Change-Id: Ic5a3653cb8bcc33e0be108c8b201567e7090f9f5
Reviewed-on: https://code.wireshark.org/review/33043
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I5326b87784817fb353329e2d686fe0515c32f6cb
Reviewed-on: https://code.wireshark.org/review/33038
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
The string type is the default in elasticsearch, then there is no
need to put those entries in the mapping report. This shortens a lot
the list.
Small indentation fix, while here.
Change-Id: If304d409a3ee2c30f24b5de4d90be522bbfae41e
Ping-Bug: 15719
Reviewed-on: https://code.wireshark.org/review/33053
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Show PDO version of PRes in the same way as we do it for PReq.
Change-Id: Ib433ade6cfedfcf74e9886bcfc8eba08dcddb588
Reviewed-on: https://code.wireshark.org/review/33062
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Include undecoded data expert info for partially dissected Audio Streaming
descriptors.
Ping-Bug: 15503
Change-Id: I93f03dea42af11b3fd4ab684766c26335bc08e57
Reviewed-on: https://code.wireshark.org/review/33063
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissect Output Terminal descriptor only when the version is supported by
the dissectr (1 or 2).
Ping-Bug: 15503
Change-Id: Icc64f8288c9917b5b7c3dfd88fe8a6d591d64dcd
Reviewed-on: https://code.wireshark.org/review/33061
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissect Input Terminal descriptor only when the version is supported by
the dissector (1 or 2).
Ping-Bug: 15503
Change-Id: I98bc5d52c4b0a7849c48e2e7f9d9e36f5ef254cf
Reviewed-on: https://code.wireshark.org/review/33057
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I8443379d23a2946dd21c12e5e0bd5464ab73ca25
Reviewed-on: https://code.wireshark.org/review/31857
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Those routines exist on both Windows and UN*X, but they don't do
anything on UN*X (they could if it were ever necessary).
That eliminates some #ifdefs, and also means that the gory details of
initializing Winsock, including the Winsock version being requested,
are buried in one routine.
The initialization routine returns NULL on success and a pointer to a
g_malloc()ated error message on failure; report the error to the user,
along with a "report this to the Wireshark developers" suggestion.
That means including wsutil/socket.h, which obviates the need to include
some headers for socket APIs, as it includes them for you.
Change-Id: I9327bbf25effbb441e4217edc5354a4d5ab07186
Reviewed-on: https://code.wireshark.org/review/33045
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The MQTT documentation states "The Payload contains the Application
Message that is being published. The content and format of the data
is application specific."
Bug: 15738
Change-Id: Ie9d603049821fd7fe73add675a95245d5f27e0b0
Reviewed-on: https://code.wireshark.org/review/33020
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
It was a bad idea to bring back the border around inactive+selected packet
list items in g009283a6 because it will move the text some pixels down.
Revert this part because we now have support for customize the colors.
Remove the old "style_inactive_selected" handling because it has no effect.
Change-Id: I7599591a957a11d42964f7dc0981411cf3b28b4f
Reviewed-on: https://code.wireshark.org/review/32964
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
We only need to call WSAStartup and WSACleanup once, so do so. If we
encounter an error, report it using win32strerror.
Use win32strerror instead of FormatMessage in cap_open_socket.
Change-Id: I59868d6baecb1dfc98946dc68c2346b79436d2c7
Reviewed-on: https://code.wireshark.org/review/33044
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It prevents format checking; use "%s" as the format string.
Change-Id: Ic05ed64f4b2b6c243f072b0b306e0e06aa1eb3fd
Reviewed-on: https://code.wireshark.org/review/33041
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Generalise Audio Control subclass dissection to include undecoded data
expert info not only when the whole subtype is unknown, but also when
the descriptor was only partially dissected.
Ping-Bug: 15503
Change-Id: Id9d2d9c172e7c649a44290159cb74a9dfaab746c
Reviewed-on: https://code.wireshark.org/review/33037
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make sure we link each application that calls WSAStartup with ws2_32.lib.
Pass version 2.2 to WSAStartup. Wikipedia says it was introduced in 1996,
so we should be OK.
Ping-Bug: 15711
Change-Id: I431839e930e7c646669af7373789640b5180ec28
Reviewed-on: https://code.wireshark.org/review/33033
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
"initial_version" might not contain a valid QUIC version if the initial
packet is used to trigger version negotiation. This was observed with
quiche (on draft -18) which uses 0xbabababa. Change heuristics to detect
the new format instead.
Bug: 13881
Change-Id: I8f1dc466575f37a27ee579a6e3dd38e154c3fa5d
Reviewed-on: https://code.wireshark.org/review/33032
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
In ws_pipe_wait_for_pipe() on Windows, the WaitForMultipleObjects() waits
on the pending pipe connection events and process handle. If the process
handle is signalled, then it means that the process did exit without
connecting to the pipes.
The WaitForMultipleObjects() was not waiting on the process handle and thus
if the process did fail without connecting to pipes the Wireshark gui was
frozen for 30 seconds.
This change fixes the freeze by increasing the number of handles, so
WaitForMultipleObjects() is aware of the process handle.
Change-Id: Id13824a60baf4be7795cbe1d5ed1c7932edbff45
Reviewed-on: https://code.wireshark.org/review/33028
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The libpcap library on Windows can fill error buffer with localized
message obtained from system. The localized message is encoded in active
code page and can contain non-ASCII characters.
Bug: 15715
Change-Id: I7451c6831ae83503ddeb5314e172c76f3dab500e
Reviewed-on: https://code.wireshark.org/review/32993
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The functions loaded from dll are prefixed with "p_".
Use the dll functions where appropriate.
Change-Id: I7cf2c7dc0d04502fa7f922ca2822808bdc02f324
Reviewed-on: https://code.wireshark.org/review/33010
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do not fully trust the output from neither pkg-config nor pcap-config.
These tools might provide bogus output. Instead, use their outputs as
hints to let CMake find the correct include and (static) library paths.
Correct some variable names (PCAP_STATIC_LIBRARIES and PCAP_INCLUDE_DIRS
*must not* be the result of find_path/find_library) and ensure that an
empty include directory from pkg-config does not result in an empty
PCAP_INCLUDE_DIRS variable that would break the build.
Change-Id: If3de90fb497d8163d92e4fe190a227159f0b6acb
Fixes: v3.1.0rc0-645-gc602119bcf ("Use pkg-config if possible; if not, use pcap-config if present.")
Reviewed-on: https://code.wireshark.org/review/32999
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
First try finding libpcap with pkg-config. If that fails (either because
the system doesn't have pkg-config or because it does but there's no .pc
file for libpcap), check for pcap-config and, if it's present, use that,
otherwise fall back on manually searching for it.
Pick up the code from tcpdump's FindPCAP.cmake.
Change-Id: I87963aaa7cccac0b5cd942f48eb5d08779695f92
Reviewed-on: https://code.wireshark.org/review/32992
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add extra fields to display the components of the layout
nfl_util for the files layout type. These components include
whether the layout is dense or sparse, whether the client
should send the commit to the metadata server or data server
and lastly the stripe unit size.
Change-Id: I8c054c68353eb5bd711b2f95d8dcf74ecc2aab03
Reviewed-on: https://code.wireshark.org/review/32952
Reviewed-by: Anders Broman <a.broman58@gmail.com>
proto.h:853:5: warning: declaration is marked with '\deprecated' command but does not have a deprecation attribute [-Wdocumentation-deprecated-sync]
proto.h:866:5: warning: declaration is marked with '\deprecated' command but does not have a deprecation attribute [-Wdocumentation-deprecated-sync]
Change-Id: I50a462c7a05f36ba60484980fd8ae9026effc047
Reviewed-on: https://code.wireshark.org/review/32922
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I9b0c6b118b5f866abc969a437bbd9b9a28271bf0
Reviewed-on: https://code.wireshark.org/review/32841
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The easiest way to trigger the crash was to forget the {display=...} in the
extcap config value sentence.
This change fixes the crash by simply ignoring invalid value sentences.
Bug: 15668
Bug: 15728
Change-Id: I2f41682460c3e08fa766046949f013247bc0a846
Reviewed-on: https://code.wireshark.org/review/32984
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When a stream index is explicitly given (as is done for items from the
Conversations statistics dialog), it does not have to query the stream
index from the packet list. Skip checking the packet list then.
Bug: 15672
Change-Id: I3f79e6a0997726535c38f9766b894b042ffbf916
Reviewed-on: https://code.wireshark.org/review/32972
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When extcap is started for capture, the argument call is appended to extcap
commandline if the associated value is not empty or the argument is boolflag.
Unfortunately such rule did not apply when constructing the arguments list
for selector reload action. This could lead to extcap being called with
the argument calls without required values (eg. multicheck, selector, string).
This change makes the --extcap-reload-option selector to not contain argument
calls for which the value is not available.
Bug: 15725
Change-Id: Ic2456c03b3eb7c7525d19e64ea02afd99ed5f6cb
Reviewed-on: https://code.wireshark.org/review/32967
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
IEC 60870-5-101 is the traditional serial version of '104. The headers are different but the ASDU dissection is identical.
Changes made to the '104 dissector to accommodate '101 are as follows:
- Added in a new protocol dissector 'iec60870_101'. This dissector handles the '101 header and calls the ASDU dissector when required.
- The existing '104acpi' dissector has been renamed to 'iec60870_104' to better align with the '101 addition
- The '104asdu' protocol has been renamed to 'iec60870_asdu' in order to make it more generalized between the two variants. Updated variable names and display filter fields as needed.
- 3 preferences exist in the iec60870_101 dissector to allow for configurable length of the COT, ASDU Addr and IOA fields. These are fixed their max length in '104 (2, 2 and 3 octets respectively) but are configurable in '101.
- The ASDU dissector has been modified to accept a data parameter that contains the fixed/configurable lengths of COT, ASDU Addr and IOA fields.
Bug: 15688
Change-Id: Ib0c918a40d24967caa8588067fa9e9a240af4ca5
Reviewed-on: https://code.wireshark.org/review/32802
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When gathering our dependencies, work around an issue with libbrotli's
install name similar to what we do with libssh.
Bug: 15730
Change-Id: I571746848e3343d81c286be66f6fe6510c698d6f
Reviewed-on: https://code.wireshark.org/review/32990
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It looks like PSIDs have a maximum length of 4 bytes. If we encounter an
invalid PSID, add an expert item to the tree and return.
Bug: 15604
Change-Id: I74e45a56bb0322d4ef95f87a5e2a11c32f43f00a
Reviewed-on: https://code.wireshark.org/review/32986
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Creating Job Object named "Local\Wireshark child process cleanup"
results in the job being shared between all Wireshark instances run
within a single session.
When two or more Wireshark instances were running, debug message appeared:
"Could not assign child cleanup process: Access is denied. (5)"
As the child process was not assigned to a job, it was possible that the
child process was still active even after Wireshark did terminate.
This fixes the issue by creating unnamed job object which is not shared.
Change-Id: I59adc2aacff0151802163f155d68cbc8022c1479
Reviewed-on: https://code.wireshark.org/review/32985
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Even though the three route subobjects type values overlap (mostly),
the range for RRO subobjects is not limited by an l-bit. For regular
type values this makes no difference, there is a difference for the
private subobjecs of an RRO. With the restriction on type value in the
code the private subobjects of RRO could never be reached.
Removing the type value limitation for RRO solves this. While at it
remove the superfluous rsvp class check for these high type values.
Change-Id: I63941085919902ab74f4b4b7ea74b2d362512da6
Reviewed-on: https://code.wireshark.org/review/32969
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
It's not used unless we have either zlib or libbrotli, so don't define
it if we have neither of them. This fixes no-zlib/no-libbrotli builds.
Change-Id: I97358c9197a2ab789f85498cc4e40d301ecb792d
Reviewed-on: https://code.wireshark.org/review/32975
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris