| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I848cf4c63f9b4c7daf6e63f2e60cd1d5aded7b82
Reviewed-on: https://code.wireshark.org/review/1010
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ida21963cd68f8fc7387cd2ca37d9436f98318d40
Reviewed-on: https://code.wireshark.org/review/1004
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Windows still needs the definition of in_addr_t
Change-Id: I43c417de8e8199cfa58b9d494be5e828f959f1a9
Reviewed-on: https://code.wireshark.org/review/1009
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
* Remove flag I and F (from old draft of draft-ietf-ospf-manet-or)
* Add flag AT (Authentication) from RFC6506 (RFC7166)
Closed-bug: 9941
Change-Id: If6e9c2aa3d2e437ac499253a3061579f344fe607
Reviewed-on: https://code.wireshark.org/review/1003
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Idc7e84fe9f00c30ad6edebcdd11c72d3a7fb77e7
Reviewed-on: https://code.wireshark.org/review/1005
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
So don't pull in <netinet/in.h>. Also, avoid <sys/types.h> in
packet-dcom.c.
While we're at it, do *not* assume that pinfo->src or pinfo->dst are
IPv4 addresses.
Change-Id: I5fc8e859780a8d863aaf6e90a21a7039cabae0e6
Reviewed-on: https://code.wireshark.org/review/1006
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I4506be6ae8deda5e8d1e038b089620a15b650b03
Reviewed-on: https://code.wireshark.org/review/1000
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
What matter in these cases is the number of bytes on the wire; either
sizeof(guint8) = 1, sizeof(guint16) = 2, and sizeof(guint32) = 4, in
which case just using 1, 2, and 4 avoids "64-bit to 32-bit conversion"
warnings on LP64 and LLP64 environments, or they're not equal, in which
case using 1, 2, and 4 rather than the sizeof()s is correct.
Change-Id: I4f15c5fae51958c1aff17ff819a9878fa6bd1f54
Reviewed-on: https://code.wireshark.org/review/999
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I9e0eec78bd2020040eb8d5fe5e527fb2a6fc6f9b
Reviewed-on: https://code.wireshark.org/review/998
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Sample file with traffic is the same as for CAT021 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9953). Apply filter "asterix.category == 23" to see only CAT023 packets.
A small change in actual dissecting code was also needed because of strange item I023/101. The first FX bit is in the second byte and then grows only for a byte.
Change-Id: I3f80e6e46b642efc6f2e19e6f931cdef1c39495a
Reviewed-on: https://code.wireshark.org/review/993
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: If8fcfe1971c8863f370e440f64c36eb7566f6852
Reviewed-on: https://code.wireshark.org/review/113
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This squelches some run-time dissector asserts.
Change-Id: I0ce33c4eb6e9c3bd371e47363a981e9a7a0dc789
Reviewed-on: https://code.wireshark.org/review/997
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
So get rid of the commented-out FT_UCS2_LE; that would be handled as an
FT_STRING, FT_UINT_STRING, or FT_STRINGZ with an encoding of
ENC_UCS_2|ENC_LITTLE_ENDIAN.
Change-Id: I828fc1ed49843a503ec70e6adaf6dadd256df407
Reviewed-on: https://code.wireshark.org/review/996
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This squelches a run-time warning.
Change-Id: I5b147530b7f9255c3564fe24b56e0ea3eab45852
Reviewed-on: https://code.wireshark.org/review/995
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
For various string types defined in X.680, use the appropriate encoding,
or ENC_ASCII|ENC_NA in some cases where we don't have an appropriate
encoding yet.
This most significantly fixes the handling of BMPString and
UniversalString, which are supersets of ASCII (Unicode Basic
Multilingual Plane and Unicode, respectively), but don't encode ASCII
characters as single octets. It also fixes UTF8String to, well,
properly recognize UTF-8.
This also lets us get rid of the special handling of SyntaxBMPString in
X.509sat (and, in fact, *requires* us to get rid of it, as, otherwise,
the string value appears twice).
Change-Id: I325c4e71a6110278eb23b86e0d986e6439cfc328
Reviewed-on: https://code.wireshark.org/review/994
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
For each graph you can set:
- Its visibility
- A name
- A display filter
- Color, from a fixed list
- Plot style: Line, Impulse, Bar, Stacked Bar, Dot, Square, Diamond
- Basic Y Axes (packets/s, bytes/s, bits/s)
- Computed Y Axes (SUM, MIN, AVG, MAX)
- Smoothing
You can pan and zoom using the mouse and keyboard. Clicking on a graph
selects the last packet for that interval. If all graphs have the same Y
axis a single label is shown, otherwise a legend is shown.
The time scale (X axis) can be toggled between relative seconds and the
time of day.
Graphs can be saved as PDF, PNG, BMP, and JPEG. Settings are "sticky"
via the io_graphs UAT.
To do:
- Minimize graph drawing delays.
- Figure out why smoothing differs from GTK+
- Everything else at the top of io_graph_dialog.cpp
- Fix empty resets.
A fair amount of code was copied from TCPStreamDialog. We might want to
subclass QCustomPlot and place the shared code there.
Move common syntax checking to SyntaxLineEdit.
Move some common code from ui/gtk/io_stat.c to ui/io_graph_item.[ch] and
use it in both GTK+ and Qt.
Make the io_graph_item_t array allocation in io_stat.c static. The
behavior should be identical and this gives us additional compile-time
checks.
Change-Id: I9a3d544469b7048f0761fdbf7bcf20f44ae76577
Reviewed-on: https://code.wireshark.org/review/435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
|
|
payload format'
Given an SDP m= line such as this:
m=audio 29156 RTP/AVP 18 0
SDP will show a media format of G.729 (the 18) and then two G.711 entries: one
for the extra space between the 18 and 0, and one format for the 0. The latter
is correct, but the extra space one isn't.
Technically such an m= line is malformed, since only one space is allowed
between payload formats; but it's definitely not a format of 0.
A similar thing happens in many parts of SDP dissection code. It needs to issue
an expert error and handle it gracefully.
Change-Id: I1f1500489a13a55e03fc8ea14b37d99a019fc449
Reviewed-on: https://code.wireshark.org/review/989
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Increase the max Diameter message size to 65534 and reject messages whose
flags have both the E- and R-bits set.
Change-Id: Ib11701a47d23ff042a346d59c56f9f0f4410e6b7
Reviewed-on: https://code.wireshark.org/review/990
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If043683f366fedd849688ca3c512707954221a3b
Reviewed-on: https://code.wireshark.org/review/984
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
heuristic. Bug 9956
Change-Id: I2c4d26ee27684d1f18c39add249b9cd116cf6f71
Reviewed-on: https://code.wireshark.org/review/985
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I119bbc0c4979a938e4d4633e6acbf46d265b8398
Reviewed-on: https://code.wireshark.org/review/988
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The ASP and DSI dissectors had almost-identical dissection of the ASP
and DSI "status" responses. What's being dissected is defined by the AFP
specification (and might be different for protocols *other* than AFP
running atop AFP or DSI), so move that dissection to the AFP dissector.
Note that, at least for AFP-over-DSI, the spec isn't being followed in
at least one capture.
Change-Id: Idb1013483f3a3bdf2b7eb0618e48fc178a338642
Reviewed-on: https://code.wireshark.org/review/987
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ib9eced1b652345cd40edb96ddde092f41a8f669c
Reviewed-on: https://code.wireshark.org/review/986
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Don't attempt reassembly and squash an expert info when we're in an error
packet.
Change-Id: I7d19e4ab7add78829bf1e28ad92dce3a7431c37d
Reviewed-on: https://code.wireshark.org/review/964
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
(e.g. opendaylight, nox, openvswitch, etc) still use legacy port
numbers. The most common are 6633 and 6634. This patch adds a
simple heuristic logic and uses the current uint preference as
additional input. In most cases no user intervention is needed and
OpenFlow is automatically detected/dissected.
Change-Id: Iebf09b7b870efe9d52421b9acc238208d25d4565
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/921
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ifebae1d444037a1432d62d710c42c1da9dd0ed58
Reviewed-on: https://code.wireshark.org/review/979
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I5792fe99f0c75dfa0a9c5e20c4784e2e8a9c00f0
Reviewed-on: https://code.wireshark.org/review/983
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
I coincidentally found a few files with errors, so I thought it might be time to run it on the whole directory again.
Change-Id: Ia32e54b3b1b94e5a418ed758ea79807c8bc7e798
Reviewed-on: https://code.wireshark.org/review/978
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
this should contribute to fix bug 9949
Change-Id: I5235a14b5603ac22c41dd38fb405409c066c9444
Reviewed-on: https://code.wireshark.org/review/952
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Ibe2aa48284fe7a507133f5b70a22110bb3bb56cb
Reviewed-on: https://code.wireshark.org/review/973
Reviewed-by: Ralph Böhme <rb@sernet.de>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
wmem_packet_scope() cannot be used outside of a packet treatment
Change-Id: I6e545bbb51f325b366288f17358f9d2347a7d7c4
Reviewed-on: https://code.wireshark.org/review/977
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
It was found in https://code.wireshark.org/review/#/c/972/ and only commented out.
The bug is now fixed, the variable is used.
Change-Id: I0361b269a06f45f4d36b8bc97c3623618cb5f859
Reviewed-on: https://code.wireshark.org/review/976
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
dissectors
Change-Id: I7489e2fb3a1f2630ca17b0a5fe1aa873992f1061
Reviewed-on: https://code.wireshark.org/review/975
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Iffab8a62cf58d3ccf54fe2ed086aae80eb425a5f
Reviewed-on: https://code.wireshark.org/review/929
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This extension is defined in RFC 6962.
Change-Id: I3aa7321c60baef59ccb59ded6b91f3e42c854bfa
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/970
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This adds two tls hello extensions from
http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-11 which got
numbers assigned by the IANA in
https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
In addition it also adds a new certificate type defined in the same
documents.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Change-Id: I3c52d9602f2f255a5700cc6a9954385ad0d7cae8
Reviewed-on: https://code.wireshark.org/review/969
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This adds detection for the named brainpool ecc curves defined in RFC7027.
Change-Id: I125ddbf74068888f4989781d274dbc74feb8b20c
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/968
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This adds basic detection of Supplemental Data as defined in RFC4680.
Change-Id: I8dac99bf243a6bd176585d1fe70f82abcae70c7f
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/967
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
draft-mcgrew-tls-aes-ccm-ecc-08
This adds the new cipher suites from
http://tools.ietf.org/html/draft-mcgrew-tls-aes-ccm-ecc-08
They are defined by IANA in
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
Change-Id: I1a1576567782abb93ae5b09efd4199cb1040d5d2
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/966
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I07125f1779063527f24d9195a9999cef4c8fe343
Reviewed-on: https://code.wireshark.org/review/972
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: If72685f41cd32854d6c0c04716ee640196431f87
Reviewed-on: https://code.wireshark.org/review/961
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8832c139938e767de71b2cc74ca41208f509e478
Reviewed-on: https://code.wireshark.org/review/959
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I5c9dbd59b18eff5dc9cb9476f1883cb9fa9d9c02
Reviewed-on: https://code.wireshark.org/review/958
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Iecc560a672970817ddc401c654c19f446fe398e9
Reviewed-on: https://code.wireshark.org/review/963
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Change-Id: I07ecca5612ae9fa2b053a62c69014612c5125d5e
Reviewed-on: https://code.wireshark.org/review/962
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I01052bb4c41a17e8289cc7ed1b465042c23b6d82
Reviewed-on: https://code.wireshark.org/review/957
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Otherwise a library reinitialization leaks at least one large 8MB chunk.
Change-Id: I5336fef5925eb54e88a72f1a16fc0ddf77ae6c10
Reviewed-on: https://code.wireshark.org/review/945
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Indent typo coming from 23d7d2ca2674565404262734f1a5855f83535c85)
Change-Id: Ic4deae30d64db9f264223366d2d9d880708001d8
Reviewed-on: https://code.wireshark.org/review/956
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
in_error_pkt too.
Add a comment indicating what we should be doing when the PKTDROP chunk contains
a truncated data chunk.
Change-Id: Icbba4c6dafc5c2656fc337734a1a570ef4a055d2
Reviewed-on: https://code.wireshark.org/review/950
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I78a011291217be901efba331e8e41ca527d52e10
Reviewed-on: https://code.wireshark.org/review/955
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
