Age | Commit message (Collapse) | Author | Files | Lines |
|
On the off chance that UMTS FP traffic is being carried over a
pseudowire. :-)
Change-Id: I8db0fbe96545c08f4748bf9ec046e2dc4f2c2cc6
Reviewed-on: https://code.wireshark.org/review/13342
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Discovered by changing wtap_encap_requires_phdr() to use a switch
statement and comparing the case arms.
Change-Id: I2a23b86ddfbc88c1b3251a0e97f7f00ee93f630e
Reviewed-on: https://code.wireshark.org/review/13341
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That lets us handle pseudo-headers derived from packet data in one
central place.
Change-Id: Ie8e1d2d7dac176ea45be08cdc49bd808d9f8cc5b
Reviewed-on: https://code.wireshark.org/review/13340
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Iad17e64de609d95d1e13c94ae13d1a4834786dd6
Reviewed-on: https://code.wireshark.org/review/13339
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I725891d40d27ed87963d717c2c69b1288dafd2da
Reviewed-on: https://code.wireshark.org/review/13338
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That lets us handle pseudo-headers derived from packet data in one
central place.
Change-Id: I25cb7599a8d3c31e5cbcfda94b072557209f5342
Reviewed-on: https://code.wireshark.org/review/13337
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It's not safe to pass a null data pointer to a link-layer header type
dissector that expects the data pointer to point to a pseudo-header.
Also, remove one extra layer of protocol tree.
Change-Id: I030d38fd7d2f99d471020227597e4d7d81506e3e
Reviewed-on: https://code.wireshark.org/review/13336
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I848159f0c960e0e8ece09c7c96dda6deb0ec6046
Reviewed-on: https://code.wireshark.org/review/13329
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This bug was introduced in d1cb746, when HAVE_PCAP is not defined.
Change-Id: I67cd51e4eec45cf7e7c3bdbfea9b8e164bb92883
Reviewed-on: https://code.wireshark.org/review/13333
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
remove some unnecessary if(tree) checks while at it
Change-Id: I2ed7153a25a96f9fa08476176980655117aae26e
Reviewed-on: https://code.wireshark.org/review/13334
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I2bdb40d287b2c19d40679fb73a8bae5f1debdd98
Reviewed-on: https://code.wireshark.org/review/13330
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: I3e2fad7f0307e599802c37040b34c899efb0e603
Reviewed-on: https://code.wireshark.org/review/13328
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The new ADD_ADDR format contains a truncated HMAC value of 8 bytes.
The specifications can be found in RFC6824bis-04.
Change-Id: Ief5118aea06fcd6c502ff4e55f0a49bf3234fd09
Reviewed-on: https://code.wireshark.org/review/13304
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Use eapol key data length to differentiate between #2 and #4.
This should work around ieee802.11 client implementation errors.
Windows is setting the Secure Bit on #2 when rekeying and Bug 11994
has a sample capture with the Nonce set in #4 and are so both
violating the spec.
Bug: 11994
Change-Id: Ia9e9c68d08dae042cfa7fd9517892db211b0a00f
Reviewed-on: https://code.wireshark.org/review/13299
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Rewrote to avoid unneeded g_strdup/g_free constructs, made some
arguments const, simplified some code and fixed some whitespace.
Plugged a memory leak in extcap_free_info().
Change-Id: I0bfcd86e6464d8bc592329b05dc994191a430096
Reviewed-on: https://code.wireshark.org/review/13306
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
This reverts commit 67c58497442fb52571e7507cab0115567eb6352d.
It's not *guaranteed* to be there in *every* UN*X, but it's in at least
the Single UNIX Specification V3, as well as in shells commonly used in
non-UNIX UN*Xes :-), so it'll be there in the UN*Xes we'll be run on.
Change-Id: I541f7607055a24d6933d10244f85eea60052a3d8
Reviewed-on: https://code.wireshark.org/review/13325
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8cb7f1dcf9cbe360f38a2d9e05f1b876c80409e3
Reviewed-on: https://code.wireshark.org/review/13324
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Dissectors that need it should fetch it with
find_dissector_table("wtap_encap").
Change-Id: I4b12888f20182aa529274b934b81d36f7697e1a6
Reviewed-on: https://code.wireshark.org/review/13323
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
When desegmentation is disabled (as is done with the SSL Decryption
(master secret)" test), the app_data dissection is ignored because the
app_data dissector it not yet known. Fix this by continuing when the
port-based dissector is known (as was done before).
Also add avoid setting a "(null)" protocol in the tree when the
app_handle is not set (because the encrypted data is not decrypted for
example, or when the heuristics dissector fails to set a protocol).
Fixes regression since v2.1.0rc0-1501-g50dc0e8 ("ssl: improve
interaction with heuristics subdissectors").
Change-Id: I65c1d4705dec8f6fea8b7ac02151fab9dc6152d6
Reviewed-on: https://code.wireshark.org/review/13312
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Include the pcapng block name in every error message to give user a better hint as to where the error is
Bug: 8798
Change-Id: Idd80a8541ac37a42b9bd2e988fa8da1ce7bc91a0
Reviewed-on: https://code.wireshark.org/review/13310
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ic4c5c0b86e90dc5f3e5e0a6023e21756fa8015d3
Reviewed-on: https://code.wireshark.org/review/13320
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
If a link-layer header type is one where Wiretap generates a
pseudo-header from the bytes at the beginning of the packet data, we
can't handle it, because we don't have code to process those bytes and
generate a pseudo-header. Punt on it.
Change-Id: I28c585e9d368216411cc841068ce3414f27f2d86
Reviewed-on: https://code.wireshark.org/review/13319
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ia0c7b9f1a6d311e6172f9848a7c809107b6fcd65
Reviewed-on: https://code.wireshark.org/review/13316
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I6f3df909b2cb20a869dd1b812cdf6cdf8946e83c
Reviewed-on: https://code.wireshark.org/review/13313
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Check for it with DISSECTOR_ASSERT().
Change-Id: I71ba81107f7a4aff21b0f0dbecb5158dc4ff6238
Reviewed-on: https://code.wireshark.org/review/13318
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 12013
Change-Id: If753fcdbb01d646fc4db43485549e8c6f668eced
Reviewed-on: https://code.wireshark.org/review/13311
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
If a packet has a comment, the Protocol Hierarchy Statistics dialog will
add its stats to a top-level "Packet comments" node instead of the
"Frame" node. Add a check for the pkt_comment protocol ID and skip over
it if we find it. Affects Wireshark 2.0, 1.12, 1.10, and probably
earlier versions.
As an alternative we could always force "Frame" to be the first item in
the tree.
Change-Id: If7cd817071caf6219515f5d8121b3a1a2c0d79a6
Reviewed-on: https://code.wireshark.org/review/13297
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I1da2f3e5d5cd6111a6ac7abaee2a97a36e8fd3c1
Reviewed-on: https://code.wireshark.org/review/13309
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I6031ae6f9b31447665236098c87ffed97e4b8a2d
Reviewed-on: https://code.wireshark.org/review/13275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This is an enhancement to allow a plugin to obtain capture file
and other status information via a simple plugin_if call
Added GTK port to this revision
Bug: 11968
Change-Id: Ibcf4e8b43c6f3b48e971fa4020a07cc273234fb8
Reviewed-on: https://code.wireshark.org/review/13103
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Change-Id: I22cdf02286262ae55ea94b4387791d3d28769f31
Reviewed-on: https://code.wireshark.org/review/13286
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Adds the list of available extcaps to the plugin list in the
About dialog of Wireshark (Qt only). To do this, and additional
sentence is provided in the extcap arguments list, which allows
for additional information to be passed (as of right now, just
version and display is used)
Additionally, cleans up the code when using g_free.
Bug: 11683
Change-Id: I04a958e2b73c9a707ab1cb4f2fc8345833a854a9
Reviewed-on: https://code.wireshark.org/review/13224
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Drop the custom str_to_addr_ip, it overruns the buffer with at most 3
bytes when an empty string is passed. Remove sizeof(guint8) while at it,
the C standard requires this to be 1.
Avoid overwriting uaudp.system_ip to avoid an invalid free of the
preference.
Change-Id: I39cb0a35364f2ecd32b780fcb7c0253bd866f329
Reviewed-on: https://code.wireshark.org/review/13145
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When a single frame contains multiple SSL segments and the higher-level
PDU requests desegmentation, then each segment will trigger a
dissection, resulting in a new tree for each.
This seems to happen because the SSL dissector tries to complete a
reassembly whenever a segment is found in the last frame. When doing the
second pass, the fully reassembled segment is known and as a result the
payload dissector is called for all SSL segments in a single frame.
Fix this by checking whether the end of the segment covers the whole
reassembled data. Another workaround is added to avoid "[SSL segment of
a reassembled PDU]" in the Info column when desegmentation finishes.
Also fix the SSL version in the Protocol column when a segment is part
of a reassembled PDU.
Bug: 11079
Change-Id: I9ae0c8ae5c56ed0dd7b071dec8bcc87e838a068d
Reviewed-on: https://code.wireshark.org/review/12307
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 12011
Change-Id: Idcb0b547d49dcf4b87ddfc05aceb24d06c38ab32
Reviewed-on: https://code.wireshark.org/review/13295
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie41471f79191097c491d58949c4e90b314cade04
Reviewed-on: https://code.wireshark.org/review/13300
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3ec3c4723d29d84b25419982712707126351a01c
Reviewed-on: https://code.wireshark.org/review/13301
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This was intended to be set as:
CPPFLAGS="$CPPFLAGS -DQT_GUI_LIB"
but got misplaced/misfixed.
It is unsetting all the previous CPPFLAGS in autoconf.
No longer needed, remove.
Change-Id: I0c87b5f68917ef4a9eb45735ed4255c8952908d9
Reviewed-on: https://code.wireshark.org/review/13293
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I574b0364a3007c02d45bbb8cfbfed786a78da0a5
Reviewed-on: https://code.wireshark.org/review/13289
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Also allow for range to include "the rest" (ex 10- would include all the packets starting at number 10)
Bug: 9686
Change-Id: Ib02e52b22acf49b0e52df0a75fa4fa0d5f37aa31
Reviewed-on: https://code.wireshark.org/review/13291
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
dissect_ber_constrained_bitstring
Bug: 11828
Change-Id: I43c493ed261e73e0f3b31892c161dcfc46071054
Reviewed-on: https://code.wireshark.org/review/13292
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add a version to each utility, displayed in the about dialog of Wireshark
Change-Id: I64936072b13116b3e173c50411e9fff45d5fbf4c
Reviewed-on: https://code.wireshark.org/review/13290
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 12007
Change-Id: Icd31988ebbfe1e0bf4d29f32462c58c6c2c55547
Reviewed-on: https://code.wireshark.org/review/13277
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib5cf998cd0217e9335d826962efdc29ff13af12a
Reviewed-on: https://code.wireshark.org/review/13214
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie21553cf487dbf3920f4ba955503a819103d7b51
Reviewed-on: https://code.wireshark.org/review/13279
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic9f41f34b017d161f13604cf8813bc70aa7a68d4
Reviewed-on: https://code.wireshark.org/review/13284
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I14d8245ee5ca51d15c7b6eda3d5993a805680530
Reviewed-on: https://code.wireshark.org/review/13287
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I3b16427f43603bc665385b5c59d6e278797a2b96
Reviewed-on: https://code.wireshark.org/review/13285
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
With this dissector, anyone can write a plugin to dissect their
data type and RTPS will call it if the dissector is registered using
the Type Name (what is the common thing to do).
Also, added a fix in dissect_APP_ACK so now the APP_ACK messages
are properly dissected. It had a couple of wrong offsets and was
calling dissect_serialized_data instead of directly adding the
serialized data (dissecting an encapsulation that is not there).
Bug: 11917
Change-Id: Ie1c6880d60e3537a1cbae4840cc6ff6e1a62ca0e
Reviewed-on: https://code.wireshark.org/review/12824
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I9d749c43727291768a36adc0c1956f73a5374f91
Reviewed-on: https://code.wireshark.org/review/13283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|