This change will append "Response in/to" for the messages match
in a conversation, matching sequence number
Response time was also added
Change-Id: Icca12873d7a61b8c83c132af461adeced5e7ce0e
Reviewed-on: https://code.wireshark.org/review/28979
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- 0x2A1F Temperature Celsius
- 0x2A20 Temperature Fahrenheit
- 0x2A2F Position 2D
- 0x2A30 Position 3D
- 0x2A3A Removable
- 0x2A3B Service Required
- 0x2A3C Scientific Temperature Celsius
- 0x2A3D String
- 0x2A3E Network Availability
- 0x2A57 Digital Output
- 0x2A59 Analog Output
Change-Id: I0c5bc4ba368c26edd600730ed62990abc9f4f1f9
Reviewed-on: https://code.wireshark.org/review/28956
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is useful when processing packets that were captured by multiple radios on the same channel.
Change-Id: I9dacc35294a4ed4e817014e563e7c9a54ee05e40
Reviewed-on: https://code.wireshark.org/review/28843
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Export the PDUs in the following cases:
- When sctp.ulp_dissection is FALSE
Not having to dissect the upper layers greatly improve exporting speed.
Previously no PDUs were exported becuase without dissection the upper
layer name was not available. Now in this case the exported_pdu.tag is
set to sctp.ppi or sctp.port table and the corresponding ppi or port
is also set in the exported_pdu.this_table_val.
- When the upper layer can't be dissected but at least one of the
payload_proto_id, destport or srcport is not 0
Refactor and move the common parts in a dedicated functions.
Change-Id: Ie5073a5c7603e11c4a5703118fd81ac25bd924e9
Reviewed-on: https://code.wireshark.org/review/28933
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This fixes the following asserts
#2 0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e11f90 "/home/vasko/sources/wireshark/epan/print.c", line=598, func=0x7ffff4e12e20 <__func__.18585> "proto_tree_write_node_pdml",
message=0x555555aaab70 "code should not be reached") at gtestutils.c:2532
#3 0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
#2 0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e11f90 "/home/vasko/sources/wireshark/epan/print.c", line=983,
func=0x7ffff4e12e40 <__func__.18697> "write_json_proto_node_hex_dump", message=0x555555aac9d0 "code should not be reached") at gtestutils.c:2532
#3 0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
#4 0x00007ffff39a8f87 in write_json_proto_node_hex_dump (node=0x7fffdc86e550, data=0x7fffffffce60) at /home/vasko/sources/wireshark/epan/print.c:983
#2 0x00007ffff0d270f3 in g_assertion_message (domain=0x0, file=0x7ffff4e12010 "/home/vasko/sources/wireshark/epan/print.c", line=1299,
func=0x7ffff4e12ef0 <__func__.18804> "ek_write_hex", message=0x555555aac290 "code should not be reached") at gtestutils.c:2532
#3 0x00007ffff0d8015e in g_assertion_message_expr () at gtestutils.c:2555
#4 0x00007ffff39a9a32 in ek_write_hex (fi=0x7fffdc86e4e0, pdata=0x7fffffffce90) at /home/vasko/sources/wireshark/epan/print.c:1299
Change-Id: I48a7e87863fb6708cd668582a240e5ba71d1b5a0
Reviewed-on: https://code.wireshark.org/review/28891
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In CI environments with no capture driver, the test_tshark_dump_glossary
test could fail because "tshark -G decodes" contains an error message.
Postpone the check until the moment where a capture is actually started.
It also no longer shows with tshark -L, -D, --version, etc.
Change-Id: I6674c6fe007c99576c777a025cd44b3f2e594b59
Reviewed-on: https://code.wireshark.org/review/28966
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix the digit check, testing a pointer as character is an error.
Change-Id: I1ce2898dd1cca0b61bb2da342c81bc648fdb1cf2
Fixes: v2.9.0rc0-1356-g51c6fde9c7 ("AT: Distinguish between numeric and textual CME errors")
Reviewed-on: https://code.wireshark.org/review/28962
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Parse both commands and responses, including a call to GSM SIM dissector
Change-Id: I39624a1a088066aae6eb1e6fd61d4f73821b2345
Reviewed-on: https://code.wireshark.org/review/28959
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The altitude value presented is the value converted into feet.
Instead, as the label suggests, the value should be presented
as a flight level. Change the conversion as such.
Bug: 15030
Change-Id: I131f6b586c6b1f59090f93862ea13b117403c502
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/28961
Reviewed-by: Marko Hrastovec <marko.hrastovec@gmail.com>
Tested-by: Petri Dish Buildbot
Re-enables AES-NI support and provides XTS mode and Blake2 hash support.
Based on Debian Buster packages with stripped binaries,
libgcrypt-mingw-w64-dev 1.8.3-1 and libgpg-error-mingw-w64-dev 1.32-1
Change-Id: Iace616926d3c8c22c92e60bdbd6346826f91db59
Reviewed-on: https://code.wireshark.org/review/28943
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The initial proxy bypass check can take a lot of time (14 seconds).
Cache the instance to make subsequent downloads faster.
Change-Id: I3ccb99d245e0127f03d9b022d10f9ce4a89018d2
Fixes: v1.99.6rc0-344-ge3785f7aff ("win-setup.ps1 Make setup script aware of proxies")
Reviewed-on: https://code.wireshark.org/review/28953
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Leftover description form the BT-HFP dissector was classifying the DTE as an
Audio Gateway, which isn't always the case.
Change-Id: If6f916026bce00dc8783d95f48e449ffa9951d37
Reviewed-on: https://code.wireshark.org/review/28960
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to 3GPP TS 04.08, section 10.5.2.49, the APDU Flags field
is coded together with APDU ID, and occupies bits 1-3 (mask 0x70):
0 1 2 3
S T F L
. . . * Last Segment
. . * . First Segment
. * . . C/R, if L=0 only, otherwise spare and set to 0
* . . . Spare (0)
Instead of parsing all bits together as a set of integer values,
let's parse each flag individually. Moreover, the previous
definition was missing some possible bit combinations, so
this change also fixes that problem.
Change-Id: Id71fae9ef06572c1ad17aafe0be3dfb66e081b7d
Reviewed-on: https://code.wireshark.org/review/28948
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Return color-filter bg/fg colors for single frame if requested.
Also return marked/ignored fields for frame.
Change-Id: I4480b733f54991c72bea1664fa6e7337812e6231
Reviewed-on: https://code.wireshark.org/review/28304
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
According to 3GPP TS 04.08, table 9.1.53.1, Application Information
message has two mandatory fields encoded in a single octet:
- APDU ID (section 10.5.2.48) M V 1/2,
- APDU Flags (section 10.5.2.49) M V 1/2.
For some reason, they were dissected incorrectly:
GSM A-I/F DTAP - Application Information
Protocol Discriminator: Radio Resources Management messages (6)
.... 0110 = Protocol discriminator: Radio Resources Management messages (0x6)
0000 .... = Skip Indicator: No indication of selected PLMN (0)
DTAP Radio Resources Management Message Type: Application Information (0x38)
APDU ID
.... 0000 = APDU ID: RRLP (GSM 04.31) LCS (0x0)
Missing Mandatory element APDU ID, rest of dissection is suspect
[Expert Info (Error/Protocol): Missing Mandatory element APDU ID,
rest of dissection is suspect]
[Missing Mandatory element APDU ID, rest of dissection is suspect]
[Severity level: Error]
[Group: Protocol]
APDU Flags
0000 .... = APDU Flags: Unknown (0x0)
APDU Data
[...]
Change-Id: Ibb248104289da8e602ac15da15ae9e8eadb42c42
Reviewed-on: https://code.wireshark.org/review/28947
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The min length was increased to 8 in d9c70acaf4 but there are valid 7
bytes long RANAP messages that are not recognized by the heuristic
function. Revert the value to 7 as in 482a3cd1f1
Change-Id: I5096cd905c24c87dccbc2aa4bbdccc7b0febead7
Reviewed-on: https://code.wireshark.org/review/28945
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
These messages are defined in [0], and are used in some deployed
products already.
[0] https://tools.ietf.org/html/draft-kouvelas-lisp-map-server-reliable-transport-04
Change-Id: Idfbc777175c1596d3e0fa1df39602a68ee1c488f
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/28503
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
253 (8 direct, 245 indirect) bytes in 1 blocks are definitely lost in loss record 87 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xBC4B3C5: g_malloc (gmem.c:99)
by 0x13E225: exp_pdu_open (tap_export_pdu.c:128)
372 (40 direct, 332 indirect) bytes in 1 blocks are definitely lost in loss record 88 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xBC4B3C5: g_malloc (gmem.c:99)
by 0xBC62FF6: g_slice_alloc (gslice.c:1025)
by 0xBC16984: g_array_sized_new (garray.c:194)
by 0x13E143: exp_pdu_open (tap_export_pdu.c:93)
Change-Id: I24a3cec1dc4491032232c282b01fea04a23872b3
Reviewed-on: https://code.wireshark.org/review/28934
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
reported by Donn Lee
Bug: 15026
Change-Id: I54bb65338a22c3d9cb691618baeb011a869182d3
Reviewed-on: https://code.wireshark.org/review/28939
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Variable units is shifted two times,in proto_tree_add_item_ret_unit and
again in the dissector.
Change-Id: Ia93bfe59730a7634201de26b37dcc8111515eea5
Reviewed-on: https://code.wireshark.org/review/28931
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The implementation of wmem_strsplit() has changed to behave like
g_strsplit(), and this affects splitting strings starting with the
delimiter. Update URI Path splitting for the new behaviour.
Ping-Bug: 14980
Change-Id: Id50cca24861b6d0969077e604ea199d864a9036c
Reviewed-on: https://code.wireshark.org/review/28930
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
- Ethernet line LSP encoding (RFC 6004)
- flexi-grid label (RFC 7699)
- codepoint for network-assigned label (RFC 8359)
- clean-up and bug fixes on ERO/RRO/XRO
- full support of RFC 8001, including error code
Change-Id: I3fadc59f6a3a8e5dc12f319073472324702f9aa1
Signed-off-by: khalifaND <khalifa.ndiaye@orange.com>
Reviewed-on: https://code.wireshark.org/review/28741
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Avoid passing an uninitialized "raw" pointer to "proto_tree_add_item".
Change-Id: Ic7d3542b4aa5650f452aad7ac3b783769cb44eb7
Reviewed-on: https://code.wireshark.org/review/28922
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Put base64 decoded data on top level tree. Set COL_PROTOCOL and
add label to COL_INFO.
Change-Id: Iea68523c9b2cee0f62fd86510c216b9c00f39f2a
Reviewed-on: https://code.wireshark.org/review/28921
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
About 90 commits so far have a newline after the "Bug" tag. That breaks
the issue tracker integration and tools such as git-interpret-trailers,
so ensure that such blank lines are removed.
Change-Id: Ib73e0ab1bbf99c8c200e74a03facc5d359c82436
Reviewed-on: https://code.wireshark.org/review/28828
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That squelches warnings if C++ compatibility is being checked.
Change-Id: Ia3dd9852df0fbf6353a84d299a385ef63c9f1acd
Reviewed-on: https://code.wireshark.org/review/28920
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do some renaming.
Change-Id: If8fa85370014f9618df38d97048dd1c52a4c389f
Reviewed-on: https://code.wireshark.org/review/28918
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's just a hack for "raw BER data" files, giving them a file name that
includes the OID to use for the syntax. For RFC 7468 files, the syntax
is determined from the label in the pre-encapsulation boundary.
Change-Id: Ia656f20f123d2c6a85041f83714a3a1cfefb70b1
Reviewed-on: https://code.wireshark.org/review/28916
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Only put otherwise-undissectable BER data under that item.
That removes an extra layer that needs to be opened up.
Change-Id: I6b025a782ff7199c84bad46160c7c286e79b0580
Reviewed-on: https://code.wireshark.org/review/28915
Reviewed-by: Guy Harris <guy@alum.mit.edu>