Age | Commit message (Collapse) | Author | Files | Lines |
|
Too bad DEC used / as an option character and Bell Labs chose it as a
pathname separator.
Change-Id: Ie58ba79476e0f24e408fae55f6c5eaff3ffb11fa
Reviewed-on: https://code.wireshark.org/review/9680
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
In the decryption_step_ssl_rsa_pq - and the
decryption_step_ssl_master_secret test - duplicate the code used to
generate TEST_KEYS_DIR, so that we construct a UN*X-style path and then,
if we're running on Windows, map the UN*X-style path, which is a Cygwin
path, to the equivalent Windows-style path, and pass that to TShark on
the command line.
Bug: 11372
Change-Id: I442a30c4c954540a05942ed70ec3687941428a96
Reviewed-on: https://code.wireshark.org/review/9675
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Trying to debug the problem.
Change-Id: I26f78e49556cb1d40f0c8ddbfd58f058dceb0e77
Reviewed-on: https://code.wireshark.org/review/9674
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
They were never put in it in the first place because they can't hold the
necessary pointers.
Bug: 11373
Change-Id: I9e2ec76850929b5ac86e6f7a344d70f56ad3911c
Reviewed-on: https://code.wireshark.org/review/9672
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
TEST_KEYS_DIR already contains a trailing slash. Windows does not like
forward slashes, so drop the additional slash to fix tests under
Windows.
Fixes: v1.99.8rc0-417-g85f8a99
Bug: 11372
Change-Id: Ief794977281b70549369c344a193f4d48bcc1776
Reviewed-on: https://code.wireshark.org/review/9668
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Apparently GnuTLS 2.12.23 as used on Ubuntu 14.04 produces different
outputs for the u parameter as observed in gdb. GnuTLS 3.4.2 on Arch
Linux works fine. Workaround this issue by unconditionally calculating
the inverse.
Change-Id: I8406352f8c570b355ea774cafc903662d06888ac
Fixes: v1.99.8rc0-417-g85f8a99
Bug: 11371
Reviewed-on: https://code.wireshark.org/review/9666
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Inspired by (but not as fancy as) Packet Fence, an enhancement written
for Ethereal a loooong time ago by Martin Visser:
https://www.wireshark.org/lists/ethereal-dev/200011/msg00122.html
Several text editors call this a "minimap".
Color each scrollbar raster line to match the color of up to 7 packets.
Note in the comments why this number was chosen.
If we have any flagged frames (marked, ignored, time ref) indicate them
on either side of the scrolbar.
Handle HiDPI (retina) displays. This means that your window size depends
on the height of your scrollbar *and* your monitor resolution.
Qt's idea of the slider rect doesn't match up with the slider on OS X.
This might be local to my build -- I can replicate it Qt Creator.
Change-Id: Ia089d2d766ce37bab11e22d1a5721b4908935304
Reviewed-on: https://code.wireshark.org/review/8982
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ic7d713e8593cd0841089f2c26d2c24f2f008cb31
Reviewed-on: https://code.wireshark.org/review/9667
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
- It was used even though the variable actually *was* in use for
some compile settings.
- It's not the c++ way.
2do: In case the definition of _U_ in Wireshark.pro is only used for
the ui/qt directory, it should be removed to avoid further (ab)use.
Change-Id: I22d6269a66d6ed558035aad3e6702c4a9c8af1fa
Reviewed-on: https://code.wireshark.org/review/9665
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I45fcf87f99dc15eb49343119fa134fb5698b15cf
Reviewed-on: https://code.wireshark.org/review/9664
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
*.qm files are now in a translations subfolder
Change-Id: I233152cd2662aec7072769e27f7a278c6890d8ec
Reviewed-on: https://code.wireshark.org/review/9646
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Move frame flag (mark, ignore, ref_time) member functions from
PacketList to PacketListModel. They arguably belong there and we can
emit dataChanged to signal updates.
Rename some variables named "index" since they shadow a function name.
Change-Id: I9a731a76e4e63e562b561c29d13915278d5a7dbb
Reviewed-on: https://code.wireshark.org/review/9663
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ic221bf911f6de9bc94278350e0642143d14f6e82
Reviewed-on: https://code.wireshark.org/review/9662
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I571f1ddaaa9579af65d558afc7162493a7393703
Reviewed-on: https://code.wireshark.org/review/9661
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
to the SMB2 protocol.
I am submitting this purely so that it is available for others to play with.
Change-Id: I379b9da90731cc61ce38a1fdf21dc7c09d0d114e
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/9496
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I20bb219a32b6c7e39ac415c5c13ad5379f78cba2
Reviewed-on: https://code.wireshark.org/review/9658
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Add a display_is_remote function and use it instead of get_conn_cfilter
to check for remoteness.
Change-Id: Ia93d113afec36ede55daf7dc8394b2dc0d8c9abf
Reviewed-on: https://code.wireshark.org/review/9659
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ibba32a2860f80979ee9df3caeeaeda14fde7e7d0
Ping-Bug: 11358
Reviewed-on: https://code.wireshark.org/review/9649
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Combine the GTK+ RTP Stream Analysis and RTP Graph Analysis dialogs into
one. Yell at the user less. Disable the Analyze RTP Stream menu item if
we don't have an RTP stream selected.
There are a *lot* of moving parts in this dialog. I've tested with the
few RTP captures I have but it's by no means complete.
"To do" items are listed at the top of rtp_analysis.cpp.
Change-Id: Id503977f069bebc46cc68bc749f0c9cbf4d37bf6
Reviewed-on: https://code.wireshark.org/review/9650
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
This reverts commit 4a39706272a59d43530e038f8b20436e2c3052ce.
At least in one quick check, CMake 2.8.12.2 added that already with Qt 5.5.0.
Change-Id: Iabf0e4aa0aa34b380f981f7d039fb3d95847041e
Reviewed-on: https://code.wireshark.org/review/9654
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
protect against a really big tag value
Ping-Bug: 11358
Change-Id: I9ecb5fe6bcd7f25c763d968bf56fb2d9bce2180c
Reviewed-on: https://code.wireshark.org/review/9639
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I1a4a6b3f729c818a68bee1b6b8de3778130252a4
Reviewed-on: https://code.wireshark.org/review/9652
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I281e1bf790b7eefbbd43a3406622262cfe8b36df
Reviewed-on: https://code.wireshark.org/review/9651
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Reported at
https://ask.wireshark.org/questions/43788/struggling-to-decrypt-ssl
"u" requirement is documented at
https://www.gnupg.org/documentation/manuals/gcrypt/RSA-key-parameters.html#RSA-key-parameters
Add regression test (key is generated manually with p and q swapped and
qInv recalculated).
Change-Id: I5505ddcdb54bb47d7a58867b8c3e53fcc0f66dde
Reviewed-on: https://code.wireshark.org/review/9573
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Remove unused SSL_FAST code. That approach cannot work in modern
libgcrypt anyway since the symbols were renamed and private to
libgcrypt. The RSA decryption routine is not even a hot path, it is only
called for decrypting the encrypted pre-master secret.
While at it, expand the SSL_PRIVATE_KEY macro and remove its definition.
Change-Id: Ied556d18501ea6cbac5fb27218364b3479ad62ce
Reviewed-on: https://code.wireshark.org/review/9572
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
and dissect the components of a tag
add a global true-false string for constructed vs. primitive
Change-Id: If10ecf97cde59e2be9ff5e3163073f6d14e6c61e
Reviewed-on: https://code.wireshark.org/review/9636
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Libraries must be loaded before calling get_runtime_version_info()
Change-Id: Ic95ccde4ce80338b058a22a653736b663c517b38
Reviewed-on: https://code.wireshark.org/review/9637
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Let's use the newly introduced find_heur_dissector_by_unique_short_name() function
Change-Id: I5781b9b2f1ab679da07e97755b71840b4b3a9361
Reviewed-on: https://code.wireshark.org/review/9645
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
As reported in https://www.wireshark.org/lists/wireshark-dev/201507/msg00069.html
Change-Id: I171b934fd97748f17586ffcee8012fd4c0d156b1
Reviewed-on: https://code.wireshark.org/review/9642
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I93ce7151467c890c12f7d612b5a7eecf5f91c189
Ping-Bug: 11358
Reviewed-on: https://code.wireshark.org/review/9640
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Interfaces can appear and disappear, changing the maximum length of the
interface name column; resize it each time we reconstruct the tree.
Change-Id: I38b40f6c3ce51272e8bbb0c7f7fbaa7255886e0e
Reviewed-on: https://code.wireshark.org/review/9641
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
AirPDcapStoreSa() was assuming that ctx->first_free_index would always
be within the ctx->sa array; nothing guarantees that. Fail if it's past
the end of the array; that means there *are* no free indices.
Change-Id: I73145ea3f3dda1b3800a41fa3a2b01ac344dcbfc
Reviewed-on: https://code.wireshark.org/review/9634
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
memcpy(NULL, NULL, 0) isn't guaranteed by ISO C90 to work, so don't do
it. Check whether the length is zero, and don't copy if it is. (If the
count is non-zero and the pointer is null, that's an error, and we
should fail there, so base the test on the length, not the pointer.)
Change-Id: I0b3dc1541b52670d8fef459754c9494cfcc59e5d
Reviewed-on: https://code.wireshark.org/review/9633
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This allows for a global place to enable/disable all heuristic dissectors. This removes the need for individual dissector preferences, but those will be removed at a later date. The more important part is the epan code to save/restore the enabled state of the heuristic dissector. The GTK dialog was more for quickly testing the feature (there was already some GTK code in place that started the heuristic dialog tab)
Change-Id: Ie10687505c27a4456c49d5c4c69a5fc5f6394275
Ping-Bug:11152
Reviewed-on: https://code.wireshark.org/review/9508
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
dissect the next layer.
Bug: 11354
Change-Id: I24a6f2b04e138902fb548ca500af35b18f08acdc
Reviewed-on: https://code.wireshark.org/review/9619
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
lsa_String type in .cnf
There seem to be multiple definitions of an "lsa_String" depending on the DCE/RPC dissector, so change was made just in EventLog.
Bug: 10264
Change-Id: I32e97c2a537b01d3bfe9dd03452b8ee1af4d1c2e
Reviewed-on: https://code.wireshark.org/review/9598
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
RTCP can be carried within TURN CannelData messages, or STUN/TURN Send
messages. The TURN message can be in UDP or TCP, of any port number (by
default the even port 3478). So the RTCP heuristic dissector used inside the
TURN ChannelData/Send payload needs to match regardless of the port number of
the packet.
Bug: 11336
Change-Id: I155b87c3e666478d3245366784d7d4e49c8e42c8
Reviewed-on: https://code.wireshark.org/review/9624
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The STUN heuristic dissector decoded a packet as a TURN ChannelData message
with a relatively weak heuristic. In order to avoid incorrect matches, it
checked for an existing conversation first, but the UDP layer dissector will
create a conversation so this check was basically useless.
Therefore, the STUN heuristic dissector no longer matches TURN ChannelData
messages at all. If it matches another TURN message type, then it sets the
dissector for the conversation to be the non-heuristic dissector, and then
ChannelData messages will be decoded by that.
Based on the new heuristic dissector enable/disable model, in the near future
I might add another heuristic for a weaker check, to include TURN ChannelData.
Bug: 11152
Change-Id: I3f3763ce5f7be71e1402e620424df45e7ea99ee5
Reviewed-on: https://code.wireshark.org/review/9486
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Make TURN-based TFTP heuristic dissector check for valid opcode and error code
before matching TURN payload content.
The TFTP heuristic dissector incorrectly matched TURN ChannelData message data
content when it shouldn't. Unfortunately, the TFTP protocol has very little
constrained structure to perform heuristic detection with. It basically
always matched/succeeded.
Bug: 11335
Change-Id: I950fd5a273fef63d7b069c87d1146cbd752c3bd9
Reviewed-on: https://code.wireshark.org/review/9489
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: If6c0c66bc429a041b3454f1f2355d4659cb17bbf
Reviewed-on: https://code.wireshark.org/review/9630
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Merge rtp_sample_header_t into rtp_sample_t. That's the only place it
was used. Note that rtp_sample_t is used for writing rtpdump files.
Move the rtp_sample_t definition to tap-rtp-common.c. Rename it to
rtpdump_info_t. Make rtp_write_sample static.
Change-Id: I04e7428f634efa87a98e5d6c82a354f94ab1765d
Reviewed-on: https://code.wireshark.org/review/9629
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Adding the additional rpath in the build process appears to have fixed
the problem I was trying to debug.
Change-Id: I518deea67837f7e084e503b8e5ae7c3f188df3c8
Reviewed-on: https://code.wireshark.org/review/9628
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
macdeployqt will stuff them into the bundle for us; exclude anything in
the Qt frameworks directory from the lists of dependencies for us to
copy or munge. (We don't copy them correctly - that results in the
underlying binary being copied to the Frameworks directory - and we
leave it up to macdeployqt to do the munging.)
Change-Id: I10cfb8dcb2abadde9d5c52252979267912710f80
Reviewed-on: https://code.wireshark.org/review/9627
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This doesn't fix any of the underlying problems discussed in bug 10613
but it does keep us from dereferencing a NULL pointer.
Change-Id: I9317366a6ae6e563dcadb32bccee87e8803c37e3
Ping-Bug: 10613.
Reviewed-on: https://code.wireshark.org/review/9626
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Qt 5.5 and later have @rpath-based install names for the frameworks,
which means that, if they're not installed in some frameworks directory
searched by default (such as /Library/Frameworks) - which is the default
case with the Qt installer - they won't be found by default.
Add the directory in which the frameworks exist as an rpath in the
Wireshark binary, so that they'll be found, and then remove it from the
Wireshark binary in the app bundle, as the directory in which the
frameworks exist on the machine on which Wireshark was built is
irrelevant to the machines on which it's being deployed - the frameworks
are included in the bundle, and we already add an rpath to find them
there.
Change-Id: I54e033743e7b17eab26976064dcd7cd000f97c78
Reviewed-on: https://code.wireshark.org/review/9625
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
I have some other hammers to try it hit it with to get it to actually
work with Qt 5.5.
Change-Id: Ie20ccbcee62fa48f768ba22478d07b9dc18d0139
Reviewed-on: https://code.wireshark.org/review/9623
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
the range.
Previously the length was ignored and 8 bytes were always read.
The constraint on int64() and le_int64() becomes stricter to match int()'s ones:
the range must be 1, 2, 4 or 8 octets long.
Change-Id: Ic66798757564ac840c332b978effb418726a654c
Reviewed-on: https://code.wireshark.org/review/9622
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
We need to preserve the full path of the framework binary.
Change-Id: I3a13eaffc07028a26fbd970db02cc1cce3fdcd5d
Reviewed-on: https://code.wireshark.org/review/9621
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That's easier than trying to carefully copy the relevant bits.
Change-Id: I2f174a735bf91f6434929c25ca33aced03e19597
Reviewed-on: https://code.wireshark.org/review/9620
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make each Lua Proto object have an alloacted ett value, so
that they expand/contract only for the same protocol.
Bug: 11356
Change-Id: I68fb3ff00e080b47d540344aba2554e392b7f1c4
Reviewed-on: https://code.wireshark.org/review/9611
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|