Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I8516d0c561ed0b63e49a3594027c9c15bb789258
Reviewed-on: https://code.wireshark.org/review/9726
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
* use the offset variable to keep track of where we are,
remove the position variable
(previously, offset remained 0 all the time...)
* use proto_tree_add_item()
* highlight the correct bytes for each field
* define a block type and block length instead of
naming these fields differently for each block
* indent by 4 spaces
Change-Id: Ie0995e5fe6364605fd30020f171e51458844fa59
Reviewed-on: https://code.wireshark.org/review/10080
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: I32fdf085ef484d147d9f0b27c56efba41bb827bf
Reviewed-on: https://code.wireshark.org/review/10086
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11450
Change-Id: Ic77ddd193246c0202efcc9c11e61e8f6f85329c5
Reviewed-on: https://code.wireshark.org/review/10087
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
It was in the list of packages but not in the final command line.
Change-Id: I361e660cc4ac91121314a3f8a7388b48fb2c61b7
Reviewed-on: https://code.wireshark.org/review/10081
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Make sure we run make-tap-reg.py on files that register tap
listeners. Make sure Qt-specific registration routines start with
register_tap_listener_qt_.
Change-Id: Idca382180f475db71e4d1965a70ae4cc2fa4f9d5
Reviewed-on: https://code.wireshark.org/review/10074
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I878aa23b5d718653b9039aeb94a0ece88c9c03cf
Reviewed-on: https://code.wireshark.org/review/10079
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
leaving the parsing loop should be enough in this case...
Change-Id: Ic250961aeb4d3cfcd74ee8caacb59657c32444de
Reviewed-on: https://code.wireshark.org/review/10078
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I4d31063b4aa37e4b0a68b5dbc17be22ef2cd151a
Reviewed-on: https://code.wireshark.org/review/10077
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
The columns must be recreated even if no capture file is loaded
because custom columns may have reference to deregistered fields.
Change-Id: I4ed7345b3200e5af211695f1a6511ee229d5f13c
Reviewed-on: https://code.wireshark.org/review/10076
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Check for IPv4 and IPv6 multicast addresses. We might have captured on
an "any" interface, or on a PPP link, or used some other method that
doesn't result in dl_dst.type == AT_ETHER.
Change-Id: I18b0597fd432e4cec8c388a3c7d2d18ac4da0fad
Reviewed-on: https://code.wireshark.org/review/10009
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Bug: 10783
Change-Id: Id598838f036b1f312791d9dddbf3767dcbfd1aee
Reviewed-on: https://code.wireshark.org/review/9937
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 11447
Change-Id: I5fe14616ed6e86e0bfe02c58cc9fb31e43bc23ef
Reviewed-on: https://code.wireshark.org/review/10071
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Clang
Change-Id: I91cc96f92ae2e6b07144120d70f8db5b7ad45fce
Reviewed-on: https://code.wireshark.org/review/10070
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I0c36179b63f5d60037de80badfea352c903c2525
Reviewed-on: https://code.wireshark.org/review/10065
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Required introducing packet_info* to xml_frame_t structure.
Change-Id: Ie777fe3bc8c7ea052d3441dd31e0631ce47324cb
Reviewed-on: https://code.wireshark.org/review/10063
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11435
Change-Id: I1f3006a4276e8a95d028294ebb9635f71be0f75e
Reviewed-on: https://code.wireshark.org/review/10013
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1 millisecond = 1000000 nanoseconds, not 1000 nanoseconds, and
nstime->nsecs is nanoseconds, not microseconds.
Change-Id: I6925ff80f6443015f83ca00bad2a347d10eadd7c
Reviewed-on: https://code.wireshark.org/review/10060
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
packet-amqp.c:10660: warning: implicit conversion shortens 64-bit value into a 32-bit value
packet-amqp.c:10661: warning: implicit conversion shortens 64-bit value into a 32-bit value
Change-Id: Ic1c19edf10432dccb5fc4f3ea07defd45b9eef17
Reviewed-on: https://code.wireshark.org/review/10054
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
draft-ietf-pce-segment-routing has been issued. Reference:
https://mailarchive.ietf.org/arch/msg/pce/Zdsc0HHl1SLvpANRWhpLvIzJQyI
There are implementations out there that are using 5 as SR-ERO subobject
identifier (instead of 36 that will be assigned by IANA) and 27 as the
PATH-SETUP-TYPE TLV identifier (instead of 28 that will be assigned by
IANA). This patch decodes both 5/36 as SR-ERO subobject and 27/28 as
PATH-SETUP-TYPE. It is unlikely that IANA will re-assign code points 5
and 27 in the near future.
Change-Id: Ie2efa869344e4c1121f19f1ee3a71711d566a037
Signed-off-by: ff <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/10057
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: I875ecb05e0919e81e6d8d1d00f802c8d5df5b214
Reviewed-on: https://code.wireshark.org/review/10053
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
The CMake dumpbabi targets collectively copy over 800 files. Do
that when when we build the actual targets instead of at configure
time. Hopefully this will speed up initial CMake runs.
Change-Id: I6e4d691e24c73ea05d638a0f897f570541c84e38
Reviewed-on: https://code.wireshark.org/review/10052
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: Idb8a2cff075a1ffe5e3cd1d6f4d3fb1b6c357cdb
Reviewed-on: https://code.wireshark.org/review/10055
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Timestamps are currently dissected as integer numbers; two aspects need to
be recatored to correctly dissect timestamps:
- the add_1_0_proto_item() function
- protocol fields (hf_xxx) and the get_amqp_1_0_value_formatter()
(1)
The AMQP 1.0 dissector rely on the proto_tree_add_item. There is only one
invocation common for all datatypes (in add_1_0_proto_item), which cannot
pass any type-specific ENC_xxx specifiers and it cannot handle custom
datatypes like AMQP timestamp.
I propose to replace the add_1_0_proto_item() by type-specific dissectors that
will correctly set the ENC_xxx specifiers and handle exceptional cases like
the AMQP timestamp or the zero-length true/false datatypes.
(2)
The get_amqp_1_0_value_formatter implements a table-driven magic to select
alternate hf_xxx field based on the actual datatype. This however
- defines alternate fields where the standard permits only one datatype
- does not support fields that can contain any datatype ("*")
- does not support FT_TIMESTAMP
I propose to make this mechanism less table-driven (more explicit and more
flexible) and allow all alternates permitted by the standard.
Change-Id: Ib2cbda632d4c81ec3e6b81f539fe77bb913afc1c
Reviewed-on: https://code.wireshark.org/review/9528
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id5e13df24409267c405cdd05479610a8ba898289
Reviewed-on: https://code.wireshark.org/review/10047
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I6505ce34de84bfe46d5bc7b4d6a3c6044f3fb4b5
Reviewed-on: https://code.wireshark.org/review/10041
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
When created, they have a reference count of 1; when added to an action
group, the reference count is increased as a pointer is held by the
action group. Release the reference we got, as we're not holding onto
it.
Also, rename "menu_item" to "menu_action", to indicate that it's an action.
Change-Id: I54543dcc2e6c3b341a9f584fe1b6099a134771b3
Reviewed-on: https://code.wireshark.org/review/10049
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Also, use g_strconcat() in other places where we prepend / to action
names.
Hopefully, this will make it easier to find common code between all the
N different places where we add menus and menu items.
Change-Id: Iee876866730cada64428df17f1f3c4552cc3ac93
Reviewed-on: https://code.wireshark.org/review/10048
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Action names are expected to begin with /, so prepend a /.
Fixes the "plugin" menu mechanism (which could be used by built-in code
as well, so it's not really a "plugin" menu mechanism).
Change-Id: Ic45412399078796359649cc876d2c8bfc9a790c6
Reviewed-on: https://code.wireshark.org/review/10046
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I445e09803023d1a22a663ba0501c013f113b5bfe
Reviewed-on: https://code.wireshark.org/review/10045
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I8ab194bf094e82f08ddafb0a1451aec42989b93d
Reviewed-on: https://code.wireshark.org/review/10044
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I7dbfa8f82454bd93ca5a66f22c29982923803918
Reviewed-on: https://code.wireshark.org/review/10043
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ib415582f4bf2529c412bed329b3ee7daccde29b0
Reviewed-on: https://code.wireshark.org/review/10042
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
get_tcp_conversation_data().
Callers may need to know information like retransmissions, etc which will be lost.
Change-Id: I3f8b6b0aeb308701eb34ae6f6f735af6995ed441
Reviewed-on: https://code.wireshark.org/review/9940
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I5ab4974cc60cdec0c3571bdec815c8cb9e8f7255
Reviewed-on: https://code.wireshark.org/review/10040
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
If we try and reassemble a fragment whose end does not line up exactly with the
start of the following fragment, abort or else we will leave uninitialized gaps
in the resulting buffer.
Bug: 11436
Change-Id: I4cd05c1a9ac4404bf70a3945f80b12f7bf5f74ee
Reviewed-on: https://code.wireshark.org/review/9983
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Icea1659395d7bc16e367b74a695586926b33149b
Reviewed-on: https://code.wireshark.org/review/9968
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I36a3d15a4fa86847a83d1dbea40111d36d7cfd61
Reviewed-on: https://code.wireshark.org/review/10036
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
At least with kqueues, NOTE_REVOKE is delivered if the file system
containing the vnode in question is unmounted, and that gets mapped to a
change notification by QFileSystemWatcher, so the right thing should
happen.
I'm not sure whether the right thing happens on Windows.
Change-Id: I1e4c0d510f31f68d574c4d4cf20524666382930f
Reviewed-on: https://code.wireshark.org/review/10039
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Somebody asked about repeated SMB traffic when running the Qt Wireshark:
https://ask.wireshark.org/questions/45036/permanent-smb2-traffic-with-1997
and that's due to said polling. On the main desktop platforms (Windows,
OS X, Linux) we can use QFileSystemWatcher plus, on Windows and OS X,
some additional stuff to check for unmounts (and get FreeBSD as a
freebie, as it works the same as OS X), and avoid timeout-based polling.
Change-Id: I3a1d0110fedcdb442ed09c16dab4bf0cb06ca331
Reviewed-on: https://code.wireshark.org/review/10038
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The default version doesn't use GTK+ any more, so the version we
distribute doesn't have "Categories=System;Monitor;GTK;", and the Debian
version presumably shouldn't put it into category "GNOME".
Change-Id: I4e59026b5c4f26d02e4a96686e339f8d54bdcd1e
Reviewed-on: https://code.wireshark.org/review/10035
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The default binary, "wireshark", is now a Qt binary; "wireshark-gtk" is
the GTK+ one.
Change-Id: Ibfec5d796a9796c2588c4305b18dc4506a435228
Reviewed-on: https://code.wireshark.org/review/10034
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Using 2 spaces for indent is way past its prime.
Change-Id: I80caf89f15e576f9aeb25754576a9f18215ccb3c
Reviewed-on: https://code.wireshark.org/review/10032
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: I3b2f25832ca878ec3e7f9e4dcce258dc870fc5ad
Reviewed-on: https://code.wireshark.org/review/10031
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I6fe78266a2e881fa80e1e3a3423b685d3c1764de
Reviewed-on: https://code.wireshark.org/review/10029
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Append to end and prepend to start, not the opposite.
Change-Id: Ic0e2a7f04a0d9ff18a6fd7063d0550ad35eece1a
Reviewed-on: https://code.wireshark.org/review/10027
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
This fixes some issues with use-after-free when reload Lua plugins.
Change-Id: I63f3fd9ebe8a19008f560e72067f2078f5eaf759
Reviewed-on: https://code.wireshark.org/review/10026
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Changing fields in http, imf or ldap used to trigger redissect twice
because of UAT_AFFECTS_FIELDS and UAT_AFFECTS_DISSECTION.
Also changed from redrawVisiblePackets() to columnsChanged() because
fields in a custom column may have changed.
This also fixes reloading Lua plugins with Lua fields in custom columns.
Change-Id: I805a765690decbe7434dbf1c33ebd1113e23d16d
Reviewed-on: https://code.wireshark.org/review/10025
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Fix heuristic checks to handle sliced packets correctly. "Correctly"
means "fail the heuristic", as the heuristic checks every single byte of
the putative Ixia trailer, as one thing it does is check the checksum,
which is in the last 2 bytes of the trailer and checks everything before
it. So just return 0 if the full trailer isn't part of the captured
data.
Try to handle being handed a tvbuff that contains an FCS by looking at
the putative "magic number" locations where it would be if the tvbuff
didn't include the FCS and, if that doesn't match, where it would be if
it *did* include the FCS. If the former doesn't match but the latter
does, assume that means it does include the FCS, and do all other
processing under that assumption.
Clean up some comments.
Fix an hf_ variable name to match the field name, and put the tvbuff
value fields in the order of their types.
Don't fail if the field length is 0 - it's a value length, so it could
in theory be 0. Rely on the length checks for individual types to catch
problems.
Change-Id: Idc834aa6637cfbbafd6499060a007e720378154e
Reviewed-on: https://code.wireshark.org/review/10024
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I035fad79dd8d01aa3121732f2a9b07d20cc4384f
Reviewed-on: https://code.wireshark.org/review/10023
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|