Add support for Generic Framing Procedure. Generic Framing Procedure (GFP)
is used to map octet-aligned variable length payloads (e.g. Ethernet, MPLS,
octet-aligned PPP, IP) into octet-synchronous signals such as SONET/SDH
(ITU-T G.707) and OTN (ITU-T G.709). GFP is a telecommunications industry
standard defined in ITU-T G.7041/Y.1303.
(https://www.itu.int/rec/T-REC-G.7041/)
Bug: 11961
Change-Id: Idf5b311e82b051b1ee65bde5149b3de405537b02
Reviewed-on: https://code.wireshark.org/review/13043
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If we ever need to look at the value of any field in the packet, we
should do it the way we do in the RTP analysis code, rather than walking
the entire protocol tree.
Get rid of an unnecessary extra level of indirection for the filter
string.
Change-Id: Ie95c0171da79e7f24019a3f67396f6a533959881
Reviewed-on: https://code.wireshark.org/review/13046
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead, prime the epan_dissect_t's tree to look for rtp.ssrc, and
extract that value with proto_get_finfo_ptr_array().
Also, have the filter used to check whether the packet is a candidate
for RTP analysis to check for RTPv2 (and add a check for IPv4 or IPv6
back to the Qt version), and get rid of an unnecessary extra level of
indirection for that string.
In the Qt version, if findStreams() set the error string, don't
overwrite it with a "No streams found." indication, and fix error
handling for the "filter didn't compile" case.
Change-Id: I09d0ea37ccd4806d99e3b6394f2a8a376e974705
Reviewed-on: https://code.wireshark.org/review/13045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also protect against any badly registered protocol
Bug: 11958
Change-Id: I0c03f50c2c5478a9524ad06e669510ffb5739b21
Reviewed-on: https://code.wireshark.org/review/13041
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The message system includes mode-transition and alarm events by PLC
programmed blocks. The IDs in the mode-transition events are the same as
used in a SZL response, so I used the same decoding function.
Change-Id: If00990c21190ba0bed7933d6c8cfb590c6d8eab2
Reviewed-on: https://code.wireshark.org/review/13032
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Firstly, when building with autogen.sh and configure script, the
wireshark.pc is not generated at all. Then, due to not matching
names some variables are not being replaced as they should be.
Bug: 11069
Change-Id: Iefa7a9b536f3fee7f9ad78803aaacc5bb64a9c8d
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-on: https://code.wireshark.org/review/13005
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I23806012fc4f7f3a791e380de0c364b5825f8951
Reviewed-on: https://code.wireshark.org/review/13037
Reviewed-by: David Morsberger <dave@morsberger.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Populate packet number on follow HTTP handler.
2. Remove stream navigation (until its a little less buggy). This follows the convention of SSL which runs on top of a stream protocol (TCP), it's not a stream itself, which seems to be why its buggy.
Change-Id: Idf21be2a00a8fde0fbf16f40ca8c36a2a44b8993
Reviewed-on: https://code.wireshark.org/review/13027
Reviewed-by: David Morsberger <dave@morsberger.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(Probably inserted by a script.)
Change-Id: Ibf4e4d84c0c036841971df8dad54a916502d6909
Reviewed-on: https://code.wireshark.org/review/13036
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They're not just addresses, they also include a mask length for IPv4 and
a prefix length for IPv6. Rename them appropriately.
Rename the old ipv4_addr_and_mask() and ipv6_addr_and_mask() to reflect
that 1) they fetch data from a tvbuff and 2) *don't* fetch the mask
length or prefix length, those lengths are passed as arguments to
indicate how many bytes worth of address to fetch.
Change-Id: I4cad5a186ad7bfcb60022a91dbe8bc8479e6471f
Reviewed-on: https://code.wireshark.org/review/13035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
By analogy to ipv4.h.
Change-Id: I147565b332024b1bb88e9cd15889255773d04524
Reviewed-on: https://code.wireshark.org/review/13034
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I3817d12e473b67e26159e1562a08169e91f51d46
Reviewed-on: https://code.wireshark.org/review/13019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Adding Follow HTTP Stream justified some refactoring and code removal.
Change-Id: I9b7ace83f8517e880e78193bb97ac32e3fc91114
Reviewed-on: https://code.wireshark.org/review/13015
Reviewed-by: Michael Mann <mmann78@netscape.net>
This automatically detects and decompresses HTTP along a TCP stream through the use of taps.
Bug: 3528
Change-Id: I8ab832d509700d0da8eabf3c3e514d8511c598d3
Reviewed-on: https://code.wireshark.org/review/13009
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(That should also keep people from deciding that they don't want to
include <wsutil/nstime.h>, but still want to use Wireshark nanosecond
times, and do so by sticking a private incomplete definition of "struct
nstime_t" into the code.)
Change-Id: I94e863fe7083ebba254c3a718b85088a89fb6b7d
Reviewed-on: https://code.wireshark.org/review/13022
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't just define it yourself.
(And especially don't define it yourself if you're already including
epan/ipv6-utils.h.)
Change-Id: I9970d0edecef0c820b2a7fdce34509b54e7b3106
Reviewed-on: https://code.wireshark.org/review/13020
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The TLV length includes the T and the V, so it must be at least 4; fail
if it's not.
If the IPv4 or IPv6 prefix length isn't valid, don't bother trying to
parse the rest of the addresses, just give up.
Don't bother returning offset values that aren't used.
Rename some routines to indicate that they process more than one item.
Add some comments while we're at it.
Change-Id: I6825216f0e7218e230d8d60d958b3c2453a3bb62
Reviewed-on: https://code.wireshark.org/review/13016
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ia799910f72674702c98f146525171d29f1b35432
Reviewed-on: https://code.wireshark.org/review/13006
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reported by Fredrik Lönnman
Bug:11953
Change-Id: Icaff04122e8ed94751ea8aeb4069be2fc2dda52c
Reviewed-on: https://code.wireshark.org/review/13007
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
git can be installed (or the path manually set) so that the msys
unix utilities supplied with git (expecially bash) are on the path
and then picked up by CMake. These utilities are not compatible with
the build and will fail.
This change checks the output of the --version option to the found
executable and ensures "cygwin" is found in the result. If not found
a FATAL_ERROR message is issued and the CMake generation is stopped.
Change-Id: I0eca014ae194862abbc8dee56d347526691e72cb
Reviewed-on: https://code.wireshark.org/review/13008
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Instead of an array of pointers to preference values, have an array
of preference values.
Clean up some white space while we're at it.
Change-Id: Iaa2cf6bcc2a271a5c2645ddbb2dbddba311b413d
Reviewed-on: https://code.wireshark.org/review/13002
Reviewed-by: Guy Harris <guy@alum.mit.edu>
At least with Qt5.5.1 there is no duplicate clang_64 in the qt path.
Change-Id: I2ac66f246b3c9dbe2155ee8394d31e7d560faaf9
Reviewed-on: https://code.wireshark.org/review/13000
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Cleaned up handling of the qualifier field. Sub-parts are now
identified as the prefix and range rather than index and code.
This has changed the field names;
dnp3.al.objq.index -> dnp3.al.objq.prefix
dnp3.al.objq.code -> dnp3.al.objq.range
and the associated packet tree details text strings.
Change-Id: I42d51b71233303eaf8b37982dd15b5090918630b
Reviewed-on: https://code.wireshark.org/review/12998
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Bug: 11949
Change-Id: I625d80ce01918bd050889d21236aaa4cde4af8d0
Reviewed-on: https://code.wireshark.org/review/12961
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Color filters can be seen as a function that takes a tree and display
filters as input and a (possibly empty) coloring rule as output.
This coloring rule is then added to the frame tree and used by the GUI
for coloring the packets list.
From an architectural POV, "coloring" is part of the UI component, but
since it influences the tree, it is something for the dissection
component.
Bug: 5703
Bug: 6099
Change-Id: I73d132ec1dca7262bcb1b55c8481ca564c6161d1
Reviewed-on: https://code.wireshark.org/review/12507
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add #defines for all the value types and use them.
Make the preference static, as it's not used outside this module.
Change-Id: I3ed715701f77d5ea6cc45c8f978d6e2da7b38671
Reviewed-on: https://code.wireshark.org/review/12988
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add #defines for all the value types and use them.
Make the preference static, as it's not used outside this module.
Change-Id: Ibd04274b4160d18a55b10f47ce866ac97a76309e
Reviewed-on: https://code.wireshark.org/review/12987
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We're not allocating colors ourselves in GTK+ (and haven't been doing so
since at least 1.12), and all color_t values are valid colors, so
we don't need any toolkit-specific processing to fill in a color_t.
While we're at it, catch read errors when reading color filter files.
Change-Id: Ieb520d141cf15e371a31a01459d466c95ba2209b
Reviewed-on: https://code.wireshark.org/review/12985
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Now that we're letting GTK+/GDK allocate colors behind the scenes, if it
allocates them at all, there's no reason to save the allocated color in
the toolkit-independent color value.
Change-Id: I99df32bd6b07924f41f3d855d2ddecb3dc8d5201
Reviewed-on: https://code.wireshark.org/review/12983
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That code's been unused since at least 1.12, so apparently it's not
needed. To the extent that it needs to be allocated at all - which is
the case only if a colormap is being used - it's apparently all done
under the covers.
Change-Id: Ib25bfba618b0af4a60ce991a974de1e3f2f89158
Reviewed-on: https://code.wireshark.org/review/12981
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WiX prefers rich text license files. Add an RTF version of the GPLv2. It
was created by converting the "standalone HTML" version of the license at
http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html
to RTF using Pandoc 1.11.
Start splitting CPackConfig.txt into Win32 and non-Win32 sections. Add
a WiX section.
Change-Id: Ifcb233053c8a2158f087b69c69de7df869af65aa
Reviewed-on: https://code.wireshark.org/review/12980
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
uat_fld_tostr_cb_t callback *out_ptr argument is g_mallocated and
is to be freed by the caller so drop constness requirement to fix
the corresponding g_free warnings.
Change-Id: I1be25fa3e2f54fb32058ac0b5c1631b193b07701
Reviewed-on: https://code.wireshark.org/review/12943
Reviewed-by: Guy Harris <guy@alum.mit.edu>