Change-Id: I22dccb2f2d71897334e11632f4060ccfbf4794ad
Reviewed-on: https://code.wireshark.org/review/10334
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert both the MTP3 statistics and summary. As with the GSM stats this
is mostly untested.
Change-Id: I7af8d5f21c8161dc95f7f2c710f32364b6f6a431
Reviewed-on: https://code.wireshark.org/review/10338
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The close callback was never called because the destructor was never called.
Change-Id: I9f6204858bc5d5e48d0aedc90b0e242ab70e161c
Reviewed-on: https://code.wireshark.org/review/10321
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
As with g3bec655, we need to call columnsChanged (which invalidates
cached column strings) whenever any settings that generate those strings
change. Do so for the time display preferences in the View menu.
Bug: 11429
Change-Id: I71bf1cc0df2800902ecb7b734b8f12ebd85a4de5
Reviewed-on: https://code.wireshark.org/review/10331
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add the current SCTP actions to the telephony menu to match the GTK+ UI.
Change-Id: Ie7471bcbd1a82fe3f203d60f5ea8a72d923f34b9
Reviewed-on: https://code.wireshark.org/review/10332
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Call columnsChanged (which invalidates cached column strings) when we
change our name resolution preferences from the View menu.
Remove the last sorted column tracking from gf19a173 while we're here
(it didn't work properly).
Bug: 11468
Change-Id: I7fea58d702b283028235d023f27ab0336d8643a4
Reviewed-on: https://code.wireshark.org/review/10301
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I353b4fcb3091e731a4b2a68e1932a5abc60c6038
Reviewed-on: https://code.wireshark.org/review/10323
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This currently only works for data frames. A Fixme is in place for
managment frames.
Change-Id: I0a72a9a3e40cf8269856fbbcd97b270af422afa2
Reviewed-on: https://code.wireshark.org/review/10322
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
don't create an expert info under if (tree)
Change-Id: I2c8f90483c434d708a97b621621ca123fc505edc
Reviewed-on: https://code.wireshark.org/review/10319
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
If a pcapng Name Resolution Block has options, they should not screw up the
pcapng reader and cause it to fail to read the file.
Bug: 11485
Change-Id: Ic27cba937b6d93a3d9ed92522ed6b39ae2daeb8f
Reviewed-on: https://code.wireshark.org/review/10307
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
RFC 6282 specifies special handling of the "Length" field in compressed
IPv6 extension headers. However, the Fragment Header does not have a
Length field, so this special handling does not apply - the second octet
should be treated as opaque data, and the header length is always 8
octets.
Bug: 11368
Change-Id: I28fcd66d96f58a5959bb669caf4244afaca9e67e
Reviewed-on: https://code.wireshark.org/review/10231
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Per the spec, it's always encoded in network order (4 separate bytes), and
thus should not be swapped on read.
Bug: 11484
Change-Id: I6a650896b324f42bfd2e05759c84e87ace733372
Reviewed-on: https://code.wireshark.org/review/10304
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
An IDB snaplen of 0 means no limit, so a Simple Packet Block's capture
length should be the same as its encoded packet length in such a case.
Bug: 11483
Change-Id: I8856d6c6a669a0048ea64b3adbd23c37a598431d
Reviewed-on: https://code.wireshark.org/review/10303
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
In CapturePreferencesFrame::updateWidgets() save and restore the default
capture device name because the first call (and only the first call) in
the loop with addItem() triggers on_defaultInterfaceComboBox_editTextChanged()
which unconditionally sets the default name as the first non-hidden device.
Bug: 10965
Change-Id: Ie93f84010a19e8144efa46ce889fb9064979e0e9
Reviewed-on: https://code.wireshark.org/review/9584
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
*Especially* don't stuff the amount of remaining data in a block into an
int that will then be passed to file_skip() as an amount to skip ahead,
as a Really Large Value will turn into a negative value and produce
various forms of bizarre and tricky-to-debug behavior.
Change-Id: I4d0a6b36fe50df84925690ad688a3ab0433ceb17
Reviewed-on: https://code.wireshark.org/review/10299
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Our event loop is nested when we read packets. Disable the main window's
central widget while we're retapping packets in order to minimize the
chance of ending up in an unexpected state while analyzing packets.
Note that we will probably want to disable more of the main window and
do so in other parts of the code.
Change-Id: I68a00fe43d2ac9e7c0749751abd1c10c47155b3b
Reviewed-on: https://code.wireshark.org/review/10293
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
That way, when we check for read errors, we don't run the risk of
thinking we have a read error after we get a write error.
Change-Id: Idb79822d30989b2529433878798c577a76eacca7
Reviewed-on: https://code.wireshark.org/review/10295
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When the user applies a display filter in TapParameterDialog we're about
to start tapping. We need to set the display filter in the main window
but we shouldn't apply it.
Change-Id: I08bed5c7f470f1dbf32817a7d999f09d2c52f168
Reviewed-on: https://code.wireshark.org/review/10287
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
I now read 8.2.4.1.10 "Order field" in 802.11-2012 as saying that, in
management and QoS data frames, the Order bit shouldn't be set for
non-HT, non-VHT frames, so we can just test it for those frame types
without bothering to check the radio metadata to see if the frame is an
HT or VHT frame.
This handles cases where the radio metadata isn't complete, e.g. an HT
frame with a radiotap header but no MCS field.
Handle this for *all* QoS data frames when capturing.
Get rid of the "fixed-length link-layer header" stuff; it's not being
used.
Fix a case where we're appending text to a tree item without a space
separating it from the previous text.
Bug: 11351
Change-Id: I980f5b7509603b0c22c297fddc19434c08817913
Reviewed-on: https://code.wireshark.org/review/10288
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't treat an EOF at the beginning of a frame as an error.
Treat I/O errors as hard errors; treat short reads as an indication that
the file isn't an MPEG-2 Transport Stream file.
Treat the PCR for a given PID not going forward as an indication that
the file isn't an MPEG-2 Transport Stream file.
Bug: 11471
Change-Id: I42b5887049423f8265db9d121d7b5bd388e5b244
Reviewed-on: https://code.wireshark.org/review/10286
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do not retrieve type and code base on the info column content.
Instead store type and code in pinfo structure and retrieve them in sequence analysis tap.
Change-Id: I71cd505d7faf713c2372731495d47b45928a41f8
Reviewed-on: https://code.wireshark.org/review/10280
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Artho <pascalartho@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The GTK+ UI sequentially dissects and caches column strings for all rows
before sorting a column. Do the same in the Qt UI, which can improve
performance considerably.
Don't colorize packets when sorting in the Qt UI unless it's necessary.
When sorting in the Qt UI, let the user cancel the initial packet
dissection. Note that we'll need to replace std::sort in order to
cancel out of sorting.
Use a pre-allocated and pre-compiled GRexex when we prime columns. Note
that we probably shouldn't parse a regular expression there.
Cache the last result of proto_registrar_get_byname.
Note performance hot spots elsewhere in the code.
To do:
GeoIP in packet-ip.c is pretty slow.
Bug: 11467
Change-Id: Ib34038fee08ef0319261faeffc4eca01e52f4bd3
Reviewed-on: https://code.wireshark.org/review/10275
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Disable the main file close and reload actions while we're retapping,
otherwise many of our dialogs will crash.
Disable the TapParameterDialog filter entry while we're retapping. This
keeps us from enabling the "Apply" button when we shouldn't.
Don't prematurely disconnect our signals in WiresharkDialog.
Change-Id: Iaf507eb4503b9c296766f109f2b8c71343263982
Reviewed-on: https://code.wireshark.org/review/10274
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I066b70cfd58f5fb3ffbcb2e238416747d9e7dd57
Reviewed-on: https://code.wireshark.org/review/10269
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch enables validation of response authenticator messages when
the shared secret is known.
The validation can be activated in the preferences.
It implements the validation protocol described in RFC 2865 page 16: Response Authenticator.
When an authenticator is invalid, the information is added in the header information.
It adds two flags for the display filter : radius.authenticator.valid and
radius.authenticator.invalid: since verification is not always possible we use
two flags to determine if the verification has been made or not, in the same way as
udp and tcp checksum validation is implemented.
The Authenticator field becomes a tree, and the value of the flags are visible in
this tree.
Change-Id: I33a664f2265c6248e106cee7904c754089d50445
Reviewed-on: https://code.wireshark.org/review/10216
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
AndersBroman