95f7ae57ae86c2bea7d09afddc70
Reviewed-on: https://code.wireshark.org/review/29815
Reviewed-by: Gerald Combs <gerald@wireshark.org>