Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I8f65ed38e0b5f8923b7c273c2fca4c2b57c5af9c
Reviewed-on: https://code.wireshark.org/review/659
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We no longer need a preference to determine the byte order of the T and
L in the TLVs, as libpcap and libwiretap both, when reading a file,
translate from the file's byte order to the reading host's byte order
and, in fact, currently don't use the variable in which the preference
is stored; eliminate the preference.
Change-Id: Id06a6284960c1ac77028af07f3937eb4a7b0acaa
Reviewed-on: https://code.wireshark.org/review/656
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I50c66638d48a6579b50204769bd27210d9d6c228
Reviewed-on: https://code.wireshark.org/review/655
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I688509fff7d5b663f2ff54b42a80c52592613213
Reviewed-on: https://code.wireshark.org/review/654
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Idf5ac9e067a647d3e1be82df352d956c87d6050c
Reviewed-on: https://code.wireshark.org/review/653
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
exception during test.
Change-Id: Ib55ccca4a025fb1cbef52ffa01888fef6d72156a
Reviewed-on: https://code.wireshark.org/review/651
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Bugs fixed:
- Catch exceptions during heuristics test so that the sequence of
dissector heuristics tests is not terminated abnormally;
(Prevents incorrect tshark "one-pass" dissection);
- Comment out registration of heuristic for TCP; TCP dissection
requires different code than for UDP. ("XXX: ToDo" added)
Misc:
- Create/use two extended value_strings;
- "UL" is not needed as a modifier for several constants;
- Remove some unneeded initializers;
- Localize some variables;
- Remove unneeded '#include <stdlib.h>
- Do some whitespace changes.
Change-Id: Ida11cb6b26911c0032155fde7491dd2a6f136c34
Reviewed-on: https://code.wireshark.org/review/650
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I7d7e8bf2d1d63b34659f6de506eb4b2693780cce
Reviewed-on: https://code.wireshark.org/review/649
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I81f726cd20878770a37d9489f40d473960714425
Reviewed-on: https://code.wireshark.org/review/646
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
16 bits.
Change-Id: I6cef08e2da9467cb54b5d08526c77c87e7afe1fa
Reviewed-on: https://code.wireshark.org/review/645
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This adds the ability for Lua scripts to register heuristic dissectors
for any protocol that has registered a heuristic dissector list, such
as UDP, TCP, and ~50 others. The Lua function can also establish a
conversation tied to its Proto dissector, to avoid having to check the
heuristics for the same flow. The example dissector in the testsuite
has also been enhanced to include a heuristic dissector, to verify
the functionality and provide an example implementation.
Change-Id: Ie232602779f43d3418fe8db09c61d5fc0b59597a
Reviewed-on: https://code.wireshark.org/review/576
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added the field information for Phase 1 for the Send Routing Info
For Sm message per request of ticket 9704. Code per the suggestion of
Anders Broman. Adding Phase 1 code to GSMMAP.asn.
Did not have any data to verify that the change worked.
Change-Id: Ic387e2e12e8893abb0f453f5010909ffbfd1808c
Reviewed-on: https://code.wireshark.org/review/147
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I232a12eb7f7ee49464bb45c6f284ca3a3825909c
Reviewed-on: https://code.wireshark.org/review/644
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Icdc4aaa243191dc85e067a75a068c175fa09296b
Reviewed-on: https://code.wireshark.org/review/637
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Make field filterable and use value_string for status
Based from capture available in bug 9855
Need to continue... lot of enhance is possible in ZigBee dissector...
Change-Id: I0ac84e05a7b8b54e9879abbb7495034318188394
Reviewed-on: https://code.wireshark.org/review/631
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
rename the existing SSL test to clarify that it uses the server's
private key for decryption
Change-Id: I13598fc4cf724b144a8f27bfa7a3316acfc78728
Reviewed-on: https://code.wireshark.org/review/640
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
AVP sub dissectors.
Change-Id: I6dcc362ea755794d3e18d8d27ed2128b46bd887b
Reviewed-on: https://code.wireshark.org/review/642
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7d987534243a3e1575191f67d8b660c3c4c4731f
Reviewed-on: https://code.wireshark.org/review/641
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I8e32672912bb202903182126613ce3394e0e1c35
Reviewed-on: https://code.wireshark.org/review/639
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Some strings contain semicolons, which meant g36db2df was terminating
our REs too early. Try terminating them with '}' followed by ';'.
Change-Id: I97f63351ef35c91e3123d9abd47576d47fea4b2b
Reviewed-on: https://code.wireshark.org/review/638
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
returning FALSE.
Change-Id: I9f1ab000f7a2c554d1c20abf8ca4e4bab4b5ef27
Reviewed-on: https://code.wireshark.org/review/635
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Update checkAPIs.pl to look for newlines in value_strings and
enum_val_t's. We now have to perform the check before we strip quoted
strings. Hopefully that won't cause a problem. Rename the check since
we do more than check for NULL termination.
Add modelines.
Fixes bug 9878.
Change-Id: I39dd910db60c7028ea4bdb58e8cfdb239c094748
Reviewed-on: https://code.wireshark.org/review/628
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
and fix indent (use 2 spaces)
Change-Id: I558616e3030a55a845cd4ba31ac32f08bdf8376d
Reviewed-on: https://code.wireshark.org/review/634
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Insert a short check to always check for newer versions
in the tool directory of the pre-commit script
So far, only a warning is being generated, allowing the
developer to decide for him/herself
Change-Id: I6fce60e3de1d051757d0ed38eae8fdc94cec7662
Reviewed-on: https://code.wireshark.org/review/633
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
The PeekRemote headers are 802.11, so "Dot80211" is redundant.
"Wep" really means "Protected" as there's also WPA/WPA2.
"FlagsN" means "802.11n", not "802.11ac", and the "n" in "flagsn"
indicates that. Also, "Hz" stands for "Hertz", as in "Heinrich Hertz",
so the "H" is capitalized.
Change-Id: If46cc4859ae8d65a199c9ad1fd48d2f2128ccd3d
Reviewed-on: https://code.wireshark.org/review/630
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This adds support for a variant of the current Aruba ERM format,
a new format that provides rdio information. This addresses
enhancment bug 9880.
Change-Id: Ia38ff09d9f814193bdc544466dbd005123771262
Reviewed-on: https://code.wireshark.org/review/629
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3f34484f18fba45b23b5acc924b56e5b62291114
Reviewed-on: https://code.wireshark.org/review/627
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If747e7b2af34e27ca8558293140a74691a0113b4
Reviewed-on: https://code.wireshark.org/review/624
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That just breaks too many things.
This catches the examples of that found in bug 9878. There might be
others that my grepping didn't find.
We should also have the checkAPIs.pl script check for this, so this
isn't a full fix for bug 9878.
Change-Id: I3bf6f1fc0fe8654d0f54a995e72f1966ae012f5e
Reviewed-on: https://code.wireshark.org/review/623
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
I'm not sure why it's associated with GLIB_LIBS in most entries - at
some point, was it the case that we didn't use libmath routines but GLib
did? - but there's no guarantee that other libraries don't use them, so
put them at the end of the lists. That also makes the lists a bit more
consistent.
(Yes, I know, the wireshark_ldadd list is followed by some other
libraries in the library lists that use it, so -lm isn't *really* at the
end everywhere.)
Change-Id: Ia2e0b295fdaae771fdee7d5eecdefaa83fae9992
Reviewed-on: https://code.wireshark.org/review/622
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Clicking the "X" clear filter button now applies the clearing to the
displayed packet list. This commit also adds tooltips for the display
filter display filter box's butons.
Change-Id: I827020a7705a32a4a9204d22e94942853e25bba6
Reviewed-on: https://code.wireshark.org/review/601
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Information about value of flags from Emburey
Change-Id: Iba79fba8e95cd2fc80f6fba5fa937d5485fbb381
Closed-bugs: 9586
Reviewed-on: https://code.wireshark.org/review/595
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
The behavior for SIP/SDP handling of RTP conversation tracking
changed in v1.10, with some unintended consequences. The bugs did not
show up at the time because wireshark makes 2 passes of the packet list,
and so the problems auto-corrected themselves in most cases. Unfortunately,
a change in r53641 modified how UDP behaves, making it always create
conversations for UDP packets, and that exposed the bugs inherent in the
SIP/SDP code changes.
This commit reverts the behavior of SIP/SDP to its pre-1.10 model, but
creates a new preference setting for "Delay SDP changes for tracking media",
which if enabled, will turn on the new (but buggy) model introduced in 1.10.
This preference is *disabled* by default, since for a majority of cases the
new behavior is worse than the previous behavior.
The preference, and this commit's fix, is not intended to last long. I intend
to re-write the SIP/SDP/RTP interaction model for release 1.11 - I think it's
too big a change for 1.10, however, which is why I submitted this commit.
Change-Id: Ic5601749d6c2344e952ced8206dd9296bfdc4b90
Reviewed-on: https://code.wireshark.org/review/543
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: Ie38726fb51a74bbcdc630550e61fa0e934ffdd1e
Reviewed-on: https://code.wireshark.org/review/618
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I8bb64a879d1aa779c9ac85db306cbd34d1188243
Reviewed-on: https://code.wireshark.org/review/617
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I9cc33a43e0f06dfad3f9fb53ad0df636f2ea7020
Reviewed-on: https://code.wireshark.org/review/615
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Add the text descriptions for the two toolbars: "Main Toolbar" and
"Display Filter", so the right-click context menu shows what you're
removing/adding. And add a View->Toolbar sub-menu, with checkable
"Main Toolbar" and "Display Filter" entries, which enable you to
show/hide the toolbars via the menu.
If someone has/prefers better names for these things, I'm all ears.
Change-Id: I55b9fbaed2ef6dca3260fa9dfdddd7dad95d05c4
Reviewed-on: https://code.wireshark.org/review/608
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ibb2609b865ebaca14572c480d06ecc6ae7ef73f5
Reviewed-on: https://code.wireshark.org/review/614
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The status line of the 200 OK during a deregistration is (1 bindings), but it
should be (0 bindings). Wireshark should check the "expires=0" in the contact
header not just count the number of the contact lines. But since it's not
truly valid to have expires=o contacts in responses, this commit adds expert
info warning of such.
Also, the REGISTER request itself already says "(remove all bindings)"
in the Info column currently if the Contact was a '*', but it didn't
say something similar if only de-registering one or more explicit
contacts. This has been fixed as well.
Lastly, this fixes three other bugs I found while reading the code and testing:
(1) comma-separated Contact headers will be displayed as a single one if
the first one(s) don't have header params but a subsequent one does; and
(2) the last Contact header param is displayed with the trailing '\r\n'
header separator; and (3) the SIP REGISTER response code displayed contact
binding info for responses other than 2xx, which isn't logical.
Since all of these are in the same area and not critical, I'm lumping these
all together.
A test capture file used for testing is attached to the bug.
As an aside, the SIP header parsing code needs to be refactored. Most SIP
headers follow a common ABNF pattern, and should be parsed using a common
function(s) so these issues don't crop up for specific headers.
Change-Id: I16c531fcb244dc121fc0e8046908e475b41489f9
Reviewed-on: https://code.wireshark.org/review/612
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
* Fix modelines (no CR after modelines)
* Add UDP Port (Attributed in draft 04 Port 4789)
* Update link to last draft (no specify change)
Change-Id: I4cd89719ae00eb64ce4c234c39b9e18cdc1b8b93
Reviewed-on: https://code.wireshark.org/review/613
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Rebase with last change and add Logcat export
Change-Id: Idc9b444b1bf14b95ff60e8466e94f7eecd875b47
Reviewed-on: https://code.wireshark.org/review/14
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
this was broken in 21aa7168c7565445ee544ee78fb6c836a63cd4ed
to be on the safe side, we assue that return value >= 0 means success,
< 0 means failure
Change-Id: I1d03000e6b6d70fac6bef8766d28990d953c8e27
Reviewed-on: https://code.wireshark.org/review/609
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I1be141c58252b8bb0db2ffff2edbb80f92c69cd6
Reviewed-on: https://code.wireshark.org/review/606
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Balint Reczey <balint@balintreczey.hu>
|
|
Change-Id: I2716a8a25627de9c3945fbf5117edcb4859aa95f
Reviewed-on: https://code.wireshark.org/review/605
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- For PollResponse-Chaining SyncReq and SyncResp frames were introduced.
Those frame-types are not recognized by Wireshark yet.
- Currently only the FeatureFlags 0-13 where interpreted by Wireshark.
Flags 14-15 and all extended flags where missing.
14 = SDO Read/Write All by Index
15 = SDO Read/Write Multiple Parameter by Index
16 = Multiple-ASend Support (TRUE = Device supports Multiple-ASend; FALSE = Device doesn’t support Multiple-ASend)
17 = Ring Redundancy (TRUE = MN supports ring redundancy; FALSE = MN does not support ring redundancy)
18 = PResChaining (TRUE = Device supports PResChaining; FALSE = Device does not support PResChaining)
19 = Multiple PReq/PRes (TRUE = Device supports Multiple PReq/PRes; FALSE = Device does not support Multiple PReq/PRes)
20 = Dynamic Node Allocation (TRUE = Device supports DNA; FALSE = Device does not support DNA)
Signed-off-by: Lukas Emersberger <lukas.emersberger@gmail.com>
Change-Id: I9ac19f8b71b1be1094f410141c0f806996b1cb25
Reviewed-on: https://code.wireshark.org/review/589
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
GtkStockItem usage is deprecated with all the GTK_STOCK_.* stock ids.
We keep a stock id based approach but without relying on GTK's
GtkStockItem system.
We create our own internal stock ids for {icon, label} tuples and keep
the original GTK stock id #define-s and values to preserve backward
compatibility.
Change-Id: Ia0b35a5903f079e92c8026e3df21bbf0be2d06b0
Reviewed-on: https://code.wireshark.org/review/302
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
guint8 => 1
guint16 => 2
guint32 => 4
guint64 => 8
Change-Id: I23ae863115522779d99cfadeb698ed43ca626667
Reviewed-on: https://code.wireshark.org/review/597
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1ed387f1cb8d207c32c5202b578bd452cef4401c
Reviewed-on: https://code.wireshark.org/review/594
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7f76e3e3d2d6f3edd2a658fccd5953393ef74ed7
Closed-bug: 9871
Reviewed-on: https://code.wireshark.org/review/596
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
error'
Due to the change I made previously for how methods are accessed, if you try
to access one that doesn't exist (for example mistype it or whatever), you get
an internal Lua error about a loop in table get, as opposed to the right error
message about the field not existing.
That's because I had set the class' metatable __index metamethod to point to
the class table, which of course has the metatable with the __index
metamethod, causing a lookup loop. Blech.
Change-Id: I20d3717feadd45f652c2640e1671846184e7082d
Reviewed-on: https://code.wireshark.org/review/593
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|