aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* [Automatic update for 2016-01-24]Gerald Combs2016-01-2416-911/+1207
| | | | | | | | Update manuf, services enterprise-numbers, translations, and other items. Change-Id: I66abd9153f5aa9cf41c7a222c17ff716c9e95cfc Reviewed-on: https://code.wireshark.org/review/13513 Reviewed-by: Gerald Combs <gerald@wireshark.org>
* Indicate what an InterfaceTree is.Guy Harris2016-01-242-0/+4
| | | | | | | | | | | | (I.e., it's just names, traffic sparklines, and, if available, extcap options; it's not the more detailed list of capture options seen elsewhere.) Change-Id: I21cc244ae17abab95f8124e39425e8beae564380 Reviewed-on: https://code.wireshark.org/review/13507 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit bd4644b336071baf9688e8d47349a6b0a0ae55d8) Reviewed-on: https://code.wireshark.org/review/13508
* Avoid inhaling fumes. Do not use near open flame.Guy Harris2016-01-231-1/+1
| | | | | | | | Change-Id: I9040745b2878a9ba8a0677e19af6702c2a766ce2 Reviewed-on: https://code.wireshark.org/review/13496 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit f3713e288b018cf2e9711b2dc2caaba87896bc02) Reviewed-on: https://code.wireshark.org/review/13497
* Fix handling of the byte order magic number.Guy Harris2016-01-231-28/+26
| | | | | | | | | | | | | | | | | | | | | | | | Just treat it as an array of bytes. When checking for whether it's a pcapng file, also determine whether it's big-endian or little-endian. Note that reading it in *host* byte order will tell you whether it's in your byte order or byte-swapped; you have to know your byte order to know whether that means little-endian or big-endian. Have a #define for the byte-order magic number size, as all byte order magic number values must be that size, and use that as the size of the magic-number arrays. Also use a #define for the SHB block type magic number. Get rid of a now-unused expert info. (If the magic number isn't something we recognize, we don't treat the file as a pcap file, so it can never be "unknown".) Change-Id: Ic74cceac17d1490eb70a28f67cb4dbb512e031ac Reviewed-on: https://code.wireshark.org/review/13494 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit e406703c5f8d341153e0b91cc16638c3a556ae49) Reviewed-on: https://code.wireshark.org/review/13495
* Get rid of now-unused expert info.Guy Harris2016-01-231-10/+0
| | | | | | | | | | | (If the magic number isn't something we recognize, we don't treat the file as a pcap file, so it can never be "unknown".) Change-Id: I7e8bac1ebd2cbfd6d603035428274a1098ff7544 Reviewed-on: https://code.wireshark.org/review/13491 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 5fecf1795ef5365db69527e3b64d2234253cd5cb) Reviewed-on: https://code.wireshark.org/review/13493
* Fix handling of the magic number.Guy Harris2016-01-231-23/+44
| | | | | | | | | | | | | | | | | Just treat it as an array of bytes. When checking for whether it's a pcap file, also determine whether it's big-endian or little-endian. Note that reading it in *host* byte order will tell you whether it's in your byte order or byte-swapped; you have to know your byte order to know whether that means little-endian or big-endian. Have a #define for the magic number size, as all magic number values must be that size, and use that as the size of the magic-number arrays. Handle nanosecond timestamp resolution while we're at it. Change-Id: Ia11b8be18892f2cc056c88fcdefe461dfd16818a Reviewed-on: https://code.wireshark.org/review/13492 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* GSM A DTAP: fix display of calling/called party BCD number in parent treePascal Quantin2016-01-221-24/+22
| | | | | | | | | | Change-Id: I0a492d1c304c285b831f553158777843ad195c2d Reviewed-on: https://code.wireshark.org/review/13481 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> (cherry picked from commit 5f5f16021e42ee3bb5078ae1ae0eb9474709c30a) Conflicts: epan/dissectors/packet-gsm_a_dtap.c Reviewed-on: https://code.wireshark.org/review/13484
* Qt: fix a crash when trying to open TCP stream graph on a truncated TCP packetPascal Quantin2016-01-213-2/+5
| | | | | | | | | | | | | Do not try to show TCP stream graph window if it was rejected in constructor Change-Id: I4d1401e2c356391ceb8c8e3d37a668fc2a9fc92f Reviewed-on: https://code.wireshark.org/review/13454 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 06b75181a0a7033e270eae0b8009f5628048f0b5) Reviewed-on: https://code.wireshark.org/review/13465
* Qt: ensure to call destructor when closing a few QDialog windowsPascal Quantin2016-01-213-0/+3
| | | | | | | | | Change-Id: I10d2a610e852fdc2f38b84e561f04783af0d612e Reviewed-on: https://code.wireshark.org/review/13453 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 4b35048af377ffe7379d3bbf041a91740129e080) Reviewed-on: https://code.wireshark.org/review/13464
* X509AF: reset algorithm_id global variable when closing a filePascal Quantin2016-01-202-3/+17
| | | | | | | | | | | | | Change-Id: I59a6e5e482f4f11ab446e9839cc7a0c67742dab3 Reviewed-on: https://code.wireshark.org/review/13424 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 47648e0528f091a6c7525d9d880f85a0a5fa42d0) Conflicts: epan/dissectors/packet-x509af.c Reviewed-on: https://code.wireshark.org/review/13434 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
* Treat invalid (negative or too-large) values in the packet header as errors.Guy Harris2016-01-201-0/+60
| | | | | | | | Change-Id: I86564c485aacd3fcba3f3d8d9da492e0100155e8 Reviewed-on: https://code.wireshark.org/review/12299 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 943be4b755d46fa348bea3474af503c3b9f6dc39) Reviewed-on: https://code.wireshark.org/review/13428
* [iseries] return WTAP_OPEN_ERROR if file_seek() failsMartin Kaiser2016-01-201-1/+1
| | | | | | | | | | | like it's done for the other file types Change-Id: I8caa360b9c527ea642ee6b5102759ad341ad0030 Reviewed-on: https://code.wireshark.org/review/13359 Reviewed-by: Martin Kaiser <wireshark@kaiser.cx> (cherry picked from commit 8a0966c434231e515bc8c5e2130b8a7d8121b37f) Reviewed-on: https://code.wireshark.org/review/13427 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Fix indentation.Guy Harris2016-01-201-31/+31
| | | | | | | | Change-Id: I9fc0b8f98439ac37d4356e742d8c411e2dce473f Reviewed-on: https://code.wireshark.org/review/13425 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 106da4ad5f8f2e18a0382148a3c746793a5c55e4) Reviewed-on: https://code.wireshark.org/review/13426
* Waveagent: fix heuristic dissectorPascal Quantin2016-01-191-1/+1
| | | | | | | | | | Heuristics should be based on the captured data, not the reported one Change-Id: I6b9abdc80bb70c97196c6bddabb76efcccd58672 Reviewed-on: https://code.wireshark.org/review/13421 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> (cherry picked from commit fca54f8c0d44db111ecfb62643ce548b460acc3f) Reviewed-on: https://code.wireshark.org/review/13422
* Qt: Update window title when preferences changed.Stig Bjørlykke2016-01-192-1/+2
| | | | | | | | | | | | | | When switching profile the prefs.gui_window_title may have changed so ensure we update the main window title. Change-Id: Ic1f9c7ac075d77c60cfbebb20624e597f7eb8449 Reviewed-on: https://code.wireshark.org/review/13418 Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> (cherry picked from commit 56bffba031dfd22aced907bcd44ec7c981a820f9) Reviewed-on: https://code.wireshark.org/review/13420 Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
* X509AF: make a local copy of algorithm_id in file scope for later usePascal Quantin2016-01-193-10/+22
| | | | | | | | | | | | | Bug: 12002 Change-Id: Iff48863c1954f76d6fc34150d315d15295dc1f5c Reviewed-on: https://code.wireshark.org/review/13406 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> (cherry picked from commit 5a8020a1b6bb73fcb8bb7eb7d53177bc8a9fc703) Conflicts: epan/dissectors/packet-x509af.c Reviewed-on: https://code.wireshark.org/review/13417
* [iseries] fix iseries_check_file_type()Martin Kaiser2016-01-191-6/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | check that we have a line that contains OBJECT PROTOCOL ETHERNET (at the moment, we fail if there's a line containing OBJECT PROTOCOL but not ETHERNET and succeed otherwise -> a file with some random lines will be identified as iseries) initialize our line buffer with 0s to make sure we don't access uninitialized data while parsing don't set wth->priv unless the file is really an iseries file free the iseries struct if the file is not our type Bug: 11985 Change-Id: I0ac7003c047f54ca025d02e59b56d1ff4e2a6be7 Reviewed-on: https://code.wireshark.org/review/13360 Petri-Dish: Martin Kaiser <wireshark@kaiser.cx> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> (cherry picked from commit 96d585a5e9baef21e1eea8505d78305b034dc80e) Reviewed-on: https://code.wireshark.org/review/13373 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Reviewed-by: Anders Broman <a.broman58@gmail.com>
* [LBMC] Bugfix stack-based buffer overflow in dissect_nhdr_extopt.Michael Mann2016-01-191-12/+39
| | | | | | | | | | | | Bug: 11984 Change-Id: I16ef6e830f0377992233a1bd255c1e3877e56a55 Reviewed-on: https://code.wireshark.org/review/13375 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 1c090e929269a78bf7a4cb3dc0d34565f4351312) Reviewed-on: https://code.wireshark.org/review/13411
* Fix "Apply As Filter..." for BASE_PT field display typesJoão Valverde2016-01-181-0/+4
| | | | | | | | Change-Id: Id92c16d04836b7871a26a285bee5bcf358ca50ef Reviewed-on: https://code.wireshark.org/review/13399 Reviewed-by: João Valverde <j@v6e.pt> (cherry picked from commit 69e80c4d87a259c09721198aecd62a7fdb2f4f7e) Reviewed-on: https://code.wireshark.org/review/13402
* Fix build [-Werror=maybe-uninitialized]João Valverde2016-01-187-19/+21
| | | | | | | | | | | | | | Found building with GCC 5.3.0 and CFLAGS="-g -Og". Change-Id: I5bc29b6e91cc98332a513c9d03b02d2f6906608d Reviewed-on: https://code.wireshark.org/review/13362 Reviewed-by: João Valverde <j@v6e.pt> Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> (cherry picked from commit b87a5af633e109225f4e37ac741db4a990162d54) Reviewed-on: https://code.wireshark.org/review/13368 Reviewed-by: Michael Mann <mmann78@netscape.net>
* Call the "without FCS" version of the Ethernet dissector.Guy Harris2016-01-181-1/+1
| | | | | | | | | | | | | At least in the sample captures attached to bug 2631, the encapsulated Ethernet frames don't include the FCS. Bug: 9933 Change-Id: Ie14b87020c44d739173e5da9fc58a91924f38dfe Reviewed-on: https://code.wireshark.org/review/13377 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 5fe11fb75964d8e0d87fb73d99aa5f69066b9e8f) Reviewed-on: https://code.wireshark.org/review/13378
* Prevent out-of-bounds read in hiqnet_display_data.Michael Mann2016-01-171-14/+25
| | | | | | | | | | | Bug: 11983 Change-Id: If8b0c4ff45014c0d7480e43afaaf12747590a56f Reviewed-on: https://code.wireshark.org/review/13370 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> (cherry picked from commit 69a679cc3a9c087064b7e9521b9e9f3c40dd0b72) Reviewed-on: https://code.wireshark.org/review/13372
* Call the "without FCS" version of the Ethernet dissector.Guy Harris2016-01-171-1/+1
| | | | | | | | | | | | At least in the sample capture attached to bug 3195, the encapsulated Ethernet frames don't include the FCS. Bug: 9933 Change-Id: I4440568deaa676ba8848694b80ed800244c8c5d9 Reviewed-on: https://code.wireshark.org/review/13363 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 278b21329b012ae1081911f95b3d7342444a75da) Reviewed-on: https://code.wireshark.org/review/13364
* [Automatic update for 2016-01-17]Gerald Combs2016-01-1717-609/+897
| | | | | | | | Update manuf, services enterprise-numbers, translations, and other items. Change-Id: Ibb0f9e2e3b108faf8f5363a70275ea8babcbfa7f Reviewed-on: https://code.wireshark.org/review/13357 Reviewed-by: Gerald Combs <gerald@wireshark.org>
* Call the "no FCS present" version of the Ethernet dissector.Guy Harris2016-01-171-1/+19
| | | | | | | | | | | | | | | | | | | | | | I haven't found an official spec for EoIB, but slide 10 of http://downloads.openfabrics.org/Media/Sonoma2009/Sonoma_2009_Tues_converged-net-bridging.pdf shows the "Eth Payload" following the "Eth Header" and optional "Vlan tag", and doesn't show an FCS; "Payload" generally refers to the data transported by the protocol, which wouldn't include the FCS. In addition, the capture attached to bug 5061 includes no Ethernet FCS. So we assume the Ethernet frames carried by EoIB don't include the Ethernet FCS. Bug: 9933 Change-Id: I310e5727c42e05498d1f1df08266a48fd6674388 Reviewed-on: https://code.wireshark.org/review/13351 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 2c3d3435922e5b7da2d3dd819ffb069ca8454664) Reviewed-on: https://code.wireshark.org/review/13352
* Use the "no FCS" version of the Ethernet dissector.Guy Harris2016-01-171-1/+10
| | | | | | | | | | | | | | | | RFC 6325, section 4.1.4 "Frame Check Sequence (FCS)", says "Thus, when a frame is encapsulated, the original FCS is not included but is discarded." meaning that the inner Ethernet frame does *not* include an FCS. Change-Id: Ie764ceb66dd43b951da015870e3e652ccfc651b5 Ping-Bug: 9933 Reviewed-on: https://code.wireshark.org/review/13347 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 24495a1b82e1c9899ee576851ad2fb33201c32ed) Reviewed-on: https://code.wireshark.org/review/13348
* Use the "no FCS" version of the Ethernet dissector.Guy Harris2016-01-171-6/+10
| | | | | | | | | | | | | | | | | | | | RFC 7348 Figures 1 and 2, in the Payload section, says "(Note that the original Ethernet Frame's FCS is not included)" meaning that the inner Ethernet frame does *not* include an FCS. Also, update the protocol references (the I-D is now RFC 7348) and add the I-D for the group policy stuff. Remove some extra blank lines while we're at it. Change-Id: Ib94a43b95b0761e97d1406a1cca3687ee640e12d Ping-Bug: 9933 Reviewed-on: https://code.wireshark.org/review/13343 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit 4b663db5aad728a04651bd44ac236a777248aa5a) Reviewed-on: https://code.wireshark.org/review/13344
* IEEE802.11: fix EAPOL key frame detectionAlexander Wetzel2016-01-163-26/+11
| | | | | | | | | | | | | | | | | | | Use eapol key data length to differentiate between #2 and #4. This should work around ieee802.11 client implementation errors. Windows is setting the Secure Bit on #2 when rekeying and Bug 11994 has a sample capture with the Nonce set in #4 and are so both violating the spec. Bug: 11994 Change-Id: Ia9e9c68d08dae042cfa7fd9517892db211b0a00f Reviewed-on: https://code.wireshark.org/review/13299 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> (cherry picked from commit 6425ba961dc481439c2856052e6e831fa5dc426f) Reviewed-on: https://code.wireshark.org/review/13332 Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
* Keep comments from stealing hierarchy statistics.Gerald Combs2016-01-151-1/+14
| | | | | | | | | | | | | | | | | If a packet has a comment, the Protocol Hierarchy Statistics dialog will add its stats to a top-level "Packet comments" node instead of the "Frame" node. Add a check for the pkt_comment protocol ID and skip over it if we find it. Affects Wireshark 2.0, 1.12, 1.10, and probably earlier versions. As an alternative we could always force "Frame" to be the first item in the tree. Change-Id: If7cd817071caf6219515f5d8121b3a1a2c0d79a6 Reviewed-on: https://code.wireshark.org/review/13297 Reviewed-by: Gerald Combs <gerald@wireshark.org> (cherry picked from commit bebb63bea9cf58665a31c78abcbbe82658b1e49d) Reviewed-on: https://code.wireshark.org/review/13315
* DICOM: fix addition of item subtreesPascal Quantin2016-01-151-10/+20
| | | | | | | | | | | | Bug: 12011 Change-Id: Idcb0b547d49dcf4b87ddfc05aceb24d06c38ab32 Reviewed-on: https://code.wireshark.org/review/13295 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 4f94f25f8ea9c7edb900388b3bc23fb7c74d24c3) Reviewed-on: https://code.wireshark.org/review/13303
* autotools: Remove old hack and bugfix CPPFLAGSJoão Valverde2016-01-151-6/+0
| | | | | | | | | | | | | | | | | | | | | This was intended to be set as: CPPFLAGS="$CPPFLAGS -DQT_GUI_LIB" but got misplaced/misfixed. It is unsetting all the previous CPPFLAGS in autoconf. No longer needed, remove. Change-Id: I0c87b5f68917ef4a9eb45735ed4255c8952908d9 Reviewed-on: https://code.wireshark.org/review/13293 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> (cherry picked from commit 42f64a58133aac9d25345e11ca365ec906bca225) Reviewed-on: https://code.wireshark.org/review/13302 Reviewed-by: Guy Harris <guy@alum.mit.edu>
* [BER] Fix Wireshark heap-based out-of-bounds read in ↵AndersBroman2016-01-141-1/+9
| | | | | | | | | | | | | dissect_ber_constrained_bitstring Bug: 11828 Change-Id: I43c493ed261e73e0f3b31892c161dcfc46071054 Reviewed-on: https://code.wireshark.org/review/13292 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit 9b2f3f7c5c9205381cb72e42b66e97d8ed3abf63) Reviewed-on: https://code.wireshark.org/review/13298
* IPv6 fragment header's reserved octet is 8 bitsKevin Bracey2016-01-141-1/+1
| | | | | | | | | | Change-Id: I14d8245ee5ca51d15c7b6eda3d5993a805680530 Reviewed-on: https://code.wireshark.org/review/13287 Reviewed-by: João Valverde <j@v6e.pt> Reviewed-on: https://code.wireshark.org/review/13288 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
* [editcap] Bugfix tree compare function.Michael Mann2016-01-141-5/+8
| | | | | | | | | | | Bug: 12007 Change-Id: Icd31988ebbfe1e0bf4d29f32462c58c6c2c55547 Reviewed-on: https://code.wireshark.org/review/13277 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> (cherry picked from commit baf3321942459b54863736bdbe61a9335d550601) Reviewed-on: https://code.wireshark.org/review/13296
* Qt: Separate window titles with Em dash on OS XStig Bjørlykke2016-01-141-3/+7
| | | | | | | | | | The window titles on OS X are usually separated by Em dash, so use this when appending prefs.gui_window_title. Change-Id: Ice46179fc872eefc7662b42052b428eabf1b6d61 Reviewed-on: https://code.wireshark.org/review/13256 Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org> Reviewed-on: https://code.wireshark.org/review/13282
* Qt: Add back setWindowFilePathStig Bjørlykke2016-01-141-7/+7
| | | | | | | | | | With support for append to the window title. Change-Id: I2215a080b85d36ceb47495bbb94617743fc3f83e Reviewed-on: https://code.wireshark.org/review/13031 Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org> (cherry picked from commit 91c166867d0d25749b5185e895693a2067703fa9) Reviewed-on: https://code.wireshark.org/review/13281
* [airpcap] Fix parsing of GTKCedric Izoard2016-01-141-54/+44
| | | | | | | | | | | | | | | | | | - When parsing key data for GTK, check both the IE ID (0xdd) and OUI-type (00-0F-AC 1) as key data may contains more that one IE with ID (0xdd) and GTK KDE is not always the first one - Determine key type (TKIP/CCMP) based on actual key length and not size of the whole key_data part - Remove arbitrary limit on size of key_data Bug: 11973 Change-Id: I8f71fe970c07a092131eada2be3936c12a61cdd5 Reviewed-on: https://code.wireshark.org/review/13182 Reviewed-by: Michael Mann <mmann78@netscape.net> Tested-by: Michael Mann <mmann78@netscape.net> Reviewed-by: Anders Broman <a.broman58@gmail.com> (cherry picked from commit b4a1985cef117426a5ec872cadbbf536dd0c636d) Reviewed-on: https://code.wireshark.org/review/13278
* Swapped align error and crc error bit in EtherCAT Switch Link dissector.richardk2016-01-141-4/+5
| | | | | | | | | | Change-Id: I218b1c412c5b8e41025c6a9434caef38653a36df Reviewed-on: https://code.wireshark.org/review/13262 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> (cherry picked from commit b275ea864a38051a68df06614d290f6a4acb80de) Reviewed-on: https://code.wireshark.org/review/13267
* Qt: Show the horizontal scrollbar in the packet detail.Gerald Combs2016-01-131-0/+8
| | | | | | | | | | | | | | | | | | | | Call resizeColumnToContents when we fill, clear, expand, or contract items. This make sure the horizontal scrollbar shows up instead of eliding items. A commonly suggested solution is to call header()->setSectionResizeMode(QHeaderView::ResizeToContents) followed by header()->setStretchLastSection(false). This makes the scroll bar show up when the tree is wider than the window, but when the column is narrower than the window we end up with unused white space on the right. Change-Id: I5896f6048385bed27858f0ac676b29a1bf1255cd Reviewed-on: https://code.wireshark.org/review/13265 Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Gerald Combs <gerald@wireshark.org> (cherry picked from commit 7c2eaefd07e2fb68ae8603c72e1151e5a81dd1b6) Reviewed-on: https://code.wireshark.org/review/13268
* Qt: Update some keyboard shortcuts to match the GTK+ UI.Gerald Combs2016-01-131-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As the QKeySequence documentation says, "On Mac OS X, references to "Ctrl", Qt::CTRL, Qt::Control and Qt::ControlModifier correspond to the Command keys on the Macintosh keyboard, and references to "Meta", Qt::META, Qt::Meta and Qt::MetaModifier correspond to the Control keys. Developers on Mac OS X can use the same shortcut descriptions across all platforms, and their applications will automatically work as expected on Mac OS X." This also applies to Qt Creator on OS X. If you assign a shortcut to an action that contains the Control key, it will draw the ^ symbol in the UI but will save "Meta" in the .ui file instead of "Ctrl", in the manner of a well-meaning-but-not-helpful comedy sidekick. This happened for the actions listed below. Replace "Meta" in their shortcuts with "Ctrl". - Unmark all (Ctrl+Alt+M) - Next marked packet (Ctrl+Shift+N) - Previous marked packet (Ctrl+Shift+B) - Show packet times... (Ctrl+Alt+1 - Ctrl+Alt+8) This matches the GTK+ UI on Windows and Linux, and uses the Command key on OS X. If we really want to use the Control key everywhere we can override the action sequences in main_window.cpp. We might want to do this for the "mark" actions since Command+M is the standard key for "Minimize this window". Change-Id: I1537cee5bc27a32b505bace01c1de3703a18dd6a Reviewed-on: https://code.wireshark.org/review/13238 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> (cherry picked from commit 1f0c9f669375da29c60552ce2f7a63c9bfbd1433) Reviewed-on: https://code.wireshark.org/review/13252
* Assorted cleanups.Guy Harris2016-01-131-13/+13
| | | | | | | | | | | | | | | | | | | | | Fix indentation. Just directly assign values to elements in the packet buffer; no need to convert them to numbers and note the value as a comment. Give more detail in the comment for null-terminating buffers. Terminate packet_buf[] once we're finished reading into it, to make it a bit clearer what's being done. Make the magic number buffer 513 bytes, so we have 512 bytes plus a terminating null. Change-Id: Ie182d93393cc55835b24075e908393c386c85c24 Reviewed-on: https://code.wireshark.org/review/13250 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit b7dc77312720bb1bfa3698f3b48e21c991c49632) Reviewed-on: https://code.wireshark.org/review/13253 Reviewed-by: Anders Broman <a.broman58@gmail.com>
* nettrace_3gpp_32_423 Protect from buffer overun.AndersBroman2016-01-131-1/+5
| | | | | | | | | | | | Bug: 11982 Change-Id: Ib704d9128ab6427751edbf3a33f4b8fd14902562 Reviewed-on: https://code.wireshark.org/review/13233 Reviewed-by: Anders Broman <a.broman58@gmail.com> Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> (cherry picked from commit 140aad08e081489b5cdb715cb5bca01db856fded) Reviewed-on: https://code.wireshark.org/review/13249
* Fix type of acn.dmx.data.Guy Harris2016-01-121-1/+9
| | | | | | | | | | | | | Add a comment indicating what choices are offered here; note that going back to FT_BYTES without changing the way it's put into the protocol tree is *not* a choice that's available. Bug: 11999 Change-Id: I9831c7e9e522d3c7cea2e92c2a989050772019e4 Reviewed-on: https://code.wireshark.org/review/13244 Reviewed-by: Guy Harris <guy@alum.mit.edu> (cherry picked from commit fe1fd19db92dd5890a0c7df71a953e10aac4b4e5) Reviewed-on: https://code.wireshark.org/review/13245
* Use TCP FIN bit to help determine desegmentation in HTTP dissector.Michael Mann2016-01-123-8/+12
| | | | | | | | | | | | | | | Have the TCP dissector pass FIN bit to subdissectors (HTTP only one currently using it) so subdissector can use information to determine that no more segments are coming. Conflicts: epan/dissectors/packet-http.c Bug: 9848 Change-Id: I4aebb5141f41d99598e4776bf25e74101016f5d1 Reviewed-on: https://code.wireshark.org/review/12984 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> Reviewed-on: https://code.wireshark.org/review/13070
* 6LoWPAN: correct IPHC traffic class decompressionKevin Bracey2016-01-121-5/+9
| | | | | | | | | | | | | | | | | | | | | | | Traffic class values from IPHC headers were shown correctly in the IPHC dissection, but not correctly inserted into the expanded IPv6 packet. Problem was only visible on little-endian systems - the previous code did work if big-endian. Error was not present in HC1 decompression, but both IPHC and HC1 IPv6 construction code clarified by avoiding writing overlapping union members. Bug: 11971 Change-Id: I3515f18c892f1fc28ef7f8a0830a79d134e81f48 Reviewed-on: https://code.wireshark.org/review/13109 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: João Valverde <j@v6e.pt> (cherry picked from commit d6ca6cbe7421a3eb75494c3aa955ff5d7c07a52a) Reviewed-on: https://code.wireshark.org/review/13228 Petri-Dish: Michael Mann <mmann78@netscape.net> Reviewed-by: Michael Mann <mmann78@netscape.net>
* Use current text of combo box when getting display filter.Michael Mann2016-01-121-1/+1
| | | | | | | | | Bug: 11987 Change-Id: I1e3095d345c150a9a60193b61af432ce45d59ddb Reviewed-on: https://code.wireshark.org/review/13222 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
* MAC LTE: fix dissection of out of band eventsPascal Quantin2016-01-121-2/+2
| | | | | | | | | | | Calling proto_tree_add_item(tree, proto_mac_lte, tvb, offset, -1, ENC_NA) with a empty tvb will trigger an exception Change-Id: Ieb33f60d3dbe4677531c2b6f7ae2603610b0d300 Reviewed-on: https://code.wireshark.org/review/13227 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> (cherry picked from commit b65d30dbd5d86092e6e4739a4da6075cf08b115d) Reviewed-on: https://code.wireshark.org/review/13229
* Add a Busy status to SyntaxLineEdit.Gerald Combs2016-01-118-49/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For CaptureFilterEdit it's possible to have an indeterminate state while we're waiting on name resolution. Add a Busy status to SyntaxLineEdit and set the text color to a mix of the normal foreground and background colors (gray on most platforms). Make the Busy state valid so that we don't have to wait on an annoyingly-long name resolution to start capturing. Update the global capture option filters using the main welcome capture filter when we start a capture instead of when we've finished checking the filter syntax. Connect the CaptureFilterEdit returnPressed signal no matter what so that we can start a capture by pressing return in the welcome screen CaptureFilterEdit. Add a fake resolution timeout to the CaptureFilterSyntaxWorker debug code to make testing the different states easier. Conflicts: ui/qt/capture_filter_edit.cpp Bug: 11950 Change-Id: I0cf01c0fbc0dd8065cdf5a91f1d6b224291b1ce6 Reviewed-on: https://code.wireshark.org/review/13110 Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Gerald Combs <gerald@wireshark.org> (cherry picked from commit 0ce9ac4137429ce4d632c1cddd48ef6f36d9d4c2) Reviewed-on: https://code.wireshark.org/review/13137
* debian: Fix setting -Wl,-Bsymbolic on Wheezy onlyBalint Reczey2016-01-111-1/+1
| | | | | | | | | | | | Bug: 11992 Change-Id: Iec525a43e8f1703247213d1d6a139dcabc18fb37 Reviewed-on: https://code.wireshark.org/review/13178 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Balint Reczey <balint@balintreczey.hu> (cherry picked from commit 919b445a758869268d0bf0b0d094e8a21928a0e6) Reviewed-on: https://code.wireshark.org/review/13184
* Qt: Fix testCaptureFileClose without packetsStig Bjørlykke2016-01-111-29/+23
| | | | | | | | | | | | | | | | | In MainWindow::testCaptureFileClose() we must always stop a running capture if closing, even if not having any packets, because cf_close() will fail (assert) if still in progress. This fixes an issue (crash) when closing the application with a running capture without packets. Bug: 11981 Change-Id: Id0655fcc799682a4f45c855bc2e76386dffc35a5 Reviewed-on: https://code.wireshark.org/review/13121 Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org> Reviewed-on: https://code.wireshark.org/review/13172
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-25 08:30:56 +0000