The SubSwitch field holds bit 7-4 of the 15bit port address, but
it holds it in bit 3-0 so we have to shift it 4 bits instead of
taking bit 7-4 of the SubSwitch field.
Change-Id: I7841d64749e8a561e4ee928a23a3c46cb5be34cb
Signed-off-by: Erwin Rol <erwin@erwinrol.com>
Reviewed-on: https://code.wireshark.org/review/35910
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This will be used in order to decrypt DCERPC messages with
header signing.
Change-Id: Ib72fe0fcae5eaaa5bbc755e9af5a36b23b370bde
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35710
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This will be reused in the next commits in order to
use use krb5_c_decrypt_iov() instead of krb5_c_decrypt()
in some situations.
Change-Id: I026cce14cb48813907e52793f3075cb4b9ce16c1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35709
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I1d14ffe928e1b303eee7e95a45a9617ffcfb151b
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35707
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit will finally allow the decryption of DCERPC
traffic with AES-keys and header signing.
Change-Id: I3a76541493976c9f4d3d228757e8fe0e08a0f02c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/35711
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use G_GUINT64_FORMAT and remove the format character when printing
unsigned value. Use G_GINT64_MODIFIER when also giving the format
character ('x').
Change-Id: I7c02ec3ebd058c392f8fb21a0e20e242a06e8888
Reviewed-on: https://code.wireshark.org/review/35896
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There are some deltas between the UN*X epoch and other epochs that are
used in a number of places; put them into a header.
Change-Id: Ia2d9d69b9d91352d730d97d9e4897518635b4861
Reviewed-on: https://code.wireshark.org/review/35895
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Certificates used in TLS typically have a serial number larger than 64
bits which do not fit in FT_UINT64 and results in use of the synthetic
ber.64bit_uint_as_bytes field name. To enable use of ocsp.serialNumber
and x509af.serialNumber field names, define these as bytes instead.
Update the BER dissector to allow INTEGER types to use FT_BYTES.
Bug: 16339
Change-Id: Id58075b450d86aff6b616c359900ae83a3ec2f51
Reviewed-on: https://code.wireshark.org/review/35868
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Do not assume that having a TCP port means that CoAP is running directly
over TCP: this is not the case with MQTT for example (see bug 14591 for
a capture). Instead explicitly check that the parent dissector is TCP or
TLS.
Bug: 15910
Change-Id: Ib4880623b8525fe6be52a685397005eac86da135
Reviewed-on: https://code.wireshark.org/review/35879
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The S/370-and-later TOD clock counts in microseconds, not seconds.
Change-Id: I0b11586df073ed589d69ffc014e6f8661dff3d31
Reviewed-on: https://code.wireshark.org/review/35891
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Those times are in seconds since January 1, 1904, 00:00:00 (proleptic?)
UTC.
MPEG-4 Part 14 (MP4) is based on QuickTime, so it uses classic Mac OS
time stamps, in seconds.
Change-Id: Ibcd7faf1b119d8acbb294c95b66ca0d1fb70cbb3
Reviewed-on: https://code.wireshark.org/review/35886
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- The AVP should be an OctetString
- Orientation of major axis should not be multiplied by 2 according to
the latest standard.
Change-Id: I68532108cc36f4699c10b35ffdbcfaef0c29d9fe
Reviewed-on: https://code.wireshark.org/review/35890
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For PortMap replies, don't include port number twice in root item.
For rpc.xid, add long text description.
Change-Id: If6d809b4869762b5e564fab68495ab14df7622e3
Reviewed-on: https://code.wireshark.org/review/35874
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Value stored to 'left' is never read
Change-Id: I6d1a996427d26a2a16510ed6446749aed23cca39
Reviewed-on: https://code.wireshark.org/review/35871
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since commit 5dfde7ff ("Print extcap plugins with "tshark -G
plugins"."), compiling with -DENABLE_LUA=no -DENABLE_PLUGINS=no fails.
The definition of plugins_add_description() is guarded by HAVE_PLUGINS
|| HAVE_LUA, but that definition is used without such guards for extcap
right below, resulting in:
ui/qt/about_dialog.cpp:137:29: error: 'plugins_add_description' was not
declared in this scope
Fix this by removing the guards around plugins_add_description().
Change-Id: Ieaddfed923ae3782ade28b2f5004b6a34220659a
Fixes: 5dfde7ff83
Reviewed-on: https://code.wireshark.org/review/35852
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At runtime, the Qt5Svg library is required for displaying language icons
at Preferences. Without this library, these icons will be invisible.
However this does not require a build-time check, so remove it.
Change-Id: I5aaf0282f941513c5e867d8591ddf1916aa408bc
Reviewed-on: https://code.wireshark.org/review/35856
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is possible to decode iLBC payload. It uses libilbc library (https://github.com/TimothyGu/libilbc).
Bug: 16314
Change-Id: Id4cad7ae32305a0e94ef32beb24e07733d7f834e
Reviewed-on: https://code.wireshark.org/review/35686
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ld: CMakeFiles/tfshark.dir/ui/cli/tap-icmpstat.c.o: undefined reference to
symbol 'sqrt@@GLIBC_2.2.5'
Change-Id: Ifbf49ba00a4246e68c1d3965f0257eca1b4e3ef8
Reviewed-on: https://code.wireshark.org/review/35854
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
An ampersand in the menu item text is used as shortcut, so use "&&" to
get a real ampersand.
Change-Id: I333c65bb55cfa01ab60d41df20f443701067e42d
Reviewed-on: https://code.wireshark.org/review/35851
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
IO Graph used to show unsigned integer values not correctly when using
SUM, MAX, MIN or LOAD. For example was the uint32 0x9b37d2b8 shown as
about -1_679_000_000 while it should be shown as 2_604_126_904.
This patch fixes the incorrect type conversions so that unsigned
integer are shown properly in IO Graph.
Change-Id: Ib361e63cce9e088bfdd4b3d3186725c67d33f1bd
Reviewed-on: https://code.wireshark.org/review/35550
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A preference allows the user to decide whether the user data container
payload should be dissected as IP, non IP or not dissected. For non IP,
another preference allows to specify the name of the sub dissector to be
called.
Bug: 16332
Change-Id: I1bfd24eb734d57bff54d99362a90f563751270c6
Reviewed-on: https://code.wireshark.org/review/35857
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When EXTCAP_ANDROIDDUMP_LIBPCAP=1, the compiler warns:
In file included from /usr/include/glib-2.0/glib.h:62:0,
from extcap-base.h:29,
from androiddump.c:26:
androiddump.c: In function ‘extcap_dumper_open’:
androiddump.c:366:19: warning: format ‘%s’ expects a matching ‘char *’
argument [-Wformat=]
g_warning("Can't open %s for saving packets: %s",
pcap_geterr(pcap));
(et cetera)
Fix three occurrences of that warning by using char *fifo as it was
apparently intended.
Fixes: 67a5d9bebe
Change-Id: I0597a345d87594cbe548d118a57e3751d0e3abf6
Reviewed-on: https://code.wireshark.org/review/35853
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In the README.plugins file there is still mention of autotools related items.
This change removes those lingering references.
Change-Id: I1fc7c6d478a6fc8bbe9481178d9f673aaebcad9f
Reviewed-on: https://code.wireshark.org/review/35843
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The use of LAPD SAPI 10/11/12 for TFP + P-GSL is of course not
any official standard, but it's a decade-old defacto usage of said
SAPIs when using an A-bis Superchannel either over TDM/E1 or over
L2TP/IP.
As there never were any official/specified users of LAPD SAPI 10/11/12,
and it's virtually impossible for anyone add them due to the historic
nature of GSM, I believe it's safe to add them simply as default.
Change-Id: I0622e486013c7287f967e6b3ab09c9f211edbd71
Reviewed-on: https://code.wireshark.org/review/35836
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Provide more details about the threshold used for TCP Out-Of-Order
detection.
Switch from dashes for lists to asterisks as recommended at
https://asciidoctor.org/docs/asciidoc-recommended-practices
Change-Id: Ibb6d3d3d5ca15acba5f679ea26142d65f96c69a8
Reviewed-on: https://code.wireshark.org/review/35840
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This makes the address representation in ieee802154_transaction_t and
ieee802154_packet consistent.
Change-Id: I6ae66b48c3b2afe5843e6a82fe5adf1c6be5a7cd
Reviewed-on: https://code.wireshark.org/review/35780
Reviewed-by: Martin Boye Petersen <martinboyepetersen@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>