Age | Commit message (Collapse) | Author | Files | Lines |
|
Indicate whether they take a signed time delta or an unsigned time
delta.
Export unsigned_time_secs_to_str() while we're at it.
Change-Id: I0fbe87f1825efa886364caa61a3358b79d285947
Reviewed-on: https://code.wireshark.org/review/15324
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Its absolute value *is* expressible as an unsigned 32-bit value, so have
time_secs_to_str_buf(), for negative values, just put a - at the front
of the string and then pass the absolute value to
time_secs_to_str_buf_unsigned().
Change-Id: I87252fe541d9aac4902f81493c9f032ec3ed1500
Reviewed-on: https://code.wireshark.org/review/15323
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Put the routines that handle absolute time ("relative to the Epoch")
together and the routines that handle relative time together.
Change-Id: I15256921091ab67a1d92026385bf1b27aa52b404
Reviewed-on: https://code.wireshark.org/review/15316
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Older versions of this dissector displayed the header timestamp formatted to show
minutes, seconds, and milliseconds past the hour (the DIS spec actually defines the
timestamp in terms of microseconds). This commit fulfills a feature request to
return to that format.
Bug: 12402
Change-Id: Ide4adf8f80306f2458e48e8b2f78c911782669e5
Reviewed-on: https://code.wireshark.org/review/15276
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: If496ca47f6e8b093511ee9a9a6834a49ef3553fa
Reviewed-on: https://code.wireshark.org/review/15308
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
- do not packets in error in reassembly table
- filter retransmissions based on N(S) value
See https://www.wireshark.org/lists/wireshark-users/201605/msg00000.html
Change-Id: I0c2ab36acd5927529d40f8fa7fd2eed17a6fc486
Reviewed-on: https://code.wireshark.org/review/15281
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
If we detect that we're writing to a TTY and that it doesn't support
UTF-8, convert our output to the current code page on UNIX/Linux or
to UTF-16LE on Windows. This helps to ensure that we don't fill users'
screens with mojibake, along with scrubbing invalid output.
Add a note about our output behavior to the TShark man page. Add a note
about the glyphs we should and shouldn't be using to utf8_entities.h.
Bug: 12393
Change-Id: I52b6dd240173b80ffb6d35b5950a46a565c97ce8
Reviewed-on: https://code.wireshark.org/review/15277
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ibe35ee1dd8dcea5641e8cb8104c1fbf33966eca4
Reviewed-on: https://code.wireshark.org/review/15299
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
MIBenum values are from an IANA registry, not a WAP specification; add
<epan/iana_charsets.h> to declare the MIBenum -> Wireshark encoding
mapper routine and the value_string_ext for MIBenum values, and
epan/iana_charsets.c to define them.
Change-Id: I6d9c82cd011bd5211c688322e6423de38e161f41
Reviewed-on: https://code.wireshark.org/review/15298
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
As seen in the capture given in https://www.wireshark.org/lists/wireshark-users/201605/msg00007.html
The extension length is not always equal to ll the options defined for a given release
Change-Id: I68ba57dd384122eed1f1ff36cc8acc7ef029fcd0
Reviewed-on: https://code.wireshark.org/review/15290
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
It seems like LAPSat can have have padding bytes as seen in the capture found
here: https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9005
Change-Id: Ia2c7230c4c9fdae0bbe456585ab164f04eda0eb8
Reviewed-on: https://code.wireshark.org/review/15293
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
http://www.iana.org/assignments/character-sets/character-sets.xhtml is
the official IANA registry for character sets, including MIBenum values,
and it shows MIBenum values in decimal, not hex, so show them in
decimal, not hex.
Change-Id: Id00a0d351a1f758401232aba621cc60aeccf360a
Reviewed-on: https://code.wireshark.org/review/15292
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Don't just treate the strings as piles of ASCII characters.
Add a proto_tree_add_item_ret_string_and_length() routine to help do
this. Clean up some of the documentation of the proto_tree_add_item_ret
routines while we're at it.
Change-Id: Ib4c52bd8a8331eac97312583326f5be9175889d9
Reviewed-on: https://code.wireshark.org/review/15291
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
I'm not sure what "4-space tabulation means", but:
if it's "a tab character means 4 spaces", that's just *wrong* in
a UN*X environment (Apple's mistaken use of "tab is 4 spaces" as
the default in Xcode nonwithstanding - Xcode is just *wrong*
there);
if it's "use 4-space *indentation*", then the code should be
reformatted and the editor hints updated.
Change-Id: Ie8249b483fe9d6fcd8db29b72167eb854eec863e
Reviewed-on: https://code.wireshark.org/review/15288
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Show, for each item, the offset and the string value; the offset is
what's used in tokens.
While we're at it, print a 32-bit unsigned length field as unsigned
rather than signed.
Change-Id: I167e1683bab6a8ed1dba4c53c1c9050d5c25c754
Reviewed-on: https://code.wireshark.org/review/15286
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I5136aee86c90ac089273c88ae5fe974759bed67a
Reviewed-on: https://code.wireshark.org/review/15283
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
re-use the boolean hf variables from the atqb
in the ats, the info if nad and cid are supported is in different
positions than in the atqb
therefore, we can't use a bitmask for the hf variables
fetch the correct bit manually instead
Change-Id: I8ba36ff9662052edcc7899f24d1110fdc4834c2e
Reviewed-on: https://code.wireshark.org/review/15282
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Ia9b41ec4dd29ca7316828f4a3f0b3fd112d83202
Reviewed-on: https://code.wireshark.org/review/15279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
* Add AN local and global flags to the SoA frame
* Add NMT command for dynamic node assignment (DNA)
Change-Id: I7cc8c9ee26b0676727d28f32b056fbe1a153c8af
Reviewed-on: https://code.wireshark.org/review/15263
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Christoph Schlosser <christoph@schlosser.xyz>
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
Bug: 11858
Change-Id: I4a4a557f4f217c3dec5285fbc9d152c9df52ccb0
Reviewed-on: https://code.wireshark.org/review/15267
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Added new errorcodes, changed to extended value-string. Removed the
defines as they are and will not be used in the code.
Add errorcode to info column, if there is an error.
Removed the functioncall-tree comment, as it was not up to date.
Change-Id: I0abe8eb046b9b2f28e32cf71e214704daa0aa843
Reviewed-on: https://code.wireshark.org/review/15260
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
As noted in https://www.wireshark.org/lists/wireshark-dev/201604/msg00103.html
a protocol field isn't really a tv_buff, so allow for the possibility
of a NULL tv_buff in a "protocol type". If the tvb is NULL, use the
string of the protocol field for comparison
Bug: 12335
Change-Id: Ie12a5f7b31c7293c61006b0f70135d100a97c4e0
Reviewed-on: https://code.wireshark.org/review/15261
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id8328cb7ca8674564a7230c7395dbeb24ffcea27
Reviewed-on: https://code.wireshark.org/review/15273
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I72bb68bb09a5b3d4501676594b76deff63faa0bf
Reviewed-on: https://code.wireshark.org/review/15211
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Id9a7872ed982e3b615563ca8c6b264f2de8be837
Reviewed-on: https://code.wireshark.org/review/15262
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ibc7da9306077fd67db348f26a327253242e3d1a2
Reviewed-on: https://code.wireshark.org/review/15258
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This way even malformed packets are properly exported
Change-Id: I923825459eea725d0a103810f3883906b95b3b21
Reviewed-on: https://code.wireshark.org/review/15259
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2cb28aad20aff93a99bad830b12805d524c57191
Reviewed-on: https://code.wireshark.org/review/15254
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 12379
Change-Id: I2a6e779e28cd63c2bba6b2c075850f47162e9c7f
Reviewed-on: https://code.wireshark.org/review/15119
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I17bca31d383dbbf5c29d7a28f16f4aa0dad9f945
Reviewed-on: https://code.wireshark.org/review/15252
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: Id94a686c0cffd47e4d51f14e620c59fd153b3d69
Reviewed-on: https://code.wireshark.org/review/15251
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
This reverts commit db4f7fcdeac833f24807994b372d1e42479754bf.
That doesn't work with the compiler being used on the OS X buildbot; that compiler is probably some version of llvm-gcc, which might be based on an older version of GCC without support for that pragma, or might not support it properly courtesy of the GCC front end and the LLVM back end not quite fitting together
Change-Id: I6cd5f1322b4872ef0c4eb5695f021cec00ba85b7
Reviewed-on: https://code.wireshark.org/review/15246
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Ping-Bug: 11858
Change-Id: I53a223f1b46b513e693b40dc8754837eee5cfec0
Reviewed-on: https://code.wireshark.org/review/15242
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
With Q033, connection id (CID) flag change (only on one byte and only say 0 or 8 bytes length
cid never have length 2 or 4 bytes (from old spec), see https://groups.google.com/a/chromium.org/d/msg/proto-quic/pR6FA7oyeV8/4Ec42-GrMQAJ
Change-Id: I9fffe0369a8cc0811bdbc85a9c9fa8539f049981
Reviewed-on: https://code.wireshark.org/review/15164
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic40f86850dc94338a8c2205e04679793f368672f
Reviewed-on: https://code.wireshark.org/review/14967
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Before, the dissector didn't have any code path to dissect the PT
discovery parameters. The code path necessary as well as the
parameter definitions have been added.
Change-Id: I17665a56d033ffbfd16d47fe2e7374111aff9530
Reviewed-on: https://code.wireshark.org/review/14804
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
If the IMAP TCP stream doesn't include the STARTTLS command/response
the IMAP dissector will try to dissect TLS ciphertext as IMAP protocol
plaintext.
Add heuristic check for SSLv3/TLS and if the heuristic matches register
dissect_ssl() as the dissector for that IMAP session.
Change-Id: If84eca22315193a306e93e66c608de6634e6cd85
Reviewed-on: https://code.wireshark.org/review/13570
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Bug: 12400
Change-Id: Ic4116082b0f6c119172b222aadefab821f1b0971
Reviewed-on: https://code.wireshark.org/review/15205
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
USB dissectors can't assume that only their class type has been passed around in the conversation. Make explicit check that class type expected matches the dissector and stop/prevent dissection if there isn't a match.
Bug: 12356
Change-Id: Ib23973a4ebd0fbb51952ffc118daf95e3389a209
Reviewed-on: https://code.wireshark.org/review/15212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
0 means that the dissector rejected the packet.
Change-Id: I9e04443a5f378198f94038e0e67b2e1fde8054be
Reviewed-on: https://code.wireshark.org/review/15210
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Ib453a247eb1a2b6e88b3a4abab301bdc7c18bdb0
Reviewed-on: https://code.wireshark.org/review/15209
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
If a dissector returns 0, it rejects the packet ("this is not my
protocol"). This is in contradiction to requesting more data from TCP.
Bug: 12359
Change-Id: Ib0da7fc3ef92b35b3950e74f50484d9e21a93a6f
Reviewed-on: https://code.wireshark.org/review/15198
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: Icfa09469ffc84943f9e54eae10f60001a3790694
Reviewed-on: https://code.wireshark.org/review/15206
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Bug: 12387
Change-Id: I63370ea884b6fb75a0743fecc06af2e213700645
Reviewed-on: https://code.wireshark.org/review/15163
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I38c2b337bf276f6edc6b5d3f10e47ae81a1610b5
Reviewed-on: https://code.wireshark.org/review/15167
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The preference is disabled by default and saves a little
bit of memory for those that don't get process information
from IPFIX.
Change-Id: I4b6a106d156862a8d53bf2ad5ee88ea857637815
Reviewed-on: https://code.wireshark.org/review/15139
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ida59c339d174e8f9a3b8bf108374875d12c51b21
Reviewed-on: https://code.wireshark.org/review/15153
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
sequence analysis.
That way they only need to be allocated if analysis is being done.
Inspired by https://www.wireshark.org/lists/wireshark-dev/201604/msg00218.html
Ping-Bug: 12367
Change-Id: I797e5b305133d85a2a89688109cc3a218d0a9e88
Reviewed-on: https://code.wireshark.org/review/15138
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Always allocate sub_net_hashipv4 structures with wmem.
Bug: 12386
Change-Id: Ibc4f09c267a2e651d9120ef67d4d5b77635172d6
Reviewed-on: https://code.wireshark.org/review/15152
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|