Added the SAP Diag dissector protocol from [SecureAuth's plugin](https://github.com/SecureAuthCorp/SAP-Dissection-plug-in-for-Wireshark/blob/master/src/packet-sapdiag.c).
This is a dissector that implements the Diag protocol. Decompression of packets is not considered as this requires the proprietary LZC/LZH decompression routines still pending to be added in #8973. The Diag packets can be wrapped in an SNC frame, in which case the respective dissector is called. Embedded RFC calls are disabled as this requires the respective dissector to be found, which will be submitted in a separate merge request.
Details about the protocol and example requests can be found in [pysap's documentation](https://pysap.readthedocs.io/en/latest/protocols/SAPDiag.html).
If the server greeting and login packets weren't part of the captured packets we assume various capabilities were not set. This MR tries to make a better guess in those cases to allow dissection to work in most cases.
update r2_ap_capa_flags (epan/dissectors/packet-ieee1905.c):
- rename
- hf_ieee1905_basic_service_prio_flag ==>
hf_ieee1905_ctag_service_prio_flag
- hf_ieee1905_enhanced_service_prio_flag ==>
hf_ieee1905_dpp_onboarding_flag
- add new flag hf_ieee1905_traffic_separation_flag:0x08
used by r2_ap_capa_flags
- update hf_ieee1905_r2_ap_capa_flags_reserved:0x07
as defined by Wi-Fi EasyMesh™ Specification Version 5.0 :
17.2.48 Profile-2 AP Capability TLV format
Length encoded integers were:
- Reported as `mariadb.prefix` and `mariadb.length` but were not specific to MariaDB specific protocol features.
- These were reported in the UI as "Length" and "Prefix" and were in many cases the same as 1 byte integers are very common.
- These were often duplicating things like `hf_mysql_connattrs_length`, `hf_mysql_connattrs_name_length`, etc which meant that the same length was often reported 3 times in the interface.
Parse Multi-AP Extension subelement flags:
- Profile-1 Backhaul STA association disallowed.
- Profile-2 Backhaul STA association disallowed.
defined by Wi-Fi_EasyMesh_Specification_v5.0.pdf / Table 14
SpeexDSP is now required.
Update the required cmake and glib versions.
Our CMake build process now expects a C++ compiler to always be present,
so require it even if not building the GUI.
Only default to Qt 6 on distributions where we know we have it,
otherwise default to Qt 5 for now.
Update the required RPM version to 4.13 (which all distributions that
can currently build have) to ensure we have Boolean dependencies.
Use Boolean dependencies instead of checking the distribution, hopefully
to improve building on various other RPM-based distributions.
Redefine the cmake_install macro on SUSE to what is used on RH/Fedora.
The default SUSE macro calls the builder (make or ninja) insted of
cmake --install, which makes it difficult to pass options.
Remove tests and workarounds for RHEL 7, and SUSE < 15.2, since those
distributions are too old to build anyway.
Remove a workaround for an old broken librotli-devel package in
SUSE that's been long since fixed.
Keep name resolution information as mandatory elements for
NRBs, and when the ipv4 or ipv6 callback is set, have name
resolution entries from already read NRBs sent to the callback.
rescan_packets can use this when redissecting to reobtain the
name resolution entries from the NRB, similar to what is done
with Decryption Secrets Blocks. (This can also later be used
if we read NRBs and DSBs in pcapng_open before the first packet,
and before the callbacks are set.)
This doesn't yet make the changes to wtap_dumper to write them out,
but is a step towards that too. (It's not clear in cases where we
dissect packets whether we want to copy the entire NRB, or only
write out actually used addresses as done now. For copying without
reading a file, like with editcap, we presumably do want to copy them.)
Fix#13425. Ping #15502
packet-bgp.c hf_bgp_ls_tlv_te_default_metric_value : - filter 'bgp.ls.tlv.te_default_metric_value' appears consecutively - labels are 'TE Default Metric (old format)' and 'TE Default Metric'
packet-bgp.c:4026 proto_tree_add_item called for hf_bgp_mcast_vpn_nlri_source_as - item type is FT_UINT16 but call has len 4
packet-bgp.c:4095 proto_tree_add_item called for hf_bgp_mcast_vpn_nlri_source_as - item type is FT_UINT16 but call has len 4
The personal extcap folder $XDG_CONFIG_DIR/wireshark on Linux is
inconsistent with the global extcap folder (lib/wireshark/extcap)
and personal plugins folder (.local/lib/wireshark/plugins) and also
the configuration folder should not contain architecture-specific files.
The extcap personal folder is changed from:
.config/wireshark/extcap
to:
.local/lib/wireshark/extcap
Do not add a dependent frame if it's already been added to a
frame's list. Do not mark a frame as a dependent of a displayed
frame if we've already marked it as such in this pass.
Clear the list of dependent frames if we reset the frame data,
because the list of dependent frames depends on the dissection
and may not be valid if redissecting (because, for example,
a reassembly preference may have changed.)
Move the pointer to the list of dependent frames away from the
bitfields to a location that minimizes the struct size.
Fixup f870c6085dFix#18809
Instead of having AUTHORS.src and copying that to a new AUTHORS
file with git log information appended to that have a single
AUHTORS file and update it in place with git log info.
QItemSelectionModel tracks both the selected index and the
current index.
PacketList redraws when the *selected* index changes, not
the current index. Clearing the current index, and then marking
the same packet as selected and current fires currentChanged but
not selectionChanged. So drawCurrentPacket needs to call
clearSelection(), not clearCurrentIndex(), in order to trigger
a redissection of the currently selected packet and update
the packet details.
For example, if you mark or unmark the currently selected frame,
this causes the packet details to update. Cf 52955b9c43,
which fixed the same issue but for Find Packet.
Fix#14330.
Samuel Wein