The protocol is a continuation of the WOW protocol occuring between the
world server and the client (as opposed to the login server and the
client).
The first two opcodes are unencrypted and perform setup for the
encryption.
The encryption was setup in the WOW protocol through SRP6.
Using the session key for encryption like this is not part of the SRP6
protocol.
All other opcodes are encrypted using the session key, which will need
to be deduced first.
Fixes pre-commit warning
"wimax.dcd.dl_burst_profile_multiple_fec_types doesn't match PROTOABBREV"
All the other fields of this dissector use `wmx` not `wimax`.
Fixes a potential buffer overflow issue in string_unescape() with a redesign
to be more robust against invalid input.
It makes use of wmem_strbuf API now.
Closes#17475
Column info is tuned for better readability. It containes CAN ID and Length.
The same applies to protocol item within protocol tree.
Entire packet data (payload) should not be printed to column info by default.
So this behaviour is removed.
We free it, but what wtap_block_get_nth_string_option_value() returns is
what's stored in the block, and it might get freed up out from under us.
Save a copy of it, so that when we free it, we're not double-freeing.
Set `ManifestDPIAware true` in the NSIS installer and uninstaller. Note
that this trades a better appearance on HiDPI displays for some
oddly-sized controls.
Set a minimum width for our admonition graphics. Otherwise some browsers
make them tiny. Fixes#17473.
Fix was done via
420a8a3d7c
which also pulls in upstream CSS fixes.
The following commits removed code that required the following defines,
so remove them:
c0711693ab HAVE_GETOPT_H (Partial; still required by CMake)
2925fb0850 HAVE_MKSTEMPS
0c889d6f5c HAVE_SYS_IOCTL_H
0c889d6f5c HAVE_SYS_SOCKIO_H
0c889d6f5c HAVE_STRUCT_SOCKADDR_SA_LEN
9c5049a80b HAVE_STRUCT_STAT_ST_FLAGS
Per mailing list discussion:
https://www.wireshark.org/lists/wireshark-dev/202107/msg00030.html
Long-term we want to get rid of the wmem_*_scope globals in favour of
passing wmem pools around. Step one is to replace all reasonable uses of
wmem_packet_scope() with pinfo->pool which has effectively the same
lifespan. This converts the TCP dissector as a proof of concept. TCP is
a common enough protocol this should stress-test the idea fairly well.
* The next_byte variable is taken before the pointer moved forward, this lead
to stop parsing get request packets when object is 0. This commit fixes it.
Signed-off-by: Arkady Gilinsky <8351139-ark-g@users.noreply.gitlab.com>
Move those checks out of #ifdef HAVE_LIBPCAP/#endif, as that option is
supported even if we don't build with pcap - it's also used when reading
one file and writing another.
Don't check for pcapng when deciding whether, when reading from an
existing capture file, we can write it with added file comments; check
whether the specified file type supports file comments and, if it
doesn't, report all file formats that do as part of the error.
Introduces two new dissector tables can.id and can.extended_id to enable a
more precise control of subdissectors dependent on the can id which is often
used to identify the the payload.
Since standard CAN IDs and extended IDs can be used in the same network and
their ranges overlap it is necessary to have two different dissector tables.
Existing Decode as dissector table can.subdissector stays as is to prevent a
breaking change. But new dissector tables can.id and can.extended_id get
priority over can.subdissector since they are more specific. Id they get a
match can.subdissector won't be called.
New dissector tables can.id and can.extended_id are accessible in lua scripts
via DissectorTable:add() while can.subdissector unfortunately is not.
For related Discussion see MR !3405
fcntl.h appears to be available on all of our supported platforms,
including Windows. We've also been including it without HAVE_FCNTL_H
guards in a few places (e.g. sshdump.c) without any issues for some
time.
floorl is part of C99.
Don't store the comments in a capture_options structure, because that's
available only if we're being built with capture support, and
--capture-comment can be used in TShark when reading a capture file and
writing another capture file, with no live capture taking place.
This means we don't handle that option in capture_opts_add_opt(); handle
it in the programs that support it.
Support writing multiple comments in dumpcap when capturing.
These changes also fix builds without pcap, and makes --capture-comment
work in Wireshark when a capture is started from the command line with
-k.
Update the help messages to indicate that --capture-comment adds a
capture comment, it doesn't change any comment (much less "the" comment,
as there isn't necessarily a single comment).
Update the man pages:
- not to presume that only pcapng files support file comments (even if
that's true now, it might not be true in the future);
- to note that multiple instances of --capture-comment are supported,
and that multiple comments will be written, whether capturing or reading
one file and writing another;
- clarify that Wireshark doesn't *discard* SHB comments other than the
first one, even though it only displays the first one;
We use some private functions from MIT kerberos:
- krb5_free_enc_tkt_part()
- decode_krb5_enc_tkt_part()
- encode_krb5_enc_tkt_part()
but we already do that for krb5int_c_mandatory_cksumtype(),
which is newer than the above functions.
We use all of them only under HAVE_KRB5_PAC_VERIFY,
so we don't seem to need additional configure tests.
Signed-off-by: Stefan Metzmacher <metze@samba.org>