from Aruba ClearPass 6.5.5
HP-Port-Bounce-Host (attribute id 23) and HP-Captive-Portal-URL (attribute id 24)
Change-Id: I5b0646344dad4da00bb298eb1f989e76bc27db6f
Reviewed-on: https://code.wireshark.org/review/13541
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix typo on wiki URL
Change-Id: Iac6203ca5fb1390b37ce9c8932661a3609ed4bc8
Reviewed-on: https://code.wireshark.org/review/13540
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissectors registered with SSL must be registered for Export PDU to
work properly. Otherwise the dissector name could be NULL, resulting
in a capture file that cannot properly be dissected.
Add an assertion to ssl-utils to catch this situation. Note that this
results in an "wmem_alloc: assertion failed: (allocator->in_scope)"
report because these functions are possibly called in the protocol
handoff routines... Can be fixed later.
The DNS dissector is fixed by merging the UDP/TCP dissectors into a
single dns handle which recognizes TCP and then assumes the length
prefix if TCP.
Change-Id: If73b9b09a4682d66fb8fa026c42a3475648f9bf1
Reviewed-on: https://code.wireshark.org/review/13194
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Avoid a RSA private key lookup for client certificates, the RSA private
key is only valid for the server certificate. The lookup based on the
client cert resulted in overwriting the server match.
Bug: 12042
Change-Id: I60aa79f8f2b941bfde032e20ab11446ae4e6c81b
Reviewed-on: https://code.wireshark.org/review/13530
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
We set them to the file's values in wtap_read(), but we weren't setting
them in wtap_seek_read(); set them in both places.
Change-Id: Id604b1c7d27d4cee6600249e9435c49d02f8dd61
Reviewed-on: https://code.wireshark.org/review/13531
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The gui.layout_type preference is part of the Layout submodule (which is
part of the gui module. The Layout submodule has a special apply
callback that validates its prefs. These validations were never called
though because the prefix is "gui" and as a result that module would be
marked as changed.
Fix this crash by calling the validation function on the submodules
instead holding the pref, not its parent.
Change-Id: I2a49dce93fdc7fab4ab3dc52dad90288c2d17434
Reviewed-on: https://code.wireshark.org/review/13154
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When using QMessageBox with custom buttons, exec() function returns
an opaque value. Therefore we should use clickedButton() to determine
which button was clicked.
Example in https://wiki.qt.io/Custom_QMessageBox_Buttons
Change-Id: I81824414e31345bb9ea77f72f1b4cdeaa21d2781
Reviewed-on: https://code.wireshark.org/review/13523
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I896b945067c4325a29c41c23ad39486e356d9434
Reviewed-on: https://code.wireshark.org/review/13474
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(I.e., it's just names, traffic sparklines, and, if available, extcap
options; it's not the more detailed list of capture options seen
elsewhere.)
Change-Id: I21cc244ae17abab95f8124e39425e8beae564380
Reviewed-on: https://code.wireshark.org/review/13507
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The I/O Graph allows the user to choose from several different Y-axis units.
Three of the selectable Y-axis units unconditionally imply a per-second
time unit (/s) regardless of the actual I/O Graph Interval value selected.
In addition the Y-axis label includes the “/s” as a suffix regardless of the
current Interval value.
This patch removes "/s" suffix from the Y-axis pick-list units. This patch
also dynamically adds the selected Interval value to the Y-Axis label or
alternatively as the first line of the legend box that is displayed if the
various enabled graphs have differing Y-axis values. For readability the
pick-list values for sub-second Interval values are changed to 1 ms, 10 ms
and 100 ms from the original pick-list values of 0.001 sec, 0.01 sec and
0.1 sec respectively.
To support adding a “Title” to the legend, the QCustomPlot widget is
augmented with “Legend Title” source authored by “David” as posted at:
http://www.qcustomplot.com/index.php/support/forum/443
Note: This patch changes the valid Y-axis unit values stored within the
io_graphs preferences files. Any io_graphs files having entries with the
now obsolete Y-Axis values of “Packets/s”, “Bytes/s” or “Bits/s“ will be
silently upgraded to “Packets”, "Bytes" and "Bits" respectively when
saved.
Bug: 11855
Change-Id: I503ff6dc20b09d90f087342084fb0db6e0080c7f
Reviewed-on: https://code.wireshark.org/review/12219
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Output from BASE_HEX et al has always been zero-padded to according to
the field type - 8 digits for FT_UINT32, etc.
When the field has a bitmask, this is definitely not appropriate - the
field type is used to indicate the size of the bitfield container, and
tells us nothing about the size of this field.
Instead, determine the actual size of the field by inspecting the
bitmask, and output the corresponding number of hex digits.
Change-Id: I10ec4e93e1e40e8b1354d5368cc8945cf671a617
Reviewed-on: https://code.wireshark.org/review/13225
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The Windows installation includes the Qt translations files qt_XX.qm
in the installation directory (e.g. C:\Program Files\Wireshark\).
However we've tried to load the files only from the
QLibraryInfo::TranslationsPath (C:\Qt\5.3\msvc2013_64_opengl\translations\).
This path is missing in a normal Windows environment.
Therefore strings like "Ctrl" haven't been translated.
Change-Id: I45bc873fdd95fd0ab5c79e70d9ff062274f899fe
Reviewed-on: https://code.wireshark.org/review/13485
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fixed code layout to use common style in the file.
Mostly whitespace changes.
Change-Id: Id37b57717a9e26248fad07322dff09b1d1f45ac2
Reviewed-on: https://code.wireshark.org/review/13504
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
So far the plugindir variable in the pkg-config file is set like
this:
set( plugindir "\${libdir}/${PLUGIN_INSTALL_DIR}" )
where libdir is set to:
set( libdir "\${exec_prefix}/${CMAKE_INSTALL_LIBDIR}" )
However, PLUGIN_INSTALL_DIR already contains
CMAKE_INSTALL_LIBDIR:
set(PLUGIN_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/\
${CPACK_PACKAGE_NAME}/plugins/${CPACK_PACKAGE_VERSION}")
Therefore, if the pkg-config file is generated by cmake, the
resulting plugindir points to:
plugindir=${libdir}/lib/wireshark/plugins/2.1.0
libdir=${exec_prefix}/lib
This is obviously wrong as after variable substitution the
resulting path is /usr/lib/lib/wireshark/plugins/...
Change-Id: I448991284d8948434311b1c0828828fd93d0baf8
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-on: https://code.wireshark.org/review/13258
Tested-by: João Valverde <j@v6e.pt>
Reviewed-by: João Valverde <j@v6e.pt>
That takes into account any time-shifting that's been done.
Change-Id: Ib4c01e7b055f5ac2f1111bcbe946c6094dcb70ae
Reviewed-on: https://code.wireshark.org/review/13502
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add fields for the absolute time stamp (and another field for a presence
flag for the absolute time stamp) and the packet encapsulation for the
packet.
This lets us remove the field for the packet encapsulation in the
frame_data structure; do so.
Change-Id: Ifb910a9a192414e2a53086f3f7b97f39ed36aa39
Reviewed-on: https://code.wireshark.org/review/13499
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just treat it as an array of bytes. When checking for whether it's a
pcapng file, also determine whether it's big-endian or little-endian.
Note that reading it in *host* byte order will tell you whether it's in
your byte order or byte-swapped; you have to know your byte order to
know whether that means little-endian or big-endian.
Have a #define for the byte-order magic number size, as all byte order
magic number values must be that size, and use that as the size of the
magic-number arrays.
Also use a #define for the SHB block type magic number.
Get rid of a now-unused expert info. (If the magic number isn't
something we recognize, we don't treat the file as a pcap file, so it
can never be "unknown".)
Change-Id: Ic74cceac17d1490eb70a28f67cb4dbb512e031ac
Reviewed-on: https://code.wireshark.org/review/13494
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(If the magic number isn't something we recognize, we don't treat the
file as a pcap file, so it can never be "unknown".)
Change-Id: I7e8bac1ebd2cbfd6d603035428274a1098ff7544
Reviewed-on: https://code.wireshark.org/review/13491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just treat it as an array of bytes. When checking for whether it's a
pcap file, also determine whether it's big-endian or little-endian.
Note that reading it in *host* byte order will tell you whether it's in
your byte order or byte-swapped; you have to know your byte order to
know whether that means little-endian or big-endian.
Have a #define for the magic number size, as all magic number values
must be that size, and use that as the size of the magic-number arrays.
Handle nanosecond timestamp resolution while we're at it.
Change-Id: I4d83579d919ae9f15888afca14317631d413ca51
Reviewed-on: https://code.wireshark.org/review/13490
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The compiler being used for the 64-bit OS X build is buggy; throw in an
otherwise-unnecessary cast to squelch its bogus warning.
Change-Id: Ie2104ba861493870191530ca391a089ca3951929
Reviewed-on: https://code.wireshark.org/review/13489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Parenthesize differently and, while we're at it, don't use the useless
gsize data type - C has had size_t since C89, use it. gsize's only
purpose is to use in APIs defined to take gsize arguments.
Change-Id: I7d68273e7e0f0e71947d3505cb283bfa216fce03
Reviewed-on: https://code.wireshark.org/review/13488
Reviewed-by: Guy Harris <guy@alum.mit.edu>
DIAG_O{FF,N} take a warning flag name *without* the "W".
Change-Id: I00558e42804b9f2ec4e80fae7c739541880381ca
Reviewed-on: https://code.wireshark.org/review/13487
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ie1d2779d9eaf59c2f440efa096f6707375f11c6f
Reviewed-on: https://code.wireshark.org/review/13443
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Get Attributes All is a predefined list of existing attribute IDs for a given class. Add a new index for each attribute for their place in GetAttributesAll response. Then a hash table of classes for existing attributes are created to handle the GetAttributesAll service.
Added more TCP/IP object attributes since more have been added to the spec.
Moved TCP/IP object attributes all to ENIP dissector.
Bug: 11996
Change-Id: I7f50c9aadf04efdb17ef31f39e6a991c0a84bef2
Reviewed-on: https://code.wireshark.org/review/13186
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>