If the mode bit is zero, we have to do different things than if
it is 1.
Change-Id: I5ed8bec1d350c02b736818cad5ab864748145686
Reviewed-on: https://code.wireshark.org/review/24775
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Change the expert info registry to use summary text as field name instead
of blurb to show the correct column header tooltip in custom columns.
Preserve backward compability by not use empty summary text.
Change-Id: Ibbaf142165be0d9f42d1e2476f39f8d251ea0593
Reviewed-on: https://code.wireshark.org/review/24788
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This is valuable when adding a expert info field as custom column,
but will also make sense for other FT_NONE types.
Change-Id: Ib1a14c59a5450f2e713f190aecf3484586d116c4
Reviewed-on: https://code.wireshark.org/review/24787
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change from the text "Yes" to a utf8 check mark to indicate the
precense of a protocol in custom columns.
Change-Id: I9510333fc12148bf1f61aa2ddea2c6d390a9491a
Reviewed-on: https://code.wireshark.org/review/24783
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dissect the Venue URL element. More to come.
Change-Id: I64330b3f90f9f6222df0fb00d3ea277f59424e98
Reviewed-on: https://code.wireshark.org/review/24776
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 14259
Change-Id: Iab6b494bebaa913267f94d41b7950b67dd406cb6
Reviewed-on: https://code.wireshark.org/review/24705
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use the previous recorded version as version and set field as generated.
Bug: 14262
Change-Id: I0872ed826ccd8a5a1b75b071d810404d08ddc7b3
Reviewed-on: https://code.wireshark.org/review/24741
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fields I009/080 were wrongly represented for CAT009. 8 and 16 bit
long fields were represented as 24 bit.
Change-Id: I5bd1c1f006292f58d0290ced80dde22324cb4002
Reviewed-on: https://code.wireshark.org/review/24746
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 14267
Change-Id: I23eb82a2f9bb2d57952f71870cc0fc8f12f036df
Signed-off-by: Anton Glukhov <anton.a.glukhov@gmail.com>
Reviewed-on: https://code.wireshark.org/review/24735
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I395d0c168a6ba2fc8fad85598e6355493b897a7a
Reviewed-on: https://code.wireshark.org/review/24748
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Two settings had the same string "Select the CAT001 version".
One should be CAT002.
Change-Id: Iee6204a1064af786338d1b53c7b983763b985a0c
Reviewed-on: https://code.wireshark.org/review/24745
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have the routines that create them take a pointer to a struct
packet_provider_data, store that in the tvbuff data, and use it to get
the wtap from which packets are being read.
While we're at it, don't include globals.h in any header files, and
include it in source files iff the source file actually uses cfile. Add
whatever includes that requires.
Change-Id: I9f1ee391f951dc427ff62c80f67aa4877a37c229
Reviewed-on: https://code.wireshark.org/review/24733
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have separate packet_provider_data structures and packet_provider_funcs
structures; the latter holds a table of functions that libwireshark can
call for information about packets, the latter holds the data that those
functions use.
This means we no longer need to expose the structure of an epan_t
outside epan/epan.c; get rid of epan/epan-int.h.
Change-Id: I381b88993aa19e55720ce02c42ad33738e3f51f4
Reviewed-on: https://code.wireshark.org/review/24732
Reviewed-by: Guy Harris <guy@alum.mit.edu>
libwireshark now expects an epan_t to be created with a pointer to a
"packet provider" structure; that structure is opaque within
libwireshark, and a pointer to it is passed to the callbacks that
provide interface names, interface, descriptions, user comments, and
packet time stamps, and that set user comments. The code that calls
epan_new() is expected to provide those callbacks, and to define the
structure, which can be used by the providers. If none of the callbacks
need that extra information, the "packet provider" structure can be
null.
Have a "file" packet provider for all the programs that provide packets
from a file.
Change-Id: I4b5709a3dd7b098ebd7d2a7d95bcdd7b5903c1a0
Reviewed-on: https://code.wireshark.org/review/24731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use QTextLayout to draw each line in ByteViewText instead of drawing
fragments ourselves. Build our pixel-to-byte-offset map when we draw our
first line, which should hopefully make it more accurate. This should
fix layout and hover issues on some systems.
Start moving common code to DataPrinter.
Mark prefs.gui_hex_dump_highlight_style GTK+ only.
Bug: 11844
Change-Id: Ifda16ae7dc1a5ea22570c0bfd0eb20cee621bfc9
Reviewed-on: https://code.wireshark.org/review/24717
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Add support for the netlink messages used by userspace conntrack
helpers.
Change-Id: I37d3829399834f578a0ab0f08eab99f119445ff5
Reviewed-on: https://code.wireshark.org/review/24695
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix indentation while we're at it.
Change-Id: If8acaa944fd4c1aae848faa3a99f7566e003e801
Reviewed-on: https://code.wireshark.org/review/24707
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Found by scan-build.
Change-Id: I89b56bac951ccb7054d494592928306a860f9e5e
Reviewed-on: https://code.wireshark.org/review/24697
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't make sure we have the full server entry before trying to dissect
it; that way, a malformed frame that was really too short on the network
(as opposed to being cut short by a snapshot length) will get reported
as such.
Change-Id: Ib7f0d909645a698162ebcd9b3fe8dd2d520983b7
Reviewed-on: https://code.wireshark.org/review/24696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The split isn't necessary now that epan no longer uses the capture_file
structure.
Change-Id: Ia232712a2fb5db511865805518e8d03509b2167f
Reviewed-on: https://code.wireshark.org/review/24693
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Embed one of those structures in a capture_file, and have a struct
epan_session point to that structure rather than to a capture_file.
Pass that structure to the routines that fetch data that libwireshark
uses when dissecting.
That separates the stuff that libwireshark expects from the stuff that
it doesn't look at.
Change-Id: Ia3cd28efb9622476437a2ce32204597fae720877
Reviewed-on: https://code.wireshark.org/review/24692
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the top-level protocol tree item for a server entry cover the
entire entry, rather than just the server name. Have the server name be
just another entry under that top-level item.
Change-Id: I8089f3e132a0f388c87ba04caa3d15f5146c2303
Reviewed-on: https://code.wireshark.org/review/24688
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have cfile-int.h declare the structure, and use it in files that
directly access the structure.
Have cfile.h just incompletely declare the structure and include it
rather than explicitly declaring it in source files or other header
files.
Never directly refer to struct _capture_file except when typedeffing
capture_file.
Add #includes as necessary, now that cfile.h doesn't drag in a ton of
Change-Id: I7931c8039d75ff7c980b0f2a6e221f20e602a556
Reviewed-on: https://code.wireshark.org/review/24686
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As stated in https://tools.ietf.org/html/rfc6388#section-3.2
MP2MP uses the same structure as the P2MP FEC element.
Bug: 13171
Change-Id: Ia619deac6075f5eb27dff2144edbbb60b440cc46
Reviewed-on: https://code.wireshark.org/review/24677
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Fix detection of TDS7 Prelogin responses to have fewer false positives.
This was causing regular responses to be recognized as Prelogin responses if they
happened to begin with a DONEINPROC token.
- Define symbolic constents for the Prelogin options.
- Apply the version_convert processing to the relevant prelogin options as well as
to the loginack_progversion.
- Correct the display of the program version in version_convert.
- Factor out the setting of tds7_version so it can be called from the dissect_tds7_login
as well as dissect_tds_login_ack_token. This is needed to correctly handle tokens
which come before the loginack token in the login response.
- Fix the wording of a comment in my last commit.
Change-Id: I57615bbb1e780db37cda25d8d5d7f964f68b337e
Reviewed-on: https://code.wireshark.org/review/24664
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I1007fdff01b370c06a8ccfb1145fd162ffde9a94
Reviewed-on: https://code.wireshark.org/review/24674
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now also trying to resolve C-RNTIs in FACH from the global RNTIs map
Change-Id: If9ce5b73d6855271c15001fd73d8acaaaf9d1864
Reviewed-on: https://code.wireshark.org/review/24665
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
RXLEV and RXQUAL fields in RSL "Uplink Measurements" use same scale
format (0-63, 0-7) as RXLEV and RXQUAL in RR. RXQUAL value-string is
moved to packet-gsm_a_common.c in order to use it in both protocols.
Change-Id: Idadd9505225353fec76b9605e2045a5222669475
Reviewed-on: https://code.wireshark.org/review/24663
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
While we are at it, let's add a partial dissection of
PLMN-IdentityWithOptionalMCC-r6 IE.
Bug: 14248
Change-Id: I20b76bc74c248914db21629f8ce77799fccb1612
Reviewed-on: https://code.wireshark.org/review/24661
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "Decompressed header" tab contains some human-readable text, but no
field was associated with it. Instead, the fields were attached to raw
compressed headers which, all with the same offset and length.
Ensure that each byte in the decompressed header tab is accounted for.
The only fields that are still pointing to the raw compressed buffer is
the http2.header field (covering a full raw header), the representation
type (a few bits, at most 1 octet) and the index length (guessed length,
an exact value is probably not worth the cpu cycles).
Change-Id: Ic0118e9ed583841a2d353f8b8c28dcafea3401f2
Reviewed-on: https://code.wireshark.org/review/24660
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>